Sorah Fukumori

Software Engineer

Sorah is a Rubyist, and a Rustacean. Sorah has a broad expertise, including: Cloud infrastructure, Security, Digital identity & authentication, Network. And is capable to act as a full-stack engineer ranging from low-level infrastructure to web frontend.

Sorah's currently working as a software enginner of Platform and Corporate Engineering (IT) for Cookpad and is serving as head of Security (CISO) and IT.

During her spare time, Sorah is sometimes powers conference up with Wi-Fi, organizes an international conference on Ruby, contributes to Ruby Core, and operates non-commercial BGP AS 59128.

Sorah is also known as: sora_h, soraher, そらは, 福森空葉

Links and Contacts

More →

Professional Experiences

Cookpad Inc.

Staff Software Engineer (Platform, Security and IT) and CISO
April 2012 - Present
  • Plays various important roles in the company. Responsible for: End-user facing cloud infrastructure and its reliablity, Security, and Employee Productivity (IT and Engineering Platform) in the both Cookpad Japan and Global organisation; Note: Cookpad Global develops and operates international service independently from Japan domestic business.
  • From January 2024, assumed role of CISO and started to serve as head of Security and IT. However still working as an individual contributor for areas I responsible for.

Corporate Engineering Team (aka. IT)

Head of IT and Security, CISO
Janurary 2024 - Present
  • Responsible for Security, IdP, MDM, corporate IP network, and Employee Productivity.

Corporate Engineering Team (aka. IT)

Staff Software Engineer (IT and Security)
October 2019 - December 2023
  • Responsible for Security, IdP, MDM, corporate IP network, and Employee Productivity.
  • Delivered a Google Workspace primary domain rename with zero downtime and confusion, including most of external SaaS used in the company. (Blog post, 2023)
  • Contributed to system design of in-house workflow and inquiries management system; built with Rails, React and AWS Step Functions. (2023)
  • Delivered office relocation to Yokohama; As a part of responsibility, delivered IT and Network related changes, but not limited to: Assisted a lot of things by working closely with board members. During the project, Sorah redesigned corporate office networks and moved core functionality to a data centre. (2021)
  • Led technical operation of annual global all-hands meetings; Designed and operated a single live stream with speakers from various locations worldwide, including office premises and remote attendees. (2019-2020)
  • Launched a IT team in company's UK office to improve local operations and support coverage of its local employees. Ran onboarding of the initial member hired locally. (2019)
  • Built Jamf and Intune setup; Enabled iOS/Android BYOD based on Intune, migrated all corporate-owned MacBooks to Jamf-controlled, and enabled zero-touch setup for most devices. (2018-2019, 2022)
  • Built multi-region Active Directory fleet for LDAP workloads, along with Azure AD (Entra ID) as a primary IDaaS. (2019)
  • Built in-house web-based tool to self-manage passwords and groups in Active Directory. It also actively replicates data to separate OpenLDAP instance for gradual consolidation with AD. (2017)
  • Organized the company's tech conference 'Cookpad TechConf'; This includes running Wi-Fi for a large number of attendees. (Blog post; 2017-2019, 2022)

Platform Engineering Team

Staff Software Engineer (Platform)
May 2015 - Present
  • Responsible for Security and Developer Experience in Japan and Global organisation.
  • Decommissioned a traditional IPsec appliance and replaced with Twingate to enhance security of non-Web based internal servers with per-DNS-name access control. (2022)
  • Launched efforts to improve communication between end-users, support team, and SRE team during service outages and issues. A service status page was also published during the project. (2020)
  • Led severe security incident response at private information exposure in the album feature (「料理アルバム」における保存写真の表示不具合). (2020)
  • Proposed and executed legacy TLS deprecation (TLS 1.0 and 1.1), to keep following modern best practices in the industry. Launched a in-house portal to allow service developers to check legacy protocol usage in their systems, and turn them off easily. (Blog post, 2020)
  • Designed and built a IoT infrastructure for Cookpad Mart for fridges and label printers with SORACOM; This includes Linux base system images for Raspberry Pi with CI, fleet management service including OTA update delivery and network infrastructure to connect server-side systems with deployed IoT devices. (blog post, 2019)
  • Ran in-house ISUCON (web app performance competition) as a company-wide activity in the engineering organisation to share knowledge of designing and building high performance web application. (2019)
  • Built a multi-region aware SSH bastion server that a single connection to a bastion in the closest region can reach servers in all regions and data centers. (2018)
  • Built a in-house mobile app distribution service 'Haneda'; All employees can install nightly apps or in-house apps easily into their mobile phones. (2018)
  • Launched a in-house portal to self-manage AWS IAM user and console access; This removed human intervention to issue access keys on their first use. (2018)
  • Assisted a launch of SRE team dedicated for international service located in UK, including onboarding the initial members hired locally. (2017-2018)
  • Migrated GitHub Enterprise Server from on-premises to AWS. We were the initial customer for its AWS support. (Blog post, 2015)
  • Launched a new infrastructure for international service ('Global') from scratch in a AWS region apart from domestic service, and enhanced use of AWS managed services and features. (2015)

