I am a security architect/engineer that have many years of experiences in application security and network security. I have built a security framework in support of the US government, and have done many design and code reviews and risk assessments for various government agencies and commercial companies. I have led a team of engineers to build a financial system and many other Web based applications.
My current focus is application security, including SOA/Web service security and Web application security. I am currently working on an ESAPI pilot to mitigate the OWASP Web application security vulnerabilities.