Daniel Grzelak

Daniel Grzelak

Founder, investor, advisor, hacker, speaker, and security leader. I've spent my career helping organizations—from startups to multi-billion dollar enterprises—build and scale their security programs.

I started advising startups because I saw founders making the same mistakes over and over again—hiring too early, buying tools they didn't need, over-engineering compliance. I wanted to help them avoid those traps.

My background spans offensive security, security engineering, and security leadership. I've built security practices from scratch, led teams across multiple continents, and managed hundreds of consulting projects for major enterprises worldwide.

Today, I split my time between advisory work with startups and building security products. I believe the best advice comes from people who are still practitioners—not just people who used to be.

Experience

Leadership Roles

Plerion

Chief Innovation Officer

Building cloud security products that help security teams protect their AWS, Azure, and GCP environments.

Linktree

CISO

Led security at the link-in-bio platform used by over 50 million creators worldwide.

Atlassian

Head of Security

Led security programs at the enterprise collaboration software company behind Jira, Confluence, and Trello.

University of Sydney

Information Security Manager

Managed information security for one of Australia's leading research universities.

SIFT (stratsec)

Managing Consultant

Developed and led the application security consulting practice. Managed hundreds of consulting projects across multi-billion dollar enterprises globally.

Startup Advisory

Human

Security Advisor

Healthcare technology platform improving health outcomes.

Plerion

Advisor

Cloud-native security platform for AWS, Azure, and GCP.

Fleet

Security Advisor

Open-source device management for IT and security teams.

Dashbird

Advisor

Serverless monitoring and observability platform for AWS.

Eggy

Advisor

Work-life management platform for deskless workforces.

Whooshkaa

Advisor · Acquired by Spotify

Podcast technology platform for creators and broadcasters.

Cloud Conformity

Advisor · Acquired by Trend Micro

Cloud security posture management platform.

Projects & Publications

WeTakeSecuritySeriously.com

2026

A searchable archive of breach disclosures. The words they choose, the phrases they copy, and what they leave out.

awseye.com

2024

See inside AWS accounts. A tool for understanding and visualizing AWS environments.

AWS Security Digest

2024

Weekly newsletter covering AWS security news, updates, and best practices.

Project Spacecrab

Archived

Open-source toolkit for breach detection using AWS honey tokens.

ShouldIChangeMyPassword.com

Retired

Digital security awareness tool that helped users understand credential exposure.

Speaking

I've spoken at security conferences including Black Hat Asia, fwd:cloudsec, AusCERT, Ruxcon, Kiwicon, AISA National, and HK InfoSec Summit.

My Approach

I don't believe in security theater. I believe in making good decisions with the information you have, building incrementally, and not letting perfect be the enemy of good.

When we work together, I'll tell you what I've seen work and what I've seen fail. I'll push back if I think you're over-engineering. I'll tell you when something is good enough and when it's not. And I'll always try to give you the "why" behind my recommendations—so you can make the final call yourself.

What I believe

  • Security should enable the business, not slow it down. The goal is to ship with confidence, not to build a fortress.
  • Context matters more than frameworks. What's right for a 500-person company isn't right for a 20-person startup.
  • Good enough today beats perfect someday. Iteration beats big-bang implementations.
  • People over tools. Your first security hire matters more than your first security tool.
  • Transparency builds trust. Being honest about your security posture is better than pretending you have it all figured out.

Who I work best with

I'm particularly interested in helping:

  • B2B SaaS companies navigating their first enterprise deals
  • Developer tools and infrastructure startups
  • Founders building security products
  • Any startup where the founder or CTO is currently "the security person"

Want to chat?

I'm always happy to meet founders thinking about security. No agenda required.

Send me an email Connect on LinkedIn

Also find me on GitHub and dagrz.com