Hi! I'm Sarai Rosenberg.

I'm an infrastructure security leader and mathematician.

About Me

As a manager of infrastructure security teams, I've grown teams into organizations by creating new team functions and capabilities to meet anticipated business needs. I scaled security operations to shift teams from reactive towards proactive investment modes, without getting stuck in firefighting.

I excel at hiring world-class talent, building partnerships, conflict resolution, and influencing systemic change to build security culture and inclusion. I have experience with bare metal infrastructure security, cloud security, key management, incident response, and broad cross-functional collaboration.

I seek to grow the people around me, and I invest in iterative improvement (e.g., managing tech debt and reducing false positives for on-call health). I love teams that share knowledge routinely to help everyone learn and grow together.

I find that security goals are best achieved by understanding business goals and engineering challenges, and building cross-functional relationships on a foundation of trust.

What I value

I look for organizations that invest in building a healthy atmosphere of collaboration, teamwork, and mentoring. I prefer organizations that care about inclusion, equity, justice, and social impact: organizations that have demonstrated that inclusion is a profitable investment and refuse to tolerate persistently harmful behavior.

I care about working for teams and managers that invest in employee growth, in building trust, and in balancing quick wins with building scalable solutions.

Career Goals

I look for leadership roles within security organizations that value inclusion, compassion, and risk-informed security guidance: making the secure path easy, and avoiding authoritative approaches.

Long-term, I want to have an impact on making security and people management more humane, compassionate, and inclusive.

Leadership Skills

Mentorship & Sponsorship
Security Education
Inclusion, Diversity, and Equity
Building relationships & resolving conflict
Building compassionate security culture
Building mentorship programs
Influence without authority
Speaking & Writing

Security Skills

Key Management
Secret Management
Bare Metal Infrastructure
Threat Modeling
Security Assessment
Patch Management
Infrastructure Security
Incident Response
Threat Detection

Technical Skills

Python, Ruby, Golang, Elixir
Chef, Terraform, Vault
Linux, AWS, IAM, GitHub
DevSecOps
Security Architecture
Clearly not front-end development
Statistics, Probability, and Risk Management

Recent Work

Managing in the Margins — Practical resources for managers, leaders, and mentors to support and advocate for people from groups that are underrepresented, marginalized, or stigmatized
Key Material — A security and cryptography blog for a security and software engineering audience, in collaboration with Sophie Schmieg
Medium blog posts
Collaborating to Build Secure, Maintainable Systems — A PagerDuty Engineering blog post about effective pattern for collaboration in software design

Resources

Engineering Management Resources Collection
Interview Questions to ask Employers — A spreadsheet of questions by category, including why to ask and what you should look for
How to interview to find a good manager — Twitter thread (also a good manager self-evaluation checklist)
Template: Annual Self-Review

Portfolio 2015-2017

I've worked on personal open-source projects, and I write on Medium.

Demonstrating mouseover and click on repository star, pending state, error state, and unstar.

Repository Recommender

Project recommends Github repositories or users to follow, using a machine learning algorithm based on low-rank matrix approximation.

(Python, JS, React, Flask, SQLAlchemy, PostGRES)

(scipy, pandas, and numpy)

Receiptacle mockup of receipts database UI

Receiptacle—Product Design Doc

I wrote a design and began writing the back-end for a receipts database to work alongside blocklists.

(Python, Flask, React, MySQL)

Twitter bot to document receipts for a Nazi blocklist

NaziBlockBot

I built a Twitter bot to insert tweets from DMs into the Receiptacle database.

(Python, MySQL)

Guidelines for Respectful Collection of Demographic Data

Demographic data may be critical to your mission. This article establishes guidelines, explains some reasoning, and provides examples.

$Image shows a red fractal on a white background, roughly shaped like a cradle.$

Designing Products for Abuse

Products must be designed, from the very beginning, with potential abuse in mind. Fixing the problem starts from asking the right questions. I wrote about some of those questions, and present some research about online harassment.

Image shows purple concentric circles connected by green lines, rotating and oscillating

CodePen experiment

A venture into generative art with JS.

(JavaScript)