Back to Search Results

Christopher P.

Linux specialist - security, reliability, scalability, programming

Commitment
0/ 5
Competency
0/ 5
Reliability
0/ 5
  • Overall Experience: 31 Years  
  • Amazon Relational Database Service:
  • Android:
  • Apache Jakarta POI:
  • Apache Tomcat:
  • API Development:
+ More

Christopher P. 

Linux specialist - security, reliability, scalability, programming

Commitment
0/5
Competency
0/5
Reliability
0/5

Time zones ready to work

  • Central Daylight [UTC -5]

Willing to travel to client location: May be  

About Me 

With 23 years of day/night/weekend Linux experience, programming since 1983, and founding a $44,000,000 startup in 1996, I help fast growing start-ups scale their Linu

With 23 years of day/night/weekend Linux experience, programming since 1983, and founding a $44,000,000 startup in 1996, I help fast growing start-ups scale their Linux services securely and reliably.

Show More

Interview Videos

Signup to see videos

Risk-Free Trial, Pay Only If Satisfied.

Portfolios

Security Engineer - Doctor on Demand

Website Link: https://www.doctorondemand.com

Role:

    • Auditing Python Django source code and implementing remediations for security vulnerabilites and cryptography standard practices
    • Reviewing Google Cloud Platform (GCP) network configurations (VPC)
    • A few hours of Terraform
    • Assisting with workflow
    • Auditing Python Django source code and implementing remediations for security vulnerabilites and cryptography standard practices
    • Reviewing Google Cloud Platform (GCP) network configurations (VPC)
    • A few hours of Terraform
    • Assisting with workflow improvements to infrastructure as code and change control to reduce risk and improve auditability
Show More

Skills: LinuxPythonDjango

Tools: VimBash

Senior Security Architect / Site Reliability Engineer - Paubox

Website Link: https://www.paubox.com/analytics/mail-stats/outbound?customer_id=8

Role:

    • Increased reliability 10x in 6 months by removing points of failure, adding redundancy and exception handling/logging, to C, Ruby, PHP, Perl, and BASH
    • Reduced AWS costs by 50%
    • Discovered and mitigated SQL injection vulnerability that could result in privi
    • Increased reliability 10x in 6 months by removing points of failure, adding redundancy and exception handling/logging, to C, Ruby, PHP, Perl, and BASH
    • Reduced AWS costs by 50%
    • Discovered and mitigated SQL injection vulnerability that could result in privilege escalation
    • Site Reliability Engineering of 50 mostly unique systems operating web services, webmail, postfix SMTP, IMAP, and POP3 in AWS
    • Auditing Ruby and PHP source code for security best practices
    • Implemented server monitoring in BASH shell scripting and AWK via git / Github
    • Performed Nessus and nmap vulnerability and port scans, reviewing results for applicable security risks
    • Deployed and configured services/servers in AWS
    • Set up MySQL access controls and replication
    • SPF record management and automation, spam filtering, complex postfix configuration
    • Implemented HITRUST / HIPAA requirements
    • Deployed centralized syslog/rsyslog logging service
    • Administered NGINX
    • Migrated manually maintained system configurations into centralized management (GitOps)
    • Deployed OWASP web application filter (WAF) with ModSecurity
    • Debugged server load issues and tuned for performance
    • Disaster recovery (DR) planning on AWS EC2/VPC/EBS
    • Deployed MySql / MariaDB replication with automatic failover
    • MySQL/Mariadb Database administration - SQL query optimization, access controls, performance tuning
    • tumgreyspf administration
    • Fixed bugs in PERL, Python, Javascript, and Ruby code
    • Wrote tools using Python/MYSql connector and YAML
    • ClamAV anti-virus administration
    • Enable snapshot lifecycle on 150 AWS volumes using JSON/JQ and AWS CLI
    • Postfix administration and log analysis
    • Designed phased update rollout process using iptables connection limiting
    • Resolved UNICODE database incompatibility issue
    • Audited configurations and software versions for security issues
    • Layer 1/2/3 network debugging with tcpdump
    • Advanced iptables re-routing
    • Wrote predictive disk space monitoring in BASH/AWK
    • DKIM/DMARC/ARC set up and configuration
    • Real-time log redaction via rsyslog configuration
    • Implemented data to mysql in real time using rsyslog
    • Wrote Boto3/python AWS snapshot and volume tagging to add snapshot lifecycles and identify unattached volumes and snapshots
    • NGINX log and database query correlation analysis for causes of slow web responsiveness
    • Sourcing and screening canditates for my replacement using LinkedIn and Angel.co/AngelList recruiting interface
    • Documenting my workflow in Markdown, commenting code, putting instructions into alerts, and removing cruft, for the next person
Show More

