WingNews logo WingNews GitHub [2]

ellingsworth's comments

ellingsworth | 21 days ago | on: Ask HN: Who wants to be hired? (March 2026)

My name is John, I am a product & application security leader with 15+ years building software security programs, core team member & co-author of OWASP SAMM, specializing in security transformation, Security Champions networks, and embedding security into engineering culture. Looking to help new & established delivery teams merge security into their solutions thoughtfully & reasonably.

Location: Maine, United States

Remote: Yes

Willing to relocate: No

Technologies/Tools/Frameworks: OWASP SAMM, OWASP ASVS, NIST CSF/SSDF, GitHub Advanced Security, Snyk, Veracode, SonarQube, Aqua Security, Tenable, CrowdStrike, AWS/Azure/GCP, Python, PHP, Bash

Résumé/CV: https://johnellingsworth.com/resume

Email: john [at] ellingsworth [dot] org

ellingsworth | 6 months ago | on: A Navajo weaving of an integrated circuit: the 555 timer

Thanks for sharing.

Similarly, Margo Selby crafted a very large, vibrant 16m textile installation titled ‘moon landing’ based on the work of Navajo women who wove the integrated computer circuits and memory cores that enabled the 1969 moon landing. Until recently it was on display at Canterbury Cathedral. It is accompanied by a musical composition for strings by Helen Caddick.

https://www.margoselby.com/pages/moon-landing

ellingsworth | 1 year ago | on: Ask HN: Who is hiring? (October 2024)

IDEXX | Senior Application Security Analyst | REMOTE (US/NL) | Full-time

IDEXX is a global leader in veterinary diagnostics and water testing, helping pet owners worldwide keep their companion animals healthy and happy, and to ensure safe drinking water for billions. We're seeking a highly skilled and experienced Senior Application Security Analyst to join our product security team.

At IDEXX you will play a pivotal role in supporting and promoting our product security strategy. Your mission: safeguard the integrity of our products throughout their lifecycle. You'll partner with delivery teams to integrate security practices and activities into their pipelines. With your expertise, we'll optimize security testing tools, foster collaboration with development teams, and champion secure development practices across the organization.

Learn more and apply here: https://careers.idexx.com/us/en/job/J-043290/InfoSec-Applica...

ellingsworth | 3 years ago | on: Ask HN: I'm now responsible of the security of a scaleup, how do I handle this?

You might take a look at the OWASP Software Assurance Maturity Model (SAMM) for guidance on prescriptive activities you can take to improve your security posture over time. [1] There is a toolkit available that you can use to evaluate your team(s) and establish a phased roadmap. [2]

The data you gather from the assessment can help you prioritize activities for your team/org as well as provide metrics for your leadership.

You can also resource your activities with some of the OSS available from OWASP as well as join any of the projects/discussions to learn more. [3] Feel free to DM for more.

1. https://owaspsamm.org/ 2. https://owaspsamm.org/assessment/ 3. https://owasp.org/

page 1