Hi, I’m Cedric, a Software & Security Engineer. I hold a Master’s in Computer Science from ETH Zurich. I currently work at Pinterest and maintain the Ghostunnel open-source project. I’m based in the San Francisco Bay Area.
Summary
Experience
2025 – Present
Director, Information Security — Pinterest, San Francisco
Leading the Infrastructure Security organization, which consists of three teams responsible for Platform Security, Internal Identity & Access, and Security Operations. 20+ engineers and managers across the three teams.
2019 – 2025
Engineering Manager, Information Security — Pinterest, San Francisco
Technical and people manager for the Infrastructure Security team. Broad purview including the security of cloud infrastructure, operating systems, and network security. Grew the team from 5 people to an organization of 3 teams with 20+ people while expanding our area of responsibility.
2013 – 2019
Software Engineer, Information Security — Square, San Francisco
Built core security services for tokenization and encryption of payment information, HSM management, and related cryptographic software in Java, Ruby, and Go. Subject-matter expert for security standards including NIST and PCI-DSS/PIN.
2008 – 2013
Master of Science in Computer Science — ETH Zurich, Zürich
Focus area in Information Security (Master’s Thesis).
Open Source
Ghostunnel — A simple TLS proxy with mutual authentication and access control for securing non-TLS services. Supports short-lived certificates, includes built-in metrics, and is compatible with SPIFFE. Original author and current maintainer.
2.1k+ stars on GitHub.
Go JOSE — An implementation of the Javascript Object Signing and Encryption (JOSE) standard in Go. Used by Boulder, the ACME CA implementation powering Let’s Encrypt. Original author; now maintained by the Let’s Encrypt team.
470+ stars on GitHub.
Skills
Programming Languages
Go, Java, Ruby, Python
Security Domains
Cloud Security, TLS/mTLS & X.509 PKI (Public Key Infrastructure), Cryptography & HSM Management, Operating Systems & Network Security, Identity & Access Management, Security Operations
Standards & Frameworks
NIST, BSI, PCI-DSS/PIN
Languages
German — Native / Bilingual Proficiency
English — Native / Bilingual Proficiency
French — Limited Working Proficiency
