Information Security Devops Engineer
Resume:
GLEN GEROD
****@*****.***
San Francisco, Ca
(able to work remotely)
SUMMARY
Cloud Information Security GRC Servers Network Linux Scripting Management Information security Senior Cloud Production Support / SRE / DevOps Engineer / Operations Manager with over 25 years of IT experience across several industries with an emphasis on financial organizations, biotech, and big data.
TECHNICAL SKILLS
●Operating Systems: Linux (expert), MS Windows, macOS
●Programming/Scripting: python (expert), JavaScript, bash shell, perl, C, SQL
●Networking: architecture and hardware, TCP/IP, packet analysis (tcpdump / wireshark)
●DevOps infrastructure as code and configuration management: Ansible, Chef, Puppet, Terraform, AWS CloudFormation, Salt, CFEngine
●Big Data: Hadoop, Cloudera, Apache Spark, Kafka, Cassandra
●Cloud: AWS, OpenStack, Azure, GCP
●Containers and VM: Docker, Kubernetes, VMware
●Load balancing: AWS ELB ( ALB / Classic ), HAProxy, Resonate, Alteon, F5
●SAN: NetApp, EMC2, StorageTek, Hitachi
●Monitoring Software: Nagios / Icinga, Datadog, Splunk, Kibana (ELK), Zabbix, Grafana, HP Openview, Sitescope, MRTG, SNMP
●Systems and network security: firewalls, security groups, NACLs, VPC, PCI and GRC audits (SOC 2, FedRAMP), hardening, vulnerability scanning and remediation, incident response, intrusion detection, encryption, forensics, blockchain
INDUSTRY CERTIFICATIONS
● AWS Certified Solutions Architect – Associate
● AWS Certified SysOps Administrator – Associate
● Advanced Cybersecurity Certification - CCSF
● Palo Alto Networks – Accredited Configuration Engineer
● CompTIA - Security+
● SANS GSEC - GIAC Security Essentials
● SANS GCED - GIAC Certified Enterprise Defender
● SANS GCIH - GIAC Certified Incident Handler
● CompTIA - Linux+
● Linux Professional Institute LPIC-1 certification
● Professional Certificate - Blockchain Fundamentals. UC Berkeley
● Completed Certificate program - Project Management. UC Berkeley
● Completed Certificate program - Telecommunications Engineering. UC Berkeley WORK EXPERIENCE
Senior Cloud Security Engineer 2022 – 2025
Hewlett Packard Enterprises in San Jose, Ca.
● Ongoing vulnerability scanning, detection, assessment, ticketing and remediation of production infrastructure.
● GRC team leading ongoing PCI and FEDramp audits.
● Heavy use of Qualys tools, Burp suite, python scripting,
● AWS infrastructure.
● Digitial Forensics and Incident Response.
● Synack continuous security testing.
Senior Cloud Security Engineer 2021 – 2022
Tala in Santa Monica, Ca.
● Responsible for ensuring AWS cloud security, host and container patching, and code scanning on clusters spanning three continents.
● Protection of financial services data. ISO27001 audit principal.
● Penetration testing, vulnerability analysis, and remediation. I
● mplemented Lacework cloud security platform.
● Veracode scanning and working with developers to ensure secure coding practices.
● Kubescape open source tool for NSA and CISA security hardening tests. Senior Security Engineer 2019 – 2020
Tripactions in Palo Alto, Ca.
● DevSecOps on AWS microservice architecture.
● Linux, Jenkins, Docker, Kubernetes, GitHub, Datadog.
● Rolled out Snowflake DB / Snowalert SIEM implementation.
● Created Grafana and Metabase dashboards to monitor security incidents and posture.
● Ongoing pentest remediation and tracking.
● PCI, SOC1 and SOC2 audits with ZenGRC integrated with Jira.
● Burpsuite Professional verification and remediation of OWASP vulnerabilities.
● Worked with groups across the company (network, developers, IT, GRC, Infrastructure, QA ) to track and improve our security posture.
● Implemented Hunters AI to use machine learning to detect covert attacks, data exfiltration, and incidents.
● AWS security tools ( GuardDuty, CloudWatch, Inspector, Security Hub, IAM, Config, KMS ) Cloud Devops Engineer 2019 – 2019
Comcast Silicon Valley in Sunnyvale, Ca.
● AWS and OpenStack clouds.
● Big data using Cassandra, Apache Spark, and Kafka.
● Yugabyte DB implementation.
● Ansible and Terraform infrastructure as code scripting.
● Python 3 with Boto3 SDK for AWS monitoring and auditing and other devops tasks.
● Jenkins based CI/CD pipeline configuration and monitoring.
● Microservice architecture on Docker with Kubernetes container orchestration.
● Did multiple service migrations between cloud providers.
● Initiated and completed a project to migrate all Linux SSH access to use signed certificates in the same method as Facebook and Netflix.
