Peter Bowen

pzbowen@gmail.com(206) 854-1955
Bainbridge Island, Washington

Summary

Security engineer with experience in incident response, application security, cryptography, public key infrastructure, and compliance. Not looking to relocate, but open to remote positions with a limited travel requirement.

Experience

Amazon Web Services

  • Seattle, WA

October 2011 - current

Principal Security Engineer, Amazon Elastic Compute Cloud (EC2)

Technical lead for EC2 and AWS Outposts security and compliance and technical lead for AWS hardware vulnerability response.

  • Coordinate AWS response to key security issues, including long term hardware issues
  • Represent AWS and Amazon in industry security coordination events
  • Define security and compliance requirements for AWS Outposts and work with product management and development team to ensure implementations meet the requirements

Principal Security Engineer, AWS Security

Technical lead for AWS Security and Compliance team in Seattle, providing risk guidance for AWS leadership and AWS service owners

  • Technical lead for the AWS Security Expectations program, which focuses on improving security through automation and monitoring
  • Incident response lead for Spectre, Meltdown, and other hardware security issues.
  • Technical advisor for AWS compliance and certification programs, including FedRAMP, SOC 1/2/3, & HIPAA and subject matter expert for NIST SP 800-63, NIST SP 800-52 (r1 & r2), FIPS 140-2
  • Security advisor for new ventures with complex security and compliance requirements, including Amazon Care
  • Public Key Infrastructure (PKI) subject matter expert across Amazon
  • Escalation advisor for application security team

Principal Security Engineer, AWS Cryptography

Founder and Vice President of Amazon Trust Services LLC, Amazon's publicly trusted CA and founder of AWS Certificate Manager

  • Created Amazon Trust Services (ATS) public certification authority (CA), now the fifth largest CA in the world
  • Founded AWS Certificate Manager (ACM), worked on concept and design from initial proposal to launch
  • Owned standards and community engagement for ATS, including getting ATS trusted by all major web browsers
  • Responsible for WebTrust assessments of ATS, including auditor selection, term negotiation, and audit execution
  • Wrote certlint, an open source tool to analyze X.509 certificates for bugs, compliance issues, and stylistic errors
  • Founding member of the AWS Crypto Bar Raiser group of subject matter experts (SME) who advise teams across AWS on design and use of cryptography to protect customers and AWS
  • Designed repeatable, scalable hardware to enable AWS CloudHSM to scale worldwide
  • AWS representative to PCI Security Standards Council (PCI SSC)

Senior Technical Program Manager, AWS Security

TPM for internal security tools and products.

  • Designed personal identity enrollment solution for AWS employees
  • Rolled out first hardware-based multi-factor authentication for AWS employees
  • Deployed centralized federated authentication solution for AWS account access and auditing

Technical Program Manager, Amazon EC2

TPM responsible for capacity management and hardware growth in EC2. Focused on ensuring the cloud continually appears to be infinitely scalable from a customer perspective

Technical Program Manager, Kernel and Operating Systems

TPM responsible for internal use of Linux across Amazon and for the externally available Amazon Linux AMI

SUSE

  • Ottawa, ON

April 2011 - September 2011

In April, 2011, The Attachmate Group split SUSE from Novell.

Architect, Cloud and Appliance Program

  • Drove technical partnership with Amazon Web Services
  • Led engineering strategy for VMware partnership discussions, resulting in key partnership and new sales channel
  • Designed and implemented system for providing security patches and software upgrades for SUSE Linux Enterprise Server running on Amazon EC2
  • Formulated product line strategy and roadmaps in concert with product management
  • Supported ISV sales team with customer presentations and needs analysis via onsite visits and web conferencing

Novell

  • Ottawa, ON
  • Cambridge, MA
  • Waltham, MA

Aug 2003 - April 2011

Novell was acquired by The Attachmate Group in April, 2011.

