Felix Matenaar

Professional Summary

Engineering leader with 13 years of experience building secure, scalable systems at companies including Google, Asana, and Block. Proven track record of growing and leading high-performing teams, driving security strategy at the executive level, and delivering measurable business impact. Passionate about advancing security practices and enabling organizations to build trusted platforms.

Experience

Engineering Manager (Present)

• Finding needles in planet-scale haystacks, fast!

Engineering Manager, Head of Product Security (2022–2025)

• Led security strategy across Product, Infrastructure, and Data Security functions
• Directed a security organization of 30 engineers; coached managers to deliver measurable outcomes
• Presented enterprise security risks to the board and secured executive funding for remediation
• Established an AI security team for Asana's AI Studio, building trust through robust safeguards
• Architected FedRAMP security and performance controls, enabling $37M in annual recurring revenue
• Led incident response efforts to maintain customer trust and protect company reputation

Software Engineer & Engineering Manager (2019–2022)

• Built and led a team of 12 engineers addressing critical security challenges across all business units
• Designed tamper-proof mobile point-of-sale systems, enabling payments expansion into international markets
• Directed threat research initiatives and delivered advanced tamper detection capabilities
• Implemented endpoint fingerprinting solution that reduced fraud-related losses by $10M annually

Software Engineer, Technical Lead (2016–2019)

• Created Cloud IAM Policy Intelligence, enabling least-privilege access for billions of users
• Collaborated with machine learning teams to develop and launch IAM role recommendations
• Conducted threat modeling for Chrome's supply chain, laying groundwork for Google's SLSA framework

Software Engineer, Security Researcher (2012–2016)

• Early-stage startup experience (0 to 1) at companies later acquired, with patented technology and broad industry recognition
• Full-stack software engineering across mobile applications and backend systems
• Conducted security research leading to discovery of the Android Master Key vulnerability, presented at Black Hat USA
• Developed patented anti-tamper and hook detection technologies for Android applications

Publications and Community Work

• Conference Program Review Committee (2025): BSidesSF – Reviewed conference program submissions across various areas including AI Security and Application Security.
• Podcast (2024): Building Resilient Security Practices – Guest appearance discussing scalable and resilient approaches to enterprise security at Asana.
• Conference Talk – OWASP (2024): Effective Security Design Review Program – Best practices for scalable security reviews in modern engineering organizations.
• Conference Talk – BSidesSF (2024): Effective Security on a Tight Budget – Strategies for maintaining strong security in resource-constrained environments.
• Patent (2015): Anti-Tamper Mechanism for Android Applications – Innovations in defending mobile apps from reverse engineering and tampering.
• Patent (2014): Android Hook Detection and Prevention – Techniques for detecting and mitigating runtime hooking on Android systems.
• Conference Talk – BlackHat USA (2013): Android Master Key Vulnerability – Presentation uncovering a critical flaw in Android's APK verification.
• Conference Talk – Source Dublin (2013): Android Reverse Engineering and Defenses – Exploration of reverse engineering tactics and corresponding defensive strategies.
• Research Paper (2012): CIS: The Crypto Intelligence System – Paper on automatic detection and localization of cryptographic functions in malware. Presented at IEEE MALWARE.

Education

RWTH Aachen University — Bachelor of Science, Computer Science (2008–2012)

• Thesis research published at the IEEE MALWARE Conference
• Competed in the DEF CON CTF hacking competition, Las Vegas (2012)
• Focus areas: Mathematics, Security, Distributed Systems, Software Design and Testing

Hobbies

• Track Days — Active participant in High-Performance Driving Events (HPDEs) throughout Northern California. Current personal best: 1:51.14 at Sonoma Raceway in a 2021 BMW M2 Competition.
• Scuba Diving — Certified diver since 2020, with additional certifications in rescue diving, nitrox, drysuit, and introductory cave diving. Passionate about exploring underwater environments worldwide.
• Travel — Explored 28 countries across all continents, with a curiosity for experiencing diverse cultures and landscapes.