bchoy.me
Blog About Resume
bchoy.me

Resume

General

Option Description
Languages Python, Golang, Ruby, TypeScript, Bash
Technologies Kubernetes, Terraform, SaltStack, Chef, Docker, Jenkins, AWS, NodeJS, LDAP
GitHub https://github.com/bycEEE
Website https://bchoy.me
Education Binghamton University, Computer Science

Work Experience

ComputerX - Platform Engineer/Consultant

November 2022 - January 2023 | Los Angeles, California

  • Assessed company needs and budget to successfully design and deploy the entire initial on-prem and cloud infrastructure from scratch. Introduced infrastructure as code to bootstrap AWS/CloudFlare accounts with best security practices in mind.
  • Designed local development workflows and deployment cycle to ship code to EC2, ECS, Lambda, RabbitMQ, and on-prem infrastructure.
  • Served as the lead Python developer for the core API, securely managing communication between cloud infrastructure and on-prem iOS devices. Working closely with iOS developers to tackle the challenge of remotely managing non-traditional devices, RabbitMQ was utilised for advanced routing to multiple data centers and safeguarded customer credentials with end-to-end TLS encryption, encryption at rest, token based authentication, and other security considerations.

SnailBot - Software Engineer

April 2022 - September 2022 | San Francisco, California (Remote)

  • Served as the lead NodeJS/Typescript developer for a cloud based SaaS solution, successfully supporting tens of thousands of users in the automated purchase of high demand items such as graphics cards, video game consoles, and collectable trading cards.
  • Pioneered the first cloud based SaaS offering for a specific major retailer, supporting features such as instantaneous product stock alerts, automatic checkout, authentication refreshing, improving account legitimacy score, and bot detection mitigations.
  • Utilised Burp Suite, OWASP Amass, and other reconnaissance tools for tasks such as endpoint discovery, parameter automation/fuzzing, site update monitoring, request/response logging history, and discover methods to simulate human behaviour accurately.
  • Demonstrated reverse engineering prowess to decipher obfuscated JavaScript, enabling the successful bypass of anti-bot technology from retailers using providers such as PerimeterX and F5 Solutions.
  • Developed a suite of tools to automate requests to multiple endpoints, and designed monitors to alert on differences or unexpected behaviour to ensure the validity of existing bypass methods or to probe for new potential methods.
  • Focused on lowering latency to the lowest amount possible to stay ahead of competing software and provide customers with the highest chance of obtaining their desired items.

JW Player - DevOps Engineer

March 2018 - April 2022 | New York, New York

  • Leveraged my expertise in AWS, Kubernetes, Terraform, and SaltStack daily.
  • Operated on the core Kubernetes administration team, managing several production clusters with hundreds of nodes each, with an uptime of 99.999%.
  • Architected a robust Kubernetes cluster creation and management workflow with kops, helm, and Terraform. Developed additional internal tooling for cluster provisioning, and established a production grade environment with proper RBAC roles, multi-layered monitoring/alerting, tool-assisted resource/request limits, right sizing, autoscaling, secrets management, centralised logging, etc.
  • Made significant contributions to our suite of microservices that handle our in-house deployment system. Developed software primarily in Python and Golang to allow our development teams to have autonomy and ownership of deploying their own applications to Kubernetes. This tool handled authentication flow, secrets retrieval without exposure, team based and individual permissioning, rollback and deployment history, configuration validation, etc.
  • Automated a variety of tasks using Bash, Python and Golang, such as new hire onboarding, JIRA ticket creation from AWS maintenance notifications, and third-party platform integration based on LDAP attributes.
  • Designed AWS VPC architecture across multiple accounts. Created and managed AWS VPC resources including subnets, route tables, security groups, network ACLS, and NAT gateways. Set up VPC peering across our accounts and multiple regions and configured VPC endpoints to privately access AWS services without exposure to public internet. Assisted in creating an internal Terraform module to perform subnet math that played nice with our existing legacy VPC structure.
  • Improved a suboptimal Terraform module and introduced best practices such as versioned modules to overhaul a legacy Terraform repository that contained duplicated and unwieldy code. Led the initiative to move Terraform runs to CI/CD instead of local runs.
  • Modernised an outdated Vault implementation and hardened the existing configuration to make better use of previously unused features including ACLs, properly expiring tokens/renewals, issuing dynamic credentials, certificate requests, and integration with Kubernetes and SaltStack. Participated on the SecOps team, kickstarting our bug bounty program in collaboration with HackerOne, developing our policy and refining our process. We also enhanced our security posture by employing trust architecture starting with Vault, implementing automated scanning tools for our repos and containers, established container security practices such as image scanning and runtime security, moving away from AWS secret keys to IAM Roles, etc.

Opsline - DevOps Engineer/Consultant

May 2016 - Oct 2017 | New York, New York

  • Managed infrastructure using Chef and CloudFormation.
  • Worked actively with 5+ clients to create custom solutions for their respective needs.
  • Worked with a large array of software due to each client’s existing stacks including MongoDB, MySQL, Postgres, Cassandra, Chef, Node.js, Ruby on Rails, ELK, ActiveMQ, Redis, OpenVPN, Apache, Nginx, Nagios, etc.
  • Greatly reduced build times and eliminated inconsistent deployments by optimising Jenkins and Travis pipelines.
  • Improved security by performing routine IAM key audits, security group audits, repository scanning, Jenkins plugin vulnerability scanning, etc.
  • Handled containerising and orchestration using Docker and ECS.

The Barbarian Group - System Administrator

August 2015 - April 2016 | New York, New York

  • Converted an entirely manually managed infrastructure into infrastructure as code using instances provisioned by Packer and managed with Ansible.
  • Re-architected the existing manually code deployment pipeline to true CICD using Jenkins.
  • Streamlined local cross-platform development using Vagrant and Docker.
  • Built internal tools using Ruby and bash to automate procedures such as backups and analytics parsing.