Felix Matenaar

Professional Summary

Engineering leader with over 12 years of professional experience driving innovation with security for the most demanding applications, and mentoring high-performing teams. Passionate about advancing security and enabling trusted, scalable platforms.

Experience

Asana, San Francisco

Senior Engineering Manager (2022–2025)

• Managed 14 across Product-, Infrastructure-, and Data Security
• Set priorities for the security organization of ~30, coaching managers to deliver
• Identified top security risks highlighted to the company board, obtained funding
• Grew an AI security team for Asana's AI studio, ensuring it is a trusted platform
• Built security- and performance guardrails for FedRAMP, enabling $37M ARR
• Ensured response to security incidents to preserve trust with customers

Block (formerly Square), San Francisco

Software Engineer, Engineering Manager (2019–2022)

• Built team of 12 solving critical security engineering problems across all BUs
• Unlocked payments in international markets with tamper-proof mobile POS
• Led threat research and delivery of world-class tamper detection
• Reduced $10M annually lost revenue to fraud with endpoint fingerprinting

Google, Mountain View

Software Engineer, Technical Lead (2016–2019)

• Created Cloud IAM Policy Intelligence, enabling least-privilege access for billions
• Partnered with ML teams to develop and launch IAM role recommendations
• Threat modeled Chrome’s supply chain, preceding Google's SLSA efforts

Publications and Community Work

• Conference Program Review Committee (2025): BSidesSF – Reviewed conference program submissions across various areas including AI Security and Application Security.
• Podcast (2024): Building Resilient Security Practices – Guest appearance discussing scalable and resilient approaches to enterprise security at Asana.
• Conference Talk – OWASP (2024): Effective Security Design Review Program – Best practices for scalable security reviews in modern engineering organizations.
• Conference Talk – BSidesSF (2024): Effective Security on a Tight Budget – Strategies for maintaining strong security in resource-constrained environments.
• Patent (2015): Anti-Tamper Mechanism for Android Applications – Innovations in defending mobile apps from reverse engineering and tampering.
• Patent (2014): Android Hook Detection and Prevention – Techniques for detecting and mitigating runtime hooking on Android systems.
• Conference Talk – BlackHat USA (2013): Android Master Key Vulnerability – Presentation uncovering a critical flaw in Android's APK verification.
• Conference Talk – Source Dublin (2013): Android Reverse Engineering and Defenses – Exploration of reverse engineering tactics and corresponding defensive strategies.
• Research Paper (2012): CIS: The Crypto Intelligence System – Paper on automatic detection and localization of cryptographic functions in malware. Presented at IEEE Security & Privacy.

Education

RWTH Aachen University - Bachelor of Science, Computer Science (2008–2012)

• Thesis led to conference paper accepted at IEEE MALWARE Conference
• Distinguished participation in Defcon CTF Las Vegas hacking competition, 2012
• Coursework: Mathematics, Security, Distributed Systems, Software Design and -Testing

Hobbies

• Track days - You can occasionally find me on HPDE's (High-Performance Driving Events) in the northern California area. My current best lap using a 2021 BMW M2 Competition is 1:51:14 in Sonoma Raceway
• Scuba Diving - I've fallen in love with scuba diving since my initial certification in 2020. The various certifications I've pursued in recent years including rescue, nitrox, drysuit and intro to cave have made me increasingly comfortable exploring the underwater world
• Travelling - Explored 28 countries across all continents and counting :)