Experienced systems and software architect and engineer with almost 20 years hands-on designing, implementing and supporting network infrastructure, Linux / Microsoft systems, software applications and operational security with an emphasis on cloud, automation, SaaS, and IoT.
Travel: Light (<= 25%), International preferred; passport ready
Provide exceptional remote services and solutions to cloud based organizations. AWS subject matter and automation expert.
Windows (3.1 – current), Linux (Debian & RHEL), Unix, Mac OS, Novell, Embedded Linux, Private / Public Cloud.
Amazon Web Services
Extensive experience in both application development and infrastructure automation capacities, including building out VPCs with remote access and/or site to site VPNs and direct connects. Infrastructure / application deployment, automation and IAM security expertise.
Development against many services, including (but not limited to): CloudFormation, IAM, KMS, S3, Glacier, SQS, SNS, RDS, DynamoDB, EC2, Route 53, IoT.
Active Directory, MSSQL, Microsoft Operations Manager (MOM), System Center Operations Manager (SCOM), All Windows Server services (RADIUS, DNS, etc), Exchange Server 5.5+, Windows Software Update Services (WSUS), Systems Management Server (SMS), Blackberry Enterprise Server, Vertitas Backup Exec, and lots more
BIND, FreeRADIUS, Postfix, Courier, OpenLDAP, OpenVPN, SoftEther, VSFTPD, ProFTPD, PureFTPD, IPTables, Tripwire, MySQL, SQLite, Postgresql, Apache, NGINX, Jboss 4+, Glassfish 2+, Tomcat 5+, Jetty 7+, ActiveMQ, RabbitMQ, AMQP, NoSQL, Hadoop, Chef, Puppet, Ansible, Continuous Integration / Deployments / Delivery, Docker, Containers and more.
Amazon Web Services, Vmware, Kernel Virtual Machine (KVM), Microsoft Hyper-V, Public VPC and Cloud Technologies
Routers (Cisco, Vyatta, SOHO), Switches (L2 & L3), Firewalls, Load balancers, IDS, WLAN, VLAN, CAN, VPN, VOIP, CDN (Akamai, EdgeCast), Proxy Servers, Content filtering
Physical & digital, Disaster Recovery, Documentation, Compliances (Sarbanes-Oxley, PCI, HIPPA, MPAA), PKI, hashing, reversible encryption, SSL, PGP, and lots more.
HP, Dell, SuperMicro, Desktops, Servers, Network Appliances, Embedded Linux, ARM, ATMEL AVR, PIC
Object Oriented Programming, Aspect Oriented Programming, Design Patterns & Frameworks, Full SDLC, UML, Documentation, Agile, TDD, DRY
Interpersonal Leadership, Communication, Project Management, Information Technology Infrastructure Library (ITIL)
SOP, RFP, PO, vendor contracts, technical documentation, project requirements
Embedded linux, sensors, firmware development, I2C, SPI, custom circuit design, mechanical and environmental automation.
HVAC design, installation and refrigerant recovery/recharging. Ducted, ductless, geothermal.
Skilled metal and composite fabricator; MIG & TIG welding, plasma cutting, bending & shaping, primer & painting.
Open Source Contributions
tradebot – Ethereum powered cryptocurrency trading bot with tax reporting and portfolio management.
awskit – DevOps Toolkit generator based on stackit
stackit – CloudFormation dependency management and instance provisioning toolkit
ecutools – AWS IoT automotive tuning, diagnostics, and analytics
cwebsocket – High performance, lightweight WebSocket server/client in ANSI C
AquariumPilot – Aquarium automation based on Arduino
AgilePHP – PHP 5 framework modeled after J2EE
jbillingphpapi – PHP wrapper for JBilling web services
AutoPosixIds – OpenLDAP overlay responsible for automatic assignment of uid/gid attributes
Keiser College: Associates in Computer Science (1999 – 2001)
Landmark Education: Interpersonal Leadership (2003 - 2005)
AWS DevOps Professional
AWS SysOps Associate
Cisco 640-802 CCNA
Microsoft 70-215 Windows Server
Microsoft 70-217 Active Directory
Microsoft 70-220 Security
EPA 608, R410A, PM Tech & IAQ (HVAC)
Automate The Things, LLC 12/2015 – present
President & Independent Consultant (DevOps / Infrastructure / IoT)
Foghorn Consulting 10/2019 – present
Cloud Architect (full-time, remote)
Manage a half dozen different customers, their expectations, and environments.