● Dashboard and alert creation along with automation of remediation. Sr DevOps Engineer/Manager 2015 – 2018
You Technology, Inc. in Burlingame, Ca.
● Production support team handling all aspects of our AWS production stack.
● Security reviews and remediation.
● Single sign on with Jumpcloud. 2FA with Duo.
● Data loss prevention.
● Bash and python scripting. Weekly releases.
● Ansible, docker, Jenkins, grafana, pagerduty, zabbix, pingdom, SVN.
● AWS cloud infrastructure: Linux on EC2, S3, ELB, VPC, Route 53, CloudWatch, CloudFormation, CloudTrail, IAM, SNS, SQS, AWS CLI, Boto3 SDK.
● Implemented Splunk dashboards and alerts to speed up issue detection and resolution.
● Converted manual release processes to ansible scripts.
● Microsoft Azure cloud infrastructure as a backup. VP Engineering (hands on individual contributor, consultant basis at startup) 2015-2020 Secure Overcast LLC in Menlo Park, Ca.
● Handled the managed security services for clients.
● SOC management and incident handling.
● Conducted vulnerability assessments, and application security testing, and remediation.
● HIPAA, PCI DSS. OWASP top 10 vulnerability audits.
● Tuning the IDS / SIEM / UTMS platform.
Senior Operations Engineer 2013 – 2015
Gap Tech in San Francisco, Ca.
● Built and supported all levels of Gap Inc. server and network production infrastructure.
● VMware vSphere administration. Appliance VM deployment.
● Chef infrastructure as code automation for Red Hat linux server builds, configuration, and deployments.
● SAN migrations (netApp, Isilon)
● Security update implementation and verification.
● Implemented a 2FA project for all Linux servers protecting the infrastructure.
● Worked closely with security team to roll out new projects.
● Security audits and remediation. Data loss prevention. Senior Operations Engineer 2010 – 2012
Vindicia in Belmont, Ca.
● CentOS and Red Hat enterprise Linux on Supermicro and HP Blade servers with an Oracle DB tier.
● F5 load balancers. Cisco ASA firewalls. Hitachi SAN.
● Monitoring via Nagios and cacti graphs.
● Scripting (perl and bash). Tool and custom alert creation.
● Code deployments, security audits, network and stack troubleshooting, log archiving, backups, email routing (postfix).
● Ongoing security scans, reviews and remediation for ongoing PCI audits.
● Bare metal with a VM layer on top. All aspects of the stack tuned, constantly monitored, and automated.
Senior Network Operations Engineer 2008 – 2010
Akamai Inc. in San Mateo, Ca.
● Operational ownership of the largest Akamai server network (30,000 Ubuntu Linux servers worldwide). 24x7 on call.
● Remedy ticketing system, perforce revision control, firewall access control lists.
● Liaison with developer and service performance groups for tri-monthly software and security patch rollouts.
● Continuous improvement and updates to network monitoring and alerting.
● This was Akamai’s flagship edge network CDN product, and during my tenure we had extensive growth and many challenges with massive traffic spikes from large events we supported such as the Olympic games.
● Protection from DDOS attacks.
Senior Production Support Engineer 2007 – 2008
Yahoo! Inc. in Sunnyvale, Ca.
● Production support of the Small Business Systems servers and infrastructure (FreeBSD on HP) which was highly visible and needed constant care to protect the company brand reputation. New server farm deployment using NetApp filers. Day to day monitoring (Nagios) and troubleshooting of UNIX system/applications, networking architecture, SQL. Apache, DNS, network troubleshooting, load balancers, Akamai CDN. Bash shell and Perl scripting and automation. Capacity planning and benchmarking infrastructure. Performance Tuning (UNIX, network, webserver). Security related issues.(DDOS) Project management and tracking. Senior Production Support Engineer 2002 – 2007
Wells Fargo and Company in San Francisco, Ca.
● Wells Fargo online banking and brokerage site production support. 24X7 oncall. iPlanet web servers, BEA WebLogic, ATG Dynamo, Oracle, and F5 BIG-IP support. Solaris8/10. SCO and Red Hat Linux. SSL certificate management. Unix shell and perl scripting. Remedy change management system. HP OpenView, Wily Introscope. Team lead on multiple projects. Implemented Powerbroker privilege management. Raptor Firewall deployment. Stonebeat deployment. Cyclades terminal server and Avocent KVM over IP deployment. Tripwire deployment. Netegrity SiteMinder. BMC Remedy and Patrol. Veritas tools. Sanctum AppScan. VMware. Silk Performer. TestTrack Pro. Jabber deployment. @Stake WebProxy for code reviews. Project management.
EDUCATION
University of California San Diego March 1993
● B.A. in Applied Mathematics Scientific Programming
● B.A. in Economics
Santa Clara University June 2008
● MBA
Contact this candidate