About

Profile

#

I’m Masayoshi Mizutani (水谷 正慶), a software engineer focusing on information security. I have experience in network-based IDS research, malware analysis, SIEM integration, and SOC operations. Currently, I’m building security monitoring systems, DevSecOps architecture, AI agents for security operations, and various security mechanisms at Ubie, Inc.

Skills

#

Programming

#

Primarily developing in Go — backend services, platform infrastructure (authentication, data management), security tooling, CLI tools, and AI agent frameworks. Also experienced with Python, JavaScript, and C/C++.

Notable open-source projects:

• gollem — Go framework for agentic AI apps with MCP and built-in tools
• warren — AI-powered security alert management that reduces noise and accelerates response
• octovy — Trivy-based vulnerability management service
• masq — Utility to redact sensitive data for slog in Go
• goerr — Contextual error handling library for Go
• goast — Go AST-based static analysis tool with Rego

Cloud Architecture

#

Architect-level experience across major cloud platforms, covering both application design and security infrastructure:

• Google Cloud — 5 years. Application platform design, BigQuery-based analytics, Cloud Run workloads, security monitoring pipelines
• AWS — 4 years. ECS/Lambda-based service architectures, event-driven systems (SQS, Kinesis, SNS, EventBridge), S3/Athena log analytics, serverless architectures

Security

#

Broad coverage across product security, corporate security, and infrastructure security.

• Product Security — Security design review, privacy-aware data architecture, vulnerability management, developer security education
• Corporate Security — Identity management, EDR/MDM deployment and operations, privilege management, ISMS compliance
• Infrastructure Security — Access control design, authentication management (OIDC federation), Policy as Code governance
• Security Monitoring — Design and operation of managed SOC-grade monitoring platforms, log collection and aggregation, automated alert detection, SOAR for incident response

Career

#

• 2024.8–2025.7: Assistant Director to the Counselor, Japan Digital Agency (Part-time)
• 2021.9–present: Security Engineer, Ubie, Inc.
  • Product security engineering, vulnerability management, penetration testing
  • Policy as Code deployment, authentication platform design & implementation
• 2017.11–2021.8: Security Engineer, Cookpad Inc.
  • Design & implementation of security monitoring system on AWS
  • Security log collection, search engine (Amazon Athena), alert detection
  • EDR deployment and integration (CrowdStrike Falcon)
• 2011.4–2017.10: Research Staff / Security Analyst, IBM Japan
  • Research: Audit log management, SIEM (QRadar) integration, container security
  • SOC: Security alert detection & analysis, trend analysis reports, operational automation
• 2010.12–2011.3: Engineer (Internship), Internet Systems Consortium
  • Monitoring dashboard for Security Information Exchange
• 2010: Ph.D. in Media and Governance, Keio University
• 2008: Master of Media and Governance, Keio University
• 2006: Bachelor of Arts in Environment and Information Studies, Keio University

Presentations

#

• 2025.8 — Security Camp 2025 — IPA Security Camp
• 2024.8 — Security Camp 2024 — IPA Security Camp
• 2023.8 — Policy as Code — IPA Security Camp 2023
• 2023.5 — OPA/Rego for Security Command Center (SCC) Alert Management — Google Cloud Day ‘23
• 2022.8 — Policy as Code — IPA Security Camp 2022
• 2020.11 — Building Internal Security Infrastructure for Remote Work — Internet Week 2020
• 2020.10 — SOAR for Security Monitoring Efficiency and SecOps — CODE BLUE 2020
• 2020.10 — Security Architecture to Monitor and Analyze Secure Logs using AWS — AWS This is My Architecture
• 2020.1 — Building Security Log Search with Amazon Athena — Log Analysis Meetup vol.2
• 2019.7 — AWS re:Inforce recap 2019 — AWS re:Inforce 2019 re:Cap Seminar
• 2019.2 — Building a Scalable Security Monitoring Platform — Cookpad TechConf 2019
• 2018.12 — EDR Evaluation and Deployment in a Web Service Company — 4th Falcon DAY
• 2018.12 — Security Log Search Platform at Cookpad — Scramble! #2 Security
• 2018.7 — Log Collection for Security Monitoring of Office & AWS Environments
• 2018.5 — Building Security Log Analysis Platform on AWS — Security JAWS #9

Publications

#

Blog Posts

#

• Introducing S3-Centric Security Log Infrastructure on AWS This is My Architecture (in Japanese, 2020.12, Cookpad Developers’ Blog)
• Building a Container Image Vulnerability Scanning Pipeline with Trivy + AWS (in Japanese, 2020.7, Cookpad Developers’ Blog)
• Building a Serverless Security Alert Auto-Response Framework (in Japanese, 2020.3, Cookpad Developers’ Blog)
• Building a Security Log Search Platform with Amazon Athena (in Japanese, 2019.11, Cookpad Developers’ Blog)
• Log Collection for Security Monitoring of Office & AWS Environments (in Japanese, 2018.5, Cookpad Developers’ Blog)

Academic Papers

#

• Masayoshi Mizutani. “Incremental Mining of System Log Format.” SCC ‘13, IEEE International Conference on Services, 2013.
• Masayoshi Mizutani. “Method for estimating format of log message and computer and computer program there for.” US9858168B2, 2018.
• Masayoshi Mizutani, Keiji Takeda, Jun Murai. “An Analysis of Web Distributed Malwares and A Proposal of Their Detection Method.” IEICE TRANSACTIONS Volume J92-B No.10, pp.1631–1642, 2009.
• Masayoshi Mizutani, Akira Kanai, Keiji Takeda, Jun Murai. “A Malware Detection Method based on Communication Commonality – Implementation and Evaluation.” IPSJ 2009, Vol.50, No.9, 2009.
• Masayoshi Mizutani, Shin Shirahata, Masaki Minami, Jun Murai. “The Design and Implementation of Session Based IDS.” IEICE Transactions on Communications, Vol.89, No.3, pp.46–58, 2005.

All academic papers on Google Scholar

Links

#

• GitHub
• Zenn (Technology, Japanese)
• Dev.to (Technology, English)