SUMMARY:

My primary objective is continued development in Object - oriented technologies and languages, with general focus on Service Oriented Architecture/Patterns, and Model-Driven Design, as applied across the development process in designing, implementing, and delivering elegant and efficient software solutions with top-notch development teams. Secondarily, I have strong interest in continuing my investment in specializing in security development technologies and practices across the entire software development lifecycle to secure mission critical applications and data.

SKILLS:

• Java (Certified with Sun Java Programmer ) With focus on server side design and development: Web Services, ESB, SOA-based solutions, Sockets, Threading, JavaBeans, JDBC, Servlets, and JSP. UI development experience with Eclipse-based technologies (SWT, JFace, RCP), Swing, and AWT.
• C/C++/Objective C (Unix, Macintosh, Microsoft platforms) General programming experience. (Threading, Networking, Security.)
• Web Services / Service Oriented Architecture, using Oasis interoperability standards
• Enterprise Security, focusing on WS-Security, SAML, J2EE Security
• Cloud-based Solution Design and Development, specifically using the Google App Engine platform
• Mobile Application Development (iOS and Android based platforms)
• Distributed, large scale service architecture technologies
• Service Messaging Technologies: REST, SOAP, RMI, and CORBA
• Distributed message queue oriented systems: JMS, ZeroMQ, Push Notification (iOS/Mac OS X), Amazon SQS and SNS
• Distributed compute technologies: Apache Hadoop (Map/Reduce, YARN), Twitter Storm
• Application Design and Implementation for Elastic Cloud Infrastructure (both IaaS, PaaS), specifically having used: Google App Engine, Amazon AWS, Salesforce
• Design and development using Eclipse technologies, including: Rich Client Platform, OSGi Plug-in Framework, SWT/JFace UI, Eclipse Platform Product development and deployment, Core Framework
• Java-specific technologies, including: SQL/JDBC integration, JSP/Servlet programming and HTML integration, JNI (Java/Native code integration), Collections (including JDK 1.5), Generics, Enterprise Applications (creation, configuration, deployment)
• Extensive use of Confidential WebSphere product family for Enterprise Java Application development and deployment, including s (See “Other Information” below). Most projects developed using WebSphere Application Server 1.0-7.0, WebSphere Portal Server 5.x, WebSphere Process Server and ESB v6.0 - 6.2, as well as multiple open-source J2EE/JEE server projects (mainly Glassfish, Apache Tomcat, Apache Geronimo, and JBoss).
• Python (primarily enabling Python embedding into Java applications using Jython, also Django on Google App Engine)
• Microsoft COM (also Mozilla XPCOM), Win32, MFC
• Design and Code documentation (UML, Rational Platform Tools, JavaDoc, Doxygen)
• Familiarity with standard development tools (The GNU Tool Chain, CVS, SVN, Mercurial, Ant, Maven, Visual Studio, Project Builder, etc…)
• Unix use and administration (Linux, Solaris, OpenBSD, AIX)
• Use of Memory and Performance Profiling Tools (Rational PurifyPlus)

EXPERIENCE:

Confidential

Senior Software Engineer

Responsibilities:

• Continuing my career focus in the games industry specializing in Platform tier services and integration of Game, Payment Service, and Commerce integration from my prior Game Platform Services engineering work.
• I have been delighted to bring my experience to Confidential ’s Platform and Game engineering group, and as with previous Platform teams, I enjoy the opportunity to ‘wear multiple hats’ and support a larger breadth of game, finance, and third party teams that such a central tier within an MMO-focused game publisher demands of a successful operation.
• Drove the engineering effort to upgrade the underlying Platform technology stack from 2008-era frameworks and libraries to ‘present-day’ versions.
• Provided On-Call support during the initial period when Platform was not well understood . I was hired as a part of the re-staffing of the Platform team, which had little-to-no transfer of knowledge of a deep understanding of the collective Platform system. This required quick, on-our-feet investigation and planning remediation with often only non-correlated Splunk log queries to aid in on-call critsits. This is a good way to learn an unknown system, and the stability of Platform after three years of redevelopment testifies to having relearned the deep understanding that was lost. Good refactoring choices driven by on-call pain points yielded a more stable and less critsit-prone system.
• I mplementing the Platform-side system for our internal Anti-Hack / Anti-Cheat game client binary integrity solution.
• Used in-memory distributed cache to optimize payload checking in real time (within as few server frames as possible to enact swift justice against cheaters and maintain player experience for the rest of the population.)
• Reimplementing the Financial Chargeback processing system. This financially-critical system originally operated in a non-idempotent manner when recording the transaction reversals, breaking Finance reporting of accurate bookkeeping. Worked with BI to ETL the corrections into the ERP solution so that bookkeeping was accurate. Worked with Customer Support to provide better integration of fraud handling due to Chargebacks.
• Reimplemented the iOS ‘Glyph Authenticator’ 2-factor authentication application for 64-bit support necessary to prevent delisting during the iOS 10 32-bit purge. Completely reimplemented the layouts for post iPhons3/3GS retina screen native resolutions.
• Diagnostic support for the macOS version of our Glyph installer platform, particularly surrounding the OpenSSL deprecation during the ATS migration and the mandatory removal of SSL/TLS cypher protocol suites known to be compromised
• Apache Struts 2
• Spring Framework
• Hibernate (heavily modified)
• Drools rules engine
• Multiple MQ technologies (ActiveMQ, RabbitMQ, etc…)
• Multiple ESB-style integration frameworks (Apache Camel, Spring Integration)
• Tomcat, Java, Docker, and Kubernetes deployment
• Integration (synchronous and heavily asynchronous) with multiple third party services, APIs, and endpoints of low moral fiber with respect to established conventions.
• Transaction correlated instrumentation via New Relic for monitoring and failure insight not explicit in logs between interoperating systems.

