Application Security And Cloud Architect Resume
2.00/5 (Submit Your Rating)
TECHNICAL SKILLS:
Programming Languages: Go; Java; C#; Objective - C; C/C++; Scala; JavaScript; CoffeeScript
Database Development: MySQL, SQLite, Firebird, MS SQL, Oracle, H2.
SKILLS:
- NoSQL: MongoDB, Cassandra
- Spring Framework, Spring Security , Spring Boot, Spring Cloud, Hibernate, EHCache, JPA,, AngularJS
- RESTful and SOAP Development JAX-RS and JAX-WS.
- Gradle and Maven build platforms
- SVN and GIT repository management.
- Gitorious and Github Repository Server environments.
- Jenkins, Sonar Code management, Docker.
- Testing platforms: JUnit, TestNG, Selenium, Mockito, Spock, EasyMock, PowerMockito, PowerMock
- AD/LDAP Server communication development
- Sharepoint Services Development and Configuration iOS and Mac OS X Developer
PROFESSIONAL EXPERIENCE:
Confidential
Application Security and Cloud Architect
Responsibilities:
- Architected and build security micro service as a department standard so that switching auth stores could be done seamlessly across 20+ micro service frameworks and without code changes to any of those services. Security as a Service
- Architected and build portal framework using a AWS lambda controller with and AngularJS widget model to integrate all internal applications. This framework is hot swappable and only presents app that a user is authorized to view. Being hot swappable made it so the reworked CI/CD flow that I helped architect could be seamlessly integrated and the production applications would be automatically added to the portal as they were deployed.
- Preformed security reviews for all software for the company, both internal and customer facing and across departments. Maintained security standards for these projects throughout their lifecycle from intake to production.
- Analyzed code bases for vulnerabilities and code quality using both Checkmark and WhiteHat Security.
- Architected and built a spark-like job engine that was more versatile and powerful. Using this job engine I was able to create a script using a polynomial expansion to a linear regression of all network traffic packets in the company with a poisoned time-limited cache to analyze and track malicious users through all of our companies software. This paired with a script to use graph analysis to track state between network nodes I was able to predict traffic patterns and pre-fetch into a memcache instance data that would be supplied to the user next. This greatly improved endpoint call times for users, thus improving experience.
- Designed and lead implementation of a new CI/CD flow in order to cut AWS server costs by ~60% across the company, using vapor structure methodology. This was able to save the company around $2mm annually.
- Uncovered security threats in offerings before and after they had gone to production and was able to catch a combination across 4 systems that could have allowed for a zero-day vulnerability on customer devices.
Confidential
Lead Architect
Responsibilities:
- Built entire rest backend by myself in a tight schedule of 3 months. Included well over 200 endpoints for various tasks needed by the marketing site, member Logged in site, app, and internal management site.
- Innovated new ways of combining JPA and JAX-RS implementations to make endpoints from single lines of code by also generalizing almost all of the boilerplate code and using IOC and AOP techniques to maintain fluidity of configurability.
- Created dynamic IOC based reporting and emailing workflow services where new workflows and emails to members can be added to the system without any code change.
- Lead development team teaching proper TDD and teaching spring and java best practices.
- Created an Internal IOS app for member event registration and check-in as well as worked on the IOS member booking app with another developer.
Confidential
Lead Developer
Responsibilities:
- Developed ordering site, which is a 2-war design. This code base uses Java with J2EE, SpringMVC, SpringAOP, Hibernate, JAX-WS, jaxb, and EHCache, along with other libraries on the first war that acts as a backend for the Web UI war, the embedded mobile applications, the rmw, and wap sites.
- Developed Web UI war uses Java with J2EE, SpringMVC, SpringAOP, Spring Security, JAX-WS, and jaxb, and other libraries again. To communicate with the backend war it uses SOAP and Rest to communicate with the backend. This has a JSP, HTML, CSS, and Flex UI.
- Developed utilities platform for the supporting applications, uses Java, J2EE, JDBC, Spring MVC, Spring Security, Spring AOP, Hibernate, Groovy, and many other current high-end technologies. This is used for site support as well as experimenting with new technologies for the main site.
- Developed Customer Service platform, which uses Java, J2EE, JDBC, Spring MVC, Spring Security, Spring AOP, and Hibernate with a JSP, HTML, and CSS front end.
- Performed security monitoring and performance testing using WebInspect and JMeter respectively
- Converted projects from Ant scripts to Maven
- Setup Sonar with PMD, Findbugs, and Checkstyle to monitor tech debt. Subsiquently lowered violations by ~40%
- Designed new rewards points system and refactored blocking non-synchronous code to a synchronous queue with configurable workload.
- Implemented AOP logging to help find and repair production defects.
- Designed and implemented predictive sales analytics using k-means to increase ticket sales.
- Implemented new design patterns and coding methodologies to cut down pain points in testing. As well as increased test coverage using TestNG, Mockito, Spock, and PowerMock.
- Used Agile/Scrum methodologies and bi-quarterly release SDLC.
Confidential
Development Architect
Responsibilities:
- Developed in Java, Flex, Spring 3.2, Hibernate 4.1.x, Xstream, JAX-RS, JAX-WS and others. It is built using Gradle and Bitrock. It works off of SQL Server, Firebird, PostgreSQL, or SQLite databases.
- Developed for LDD, a document distribution and management platform. Developed in Java, Flex, Spring 3.2, Hibernate 4.1.x, Xstream, JAX-RS, JAX-WS and others. It is built using Gradle and a home-built installer. It works off of Oracle, Firebird, PostgreSQL, or SQLite databases.
- Developed feature requests for Confidential ’s premise and cloud print server queues. Developed in C# and Groovy/Grails respectively. Uses LDAPv3 AD for authentication. Uses SQL Server or MySQL for database. Uses sharepoint for document and user management.
- Developed a System configuration tool using Java, Spring, and Xstream to read in xml configuration files and deploy and configure software on PC, Mac, and Linux.
- Developed Peer-to-peer print queue that can authenticate from client or print device and authenticate from LDAP or AD.
- Architected modular cloud print device, with plug and play like firmware.
- Designed to go with a cloud platform for easier customer managed capability additions.
- Testing with JUnit, H2, and Selenium. High levels of automation required to cut the costs of QA regression.
- Used Agile/Konbon methodology and short term SDLC deployment methods.
- Average of nearly 200 releases per year in a rapid development environment.
Confidential
Contracting Developer
Responsibilities:
- Developed for Confidential, a fleet management software.
- Developed in Java, Flex, Spring 3.2, Hibernate 4.1.x, Xstream, JAX-RS, JAX-WS and others. It is built using Gradle and Bitrock. It works off of SQL Server, Firebird, PostgreSQL, or SQLite databases.
- Implemented Spring Security to give granular role access for users.
- Designed Rest and Soap endpoints with JAX-RS and JAX-WS.
- Redesigned the settings and printer meta-data to increase efficiency from a multi-factory/builder system to a single factory system. This lowered Bean size and development time by 60-80%
- Designed the configuration package implementation for tighter packaging of settings, firmware, software deployments, and licensing.
- Implemented LDAP and AD support and user management.
- Designed and implemented the multi-NIC.
- Implemented reporting of device statistics and maintenance requirements.
- Used Github with pre-commit code reviews.
- Used sonar, Findbugs, PMD, and Checkstyle for code health reporting.
- Used JUnit, H2, and Selenium for unit, integration, and Smoke testing.