Alex Smolen

Proprietor at EngSecLabs

Oakland, California, United States
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

👤
Senior
🎓
Top School
Alex Smolen is a security engineering leader and proprietor of EngSec Labs with 15+ years building security programs, detection engineering, and GRC automation for high-growth SaaS and AI startups. He has a strong software engineering pedigree and deep AWS expertise demonstrated across roles scaling security at LaunchDarkly and Clever, plus hands-on product work at Twitter where he led account security and authentication migrations. Alex is pragmatic about shipping automation—he built a security asset data lake, automated FedRAMP vulnerability management, and implemented zero-trust endpoint architectures to reduce blast radius. An active open-source contributor, he improved Okta MFA, WebAuthn, and AAD/ADFS flows in the widely used saml2aws CLI project, reflecting his focus on practical interoperability. Based in Oakland, he blends executive leadership with day-to-day technical craftsmanship, often pairing governance and compliance goals with developer-friendly tooling.
code15 years of coding experience
job15 years of employment as a software developer
bookBA Electrical Engineering and Computer Science, BA Electrical Engineering and Computer Science at University of California, Berkeley
bookMIMS Information, MIMS Information at UC Berkeley School of Information
github-logo-circle

Github Skills (10)

okta10
authentication10
user-authentication10
go10
saml10
webauthn9
aws9
adfs9
azuread9
testing8

Programming languages (17)

MDXJavaJinjaCMakefileGoHTMLTypeScript

Github contributions (5)

github-logo-circle
Versent/saml2aws

Oct 2019 - Dec 2021

CLI tool which enables you to login and retrieve AWS temporary credentials using a SAML IDP
Role in this project:
userBack-end Developer
Contributions:12 commits, 7 PRs, 12 comments in 2 years 2 months
Contributions summary:Alex primarily focused on enhancing the functionality of the `saml2aws` CLI tool by implementing and refactoring Okta MFA support. This involved addressing TOTP authentication issues, adding WebAuthn (U2F) support, and integrating a cookie jar for device token retrieval. Furthermore, the user made improvements to the AAD (Azure Active Directory) and ADFS (Active Directory Federation Services) authentication flows, which suggests an effort to improve compatibility across various SAML identity providers. Additionally, tests were created and added to the project to ensure that the new Okta functionality worked correctly.
idpsaml-idpcredentialsawsretrieve
A tool for privacy design analysis and requirements gathering.
Contributions:45 commits, 2 PRs, 10 pushes in 8 years 11 months
securitygatheringprivacy
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Alex Smolen - Proprietor at EngSecLabs