Growing our security and open standards team

October 26, 2017 4 minute read

In celebration of this week’s National Cybersecurity Awareness Month theme, The Internet Wants YOU: Consider a Career in Cybersecurity, we asked three of our security and open standards rockstars — Jesper Johansson, Torbjörn Granlund, and John Bradley — to share their career background, and the journey that led them to Yubico.

Jesper Johansson, Chief Security Architect, Yubico

Jesper joins Yubico’s Seattle office to grow and lead the Yubico Security Team. He leaves his post at Google, where he worked in the Security & Privacy team. Prior to that, he spent a decade at Amazon, rising to Chief Security Architect for Amazon’s Worldwide Consumer business, and was a security strategist and founding team member of the Trustworthy Computing Team at Microsoft.

When asked to impart some advice to those pursuing a career in cybersecurity, he shared:

“Two things — first, learn another field as well. You can’t be an expert in security without being an expert in some related field. Security is all about protecting something, and you have to have a good understanding of that something else. Second, be pragmatic. The biggest mistake security folks make is trying to secure things to a level that far exceeds the value of the asset you are protecting, or the risk to that asset. We need to focus on security solutions that support the business rather than those that hinder it.”

Jesper is the author of three books, many articles, and blog posts, and has delivered more presentations on security than anyone could remember.

Torbjörn Granlund, Senior Software Engineer, Yubico

Torbjörn recently joined our Stockholm office as an expert in efficient and side channel resilient asymmetric cryptography. He has contributed fundamental functionality to the GNU project, which is used by Linux for file copying, string and memory operations, as well as the GNU compiler.

Torbjörn proves that following your passion and honing your skills can lead to a fulfilling career and significant breakthroughs. “I’ve always been into maths, and in my teens turned into programming. I took a Masters in Science in CS. Far into my career, I realized that my maths skills were lacking, and decided to take a PhD with more maths and more theoretical CS,” said Torbjörn.

Torbjörn developed and authored the GMP arithmetic library, the de facto standard library for arithmetic within the areas of computational number theory — truly a great achievement in the field of mathematics. It is used for asymmetric cryptography in libgcrypt, nettle, GnuTLS, and optionally in OpenSSL.

John Bradley, Senior Technical Architect, Yubico

With more than 15 years of experience, John is an Identity Management subject matter expert and IT professional, whose primary focus at Yubico is on open identity standards. John is treasurer of the openID Foundation and the Open Identity Exchange (OIX), and an active contributor to SAML, OAuth, and other IETF standards. He is also one of the leaders of OSIS and the OpenID Certification, forums that vendors use for industry interoperability testing.

In a previous role, John was asked for a solution that offered the same level of security used for the US Government Service Agency (GSA), but was simple enough for the average user. Meeting the challenge, John co-authored the ICAM protocol profiles at Protiviti Government Services on behalf of GSA, and is currently co-authoring the next version of the openID specification and related standards.

“The standards are all coming together for 2018, as observed by Microsoft at CIS. We also made progress this year by updating NIST SP-800-63 to a third revision to accommodate the new techniques beyond the original smart card model,” he continued. “The goal is to make possible end-to-end proof of possession security from the first authentication through to the last access token.”

With an impressive list of achievements between the three, we are thrilled and proud to welcome them into the Yubico team.

Interested in a career in cybersecurity at Yubico? Check out our open job opportunities here.

Share this article:

Recommended content

How YubiKeys are made: Security at scale

The first YubiKey was manufactured in Sweden in 2008. A few years later, part of our team moved from Stockholm to California, and we expanded our production capabilities to this part to the US West coast. It was a conscious choice to manufacture our products in the two democratic countries that were close to our ...

New Yubico for Free Speech Program Arms Nonprofits with Strong Authentication

2020 continues to be a challenging year in many ways for all of us, but today, we’re proud to share some hopeful news — Yubico is introducing the Yubico for Free Speech Program, an initiative designed to defend digital privacy, online security, and free speech for at-risk individuals and nonprofit organizations. As of July 1, ...

Star Wars Day Promo: May the 4th Be With You!

You don’t have to travel to a galaxy far, far away to find a more wretched hive of scum and villainy. Sadly, our world is facing an ever-growing number of phishing attacks from data smugglers (work with us here). But there is hope. A new force has awakened… You. And you’re armed with this… a ...

Why we designed the YubiKey the way we did

The first YubiKey was launched in 2008, inspired by the word ‘ubiquity’ and with the mission to make simple and secure logins available for everyone. At the time, we were less than 10 people in the company, but our strategy was simple: if we focused on further developing the YubiKey technology in close collaboration with ...