Alex Smolen is a security engineer and the founder of EngSecLabs. He works with technology startups who need hands-on engineering and security expertise — helping teams ship at high velocity while having real confidence in the security of their product.
If you're looking for a security program your engineers won't hate, you've come to the right place.
import { SecurityProgram, Control } from '@engseclabs/core'; const program: SecurityProgram = { stage: 'series-a', frameworks: ['soc2', 'fedramp'], controls: [ { id: 'CC6.1', owner: 'engineering', automate: true, }, ], // security built for teams that ship fast friction: 'minimal', }; export default program;
Building security programs appropriate to your company stage. From first SOC 2 to FedRAMP, I design practical controls that reduce risk without slowing down your team.
Security architecture and automation that integrates with your development workflows. Infrastructure-as-code controls, compliance automation, and tooling that treats security like software engineering.
Security architecture review, threat modeling, and strategic guidance for product teams. I help you make security decisions that align with your product roadmap and enable fast, secure development.
I'm a security engineer with over a decade of experience building and breaking security-critical systems. I've worked across application security, cloud infrastructure, AI security, and compliance at technology startups and high-growth companies.
I write about security engineering on this blog and on alexsmolen.com. If you're working through a hard security problem, I'd like to hear about it.
Whether you have a specific security challenge or want to discuss building out your security program, I'd like to hear from you. Reach out at:
alex@engseclabs.comOr use the form to tell me about what you're working on.