John Roark

telephone: 415-425-8489


CD74 2F65

B.S., Computer Science May 2002
University of San Francisco (USF), San Francisco, CA
Head of Security
Feb. 2022 - Present
Head of Security and Compliance
Oct. 2020 - Feb. 2022
  Deployed 3rd party software to automate dynamic and static analysis of applications and source code
  Helped maintain a culture of security with guidance, best practices, design reviews, SSDLC, and trainings
  Joined as first security hire and grew team to 4
  Created and maintained security roadmap
  Managed team of 3 direct reports
  Interviewed and screened hundreds of candidates
  Oversaw penetration testing engagements
  Worked closely with legal and IT on compliance efforts
Senior Security Engineer
Nov. 2016 - Jun. 2020
  Deployed 3rd party software to automate dynamic and static analysis of mobile applications
  Designed and built an attestation library for mobile apps (iOS/Android)
  Designed and built mobile library for trusted versioning to enforce upgrade requirements (iOS/Android)
  Designed and built mobile library for generating and using hardware backed key pair (for strong user identity)
  Helped with Bug Bounty reports validation/reproduction
  Performed code audits (both individual commits and full product stack)
  Helped maintain a culture of security with guidance, best practices, design reviews, SSDLC, and trainings
  Gave several organization wide talks on team projects
Principal Software Engineer
June 2015 - Nov. 2016
Bluebox Security (Now part of Lookout)
  Participated in the reverse engineering of Pegasus malware
  Integrated F5 VPN sdk for application level VPN policy (iOS/Android)
  Wrote ELF interposition library for Android
  Designed/Wrote Application lifecycle proxy to delay application startup (iOS)
  Added MITM detection policy (iOS/Android)
  Modified SSL/TLS pinning policy to use SPKI pins (iOS/Android)
  Refactored policy parser to use shared code and JSON (iOS/Android)
  Researched and created POC hooking mechanism to overcome new iOS9 dyld shared cache binding
Principal Engineer/Team Lead
Sept. 2011 - May 2015
Mocana Corporation
  Participated in the development of Mocana Mobile App Protection
  Desiged and implemented "Data at Rest" (DAR) injection policy for MAP (Android & iOS)
  Implemented "Copy and Paste Protection" injection policy for MAP (Android)
  Developed native function interposing library for (Android & iOS)
  Primarily responsible for the development of the Mocana Secure Enterprise Browser (Compass)
Senior Software Engineer
Jun. 2003 - Sept. 2011
PGP Corporation (Now part of Symantec)
  Led the design, development, and test planning for several major features of PGP Whole Disk Encryption
  Updated and maintained tablet PC support in the WDE pre-boot environment
  Participated in the development and maintenance of an EFI preboot environment
  Wrote interrupt 13h handler for whole disk encryption using MASM and MSVC 1.52c
  Participated in the design and development of multiple major releases
  Primary developer and maintainer of several major components of PGP Desktop
  Designed and implemented AOL Instant Messenger encryption proxy
  Rewrote preference system to be XML based (using libxml2)
  Participated in update and maintenance cycle of existing PGP products
  Designed custom themeable win32 controls
mini68k (mc68008 Single Board Computer)
Jun. 2018 - Present
  Prototyped on breadboards
  Built schematic & layed out PCB in KiCad
  Translated BIOS to gasm syntax
teensy-nextkb (Teensy AVR code to interface/emulate a NeXT non-ADB keyboard/mouse)
Jan. 2012 - Jan. 2013
  Using a logic analyzer, reverse-engineered the NeXT kb/mouse protocol
  Used existing open-source PS2 kb/mouse libraries to translate/emulate the NeXT kb/mouse protocol
  Prototyped a PS2 to NeXT non-ADB kb/mouse adapter using a Teensy-2.0 (San Francisco bicycle trip planner *Currently inactive*)
Aug. 2009 - Mar. 2010
  Combined publicly available data to form a database of linestrings and meta-data
  Wrote several small utilities to sort, combine, and pre-process data set
  Designed and implemented web front-end in PHP, Javascript, and CSS
  Implemented iPhone/iPod touch compatible front-end
  Wrote flexible back-end that returns route data in multiple standard formats (GPX, KML, JML, WKT, & JSON)
  Provided public web API for external use (Used by Baytripper iPhone app)
System Information and Statistics
Jul. 2016
  Displays CPU/MEM usage
  Enumerates Storage and User information
Solitaire (an iOS solitaire game)
Jan. 2016
  Game Center integration
  Auto completion and predictive moves
Scannerly (an iOS app to scan the local network)
Jan. 2016
  Written in Swift
  Scans local network using UDP and ARP requests
Rokumote (an iPhone/iTouch app that allowed remote control of the Roku DVP)
Mar. 2009 - Jan. 2016
  Rewritten in Swift
  Wrote iOS app using Xcode and iPhone SDK
  Published three versions to App store
  Searches local network using SSDP to find Roku Devices
  Controls Roku Device via TCP commands
Pidgin Currenttrack (Pidgin IM plugin that interfaces with multiple Media players)
Aug. 2005 - Aug. 2007
  Wrote GTK+ options UI
  Builds in Windows, Linux, and OSX
  Fetches Album art from iTunes or
  Interfaces with 12 Media players in multiple operating systems (Project to port Linux to the Casio BE-300)
Jun. 2002 - Jun. 2003
  Developed serial console driver and kgdb stub
  Contributed to development of serial driver
  Wrote non-interrupt driven button based scanning keyboard driver
  Wrote several tutorials for creating ramdisks