Ross Worden

Ross Worden is a digital security practitioner and forensics investigator who is a director at Unit 42, where he serves clients out of the firm’s office in Austin, Texas. His background includes extensive experience working as a cyber security and fraud/abuse executive and practitioner at several popular tech platforms, including Facebook  
and Uber.  

Most recently, Ross served as head of security response engineering for Grab, a Singapore-based app that provides ride-hailing, food and package delivery, and financial services to millions of people in more than 300 cities across Southeast Asia. Recruited by the company to establish and grow its capabilities in the areas of incident response, digital forensice, and threat intelligence, Ross built a multi-country security team of 15 employees in under a year. 

He joined Grab from Uber, where he was senior manager for security response and investigations and also a founding member of the ridesharing company’s technical investigation and insider threat team. With responsibility for detecting and responding to internal and external cyber threats, he conducted hundreds of digital forensics investigations and led teams through numerous high profile security incidents and audits. 

Previously, Ross was director of data science and investigations at 21CT, an Austin-based investigative analytics and fraud detection company, where he managed investigations into healthcare fraud for clients. Earlier he was a fraud lead and data analyst at Facebook, where he deployed and supervised fraud prevention rules and analyzed activities related to the company’s advertising and payments products. 

He began his career as a Medicaid fraud investigator in the Office of the Texas Attorney General. 

Ross is pursuing a master’s degree in information security engineering through SANS. He has a master’s degree in political science from the University of Georgia, and bachelor’s degrees in psychology and international studies from Austin College. He is a GIAC-certified fraud investigator, forensic examiner, and incident handler, and holds certifications in a number of other cyber security-related areas.