Assess code for security vulnerabilities and malicious intent. Provide last tier escalation for assurance investigations. Build tools to investigate network anomaly detections. Design and support infrastructure of forensic investigations of detected malware.
Develop custom tools to streamline and automate forensic investigations. This includes automation to enrich event detections within Oracle Corporate XSOAR platform, command line utilities to interact with OCI services, as well as reporting and metrics collection and presentation for executive dashboards.
Review proposed architectural and policy changes within our customer secure OCI tenancies to mitigate assurance risks related to US protected personal information
Provided automation and architecture support for security in multi-cloud environment. Security based architectural design and review, automation of security auditing and policy enforcement.
Provided extensive support to the organization in the effort to migrate instances, data and services from AWS into OCI realizing a cost savings of $2.5M per month. Developed terraform modules to facilitate migration of EC2 instances, Kubernetes clusters, and managed databases into OCI.
Wrote multiple standards and RFCs covering security requirements for dev teams. Developed automation for generation of secure policies to be used by dev teams deploying their applications into kubernetes.
Created a library of secure configuration manifests, reviewed, approved, and cryptographically signed by security, for the developers to leverage in their deployments. The design allowed the digital signature to be validated by the OPA gatekeeper in our kubernetes clusters to block modified policies from being deployed.
Provided support to development teams in resolving security vulnerabilities in code, whether SAST findings or CSVs found in dependency scanning.
Wrote extensive automation for auditing our infrastructure and reporting problems with security posture of services, instances and applications deployed in kubernetes. Findings reporting in dashboards in Opensearch Kibana and Splunk.
Leveraged Tanium's custom sensor and action capabilities to function as an orchestration platform for deploying security tools into our estate, then monitoring and managing those tools.
Implemented logging support using Fluent-bit for kubernetes clusters to send application logs to Opensearch for developers, and security logs to our Splunk SIEM.
Created a cloud inventory system for tracking instances and services deployed into AWS and OCI to drive reporting on security compliance and cost.
Performed analysis and correlation of intrusion detection system events, firewall events, access logs, AWS cloud trails and linux/windows system logs to detect active intrusion attempts in near real-time.
Lead a development team in operations to create automation for management of cloud systems in Amazon Web Services and future Oracle Public Cloud. Focus on provisioning and monitoring with special attention to cost management and analysis of access data using spark and hadoop. Products include policy enforcement in cloud environments, automation of user credential management, self service instance deployment based on terraform templates, mesos cluster autoscaling.
Selected for management. Focus of my influence expands to include architecture, deployment and support of new technologies including Elasticsearch, Linux containerization, Apache Mesos, Celery/RabbitMQ and SaltStack, among others. Working to improve the utilization of our ~900 node continuous integration cluster by leveraging containers for process isolation and resource management.
Co-founded DevOps group for Linux division Build, Automation, Integration and Test group (BAIT) which provides continuous integration services for all Linux based development in Qualcomm's Open Source organization. Supported systems include embedded Linux, Android, Samsung Tizen, Google ChromeOS, Qualcomm Dragonboard Linux and Ubuntu driver development.
Duties revolve around continuous integration with more than 10,000 builds per week, system configuration automation and orchestration of approximately 900 build hosts, management of 200TB storage for build artifacts and process engineering of all aspects of build automation and release.
Recruited to start an Operations Development team to help grow the company by automating provisioning and maintenance while leveraging my experience as a system administrator
Supported Enki customers' virtual private datacenters, developed automation software to collect billing metrics, generate billing reports, give customers the ability to power on and off virtual machines via the VMWare vSphere WAPI, manage public IP space and orchestrate deployment of new virtual machines and data centers.
Lead the implementation, deployment and migration to a new Customer Relations Management system, migrating from Netsuite for a savings in excess of $20K/yr in in licensing and giving the company increased control of the support ticket workflow.
Promoted to department manager. Duties remain the same with the addition of more project management and interdepartmental coordination. Still primarily (70%) a software developer and I try to maintain more of a mentor/team lead relationship with my reports than that of a manager.
Since early 2009 the team's focus has been on instituting structure to our chaotic development environment and maturing our process. We have adopted scrum to manage projects and are working to develop a system of lightweight artifacts that our support software design and form the foundation of documentation for our systems.
Completed training to become a Scrum Alliance certified ScrumMaster.
Part of the small team of network and access engineers responsible for developing software to assist the engineering department in the management of the WildBlue satellites and network planning and deployment. stations.