Jekyll::Drops::SiteDrop

Summary

I am a Pincipal Software Engineer focusing on DevOps with 17 year of technical experience. I apply DevOps' Agile principles to ensure that we deliver better code faster to production that meets the needs of stakeholders. I prefer to lead by example not rule by edict and am known for pragmatic creative problem solving.

  • More than 17 years of professional software engineering experience
  • Self-motivated, quick study, and not afraid to ask the stupid questions
  • Engineer with DevOps focus
  • Strong believer in over-communicating and IaC

Skills

Languages GoLang, Python, Ruby, Bash, CoffeeScript, Javascript, C/C++, Perl, Scala
Orchestration Kubernetes, Ansible, Capistrano, Puppet, Chef
Monitoring Prometheus, CloudWatch, Senus
Continuous Integration Bitbucket Pipelines, Travis CI, Jenkins, Concourse
Authorization Protocols OpenID Connect (JWT), SAML (IdP, SP), OAuth, OpenID
Databases PostgreSQL, SQLite, MySQL, ElasticSearch, Redis
OS Mac OS X, Linux (Alpine, RHEL, CentOS, Ubuntu)
Version Control Git, SVN, CVS, VSS, RCS
Services / APIs Github, HipChat, AWS, Campfire, Facebook, Twitter, IRC
Life Cycle Scrum, BDD/TDD, Pair Programming
Web Frameworks Jekyll, Hugo, Ruby on Rails, Sinatra, ExtJS, jQuery
Virtualization Docker, Linux Containers, Vagrant, VirtualBox, VMware (EAX, Desktop), AWS EC2

Open Source Contributions

  • Simian Army - A bash based implementation of Netflix's Simian Army
  • Crawler - A GoLang web-crawler example
    • A Clojure version is here.
  • Dijkstra - A ruby implementation of the Dijkstra Algorithm.
  • SAML IdP - SAML IdP Gem to convert a Rails app into a SAML IdP.
    • An app including the gem is here.
    • A SAML client reference app here.
  • Rubot - A chat bot to do simple things.
  • Simple AREL - Extends Rails / ActiveModel to include "not", "or", and comparisons like ">", "<".
  • statsd - Network daemon to aggregate statistics.
  • Parallel - Run things in parallel in ruby.
  • Carrierwave Direct - Allow direct file uploads to Amazon S3.
  • Bunco - A simple score card for the Bunco dice game.
  • Resume - My resume is also open source!

Work Experience

Opaq (formerly FourV Systems) - Principal DevOps Engineer February 2016 - Present

Designed a multi-tenant archetecture for FourV's Greyspark product; saving the company $196K / month over the original single-tenant archetecture. First layer of tenancy is a share-nothing layer similar to single-tenancy; allowing stricter guarantees at greater cost. Second layer is a share-resources layer similar to traditional multi-tenancy. Allowed us to cost target customers based on their expected needs.

Designed and helped migrate the existing FourV Greyspark product from custom built AMIs to docker containers running on Kubernetes. Designed and implemented Kubernetes deployers for AWS, and VMware vSphere. Used IaC principles so both the platform and product drive deployment state from YAML configuration files checked into Git.

Developed self-monitoring ElasticSearch cluster to support Greyspark's event exploration feature. ES is fully multi-tenant using OpenID Connect JWT tokens to provide data isolation. Uses best practices to ensure it can dynamically expand to petabytes of storage. ES nodes have custom developed watch-dogs which looks for known instabilities and performs corrective actions automatically.

Designed and built Kubernetes monitoring solution based on Prometheus and Grafana, which monitors all next-gen products and Cloud infrastructure in actionable Dashboards and Alerts. Implementation based on Google's SRE monitoring philosophy of customer important actionable alerts.

Designed and implemented SSO solution unifying all product logins using OpenID Connect. Designed permission model over JWT that supports the multi-deployment multi-tenant requirements of Greyspark while allowing for MFA and AD passthrough for our enterprise customers.

