Paul Foryt

Paul Foryt

Product & Engineering Leader | Infrastructure | Security

Hands-on and adaptable Product and Engineering leader with 10+ years combined experience working in the startup space and on products in regulated industries.Over the years I've worked in a wide range of industries, including healthcare, medical devices, payment processing, point of sale, ecommerce, inventory management, fintech, and blockchain.


  • Product Leadership

  • Engineering Management

  • Security & Compliance

  • Software Architecture

  • DevOps/DevSecOps


Styra / OPA & Authorization
2022 - Present: Director of Product Management
Ready / Consumer Healthcare
2021 - 2022: Director of Product, Security & Infrastructure
2020 - 2021: VP, Product & Engineering
Infuse / Product & Software Consulting
2018 - 2020: Director of Security
2016 - 2020: Senior Product Manager
2015 - 2016: PM & SW Engineer
SimpliFit / Consumer Digital Health
2014 - 2015: CTO & Co-founder
Hospira / Medical Devices
2012 - 2014: Systems Engineer
Northwestern University / Feinberg School of Medicine
2008 - 2013: Research Technician
Fenwal / Medical Devices
2009 - 2011: Systems Engineering Co-Op


Northwestern University / BS Biomedical Engineering, 2012


Skills I've learned over the years to scope, build, and maintain high-quality and secure products and systems.

- Entrepreneurship, Product Strategy and Vision
- Team Resource and Budget Planning, Interviewing and Hiring
- Engineering Management, Team Culture, Mentoring & Coaching
Product Design
- User-Centered Design, Accessible Design
- Wireframes, Low-Fi Mockups, UI/UX Design
Product Management
- Product Lifecycle, Competitor Analysis
- User Personas, User Needs Analysis, Requirements Management
- User Flow Planning, User Analytics and Funnels, User Testing and Validation
- QA, Test Cases, Regression Testing
Project Management
- Agile, Scrum, Sprints, Kanban, Backlog Grooming, Standups, Sprint Retros
- Project Scoping, Timelines, Budgets, and Staffing
Software Development
- System of Systems Design, Software Architecture, Serverless Architecture, Warehouse and Data Lake Architecture
- RESTful APIs, GraphQL APIs
- CI/CD, DevSecOps, Change Management
Software Security
- Code Quality, Code Security, Static Code Analysis, Dependency Analysis
- Risk Analysis and Mitigation, Software and Process Audits, Incident Response and Management

Tools & Tech

The long list of tools and technologies I've used over the past decade. This is more for my own documentation and reference, but feel free to take a look.

Product and Data
- Design: Sketch, Figma, Miro, Balsamiq, Zeplin, Invision, Canva, Photoshop, LucidChart
- Analytics: Mixpanel, Amplitude, Heap, AppsFlyer, Kochava, Google Analytics
- Communication: Mailchimp, Mailgun, Sendgrid, Twilio, CallRail, Jive
- Support: Zendesk, Freshdesk
- Low Code: Formstack, Jotform, IFTTT, Zapier
- Data: Tableau, Looker, Netsuite, Observe
- Project: Canny, Aha, Jira, Confluence, ClickUp, Monday, Asana, Trello, Notion
- Payments: Stripe, PayPal, Braintree, Plaid, Clover, Square, BigCommerce
- AI: OpenAI (Codex, GPT-3, GPT-4, ChatGPT), GitHub Copilot

- IaC: Terraform, Terraform Cloud, CloudFormation, Serverless Framework, Packer
- Containers: Docker, Kubernetes
- Packages: DockerHub, ECR, Helm, NPM, Terraform Registry
- OS: Amazon Linux, CentOS, Ubuntu, Windows Server, OS X
- VPN: OpenVPN, Perimeter 81
- Authentication: Auth0, Okta, Cognito
- Authorization: Open Policy Agent
- Monitoring: Sentry, Rapid7 InsightOps, New Relic, Crashlytics, Bugsnag, PagerDuty
- CI/CD: GitHub Actions, Bitbucket Pipelines, Jenkins, Codeship, CircleCI
- Code Security: Pre Commit, Gitleaks, Gitlint, Dependabot, Mergeable, Checkov, KICS, tfsec, tflint, Regula, NPM Audit, Brakeman, OWASP Dependency Check, ESLint
- Cloud Security: Cloudmapper, Cloud Custodian, Prowler, AWS Config, AWS Security Hub
- Misc: Bash, Postman, Swagger, SysML/UML, Airflow, CloudFlare Workers, ActiveMQ

Amazon Web Services (AWS)
- Compute: EC2, Elastic Beanstalk, EKS, ECS, ECR, Lambda
- Database: RDS, Aurora, Redshift, Redshift Spectrum, DynamoDB, ElastiCache
- Analytics: Glue, Athena, Kinesis, ElasticSearch/OpenSearch
- ETL: DMS, Data Pipeline, Transfer SFTP
- Communication: SES, Pinpoint, Connect, Chime
- Storage: S3, EFS, Backup
- Security: Cognito, GuardDuty, Security Hub, Inspector, Detective, KMS, Secrets Manager
- Network: VPC, API Gateway, Route53, AppSync, CloudFront, WAF
- Governance: IAM, Config, SSM, Organizations, CloudFormation, Macie
- Observability: CloudTrail, CloudWatch, X-Ray
- Integration: EventBridge, AppFlow, SNS, SQS
- ML: Comprehend, Rekognition, Textract

Android and iOS
- Java, Objective C
- Cordova, PhoneGap, Ionic
- XCode, Android Studio, Fastlane
- Apple Push Notification service (APNs), Firebase Cloud Messaging (FCM)
- Google Play Developer, Apple Developer and App Store, TestFlight

- PostgreSQL, MySQL, MS SQL, Redshift
- DynamoDB, MongoDB
- Redis

- NodeJS, ExpressJS, CoffeeScript, Apollo GraphQL, Postgraphile
- AngularJS, VueJS, Lavaca, ReactJS, React Native, Amplify, Storybook
- Jest, Cypress, ESLint

- Pillow, boto3, pytest

- GoReleaser, Go testing

- Ruby on Rails, Puma, Sidekiq
- RSpec, Rubocop, Brakeman

- Laravel, Wordpress, Drupal
- PHPUnit, PHPSpec