Looking for work

by alex_gaynor

For the past 2 years I've been working for the US Government at the United States Digital Service. It's been a privilege, and I'm incredibly proud of the things we've accomplished. Alas, all good things come to an end, and I'm now looking for my next job.

I'm a software engineer, and I've worked on many different things. In my career I've worked on just-in-time compilers for dynamic languages, large scale web applications, and cryptography, to name a few. The thing I would like to do next is help make the largest positive impact I can on information security for as many people as possible.

If you've got a position where that's possible, and my skills sound relevant, shoot me an email at alex.gaynor+lfw@gmail.com.

About me

  • Comfortable programming in Python, Ruby, Java, C, C++, Javascript, SQL, Rust, Go, Classic ASP/VBScript. Some of these are a bit rusty, I've written more VBScript in the past year than C++.
  • I've been involved in open source in nearly every possible capacity. I've built a high performance Ruby VM and open sourced it (Topaz), helped to create and grow a cryptography library (pyca/cryptography), contributed substantial features and refactorings to a web framework (Django core developer), co-chaired a conference program committee (PyCon), and been a member of the Board of Directors for the Python Software Foundation.
  • Advocated for and implemented improvements to the Python HTTPS/TLS stack, notably backporting significant improvements from Python 3 to Python 2 and enabling certificate validation by default.
  • I'm comfortable with high stress/high ambiguity work. I've worked on projects while they were on the front page of newspapers and being investigated (e.g. the Office of Personnel Management post-compromise).
  • Willing to work in, or learn, any technical stack necessary to get the job done (see the aforementioned Classic ASP).
  • Participated in on-call rotation for production web applications.
  • Led remediation of scores upon scores of vulnerabilities in decade old code.
  • Debugged strange network protocols and found bugs in glibc.
  • Interviewed O(100) engineering candidates.

In short, I've participated in just about every stage of the software development process, in a variety of different environments.

A copy of my resume is available.

About you

Note: No single one of these is a deal breaker, but it goes without saying that the more of these that describe you the better.

  • You care about security, about protecting your users.
  • You're working at large scale, in some way. Maybe it's a lot of users, maybe the data is particularly sensitive, maybe you have visibility into and are contributing to many different clients.
  • You recognize that security teams only get so many "because I said so"s and you prioritize UX and practices which work in the real world.
  • You care about building a diverse and inclusive workplace, and you put that caring into action.
  • You're committed to being really good at what you do.
  • You have an office in Washington, D.C., or support remote work. I'm willing to move for the right position, but being in D.C. is a big plus.

Hi, I'm Alex. I'm a software engineer at Mozilla, working on Firefox security. Before that I was a software engineer with the U.S. Digital Service. I'm an avid open source contributor and live in Washington, DC.