Productized log aggregation solutions based on syslog-ng capable of handling 50K messages per second ingesting into FourV's Greyspark product. Designed and implemented retry-backoff method which guarantees no messages can be lost in-product. Product is released as AMIs, or minified OVAs. All deployments auto-update each night to latest stable release.

Designed and implemented a company-wide monitoring solution using Sensu. Monitors all production deployments, as well as critical internal and external infrastructure.

Designed and implemented Continuous Integration pipelines for all repos and products; including dev release to QA and QA's final release to customers. Integrated code coverage into a Pull Request review process to ensure code quality.

Designed release versioning and branching solution that works across all 20+ FourV repos. Version based on semantic versioning with optional hot-patch indicator and release candidate indicator. The branching solution similar to GitFlow; takes into account versioning across multiple repositories even when used across multiple products.

Lookingglass Cyber Solutions, Inc. - Head of Release Engineering April 2014 - Feburary 2016

Created a GoLang CLI command suite to translate Nfcapd files into bidirectional network telemetry format that could be ingested and compared against global threat intel data.

Implemented a reporting back-end which took network telemetry data and compared it against global threat intel data. Through custom SQL and Postgres tricks brought a 10+ minute queries down to <30s without any loss in fidelity.

Designed and implemented a release pipeline using Jenkins and dockers containers that builds the full product, installs it, tests it, makes it available in <2 hours. Included a full automated system test suite to test our next-gen analytical platform using Selenium and custom Clojure. Provisions a cluster (erases data, install test OS) loads test data, and runs behavioral and back-end tests.

Designed and implemented a 3 Tier technical support process taking the average time to resolution from weeks to less then a day.

Waterfall Software, Inc. - Head of Engineering October 2011 - April 2014
  • Architected and implemented high availability Micro-services based SaaS platform using AWS and Heroku services and SAML for SSO. Full continuous deployment achieving multiple weekly deployments with <1m downtime.
  • Designed and built custom full PCI compliant E-Commerce engine w/ inventory management and promotions engine, CMS, Forum, training module w/ tests.
  • Integrated 3rd party Video editing and steaming software to drive TVs at physical locations. Designed the manufacturing process to drop-ship PocketTV devices configured with connection and auth details so location owners just needed to plugin the devices.
Boeing (via Edge Professional Services) - Senior Software Engineer February 2011 - October 2011
  • Instituted Agile TDD/BDD development methodology including Scrum, Pair programming, Code Reviews, and Continuous Integration. Reduced release cycle from quarterly to two weeks, enabling more focused execution and planning. Ensured completion of all committed-to work.
  • Designed and built a Ruby on Rails based dashboard to visual top-secret data from security community, utilizing NoSQL to store data. Used Ruby to develop data-gathering software to fill dashboard with non-top-secret data.
Infoblox, Inc. (formerly Netcordia Inc.) - Senior Software Engineer December 2007 - February 2011
  • Created an Web Management Interface using ExtJS / Ruby on Rails for the NetMRI product. Including a JS graphing library to visualize real-time ethernet metrics. And BIRT reports targeting ISO 27002 and PCI compliance. Full unit test coverage using Rspec and Jasmine with CruiseControl.rb for continuous integration.
  • Wrote data-consolidation engine to consolidate up to 50 NetMRIs into a single managed topology for geo-located policy enforcement
  • Added device support to many devices to NetMRI via SNMP, terminal emulation via Telnet or SSH, and screen scraping. Devices include Riverbed Network Monitors, Cisco and Juniper Routers.
Patton Electronic Co. - Senior Software Engineer Janurary 2001 - December 2007
  • Productized two IP DSLAM devices using a custom build embedded Linux OS.
  • Created an embedded version of Python used as a CORBA management plane and Web based UI to scale management of hundreds of edge devices.
  • Developed a Java GUI to visualize and setup an H110 monoplex backplane for Patton's "Blade" line of products.

Education

  • Certified Ethical Hacker, 2007, EC Council
  • B.S. Software Engineer, 2003, Capitol College, Magna Cum Laude
  • B.S. Computer Engineer, 2003, Capitol College, Cum Laude