Integrate with customer teams to design and implement a wide range of solutions.
AWS, Kubernetes & DevOps subject matter and implementation expert.
Accreon 7/2019 – 10/2019
Cloud Architect (full-time, remote)
Create webhook processing API using API Gateway, Lambda, RDS and CloudFormation.
Extend existing terraform project to deploy webhook application and add new features to existing Mirth integration engine. Create Ansible automation to configure Mirth integration engine.
Create custom dynamic python bakery to create packer files and images.
Design CI/CD pipeline to build and deploy Mirth Java application.
Raise 1/2019 – 10/2019
Platform Engineer (full-time, remote)
Design and implement Kubernetes authentication system based on LDAP, Dex, and kubelogin.
Create custom helm secret plugin to inject and obfuscate secrets in values.yaml; Integrate with Jenkins pipelines.
Mentor engineering team on creating custom helm charts to deploy and maintain applications.
Create platform toolkit in Golang to centralize automation and encapsulate day to day responsibilities.
Deploy and maintain infrastructure in AWS using Terraform and Jenkins pipelines.
Technologies: AWS, Kubernetes, Docker, Terraform, Jenkins, Ansible, Chef, Golang
MyRide / SelfieParking 6/2018 – 12/2018
Co-founder (part-time, remote)
Design and implement ECU harware and firmware prototype for autonomous driving vehicle conversion kit that works on 2012 or newer vehicles.
Infor 11/2018 – 05/2019
Cloud Architect (full-time, remote)
Responsible for planning, executing, and automating migration of complex proprietary on-prem solution to AWS GovCloud.
Windows and Linux systems, powershell and python scripting, splunk enterprise, lambda, cloudformation, terraform, proprietary tooling, and more.
Infor 06/2018 – 09/2018
Cloud Architect (full-time, remote)
Design and implement automated database migration for thousands of customers to get their onprem databases into SaaS platform using AWS Database Migration Service.
Create cloudformation templates with custom lambda backed resources to fully automate all aspects of the migration.
Document the project in confluence and github including architectural diagrams.
McKinsey & Co 11/2017 – 6/2018
DevOps Consultant (full-time, remote)
Design and build custom infrastructure and application deployments for internal and external customer MVPs in AWS and Kubernetes using automation tooling such as Terraform, Ansible, Helm Charts and custom scripting.
General project management, keeping track of tasks, triage multiple high priority requests from simultaneous projects & stakeholders, track time for chargebacks, etc.
Liaison between business units. Requirements gathering. Work with security team to ensure compliance.
Hewlett Packard Enterprises 03/2016 – 06/2017
DevOps Consultant (full-time, remote)
Lead 3 person team through a successful migration of an enterprise backup solution from OpenStack to AWS.
Automate the deployment of infrastructure and application components using CloudFormation and a custom Ruby toolkit based on my open source StackIT project.
Mentor software engineering team on AWS best practices and advise when/where to substitute managed services for legacy / on-prem components.
Work with compliance team to ensure corporate and HIPPA security requirements are met.
Symbotic 09/2016 – 12/2016
Software Engineer, Consultant (part-time, remote)
Create web based firmware upgrade system for autonomous warehouse robots (Python/Flask/Redis)
Create Chef and Packer scripts for continuous integration / deployment / delivery to Vmware.
ShopAdvisor, Inc 12/2015 – 11/2017
DevOps Consultant (part-time, remote)
Design and execute EC2 Classic VPC migration strategy for several tightly coupled legacy applications.
Work with development team to decouple application and adopt a microservice architecture
Automate the deployments of infrastructure and applications using CloudFormation, Chef and a custom Ruby toolkit based on my open source StackIT project.
Localytics 10/2014 – 12/2015
Lead DevOps Engineer (full-time, partial remote)
Lead 5 person team through design, implementation, support, and automation of AWS cloud infrastructure and automated application deployments.
Design and implement cloudformation templates for VPCs, networking, security and application stacks.
Design and implement chef infrastructure to manage 1000+ servers across multiple VPCs and AWS accounts.
