About WillWill is recovering System Administrator with a decade's worth of experience in technology and management. He now embraces the never-ending wild and exciting world of Information Security.Links:
Color Health: https://www.color.com

Twitter: https://twitter.com/willgregorian

TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at the Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: This episode is sponsored in part by CircleCI. CircleCI is the leading platform for software innovation at scale. With intelligent automation and delivery tools, more than 25,000 engineering organizations worldwide—including most of the ones that you’ve heard of—are using CircleCI to radically reduce the time from idea to execution to—if you were Google—deprecating the entire product. Check out CircleCI and stop trying to build these things yourself from scratch, when people are solving this problem better than you are internally. I promise. To learn more, visit circleci.com.Corey: Up next we’ve got the latest hits from Veem. Its climbing charts everywhere and soon its going to climb right into your heart. Here it is!Corey: Welcome to Screaming in the Cloud. I’m Corey Quinn. Sometimes I like to talk about my previous job being in a large regulated finance company. It’s true. I was employee number 41 at a small startup that got acquired by BlackRock. I was not exactly a culture fit, as you probably can imagine by basically every word that comes out of my mouth and then imagining that juxtaposed but they’re a highly regulated finance company.Today, my guest is someone who knows me from those days because we worked together back in that era. Will Gregorian is the head of Information Security at Color Health, and is entirely too used to my nonsense, to the point where he becomes sick of it, and somehow came back around. Will, thanks for joining me.Will: Hello. How are you?Corey: It’s been a while, and so far, things are better now. It turns out that I don’t have—well, I was going to say I don’t have the same level of scrutiny around my social media usage that you do at large regulated finance companies anymore, but it turns out that when you basically spend your entire day shitposting about a $1.8 trillion company in the form of Amazon, oh, it turns out your tweets get an awful lot of scrutiny. Just, you know, not by the company that pays you.Will: That’s very true. And you knew how to actually capitalize on that.Corey: No, I sort of basically figured that one out by getting it wrong as I went from step to step to step. No, it was a wild and whirlwind time because I joined the company as employee 41. I was the first non-developer ops hire, which happens at startups a fair bit, and developers try to interview you and ask you a bunch of algorithm questions you don’t do very well at. And they say, “Well, I have no further questions. Do you?”And of course, there’s nothing that says bad job interview like short job interview. “Yeah, just one. What are you actually working on in an ops context?” And we talked about, I think, migrating from EC2 Classic to VPC back in those days, and I started sketching on the whiteboard, “Let me guess it breaks here, here, and here.” And suddenly, there are three more people in the room watching me do the thing on the whiteboard.Long story short, I get hired and things sort of progressed from there. The acquisition comes down and then how, uh, we suddenly, it turns out, had this real pressing need for someone to do InfoSec on a full-time slash rigorous basis. Which is where you came in.Will: That’s exactly where I came in. I came in a month after the acquisition, if I remember correctly. That was fun. I actually interviewed with you, did