John Roark

telephone: 415-425-8489


44A5 E521

B.S., Computer Science May 2002
University of San Francisco (USF), San Francisco, CA
Head of Security and Compliance
Oct. 2020 - Feb. 2022
Deployed 3rd party software to automate dynamic and static analysis of applications and source code
Helped maintain a culture of security with guidance, best practices, design reviews, SSDLC, and trainings
Joined as first security hire and grew team to 4
Created and maintained security roadmap
Managed team of 3 direct reports
Interviewed and screened hundreds of candidates
Oversaw penetration testing engagements
Worked closely with legal and IT on compliance efforts
Senior Security Engineer
Nov. 2016 - Jun. 2020
Deployed 3rd party software to automate dynamic and static analysis of mobile applications
Designed and built an attestation library for mobile apps (iOS/Android)
Designed and built mobile library for trusted versioning to enforce upgrade requirements (iOS/Android)
Designed and built mobile library for generating and using hardware backed key pair (for strong user identity)
Helped with Bug Bounty reports validation/reproduction
Performed code audits (both individual commits and full product stack)
Helped maintain a culture of security with guidance, best practices, design reviews, SSDLC, and trainings
Gave several organization wide talks on team projects
Principal Software Engineer
June 2015 - Nov. 2016
Bluebox Security (Now part of Lookout)
Participated in the reverse engineering of Pegasus malware
Integrated F5 VPN sdk for application level VPN policy (iOS/Android)
Wrote ELF interposition library for Android
Designed/Wrote Application lifecycle proxy to delay application startup (iOS)
Added MITM detection policy (iOS/Android)
Modified SSL/TLS pinning policy to use SPKI pins (iOS/Android)
Refactored policy parser to use shared code and JSON (iOS/Android)
Researched and created POC hooking mechanism to overcome new iOS9 dyld shared cache binding
Principal Engineer/Team Lead
Sept. 2011 - May 2015
Mocana Corporation
Participated in the development of Mocana Mobile App Protection
Desiged and implemented "Data at Rest" (DAR) injection policy for MAP (Android & iOS)
Implemented "Copy and Paste Protection" injection policy for MAP (Android)
Developed native function interposing library for (Android & iOS)
Primarily responsible for the development of the Mocana Secure Enterprise Browser (Compass)
Senior Software Engineer
Jun. 2003 - Sept. 2011
PGP Corporation (Now part of Symantec)
Led the design, development, and test planning for several major features of PGP Whole Disk Encryption
Updated and maintained tablet PC support in the WDE pre-boot environment
Participated in the development and maintenance of an EFI preboot environment
Wrote interrupt 13h handler for whole disk encryption using MASM and MSVC 1.52c
Participated in the design and development of multiple major releases
Primary developer and maintainer of several major components of PGP Desktop
Designed and implemented AOL Instant Messenger encryption proxy
Rewrote preference system to be XML based (using libxml2)
Participated in update and maintenance cycle of existing PGP products
Designed custom themeable win32 controls
mini68k (mc68008 Single Board Computer)
Jun. 2018 - Present
Prototyped on breadboards
Built schematic & layed out PCB in KiCad
Translated BIOS to gasm syntax
teensy-nextkb (Teensy AVR code to interface/emulate a NeXT non-ADB keyboard/mouse)
Jan. 2012 - Jan. 2013
Using a logic analyzer, reverse-engineered the NeXT kb/mouse protocol
Used existing open-source PS2 kb/mouse libraries to translate/emulate the NeXT kb/mouse protocol
Prototyped a PS2 to NeXT non-ADB kb/mouse adapter using a Teensy-2.0 (San Francisco bicycle trip planner *Currently inactive*)
Aug. 2009 - Mar. 2010
Combined publicly available data to form a database of linestrings and meta-data
Wrote several small utilities to sort, combine, and pre-process data set
Designed and implemented web front-end in PHP, Javascript, and CSS
Implemented iPhone/iPod touch compatible front-end
Wrote flexible back-end that returns route data in multiple standard formats (GPX, KML, JML, WKT, & JSON)
Provided public web API for external use (Used by Baytripper iPhone app)
System Information and Statistics
Jul. 2016
Displays CPU/MEM usage
Enumerates Storage and User information
Solitaire (an iOS solitaire game)
Jan. 2016
Game Center integration
Auto completion and predictive moves
Scannerly (an iOS app to scan the local network)
Jan. 2016
Written in Swift
Scans local network using UDP and ARP requests
Rokumote (an iPhone/iTouch app that allowed remote control of the Roku DVP)
Mar. 2009 - Jan. 2016
Rewritten in Swift
Wrote iOS app using Xcode and iPhone SDK
Published three versions to App store
Searches local network using SSDP to find Roku Devices
Controls Roku Device via TCP commands
Pidgin Currenttrack (Pidgin IM plugin that interfaces with multiple Media players)
Aug. 2005 - Aug. 2007
Wrote GTK+ options UI
Builds in Windows, Linux, and OSX
Fetches Album art from iTunes or
Interfaces with 12 Media players in multiple operating systems (Project to port Linux to the Casio BE-300)
Jun. 2002 - Jun. 2003
Developed serial console driver and kgdb stub
Contributed to development of serial driver
Wrote non-interrupt driven button based scanning keyboard driver
Wrote several tutorials for creating ramdisks