Server Engineer

Confidential

Responsibilities:

• Worked on loan from the Platform Team during development of Confidential in the capacity of Game Server Engineer for a six month period through to Beta wind-down (in the last week of Beta lockdown), providing supplementary engineering support and consulting on analysis to help harden performance deficiencies and stability issues with the previous implementation of the original game.

Confidential

Senior Software Engineer

Responsibilities:

• Development of OpenID-based Single Sign-On third party account integration
• Research and Integration of Amazon Web Service based cloud technologies, specifically Amazon DynamoDB, Kinesis, EMR, and Redshift
• Provided architecture design for abstracted data subsystem services for simple client consumption

Contractor

Confidential

Responsibilities:

• Integration with multiple Amazon cloud technologies (SES. SQS. S3. RDS, Etc…)
• Implementation of platform services, such as
• Geo-IP location services for region-specific behavior and compliance
• The core “account entitlement” system (for user licensing rights management)
• Event-based account email delivery and content (for account registration, activation, etc… system email delivery and audit tracking)
• Base implementation of in-memory cluster caching and service grid using Apache Ignite
• Cursory research and planning for system metrics analytics, using Apache Ignite and DropWizard Metrics
• Core infrastructure and systems

Confidential

Responsibilities:

• Design and implementation of infrastructure services
• Provided generalized availability service for managing and diagnosing the Confidential stack in production
• Provided database schema versioning service, capable of deploying schema upgrades to both standard RDBMS systems (specifically supporting MySQL) as well as NoSQL systems (specifically Cassandra) in a generic way using declarative XML
• Implemented core Java EE container integration for the Confidential application for the Wildfly 8 Java EE 7 compliant application server hosted within Amazon.
• Design and implementation of SIP Telephony integration for Confidential
• Implemented SIP telephony integration using the OpenCloud JAIN SLEE stack within the Amazon EC2 cloud.
• Provided integration for BetterVoice third-party telephony services
• Implementation of application business logic for Confidential
• Provided initial build engineering and support infrastructure during initial project startup

Confidential

Software Engineer

Responsibilities:

