Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
work:resume [7 years ago - 2019/05/16 00:40] aogailwork:resume [7 years ago - 2019/05/23 22:01] (current) aogail
Line 7: Line 7:
 **Email:** aogail@w007.org **Email:** aogail@w007.org
  
-===== Software & DevOps Engineer =====+===== Software & Security Engineer =====
  
-I am a software engineer who likes to solve customer problems in a development environment that is challenging, dynamic, and collaborative. I enjoy tackling problems and stretching myself in new technologies and techniques. I have experience with a wide variety of development tools as well as system administration. I am proficient in JavaRubyGroovyC++SQL and am always looking to learn more.+I am a software engineer who likes to solve customer problems. I am passionate about security and I enjoy tackling problems and stretching myself in new technologies and techniques. I have experience in software engineeringproduct securitysecurity engineeringQA, systems engineering, and systems administration.
  
 ===== Professional History ===== ===== Professional History =====
Line 20: Line 20:
  
   * Deployed & managed DNS-related first- and third- party tools, including BIND and Unbound   * Deployed & managed DNS-related first- and third- party tools, including BIND and Unbound
 +  * Participated in research and planning for deployment of next generation VCN DNS
 +  * Responded to service incidents during on call rotation
   * Advocated for and led by example in automated testing   * Advocated for and led by example in automated testing
  
-Tools: Oracle Linux, Go, Python, Docker, BIND, Unbound+Tools: Oracle Linux, iptables, Go, Python, Docker, BIND, Unbound
  
 ==== Principal Member of Technical Staff at Oracle ==== ==== Principal Member of Technical Staff at Oracle ====
Line 28: Line 30:
 **Dates:** June 2016 - December 2018 **Dates:** June 2016 - December 2018
  
-As part of Oracle's Cloud Security (CSEC) Engineering team, I was involved in various DevOps-style projects in support of providing security services to Oracle's cloud (PaaS/SaaS) teams. The work included managing the infrastructure we provide, using Chef, and developing custom applications to meet security-services-related business needs.+As part of Oracle's Cloud Security (CSEC) Engineering team, I was involved in various security engineering projects providing security services to Oracle's cloud (PaaS/SaaS) teams. The work included managing the infrastructure we provide, using Chef, and developing custom applications to meet security-services-related business needs.
  
 Selected work: Selected work:
  
-  * Implemented a CI & CD pipeline for CSEC'cookbooks and internal software projects+  * Implemented a CI & CD pipeline for Cloud Security Chef cookbooks and internal software projects supporting deployment and management of bastions, egress proxies, DNS, and other security services
   * Introduced software development best practices to the team, including code review, automated testing, automated deployment   * Introduced software development best practices to the team, including code review, automated testing, automated deployment
-  * Implemented a web API in Rails as an integration between RCDevs AAA software and Oracle's entitlement system+  * Implemented a RADIUS authorization API in Rails as an integration between RCDevs AAA software and Oracle's entitlement system, controlling authorization for all of Oracle cloud networking
   * Managed a globally distributed fleet of servers and services using Chef   * Managed a globally distributed fleet of servers and services using Chef
   * Replaced a manually managed Active Directory-based DNS service with dnsmasq, managed using Chef   * Replaced a manually managed Active Directory-based DNS service with dnsmasq, managed using Chef
Line 51: Line 53:
     * Selected a secure software development framework (BSIMM) for use in R&D     * Selected a secure software development framework (BSIMM) for use in R&D
     * Worked as a liaison between SSG and my product team, bringing BSIMM practices to my team     * Worked as a liaison between SSG and my product team, bringing BSIMM practices to my team
-    * Participated in planning for BSIMM practices applied to Tripwire R&D+    * Set plan for rolling out secure SDLC activities for all of Tripwire R&D 
 +    * Facilitated and participated in software security activities including threat modeling, secure code reviews, security book club, secure coding standards and security training curation 
 +    * Enabled a baseline of secure development by creating secure internal libraries covering password hashing, encryption, application messaging, and PKI 
 +  * As half of a two-person feature team, completely overhauled Tripwire Enterprise's crypto infrastructure and shepherded TE through an updated FIPS 140-2 certification.
   * Added collection of events from Windows Event Log to our agent-based security data collection platform   * Added collection of events from Windows Event Log to our agent-based security data collection platform
   * Implemented features to enhance the robustness of our security data collection platform   * Implemented features to enhance the robustness of our security data collection platform
Line 72: Line 77:
   * Designed & created a "push upgrade" feature that upgraded agent packages (rpm, MSI, etc.) remotely, initiated from the server.   * Designed & created a "push upgrade" feature that upgraded agent packages (rpm, MSI, etc.) remotely, initiated from the server.
   * Redesigned the client/server architecture to enable large deployments (10K+ agents) and implemented components of the new architecture.   * Redesigned the client/server architecture to enable large deployments (10K+ agents) and implemented components of the new architecture.
-  * Maintained the TE Server (InstallAnywhere) and Agent (Native packages on Linux, Solaris, HP-UX, Windows, AIX) installers.+  * Maintained the TE Server (InstallAnywhere) and Agent (native packages on Linux, Solaris, HP-UX, Windows, AIX) installers.
   * Updated and improved use of cryptography involved in securing the applications.   * Updated and improved use of cryptography involved in securing the applications.
  
 Tools: Java, C++, Ruby, SQL, bash, Windows Cmd shell, XML, Guice, netty, boost, Protobuf, xmlbeans, Windows Event API, Windows Installer API, JSSE, JCE, Java-RMI, ActiveMQ, gradle, ant, cmake, RPM, Solaris pkg, HP-UX depot, MSI (via WiX), Bazaar, Subversion, MySQL, Oracle, MS SQL Server Tools: Java, C++, Ruby, SQL, bash, Windows Cmd shell, XML, Guice, netty, boost, Protobuf, xmlbeans, Windows Event API, Windows Installer API, JSSE, JCE, Java-RMI, ActiveMQ, gradle, ant, cmake, RPM, Solaris pkg, HP-UX depot, MSI (via WiX), Bazaar, Subversion, MySQL, Oracle, MS SQL Server
- 
-==== IS Intern at SP Newsprint ==== 
- 
-**Dates:** Summers 2002-04, Fall 2004 - June 2006 
- 
-SP Newsprint manufactures paper for the newspaper industry. I worked in the IS department, providing technical support and developing custom software. 
- 
-Tools: PHP, apache, MS SQL, .NET 2.0, ActiveRecord 
  
 ===== Education ===== ===== Education =====
  
-Oregon State University, B.S. Computer Science with minor in Business Administration, 2006. +  * Oregon State University, B.S. Computer Science with minor in Business Administration, 2006. 
 +  * GIAC Certified Secure Software Programmer (GSSP-JAVA) 
 +  * Chef Certified Local Cookbook Developer – Linux Platform
 ===== Other Vital Information ===== ===== Other Vital Information =====
  
   * vim/emacs: vim   * vim/emacs: vim
   * OS: Mac OS   * OS: Mac OS