Senior Software Engineer & Solution Architect
GIAC Advisory Board Member

🌐 mattborja.dev • 🔬 ORCiD • 💼 LinkedIn

Senior Software Engineer and Solution Architect with extensive expertise in identity verification, cloud security, and scalable systems. Recognized industry expert and GIAC Advisory Board Member specializing in identity assurance, digital signatures, and Web of Trust principles aligned with NIST SP 800-63A.

Leadership spans high-availability infrastructure projects, research and development, identity and access management (IAM), and advanced DevOps practices. Proven expertise in designing secure, innovative solutions including Single Sign-On (SSO), SAML 2.0 identity providers, and systems integrations (SIS, Salesforce, Canvas, Twilio).

Current Focus: Cloud security automation, identity assurance, and securing the software supply chain.

A Rapid Identity Assurance Level (RIAL) framework producing the highest level assurance for signing keys through a rigorously vetted, continuously delivered registry of identity proofs. Aligned with NIST SP 800-63A Digital Identity Guidelines.

Research Areas: Identity Assurance • Digital Identities • Digital Signatures • Web of Trust • NIST SP 800-63A

Related Work:

• Industry Talk: Web of Trust - Securing the Software Supply Chain (Center for the Future, 2025)

🎖️ GIAC Advisory Board Member
SANS Institute | Invited based on exceptional GCSA certification exam performance

🛡️ REN-ISAC Member
Research and Education Networks Information Sharing and Analysis Center | Sponsored by Higher Education CISO (May 2025)

🔐 Security Researcher Hall of Fame
Ellucian | Responsible disclosure of high severity security findings prompting immediate remediation

🎤 Industry Speaker
Center for the Future | Web of Trust: Securing the Software Supply Chain

Security & Identity:
Identity Assurance • Digital Identities • Digital Signatures • Web of Trust • NIST SP 800-63A • Single Sign-On (SSO/SAML) • Applied Cryptography • Web Application Security

Cloud & DevOps:
Cloud Security Automation • DevSecOps • CI/CD • Infrastructure as Code • High Availability Architecture • Software Supply Chain Security

Development & Integration:
Software Development Lifecycle • Systems Integrations (SIS, Salesforce, Canvas, Twilio) • Data Architecture • Project Management

• SEC540: Cloud Security and DevSecOps Automation™ - SANS Institute
  Course Details

• Delegation Skills for Busy Leaders ("Why & How")
  Read Article

• Salesforce Trailhead
  Trailblazer Profile

• Supervision: Core Competencies: Meeting the Needs of Today's Employees - Employers Council
• Team Leadership: Leading Teams - Employers Council
• Coaching Essentials: Partnering for Performance - Employers Council
• Conflict: Self-Management - Employers Council

• Azure DevOps for Project Managers
  Course Link

• Building an End-to-End Web Application with ASP.NET MVC5 (C#), EF Code First, HTML5 and jQuery - Interface Technical Training
  Course Details
• SEC542: Web App Penetration Testing and Ethical Hacking™ - SANS Institute
  Course Details

Proficiency: ★★★★☆
Microsoft SQL Server • MySQL • Oracle • Couchbase

Proficiency: ★★★★★
C# • ASP.NET MVC • Entity Framework (Code First) • Classic ASP with custom COM objects • Node.js • PHP • CodeIgniter • Laravel

Proficiency: ★★★★☆
XHTML • CSS • JavaScript • Bootstrap • jQuery

Proficiency: ★★★★★
Cross-Origin Resource Sharing (CORS) • Sub-Resource Integrity (SRI) • Content Security Policy (CSP) • SSL Configuration • HTTP Strict Transport Security (HSTS) • Proxy Configuration • REST APIs • Request Tracing

Proficiency: ★★★★★
OWASP Top 10 • SANS SWAT Checklist • Manual Penetration Testing • Applied Cryptography • Systems Analysis • Network Mapping

Proficiency: ★★★★☆
Key Derivation Functions • Salts & Initialization Vectors • Message Authentication Codes • Hashing Algorithms • Key Management • Best Practices Implementation

Proficiency: ★★★★★
TCP/UDP Load Balancing • High Availability (HAProxy, NGINX) • Web Server Configuration (IIS, Tomcat) • DNS Management • Firewall Management • Virtual IP Management • SSL Termination • Clustering • Automation (Puppet)

Proficiency: ★★★★★
Git • Environment Branches • Pull Requests • Branch Policies • Pre-Deployment Approval • Continuous Delivery • Bitbucket • GitHub • Azure DevOps

