Sam Christian
Email: [email protected] | Phone: 253-948-6058
Overview: Backend engineer with 14 years solving security problems at scale through pragmatic engineering, agentic systems, and a focus on maintainability and robustness.
Languages: Python, Golang
Cloud & Infrastructure: AWS, Docker, Kubernetes, Terraform, Ansible, Serverless
Frameworks & Tools: Flask, FastAPI, FastMCP, Elasticsearch, GitLab, CI/CD
Emerging: Agentic AI, Claude Code, Cursor, MCP
Salesforce | Threat Intelligence | Lead SWE | March 2022 - Present
- Leveraged LLMs to correlate intelligence across disparate sources, generate contextual assessments, and accelerate analyst investigations.
- Led development of a threat intelligence platform integrating 20+ internal and third-party sources (VirusTotal, Censys, GreyNoise, Bolster) through APIs and MCP servers for automated investigation and enrichment.
- Provided multiple avenues of access to security tooling across a variety of use cases: Slack bot, CLI tools, Python libraries, SOAR integrations, agentic skills and plugins, and MCP servers.
- Scaled serverless application stack from hundreds to tens of millions of invocations per month.
- Drove Vertex Synapse adoption: built framework for developing, testing, and deploying in-house Power-Ups; re-architected for mirrored instances using Terraform and Ansible per vendor guidance.
- Collaborated across teams to deliver features spanning SOAR, TIP, Case Management, and response platforms.
- Guided analysts and engineers in agentic workflows, emphasizing maintainability and early architectural thinking — taking projects from ad hoc scripts to scaled production cloud deployments.
- Partnered with investigators to rapidly prototype, iterate, and productionize automation for detection and remediation using agentic workflows
- Mentored new-grad and mid-level engineers and analysts, fostering an inclusive environment for personal and professional growth.
- Led weekly pair programming sessions, annual hackathons, and cross-team status meetings.
- Brought test coverage from 0% to 85% across dozens of repositories.
Datadog | Threat Detection | Security Engineer II | October 2020 - March 2022
- Mentored junior team members and interns in coding standards, system design, clean coding practices, and test frameworks.
- Reduced average detection code size by 40% by simplifying SQL based detections.
- Led effort for continuous security testing via automated attack simulation.
- Overhauled custom alerting platform, adding deduplication, centralized response management, and full traceability and metrics.
- Contributed to hiring across multiple teams, interviewing or evaluating take-home projects for 20+ candidates.
- Maintained and improved legacy infrastructure and applications through security updates, deployments, bug fixes, and features.
Secureworks | Counter Threat Unit | SWE Senior Advisor | July 2015 - October 2020
- Developed and maintained a malware analysis repository supporting hundreds of threat analysts, automated ingestion of tens of thousands of samples and dozens of terabytes of data per day — backed by automated discovery, classification, correlation, family documentation, YARA signatures, and a full-text search API.
- Built deployment pipelines enabling zero-downtime continuous delivery of Python applications through GitLab CI/CD using Terraform, AWS.
- Developed a microservices template enabling one-command container deployment to AWS ECS via Terraform and bash.
- Built OSINT vulnerability scrapers to automate hours of manual work for technical writers.
- Led migration of hundreds of thousands of lines across multiple projects to Python 3 using test ratcheting, open source tools, and good old-fashioned plug and chug.
IID | Threat Intelligence | Developer | April 2012 - July 2015
- Created Python-based algorithmic systems to detect randomly generated (DGA) and fast-fluxed domains.
- Designed tools to accelerate intelligence research: spam template analysis, IP maps of infiltrated botnets, botnet emulators, forum RSS scrapers.
- Performed dynamic analysis of malware in sandboxes using memory dumps, registry key monitoring, and network traffic analysis.
- Co-developed “Cumulative Intelligence Search Tool” leveraging dozens of APIs to quickly return high-level results for malicious indicators of compromise. It grew to a product offering adopted by over a dozen organizations before being handed off to a dedicated engineering team.
Education
Western Washington University | BS in Mathematics | Minor in Economics
–
This resume has a CI/CD pipeline. Hosted at https://www.samchristian.info/resume/
Phone: 253-948-6058 Email: [email protected]