Provided automation and architecture support for security in multi-cloud environment. Security based architectural design and review, automation of security auditing and policy enforcement.
Provided extensive support to the organization in the effort to migrate instances, data and services from AWS into OCI realizing a cost savings of $2.5M per month. Developed terraform modules to facilitate migration of EC2 instances, Kubernetes clusters, and managed databases into OCI.
Wrote multiple standards and RFCs covering security requirements for dev teams. Developed automation for generation of secure policies to be used by dev teams deploying their applications into kubernetes.
Created a library of secure configuration manifests, reviewed, approved, and cryptographically signed by security, for the developers to leverage in their deployments. The design allowed the digital signature to be validated by the OPA gatekeeper in our kubernetes clusters to block modified policies from being deployed.
Provided support to development teams in resolving security vulnerabilities in code, whether SAST findings or CSVs found in dependency scanning.
Wrote extensive automation for auditing our infrastructure and reporting problems with security posture of services, instances and applications deployed in kubernetes. Findings reporting in dashboards in Opensearch Kibana and Splunk.
Leveraged Tanium's custom sensor and action capabilities to function as an orchestration platform for deploying security tools into our estate, then monitoring and managing those tools.
Implemented logging support using Fluent-bit for kubernetes clusters to send application logs to Opensearch for developers and security logs to our Splunk SIEM.
Created a cloud inventory system for tracking instances and services deployed into AWS and OCI to drive reporting on security compliance and cost.
Performed analysis and correlation of intrusion detection system events, firewall events, access logs, AWS cloud trails and linux/windows system logs to detect active intrusion attempts in near real-time.
Lead a development team in operations to create automation for management of cloud systems in Amazon Web Services and future Oracle Public Cloud. Focus on provisioning and monitoring with special attention to cost management and analysis of access data using spark and hadoop. Products include policy enforcement in cloud environments, automation of user credential management, self service instance deployment based on terraform templates, mesos cluster autoscaling.
Selected for management. Focus of my influence expands to include architecture, deployment and support of new technologies including Elasticsearch, Linux containerization, Apache Mesos, Celery/RabbitMQ and SaltStack, among others. Working to improve the utilization of our ~900 node continuous integration cluster by leveraging containers for process isolation and resource management.
Co-founded DevOps group for Linux division Build, Automation, Integration and Test group (BAIT) which provides continuous integration services for all Linux based development in Qualcomm's Open Source organization. Supported systems include embedded Linux, Android, Samsung Tizen, Google ChromeOS, Qualcomm Dragonboard Linux and Ubuntu driver development.
Duties revolve around continuous integration with more than 10,000 builds per week, system configuration automation and orchestration of approximately 900 build hosts, management of 200TB storage for build artifacts and process engineering of all aspects of build automation and release.
Recruited to start an Operations Development team to help grow the company by automating provisioning and maintenance while leveraging my experience as a system administrator
Supported Enki customers' virtual private datacenters, developed automation software to collect billing metrics, generate billing reports, give customers the ability to power on and off virtual machines via the VMWare vSphere WAPI, manage public IP space and orchestrate deployment of new virtual machines and data centers.
Lead the implementation, deployment and migration to a new Customer Relations Management system, migrating from Netsuite for a savings in excess of $20K/yr in in licensing and giving the company increased control of the support ticket workflow.
Promoted to department manager. Duties remain the same with the addition of more project management and interdepartmental coordination. Still primarily (70%) a software developer and I try to maintain more of a mentor/team lead relationship with my reports than that of a manager.
Since early 2009 the team's focus has been on instituting structure to our chaotic development environment and maturing our process. We have adopted scrum to manage projects and are working to develop a system of lightweight artifacts that our support software design and form the foundation of documentation for our systems.
Completed training to become a Scrum Alliance certified ScrumMaster.
Part of the small team of network and access engineers responsible for developing software to assist the engineering department in the management of the WildBlue satellites and network planning and deployment. stations.
Maintained several high availability servers for the purpose of hosting FDA regulated blood and transfusion tracking software in a HIPAA controlled environment.
Responsible for maintenance and performance tuning of roughly 30 customer and internal Oracle instances. Automated the creation of new customer environments (unix accounts, application environment and 3 oracle instances) to a single command. Performed migration from Oracle 8 to 9i and maintained Oracle 10g instances for application validation in preparation for migration to that release.
Maintained multiple Solaris, SCO and Linux servers in two datacenters for disaster recovery and high availability. Datacenters were connected to each other and 10 customer VPNs via OSPF to provide fault-tolerant connectivity. Maintained OSPF and BGP on Netscreen and Cisco equipment.
Participated in a VMWare server consolidation project to run a multi-server application in a virtual machine environment.
Provided tier 3 support for 510K regulated blood tracking software.
Projects varied from router and firewall installations to development of browser based database front ends. Included was an ongoing support agreement with Sky Ridge Medical Center to maintain their Nortel Meridian Option 81c telephone switch.
Extensive development using Apache, Tomcat and JBoss with Java, J2EE and JSP for corporate commerce websites. Also, extensive PHP4 development.
Designed and developed provisioning system for the Level 3 Managed Modem product line. This system is the central database of reference for all Managed Modem provisioning data and interfaces with RADIUS, Viper Softswitch, Telephone Number Inventory, Level 3's router configuration generation system and Network Event Collector for billing mediation.
This system was written using Oracle, Perl, Python, Perl-Expect, PL/SQL, C and interfaced with other systems through Oracle DB links and custom interfaces developed in Perl and Python.
Designed and programmed process to automate the customization of Solaris servers for deployment in Level 3 gateway locations for DNS, NTP, Radius and statistics collection.