Résumé

Senior Software Engineer at Cisco with 5 years building runtime security infrastructure in Go and eBPF. Core contributor to Tetragon, the open-source CNCF eBPF security platform powering Cisco Hypershield. Published researcher with upstream contributions to the Linux kernel's BPF subsystem.

Experience

Senior Software Engineer 2024 – Present

Cisco Systems, Inc., Kanata, ON (Remote)

Own and maintain Tetragon's real-time process lifecycle tracking subsystem in Go and eBPF, forming the foundation of Cisco Hypershield's runtime security enforcement
Designed and implemented system call profiling capabilities in Tetragon, using tracepoint and kprobe-based eBPF programs to model per-process syscall behavior
Drove technical continuity on Tetragon through Cisco's acquisition of Isovalent, maintaining development velocity on a core CNCF security project
Championed responsible AI-assisted development within the enterprise engineering team, establishing agent-centric documentation standards that streamline onboarding for both human developers and AI agents

Software Engineer 2021 – 2024

Isovalent, Inc., Kanata, ON (Remote)

Joined the Tetragon team as an early member, building Isovalent's runtime security and observability platform in Go and eBPF
Shipped layer 7 protocol parsers in eBPF and SIEM ingestion filtering for enterprise customers
Co-authored upstream patches for the Linux kernel's BPF networking stack
Overhauled the project's testing framework and CI pipeline
Mentored new engineers and helped scale the team through a period of rapid growth

Teaching Assistant, Operating Systems & Distributed Systems 2018 – 2021

Carleton University, Ottawa, ON

Nominated three times for the Outstanding Teaching Assistant Award
Developed course tutorials on eBPF, kernel memory management, concurrency, and rootkits
Led tutorials and created coursework for classes of up to 50 students

Education

Doctor of Philosophy in Computer Science Sept. 2021 – Dec. 2021

left to join the founding Tetragon team at Isovalent

Carleton University, Ottawa, Canada

Master of Computer Science Sept. 2020 – Aug. 2021

Carleton University, Ottawa, Canada

CGPA: 12.00 (A+) — Accelerated Master's Program
Nominated for a Senate Medal for Academic Achievement
Thesis: A Practical, Flexible, and Lightweight Confinement Framework in eBPF

B.Sc. Computer Science, Honours Sept. 2015 – Apr. 2020

Carleton University, Ottawa, Canada

CGPA: 11.05 (A) — Accelerated Master's Program
Graduated with High Distinction, Dean's Honour List
Thesis: Host-Based Anomaly Detection with Extended BPF

Skills

Linux Kernel:: eBPF (kprobes, tracepoints, LSM, XDP), kernel module development, libbpf, bcc
Systems Programming:: Go, C, Rust, Python
Security:: Runtime enforcement, process confinement, intrusion detection, syscall profiling
Research:: Published at ACM CCSW, invited speaker at IBM Research and eBPF Summit
AI-Assisted Development:: Claude Code power user, custom agent orchestration, prompt engineering, automated workflow design
Languages:: English, French

Research

Research Assistant Apr. 2019 – Aug. 2021

Carleton University, Ottawa, Canada

Member of the CCSL/CISL research group
Researched Extended BPF for runtime security within the Linux kernel
Co-supervised by Dr. Anil Somayaji and Dr. David Barrera
Designed and developed ebpH, an anomaly detection system for Linux using eBPF
- Subject of undergraduate Honours Thesis
Designed and developed bpfbox, a process confinement tool for Linux using eBPF
- Published at ACM CCSW 2020

Awards

Nominee, Senate Medal for Academic Achievement, Carleton University (2021)
Three-time nominee, Outstanding Teaching Assistant Award, Carleton University (2019 – 2021)
Dean's Honour List, Carleton University (2019, 2020)
Multiple academic scholarships and research assistantships, Carleton University (2015 – 2021)

Presentations and Invited Talks

bpfbox: Simple Precise Process Confinement with eBPF Dec. 2020

Invited Talk, IBM Research — Security and Privacy

bpfbox: Simple Precise Process Confinement with eBPF Nov. 2020

Conference Presentation, ACM CCSW 2020

bpfbox: Simple Precise Process Confinement with eBPF and KRSI Oct. 2020

Lightning Talk, First Annual eBPF Summit

Publications

Conference Proceedings

William Findlay, Anil Somayaji, and David Barrera. "bpfbox: Simple Precise Process Confinement with eBPF". In: Proceedings of the 2020 ACM SIGSAC Conference on Cloud Computing Security Workshop. CCSW'20. Virtual Event, USA: Association for Computing Machinery, 2020, pp. 91–103. DOI: 10.1145/3411495.3421358.

Technical Reports and Theses

William Findlay. "Host-Based Anomaly Detection with Extended BPF". Honours Thesis. Carleton University, 2020. URL.

Open-Source Software

Creator/Maintainer

Container security framework using eBPF programs and LSM hooks
Tech stack: Rust, libbpf-rs, eBPF
Subject of Master's Thesis research

First eBPF-based policy enforcement engine with a high-level policy language for process confinement
Published at ACM CCSW 2020

Intrusion detection system for Linux that establishes per-executable system call profiles to detect anomalies

Core Contributor

One of the first maintainers; core contributor since the pre-open-source phase (2021)
Own the real-time process lifecycle tracking and syscall profiling subsystems

Contributor

Implemented ringbuf eBPF map support, enhanced LSM probe support, Python support for stack and queue eBPF maps

Implemented ringbuf eBPF map support, enhanced LSM probe support, bugfixes and API improvements