I'm an experienced developer and leader, with a technical focus on backend engineering and security.
- Reverse engineering Vine - I reverse engineered the Vine API, including extracting AWS keys from the iOS app.
- goto fail POC - I wrote a proof of concept for the Apple "goto fail" flaw in Go.
- Yak Shaving Day: Rails Asset Precompilation to Kernel Debugging - A very deep investigation of a bug in a Rails application.
Six Trees Capital CTO, June 2017 - March 2018
Six Trees Capital is a small startup firm working in financial technology. I helped architect and build their initial product Max My Interest on a contract basis, and returned to expand the technical team and perform work as an individual contributor. Responsibilities included moving their ops environment to CloudFormation, improving service reliability and scalability, building out an API specification for integrations with financial institutions, hiring, and other hands-on security and development work.
Timshel Platform Engineer, June 2015 - June 2017
At Timshel I worked on The Groundwork, the platform that provided the APIs powering much of the 2016 Hillary Clinton presidential campaign website.
The technology stack was a microservice-based distributed system built largely in Python and Go on AWS, and my responsibilities included building out and maintaining the API gateway all requests were served through, security auditing and feature work, and general platform tooling and maintenance. I helped with tasks ranging from identifying a bug in libpq (the C PostgreSQL client library) to maintaining availability during high traffic periods such as the Democratic National Convention and the days around the 2016 presidential election.
Table XI Contractor, May 2013 - May 2015
At Table XI, I worked on a wide variety of projects. I helped launch a financial technology startup, building out high security infrastructure in Ruby, Go, and C, including a two-man rule deployment system and banking website browser automation. I also worked on image processing, OCR, and security for an iOS application, security review and fixes for a legacy Rails application, React front-end work for a new Rails application, and Node.js code to run on AWS Lambda.
Lightspeed Systems Senior Software Engineer, Jan 2013 - Apr 2013
At Lightspeed, I worked on a mobile device management application for K-12 education. I instrumented the application to collect metrics, set up a continuous integration system (Jenkins) for the team, helped optimize our MySQL setup, introduced used of Chef, and performed extensive refactors on the Rails application.
Desktime Software Roustabout, Feb 2012 - Jan 2013
I worked predominantly in Rails and Coffeescript, building an application that allows owners of co-working spaces to manage booking and payments. Duties also included release engineering and participating in product development discussions. Desktime is an offshoot of a design and development agency, One Design, and I also worked on light systems administration, and performed maintenance work on older Rails apps.
Centro Engineer/Development Lead, Feb 2008 - Feb 2009, Aug 2009 - Feb 2012
I worked at Centro in two separate stints, taking time off to pursue some contract opportunities in between. I worked on a multitude of Rails applications built to manage the complexities of large digital advertising campaigns. Before I left I was reporting to the CEO in a management capacity.
In my time there I introduced continuous integration to the team, patched our deployment tool for better git support, wrote a server-side JS testing framework, worked on ERP integration, lead an effort to split a very large monolithic Rails app into multiple smaller RESTful services, and herded a large number of cats, amongst many other things.
Rosetta Stone Developer, Apr 2006 - Feb 2008
I worked on a team that largely focused on building Rails web services as a backend to language learning applications. We ported various Apache Cocoon and EJB applications to Rails successfully, allowing us to move more quickly, build new features, and fix bugs again.
During my time there I ended up building a Win32 service based version of
mongrel_cluster, wrote a Ruby C extension to allow for shipping obfuscated
Ruby code to customers, worked on a web crawler, and fixed a Rails security
hole before an official fix was released.