• Design and Implementation of common Core Platform enterprise services and business logic, specifically:
• Commerce and Financial Systems: MTX, Subscription Services, Paid In-Game Entitlements and Services (such as Paid Character Transfer, Rename), Account Commerce Services for In-game and/or Web Storefronts
• Security Services: Federated Identity, Multi-factor Account Authentication, User Authorization/Entitlement, Security Logging/Auditing
• Game-critical Services: Game server/shard registry and Deployment Configuration Properties, Controlled Access of in-game related services to external, downstream services (such as Customer Support, Web)
• Customer Support Services and Infrastructure
• Implementing Platform Service Integration and Providing On-boarding Support for Platform Customers
• Developing Platform Integration for Consuming External Services and Service Providers:
• Parent Company Centralized Services ( Confidential ), specifically for Identity and Commerce Services
• User Messaging - Internet Email Services, In-game chat and messaging
• Third Party Product Services - Moxie for Knowledge Base, Smack for Chat Services, DevTrack for User Bug Tracking and Issue Submission
• Game Integration - Integration gateway implementing Platform Support for game management functionality (kicking users, delivering in-game items and services)
• Providing Service APIs and On-boarding Support for Platform Downstream Consumers:
• Customer Support - Providing integration with Platform services for supporting user issues related to commerce, user account, and in-game experience problems
• Web - Account Management, Authentication, Commerce
• Business Analytics and Intelligence - Game Events and Telemetry, Security/Account Audit Logging
• Game Server - In-game Commerce/MTX/Storefront, User Account, User Authentication, CS Ticketing and Knowledge Base Help Services
• Ownership and Responsibility Customer Support Backend Enterprise Services and Business Logic Systems
• Authoring Technical Documentation and Knowledge Transfer for Platform Systems, including:
• Architecture and Design Documentation
• Customer-facing Platform Service APIs and Protocols
• Source-code level documentation and (if applicable) auto-document generation comments documentation
• Production / Ops Related Support Documentation (specifically for Deployment, Operational Management, and Troubleshooting)
• Live Production Support and Troubleshooting Assistance
• Provided ‘stand-up’ support for setting up new services and systems in the live production environment as needed
• Provided on an ongoing basis support for Platform-related live issues when required to ensure consistent high availability for users and platform-dependent services
• Co-developed Core Platform MTX Services and APIs and Functionality for initial MTX feature launch, as well as for on-going development of new features and releases
• Assisted in the implementation of the MTX Ledger system
• Assisted in the implementation and integration of EA centralized Commerce Services, ensuring that real-money purchases correctly transacted in-game currency and goods
• Developed ‘Customer Support’ MTX Platform integration, backend services, and client tooling APIs to enable Customer Support Representatives (CSRs) to support customer MTX-related issues and tickets.
• Provided Service Access to MTX Ledger, including transaction review capability, as well as the ability to grant discretionary in-game MTX currency to resolve user grievance (as CS-tagged MTX transactions)
• Enabled game event searching of MTX-related in-game events to empower CSRs with the ability to trace actual game transactions against what is recorded in the MTX ledger, so that they can verify that any claims in a CS ticket happened in game, reconcile against the recorded transactions in the user’s MTX ledger, and transact the appropriate compensation to the user.
• All CSR-originated MTX transactions are logged and audited to prevent CSR abuse of the in-game MTX economy through the CS tooling
• Assisted / Co-developed In-Game Storefront and Purchasing (specifically for purchasing in-game currency packaged with real-world money)
• Enabled In-game display of purchasable packages from the centralized EA catalog service, specific to the user’s localized pricing and local taxing cost
• Enabled selection of payment account for in-game purchases, so that users do not need to be diverted from their in-game experience to a web-based account management page in order to complete the payment process
• Implemented localized transaction receipt email upon completion of in-game purchase
• Designed and Implemented MTX Purchasing of Game-based Services (Self-Help)
• Developed purchasable in-game services and goods included: Paid Character Transfer, Paid Character Name Change, Paid Item Restoration
• These were all existing CS Services that were leveraged as is
• Turning these CS ticket drivers into purchasable, self-service MTX transactions saved overhead costs related to CSR time spend on these issues, while driving increased MTX income as users paid to self-service said issues automatically
• Designed and Implemented Web-facing APIs for Item/Service Catalog (product listing and in-game currency pricing)
• Implemented MTX transaction completion services for each of these CS-based API calls, including failure monitoring for automated rollback of transactions that could not complete
• Was solely responsible for design/architecture of the Security Key OTP system and it’s related services
• This system encompassed both physical hardware ‘FOB’ OTP generators as well as a software-based (via mobile device) solution, as provided by a third-party security solutions vendor
• This system provided two-factor authentication protection for all user account services, requiring both game-side and web-side account integration
• Implemented and Integrated OTP authentication into existing password-based security authentication service, providing users with ‘two-factor’ security
• Designed and implemented user-facing self service APIs for user account Security Key management
• Allows users Add/Remove/Replace Security Key management functionality for their account (for both hardware and software based Security Keys)
• Allows users to Dynamically Request/Provision software-based (Mobile device) from a pool of available software keys
• Designed and implemented Provisioning System and Automation for software-based Security Keys
• Automated on-demand provisioning of available/unused software keys uniquely and exclusively to individual user accounts
• Automated cost-saving recycling and reclamation of provisioned software keys that were requested by the user but never used, saving the studio on the per-key cost for keys that were being wasted by users that requested software/mobile keys and never used them or attached them to their account within a specific time window.
• Implemented key escrow system for recovery of individual software security keys
• Implemented cost-saving recycling system/process for reclaiming software security keys that had been discarded/removed from users’ accounts.
• Designed and implemented back-end services for importing and managing both hardware and software type Security Keys into an Oracle encrypted table space
• Implemented tools for bulk import and management of Security Key batches on delivery by the third-party vendor (Vasco)
• During late 2012, all CS Platform backend developers left within a 2-4 week time span with little notice and very little knowledge transfer.
• I was assigned responsibility for taking ownership of development for the CS backend architecture and fill the vacuum created when the entire CS services team left.
• I successfully handled this transition, quickly reacquired the knowledge lost by extensively auditing the code base and production deployment architecture, and was able to handle ongoing feature development, fixing outstanding bugs/issues, and provide live/production support of live issues.
• This was accomplished without a single live incident that could not be resolved. No extended lapse of availability of the CS service due to loss of the CS backend team occurred. I was able to resolve all live service issues during this period of quick ramp up.
• Required hardened enforcement system to guarantee free access to the game was revoked after the ‘weekend’ period expired. (This was prior to the Free-to-Play conversion, and failure to execute on this would result in lost subscription revenue.)
• Designed and implemented initial version of ‘Friends of SWTOR’ Referral Marketing program (also deployed shortly after launch, 2011)
• This program had similar ‘hardened’ requirements for enforcing free access to the game for referrals made by current players, but was less severe because the access type for these trials were level-capped, preventing game progress beyond an early stage.
• Additionally, the existing players that referred new players that up-converted to a paid subscription were granted in-game rewards. This required equally hardened implementation of the reward granting system to ensure that it was not exploitable.
• Architected systems responsible for highly available, highly scaled, Big Data scoped dataset processing, which must scale across globally distributed deployment topology.
• Systems primarily responsible for defining the architecting of include:
• Game Events and Telemetry Capture and Processing (Real-time and eventual batch processing)
• Global Logging Service and Search (language and system agnostic)
• Monitoring for Availability, Performance, and Real-time root cause problem determination
• Dynamic Message Routing and Processing
• Implemented and delivered Proof-of-Concept Prototype of the Game Event and Telemetry System defined by this architecture for the ‘DawnGate’ Business Analytics team.
• After evaluating the PoC, the analytics team has initially strongly favored using the proposed Next-Gen Platform event system architecture in their analytics pipeline.

