Hi! I'm Sarai Rosenberg.
I'm an infrastructure security leader and mathematician.
About Me
As a manager of infrastructure security teams, I've grown teams into organizations by creating new team functions and capabilities to meet anticipated business needs. I scaled security operations to shift teams from reactive towards proactive investment modes, without getting stuck in firefighting.
I excel at hiring world-class talent, building partnerships, conflict resolution, and influencing systemic change to build security culture and inclusion. I have experience with bare metal infrastructure security, cloud security, key management, incident response, and broad cross-functional collaboration.
I seek to grow the people around me, and I invest in iterative improvement (e.g., managing tech debt and reducing false positives for on-call health). I love teams that share knowledge routinely to help everyone learn and grow together.
I find that security goals are best achieved by understanding business goals and engineering challenges, and building cross-functional relationships on a foundation of trust.
What I value
I look for organizations that invest in building a healthy atmosphere of collaboration, teamwork, and mentoring. I prefer organizations that care about inclusion, equity, justice, and social impact: organizations that have demonstrated that inclusion is a profitable investment and refuse to tolerate persistently harmful behavior.
I care about working for teams and managers that invest in employee growth, in building trust, and in balancing quick wins with building scalable solutions.
Career Goals
I look for leadership roles within security organizations that value inclusion, compassion, and risk-informed security guidance: making the secure path easy, and avoiding authoritative approaches.
Long-term, I want to have an impact on making security and people management more humane, compassionate, and inclusive.
Leadership Skills
-
Mentorship & Sponsorship
Security Education
Inclusion, Diversity, and Equity -
Building relationships & resolving conflict
Building compassionate security culture
Building mentorship programs -
Influence without authority
Speaking & Writing
Security Skills
-
Key Management
Secret Management
Bare Metal Infrastructure -
Threat Modeling
Security Assessment
Patch Management -
Infrastructure Security
Incident Response
Threat Detection
Technical Skills
-
Python, Ruby, Golang, Elixir
Chef, Terraform, Vault
Linux, AWS, IAM, GitHub -
DevSecOps
Security Architecture
Clearly not front-end development - Statistics, Probability, and Risk Management
Recent Work
- Managing in the Margins — Practical resources for managers, leaders, and mentors to support and advocate for people from groups that are underrepresented, marginalized, or stigmatized
- Key Material — A security and cryptography blog for a security and software engineering audience, in collaboration with Sophie Schmieg
- Medium blog posts
- Collaborating to Build Secure, Maintainable Systems — A PagerDuty Engineering blog post about effective pattern for collaboration in software design
Resources
- Engineering Management Resources Collection
- Interview Questions to ask Employers — A spreadsheet of questions by category, including why to ask and what you should look for
- How to interview to find a good manager — Twitter thread (also a good manager self-evaluation checklist)
- Template: Annual Self-Review
Selected Speaking Experiences
- [BSidesSF 2026] Power Dynamics in Security Leadership: a legato leitmotif lullaby on leading lightly and luminously [slides]
- [BSidesSF 2025] Mind the Gap: Career growth & management for security engineers
- [PagerCon 2019] Threat Modeling: bootstrapping an attacker mindset for secure software development