Career Profile

Linux Nerd and DevSecOps Leader with over 20 years of hands-on technical and leadership experience in building of large scale systems.

Experiences

Lead Information Security Engineer

2021 - Present
Greenhouse Software

Protecting the Infrastructure that powers hiring. A key person for the infrastructure security program at Greenhouse, ensuring the confidentiality, integrity, and availability of critical systems and data. Cross-trained other security engineers on the infrastructure programs; fostering collaboration and skill development to help expand their knowledge and career plans. Implemented robust security controls and protocols, significantly enhancing the company’s overall cybersecurity posture. Developed and executed comprehensive security strategies, aligning them with business objectives and industry best practices. Conducted regular risk assessments, vulnerability assessments, and penetration testing to identify and mitigate potential security threats. Successfully designed and implemented incident response plans, minimizing the impact of security incidents and ensuring rapid recovery. Collaborated with cross-functional teams to integrate security practices into the development lifecycle, promoting a culture of security awareness. Established and maintained strong relationships with external security partners, vendors, and industry peers to stay abreast of emerging threats and technologies. Played a pivotal role in achieving and maintaining industry-recognized certifications and compliance standards for the organization.

Senior Security Engineer

2019 - 2021
Blueshift Labs

Fostering security, one email at a time. Created a culture of information security awareness with the different teams that support Blueshift through a program that included monthly e-mails, webinars, how-to’s for engineers, and 1:1 employee training via zoom. Worked with engineering teams to show them SDLC fundamentals and brought git gpg signing to the engineering team. Point of contact of all security issues within the support, devops, and product team. Implemented full SSO within Blueshift and included vendors that supported SSO natively in procurement cycles. Screened new vendors for GRC compliance within our different accredited frameworks (SOC 2 Type II, HI-TRUST.)

In-Store Technology Architect

2017 - 2019
Luxottica

Orchestrating DevOps In Retail. Lead a team of contractors who managed the day-to-day in store retail operations at a technology, network, and security level. Managed the building, deploying, configuration, and refurbishment (‘depot’) process of in store servers, along with all relevant reporting through Luxottica’s internal reporting and management tool, which I championed a complete rewrite from Perl/ModPerl/Catalyst to Python, Django, and ReactJS. Final point of escalation for dhcp, dns, linux, payment processing, and point of sales issues. Key person for SOC2 and PCI-DSS compliance efforts internally.

Infrastructure Architect

2010 - 2017
Sapient.Publicis

Delivered Complex DevOps Solutions to global clients. Initially responsible for maintaining the build, release, secure, and deployment tool set for the government services branch of Sapient. Maintained ITAR and sensitive project compliance and performed security sweeps of the network in addition to verifying third-party security scans. Moved ITAR compliant items from an in-house data center to Amazon’s GovCloud. Promoted a DevOps culture by being a technical leader for chef, vagrant, docker, packer, and other tools to push and promote leaner software deployment times for teams and other projects. Built and designed hadoop and microservices based deployments for Fortune 50 companies.

Build/Release Engineer

2005 - 2010
CollabNet

Bringing Modern Delivery to Legacy Software. Responsible for the support and success of our internal data center deployments. Promoted to engineering team after two years in support, working in a release and utility/tools engineering role. Maintained both internal, as well as externally facing installations of our J2EE based software, CollabNet Enterprise Edition. Pushed for, and developed the software for packaging our software into an RPM format, then maintaining a yum repository for ease of upgrades. Worked hand-in-hand with the Professional Services team to build, deploy, and maintain one-off pieces of software for government clients. Traveled to customer sites to troubleshoot issues when needed.

Hardware Staff Engineer

2001 - 2005
IBM Retail Marketing

Building Point of Sales Solutions around the globe. Responsible for the design, build, and deployment of custom point-of-sales solutions for small businesses to large (Fortune 10+) retailers.

Projects

Open Source is an integral part of who I am. I believe in full disclosure, open source, and open firmware and services. Simply put, I wouldn’t be who I am today without Open Source in my life.

get-aws-ssm-session - Quick utility to get Session Tokens in a format that your console will love.
BuildSentry - Want to deploy Sentry, without the hassle of deploying Sentry? Use this terraform module.
Hive13 Door Controller - IoT Framework for hackerspace in Cincinnati, Ohio.

Skills & Proficiency

Linux/Unix system administration

Shell and Scripting Languages

Terraform and Infrastructure As Code/GitOps

Kubernetes

Penetration Testing and Auditing

Database Administration

Building, Testing, Packaging, Securing, and Deploying Software

Docker

Hashicorp Vault, Nomad, and Consul

Application Monitoring and Performance Tuning

Continuous Integration, Continuous Delivery, Continuous Security

Intrusion Detection and Analysis

Security Compliance As Code

FedRamp, HIPAA HiTRUST, SOC 2, ISO-27001

Cloud Technologies

Hardware Hacking

Server Configuration Management (Puppet, Chef, Ansible, Salt)

Machine Learning