After nearly four years at AWS, I made the decision to leave in early December and join Pixee Pixee as a Distinguished Engineer, focusing on AI Security. I didn't take it lightly. I'm grateful for the people and problems at AWS, but I'm even more excited about what's next.

Hanging Up Their Shoes

Hanging up their shoes at AWS - people leaving Amazon

You can't scroll LinkedIn right now without seeing this image of the Amazon smile and shoes. It's people hanging up their shoes at Amazon (aka people leaving). Last week, on January 28th, the company laid off 16,000 employees; in October 2025 it was 14,000. A lot of people are leaving, one way or another, and that image has been everywhere. I understand why some are leaving by choice, it's how I left, but for those of you who didn't get to choose the timing - there is life after Amazon.

Neighborhood and land - when teams optimize for territory instead of the whole

At a company of that size, identity and territory get wrapped up in the work. As generative AI took off, people cared a lot about carving out their land. What I saw over time was that a lot of energy went into defending or expanding that land and less into making sure the neighborhood made sense. This meant in some cases we had streets leading nowhere and circles that didn't connect to the rest of the community. When you're optimizing for your org chart and your scope, you're not always optimizing for the builder working to ship something secure, or for the system as a whole. You end up with incredible teams doing incredible work in silos, or multiple teams racing to achieve the same results, and the seams between them are where things get messy.

I found myself wanting something different. I wanted to worry about the work in front of me and building the right thing, the right way - rather than the work around me: the politics, the boundaries, the "who owns what." I wanted to be somewhere that cared as much about the outcome as about the org structure.

What SHINE Lit Up - And Who Was Left in the Dark

At AWS, I created and led the SHINE team (Security Hub of Innovation and Efficiency), which proved that automation and generative AI could fundamentally change AppSec using deterministic automations, secure-by-default platforms like CDK Blueprint Property Injection, and the Agentic Security Engineer (ASE) - an AI that could perform security review tasks autonomously. We moved from security as a gate to security as a continuous, intelligent part of the development process.

The catch? It took a dedicated team, documents, buy-in, and the scale of AWS to make it happen. Most companies can't build or hire a whole internal SHINE. They don't have the headcount, the tools, or the runway. Yet, these companies still deserve that level of security and that kind of leverage.

This is why I'm joining Pixee. With AWS SHINE I saw what's possible when security is built into the development process instead of bolted on at the gate, but it took a dedicated team and scale most companies don't have. Pixee isn't just replicating that, they're on the frontier, delivering a product so every team can get that leverage.

Pixee is your automated product security engineer. It consolidates SAST, IAST, and SCA into a single pane, triages alerts with AI, and separates real findings that need fixes from noise that doesn't, and drives automatic remediations. That's how teams unlock the velocity of GenAI-driven development without security as a gate.

For me, that's the opportunity: to take what I learned and help put this kind of leverage within reach of more teams and companies.

The Hidden Cost of DIY

The Hidden Cost of Building Your Own Remediation - DIY vs Pixee Resolution Platform iceberg comparison

Building your own AI-driven automated remediation sounds simple: prompt an LLM to fix code, ship a prototype in a few months, but that's just the proverbial tip of the iceberg. Below the waterline you're maintaining multiple scanner integrations and parsers, hundreds of security remediation rules, fix evaluation and validation, multi-file and reachability analysis, context gathering, and PR automation - plus continuous model and scanner updates. It adds up to 18–24 months to production, millions in engineering cost, and 3–5 FTE just to keep it from falling behind. The result is software debt that becomes unsupportable.

Pixee has already absorbed that complexity: years of engineering, a proven merge rate at scale, and integrations that stay current so your team doesn't have to. You get production-ready remediation in days, not years, with zero maintenance burden. That's why I'm here, to help more teams get that outcome without paying the hidden cost of DIY.

Why Pixee: The Work and the People

Pixee

That mission is what drew me in. The rest, the technical depth and the people, is what made it obvious.

The mission aligns. Pixee isn't bolting AI onto old tools. They're reimagining application security with AI and automation as first-class citizens in the workflow. That's the future I believe in.

The technical approach resonates. At SHINE we showed that context-aware AI could make the kind of nuanced security decisions that used to require a senior engineer. Pixee is going further: understanding code context, architecture, and security requirements in ways that traditional static and software composition analysis never could.

The team is exceptional. The people at Pixee aren't just building features; they're solving fundamental problems in how we secure software. Deep security expertise, serious AI/ML work, and a focus on building something new rather than iterating on the same playbook.

The timing is right. AI-generated code, supply chain complexity, and the pace of development have made the old model of AppSec unsustainable. The industry needs what Pixee is building, and they're positioned to lead.

What I'm Continually Excited About

I'm excited to take what we learned at SHINE and apply it at a company that's built from the ground up around these ideas. At AWS we had to work within existing systems. At Pixee we can design from first principles.

  • Removing security friction - With real-time feedback so that the easiest path is the secure path. We want our users to "fall into a pit of success".
  • Context-aware security - AI that understands not just what the code does but why it exists and how it fits into the bigger picture.
  • Continuous security intelligence - Decisions that develop an ongoing understanding of posture, drift, and remediation.
  • Learning at scale - Patterns across teams and industries making the product and the AI better for everyone.

I want to worry about the work right in front of me. At Pixee, that work is building the future of application security for everyone (not just for those who can afford) to SHINE.

If you're interested in Pixee or in joining the team, check out pixee.ai or reach out. We're always looking for people who care about this problem the same way we do.