I architect, automate, and secure resilient technical infrastructure, with proven experience in large cloud service provider and financial institutions. My passion is building systems that are not only scalable and cost-effective but also secure by design. I have significant interests in Linux systems administration, Python code development, virtualized infrastructure, and security.

What I Do

• Infrastructure Engineering (Cloud and Data Center): Designing, deploying, and optimizing Linux-based systems up to thousands of servers
• Systems Automation: Developing software code that eliminates manual operations toil, such as system provisioning, server fleet maintenance, or database migrations
• Security Automation: Building and orchestrating security detection and response using custom Python tooling and/or commercial SOAR platforms
• SRE & Observability: Implementing SRE practices to improve system reliability, from reducing MTTR with automated responses to building robust monitoring systems

Selected Projects

Critical Data Center Power Telemetry

• Prevented data center outages by building a custom, rack-level power (PDU) telemetry solution for 30+ racks / 1K+ servers
• Collaborated with Data Center Engineering to quantify kW draw of ‘hot shards’ allowing rebalancing of physical server hardware

Simplified Linux Authentication

• Proved standard tools (sssd, realmd, kerberos) resulted in lower complexity and TCO relative to costly vendor solutions
• Proactively reduced potential issues via extensive fault testing e.g. network partition events

Compromised Credentials Detection

• Enabled DFIR teams to investigate and remediate compromised credentials in seconds via building foundational Python code leveraging LDAPv3
• Overcame integration hurdles with on-premises IAM platforms such as Oracle ODSEE and NetIQ Identity Manager

Auto-Remediation for Non-Compliant AWS Infrastructure

• Prevented insecure AWS cloud deployments by contributing Python components for a security compliance engine built on AWS Lambda
• Lowered manual deployment toil for this service across many AWS accounts via standard IaC tools (Terraform, Jenkins)
• Team’s efforts were showcased at AWS re:Inforce 2019

Containerized Cyber Operations Range (Research)

• Demonstrated the viability of using lightweight application virtualization over ‘full’ virtualization (KVM, VMware, etc) for cyber exercises
• Architected and deployed the initial iteration of bare metal Linux, Kubernetes, and network infrastructure
• Contributed to a research paper presented at National Cyber Summit 2017 - University of Alabama in Huntsville

Technical Skills

• Operating Systems: Linux (Troubleshooting, Storage, Containers, Networking, Monitoring)
• Languages & Scripting: Python, Bash, Terraform, Ansible, Chef
• Cloud & Virtualization: AWS (EC2, S3, IAM, VPC, Lambda), Docker, Kubernetes
• Security & Monitoring: XSOAR, Vault, Splunk, Datadog
• Networking: TCP/UDP, IPv4, DNS, HTTP, SSL/TLS, LDAP, Kerberos, SNMPv3

Contact

• Email: [email protected]
• Resume: Available On Request