Confidential

Software Engineer

Responsibilities:

• Designed and implemented scalable cloud-based business-tier service solutions for multiple mobile applications
• Primarily developed using the Google App Engine (GAE) cloud platform (Python, Java), including the following platform technologies:
• GAE Datastore, a NoSQL schema-less object data store. Developed solutions that provided geospatial querying (using GeoModel, a solution derived from geohashes), and in-place “schema” migration for data existing in production.
• Django (using django-nonrel) and Django-Piston for developing REST-based web services / business tier solutions.
• Security integration with Spring-Security (GAE/Java) to provide authentication services that is not tied to the Google Accounts identity service (the default for the platform).
• Task Queues for batch processing and semi-complex task scheduling (beyond the capability provided by the App Engine “cron” scheduler).
• Provided design documentation and integration support for projects that outsourced client development.
• Performed integration of third-party services under the constraints of the GAE platform sandbox.
• Responsible for Mobile Application Development
• Consulted on multiple projects requiring enterprise design and security analysis

Confidential

Senior Software Engineer

Responsibilities:

• Responsible for Use Case and Domain-level Analysis Modeling using UML for an application project using the RUP process methodology.
• Leading team security effort to integrate security analysis, design, and implementation practices into the team development process across the complete Software Development Life Cycle. The project design and implementation adheres to DoD (DISA) security policies for application development and deployment, implements standardized security (OASIS WS-* security standards) at all service boundaries when participating in SOA service composited applications, and integrates with existing security infrastructure within the deployment environment for access control and policy enforcement decisions, monitoring, audit logging and compliance, and incidence response management.
• Developed Single Sign-on security client solution for military contract project, integrating with Army AKO/DKO authentication infrastructure.
• Contributing developer on prototype client (for project contract), using Eclipse RCP platform. Provided knowledge transfer on Eclipse RCP, PDE, and OSGi plug-in development for team members.
• Enterprise Service Bus (ESB) Project Team:
• Design and Implementation of Peer-to-Peer (P2P) Data Transfer Service for ESB, using standard JAX-WS Web Services. Used for data thickening of large, distributed simulation data sets.
• Design and Implementation of ESB Infrastructure on Confidential WebSphere Process Server platform to service hosted service projects
• Provide development support for hosted services and applications, specifically within the Modeling and Simulation application domain
• Development and Support for Cluster based solutions using WebSphere Process Server / Enterprise Service Bus
• Cross-team Support:
• WS-Security development support

