Dec 2021 – Aug 2023 · 1 yr 8 mos · Halifax, NS

• NASL Libraries team. responsible for creation and maintenance of libraries and functions used in Nessus/Tenable.io family of NASL (scripting language used by Nessus) based services for the detection of security sensitive vulnerabilities across a wide variety of internet connected devices and operating systems. This involved integrating with 3rd party RESTful APIs for integration purposes, detection of installed software both managed and un-managed, hardening of scripts so as not to be exploited by bad actors, documentation and collaboration with other teams in the development of plugins and use of new methods to expand Nessus/Tenable.io VM's capabilities.

Jan 2021 – Nov 2021 · 10 mos · Halifax, Nova Scotia, Canada · Hybrid

• Using Gruntworks.io's framework which is based on Terraform (HCL), built, created and maintained an AWS and Kubernetes based infrastructure for a new cloud native applications, created Terraform modules and components, and all managed under Infrastructure As Code (IAC) principles wrapped under the ideas of GitOps framework with a security first mindset.
• Worked with teams to educate on establishing metrics to agree upon SLI with which we could establish SLA and SLO numbers.
• Tooling included AWS, Terraform, terragrunt, terrascan, Open Policy Agent (rego)

Sep 2017 – Dec 2020 · 3 yrs 3 mos · Nova Scotia, Canada

• Created containers and processes for testing applications and deployment with docker-swarm, Jenkins and Gitlab CI/CD, and ultimately to AWS ECS and Fargate
• Created and executed performance tests of the AWS based RCS service, automated analysis and reporting of tests results utilizing python based tools (locust.io), Go, and shell scripts
• Lead work on a resilience testing framework based on ChaosToolkit, experimented with techniques for centralized logging with filebeat, and the Elastic stack
• Responsible for the upkeep and maintenance of QA’s VM based servers

Nov 2016 – Aug 2017 · 9 mos

• Tenable.io - Web Application Security Scanner
• Creation and modification of vulnerable targets that respond to the OWASP Top 10 to deploy to test the detection capabilities of the WAS scanner (docker, nodejs, WAVSEP, Gruyere, owasp-benchmark, juiceshop, webgoat)
• Creation of a docker environment to allow 'local' testing of WAS outside of AWS space (docker-compose, docker, shell)
• Development and execution of test cases, functional/blackbox testing, minor fuzzing of RESTful API calls
• Go (Go-lang) console scripts created to query, monitor and diff multiple WAS environments and their dependant micro-services

Sep 2013 – Nov 2016 · 3 yrs 2 mos

• Creation of Nessus library/plugins specifically aimed at OSX to improve software detection through multiple packagers and package managers (super proud of that one!)
• White box testing, code review of NASL plugins for Nessus
• Testing involved the creation of vulnerable application targets (Windows, OSX, Linux based applications); monitoring and evaluating plugins for performance issues; emulating vulnerable devices via python, SNMP Simulators, modified open source code for specific behaviours.
• Managed and modernized the Patch Tuesday lab for faster Nessus plugin testing (Active Directory, SCCM, WSUS, Powershell, basic systems monitoring, ESXi API utilization, python pyVmomi to manage vmWare hosts)

May 2011 – Sep 2013 · 2 yrs 4 mos · Halifax, Canada Area

• As a member of the newly launched wireless mobility (cellphone) division, responsibilities included developing a solid highly available infrastructure to support the wireless billing systems and services, and controlling access to sensitive customer billing data, including credit card processing gateway systems.
• Created, deployed and managed a VMware, Windows and Linux based infrastructure system for a new deployment of a wireless billing system which included RHEL and Oracle RAC clustering solutions.
• Initiated and deployed the use of a department wide utilized Twiki solution for a living document of operational processes and procedures
• Developed Red Hat clustering HA configurations and deployments of NFS, SSH, central syslogging and LDAP services.
• Worked with the data center networking team to develop the network layouts (vlan, load balancing, DMZ and firewall rules) for the Wireless BSS solution.
• Working on security policies and solutions to comply with PCI DSS rules utilizing sudo, ssh, syslog, Logwatch, AIDE (tripwire), Red Hat Network, Nagios, Beyondtrust PowerBroker Identity Services

Jul 2007 – Apr 2011 · 3 yrs 9 mos · Halifax, Canada Area

• Via Keane/NTT Canada.
• Unix Systems Administration and Operations – Team Lead
• Promoted to team lead and managed a team of eight Unix SysAdmins for a plant of 400+ Linux, Solaris and ESX/vSphere environments
• Reviewed and guided client projects from an operational and security related point of view towards SOX compliance, during various stages of the software development life cycle
• Successful project executions included a single sign-on solution of the Unix, NAS, and ESX plants with Likewise Enterprise and Microsoft Active Director, and revamping of the build system with Red Hat Network, IBM solutions for blades
• Worked on Red Hat clustering HA configurations and deployments for custom applications
• LDAP and e-Communications Support
• Support and guidance to the firm for applications utilizing the firm’s LDAP plant; paging and faxing/telex infrastructure, which included performance monitoring and tuning, the creation of monitoring tools and documentation

Jun 2002 – Apr 2011 · 8 yrs 10 mos · Halifax, Canada Area

• Morgan Stanley GWM (Global Wealth Management) - Unix/Linux System Administrator - Unix Team Lead
• Technologies - Red Hat HA Clustering, GFS2, VMWare ESX and vSphere, Solaris, IBM Blade chassis management, Microsoft Active Directory, Likewise Enterprise, F5 BigIP LTM and GTM, MySQL, Apache httpd, LDAP, CVS, SAN, NetApp Filer, Veritas volume manager, perl, shell scripting
• Morgan Stanley Smith Barney - LDAP services, paging, inbound and outbound fax support services and software development
• Technologies - iPlanet Directory Services/LDAP, Autosys, RCS, MQSeries, perl, shell scripting
• Putnam Investments
• Data warehouse ETL Support and Administration
• Planned and executed projects including the creation, maintenance, administration and user training in the use of a LAMP based application to facilitate the submission, testing and result reporting of data patches to the data warehouse database, use of CVS as a source code and configuration repository on a company wide basis and the implementation of a Wiki system for a document repository
• Maintained the daily ETL process, implemented new data feeds with Perl , shell code, awk, and sed to prep and normalize data for import to the database; performed system analysis, performance monitoring and OS tuning; created tools for systems monitoring and maintenance; trained new team members.
• Technologies - Solaris, Autosys, CVS, Apache httpd, PHP, perl, Media Wiki, shell scripting

Sep 2000 – Apr 2001 · 7 mos

• Systems Administrator
• Technologies - Solaris, NetBSD, Red Hat, NFS, SMTP, Apache, MySQL, Perl

Aug 1999 – Sep 2000 · 1 yr 1 mo

Jan 1998 – Jan 1999 · 1 yr