resume/sections/experience.tex

%-------------------------------------------------------------------------------
%	SECTION TITLE
%-------------------------------------------------------------------------------
\cvsection{Work Experience}


%-------------------------------------------------------------------------------
%	CONTENT
%-------------------------------------------------------------------------------
\begin{cventries}

%---------------------------------------------------------
  \cventry
    {Senior Systems Engineer \& Site Architecture Lead} % Job title
    {Grabango} % Organization
    {Berkeley, CA, USA} % Location
    {September 26. 2022 - Present} % Date(s)
    {
      \begin{cvitems} % Description(s) of tasks/responsibilities
        \item {Mentor and technical lead for DevOps team}
        \item {Implemented a HashiCorp Nomad based orchestration system that allocated services across thousands of IoT devices as part of a hybrid infrastructure system bridging physical locations and GCP cloud infrastructure}
        \item {Used Dagger and Go to build portable, localized CI/CD pipelines using Docker; used the same Dagger/Go combo to create developer tooling to enable a Platform-as-Service model for deploying services to on-premise infrastructure via Nomad}
        \item {Lead meetings and facilitated cultural shifts for adopting SRE practices such as SLIs/SLOs and production readiness checklists}
        \item {Lead an internal architecture group involving staff and principal engineers to improve the architecture of physical sites and introduce cultural standards for engineering excellence}
        \item {Managed GCP Kubernetes clusters via Terraform and enabled a self-service model by building Helm based deployment pipelines using Jenkins}
        \item {Heavily refactored SaltStack codebase to improve idempotency and general code quality as well as make use of Salt's more advanced features like orchestration and event-driven actions}
        \item {Co-led a migration to Ansible in an effort to abstract application deployment to Nomad and better define the responsibilities of a configuration management system}
        \item {Built a monitoring system with Prometheus, Thanos, Grafana, and Consul that used service discovery to auto-configure application metrics collection}
        \item {Improved monitoring, resiliency, and performance for complex storage systems built on top of ZFS}
        \item {Retooled AI/ML image inference event streaming architecture by replacing Kafka with RedPanda for improved reliability and performance}
        \item {Designed extensive caching layers for package types going to physical sites using pull-through Docker registry caches for container images and Nginx proxies for raw package types}
        \item {Lead migration from Nexus, internal PyPi, and Google Artifact Registry to Cloudsmith in order to centralize artifact management, improve supported artifact types, reduce complexity, and save costs}
        \item {Wrote Golang based CLI tooling for the systems engineering team to automate several day-to-day tasks around ticket management, SaltStack state application, k8s automation, and more}
        \item {Designed Terraform usage patterns and code organization and led a multi-month initiative to import hand-spun GCP infrastructure into Terraform state}
      \end{cvitems}
    }

%---------------------------------------------------------
  \cventry
    {Senior Systems Engineer} % Job title
    {Shutterfly} % Organization
    {Santa Clara, CA, USA} % Location
    {June 22. 2016 - September 9. 2022} % Date(s)
    {
      \begin{cvitems}
        \item {Technical lead for Cloud Platform team with a head count of 10 engineers}
        \item {Onboarded, mentored, and helped grow several engineers and interns while at Shutterfly}
        \item {Part of committee of principal, staff, and architect contributors to build a larger architectural model for a migration from data center to AWS}
        \item {Migrated over 100 microservices of varying languages to Amazon ECS}
        \item {Designed several large, foundational Terraform modules that were used by ~200 engineers to deploy Security Groups, Elastic Container Service clusters, IAM entities, VPCs, ALBS, and more}
        \item {Designed a AWS global resource testing model that used AWS accounts as test environments for globally available resources like IAM entitites}
        \item {Wrote a custom reverse proxy in Go to facilitate a maximized inverse cache hit rate in order to support a legacy .NET application}
        \item {Wrote custom log ingress filters in Node.js on AWS Lambda for translating log entries into structured log events for Splunk ingress}
        \item {Wrote custom tooling around AWS ECS in Python to enforce draining nodes from tasks during abrupt scaling events}
        \item {Performed capacity planning in accordance with load testing results and metrics to right size capacity}
        \item {Embedded into application teams to assist them with the cloud-native architectural designs of their services}
        \item {Designed cloud logging architecture utlizing FluentD, FluentBit, and logging sidecars for log ingestion over PrivateLink into Splunk}
        \item Wrote custom FluentBit plugins in Ruby to support generalized logging event patterns for applications running on ECS
        \item {Wrote Terraform module to abstract AWS Kinesis Streams and then assisted teams with a migration away from Kafka}
        \item {Designed immutable infrastructure pipeline using Jenkins pipelines, Ansible playbooks, and Packer to produce AWS AMIs that fed into EC2 nodes within autoscaling groups}
        \item {Wrote custom integrations for running GPU dependent tasks on ECS nodes in order to support complex topgraphical image generation}
        \item {Wrote CLI tooling in Go for Cloud Platform team to automate checking ECS clusters, interacting with internal HTTP endpoints, and more}
        \item {Extended and customized aws-azure-login Node.js application to support logging into accounts federated to AWS from Azure AD via SAML}
        \item {Co-designed a hub and spoke model that used AWS accounts as a security and management segregation layer for environments with Transit Gateway linking all of the environments together}
      \end{cvitems}
    }

