-
Notifications
You must be signed in to change notification settings - Fork 1
/
experience.json
105 lines (105 loc) · 7.6 KB
/
experience.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
[{
"Employer": "MuleSoft",
"Role": "Senior Platform Engineer",
"Location": "San Francisco, CA",
"TimeFrame": "August 2017 - Current",
"Responsibilities": [
"Operated the entire lifecycle and management of Harbor, our internal OCI registry. The registry was deployed via Helm to Kubernetes, Configured with Terraform and utilizing all features including centralized authentication, replication to ECR and security scanning of all images using Clair",
"Extended Kubernetes using CRDs and service catalog API to provide extended functionality such as IAM credentials to pods, Public cloud infrastructure provisioning and service mesh injection",
"Automated the entire incident process including alerting, documenting and recording of all incidents using Slack, Pagerduty, Jira and NewRelic",
"Own the reliability of production systems across development and production environments in US, EU and AWS GovCloud",
"Integrated Terraform, Ansible, Packer to create and version the AWS Infrastructure, designing, automating, implementing and sustainment of Amazon machine images (AMI) across the cloud environments",
"Lead the implementation of secure cloud architecture best practices & Pioneered Infrastructure-As-Code wherever possible",
"Integrated NewRelic as an automated, unified monitoring platform and reduce MTTR",
"Architected, deployed and operated high traffic micro-services on multi region large scale deployments to manage over sixty thousand runtimes by operating the core platform to ensure consistency, availability and reliability using tooling such as Kubernetes, Spinnaker and Jenkins",
"Automated monitoring and observability for all critical Core Platform services",
"Actively involved and hands-on in writing infrastructure tools and services for internal teams in Go, Python, and Bash",
"Developed and maintained automation to manage our cluster automation to securely upgrade our running clusters both in-place and through a multi cluster model with DNS based cut overs for zero downtime to our internal and external customers"
]
},
{
"Employer": "Lookout, Inc",
"Role": "Senior Security Engineer",
"Location": "San Francisco, CA",
"TimeFrame": "January 2015 - August 2017",
"Responsibilities": [
"Produced weekly hardened AMIs for multiple flavours of Linux which all of Lookout Infrastructure is deployed on. This was achieved using packer and debian packages deployed through Spinnaker. This allowed us to achieve federal compliance",
"Deployed and responsible for Cerberus - an opensource tool for Secrets management. This has been integrated with our CI/CD pipeline along with being used by all services for secure transportation of secrets",
"Deployed and maintained infosec Kubernetes clusters running CoreOS. All security microservices were migrated to this cluster",
"Created and managed entire PKI infrastructure including multiple offline Certificate and Validation Authorities, OCSP responders and our public facing certificates",
"Architected completely automated vulnerability management system using Nexpose and Nessus deployed with terraform and chef within AWS",
"Managed the Intrusion Detection System (IDS) infrastructure and responded to all suspicious traffic alerts with all office and datacenter networks",
"Secured all Lookout AWS accounts using a mix of open source and in house tool hosted in containers and AWS lambda",
"Architected the deployment of all security monitoring tools at Lookout. This included osquery, ossec auditd, GRR agent, scout2, security monkey and developed the process of responding to all alerts triggered",
"Migrated all security tools from the DataCenter to AWS including internal PKI infrastructure",
"Created environments for contractors to securely connect to our infrastructure. This included bastion hosts which are monitored, have secure key exchanges, fine grained policies that only allow for them to access the resources that are necessary",
"Developed automated process to securely erased all sensitive PII data on our physical hardware during the migration to AWS",
"Held company wide phishing campaigns using the tool GoPhish and custom templates. This allowed InfoSec to teach and promote security awareness throughout the organisation. This was deployed using Kubernetes and docker",
"Member of the Principal working group for AWS best practices",
"Member of the AppSec Champions initiative to promote security best practices across the engineering organisation",
"Participated in the Lookout migration to AWS which allowed for our consumer product to have zero downtime and function within the cloud",
"Developed a code review pipeline for AWS IAM policies in production. This allowed for a source of truth for all policies and the tightening of permissions within production",
"Provided DFIR analysis to all potentially infected machines within all Lookout network's",
"Created a tool (in golang) that allowed secure bootstrapping of systems from s3. This meant we were able to keep secrets out of plaintext repositories and into s3 buckets protected by IAM / bucket policies",
"Developed an osquery table extension that allowed the collection of AWS tags through the use of a role. This allowed our AWS tags to be ingested into our security event system",
"Developed multiple bots using AWS lambda functions with API gateways for various different functions",
"Developed processes and procedures for offboarding users. Often was responsible for offboarding employees with production access",
"Helped remediate issues and communication with researches through our bug bounty program with HackerOne"
]
},
{
"Employer": "Ultimatum, Inc",
"Role": "CSO, CIO",
"Location": "San Francisco, CA",
"TimeFrame": "2015 - 2018",
"Responsibilities": [
"Architected and deployed secure CI/CD infrastructure",
"Automated all backend architecture for creation of new environments",
"Maintained and updated all clusters that the Ultimatum platform runs on",
"Created monitoring for all microservices within the Ultimatum platform",
"Implemented a secure way of handling all company and environment secrets that allowed version control for audits"
]
},
{
"Employer": "Newedge - Societe Generale",
"Role": "Onboarding Analyst",
"Location": "Singapore",
"TimeFrame": "August 2014 - December 2014",
"Responsibilities": [
"Managed the implementation and onboarding of new client accounts",
"Perform initial sanity checks on documentation packages ensuring all activities are captured, accurately reviewed and processed in a timely fashion",
"Dealing with customers' requests concerning different changes on their accounts",
"Automated communication required to advise customers on changes to their accounts"
]
},
{
"Employer": "Self Employed",
"Role": "Swimming Instructor",
"Location": "Singapore",
"TimeFrame": "2009 - 2014",
"Responsibilities": [
"Created lesson plans for all students",
"Facilitated the certification process within the swimming lesson",
"Handled all finances and scheduling management"
]
},
{
"Employer": "Perth Duty Free",
"Role": "Warehouse Operations",
"Location": "Perth",
"TimeFrame": "2010 - 2012",
"Responsibilities": [
"Preparing and completing orders for delivery or pickup according to schedule",
"Receiving and processing warehouse stock products",
"Performing inventory controls and keeping quality standards high for audits"
]
},
{
"Employer": "Dimension Data",
"Role": "Work Experience",
"Location": "Perth",
"TimeFrame": "2009",
"Responsibilities": [
"Configuring and deploying Cisco routers"
]
}]