Architect & Principal Engineer, SUSE Cloud & Appliance Program

See Architect, Cloud and Appliance Program at SUSE above

Engineering Manager, SUSE Incubation Team

  • Organized engineering team spread across three continents and six countries
  • Created strategy for Linux appliance program
  • Launched SUSE Studio, a Linux appliance and virtual machine creation tool built using Ruby on Rails
  • Coordinated with marketing to create an award-winning PR campaign
  • Triaged escalations from customer support and network operations helpdesk
  • Ensured products met quality assurance targets
  • Recruited new team members and sourced independent contractors

Partner Product Manager, Global Strategic Partners

  • Developed strategic technical relationship with Dell
  • Initiated go-to-market activities for SUSE Linux Enterprise Server and Desktop
  • Managed project with Novell China and Dell China to preload desktops with Linux for the Chinese market
  • Provided technical assistance to Intel and Tier 2 OEM partner managers

Senior Sales Engineer, Linux Impact Team

  • Demonstrated Linux products to customers
  • Created and delivered training for internal teams
  • Managed projects to integrate systems and processes from acquired companies
  • Participated in product strategy and planning
  • Supported over 75 field sales engineers
  • Facilitated interaction between engineering and sales
  • Presented roadmaps and products at executive briefings
  • Worked with key partners to develop joint strategy and stronger relationships
  • Consistently exceeded assigned quotas

Ximian

  • Boston, MA

Jan 2002 - Aug 2003

Ximian was acquired by Novell in August, 2003

Senior Software Engineer

  • Architected system and software management product for Linux
  • Designed high availability system using PHP, PostgreSQL, Apache HTTPD, and Squid
  • Gathered customer requirements for future product releases
  • Supported proof of concept deployment of products
  • Collaborated with other companies to develop Linux packaging standards
  • Optimized existing systems for better performance on existing hardware
  • Presented products to prospective customers

Scyld

  • Annapolis, MD

Jan 2001 - Jan 2002

Scyld was acquired by Penguin Computing in June, 2003

Support & Release Engineer

  • Built specialized Linux distribution for high performance computing
  • Developed web-based cluster administration software
  • Wrote software for automated RPM management using XML-RPC
  • Developed software build and packaging tools
  • Designed and implemented corporate website
  • Managed CVS, mail, ftp and web servers
  • Supported client installations via phone, email, and on-site consultation

Lightningcast

  • Alexandria, VA

Mar 2000 - Nov 2000

Lightningcast was acquired by the Advertising.com division of AOL in May, 2006

Software Engineer

  • Designed and implemented prototype system for insertion of targeted ads into streaming media
  • Created specifications for internal and external interfaces between components
  • Installed and maintained servers running Red Hat Linux
  • Wrote web applications to allow user access to Oracle 8i and MySQL databases using PHP
  • Used RPC for communications between components written in PHP and Java
  • Created software for internal quality assurance testing
  • Implemented internal systems for software configuration management using CVS, Bugzilla, and Bonsai
  • Wrote applications using ASP and Microsoft SQL Server for web user profiling

U.S. House of Representatives

  • Washington, DC

Dec 1999 - Mar 2000

System Administrator and Legislative Aide

  • Created cost and budget analyses for office equipment
  • Customized COTS software for staff
  • Provided computer training and assistance to staff
  • Managed office inventory
  • Processed constituent requests, including tours, flags, and Presidential greetings

Aristotle

  • Washington, DC

Mar 1999 - Dec 1999

Web Developer and System Engineer

  • Designed and implemented online voter file management system
  • Assisted customers with FEC disclosure reporting
  • Supported key customers, including presidential candidates, Members of Congress, and the California State Legislature
  • Utilized PHP, ASP, DHTML, and JavaScript to create dynamic websites
  • Installed and maintained Microsoft SQL servers used for data warehousing

U.S. Senate Campaign

  • Raleigh, NC

Jan 1998 - Dec 1998

Information Systems Director

  • Managed all computer and phone systems for campaign
  • Designed and implemented system for analysis of campaign contributions to opponent
  • Prepared walk lists, phone lists, and other voter file products
  • Created and maintained campaign website
  • Designed mailers, hand bills, and other printed material for campaign
  • Assisted with FEC disclosure reporting