About

About Me

About Me

Hi, I’m Nathan Berg, a Principal Software Engineer with a deep focus on cybersecurity, secure software development, and DevSecOps. I have extensive experience securing web applications, modernizing legacy systems, and implementing security automation to reduce risk and improve resilience.

With certifications including CISSP, CISM, OSCP, and a Master’s in Cybersecurity, I bring a strong mix of software engineering, security expertise, and leadership to every project. My work spans web security, penetration testing, incident response, and cloud security, with a particular focus on Ruby on Rails, AWS, and secure coding practices.

Professional Experience

I currently work as a Principal Software Engineer at Nightwing, where I secure Ruby on Rails applications, implement DevSecOps pipelines, and enhance AWS security. Previously, I was a Principal App Security Engineer at RTX, guiding teams through the ATO process, securing cloud infrastructure, and automating vulnerability detection. Earlier in my career, I worked in threat research at Mandiant, building security validation tools and analyzing advanced cyber threats.

Security & Engineering Focus

  • Secure Software Development – Strengthening authentication, input validation, and session security in web applications.
  • DevSecOps & Automation – Integrating security into CI/CD pipelines with Jenkins, AWS, and Sentinel.
  • Threat Hunting & Research – Investigating threats, reviewing logs, and improving detection capabilities.
  • Cloud Security – Enforcing strict IAM policies, securing AWS environments, and automating compliance.

Certifications & Memberships

I hold multiple cybersecurity and cloud security certifications, including:

  • CISSP, CISM, OSCP
  • CompTIA Security+, CySA+, PenTest+, Cloud+
  • CCSK, INE Web App Pentesting, Certified Cloud Associate
  • Member of OWASP, FBI InfraGard, and a Top 100 Finalist in US Cyber Challenge

Open Source & Projects

I actively contribute to security research and programming projects, available on GitHub. My work includes threat hunting, SIEM integration, and cloud security automation.

Get in Touch

I’m always open to discussing cybersecurity, secure coding, or new challenges. Feel free to connect with me on LinkedIn or check out my latest work on GitHub.