Summary
Mark Collao is a Senior Product Security Engineer focused on securing cloud-native products like HashiCorp Vault and Boundary, translating complex risks into engineering priorities across stakeholders. He built end-to-end application security programs at Tempus and led teams scaling from a single contributor to four engineers while implementing SAST, SCA, DAST, attack surface monitoring, and researcher intake processes. Mark has deep hands-on experience with threat modeling, code and architecture reviews, penetration testing, and consolidating disparate vulnerability sources into a single pane of glass for engineers and product owners. His background includes advisory and consulting roles across industries—financial services, automotive, healthcare—where he modernized security tooling and compliance workflows. Comfortable working 1:1 with engineers to remediate esoteric issues, he blends practitioner-level offensive skills with programmatic security operations. Based in Chicago, he pairs a B.S. in Information Assurance & Security Engineering with a track record of turning security findings into prioritized, actionable product improvements.
3 years of coding experience
5 years of employment as a software developer
B.S Information Assurance & Security Engineering, B.S Information Assurance & Security Engineering at DePaul University
Spanish, English