Create Ruby toolkit to streamline AWS, chef and application stack workflows to maximize code reuse and automation capabilities.
Design Amazon Directory Services solution to centralize sudo, ssh, and authentication to EC2 instances.
Design network infrastructure within and across VPCs using peering connections, VPN, and ClassicLink.
Large migration from EC2 classic to VPC.
Responsible for all aspects of AWS operations and automated infrastructure / application deployments.
Pearson Education 4/2014 – 10/2014
Principal DevOps Engineer (full-time, partial remote)
Design, implement, and maintain a new online education platform built within Amazon AWS.
Create nodeless puppet infrastructure to manage 1000+ servers across 9 VPCs and two AWS accounts.
Create custom infrastructure automation solutions using Ruby, Amazon SDKs, and 3rd party cloud APIs. Participate in peer code reviews.
Install Jenkins and configure jobs to build, test and deploy in-house applications and support tools.
Create and maintain all aspects of Amazon VPCs including EC2 instances, multiple subnets and routing tables, security groups, and auto-scaling groups, ELB and SSL termination, peering connections, etc.
MediaSilo 9/2012 – 12/2013
VP of Technology: Responsible for overseeing development, operations, IT and security.
Lead team of 8 software engineers and an Agile scrum master through design, implementation and support of SaaS platform.
Vyatta, Amazon VPN (BGP), Layer 2 & 3 switching, firewalls, IDS. Reduced monthly hosting cost by 25%.
Contract negotiation & purchase orders. Vendor relationship management.
Implement MPAA security compliance, liaison between technical and business units. Perform customer security assessments.
Make A Byte (Freelancer / Contractor / Consultant) 9/2007 – 11/2012
Solutions architect: Consultant specializing in design, implementation, and support for systems, networking, and software solutions on Linux and Windows, capacity and disaster recovery planning, as well as ongoing business continuity / infrastructure support. Manage client relationships.
"jHosting" - open source enterprise web hosting and SaaS solution provider framework (ported to Java EE from PHP 5).
“Hosted Infrastructure” platform targets small to medium sized companies with high security and high availability requirements with their corporate infrastructure. (laywers, doctors, and financial institutions). Sits on ESX “cloud”; flexible/highly available resource allocation and configuration.
“AgilePHP” - rapid application development framework for PHP which consists of a Model-View-Control component based framework, libraries, and GUI integration w/ Eclipse & Netbeans IDEs.
Designed and implemented:
HA WAN network infrastructure (w/ VPN) using Cisco and Vyatta routers.
HA disk subsystem using DRBD to create an active/passive cluster.
LAN load balancing solution using open source Linux Virtual Servers (LVS).
Linux and Windows hosting platforms. (shared and dedicated)
ITIL founded processes and procedures to mitigate disasters, manage incidents/problems, and create/apply preventative maintenance policies to keep the issue from happening again.
Developed several API wrappers to integrate with 3rd party remote API services using PHP 5:
Enom – Domain registrar and SSL certificate reseller integration.
Comodo – SSL certificate reseller integration.
QuickBooks Merchant Services (QBMS) – Ecommerce gateway.
QuickBooks Online Edition (QBOE) – Full QuickBooks online integration.
Led various courses: PHP5, Java SE & EE training courses.
See Make A Byte contract portfolio in the last section of this resume for more details
PEER 1 Hosting 8/2009 – 10/2009
Used AgilePHP to create a web control panel for new Content Distribution Network (CDN) offering. Featured content management, REST web service API, auditing, and reporting.
Created a Python migration tool for system administrators to run, that would migrate DNS zones and records from a legacy system to a new DNS system.
Worked within a virtual ESX server environment to perform development activities. Assisted with ESX server networking (cisco routing, virtual switch vlan tagging, etc) and virtual machine provisioning.
Hostway Corporation (formerly Affinity Internet) 2005 - 2008
Corporate Infrastructure Systems Administrator
Capacity planning, report generation and presentation for management.
Designed "global Active Directory", a backend for all corporate assets, which integrated all global offices across several countries and continents. Led the migration of several offices from existing infrastructure to new domain.
Conducted regular security audits of the network, systems, and application architecture, as well as perform reviews of current policies.
Mentored other administrators in administration and scripting.
