Portfolio

Here are some highlights of the last decade.

Zerocopter, a Security Scaleup

I was initially brought on to help with a small DevOps project, and ended up staying a few years to professionalize infrastructure and security.

Built a Docker-based infrastructure for running security scanners
Assessed, centralized and enhanced logging/monitoring of all infrastructure to improve reliability and security
Designed and implemented a highly customized VPN solution
Built a hack test platform: a web app that has various types of simulated vulnerabilities where potential researchers can demonstrate their skills. One of the challenges was simulating vulnerabilities without actually being vulnerable
Conducted security audit, code reviews, security awareness training, and application security training

After an acquisition, I worked with the new CEO to completely overhaul the platform and IT activities.

Built a much more secure, robust new backend system to replace the legacy platform
Worked with all stakeholders to plan and execute the migration to the new system
Consulted with CEO on hiring, outsourcing, IT management, security

Snooty Software, my Development Tooling Startup

I started Snooty Software with Joachim Nolten to build products that automate the repetitive parts of programming.

Prototyped the core technology, most of which is on Github now. Monocle and erb2builder in particular are novel ways of juggling ASTs
Wrote a few blog posts about what goes on under the hood
- Monocle: bidirectional code generation (this made it to the Hacker News front page, see thread)
- erb2builder: convert erb templates into builder templates and back (this made it into the Ruby Weekly newsletter)
- Using XPath to rewrite Ruby code with ease (this one is a bit older but made it into the Ruby Weekly newsletter and Ruby Inside)
Learned a ton about copywriting, market research, marketing and sales
Made some product demo videos together with Joachim Nolten
- Snooty builder, a prototype of a bidirectional low-code platform
- Textractor, a tool to automatically prepare your ERB templates for internationalization

Silk, a Data Visualization Startup

I joined as the first full-time DevOps person, primarily to improve reliability, performance, and security.

Professionalized ops: introduced a number of processes such as backup recovery tests, capacity planning, security checks and more
Greatly improved reliability. Resolved various recurring production issues, including complex cascading failures. At the same time I tweaked monitoring to eliminate false-positives, and anything not actionable, so that alerts were no longer ignored
Made large performance improvements: including the addition of profiling instrumentation to all microservices to pinpoint bottlenecks, and optimizing the Varnish configuration to strongly improve the cache hit-ratio

Blendle, a Journalism Startup

I joined the initial development team right at the start along two others.

Grew backend/ops team to fifteen people
Designed and built micropayments system, including double entry book-keeping and much more
Built custom profiler, pipelining proxy, CDN config simulator, newspaper processing monitoring system, and more
Was responsible for reliability, performance, and AppSec

Open Embassy is an online helpdesk that enables status holders (refugees with a permit) to ask questions about their integration process in a private and secure chatroom.

Consulted on various privacy, security, and infrastructure problems
Conducted security awareness training
Performed code reviews

Confidential

Some gigs have strict confidentiality requirements, so I can’t go into details. But I have experience with:

Technical due diligence for small and large acquisitions
Incident response
Security assessments