Skills: Shell ScriptingVim

Tools: VimBashAWKtcpdump

Security Engineer / Blockchain - New Alchemy

Website Link: https://newalchemy.io

Role:

  • Produced security audit reports for client's Ethereum Solidity blockchain smart contract / cryptocurrency source code, of network security concerns for each client, using truffle, solhint, git, jq, solc, github, and vim.
  • Automated detection of non use of OpenZeppelin's Sa
  • Produced security audit reports for client's Ethereum Solidity blockchain smart contract / cryptocurrency source code, of network security concerns for each client, using truffle, solhint, git, jq, solc, github, and vim.
  • Automated detection of non use of OpenZeppelin's SafeMath, dividing without using remainder, non view functions without an emit call, and dividing before multiply; by adding lint rules to solhint in JavaScript
  • Automated and templated initial report generation by writing custom ESLint output formatter for solhint to match company style
Show More

Skills: SolidityAho Weinberger and Kernighan - (AWK)JavaScript

Tools: VimBashAWKOpenZeppelintruffle

Supercomputer Engineer / Security Team - Cray, Inc

Website Link:

Role:

  • Automated build and test of security patch update process using BASH shell scripting on Linux, for National Laboratories and similar supercomputing systems (DevSecOps / DevOps)
  • Streamlined and improved reliability, maintainability, and security, of Python based SUSE security patc
  • Automated build and test of security patch update process using BASH shell scripting on Linux, for National Laboratories and similar supercomputing systems (DevSecOps / DevOps)
  • Streamlined and improved reliability, maintainability, and security, of Python based SUSE security patch deployment process, by removing dependencies, 100s of lines (75%) of code, and adding fail-fast logic in place of fail-silently logic usingoffensive programmingmethods (assertions and strict data types) (DevSecOps) to focus on business objectives
  • Researched impact of zero-day vulnerabilities to recommend patch schedules and/or mitigations
  • Reported internal network and product security vulnerabilities and remediations to appropriate departments
Show More

Skills: C Language

Tools: Vim

Security Architect / Red Team / Cloud Security Engineer - Code42, Inc

Website Link: http://www.code42.com

Role:

    • Discovered over 12 critical network security and application security (AppSec) vulnerabilities in Java/J2EE code, network/LAN/VLAN and firewall configurations, and cryptography implementations (encryption, TLS, public-key cryptography), using source code auditing (static analy
    • Discovered over 12 critical network security and application security (AppSec) vulnerabilities in Java/J2EE code, network/LAN/VLAN and firewall configurations, and cryptography implementations (encryption, TLS, public-key cryptography), using source code auditing (static analysis) and dynamic analysis
    • Directed mitigation of vulnerabilities through resolution with IT, Development, and Operations teams
    • Performed threat modeling of entire attack surface through the layers of access controls to critical data targets in acyclic directed graph format (using Graphviz)
    • Audited PostgreSQL database schema for proper credential storage and access controls
    • Overhauled and streamlined company firewall rules using iptables on Linux
    • Assisted Marketing with security related customer facing commitments for consistency with existing architecture, accuracy, and appeal to security minded audiences
    • Researched impact of zero-day network security vulnerabilities for patch scheduling and mitigation
    • Assisted in implementation and application of PCI and OWASP controls
    • Oversaw and verified deployment of critical security updates / patches of third party code
    • Automated business continuity management (BCM) and disaster recovery (DR) usingSemantic MediaWiki (SMW / semanticwiki), enabling each role to document expected maximum downtime, with DR plan, last DR test date, and calculated cumulative net agreed upon downtimes, displayed on each service's company-wide viewable page. Implemented generated summary page of tabulated verification dates and maximum downtimes for easy management review
    • Automated Nessus to JIRA issue ticket creation to decrease vulnerability response time
    • Tools used: Nessus, BurpSuite, nmap, tcpdump, curl, netstat
Show More

Skills:

Tools: NessusBash

+ More

Employment

Security Engineer

2019/08 -

Skills: LinuxVimShell Scripting

Your Role and Responsibilities:

See "Projects list" for employment history.

See "Projects list" for employment history.

Education

1996 - 2020

Skills

Amazon Relational Database Service Android Apache Jakarta POI Apache Tomcat API Development
+ More

Tools

Vim Bash AWK MTR tcpdump
+ More

Preferred Languages

English - Native/Bilingual English - Native/Bilingual