Justin Thomas


  • Chief Information Security OfficerSila
  • Senior Security ArchitectFastly
  • Information Security and Compliance OfficerJoyent
  • Cloud Security ArchitectSymantec
  • Senior Director of Information SecuritySimple Finance
  • Vice President and Information Security Risk ManagerUmpqua Bank


  • Master of Business AdministrationMarylhurst University
  • Bachelor of Arts in Business ManagementBushnell University

Justin Thomas



Justin brings a lifelong sense of curiosity and exploration to a career devoted to helping people manage information and technology risks effectively. With a particular emphasis on FinTech and Engineering firms in the early stages of their growth, Justin has built expertise in a broad range of domains that allow him to guide executive and engineering teams through the development and implementation of business-focused cybersecurity and risk management capabilities.

A pragmatic business leader first and foremost, Justin also has a deep affinity for novel technical challenges and for developing risk mitigation strategies for non-traditional business ideas. He brings specific experience in a broad set of common cloud development tools including Amazon Web Services (AWS), Google Cloud Platform (GCP), Google Workspace, Microsoft Azure, Microsoft 365, Kubernetes, Vercel, GitHub, GitLab, Datadog, etc. Similarly, Justin has supported and is adept with environments built around Linux, Mac OS X, Microsoft Windows, IllumOS, and other less common platforms.

Although software development is not his primary strength, Justin is an adept coder within self-selected constraints. He favors technologies that promote safe coding practices (e.g., Rust, Typescript, Haskell, etc.) but can contribute to codebases in Python, Ruby, plain Javascript, Java, etc. Justin has also built blockchain-based applications (e.g., Solidity/Ethereum) and is comfortable working with those tools.

Justin will provide fact-based opinions to assist teams in building a capable and versatile business operations platform. But he is also willing to help teams extend and better manage risk with any reasonable existing architecture.