nesv.ca

Resume

Who Am I?

I am a systems administrator-turned-software developer (and not the other way around), who enjoys working on backend systems, taking on architectural responsibilities, and approaching problems by decomposing them into smaller, more-approachable pieces. I am a quick learner, adaptable to short deadlines and fast-paced environments. While I do prefer to work as a productive member of a team, I do have a proven ability to work independently. I am seeking a position that will utilize my current strengths while allowing for professional growth in new skills and technologies.

A majority of my work over the past 10 years has been in the Go programming language, targeting Linux and BSD systems. Most of my time has been spent working on highly-scalable and reliable distributed systems and platforms, such as Kubernetes. I am currently learning the Rust programming language. In the past, I have also used Lua, Python, C, JavaScript, Common LISP, Erlang, TCL, and Ruby to varying extents.

When it comes to working with databases, I am most familiar with PostgreSQL, SQLite, Cassandra (and ScyllaDB), Redis, and etcd. I have a passing familiarity with Consul, memcached, InfluxDB, MongoDB, MySQL, and Elasticsearch.

Given my history as a systems administrator, I focus on automation and repeatable processes, using tools like Ansible, and Salt. I have also used Chef, Nomad, Puppet, and Terraform.

I have more than 10 years’ experience working remotely, and am only open to remote positions. I am not interested in working on contract terms; full-time employment only. I am not interested in management roles.

Specialities

  • API design (REST-like, gRPC, GraphQL).
  • Concurrent software design patterns.
  • Relational and non-relational (“NoSQL”) database design.
  • Scalable system design techniques.
  • Continuous testing, integration, and deployment.

Experience

DigitalOcean

Senior Engineer II (June 2022 — February 2023)

  • Technical lead of the Delivery team.
  • Part of a cross-functional team to increase safety around software deployments.
  • Technical reviewer for proposals focused on increasing developer productivity, and redesigning core, internal systems’ architecture.
  • Overhauled my team’s bare-metal provisioning and configuration tooling, to minimize operational toil. When upgrading ~230 hosts between major operating system versions (e.g. Ubuntu 18.04 → Ubuntu 20.04 → Ubuntu 22.04), this work resulted in the process going from approximately 4 months of full-time work for 2 engineers, to 3 weeks of part-time work for 1 engineer.
  • Technical advisor on a cross-functional project setting up a managed, multi-tenant, multi-region Cassandra cluster.

Senior Engineer I (July 2020 — June 2022)

  • Member of the Delivery team.
  • Maintained and extended an internal, Kubernetes-based deployment platform used by a majority of teams.
  • Maintained a bespoke service discovery system that spanned most of DigitalOcean’s regions.
  • Tuned a Cassandra cluster spanning more than 12 regions/datacenters, used to power DigitalOcean’s internal service discovery system.
  • Enhanced the documentation and automation around the team’s bare-metal host management.
  • Maintained an internal artifact storage service used by many continuous integration and deployment pipelines: “artifacts.internal”.
  • Maintained an internal Docker/OCI image registry: “docker.internal”.
  • Served as a steward of DigitalOcean’s monolithic repository: “cthulhu”.
Skills

Kubernetes, Go, Bash, GNU make, gRPC, Concourse CI, GitHub Actions, Debian packaging, Ubuntu, Chef, Ansible, Cassandra

NetApp

Senior Software Engineer (September 2019 — July 2020)

  • Worked on the Kubernetes Application Management Platform team, on the NetApp Kubernetes Service (NKS) project.
  • Worked on various applications that did not fall into the domain of any other teams. For example: a GraphQL API service, and an in-cluster agent service for reporting on Kubernetes cluster health.
  • The de facto maintainer of the services that maintained always-on connections/tunnels with deployed Kubernetes clusters, called dispatch.
  • Wrote and implemented a proposal to scale the dispatch server to more than one instance, in the NKS backplane, while still allowing other, existing services to communicate through the tunnels without modification.
  • Passively worked on standardizing build and test scripts, across the various repositories that composed NKS; bringing consistency to Makefiles, and transferring responsibility of tasks from Dockerfiles and CI configurations, into the projects’ Makefiles.
Skills

Go, Kubernetes, Helm, Kustomize, CircleCI, GraphQL, Amazon Web Services

Rose Rocket

Senior Software Engineer (September 2018 — September 2019)

  • Technical lead for a team responsible for site reliability, systems administration, and “continuous improvements”.
  • Led the effort to consolidate various deployment environments, each with their own deployment methods, hosted across several cloud infrastructure providers, to a single, managed Kubernetes cluster (Amazon EKS).
  • The company’s Go programming language subject matter expert, providing code reviews and guidance on how to improve the company’s code base, and make it more idiomatic.
  • Improving continuous testing, integration, and delivery for all developed services.
  • Providing technical guidance on HTTP API design, database schema design, and system architecture.
Skills

Go, Kubernetes, Docker, Amazon Web Services, Ansible, Ubuntu, PostgreSQL, Jenkins, DigitalOcean

Global Cyber Alliance

Software Developer, Contractor (May 2016 — September 2018)