Analyzed/audited security and vulnerabilities, and/or identified areas out of alignment with VISA CISP compliance. Developed and implemented solutions to maintain VISA CISP compliance integrity.
Worked closely with Information Security team to secure desktops, servers, and network devices. Conducted quarterly reviews of security policies and participated in on-going efforts to identify new potential vulnerabilities which may have recently cropped up or gone unidentified in earlier audits.
Global support for corporate desktops and Xerox printers (~1600 desktops & ~150 printers).
Maintained Active Directory infrastructure across many geographically dispersed locations with ~1500 users, 200 servers and 1600 desktops/laptops.
Integrated MAC, Linux, and Windows systems into corporate AD infrastructure.
Created policies, procedures, SOP’s, project planning, proposal write-ups, technical documentation, post mortems, and reports for both staff and management.
Maintained corporate software applications such as ADP Payroll software, rightfax, Talisma CRM, proprietary CMS application used to manage client relations, customer accounts, provision services, manage support incidents, etc..
Developed intranet apps, system/task automation scripts and administrative tools in both desktop and web environments.
Represented Information Technology team during architecture/engineering projects which involve interfacing with other business units within the organization.
Hostway/Affinity Project examples:
Prepared major file server upgrade / migration from MS based file server to linux based OpenFiler NAS/SAN solution. Created project plan for management which outlined project pre-work, milestones, and completion date.
Assisted in physical migration of over 5000 servers between data centers
Implemented network policy and AUP’s for end users.
Developed software and/or scripts to automate IT, provide IT with tools, automate complex software configurations upon fresh software installs from SMS, custom MOM monitor and response scripts, etc.
Designed and implemented network load balanced corporate application server cluster, Citrix Metaframe 3.0 cluster, Exchange HA cluster, SMS platform, MOM platform, IIS web server cluster w/ Linux LVS front-end, Ironport anti-spam cluster.
Lead VBScript grass roots training meetings once a week.
OmniPilot Software 2004 – 2005
Software Developer / Tech Support Manager
Developed Quickweb Pro solution (CRM and CMS w/ integrated marketing).
Document classes / objects using UML and depict logical operation of components using flowcharts.
Created project plans to deliver on commitments to forecasted milestones, mentor technical support staff, invent new strategies to empower the team and improve productivity, efficiency, and operation of the department.
Supported the Lasso programming language and community.
Aletek Solutions 2001 - 2004
Network Administrator / Developer
Dispatched to field calls of customers which ranged from small 5 person organizations to enterprise level companies upwards of 5,000 – 10,000 users.
Deployed, configured, and supported HP, Dell, Supermicro, and other various vendors including “home-grown” desktops and servers.
small to medium sized business Active Directory corporate infrastructures, including SQL, Exchange, IIS, DNS, DFS, and more.
customer network infrastructure gear such as Cisco, Cayman, D-Link, Linksys, and more.
Aletek shared hosting environment consisting of .NET and LAMP platforms.
Large Xerox style printers which utilize Novell IPX print servers.
Performed migrations, upgrades, and consulting within Microsoft (NT, 2000 Pro/Server, 2003, XP) and Linux (Debian, Red Hat) environments.
Architected, engineered, developed and deployed new solutions.
Developed a web hosting control panel software in PHP which included automation and configuration ability in a graphical environment for linux services such as Apache, MySQL, BIND DNS server, VSFTPD, and XMail. Application provided advanced solutions to complex network issues such as port 25 mail server deflections and dynamic DNS. Dynamic DNS clients developed in VB6 for windows users and Java for linux and MAC users.
Contract Portfolio 2002-2013 (via Make A Byte)
FirstGiving (Platform Architect) 7/2011 – 9/2012
Platform Architect: Design, implement, and support systems, networking, telephony, and software solutions for Linux and Windows environments. Capacity and disaster recovery planning, and ongoing business continuity / infrastructure support for charitable giving / donation platform.
Technical leadership and decision making. Led 6 person team through development and ops focused responsibilities.
PHP subject matter expert; Responsible for suite of PHP API's used for donation processing, charity lookups (based on IRS master file), analytics, and various internal support tooling, as well as the underlying AWS hosted infrastructure (managed via RightScale).
Oversee ongoing enhancements and bugfixes to firstgiving.com C# .NET web application.
