About

About Me

Hi, I’m Nathan Berg. I build and scale application security into engineering teams. I’m a Principal Software Engineer focused on application and product security, secure software development, and DevSecOps. I help teams ship secure software by turning security requirements into practical engineering work.

I bring more than a decade of Ruby and Python experience across web security, threat research, incident response, and cloud security. Certifications include CISSP, CISM, and OSCP, plus a Master’s in Cybersecurity and Information Assurance.

Leadership and Impact

Across my roles, I’ve led security initiatives that improve application security while keeping delivery moving. Examples include:

  • Leading cross-team work to strengthen authentication, authorization, and session handling.
  • Embedding security checks and reviews into CI/CD pipelines.
  • Establishing secure coding standards and review practices.
  • Mentoring engineers and creating training to make secure development repeatable.
  • Building internal tools and documentation that reduce security friction.

How I Work

I try to be practical and collaborative:

  • Partner early with engineers and platform teams to design secure architectures.
  • Use automation and guardrails to scale security without slowing teams down.
  • Prioritize based on exposure and exploitability, not just severity scores.
  • Document decisions and verify fixes so security work sticks.

Professional Experience

I currently work as a Principal Software Engineer at Nightwing, securing Ruby on Rails applications, implementing DevSecOps pipelines, and improving cloud security controls. Previously, I served as a Software Engineer and App Security Engineer at RTX, supporting security reviews, automation, and cloud hardening. Earlier, I was a Threat Research Software Engineer at Mandiant, building security validation tools and research automation.

Focus Areas

  • Secure software development: authentication, input validation, session security, and secure architecture.
  • DevSecOps and automation: CI/CD security checks, SAST/DAST, and guardrails.
  • Threat detection and response: log analysis, investigations, and incident readiness.
  • Cloud security: IAM hardening, encryption, monitoring, and policy enforcement.

Currently exploring: scaling secure SDLC patterns across services, detection engineering in home labs, and practical security metrics.

Writing and Community

I write about practical security work on this site, covering home labs, secure SDLC, detection engineering, and cloud security. I also contribute to security projects on GitHub and volunteer with OWASP and collegiate cybersecurity competitions.

Get in Touch

I enjoy connecting with peers to share practical security ideas and lessons learned. Connect with me on LinkedIn or GitHub.