Proficiency: ★★★★★
Technical Leadership: Mentoring • Architecture Decisions • Standard Operating Procedures • Compliance Review • Security Review • Best Practices • Release Coordination

Project Management: Requirements Gathering • Cost Evaluation • Systems Analysis • Expectation Management • Work Coordination & Direction

Mar 2021 - Present

• Instituted Standard Operating Procedures for team operations
• Implemented Continuous Integration and Continuous Delivery for .NET applications, libraries, and application environments using Azure Pipelines
• Developed business-aligned progression plans and job descriptions for .NET web application developers through Senior level
• Created and implemented Team Charter

Nov 2019 - Mar 2021

• Instituted Change Management, Project Management, and Software Development Life Cycle processes
• Conducted employee training, mentoring, and supervision
• Led initial formation of core development team
• Served as Interview panel member and Subject Matter Expert (SME)

Sep 2013 - Nov 2019

• Developed and deployed infrastructure management as code using Puppet Enterprise
• Configured and deployed Single Sign-On identity provider services and connectors (CAS, SAML, OAuth)
• Led research and migration of on-premise application clusters to new high availability environment (HAProxy)
• Spearheaded research and migration of legacy web applications (Classic ASP) to modern technology stack (ASP.NET MVC, C#)
• Managed in-house planning, development, and maintenance of College Portal, Website, internal business applications, community applications, and third-party service integrations

Fall 2016

• Taught ASP.NET 4 using "Sam's Teach Yourself ASP.NET 4 in 24 Hours" (ISBN: 978-0672333057) augmented with industry-relevant curriculum

Fall 2015

• Taught ASP.NET using "Beginning ASP.NET in C# and VB" (ISBN: 978-1118846773) augmented with industry-relevant curriculum

Jun 2011 - Sep 2013

• Developed custom web applications using LAMP stack
• Developed and supported integrations with ad exchange, marketing automation, content management, publishing, event and newsletter management, payment processing, and customer relationship management
• Managed Linux servers, cloud services, and web application firewall
• Provided remote desktop support

Aug 2008 - Aug 2010

• Taught Business Math, Web Design and Development, and Career Preparation
• Advised Future Business Leaders of America (FBLA) student organization

2004, 2005 - 2008

• Managed account provisioning in Active Directory
• Led district website development and server rebuild
• Managed security, networking, and content filtering
• Administered email management and spam filtering
• Provided desktop and printer support, imaging, and inventory management

SAML 2.0 Identity Provider Deployment
Assisted local city IT director in successfully deploying their first SAML 2.0 Identity Provider

Contract Recovery & In-House Execution
Recouped service fees (FFP) in excess of $40,000 from vendor breach of website build project contract and executed full project requirements in-house using Cascade CMS

College Portal Modernization
Launched new, mobile-friendly College Portal rebuilt in-house using ASP.NET MVC (C#), yielding 95% improvement to login times and application performance

Change Management Innovation
Replaced CAS Service Management WebApp with custom Change Management solution using Azure Repos and Azure Pipelines

Office 365 SSO Integration
Successfully configured and deployed delegated Single Sign-On authentication for Office 365 applications orchestrating onload.js with first successful in-house ADFS Claims Provider supporting SAML 2.0

First SAML 2.0 Identity Provider
Successfully configured and deployed first SAML 2.0 Identity Provider

SDLC & Release Management Adoption
First adoption of a Software Development Life Cycle process governed by Release Management using A successful Git branching model by Vincent Driessen, Developing and Deploying with Branches and Deployments Best Practices by Beanstalk Guides

Project Management Framework
First adoption of Project Management using Azure DevOps for Project Managers by Cals Tutorials

Cryptographic Implementation
Self-taught implementation of FIPS-197 in Arduino C

Hack the Pentagon Recognition
Challenge Coin received from Department of Defense for submitting valid findings during Federal Government's first ever bug bounty program, Hack the Pentagon hosted by HackerOne

Open Source Contribution
Contributed software patch accepted by Single Sign-On software provider, Jasig/Apereo CAS, resolving lack of cluster support in cryptographic operations via CAS-1386

Desktop Management Automation
Orchestration of computer lab imaging, inventory management, and post-installation tasks using Altiris, DeepFreeze, Windows PE, and AutoIt

Mac OS 9 Imaging Automation
Automated arrangement of desktop icons on Mac OS 9 during annual imaging using AppleScript

Active Directory Automation
Automated import of 1k+ student accounts from Student Information System into Active Directory using Visual Basic script

The following PGP fingerprints belong to the owner of this repository: Matt Borja.

Asserted by cryptographically signed commit: be02acb@master (learn more).