Senior Systems Security Engineer | April 2018 - Present
Maintain AAA (Authentication, Authorization and Accounting) infrastructure for Salesforce's core product.
Led effort to deploy Terraform across the Government Cloud infrastructure. Focused on AWS GovCloud Identity and Access Management.
Designed federated authentication and centralized logging mechanisms in AWS GovCloud.
Use Puppet and other configuration management frameworks to implement security controls for FedRAMP Moderate and High, and DISA IL4 compliance.
Senior DevOps Security Engineer | November 2016 - April 2018
Led a team of DevOps engineers to bring security automation to Blackboard's flagship product, Learn.
Helped to design, implement, and deploy security engineering solutions across the Learn SaaS platform.
Identified and remediated gaps in security compliance frameworks, including FedRAMP Tailored, FISMA, and ISO 27001.
Supported and improved a highly available and fault tolerant SaaS offering.
The Washington Post
Senior Infrastructure Engineer | January 2015 - November 2016
Implemented ephemeral, long-lived and immutable infrastructure as code, using AWS CloudFormation and internally-built solutions.
Maintained infrastructure resources in an auditable and repeatable fashion using configuration management platforms and version control systems.
Was responsible for designing and implementing robust network and security architectures.
Helped to maintain a strong information security posture for data in transit and data at rest.
Provided expertise to software developers on AWS foundational services, such as EC2 (incl. EBS, ASG, ELB), VPC/Direct Connect, Route53, S3, IAM/KMS, RDS, SNS, SQS, SES, and CloudWatch.
Contributed to internal software projects, centered around the orchestration of infrastructure resources and the continuous deployment of containerized applications to test and production environments.
Unix Systems Engineer | December 2011 - January 2015
Managed physical and cloud-based infrastructure for the print, mobile, and web properties of Washington Post Media.
Supported content management systems and applications utilizing Apache, Nginx, Tomcat, and dynamic Java applications deployed on Glassfish or WebLogic application servers.
Maintained Unix production, stage, and test environments, utilizing RedHat 5/6/7, CentOS 5/6/7, Solaris 9 & 10, AIX 5.3, HP-UX and Mac OS X Server.
Performed code deployments for development teams.
Carried out system maintenance and upgrades as needed, including backups and restorations.
Participated in 24x7 on-call rotation.
Assisted with a major datacenter relocation.
Client Systems Engineer | September 2010 - December 2011
Developed and maintained Windows and Mac desktop images, software deployments, and application patching while also identifying and resolving desktop security issues.
Provided technical expertise to assist with implementation of desktop technologies: Windows and Mac desktops and laptops and their operating systems, desktop applications, management systems, and tools.
Created and supported desktop management related technical policies and procedures; helped to create and maintain related documentation.
Administered and assisted in deploying LANDesk environments and Symantec Endpoint Protection for a client base of 3000+ machines.
Deployed regularly scheduled and out of band security/OS patches and updates via LANDesk and other mechanisms.
Co-developed an asset management system to track physical assets via barcode scanning devices.
Systems Support Analyst | July 2009 - September 2010
Actively monitored an extensive production environment for washingtonpost.com and other high-traffic Post properties.
Acted as a liaison between coworkers and the development and infrastructure technology teams.
Provisioned, integrated, diagnosed, and maintained PC and Macintosh clients in an Active Directory environment.
University of Massachusetts Amherst
Bachelor of Computer Science | 2009
Served on the Board of Editors for The Massachusetts Daily Collegian as Web Editor (2006-2008).