Cloud

  Containers

  Savings

  Security

Technology is my passion. I've shaped my life, and 15+ years of professional experience around it. AWS is my playground. As an AWS Certified Security Professional, I seek to ensure businesses can take full advantage of everything it has to offer.

The cloud is a superpower that a driven professional can use to make his impact on the world. Applying cutting edge information technology in clever and intuitive ways is what I do. I work every day to move the needle on cloud compliance for efficiency, security, and cost optimization using the latest in containers, serverless, and automation.

My accomplishments include raising compliance and lowering costs, always doing Enterprise AWS right, and making the cloud easy. I continue to tinker and published my own innovative solutions to technology problems.

2014-20
Lead Cloud Security Engineer, Cimpress

 Analyzed and addressed security and spending risks across hundreds of AWS accounts, and millions of dollars in infrastructure spending.

 Learned wide array of AWS services, cloud security & cost control implementations, actively exploited vulnerabilities, and secure coding practices.

 Developed education, detection, and mitigation strategies that enabled software engineers to build secure applications in the cloud without overspending.

Lead DevOps Engineer, Cimpress

 Organized migration to robust CI/CD infrastructure and provided complete platform upon which software engineers can review, build, test, deploy, and monitor.

 Learned configuration management and infrastructure automation, logging and monitoring, IT project management, SDLC, containers, and Linux administration.

 Improved SCM, CI/CD, and artifact management uptime and reliability. Provided path forward, removing dependencies on legacy and outdated platforms.

2008-13
Sr. Problem Manager, Vistaprint

 Analyzed, prioritized, & managed the resolution of a wide variety of costly business problems during both business hours and 24x7 on-call.

 Learned emergency problem triage and analysis, global communication and efficient problem management, and cost & postmortem analysis.

 Minimized the impact of ongoing production issues, saving tens of thousands of dollars each week. Prevented re-occurrence of problems through accurate and complete analysis. Briefed executives with summaries of high-impact business problems.

Sr. Systems Administrator, Vistaprint

 Performed maintenance, monitoring, and code deployments on global production infrastructure. Developed tools for systematizing manual tasks.

 Learned e-commerce IT operations, web development, change & work management, and Windows domain administration.

 Increased site uptime and reliability. Enabled consistent work tracking and site health historical analysis through tooling.

2004-07
Systems Engineer, IT4

 Designed and assembled desktop and portable computer systems for use by law enforcement during forensic collection of computer crimes evidence.

 Learned system design, customer service, vendor management, quality assurance, and on-site technical skills.

 Increased product quality baseline and lowered frequency of repair and warranty returns.

IT Problem Manager
Cloud Security Engineer
Cloud Solutions Architect
DevOps Engineer
Software Engineer
Network Administrator
AWS Compute
AWS Management
AWS Database
AWS Storage
AWS Security
Compliance
TLS
Crypto
  Linux
  Mac
  Windows
Docker
Terraform
Git
CI/CD
JavaScript
Go
Ruby
C#
PowerShell
AWS Networking
DNS/DHCP
VPN
Raising Compliance and Lowering Cost

Cimpress needed a simple way for our hundreds of engineers to stay on top of the security and control the costs of their cloud infrastructure.


I created an intuitive web app in node.js on Docker using data from CloudSploit and saw drastic improvement in our security compliance.


Next, I built a web app in node.js on AWS Lambda using data from Cloudability to provide actionable, cost-saving insight to engineers, directors, and leadership. This empowered significant cost savings in a self-service way.

Doing Enterprise AWS Right

Cimpress needed a way for the enterprise at large to use AWS effectively and securely. I spearheaded the company's strategy around adopting SSO for the cloud, for login and for API key generation.


This was achieved through partnership with Auth0, and the creation of several supporting tools in Ruby, PowerShell, and Golang.


I also developed a methodology for measuring the true cost of our microservices, even in cases where infrastructure is shared amongst several services.

Making Docker in AWS Easy

Recognizing a CI/CD usability gap in AWS ECS for software engineers using Docker, I created two tools around AWS ECS - one for building and deploying, and another for optimizing infrastructure.


This was achieved with node.js packages made available to the open source community for use by myself and my peers, as well as the public at large.


Available on npmjs.com

Building My Own Solutions

When I first started using Firefox, there was no way to strictly enforce HTTPS for all requests made by the browser (only add-ons to softly attempt HTTPS, with a fall back to HTTP).


So I built and published an add-on for Firefox called NoHTTP to accomplish this, and I use it every day to ensure my web browsing is always secure.


Published to the world at addons.mozilla.org

Applying Machine Learning in New Ways

To gain a deeper understanding of streaming video quality and practicality, I applied Netflix machine learning technology to the video standards used on Twitch.tv.


This was achieved by Dockerizing Netflix VMAF and collecting measurements from video encoded to Twitch's guidelines.


Published to the world at streamquality.report

Shedding Light on TLS

To learn more about TLS protocols, cipher suites, and named groups, I implemented a proxy that injects details about the current TLS session as request headers, along with the client's declared supported groups and suites.


This was achieved with nginx built with openssl 1.1.1 for TLSv1.3 support, and cross-referencing data with ciphersuite.info and safecurves.cr.yp.to to understand differences between them.


Deployed as ifconfig.lol