Résumé

Summary

Versatile and innovative engineer with over a decade of experience across the full spectrum of infrastructure, from on-premise to cloud-native.

Deep expertise in Site Reliability Engineering, DevOps practices, and architecting scalable and resilient systems.

Demonstrated ability to tackle complex technical challenges, build impactful tools, and contribute to both professional and community-driven technology initiatives.

Skills

  • Cloud Platforms: AWS, GCP
  • Container Ecosystem: Kubernetes (kops, k3s, bare-metal), Helm, Docker (and OCI), containerd (and CRI-O), Calico (and Flannel, kube-router), Istio (and MetalLB)
  • IaaC: Terraform, Crossplane
  • Operating Systems: Linux (Debian/Ubuntu, RHEL-derivatives, Gentoo), Solaris (OpenIndiana), FreeBSD
  • Networking: TCP/IP, DNS, BGP (and OSPF), Firewalls, Load Balancers, Packet Analysis
  • Programming: Java, C++, Go, Ruby, JS, PHP, Python
  • Security: PKI, Cryptography, IAM, Vulnerability Scanning (and Remediation), Best Practices
  • Compliance: FedRAMP, HIPAA, SOC2
  • Monitoring: Datadog, Prometheus, Splunk, ELK, Pagerduty
  • Storage: Ceph, Bacula, Minio, S3
  • Datastores: Postgres, MariaDB (and MySQL), Cassandra, Redis, OpenSearch, etcd, ZooKeeper, RabbitMQ
  • CI/CD: CircleCI, Argo, Concourse

Work History

Okta, Inc.

Okta is an identity management platform connecting people and technology.

Site Reliability Architect

2023-03 – Current
  • Designed and implemented FedRAMP High-compliant Okta Workflows
  • Mentorship across the org
  • Manage inter-team relations and dependencies

Principal Site Reliability Engineer

2019-11 – 2023-03
  • Onboarded Okta Workflows infrastructure during Azuqua acquisition
  • Built the Okta Workflows SRE team from the ground up
  • Team Lead for Okta Workflows SRE
  • Architected and implemented Okta Workflows infrastructure
  • Designed and implemented HIPAA-compliant Okta Workflows

Staff Site Reliability Engineer

2016-06 – 2019-11
  • Designed and implemented HIPAA-compliant cells
  • Designed and implemented FedRAMP-compliant cells
  • Innovated on Okta’s ingress
  • Okta’s Networking Subject Matter Expert

Senior Site Reliability Engineer

2015-01 – 2016-06
  • Designed Okta’s PKI system
  • Migrated Okta’s customer encryption to use AWS KMS
  • Designed and authored production tool execution platform
  • Migrated Okta from EC2 Classic to VPC
  • Architected and built the Okta Internal Network spanning both VPCs and Regions

DevOps Engineer

2013-04 – 2015-01
  • Designed and authored a CMDB built on top of Cassandra
  • Redesigned Okta’s Chef Cookbooks
  • Architected Okta’s Taxonomy
  • Designed and authored a unified CLI for interacting with Okta’s infrastructure
  • Collaborated to design and migrate Okta to a cell-based architecture

LaunchRock, Inc.

LaunchRock is a product that allows you to set up "launching soon" pages using a WYSIWYG page creator.

Full-stack Engineer​

2012-08 – 2013-04
  • Architected and implemented LaunchRock’s AWS infrastructure
  • Automated releases/continuous-deployment
  • Architected and authored the frontend site builder

Giftiki, Inc.

Giftiki was working on a new social commerce platform and collaborative gifting engine.  LaunchRock acquired the whole team and discontinued the Giftiki product.

Full-stack Engineer​

2011-04 – 2012-08
  • Set up and maintained Giftiki’s AWS infrastructure
  • Implemented auto-scaling for a service-oriented architecture
  • Automated releases/continuous-deployment
  • Implemented GitOps
  • Architected and authored large swaths of both backend and frontend code

Technology Services Group, UIUC

TSG was the IT department supporting the University of Illinois at Urbana-Champaign's Department of Computer Science. TSG was responsible for the facilities, classroom technology, network, and research labs of the Siebel Center for Computer Science at UIUC.

Student Administrator

2009-11 – 2011-09
  • Managed the Illinois Cloud Computing Testbed, a couple hundred machines running Hadoop
  • Designed and implemented a web-based remote power management interface
  • Designed and implemented a web-based electronic lock management interface for the building security system
  • Supported the migration from the Illinois Ph directory to LDAP

Other Experience

Home Lab

My home lab is where I experiment with new technologies and develop new hobbies.