  • Technical implementation lead for the Internet Immunity project, which later became Quad9 DNS.
  • Wrote threat intelligence collection, parsing, and exposition tools.
  • Wrote services to generate, transport, store, and export anonymized telemetry from received DNS queries.
  • Wrote a service providing threat intelligence providers access to near-real-time, anonymized notification streams. These streams are populated when a domain name was blocked due to an indicator provided by that threat intelligence partner.
  • Provisioned and managed internal systems running FreeBSD, using Ansible and Salt.
  • Used an intentionally-small technology stack, due to the small team size: FreeBSD, Go, PostgreSQL, and Kafka.
  • Designed a PostgreSQL database schema for storing malicious domain names with automatic record expiry, and optimized for a read-heavy workload.
  • Wrote a parser for structured DNS TXT records, used for evaluation/“scoring” sender policy framework (SPF) and domain-based message authentication, reporting, and conformance (DMARC) policies.
Skills

DNS protocol, Go, PostgreSQL, Kafka, InfluxDB, Ansible, Salt, FreeBSD, pf, CentOS, dnsdist, Microsoft Azure, Amazon Web Services, Jenkins, haproxy, gRPC

Novetta

Software Developer (February 2015 — March 2016)

  • Worked on the Novetta Cyber Analytics v5 project.
  • Developed tooling to launch several-hundred cloud VMs, across multiple hosting providers, in less than 10 minutes, and have them managed with Salt.
  • Set up and maintain servers and the services on them, using Salt.
  • Developed a centralized authentication and authorization system, as there were no preexisting solutions that met the project’s needs.
  • Implemented a service discovery and monitoring system using Consul.
  • Wrote a Go package that allows developers to store metrics data in Elasticsearch and InfluxDB.
  • Designed, developed, and managed a fully-automated, continuous integration pipeline that built project components, packaged them into Docker images, and published them to a private Docker registry.
  • Maintained most of the project’s development and testing infrastructure in Amazon Web Services.
  • Assisted other project component teams on how to manage their own automated builds, using Jenkins and Docker.
  • Lead the “Core Services” component team, whose tasks included systems administration, and the development of supporting services that provided HTTP APIs to inspect overall system health, handle centralized authorization, and wrap existing HTTP APIs to integration them with the authorization system.
  • Launched the (now defunct) Operation Blockbuster website; was required to make sure it would not be vulnerable to a DDoS attack. (Novetta blog post)
Skills

Go, Ansible, Salt, CentOS, Docker, Amazon Web Services, PostgreSQL, Consul, Jenkins, Ubuntu, DigitalOcean, SoftLayer, Python, Cassandra, Elasticsearch, NSQ, InfluxDB

FR8nex

Senior Developer (June 2014 — February 2015)

  • Developed an administrative HTTP API service in Go, which provided the backing service to all of the front-end applications. This service was the “single point of truth” for all data.
  • Optimized Python and Go codebases, as well as our datastores (primarily PostgreSQL).
  • Utilized Ansible to manage the configuration of staging and production systems, as well as for scripting code and service deployments.
  • Managed staging and production infrastructure on DigitalOcean, and Amazon Web Services.
  • Designed a distributed messaging layer for the company’s analytic systems.
  • Wrote all of the scripts and automation for building, packaging and deploying all in-house applications.
Skills

Go, Python, PostgreSQL, GNU make, Docker, Drone, NSQ, etcd, Elasticsearch, Logstash, Ubuntu, CoreOS, Ansible, Bash, Amazon Web Services, DigitalOcean

Synacor

Systems Administrator (March 2013 — June 2014)

  • Used PUppet, mcollective, facter, Ansible, and Fabric to automate all parts of Synacor’s infrastructure.
  • Responsible for packaging third-party software, and internal projects, into RPMs.
  • Responsible for maintaining internal YUM repositories.
  • Writeing intermediary tools to automate routine tasks that could not be automated using Puppet.
  • Managed internal and external DNS (BIND, Dyn).
  • Point of contact for high-availability systems managed by Corosync and Pacemaker, and for MongoDB infrastructure.
  • Wrote a generic data collection tool, called “Nebulous”, for gathering versioned information about every part of Synacor’s infrastructure.
  • Curated various administration scripts into a single package, using sub.

Lead Engineer (January 2012 — March 2013)

  • Lead the backend/API development team for Carbyn, post-acquisition.
  • Helped define technical and architectural designs.
  • Point of contact for the systems administration and release management teams.
  • Managed software builds, packaging, deployment, and configuration processes.
  • Managed development (non-production) servers.
Skills

Go, MongoDB, JavaScript, Puppet, Bash, Corosync and Pacemaker, Ruby, Python, Fabric, RPM packaging, RHEL/CentOS 4, 5 and 6, Kickstart, Facter, DNS, Redis

Previous Employers

  • Carbyn — Senior Engineer (September 2011 → January 2012)
  • Aboutown Transportation — Developer (May 2009 → September 2011)

Other Project and Open Source Experience

Quad9

A free, publicly-available anycast DNS service, that filters malicious domain names by returning non-authoritative NXDOMAIN responses for blocked domains. Operates in more than 130 points of presence, in more than 77 countries. I am currently a supporting alumnus.

yawal

“Yet another write-ahead logger.” A write-ahead logging package for Go, written due to a lack of quality, composable, write-ahead logging packages in the Go ecosystem.

Code

go-dynect

Go package for interacting with Dyn’s ECT DNS service. Was used in Hashicorp Terraform until the project took a more plugin-based approach to external service providers.

Code

Pull request adding go-dynect to Terraform