I am open to entertaining the potential for change. My requirements are simple:

1. Fully remote, forever. You want me to RTO? Buy me equal or better property to that which I own with no contingencies.
2. Direct hire. Contractors, look elsewhere. I consult, mkaybye
3. Absolutely no on-call. Ever. #dead
4. I don’t work past 40 hours a week. I work when I want to work.
5. I dictate my deliverables. I’ll align with your business objectives, but you hire me for my skills and knowledge. Get out of my way.

Experience

[CURRENT EMPLOYER]

Senior AppSec Engineer, January 2023 - Current

• More shouting into the void, again. #infosec-amirite
• I defined the ideal state for an appsec program
• And I was told budget doesn’t exist
• So I write stuff and do things. Productivity feels like -1. Still haven’t found 0xdeadbeef
• Did some pentesting, vendor vetting, found bugs through fuzzing and h4x0r1ng
• It doesn’t matter. Security is an illusion. #thinkbaddogoodhackallthethings

Engineering Manager, May 2022 - January 2023

• Increased team velocity by 80% YoY
• Handled highly complex interpersonal issues like a bull in a china shop
• Came to question everything and start looking for a way to get out

Senior Software Engineer, October 2021 - May 2022

• Became team lead of core platform service. SITH HAPPENS
• Developed Training materials for development teams to integrate with core platform services
• Built a cohesive team structure and culture in preparation for my promotion

Software Engineer, July 2021 - October 2021

• Got hired and watched the team I was hired onto leave within two month
• Was ghosted by the hiring manager after he told me the team didn’t think I was senior enough
• Built some things that became foundational to future developments

[PREVIOUS #1]

Senior IT Security Engineer, May 2021 – July 2021

• Did some shouting into the void
• Angered developers by implementing standards that forced them to build decent software
• Left with accomodations of being promoted and giving my two weeks notice

Senior Software Developer, April 2021 – May 2021

• Built multiple RESTful API endpoints for consumption by Genesys
• Eliminated 95% of the decades-old tech debt by sunsetting the legacy codebase
• Refactored PHP to NodeJS for migration of custom applications to Azure Function Apps and Azure Web Apps
• Mentored more junior developers in coding, system design, and technical troubleshooting
• Developed custom applications as needed to meet Call Center business requirements

Software Developer, February 2019 – April 2021

I was brought on to aid in the forward movement for the Contact Center sector of [PREVIOUS #1]. Immediately upon joining, I mapped plans for a progressive migration from virtual machine servers to Azure containers, and reviewed the code base to determine the best plan of action. This effort led to the elimination of a support license, which in turn saved the company over $10,000 annually.

I implemented multiple CI/CD pipelines for deployments to Azure and the legacy virtual machines, assisted in remediating security vulnerabilities due to misconfigurations on legacy servers, built an ORM and dependency injection container (PSR compliant/composer autoloader) to ensure future maintainability and scalability of the code base, implemented secure code standards and specifications, assisted in day-to-day support operations, and earned the ServiceNow Fundamentals certification. Below is an additional list of noteworthy accomplishments. These efforts saved the business time, money, and peace of mind by increasing engineer efficiency, and decreased the overall attack surface.

• Upgraded PHP 5.5.9 code to PHP 7.2
• Saved the company over $10,000 on a support license which offered the company no benefit
• Automated manual tasks related to lead loading in RingCentral
• Automated bulk file edits through development of a small Python application
• Remediated prevalent SQLi, LFI, LDAPi, XSS, CSRF, and information disclosure vulnerabilities
• Corrected misconfigurations in SSH, nginx, PHP-FPM and the Ubuntu host operating systems
• Assisted in the implementation of a dev, stage, production stack on Azure
• Increased visibility into application behavior through using App Insights and more concise logging within the PHP applications
• Utilized various network traffic analyzers and static analyzers to further secure code (phpstan/exakat)
• Aided in migration and hardening of various servers (Windows/Linux)
• Introduced SDLC processes into the development lifecycle
• Integrated an industry-standard dependency management framework (composer)

[PREVIOUS #2]

Full Stack Developer, January 2018 – February 2019

As a Full Stack Developer, I focused on building and integrating a single sign on system into [PREVIOUS #1]’s internal CRM system, which was then used by various client-facing applications as central location of identity and access provisioning. The application we launched was my responsibility for the previous eight months as well. This application provided [PREVIOUS #2]’s clients full transparency into what [PREVIOUS #2] does for them and real-time project tracking. In addition, I worked closely with our Systems Administrator to prepare various other application for an eventual migration to Kubernetes. I also presented on security topics including social engineering (focus on phishing), and secure header configuration for web servers.

• Engineered and integrated a Single Sign-On system for role-based permissions management across multiple client-facing applications
• Presented on topics including secure application header implementation, server hardening, and social engineering
• Containerized applications in preparation for a future migration to Kubernetes
• Implemented multiple CI/CD pipelines and associated security provisions
• Utilized SCRUM Agile methodologies to maintain clear objectives and meet project deadlines
• Assisted in day-to-day server administration tasks including hardening production servers and implementing secure transfer tunnels for application deployments

[PREVIOUS #3]

Web Developer, May 2016 – January 2018

Doesn’t matter. KT taught me a lot of what not to do. Company SIGTERM circa 2023. Enjoy retirement, you narcissistic prick.

Freelance Web Developer

June 2014 – April 2016

The glassy eyed bushy tailed time. Salad days, I might say. If only I’d known…

Technical Strengths

Everything listed here is in order of proficiency

Languages:

• PHP
• HTML5
• CSS3
• JavaScript
• Bash
• Python
• Ruby
• Java
• C

Databases:

• MySQL
• Postgres
• Redis
• MongoDB
• MSSQL

Frameworks:

• jQuery
• VueJS
• Angular
• React
• Laravel
• Zend
• Wordpress
• Magento
• jekyll
• BeautifulSoup

Cloud:

• Google Cloud Builder
• Azure
• AWS

Operating Systems:

• Linux (Gentoo, Slackware, Fedora, Debian, Arch, Kali, Alpine)
• Mac
• FreeBSD
• Microsoft Windows

Software:

• Git
• Docker
• nmap
• Burp
• tcpdump
• wireshark
• Nessus
• Metasploit (minimal)

last updated: 2021-06-02 14:02:00 -0700