Infrastructure

2019-03 – Current
  • Designed and built a 6-node Kubernetes cluster built on k3s on physical machines
  • Racked and stacked physical hardware
  • Implemented a fault-tolerant Ceph cluster with 198 drives and 670TiB of raw storage
  • Implemented Bacula to perform backups to LTO-6 tapes
  • Implemented a home network with BGP and 40gbit/s interconnections between core routers supporting more than 150 client devices
  • Implemented Wi-Fi with Ubiquiti’s UniFi products

Fabrication

2019-12 – Current
  • Designed and built a 3D printer farm
  • Diagnosed and resolved issues with 3D printers, in some cases disassembling, replacing failing parts, and rebuilding
  • Automated 3D printer jobs to best utilize printer farm

Electronics

2021-07 – Current
  • Designed and built an electronics lab
  • Diagnosed and repaired electronics at the component level, including laptop and small-form-factor mainboards
  • Built kits and my own projects on breadboards

Studio

2017-06 – Current
  • Built home recording studio
  • Repaired a Mackie TT24 mixing console
  • Recorded and mastered both music and speech
  • Supplied equipment and stage operations for music festivals
  • Served as MC (and hosted karaoke) for music festivals

Tableflippers Anonymous

Tableflippers Anonymous is a video game community.

Infrastructure

2019-03 – Current
  • Designed and built a 20-node Kubernetes cluster from scratch on physical machines
  • Racked and stacked physical hardware
  • Applied for and received ASN 53546
  • Purchased IP space 144.86.176.0/23
  • Managed BGP peering
  • Implemented PXE to boot diskless images on cluster
  • Migrated existing workloads from Legion’s infrastructure

Runetide

2018-12 – 2021-02
  • Architected and designed a mutable voxel-based, open-world MMORPG
  • Implemented large parts of the backend microservices
  • Currently deprioritized in favor of other projects

v1x1

2016-10 – 2019-02
  • Architected and implemented v1x1, a chatbot for Twitch and Discord channels
  • Built using Java, Dropwizard, Redis, Cassandra, and Zookeeper with a service-oriented, no-single-point-of-failure architecture
  • Authored WebAssembly VM from scratch in Java to enable customization of the bot
  • Built a web interface using Angular 2
  • Implemented Argo for CI/CD

Legion

Legion is a video game community originally focused on a Minecraft server network that has expanded over time to host other games such as TF2 and Factorio.

Infrastructure

2012-05 – 2019-03
  • Designed and built Legion’s infrastructure on dedicated servers purchased from CoreNetworks
  • Implemented ZFS snapshotting on top of OpenSolaris and OpenIndiana
  • Migrated infrastructure to OVH
  • Implemented GlusterFS
  • Migrated to CephFS
  • Implemented backups to AWS S3 and Glacier
  • Implemented configuration management
  • Mitigated DDoS attacks

Software

2012-03 – Current
  • Designed and implemented several dozen plugins to the Minecraft server, Bukkit
  • Made modifications to the Minecraft server, requiring reverse engineering
  • Implemented multi-server coordination and communication
  • Implemented robust user authorization system
  • Designed and implemented mini-games
  • Found and patched security vulnerabilities in the Minecraft server

Community

2012-03 – Current
  • Managed and moderated the Minecraft server’s chat
  • Dealt with spam, bots, and attacks
  • Detected, prevented, and disincentivized cheating by developing tooling, procedures, and policy
  • Organized and hosted community events and contests

Wikimedia

Wikimedia Foundation is the parent organization behind Wikipedia, Wiktionary, and a number of other wiki projects.

Software

2007-07 – Current
  • Wrote early portions of the English Wikipedia Account Creation Interface
  • Designed and built ClueBot, a very successful heuristics-based anti-vandalism bot for Wikipedia
  • Designed and built ClueBot III, a discussion archival bot used by over 12,000 discussion pages on Wikipedia
  • Co-created ClueBot NG, Wikipedia’s most successful anti-vandalism bot using machine learning and neural networks
  • Submitted patches to MediaWiki for bugs and features

Technical

2007-07 – Current
  • Reviewed and approved automated tooling on Wikipedia as a member of the Bot Approvals Group
  • Participated in the rewrite of Wikipedia’s Bot Policy
  • Scanned and evaluated reports of open proxies and other abusive clients as a clerk of the Open Proxy Noticeboard
  • Participated in the creation of the Rollbacker user group
  • Authored and maintained Edit Filter rules to prevent bad-faith edits to Wikipedia
  • Operated heuristic feeds for anti-vandalism volunteers to consume

ClueNet

ClueNet was an IRC-based community of tech and open-source enthusiasts.

Infrastructure

2005 – 2011
  • Implemented Kerberos and LDAP for user authentication and authorization
  • Architected and operated a fully-featured mail server using Courier, Maildrop, and SpamAssassin
  • Operated an IRC network with various services and bots
  • Designed and authored custom IRC services suite

Community

2005 – 2011
  • Managed and moderated the IRC chat rooms
  • Dealt with spam, bots, and attacks
  • Mediated disagreements between members

Winbots

Winbots was an IRC network run on home equipment.

Infrastructure

2001 – 2005
  • Implemented a mail server using QMail, SpamAssassin, and ClamAV
  • Operated an IRC network with various services and bots

Community

2001 – 2004
  • Managed and moderated the IRC chat rooms
  • Dealt with spam, bots, and attacks