Guillaume Destuynder
San Francisco, CA (USA)

Phone: +1-415-570-XXXX

Sr. Staff Security Engineer, Product owner & DRI

QUALIFICATIONS

  • Long experience of architecting and incorporating secure design to different kind of projects (software products, civil engineering, etc.)

  • Long incident response experience for small and large scale incidents.

  • Led and mentored different internal teams.

  • Created and implemented risk-based frameworks for decision making.

  • Created and implemented the first sandbox for Firefox.

  • Proficient with various programming languages and development methods ( Linux kernel, Firefox contributions, …)

Publications

  • MISC 78 - How I created the Firefox Sandbox and how it works (2015)

  • Mozilla’s Risk Framework (2018)

Conference talks

Warroom 2014 (SF, USA): That time you rm’d .bash_history. We knew… Warrom 2015 (SF, USA): The life of an incident @ Mozilla Warrom 2016 (SF, USA): From 0-day to Every-day: How Mozilla manages risk AWS Security Summit 2016: AWS, SSH Federated access for CLI AWS Re:Inforce 2019: An open-source adventure in the cloud, containers, and incident response

Classes given

Security engineering 101 for NPower (San Mateo) 2017 (1 day) Understand your threats 2004 for Direction générale de l’Aviation civile (France) (1 week)

CVEs

CVE-2004-0361, CVE-2004-0489


EXPERIENCE

2011 - present >> Sr. Staff Security Engineer - Mozilla Corporation (USA)

(Including Senior Security Engineer, Staff Security Engineer) *(Including 2011-2012) Security Engineer - Mozilla Corporation (France)

2009-2011 >> Manager & Software Security Engineer - m-privacy GmbH (Germany)

(Including 2005-2009) Software Security Engineer - m-privacy GmbH (Germany)

  • Project lead (various, software engineering)

  • Common Criteria certification of m-privacy products (EAL3+, ReCoBS)

  • Presented ReCoBS products to the French government and their ministers (Élysée, Paris)

  • Penetration testing and security reviews consulting (German Govt)

  • Created a zero-trust address comparison system that relies on fuzzy-cryptohashes which garantees true zero-trust and was several magnitudes faster than the competition

  • Linux kernel development for RSBAC (C)

  • Deployed modern software dev. stack (GIT/C/Python)

  • ARM development for embeeded medical products (C/Python)

  • GTK and MFC (C/Windows/VisualC++) interfaces

2004-2006 >> Software Engineer & Network Administration - Wincor Nixdorf (France)
  • Automation of software deployment to tills

  • Network administration and support

2004 >> Software Engineer - Blue Corail (France)
  • ASP and PHP website development

2003 >> Software Engineer - u812.net
  • Website development (PHP)

2002-2003 >> Software Engineer & Security Researcher - Exense SA (France)
  • Database and UI development for risk analysis (Navigo pass, SNCF/RATP)

  • Computer Security Instructor at DGAC (Direction Generale de l’Aviation Civile, France Govt)

Additional experience

2004-2011 >> Manager & Developer - RSBAC (Germany)
2004-2008 >> Lead Developer - Gentoo Linux
2001 >> Network/System admin - CyberLan competition (Microsoft, Nice, France)

EDUCATION

2006 - Master Computer Sciences (ISCIO, Orsay, France)
2006 - RHCE RedHat certified Engineer (ISCIO, Orsay, France)
2002 - IUT/DUT Computer Sciences (University of Sophia Antipolis, Nice, France)
2001 - Baccalaurea: STI Electronics (Lycee de l’Essouriau, Les Ulis, France)

LANGUAGES

  • French - Native

  • English - Fluent (written & verbal)

  • German - Basic (written & verbal)