Hi! I'm Sarai Rosenberg.
I'm an infrastructure security leader and mathematician.
About Me
I excel at managing, mentoring, problem-solving, conflict resolution, and influencing systemic change to build security culture and inclusion. I have experience assessing and guiding the growth of secure infrastructure, key management, Linux system hardening, incident response, maintaining high availability services, and broad cross-functional collaboration to bring security into meeting business goals.
I ambitiously pursue and sponsor growth opportunities, invest in iterative improvement (e.g., reducing false positives for on-call health), and I love teams that share knowledge routinely.
I find that security goals are best achieved by understanding business goals and engineering challenges, and building cross-functional relationships on a foundation of trust.
What I'm looking for
I look for organizations that invest in building a healthy atmosphere of collaboration, teamwork, and mentoring. I prefer organizations that care about inclusion, equity, justice, and social impact—organizations that have demonstrated that they will put values over their pocketbook and firmly address persistent toxic behavior.
I care about working for teams and managers that invest in employee growth, in building trust, and in balancing quick wins with building scalable solutions.
Career Goals
I look for leadership roles within security organizations that value inclusion, compassion, and risk-informed security guidance. I want to have pride in and be able to talk on and write public blogs about our solutions.
I trained several women on PagerDuty's majority women Security Engineering team from women new to security. We can hire people with compassion and teach the skills we want on our team. I want to build and demonstrate this model for the information security industry.
Long-term, I want to have an impact on making security more humane and compassionate, developing products that support a diverse and inclusive user base that thoroughly considers the needs and concerns of their users—internal and external! Specifically, products should be accessible, be compassionate towards users, be inclusive of cultural and personal differences (e.g., localization, backgrounds, gender, orientation), and protect users from malicious people (harassment, and also fraud).
Leadership Skills
-
Mentorship & Sponsorship
Security Education
Inclusion, Diversity, and Equity -
Building relationships & resolving conflict
Building compassionate security culture
Building mentorship programs -
Influence without authority
Speaking & Writing
Security Skills
-
Key Management
Secret Management
Bare Metal Infrastructure -
Threat Modeling
Security Assessment
Patch Management -
Infrastructure Security
Incident Response
Threat Detection
Technical Skills
-
Python, Ruby, Golang, Elixir
Chef, Terraform, Vault
Linux, AWS, IAM, GitHub -
DevSecOps
Security Architecture
Clearly not front-end development - Statistics, Probability, and Risk Management
Recent Work
- Managing on the Margins — Practical resources for managers, leaders, and mentors to support and advocate for people from groups that are underrepresented, marginalized, or stigmatized
- Key Material — A security and cryptography blog for a security and software engineering audience, in collaboration with Sophie Schmieg
- Medium blog posts
- Collaborating to Build Secure, Maintainable Systems — A PagerDuty Engineering blog post about effective pattern for collaboration in software design
Resources
- Interview Questions to ask Employers — A spreadsheet of questions by category, including why to ask and what you should look for
- How to interview to find a good manager — Twitter thread (also a good manager self-evaluation checklist)
- Template: Annual Self-Review
Portfolio 2015-2017
I've worked on personal open-source projects, and I write on Medium.