- I am a software developer with over 30 years of experience architecting, designing, coding, supporting and retiring large critical business systems; the whole Software Development Lifecycle (SDLC).
- I specialize in application security and now use my developer knowledge to help automate many pieces of the production security and auditing process.I have also brought numerous new technologies into use.
- Among these new items are products such as Amazon Web Services, Data Analytics, Veracode and SharePoint. Each of these were presented to staff and upper management with a full demonstration of its usefulness to the business needs.
- I am also known for explaining technical ideas to non - technical staff.
- This is one of the reasons I have been able to bring so many new items into companies.
- I have found that it is much easier to get money approved for a product if those who control the money understand what it is going to be spent on and the benefit to the company.
- There has yet to be an incident caused by faulty applications at Mathematica.
- Created and implemented the web application security review policy at Mathematica.
- Instructed the .Net, PHP, Python and Node JS web application developers in the security review process.
- Performed application security reviews are at Mathematica using Veracode for static analysis and Burp Suite Pro and OWASP ZAP for dynamic application testing.
- Wrote the SQL and NoSQL databases security guidelines.
- Trained nine staff members to perform application security reviews.
- Served on the Mathematica Security Team to develop the corporate security policies. I came up with the idea of Production Security Reviews. This requires all applications to reviewed after the application is deployed to production.
- Orchestrated the Continuous Build / Continuous Deploy (CI/CD) process using C#, PowerScript, TFS build, Veracode API (SAST) and Netsparker (DAST).
- Programmed Box file sharing system using Python, C# and PowerShell.
- Automated Linux administration tasks using Bash and Python on AWS EC2 and S3.
- Implemented Netwrix Auditor auditing system using C# and PowerShell.
- Worked extensively with Amazon Web Services (AWS) since 2010 and Microsoft Azure since 2013.
- Automated Linux maintenance using the AWS Command Line Interface.
- Architected, designed and implemented a survey response machine learning system. This allows researchers the ability to improve survey response rates.
- Built the ETL system using C# and SQL Server.
- Implemented a dashboard in Qlikview and SQL SSRS.
- C#, C, C++
- Burp Suite Pro
- Visual Studio 2017
- OWASP ZAP
- Netwrix Auditor
- Kali Linux
- Amazon Web Services
- SQL Server
- Microsoft Azure
- TFS Build git
Senior Systems & Security Architect
- Supervised two large Confidential projects that introduced new technologies to Mathematica. These projects had the largest system implementation budgets at the company. They ranged from $525,000 to $1,000,000 per year. The client really liked the success of the system that I architected for these projects.
- Developed the Application Security Program.
- Involved in advising projects on security positions that should be taken to obtain Authority to Operate (ATO) certifications.
- Technically advised on numerous projects on HIPPA compliance.
- Aided in the Mathematica application of SOC 2 controls.
- Developed survey response data analytics system.
- Monitored all system level auditing using the results of Netwrix Auditor and my aggregation system. Have found a number of problems that were resolved.
- Founded the company.
- Configured Internet access for multiple companies.
Lead System Engineer
Senior Software Engineer