Colin Domoney

CTO & Co-Founder, LibertiTec · Author · Speaker · Advisor

Profile

Colin Domoney is a UK-based technologist and company director who applies 30 years of security expertise to protecting the world’s most vulnerable people and most sensitive data.

As CTO and Co-Founder of LibertiTec, Colin is building the next generation of privacy infrastructure for organisations with a duty of care. Products include CVAssist, a secure data platform for humanitarian organisations, journalists, and human rights lawyers; and CZAssist, a hardware-enforced support platform for UK police and statutory bodies. LibertiTec is Innovate UK funded, UK-built, and designed from the ground up with secure-by-design and private-by-design principles — applying 30 years of cryptography and hardware security experience, including designing hardware security modules at nCipher (now Thales) for global banking and payment systems.

His humanitarian work is grounded in personal experience. Growing up in apartheid-era South Africa, he witnessed first-hand how education and technology can be tools of liberation when systems of power try to foreclose the future.

His enterprise security career spans the full stack. He built Deutsche Bank’s global AppSec programme as VP — one of the largest and most successful implementations on record, assessing and remediating vulnerabilities across more than 5,000 applications. He then consulted with Fortune 500 organisations on DevSecOps transformation through CA Technologies and Veracode, and served as Chief Technology Evangelist at 42Crunch, where he curated the APISecurity.io newsletter and built one of the API security field’s most engaged developer communities. In February 2024, he published Defending APIs — the industry’s first dedicated book on the subject.

Colin holds a BSc in Electronics from the University of KwaZulu-Natal (Summa Cum Laude) and an MSc in Engineering Management from Brunel University (Merit), alongside ISC2 CSSLP certification. He is a regular conference speaker and former DevOps Institute instructor.

Today, Colin’s focus is singular: building technology that protects rather than profits.

Experience

LibertiTec / TOU App Ltd — CTO & Co-Founder

Jan 2024 – Present · Liverpool

Co-founded to build privacy infrastructure for organisations with a duty of care. Innovate UK funded. Products include CVAssist (humanitarian orgs & journalists) and CZAssist (UK police & statutory bodies). Secure-by-design and private-by-design from the ground up.

Sidekick Security — Product Security Consultant (Part-time)

Dec 2025 – Present · Liverpool (Remote)

HackerOne bug bounty triage, third-party risk management, and security architecture advisory.

Randstad NL — Security Consultant (Contract)

Sep 2023 – Dec 2025 · Liverpool (Remote)

Security liaison for R-One and WA-One strategic programmes. Architecture reviews, security guidelines, pen test coordination, and regular reporting to the CISO office.

42Crunch — API Security Research Specialist → Chief Technology Evangelist → Ambassador

Aug 2021 – Apr 2024 · Liverpool (Remote)

Primary spokesperson at global industry events. Curated APISecurity.io — the field’s most widely read newsletter. Published Defending APIs (Packt, 2024), the industry’s first dedicated book on API security.

CyberProof / UST Global — Security & Cloud Architect

Jan 2020 – Aug 2021 · Liverpool (Remote)

Assessed security maturity and guided major enterprise clients toward secure posture across Azure cloud and legacy infrastructure.

Codethink — Consultant

Jan 2019 – Jan 2020 · Manchester

Secured and hardened build systems for a leading German automotive manufacturer and South Korean development partner, ensuring repeatable and reproducible distributed builds.

Veracode / CA Technologies — Senior Principal Transformation Consultant

Apr 2016 – Dec 2018 · London

Progressed from Senior Product Innovation Manager through Consultant Solution Architect (Veracode) to Senior Principal Transformation Consultant (CA Technologies). Advised Fortune 500 organisations on DevSecOps transformation.

Deutsche Bank — Vice President, Application Security

Mar 2012 – Apr 2016 · London

Built and led one of the largest global AppSec programmes on record — 5,000+ applications assessed, several million vulnerabilities remediated. Embedded security across all software development at the bank.

Education

BSc Electronics — University of KwaZulu-Natal

Summa Cum Laude

MSc Engineering Management — Brunel University

Merit

ISC2 CSSLP

Certified Secure Software Lifecycle Professional

Publications & Speaking