Human Security

Sr. DevOps Engineer
May 2022 - December 2023

• Designed a new CI system based on GitHub actions, ensuring developers can operate asynchronously from the Ops team - without becoming a "throw it over the fence" scenario for either team.
• Created policies to enforce commit and deploy approval rules and order, to ensure compliance while enabling developers and the ops team to move rapidly by reducing redundant approvals and frequent rejections.
• Orchestrated migration from GitLab to GitHub after merger, including migration of Merge Request comments and Wiki contents. This enabled more rapid platform consolidation, and significat cost optimizations by reducing redundant services.
• As part of the global 24/7 ops team: developed resiliency strategies and automated triage for apps lacking built-in resiliency, greatly reducing the number of incidents requiring manual intervention.

Human Security taught me the meaning of "Scale". Millions of connections at a time, billions per day, and sub-10ms latencies only scratch the surface. This was an incrediblie experience: I gained a very deep understanding of what high-throughput and high-reliability systems operate like in real-world conditions.

BurstIQ

Sr. Cloud Engineer
January 2020 - May 2022

• Designed and built an automated OpenSSL-based, Ansible-controlled CA enabling the platform to pass to FedRamp certification.
• Automated AWS Security Group change control and assignment through Git, Ansible, and Python. This allowed for dramaticly more granular control over all the services we were using in AWS, particularly for limiting outbound connections - removing the possibility for exploitation of vulnerabilities like Log4Shell.
• Implemented the ModSecurity WAF with the OWASP ruleset on our production sites to maintain security while working around the limitations of CloudFlare's WAF platform.
• Worked on the internal process control team, which led the company through two years of successful audits with zero exceptions.
• Migrated from a Jenkins-based build/deploy system to a BitBuicket Pipelines based build system, with deploys controlled by Ansible AWX. This enabled better integration of tests on code to allow the development team more flexability and accelerated the development pipeline.
• Separated application frontend hosting from backend hosting, utilizing AWS CloudFront for the frontend. This reduced load on the webserver by 30%, and greatly increased the responsiveness of the frontend - reducing load times for by as much as 80%.
• Created a tool to provision Jupyter Notebook Servers for use by client data science teams; enabling fast, secure, and bandwidth efficient access to large volumes of sensitive data.

BurstIQ is the first company I've worked at where technology was the primary focus of the company, and it has been wonderful the entire time I've been here. I've learned so much working here and could not have asked for a better team! The fast pace of development has been a big plus, and it's been awesome to see the things we work on deployed - and utilized - at scale!

Science Interactive Group

Acquired eScience Labs in August 2019

Infrastructure Engineer
January 2019 - January 2020

• Designed and managed a “Private Cloud” migration powered by oVirt and Docker. Systems from many different cloud providers were consolidated into one cost-efficient infrastructure.
• Merged users from three separate organizations into a single, new, heterogeneous domain including data from mailboxes, calendars, SharePoint, Google Drive, OneDrive, Teams, Chat, and Creative Cloud.
• Developed a continuous integration system to allow the content development teams to stage and test content in real-time with an automated nightly push of approved content. This enabled the CD teams to more rapidly deliver customized content and reduced the number of content errata needed by over 50% (pre/post).
• Automated server management tasks using Ansible, Group Policy, cron, and PowerShell, which reduced man-hours needed, and human error factors for maintenance and upgrade tasks.

eScience Labs was my first experience with rapid content delivery: courses would be customized and updated by the dozen several times a day leading up to the start of a semester, and it was an excellent learning opportunity. It was also neat to see an ERP platform utilized to its full potential - even if that came with handling direct technical application support (the worst part of the job)!

Stout Street Hospitality

Corporate Network Administrator
September 2016 - January 2019

• Facilitated migration of enterprise management of nine sites, with over 500 users in a 24/7 operation to a new hybrid-cloud infrastructure. (Hyper-V and Google Cloud)
• Helped design and implement redundancy and change-management schemes for all sites to minimize operations-impacting downtime.
• Upgraded firewalls at all sites from vendor-managed firewalls to internally managed (Palo Alto) firewalls to eliminate frequent unscheduled downtimes.
• Optimized various day-to-day operations and tasks such as user provisioning and automating reports with Python and PowerShell scripts.

Stout Street Hospitality (we called it 'SSH' internally, which thankfully only rarely got confusing) was the place where I got an intimate understanding of what a successful business looks like. The challenges that came with learning how to manage all the separate sites with real-time customer demands were interesting, and came with plenty of learning experiences!