  %% \cventry
  %%   {}
  %%   {}
  %%   {}
  %%   {}
  %%   {
  %%     \begin{cvitems}
  %%       \item {Eliminated Nagios CPU bottleneck by retooling clusters to run PyPy}
  %%       \item {Wrote CLI tooling in Go for Cloud Platform team to automate checking ECS clusters, interacting with internal HTTP endpoints, and more}
  %%       \item {Designed and wrote an access system in Go and Terraform that created jumphosts scoped to a team and then synced SSH keys to them for internal network access}
  %%       \item {Replaced that SSH system with AWS Systems Manager when the product was releases in order to improve security and better integrate access control with IAM}
  %%       \item {Extended and customized aws-azure-login Node.js application to support logging into accounts federated to AWS from Azure AD via SAML}
  %%       \item {Co-designed a hub and spoke model that used AWS accounts as a security and management segregation layer for environments with Transit Gateway linking all of the environments together}
  %%       \item {Managed account creation process for dozens of AWS accounts}
  %%       \item {Heavily pushed for testing Infrastructure-as-Code by introducing and establishing testing patterns for Terraform modules and EC2 instance OS state}
  %%     \end{cvitems}
  %%  }

%---------------------------------------------------------
  \cventry
    {Software Engineer, Infrastructure and Operations} % Job title
    {Opower / Oracle} % Organization
    {San Francisco, USA} % Location
    {January 12. 2015 - May 23. 2016} % Date(s)
    {
      \begin{cvitems} % Description(s) of tasks/responsibilities
        \item {Refactored and wrote Puppet manifests to converge data center localized hardware nodes to prepare them as Proxmox hosts}
        \item {Co-designed with DBA a distributed file system storage array using Ceph}
        \item {Designed resilient high-availability MySQL cluster using Heartbeat to float a VIP between multiple masters}
        \item {Maintained several applications deployed via Proxmox as VMs that were converged via Puppet}
        \item {Wrote a tool in Ruby that migrated Opower from FreeIPA to Active Directory}
        \item {Designed and implemented Active Directory sync mechanism to Proxmox VMs via SSSD (System Security Services Daemon)}
      \end{cvitems}
    }

%---------------------------------------------------------
  \cventry
    {DevOps Engineer} % Job title
    {InsideVault} % Organization
    {San Carlos, CA, USA} % Location
    {Febuary 24. 2014 - December 15. 2015} % Date(s)
    {
      \begin{cvitems}
        \item {Managed MongoDB cluster used by SEO optmization platform}
        \item {Used Jenkins to build testing and deployment pipelines for Scala applications using sbt}
        \item {Wrote Chef cookbooks for deploying Apache Mesos cluster members to EC2}
        \item {Managed Apache Mesus cluster that was used for distributed batch processing}
      \end{cvitems}
    }
%---------------------------------------------------------
  \cventry
    {Systems Administrator} % Job title
    {Apollo Group} % Organization
    {San Jose, CA, USA} % Location
    {January 23. 2012 - January 10. 2014} % Date(s)
    {
      \begin{cvitems} % Description(s) of tasks/responsibilities
        \item {Wrote a custom deployment web UI using Ruby and jQuery to integrate Chef, AWS EC2 nodes, and Haproxy to serve as the main deployment interface for ~100 engineers for a dozen of Java based microservices}
        \item {Wrote Chef cookbooks that converged EC2 nodes so that they could run Java based applications}
        \item {Rewrote the aforementioned deployment tool as part of a migration from AWS to a data center platform runnign VMWare VSphere}
      \end{cvitems}
    }
\end{cventries}
init 2023-09-09 06:27:44 +00:00			`%-------------------------------------------------------------------------------`
			`% SECTION TITLE`
			`%-------------------------------------------------------------------------------`
			`\cvsection{Work Experience}`


