|Python, Golang, Ruby, TypeScript, Bash
|Kubernetes, Terraform, SaltStack, Chef, Docker, Jenkins, AWS, NodeJS, LDAP
|Binghamton University, Computer Science
ComputeX - Platform Engineer/Consultant
November 2022 - Present | Los Angeles, California
- Bootstrapped and initialised company AWS accounts, infrastructure, IAM permissioning, logging, monitoring, and auditing using AWS CDK.
- Architect infrastructure and developer workflow to fit the needs of a Python startup. Work closely with business to determine priorities, striking a balance between feature rollout speed and meeting customer demands, while developing our internal tooling, maintaining code quality, adhering to industry best practices, and managing total cost of operation.
- Lead Python developer for a core API service for a which leverages RabbitMQ and other technologies for secure routing to a mix of iOS devices in multiple on-prem data centers, and AWS nodes to schedule and scale video transcoders.
- Provision Kubernetes clusters using Helmfile and KEDA to serve GPU-reliant workloads for machine learning and transcoding.
- Work alongside the Machine Learning team to develop a workflow for training models and running inference on image generation pipelines using a GAN.
- Create reproducible CUDA-enabled and CPU workflows for local/remote development with PyTorch and pix2pix. Configure a queue based autoscaling ECS service for real-time inference.
- Work with advisors to meet HIPAA compliance, and integrate tools such as cdk-nag and checkov to help identify potential issues.
Reverb - Senior Infrastructure Engineer
May 2023 - November 2023 | Chicago, Illinois
- Oversee company infrastructure on AWS primarily with Terraform and Kubernetes.
- Migrated the existing local Terraform workflow to HCP Terraform Cloud to meet compliance/auditing standards, log all user interactions and runs, automated drift checks, and moving sensitive data off of local machines.
- Set up GitHub actions to improve automated PR checks and deployments on merge.
- Manage, maintain, and upgrade EKS Kubernetes clusters across our environments and accounts. Worked closely with the Platform and Software Engineering to set up base Helm charts and the workflow for self-managed deployments.
- Assist in the evaluation of ArgoCD vs Flux for continuous delivery/integration on Kubernetes.
- Evaluate transitioning from the existing AWS Secrets Manager implementation to HCP Vault as the main secrets management store.
- Handle Elasticsearch upgrades.
SnailBot - Software Engineer
April 2022 - September 2022 | San Francisco, California (Remote)
- Served as the lead NodeJS/Typescript developer for a cloud based SaaS solution, successfully supporting tens of thousands of users in the automated purchase of high demand items such as graphics cards, video game consoles, and collectable trading cards.
- Pioneered the first cloud based SaaS offering for a specific major retailer, supporting features such as instantaneous product stock alerts, automatic checkout, authentication refreshing, improving account legitimacy score, and bot detection mitigations.
- Utilised Burp Suite, OWASP Amass, and other reconnaissance tools for tasks such as endpoint discovery, parameter automation/fuzzing, site update monitoring, request/response logging history, and discover methods to simulate human behaviour accurately.
- Developed a suite of tools to automate requests to multiple endpoints, and designed monitors to alert on differences or unexpected behaviour to ensure the validity of existing bypass methods or to probe for new potential methods.
- Focused on lowering latency to the lowest amount possible to stay ahead of competing software and provide customers with the highest chance of obtaining their desired items.
JW Player - Senior DevOps Engineer
March 2018 - April 2022 | New York, New York
- Leveraged my expertise in AWS, Kubernetes, Terraform, and SaltStack daily.
- Operated on the core Kubernetes administration team, managing several production clusters with hundreds of nodes each, with an uptime of 99.999%.
- Architected a robust Kubernetes cluster creation and management workflow with kops, helm, and Terraform. Developed additional internal tooling for cluster provisioning, and established a production grade environment with proper RBAC roles, multi-layered monitoring/alerting, tool-assisted resource/request limits, right sizing, autoscaling, secrets management, centralised logging, etc.
- Made significant contributions to our suite of microservices that handle our in-house deployment system. Developed software primarily in Python and Golang to allow our development teams to have autonomy and ownership of deploying their own applications to Kubernetes. This tool handled authentication flow, secrets retrieval without exposure, team based and individual permissioning, rollback and deployment history, configuration validation, etc.
- Automated a variety of tasks using Bash, Python and Golang, such as new hire onboarding, JIRA ticket creation from AWS maintenance notifications, and third-party platform integration based on LDAP attributes.
- Designed AWS VPC architecture across multiple accounts. Created and managed AWS VPC resources including subnets, route tables, security groups, network ACLS, and NAT gateways. Set up VPC peering across our accounts and multiple regions and configured VPC endpoints to privately access AWS services without exposure to public internet. Assisted in creating an internal Terraform module to perform subnet math that played nice with our existing legacy VPC structure.
- Improved a suboptimal Terraform module and introduced best practices such as versioned modules to overhaul a legacy Terraform repository that contained duplicated and unwieldy code. Led the initiative to move Terraform runs to CI/CD instead of local runs.
- Modernised an outdated Vault implementation and hardened the existing configuration to make better use of previously unused features including ACLs, properly expiring tokens/renewals, issuing dynamic credentials, certificate requests, and integration with Kubernetes and SaltStack. Participated on the SecOps team, kickstarting our bug bounty program in collaboration with HackerOne, developing our policy and refining our process. We also enhanced our security posture by employing trust architecture starting with Vault, implementing automated scanning tools for our repos and containers, established container security practices such as image scanning and runtime security, moving away from AWS secret keys to IAM Roles, etc.
Opsline - DevOps Engineer/Consultant
May 2016 - Oct 2017 | New York, New York
- Managed infrastructure using Chef and CloudFormation.
- Worked actively with 5+ clients to create custom solutions for their respective needs.
- Worked with a large array of software due to each client’s existing stacks including MongoDB, MySQL, Postgres, Cassandra, Chef, Node.js, Ruby on Rails, ELK, ActiveMQ, Redis, OpenVPN, Apache, Nginx, Nagios, etc.
- Greatly reduced build times and eliminated inconsistent deployments by optimising Jenkins and Travis pipelines.
- Improved security by performing routine IAM key audits, security group audits, repository scanning, Jenkins plugin vulnerability scanning, etc.
- Handled containerising and orchestration using Docker and ECS.
The Barbarian Group - System Administrator
August 2015 - April 2016 | New York, New York
- Converted an entirely manually managed infrastructure into infrastructure as code using instances provisioned by Packer and managed with Ansible.
- Re-architected the existing manually code deployment pipeline to true CICD using Jenkins.
- Streamlined local cross-platform development using Vagrant and Docker.
- Built internal tools using Ruby and bash to automate procedures such as backups and analytics parsing.
The Barbarian Group - Front End Web Developer
June 2015 - August 2016 | New York, New York
- Built an interactive experience for customers to interact with an in store display using their mobile device using Box2D, PixiJS, Node.js, and websockets.