Director, Security Engineering | May 2022 - Present
Senior Manager, Security Engineering | July 2021 - April 2022
Manage a team of 8 engineers. Drive career development discussions, talent reviews, and interview panels. Ensure members of the team are on the right track with engineering deliverables.
Coordinate engineering resources with partner teams.
Participate in security architecture discussions and provide input to key decision making. Taking the output of these discussions and delivering it to my team and other stakeholders as engineering deliverables.
Provide technical leadership and guidance, mentor junior engineers, and participate in code reviews.
Lead Systems Security Engineer | August 2019 - July 2021
Technical lead for a team of three engineers. Drove Agile development, acting in Product Owner and Scrum Master roles.
Co-authored a project to implement Terraform static code analysis as part of the CI/CD pipeline, using Checkov, eventually scaling up to company-wide use.
Responsible for design and implementation of security solutions using AWS native services in GovCloud.
Senior Systems Security Engineer | April 2018 - August 2019
Maintained AAA (Authentication, Authorization and Accounting) infrastructure for Salesforce's core product.
Led effort to deploy Terraform across the Government Cloud infrastructure. Focused on AWS GovCloud Identity and Access Management.
Designed federated authentication and centralized logging mechanisms in AWS GovCloud.
Used Puppet and other configuration management frameworks to implement security controls for FedRAMP Moderate and High, and DISA IL4 compliance.
Blackboard
Senior DevOps Security Engineer | November 2016 - April 2018
Researched, designed, developed, documented and implemented solutions for fault tolerance, performance, capacity, and configuration management for various data center operations.
Defined, planned, designed, and evaluated information security systems.
Designed, implemented, and maintained security infrastructure.
Led a team of security automation engineers to identify platform vulnerabilities, help design and implement security solutions.
Contributed to and maintained security posture of the platform.
Served as a mentor to other Security and DevOps engineers.
Designed, developed and implemented documentation or tools to facilitate Technical Support team responsibilities.
Identified and drove opportunities to improve automation for deployment, management, and tooling, using Python, Ruby and Groovy, among other languages.
Supported and improved a highly available and fault tolerant SaaS offering.
The Washington Post
Senior Infrastructure Engineer | January 2015 - November 2016
Implemented ephemeral, long-lived and immutable infrastructure as code, using AWS CloudFormation and internally-built solutions.
Maintained infrastructure resources in an auditable and repeatable fashion using configuration management platforms and version control systems.
Was responsible for designing and implementing robust network and security architectures.
Helped to maintain a strong information security posture for data in transit and data at rest.
Provided expertise to software developers on AWS foundational services, such as EC2 (incl. EBS, ASG, ELB), VPC/Direct Connect, Route53, S3, IAM/KMS, RDS, SNS, SQS, SES, and CloudWatch.
Contributed to internal software projects, centered around the orchestration of infrastructure resources and the continuous deployment of containerized applications to test and production environments.
Unix Systems Engineer | December 2011 - January 2015
Managed physical and cloud-based infrastructure for the print, mobile, and web properties of Washington Post Media.
Supported content management systems and applications utilizing Apache, Nginx, Tomcat, and dynamic Java applications deployed on Glassfish or WebLogic application servers.
Maintained Unix production, stage, and test environments, utilizing RedHat 5/6/7, CentOS 5/6/7, Solaris 9 & 10, AIX 5.3, HP-UX and Mac OS X Server.
Performed code deployments for development teams.
Carried out system maintenance and upgrades as needed, including backups and restorations.
Participated in 24x7 on-call rotation.
Assisted with a major datacenter relocation.
Client Systems Engineer | September 2010 - December 2011
Developed and maintained Windows and Mac desktop images, software deployments, and application patching while also identifying and resolving desktop security issues.
Provided technical expertise to assist with implementation of desktop technologies: Windows and Mac desktops and laptops and their operating systems, desktop applications, management systems, and tools.
Created and supported desktop management related technical policies and procedures; helped to create and maintain related documentation.
Administered and assisted in deploying LANDesk environments and Symantec Endpoint Protection for a client base of 3000+ machines.
Deployed regularly scheduled and out of band security/OS patches and updates via LANDesk and other mechanisms.
Co-developed an asset management system to track physical assets via barcode scanning devices.
Systems Support Analyst | July 2009 - September 2010
Actively monitored an extensive production environment for washingtonpost.com and other high-traffic Post properties.
Acted as a liaison between coworkers and the development and infrastructure technology teams.
Provisioned, integrated, diagnosed, and maintained PC and Macintosh clients in an Active Directory environment.
Education
University of Massachusetts Amherst
Bachelor of Computer Science | 2009
Served on the Board of Editors for The Massachusetts Daily Collegian as Web Editor (2006-2008).