+1 (415) 644 5123
+44 1253 335595
+91 9875 492266
Christopher
New York
,
United States
Linux specialist - security, reliability, scalability, programming
216000 USD / Year
-
Notice Period: 14 Days
31 Years
About Me
With 23 years of day/night/weekend Linux experience, programming since 1983, and founding a $44,000,000 startup in 1996, I help fast growing start-ups scale their Linux services securely and reliably.
... Show MoreSkills
Programming Language
Operating System
Others
Web Development
Development Tools
Database
Networking & Security
Software Engineering
Portfolio Projects
Company
Founder of successful startup to IPO - Oth.Net
Role
Software Architect
Description
- Founded top 1000 web search engine earning $500,000 of ad revenue in first 2 years, reaching over 1,000,000 daily page hits from over 100,000 daily users using C (for indexed substring search, FTP client, and web crawler), AWK, RegEx, and BASH shell scripting, on a single Linux server
- Raised $2,768,000 in venture capital
- Took public (IPO) to a peak market capitalization of $40,000,000
- Mentioned in The Wall Street Journal page B1, center article, June 15, 1999 and several books
- Solely invented, developed, and applied for patent for peer to peer distributed file sharing and video streaming protocol in C++
- Designed and implemented Digital Rights Management (DRM) controls using DNS lookups for scalability
- Developed click-through optimizing ad rotator and billing system in C
Tools
BashSenior Cloud Architect / Senior Storage Engineer / Site Reliability Engineer- Code42, Inc
https://www.code42.comCompany
Senior Cloud Architect / Senior Storage Engineer / Site Reliability Engineer- Code42, Inc
Role
Software Architect
Description
- Migrated DNS configurations into change control process using git
- Reduced per-server downtime and data loss by 99% by bringing Linux systems up to standard practices
- Improved office internet connectivity using Linux's traffic control (tc) to support 100s of employees over a single 10/100Mbps connection (while waiting for fiber to be run)
- Presented with a PIN by the CEO at 500 person all company meeting for identifying $6,000,000 of unused data center hardware
- Diagnosed service bottlenecks in Java/J2EE code using netstat, strace, tcpdump, curl, traceroute, iostat, etc
- Led a team of 5 in system administration of $30,000,000 of datacenter servers in a private cloud
- Automated resolution of 90% of on-call pages for server issues, with automated JIRA ticket filing with debugging information to reach pro-active resolution
- Recovered XFS file systems corrupted by defects in hardware RAID cards, using custom C code
- Scaled performance and reliability of primary PostgreSQL (Postgres) SQL relational database by optimizing SQL queries, and simply adding more RAM (after others had attempted many more complex, costly, and downtime causing solutions)
Company
Security Architect / Red Team / Cloud Security Engineer - Code42, Inc
Description
-
- Discovered over 12 critical network security and application security (AppSec) vulnerabilities in Java/J2EE code, network/LAN/VLAN and firewall configurations, and cryptography implementations (encryption, TLS, public-key cryptography), using source code auditing (static analysis) and dynamic analysis
- Directed mitigation of vulnerabilities through resolution with IT, Development, and Operations teams
- Performed threat modeling of entire attack surface through the layers of access controls to critical data targets in acyclic directed graph format (using Graphviz)
- Audited PostgreSQL database schema for proper credential storage and access controls
- Overhauled and streamlined company firewall rules using iptables on Linux
- Assisted Marketing with security related customer facing commitments for consistency with existing architecture, accuracy, and appeal to security minded audiences
- Researched impact of zero-day network security vulnerabilities for patch scheduling and mitigation
- Assisted in implementation and application of PCI and OWASP controls
- Oversaw and verified deployment of critical security updates / patches of third party code
- Automated business continuity management (BCM) and disaster recovery (DR) using Semantic MediaWiki (SMW / semanticwiki), enabling each role to document expected maximum downtime, with DR plan, last DR test date, and calculated cumulative net agreed upon downtimes, displayed on each service's company-wide viewable page. Implemented generated summary page of tabulated verification dates and maximum downtimes for easy management review
- Automated Nessus to JIRA issue ticket creation to decrease vulnerability response time
- Tools used: Nessus, BurpSuite, nmap, tcpdump, curl, netstat
Company
Supercomputer Engineer / Security Team - Cray, Inc
Description
- Automated build and test of security patch update process using BASH shell scripting on Linux, for National Laboratories and similar supercomputing systems (DevSecOps / DevOps)
- Streamlined and improved reliability, maintainability, and security, of Python based SUSE security patch deployment process, by removing dependencies, 100s of lines (75%) of code, and adding fail-fast logic in place of fail-silently logic using offensive programming methods (assertions and strict data types) (DevSecOps) to focus on business objectives
- Researched impact of zero-day vulnerabilities to recommend patch schedules and/or mitigations
- Reported internal network and product security vulnerabilities and remediations to appropriate departments
Tools
VimCompany
Security Engineer / Blockchain - New Alchemy
Role
Software Architect
Description
- Produced security audit reports for client's Ethereum Solidity blockchain smart contract / cryptocurrency source code, of network security concerns for each client, using truffle, solhint, git, jq, solc, github, and vim.