Confidential

Staff Software Engineer

Responsibilities:

• Designed and Implemented Web-based Single Sign-On (SAML 1.1 Browser/POST) using open-source SAML implementation. Extended Assertion Builder Pattern onto scripting system to enable arbitrarily constrained partner integration scenarios. Implements support for WebSphere 6.0 and Tivoli Access Manager (with WebSeal) integration. Responsibilities included:
• Creation and maintenance of Integration Guide for Partners, outlining features supported, technical requirements for integration, samples, etc, as well as and technical support documentation.
• Technical lead in Partner Integration. Requires regular, direct contact with Partners’ development/technical staff to ensure agreement on integration contract, technical support, and transitioning to On-boarding staff to ensure successful interlock ahead of the Customer go-live schedule.
• Design for SAML Web Services support (WS-Security SAML Token Profile). Integrates with the Web SSO solution noted above. Also implements integration with WebSphere 6.0 and Tivoli Access Manager with WebSeal.

Confidential

Responsibilities:

• Primary designer and implementer for the product’s Reporting Service Architecture and its implementation. The architecture developed specifically aims to participate in a SOA-oriented environment for use by other applications and aggregation services, and as such is realized as a deployable Web Service in any SOA deployment domain as well as it’s native environment (I.e., as a part of CCMDB). The service orchestrates report authoring, generation, and management across multiple data sources and third party reporting engines, capable of servicing multiple applications from disparate security domains.
• Implemented Web Service Reporting infrastructure for deployment on WebSphere Application, Portal, and Process Server. (Developed in compliance with WS-I Basic Profile using standard J2EE APIs and libraries, and thus was also successfully used during development on more lightweight platforms, specifically Apache Tomcat.)
• WS-Security, JAAS authentication and authorization compliance for RBAC protection of report assets.
• Primary designer and implementer of the Reporting Authoring Toolkit, an Eclipse-based report authoring application:
• Implemented using the Eclipse 3.0 Rich Client Platform, and packaged for use either as a standalone application or as a plug-in feature for use within an existing Eclipse-based product (such as Rational Software Architect).
• Implemented required OSGi container based Web Service Client functionality. (This provides is a non-J2EE managed client environment, and OSGi container access restrictions prevented using/creating the WebSphere.managed J2EE client. J2EE Client Application deployment functionality needed to be manually implemented.)
• Implemented custom security handlers for authenticating Web Service client access within an OSGi-based plug-in. (Basic authentication only for now).
• Implemented Web Service sessions, supporting simultaneous discreet sessions to support access to multiple backend services.
• Implemented Web Service Connection Management plug-in. For managing and persisting connection properties for a specific Reporting Backend, as well as session connection control (connect/disconnect) for each Backend Web Service entry.
• Implemented Visual Editors for the supported report XML file types. (Report Definitions and Data Configuration Relationship Maps.)
• All Editors:
• Supports editing the XML content manually, if needed.
• Supports persisting to both the local file system and a remote Reporting Backend (via connected Web Service session).
• Report Definition Editor:
• Visually edit Report Definition to compose requirements to achieve the desired report end result. Fully featured, so end user should never need to touch the raw XML.
• HTML Preview. Uses RCP Browser component to view a “test run” of the edited report definition to validate that it correctly represents the desired report before installing it.
• Relationship Map Editor (for SQL Data Sources):
• Relationship Map Visual Editor
• Visually explore and edit a Relationship Map.
• Allows end user to Add/Modify/Remove data source relationships without touching the raw XML.
• SQL RDBMS Explorer
• Explore a configured SQL Database (configuration defined in the Reporting Web Service Backend, so user is not exposed to administrative information or tasks).
• Context-sensitive actions provide “auto-mapping” to automatically decompose a schema/table/column into its component relationships and maps them to the Relationship Map being edited. (The generated relationships can be renamed/modified/tweaked in the Relationship Map Visual Editor.)
• Two Patents covering the Reporting Architecture were accepted and filed with Confidential IP, and are currently pending. Was listed as the Primary Inventor for both patents. (See below: “Other Information, Patents”.)
• Design Documentation and Development Guides for the Reporting Service, as well as presentation materials for design overview and executive presentations.
• Created initial multi-project (multi-dependency) Ant build infrastructure during project startup.