Home Overview Directory Eric Johnson
Eric Johnson- IANS faculty

Eric Johnson

IANS Faculty

Expertise

  • Cloud Security (AWS, Azure, GCP)
  • DevSecOps & Secure Development Lifecycle (SDL)
  • Source Code Analysis
  • Application & Product Security
  • Penetration Testing

Profile

Eric is a co-founder and Principal Security Engineer at Puma Security focusing on cloud, DevSecOps automation, and static code analysis. His responsibilities include performing cloud security reviews, infrastructure as code automation, application security automation, web and mobile application penetration testing, secure development lifecycle consulting, and secure code review assessments. Prior to Puma Security, Eric spent 5 years as a Principal Security Consultant at an information security consulting firm helping companies deliver secure products to their customers, and another 10 years as an Information Security Engineer at a large US financial institution performing source code audits.

Expertise

  • Cloud Security (AWS, Azure, GCP)
  • DevSecOps & Secure Development Lifecycle (SDL)
  • Source Code Analysis
  • Application & Product Security
  • Penetration Testing

Qualifications

Achievements & Contributions
  • Senior Instructor with the SANS Institute, lead author of SEC540: Cloud Security and
    DevSecOps Automation, and co-author of SEC510: Public Cloud Security: AWS, Azure, and GCP
  • Speaker at conferences including RSA, BlackHat, OWASP, BSides, DevOps Days,
    fwd:cloudsec, and ISSA.
  • AWS Security & Identity Community Builder
Certifications & Credentials
  • GIAC GCSA, GPCS, GWAPT, GSSP
  • ISC2 Certified Information Systems Security Professional (CISSP)
  • AWS Certified Developer
  • MS, Information Assurance and Computer Engineering - Iowa State University
  • BS, Computer Engineering - Iowa State University

Portal Publications