NAOMARU ITOI, Ph.D.
SUMMARY OF QUALIFICATIONS
A rare combination of master technical problem solver and
inspiring leader. Consistently solved hardest and most important
problems for five startups. Track record of leading engineering teams in all phases (conception, prototype, product development, test and support), as well as hiring, inspiring, mentoring, and growing teams.
Senior Staff Software Engineer, Box, Inc. April 2016 to Current
Principal Software Engineer, Ripple April 2015 to April 2016
- Greatly improved Box's security posture by identifying security gaps, delivered technical solutions, and successfully advocated for building a new team.
- Wrote Reference Security Architecture document, which is used to teach security to engineers and unify the security architecture.
- Solved a severe scalability problem of an IdP database, which had been causing site outages.
Engineering Director, FireLayers, Inc. April 2014 to February 2015
- Developed and launched Ripple's Identity Service. Technologies: node.js, Postgres database, Amazon HSM, OAuth2, Nginx, Jenkins, etc.
- Lead developer of Interledger Protocol. Technologies: node.js, Oracle database, etc.
- Researched security gaps, advocated and implemented MFA for Ripple transactions.
Engineering Manager, Centrify Corporation, April 2011 to March 2014
- In 11 months, brought three new services into production - user identity management, user authentication, and Google Drive monitoring.
Personal Projects, January 2013 to Present.
- Grew Mac security product (Authentication, Authorization, SSO, Smart Card, MDM) bookings 10 times in 2.5 year. Brought iOS and Linux security product
- Grew team from 2 engineers to 13 engineers.
- Inspired and grew engineers by giving challenges, seminars, knowledge sharing, and career discussions.
- Planned and executed roadmaps. Managed conflicting requirements.
- Introduced effective engineering processes, using best ideas from agile and waterfall methods.
- Hired five excellent engineers in competitive market. Identified high performers, and recruited them by personally connecting and respecting them.
- Solved hardest iOS / Microsoft Azure problems to put Centrify App on Apple's App Store for first time.
- Strongly influenced QA. Reduced 80% of low quality bugs, saving money (~$40K) and time (~8 weeks) per year.
- Rescued troubled project with open discussions and focus on testing.
- Led customer support. In two months, solved problems for 15 customers.
- Led company wide Hackathon to identify key security improvements.
- Key Mac software delivered: Authentication, Single Sign On, Smart Card, Group Policy, MDM, SaaS, Support Tools.
- Key iOS software delivered: two iOS Apps, Authentication SDK, MDM, SaaS, Bulk Enrollment.
- Blog I wrote at Centrify: Centrify Apple Guys
Engineering Manager / Principal Engineer, NextLabs, Inc., September 2008 to April 2011.
- Job Chop: Implemented Cloud based job data analysis service, using Java, Lucene, Amazon AWS, LinkedIn API, Python and Django.
- Android App: Implemented Android App to warn against noise induced risks, working with sound engineer.
Independent Contractor, Itoi, LLC, April 2007 to September 2008
- Managed company's core engineering team.
- Led team effort to win $1 million deal on Java based authorization server. Listened to changing requirements, and kept team inspired. After awarding us the deal, customer leader told our CEO "Nao is awesome!"
- Led development of authorization server. Improved performance and scalability. Introduced caching and pluggable architecture.
- Represented NextLabs in XACML committee.
- Suggested and led development of open source C++ API for XACML.
- Kept great relationship with team members through tough situations. Three excellent engineers followed me to new employer.
Security Architect, Arcot Systems, Inc. March 2005 to April 2007
- Invented new way to assist children with autism. By adopting gaming hardware, improved usability and cost of such devices significantly. Sold business, which later became very successful Tap To Talk and voice4u.
- Developed and sold smart card based authentication solution and large-scale issuance system, to protect amusement machines from fraud.
- Developed open source Global Platform Shell (GPShell) under pseudonym "snitmo", which is widely used in public to access smart cards.
- Developed open source KeePass Password Manager for J2ME mobile phones
Smart Card Solution Architect / Software Engineer, ActivIdentity, Inc. November 2001 to March 2005
- Led FIPS 140 certification of Arcot cryptographic module for the first time by smart architecture.
- Solved scalability problem of payment transaction system, which insisted for months before I joined.
- Sole author of patent: Method of key generation using biometric features. Nov, 30 2010: US7844827.
Technical Staff, Sun Microsystems. February 2001 to
- Managed ActivIdentity's first offshore team. Trained 15 engineers, who were new to the area. Inspired them to overachieve and launch new product successfully.
- Developed Java based smart card management systems for US government. Improved scalability significantly.
- Developed user authentication product on BREW phones.
Research Assistant, Center for Information Technology
Integration, University of Michigan
- Developed Open Card Framework, Sun's smart card middleware.
May 1997 to January 2001
A Ph.D. student / research assistant with Professor
Intern, IBM T. J. Watson Research Center.
May 1999 to October 1999
- Improved security of Kerberos, Open BSD, and Windows by integrating smart cards and hardware security modules.
- Improved security of Kerberos server by integrating secure coprocessor.
- Co-author of patent: Used trusted co-servers to enhance security of web interaction. Mar, 20 2007: US7194759
University of Michigan, Computer Science and
Engineering, Ann Arbor, Michigan, USA
Ph.D., May 1998 - December 2000
M.S., September 1996 - May 1998
Final GPA 3.92/4.00
- Patent "Method of key generation using biometric features" US 7844827 B1.
- Published 8 papers in USENIX and other respected conferences. Most papers are available as CITI Technical Reports in
Frameworks: Play Framework, Amazon AWS, CouchBase, OpenSSL, Java Security, Microsoft CryptoAPI, MFC, Win32, Microsoft Platform SDK, BOOST, GINA.
Security: Cryptography, XACML, SAML, OAUTH2, Public Key Infrastructure, Kerberos, Group Policy, Biometrics, FIPS 140.
Protocols: HTTP, Mobile Device Management, Kerberos, SSL, SOAP, ISO-7816.
- Mobile Devices: iOS, Android, J2ME, BREW, Linux Mobile, JavaCard.
Networking: Tomcat, Play Framework, RESTFul API, JSON, HTML, XML, Web Service, SOAP, RPC.
Smart Cards/HSMs: CAC, PIV, ISO-7816, Global Platform, Gemalto, Oberthur and G&D smart cards, Precise Biometrics, nCipher nShield, Chrysalis Luna, IBM 4758.
Operating Systems: Mac OS X, Linux, Windows, Solaris, OpenBSD.
- Communicate with native English-speaking computer professionals
daily for more than 20 years.
- Native Japanese speaker.
Available Upon Request