AWS Security Blog

AWS Security Profiles: Colm MacCárthaigh, Senior Principal Engineer

AWS Security Profile: Colm MacCarthaigh
In the weeks leading up to re:Invent, we’ll share conversations we’ve had with people at AWS who will be presenting, and get a sneak peek at their work.

How long have you been at AWS and what do you do in your current role?

I joined in 2008 to help build Amazon CloudFront, our content delivery network. These days, I work on Amazon Elastic Compute Cloud (Amazon EC2) and cryptography, focusing on products like AWS Nitro Enclaves and our network encryption.

What’s your favorite part of your job?

Working with smart and awesome people who I get to learn a lot from.

How did you get started in Security?

Around 2000, I became a system administrator for a multiuser university shell service called RedBrick. RedBrick is an old-school Unix terminal service run by students, for students. Thousands of curious people had access to log in, which makes it a very interesting security challenge. We had to keep everything extremely up-to-date and deal with all sorts of nuisances and abuse. I learned how to find and report new kernel vulnerabilities, deal with denial-of-service attacks, and manage campaigns like getting everyone to move to the encrypted SSH protocol rather than Telnet (which was more common at the time). We tried educating users, but in the end I built a client with a one-click SSH to RedBrick button and that did the trick.

How do you explain what you do to non-technical friends or family?

“I work on the internet” is probably the most common, or these days I can say, “I work on the cloud.” Most of my friends and family are non-technical; we hang out and play music, and catch up and socialize. I try to avoid talking about work.

What are you currently working on that you’re excited about?

Nitro Enclaves is going to make it cheaper and easier for customers to isolate sensitive data. That’s a big deal. Anything we can do that is going to improve the security of people’s data is a big deal. We’re all tired and weary of hearing about “yet another data breach.” Not everyone has the depth of expertise and experience that Amazon has. When we can take the lessons we’ve learned, and the techniques we’ve applied, for securing businesses like and then give those lessons and techniques to customers in an easy to consume form—that excites me.

You’re presenting at re:Invent this year—can you give readers a sneak peek of what you’re covering?

I’ll be talking about Nitro Enclaves, but also presenting some more insights into how we build at AWS. We recently launched the Amazon Builders’ Library, which is an ongoing series of articles and deep dives into lessons we’ve learned from building, Alexa, AWS, and other large services. I’m going to cover what simplicity means for us, and also talk about things we do that most customers would never need to do themselves, so that should be fun.

What are you hoping that your audience will do differently after your session?

I’ll be happy if people pick up a few tips and tricks and get a sense of how we break down problems in a customer-obsessed way.

What is your favorite Leadership Principle at Amazon and why?

My favorite leadership principle is Ownership. I love that we’re empowered (and expected) to be owners at Amazon. Part of that is not having to seek a lot of permission, which helps with moving quickly, and part of that is a feeling of team pride that comes from a job well done.

What’s the best career advice you’ve ever received?

Be fully committed or get out of the way, but don’t do anything in between.

If you could go back, what would you tell yourself at the beginning of your career?

I’ve caught enough lucky breaks that I feel like I’ve done really well in my career, definitely wildly beyond what I could have dreamed of when I was a teenager, so I wouldn’t want to change anything. Who knows how things would go then! If I could go back in time, I’d give some hints and help to amazingly talented people I know who got stung by bad luck.

What are you most proud of in your career?

Becoming a Project Management Committee (PMC) member for the Apache httpd webserver was a huge milestone for me. I got to contribute to and maintain Apache, and was trusted to be release manager. That was all volunteer work, but it started everything for me.

I hear you play Irish music. What instruments do you play?

Yes, I play and sing Irish traditional music. Mainly guitar, but also piano, Irish whistle, banjo, cittern, and bouzouki. Those last instruments are double-stringed and used mainly for accompaniment. I’ve played in stage shows, bands, and I get to record and tour often enough, when we’re not on lockdown. It is very hard to beat how fun it is to play music with other people, there’s something very special about it. Now that I live in the U.S., it also connects me to Ireland, where I grew up, and it gives me an opportunity to sing in Irish, the language I spoke at home and at school growing up.

If you have feedback about this post, submit comments in the Comments section below.

Want more AWS Security how-to content, news, and feature announcements? Follow us on Twitter.


Colm MacCárthaigh

Colm joined AWS in 2008 to work on high-scale systems and security. Today, he works on AWS IAM and network cryptography. Colm is also an active open source and open standards contributor. He’s a long-time author and project maintainer for the Apache httpd webserver, and a contributor to the Linux kernel and IETF standards. Colm grew up in Ireland, and still plays and sings Irish music.