Development Infrastructure Team

Software Engineer
April 2012 - April 2015
  • Delivered several Ruby and Rails upgrades of the world's largest Rails monolith.
  • Delivered Mamiya, to enable fast deployment of large application to large server fleet.
  • Developed Envchain, which make use of environment environments for secrets on local development more secure.

Works available as a Open Source Software


March 2023
  • A small OIDC IdP backed with Omniauth designed for small teams and organisations, and targeted to run in AWS Lambda for low running cost. RubyKaigi and KMC uses this to provide their team members an access to their AWS account and OIDC-enabled AWS ALB using GitHub login, in combination with sorah/himari2amc


September 2022
  • An alternative helper software for AWS IAM Roles Anywhere targeted for Linux server machines, to bring several advantages over the official one including: Scoped exposure of credentials (without giving direct access to the certificate), systemd integration; Built in Rust.


October 2022
  • A lightweight Ruby library to run a Rack web application in AWS Lambda through API Gateway and Function URL.


November 2021
  • An HTTP image proxy with JWT authentication for my company's internal pages to deal with 3rd party cookie. Integrates with Fastly Compute@Edge for edge caching, as we had employees worldwide. Built in Rust.


August 2021


November 2018


September 2018
  • A web application provides AWS IAM access key self service and federated login to AWS management console, based on IAM users.


December 2017
  • Web-based FIDO U2F helper for CLI operations (e.g. SSH logging in)


December 2016
  • Wrapper for Itamae to make it easily use with a lot of servers by inventory.


June 2016
  • A tool to codificate a configuration of Fastly CDN in Ruby DSL.


February 2016
  • A simple, effective ACME client to use with many servers and a cloud.
  • ACME Protocol is used at Let's encrypt for automating SSL certificate issuing. Acmesmith is the simplest client that works with several cloud providers for securing keys.


September 2015


September 2014


June 2014


January 2013
  • Simple blog system built up with Sinatra, written in Ruby.

Find more at my GitHub.

Selected Activities and Affiliations


Conference Organizer, Wi-Fi Network Operations Lead
September 2017 - present
  • RubyKaigi is the world's largest international conference on the Ruby programming language.
  • Manages Wi-Fi service for a large number of attendees (approx 1,300 devices); GitHub Repo, Blog post (2023), Blog post (2017)
  • Run Sponsor Relations; Maintains sponsor-app for CRM.
  • Operated virtual venue during COVID-19 for remote attendees; Built a web application called takeout-app.
  • Wi-Fi and Network Operations; Running a large Wi-Fi network for attendees.


Committer (developer)
February 2011 - present
  • Contribute as a committer of Ruby programming language.
  • Also participate as a member of official web site editorial team.


Organizer and problem writer (final round)
April 2020 - October 2020

IOI 2018 (30th Int'l Olympiad in Informatics)

Tech lead, Host Technical Committee
July 2017 - September 2018
  • IOI is the large, annual international competitive programming contest for secondary school students. IOI 2018 was held in Japan, and I participated as a tech lead in its host country technical committee.
  • Designed and built a whole infrastructure to run on-site competitive programming contest on AWS and on-premises; Deploying judging systems, printing systems, translation support systems, contest seating management systems, on-site IP network with strict security policies.


Organizer and problem writer
August 2014 - November 2014

March 2011 - December 2011
  • provided informations for victims of 3.11 Japan disaster.
  • I re-built Twitter crawler to improve performance, and added location based search using GPS for mobile devices.

Find more contributions at my GitHub.

Skills, Expertises



Honors, Awards and Prizes

AWS GameDay at re:Invent 2022: 1st place (Monday Afternoon)

December 2022

ISUCON9: 1st place

September 2019 - November 2019

AWS GameDay at re:Invent 2019: 1st place (Afternoon)

December 2019

ISUCON5: 2nd place

September 2015 - November 2015

第 7 回 日本OSS奨励賞 (Japan OSS Contributors Award)

March 2012

Other Affiliations

Kyoto university Microcomputer Club (KMC)

Member, Sysadmin
August 2014 - present


Utsunomiya-shi Yohoku Junior High School '12

April 2009 - March 2012
  • 宇都宮市立陽北中学校