Decouple core product from proprietary accounting software using Microsoft Sync Framework to syncronize data between databases (SQL server and MongoDB).
Designed and documented version 2 of the core product stack which included AppFabric/WCF/C# 4 on top of MongoDB. Supported REST, SOAP, and MSMQ transports.
Responsible for API integrations between PHP and .NET web applications (SOAP, REST, and MSMQ), as well as partners and 3rd party consumers.
Support clustered SQL Server and MySQL databases.
Support Windows 2003, 2008 and Linux environments in local, colocation, and virtual environments. Virtual environments include private VMware (ESX 5) and public AWS EC2 instances (deployed and managed by RightScale service).
Presented hosting consolidation proposal which demonstrated 50% ($100,000) per year cost savings. Designed, implemented and documented hosting migration plan.
Responsible for internal Avaya VoIP phone systems including server, phones, and dedicated T1 connection.
Work with all departments to ensure PCI DSS compliance.
Manage corporate and colocation network ; Cisco, Juniper, Vyatta, 3Com, Dell.
Design policies and procedures.
Document software, networks, and systems.
Assist in pre-acquision technical due diligence meetings.
Maark, LLC (Senior Software Engineer) 8/2010 – 10/2011
Design and implement custom B2B solutions for various clients such as Yankee Group, Marriott, and Alcatel-Lucent in PHP, Java EE, Python and .NET.
Design and implement databases including stored procedures, triggers, and ERD diagrams using MySQL, MSSQL, Oracle, and PostgreSQL.
Work with creative team to integrate aesthetically pleasing user interface / user experience with back-end business loigic.
Presented hosting consolidation/migration proposal to company stakeholders which demonstrated 30% ($30,000) per year cost savings which led to:
I.Designed, documented, implemented and supported production hosting platform on a private cloud using VMWare ESX 4.1. Virtual images stored on enterprise NetApp filer to facilitate vmotion / disaster recovery options.
II.Designed, documented, implemented, and supported physical and logical hosting networks as well as VPN connectivity between Maark Boston office and data center.
III.Designed, documented, implemented, and supported backup and monitoring solution for both internal corporate infrastructure as well as production hosting platform.
Communication for the World (Software Engineer) 12/2009 – 1/2010
Developed “Life Story Suitcase” - a cross-functional suite of social media applications connected to Facebook, Twitter, Blogger and other networks via public API’s.
Utilized ExtJS user interface libraries and AgilePHP (a framework I created for modularity and rapid application development).
Allow secure file system based storage of social networking media on per-user basis.
Pluggable/modular design which allows additional social networking platforms to be added in the future.
Provide technology leadership and consulting in regards to other confidential projects happening internally.
Right Choice Technology 10/2009 – 12/2009
Create custom PHP content managed websites as well as aesthetically pleasing front-ends using jQuery and ExtJS.
Create and manage client web hosting accounts using Plesk control panel.
Designed, implemented, and supported Microsoft Windows systems, Cisco and Vyatta network routers and switches (layer 2 and 3). Implement secure wireless networking using isolated VLAN segments.
Design secure off-site backup solution for small and medium sized businesses.
Provide technology leadership around systems, networking, development and hosting.
Aldous Law Firm 6/2009 – 9/2009
Lead 2 person team through a successful migration from physical Dell servers involving 2 Active Directory domain controllers, a single Exchange 2003 server, and a BlackBerry Enterprise Server to virtual machines running in VMware ESXi server.
Replaced SOHO Linksys router with Vyatta VC 5. Replaced SOHO Netgear switch with a layer 3 cisco switch and configured 4 different VLANS to enhance security. Moved WIFI access point to its own isolated VLAN to protect corporate assets.
Installed new rack with 2 new physical servers running VMWare ESX server.
Removed all prior external access through remote desktop and logmein.com, and satisfied remote access requirements using a secure OpenVPN solution.
Re-ip all workstations, servers, printers, and other network appliances (Barracuda, etc)
Enterprise jBilling Software Ltd 6/2007 – 9/2009
Created Java EE payment processing plug-ins.
Created and maintained PHP 5 library which uses SOAP and Hessian protocols to enable full integration with jbilling from PHP applications.
Assisted with troubleshooting, configuring and supporting jbilling installations in client environments.