- Automated detection of non use of OpenZeppelin's SafeMath, dividing without using remainder, non view functions without an emit call, and dividing before multiply; by adding lint rules to solhint in JavaScript
- Automated and templated initial report generation by writing custom ESLint output formatter for solhint to match company style
Tools
Vim Bash AWK OpenZeppelin truffleSenior Security Architect / Site Reliability Engineer - Paubox
https://www.paubox.com/analytics/mail-stats/outbound?customer_id=8Company
Senior Security Architect / Site Reliability Engineer - Paubox
Role
Software Architect
Description
-
- Increased reliability 10x in 6 months by removing points of failure, adding redundancy and exception handling/logging, to C, Ruby, PHP, Perl, and BASH
- Reduced AWS costs by 50%
- Discovered and mitigated SQL injection vulnerability that could result in privilege escalation
- Site Reliability Engineering of 50 mostly unique systems operating web services, webmail, postfix SMTP, IMAP, and POP3 in AWS
- Auditing Ruby and PHP source code for security best practices
- Implemented server monitoring in BASH shell scripting and AWK via git / Github
- Performed Nessus and nmap vulnerability and port scans, reviewing results for applicable security risks
- Deployed and configured services/servers in AWS
- Set up MySQL access controls and replication
- SPF record management and automation, spam filtering, complex postfix configuration
- Implemented HITRUST / HIPAA requirements
- Deployed centralized syslog/rsyslog logging service
- Administered NGINX
- Migrated manually maintained system configurations into centralized management (GitOps)
- Deployed OWASP web application filter (WAF) with ModSecurity
- Debugged server load issues and tuned for performance
- Disaster recovery (DR) planning on AWS EC2/VPC/EBS
- Deployed MySql / MariaDB replication with automatic failover
- MySQL/Mariadb Database administration - SQL query optimization, access controls, performance tuning
- tumgreyspf administration
- Fixed bugs in PERL, Python, Javascript, and Ruby code
- Wrote tools using Python/MYSql connector and YAML
- ClamAV anti-virus administration
- Enable snapshot lifecycle on 150 AWS volumes using JSON/JQ and AWS CLI
- Postfix administration and log analysis
- Designed phased update rollout process using iptables connection limiting
- Resolved UNICODE database incompatibility issue
- Audited configurations and software versions for security issues
- Layer 1/2/3 network debugging with tcpdump
- Advanced iptables re-routing
- Wrote predictive disk space monitoring in BASH/AWK
- DKIM/DMARC/ARC set up and configuration
- Real-time log redaction via rsyslog configuration
- Implemented data to mysql in real time using rsyslog
- Wrote Boto3/python AWS snapshot and volume tagging to add snapshot lifecycles and identify unattached volumes and snapshots
- NGINX log and database query correlation analysis for causes of slow web responsiveness
- Sourcing and screening canditates for my replacement using LinkedIn and Angel.co/AngelList recruiting interface
- Documenting my workflow in Markdown, commenting code, putting instructions into alerts, and removing cruft, for the next person
Skills
Bash Shell Scripting Python VimCompany
Security Engineer - Doctor on Demand
Description
-
- Auditing Python Django source code and implementing remediations for security vulnerabilites and cryptography standard practices
- Reviewing Google Cloud Platform (GCP) network configurations (VPC)
- A few hours of Terraform
- Assisting with workflow improvements to infrastructure as code and change control to reduce risk and improve auditability
Verifications
-
Profile Verified
-
Phone Verified
Preferred Language
-
English - Native/Bilingual
-
English - Native/Bilingual
Available Timezones
-
Central Daylight [UTC -5]