TL;DR: Tillery has deep-dive knowledge in training and education, AppSec, and exploitation development. They also love threat modeling. And corgis.

Tillery has been an educator in one form or another longer than just about any other professional or intellectual pursuit. Graduating with both Maths and Computer Science (with concentrations in teacher’s ed, HPC, and Data Science) in undergrad, they started their post-baccalaureate life teaching maths in public schools, but that didn’t last. As it turns out, teaching people who don’t want to be there is a bitter brew.

Transitioning into their second love, Tillery worked in the High Performance Computing and Data Science world in the early 2010s before catching the InfoSec itch - it was through Data Science support for Cyber Threat Intelligence that the gateway to the security side was forged.

After an intensive and highly technical retraining effort, Tillery came out of the other side of a private 10-week bootcamp a Reverse Engineer, Vulnerability Researcher and Exploit Developer, and all-around Cyber Network Operations professional. Throughout this time, though, they found opportunities to embrace their first love - teaching. Helping to teach, and to rework and rewrite, the training program they had just gone through, both sides of their interests and endeavors were fed.

Eventually, Tillery made a jump from the offensive and exploitation realm into Application Security as a practice. Quickly rising from the position of senior engineer on an AppSec team to Junior Leadership, they then saw a need to create and build a training team to go alongside the brilliant engineers with whom they worked. Clients were treating the solutions of the engineers on the AppSec team as a one-time, silver-bullet solution, rather than recognizing the need for maturity growth and internal capabilities building.

After building that team to be self-sufficient, and leaving it in good hands, Tillery struck off with an intrepid band of experts and helped to found Neuvik Solutions, with a goal of improving security capability at both ends of the maturity curve - combining training and management consulting to create real change in DevSecOps transformations while also advancing the capabilities of some of the world’s most advanced companies.

Tillery has a particular love for formal methods (coming from their maths background) and threat modeling (coming from their analysis background), and will gladly proselytize the use of threat modeling as a foundational security tool for any development team.

If you made it this far, here’s a photo of Sophie von Sophington, Tillery’s late corgi, hard at work.