Board-level security judgment from someone who has built the programs, companies, and tools.

Matt Konda

Security advisor for AI, quantum, and high-stakes software companies. Former Head of Security at IonQ (public quantum computing). Founder of Jemurai. OWASP Global Board Chair. 27+ years building security programs, leading teams, and shipping software.

Advisory Services Start a Conversation

27+ Years Experience

IonQ Head of Security

Jemurai Founder & CEO

OWASP Board Chair

Selected Outcomes

IonQ · Public Quantum Computing Company

Built the entire security program from zero — SOC 2, ISO 27001, CMMC, PCI. Hired and led a team of 12. Managed security through six acquisitions. Zero material breaches across five-year tenure.

Jemurai · Security Consulting Firm

Founded and ran for 12+ years. Delivered hundreds of penetration tests and security program engagements across quantum, finance, healthcare, and insurance. Built two SaaS platforms. Acquired 2024.

OWASP · Global Application Security Community

Elected to the global board of directors. Served as Board Chair 2016–2017, leading the 40,000+ member community through its maximum board terms.

Quantum Cryptanalysis Tooling

Built working toolkits that dissect TLS, SSH, and blockchain protocols, extract vulnerable cryptographic material, and model quantum attacks at the circuit level.

Advisory Services

Executive Security Advisory

Board briefings, CISO advisory, security strategy, and organizational readiness for companies navigating complex security decisions.

AI Security Strategy

Governance, risk frameworks, and hands-on security architecture for organizations building with or deploying AI systems.

Quantum / PQC Readiness

Quantum threat assessments, post-quantum migration planning, and cryptographic readiness — built on five years inside a quantum computing company.

Security Program Build-Out

From zero to audit-ready. Framework selection, team hiring, control implementation, and M&A security due diligence.

Latest Insights

The Quantum Threat Is Not Theoretical

Most quantum security conversations stop at ‘someday.’ After five years inside a quantum computing company, I can tell you exactly what’s vulnerable, when, and what to do about it.

AI Security: Separating What's Real from What's Marketing

Everyone is selling AI security. Most of it is repackaged application security with a new label. Here’s what actually matters when securing AI systems — and using AI to secure yours.

Security Culture Eats Policy for Breakfast

You can write perfect security policies and still have a terrible security posture. What actually changes behavior is culture — and culture comes from how security leaders show up.