Hi! I'm Sarai Rosenberg.

I'm an infrastructure security leader and mathematician.

About Me

I excel at managing, mentoring, problem-solving, conflict resolution, and influencing systemic change to build security culture and inclusion. I have experience assessing and guiding the growth of secure infrastructure, key management, Linux system hardening, incident response, maintaining high availability services, and broad cross-functional collaboration to bring security into meeting business goals.

I ambitiously pursue and sponsor growth opportunities, invest in iterative improvement (e.g., reducing false positives for on-call health), and I love teams that share knowledge routinely.

I find that security goals are best achieved by understanding business goals and engineering challenges, and building cross-functional relationships on a foundation of trust.

What I'm looking for

I look for organizations that invest in building a healthy atmosphere of collaboration, teamwork, and mentoring. I prefer organizations that care about inclusion, equity, justice, and social impact—organizations that have demonstrated that they will put values over their pocketbook and firmly address persistent toxic behavior.

I care about working for teams and managers that invest in employee growth, in building trust, and in balancing quick wins with building scalable solutions.

Career Goals

I look for leadership roles within security organizations that value inclusion, compassion, and risk-informed security guidance. I want to have pride in and be able to talk on and write public blogs about our solutions.

I trained several women on PagerDuty's majority women Security Engineering team from women new to security. We can hire people with compassion and teach the skills we want on our team. I want to build and demonstrate this model for the information security industry.

Long-term, I want to have an impact on making security more humane and compassionate, developing products that support a diverse and inclusive user base that thoroughly considers the needs and concerns of their users—internal and external! Specifically, products should be accessible, be compassionate towards users, be inclusive of cultural and personal differences (e.g., localization, backgrounds, gender, orientation), and protect users from malicious people (harassment, and also fraud).

Leadership Skills

Mentorship & Sponsorship
Security Education
Inclusion, Diversity, and Equity
Building relationships & resolving conflict
Building compassionate security culture
Building mentorship programs
Influence without authority
Speaking & Writing

Security Skills

Key Management
Secret Management
Bare Metal Infrastructure
Threat Modeling
Security Assessment
Patch Management
Infrastructure Security
Incident Response
Threat Detection

Technical Skills

Python, Ruby, Golang, Elixir
Chef, Terraform, Vault
Linux, AWS, IAM, GitHub
DevSecOps
Security Architecture
Clearly not front-end development
Statistics, Probability, and Risk Management

Recent Work

Managing on the Margins — Practical resources for managers, leaders, and mentors to support and advocate for people from groups that are underrepresented, marginalized, or stigmatized
Key Material — A security and cryptography blog for a security and software engineering audience, in collaboration with Sophie Schmieg
Medium blog posts
Collaborating to Build Secure, Maintainable Systems — A PagerDuty Engineering blog post about effective pattern for collaboration in software design

Resources

Interview Questions to ask Employers — A spreadsheet of questions by category, including why to ask and what you should look for
How to interview to find a good manager — Twitter thread (also a good manager self-evaluation checklist)
Template: Annual Self-Review

Portfolio 2015-2017

I've worked on personal open-source projects, and I write on Medium.

Demonstrating mouseover and click on repository star, pending state, error state, and unstar.

Repository Recommender

Project recommends Github repositories or users to follow, using a machine learning algorithm based on low-rank matrix approximation.

(Python, JS, React, Flask, SQLAlchemy, PostGRES)

(scipy, pandas, and numpy)

Receiptacle mockup of receipts database UI

Receiptacle—Product Design Doc

I wrote a design and began writing the back-end for a receipts database to work alongside blocklists.

(Python, Flask, React, MySQL)

Twitter bot to document receipts for a Nazi blocklist

NaziBlockBot

I built a Twitter bot to insert tweets from DMs into the Receiptacle database.

(Python, MySQL)

Guidelines for Respectful Collection of Demographic Data

Demographic data may be critical to your mission. This article establishes guidelines, explains some reasoning, and provides examples.

$Image shows a red fractal on a white background, roughly shaped like a cradle.$

Designing Products for Abuse

Products must be designed, from the very beginning, with potential abuse in mind. Fixing the problem starts from asking the right questions. I wrote about some of those questions, and present some research about online harassment.

Image shows purple concentric circles connected by green lines, rotating and oscillating

CodePen experiment

A venture into generative art with JS.

(JavaScript)