This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Benjamin Jansen ====== 22492 S Redland Rd\\ Estacada, OR 97023 **Phone:** 503-560-1955\\ **Email:** aogail@w007.org ===== Software & Security Engineer ===== I am a software engineer who likes to solve customer problems. I am passionate about security and I enjoy tackling problems and stretching myself in new technologies and techniques. I have experience in software engineering, product security, security engineering, QA, systems engineering, and systems administration. ===== Professional History ===== ==== Principal Software Engineer at Oracle ==== I am part of the team that is responsible for running DNS for Oracle Cloud Infrastructure's Virtual Cloud Networks. Selected work: * Deployed & managed DNS-related first- and third- party tools, including BIND and Unbound * Participated in research and planning for deployment of next generation VCN DNS * Responded to service incidents during on call rotation * Advocated for and led by example in automated testing Tools: Oracle Linux, iptables, Go, Python, Docker, BIND, Unbound ==== Principal Member of Technical Staff at Oracle ==== **Dates:** June 2016 - December 2018 As part of Oracle's Cloud Security (CSEC) Engineering team, I was involved in various security engineering projects providing security services to Oracle's cloud (PaaS/SaaS) teams. The work included managing the infrastructure we provide, using Chef, and developing custom applications to meet security-services-related business needs. Selected work: * Implemented a CI & CD pipeline for Cloud Security Chef cookbooks and internal software projects supporting deployment and management of bastions, egress proxies, DNS, and other security services * Introduced software development best practices to the team, including code review, automated testing, automated deployment * Implemented a RADIUS authorization API in Rails as an integration between RCDevs AAA software and Oracle's entitlement system, controlling authorization for all of Oracle cloud networking * Managed a globally distributed fleet of servers and services using Chef * Replaced a manually managed Active Directory-based DNS service with dnsmasq, managed using Chef Tools: Chef, Oracle Linux, Ruby, Ruby on Rails, RCDevs AAA products ==== Senior Software Engineer at Tripwire ==== **Dates:** January 2012 - June 2016 Tripwire provides security & compliance products for enterprise IT. I worked on the team that owns Tripwire's next generation agent-based security data collection platform. We were responsible for getting data about endpoints to Tripwire products. I regularly worked across all the components within that platform, using a variety of technologies. Selected work: * As part of the Software Security Group (SSG): * Selected a secure software development framework (BSIMM) for use in R&D * Worked as a liaison between SSG and my product team, bringing BSIMM practices to my team * Set plan for rolling out secure SDLC activities for all of Tripwire R&D * Facilitated and participated in software security activities including threat modeling, secure code reviews, security book club, secure coding standards and security training curation * Enabled a baseline of secure development by creating secure internal libraries covering password hashing, encryption, application messaging, and PKI * As half of a two-person feature team, completely overhauled Tripwire Enterprise's crypto infrastructure and shepherded TE through an updated FIPS 140-2 certification. * Added collection of events from Windows Event Log to our agent-based security data collection platform * Implemented features to enhance the robustness of our security data collection platform * Championed straightforward mechanisms for installing our software * Helped drive an automated testing strategy that enabled our small team to test and release software on many platform versions * Helped champion the use of environment automation tools (such as chef and vagrant) to improve efficiency and reproducibility of our software development practices Tools: Java, Ruby, C++, chef, vagrant, test kitchen, bash, Windows Cmd shell, Guice, netty, boost, Protobuf, Windows Event API, Windows Installer API, JSSE, JCE, ActiveMQ, gradle, cmake, RPM, MSI (via WiX), Bazaar ==== Software Engineer at Tripwire ==== **Dates:** June 2006 - December 2011 Tripwire provides security & compliance products for enterprise IT. I primarily worked on Tripwire Enterprise, a large client/server enterprise application mostly written in Java. Selected work: * Implemented a diagnostic feature that greatly simplified data collection in support. * Researched & implemented FIPS 140-2 (data protection) and SCAP (FDCC Scanner) compliance, enabling Federal sales. * Implemented SOCKS proxy support for agent/server communication. * Designed & created a "push upgrade" feature that upgraded agent packages (rpm, MSI, etc.) remotely, initiated from the server. * Redesigned the client/server architecture to enable large deployments (10K+ agents) and implemented components of the new architecture. * Maintained the TE Server (InstallAnywhere) and Agent (native packages on Linux, Solaris, HP-UX, Windows, AIX) installers. * Updated and improved use of cryptography involved in securing the applications. Tools: Java, C++, Ruby, SQL, bash, Windows Cmd shell, XML, Guice, netty, boost, Protobuf, xmlbeans, Windows Event API, Windows Installer API, JSSE, JCE, Java-RMI, ActiveMQ, gradle, ant, cmake, RPM, Solaris pkg, HP-UX depot, MSI (via WiX), Bazaar, Subversion, MySQL, Oracle, MS SQL Server ===== Education ===== * Oregon State University, B.S. Computer Science with minor in Business Administration, 2006. * GIAC Certified Secure Software Programmer (GSSP-JAVA) * Chef Certified Local Cookbook Developer – Linux Platform ===== Other Vital Information ===== * vim/emacs: vim * OS: Mac OS