Assisted with bug fixes, documentation, and code maintenance.
Consulted with clients on integration projects involving PHP and Java EE. This included identifying installation, configuration, and code issues and providing solutions that work.
Assisted in configuring jbilling instances on MySQL, Postgres, and Oracle databases.
HelloStartup 5/2009 – 6/2009
Created linux based hosting platform consisting of a two node web cluster running JBoss AS, behind a pair of LVS servers and a two node file system cluster (active/passive) using DRBD.
Created web application using JavaEE technologies (ICEfaces 1.8.1 and JBoss Seam 2.1).
Provide consulting and guidance in all areas of information technology.
Created client content management enabled websites using PHP 5, which features mailing lists, e-commerce, inventory tracking and reseller API’s using SOAP.
Customer Development Solutions 11/2008 – 1/31/2009
Designed, deployed and supported Active Directory infrastructures, 3rd party mail systems, vmware servers (vmware server 2), openvpn and network infrastructure gear (routing, switching, firewalls, cabling and provider relationships).
Administered, automated, and supported client Netsuite accounts, including content management, inventory, marketing campaigns, financial reporting, and automation of daily/monthly flash reports using a custom built Java EE web service.
Monitored, documented, and supported internal and external facing servers.
Navisite (Systems Engineer) 9/2008 – 11/2008
Responsible for architecture and engineering of a new Windows Server 2003 & 2008 platform using the latest SuperMicro SuperBlade technology. Also supported internal HP (DL160/DL360/etc) servers used to administer and deploy customer blades.
Responsible for developing new processes and procedures to empower the creation of the platform as well as support the platform after launch.
Installed, configured, supported: Plesk control panel, BladeLogic clients, and network gear such as RSA security appliances, Cisco switches and PIX firewalls, SuperMicro blade switches, etc.
Assisted in solutions engineering process for customer builds, capacity planning, monitoring, and patch management automation.
Install, automate, configure, and support Plesk hosting control panel installations, including SQL server slipstreams.
Tata Consulting Services / BB&T (Enterprise Management Systems Engineer) 1/2008 – 3/2008
Enterprise Systems Management; created migration plan for 30,000+ servers from Microsoft Operations Manager 2005 to Systems Center Operations Manager 2007. (Dell Poweredge and HP servers)
Created project plan including prep work, milestones, testing, and project completion date.
Created custom rules and computer groups, VBScript custom monitor/response triggers, build custom WMI providers, etc.
Designed custom HIDS and Sarbanes-Oxley management packs to monitor internal and external facing systems per compliance regulations.
BTIA Inc. / bartending.com (freelance) 4/2007 –6/2007
Integration with clubzone.com XML feeds.
Integrate partner applications with core bartending.com framework and content management system, including videos, photos, and venues.
Integration with retailpig.com.
Hot Poker Nights (freelance) 4/2007 –6/2007
Created content managed website using PHP 5 for “pub poker” small business that allowed players to register online for events complete with administrative backend that allowed staff to keep track of player scores (and show top 25 players on home page) manage users, print rosters for events, store documents (waivers, etc), mange content on the website.
Created a second e-commerce website in flash and PHP that allowed them to sell custom made power tables.
Devel Labs (freelance) 1/2007 – 10/2008
Designed and implemented “SuiteTalk” application in PHP 5 which controlled A/C thermostats from a web browser.
Utilized ModBus protocol and PHP to send hex commands via TCP/IP wireless enabled devices to turn relays on/off.
Create front-end user interface which was customizable based on client floor plans that showed each hotel room, the thermostats in each, and the current readings, controls, and indicators. The client was able to control each thermostat from this front-end.
XpertDNS (freelance) 5/2007
Create multi-threaded Java SE dynamic DNS update client featuring Java Swing GUI and/or command line daemon to run as a service on *nix style operating systems.
Created server side PHP 5 rest style API to accept DNS update commands from the Java DDNS client or any other HTTP enabled client.
Advanced Website Designs (freelance) 2000 – 2010
Develop GUI applications which integrate with website functionality using custom built API’s.
Work with customers to develop an adequate look and ensure desired functionality meets expectations.
Manage client relationships and small teams of developers (offshore) to drive projects to completion.
Support and maintain shared hosting