Benjamin Eliot Greenwald

10 Pamela Road, Framingham, MA 01701, (617) 448-8565, ben@cabbagesandkings.net

PROFESSIONAL SUMMARY: Twenty-five years of high performance systems development and management. I have a particular track record of performance and memory optimization for large and small workloads.  I have spent the majority of my career developing programming language analysis technology particularly around software safety and security.  I am currently a Senior Security Researcher at RoonCyber.  At Certora I developed formal verification technology for smart contracts.  Before that I was Director of Software Engineering at Veracode, building and overseeing complete end-to-end delivery of a $200 million per year SaaS product. Veracode provides Static Application Security Testing as a Service supporting 24 different programming languages, scanning over 300,000 applications per month. We transitioned the product from our own data center to Amazon EC2, re-architecting for the cloud and multi-instance deployment around the globe.

I have extensive knowledge of C, C++, Rust, Java, JavaScript, Typescript, Python, Perl, LISP, Scheme, Haskell, SQL, HTML, PHP, TCP/IP, X11, Windows, Linux, logic circuit design for FPGAs, verilog, cryptography, Claude Code, and more.

I have had great success with extreme long term planning, coordinating across multiple teams on 12 to 18 month planning horizons with a better than 90% on time delivery rate.  In recent times we have leveraged the SAFe agile process to further augment our communication and predictability.

EDUCATION

All but dissertation for PhD in Computer Science, Massachusetts Institute of Technology.  Thesis title: Space-Time Multiplexing of Raw Fabrics, July 1997 – May 2006

MS, Computer Science, Massachusetts Institute of Technology. Thesis title: A Technique for Compilation to Exposed Memory Hierarchy, July 1997 – June 2000

BA, Computer Science, University of California-Berkeley, August 1993 – May 1997

EMPLOYMENT HISTORY

RoonCyber                                                                                Application Security

Senior Security Researcher                                                September 2024 - Present

• Developing eBPF based technology for monitoring and observability of running applications
• Runtime behavioural evaluation and protection of code from a variety of security threats
• Scaled for high performance, distributed evaluation of extremely large cloud based deployments
• Extensive use of AI coding tools, specifically Claude Code

Lightbird                                                                        AI Driven Customer Service

Director of Software Engineering                                                   June 2023 - July 2024

• Developing high concurrency, event driven, system for ML based assistance for contact center agents
• Agent assistance provided through custom ML and UI that automatically identifies important information about the call and makes continuous suggestions for responses
• Model specialization using customer specific artifact ingestion via custom Python scripting and Dagster based automation
• ML based speech to text with diarization using Python and Whisper
• gRPC based APIs for the UI built in Rust and Python
• Message bus architecture using Kafka (RedPanda)
• Automated deployment using Kubernetes and Argo
• Overseeing a team of 8 Software Engineers

Certora        Formal Verification Development

Senior Software Engineer        March 2022 – June 2023

• Developing program analysis technology for formal verification of smart contracts
• Decompilation of Ethereum compiled Vyper code
• Pointer analysis of Vyper sourced ethereum applications using in house Kotlin based infrastructure
• Optimization of program model via memory analysis to reduce time and memory complexity of analysis.
• Models generation for output to theorem provers such as Z3

Lambda        On Prem Software Development

Engineering Lead        April 2021 – March 2022

• Building a software development team from scratch.
• Built a prototype system to allow Deep Learning Developers and Researchers to manage high performance, GPU based, clusters without need for system administrators or operations staff.
• Managing the transition of the hardware sales business to an Enterprise Resource Planning system.

Veracode, Inc        Static Code Security Group

Director, Software Engineering        January 2018 – April 2021

Manager and Software Architect        January 2014 – January 2018

• Managing a team of 40 direct and indirect reports.
• Scaled our Static Application Security Analysis SaaS service to over 250,000 applications a month across our Data Center and AWS.
• Responsible for entire end-to-end customer experience, including UI, API and CICD integration, whole program analysis, and large scale security attack surface evaluation for all our Static Application Security Testing products.
• Scaled our revenue to over 9 figures.
• Architected and project managed a complete shift of production, development, and testing infrastructure in multiple data centers from Windows 2008R2 to RedHat 7.5.  This included porting millions of lines of native C++.
• Revitalized our floundering Software Composition Analysis product, allowing us to land our first 6 figure deal for the product.  Product earned over 8 figures last year.
• Architected and launched the Veracode Greenlight product, a cloud native infrastructure built on top of our existing Static Application Security Analysis product.  Greenlight spans onto the desktop in the form of IDE plugins also developed by the same team.  Developers are able to find focused information about their active work with results turnaround measured in seconds.

Software Architect        April 2012 – January 2014

Principal Engineer        December 2008 – April 2012

• Significantly increased the breadth and depth of the binary decompilation used to generate an analyzable model of the input program, contributing particularly to support of native C and C++ programs
• Instrumental in the design of the first working prototype for generating a near-source code quality decompilation of native code without use of symbolic debugging information
• Primary developer on the first major deployment of no-debug native decompilation
• Mentored much of the engineering team, helping existing developers improve their understanding of the system as well as bringing new developers up to speed
• Contributed to a 50x speedup of the core analysis while cutting memory consumption in half.

Ounce Labs        Language Analysis Group

Senior Software Engineer        May 2006 – December 2008

• Primary designer and implementer of Ounce’s second-generation simulation-based interprocedural dataflow analysis engine for finding potential security vulnerabilities in source code (built in C++)
• Primary designer and implementer of an interprocedural pointer analysis algorithm to improve analysis accuracy
• Implemented static type inference for better understanding of runtime semantics for highly dynamic languages such as VBScript, JavaScript, and Visual Basic 6
• Implemented Structural Analysis, a method to recover information about source level control flow
• Supported customer service and sales in turning around a variety of product issues quickly and effectively

Massachusetts Institute of Technology         Computer Architecture Group – CSAIL

Graduate Student Researcher         July 1997 – May 2006

• Collaborated in the design and implementation of the MIT Raw architecture, a multi-core high performance embedded processor for general purpose and streaming applications (designed in Verilog, emulated using Ikos FPGA emulation technology, and fabricated by IBM in their SA27E ASIC process)
• Implemented R2P2: Resource Reallocation for Parallel Processing, a gang scheduling multi-processor operating system for the MIT Raw machine (built in C)
• Implemented C-CHARM for the MIT Raw Machine, an optimizing compiler which explicitly software manages data caches for streaming programs (built in C++ using the SUIF compiler infrastructure)
• Designed and built a complete compilation tool chain (compiler, assembler, linker, boot loader and hardware configuration infrastructure) for the MIT Raw machine (built in C, C++ and Perl)
• Designed a system for providing hosted system level I/O on the MIT RAW machine, including interface software and drivers in Linux (built in C)
• Supported customers of the MIT Raw Machine, including the Advance Technologies Lab at Lockheed-Martin

PUBLICATIONS

Four conference and journal publications. See http://www.cabbagesandkings.net/resume for details.