			`%-------------------------------------------------------------------------------`
			`% CONTENT`
			`%-------------------------------------------------------------------------------`
			`\begin{cventries}`

			`%---------------------------------------------------------`
			`\cventry`
			`{Senior Systems Engineer \& Site Architecture Lead} % Job title`
			`{Grabango} % Organization`
			`{Berkeley, CA, USA} % Location`
			`{September 26. 2022 - Present} % Date(s)`
			`{`
			`\begin{cvitems} % Description(s) of tasks/responsibilities`
			`\item {Mentor and technical lead for DevOps team}`
			`\item {Implemented a HashiCorp Nomad based orchestration system that allocated services across thousands of IoT devices as part of a hybrid infrastructure system bridging physical locations and GCP cloud infrastructure}`
			`\item {Used Dagger and Go to build portable, localized CI/CD pipelines using Docker; used the same Dagger/Go combo to create developer tooling to enable a Platform-as-Service model for deploying services to on-premise infrastructure via Nomad}`
			`\item {Lead meetings and facilitated cultural shifts for adopting SRE practices such as SLIs/SLOs and production readiness checklists}`
			`\item {Lead an internal architecture group involving staff and principal engineers to improve the architecture of physical sites and introduce cultural standards for engineering excellence}`
			`\item {Managed GCP Kubernetes clusters via Terraform and enabled a self-service model by building Helm based deployment pipelines using Jenkins}`
			`\item {Heavily refactored SaltStack codebase to improve idempotency and general code quality as well as make use of Salt's more advanced features like orchestration and event-driven actions}`
			`\item {Co-led a migration to Ansible in an effort to abstract application deployment to Nomad and better define the responsibilities of a configuration management system}`
			`\item {Built a monitoring system with Prometheus, Thanos, Grafana, and Consul that used service discovery to auto-configure application metrics collection}`
			`\item {Improved monitoring, resiliency, and performance for complex storage systems built on top of ZFS}`
			`\item {Retooled AI/ML image inference event streaming architecture by replacing Kafka with RedPanda for improved reliability and performance}`
			`\item {Designed extensive caching layers for package types going to physical sites using pull-through Docker registry caches for container images and Nginx proxies for raw package types}`
			`\item {Lead migration from Nexus, internal PyPi, and Google Artifact Registry to Cloudsmith in order to centralize artifact management, improve supported artifact types, reduce complexity, and save costs}`
			`\item {Wrote Golang based CLI tooling for the systems engineering team to automate several day-to-day tasks around ticket management, SaltStack state application, k8s automation, and more}`
			`\item {Designed Terraform usage patterns and code organization and led a multi-month initiative to import hand-spun GCP infrastructure into Terraform state}`
			`\end{cvitems}`
			`}`

			`%---------------------------------------------------------`
			`\cventry`
			`{Senior Systems Engineer} % Job title`
			`{Shutterfly} % Organization`
			`{Santa Clara, CA, USA} % Location`
			`{June 22. 2016 - September 9. 2022} % Date(s)`
			`{`
			`\begin{cvitems}`
			`\item {Technical lead for Cloud Platform team with a head count of 10 engineers}`
			`\item {Onboarded, mentored, and helped grow several engineers and interns while at Shutterfly}`
			`\item {Part of committee of principal, staff, and architect contributors to build a larger architectural model for a migration from data center to AWS}`
			`\item {Migrated over 100 microservices of varying languages to Amazon ECS}`
			`\item {Designed several large, foundational Terraform modules that were used by ~200 engineers to deploy Security Groups, Elastic Container Service clusters, IAM entities, VPCs, ALBS, and more}`
			`\item {Designed a AWS global resource testing model that used AWS accounts as test environments for globally available resources like IAM entitites}`
			`\item {Wrote a custom reverse proxy in Go to facilitate a maximized inverse cache hit rate in order to support a legacy .NET application}`
			`\item {Wrote custom log ingress filters in Node.js on AWS Lambda for translating log entries into structured log events for Splunk ingress}`
			`\item {Wrote custom tooling around AWS ECS in Python to enforce draining nodes from tasks during abrupt scaling events}`
			`\item {Performed capacity planning in accordance with load testing results and metrics to right size capacity}`
			`\item {Embedded into application teams to assist them with the cloud-native architectural designs of their services}`
			`\item {Designed cloud logging architecture utlizing FluentD, FluentBit, and logging sidecars for log ingestion over PrivateLink into Splunk}`
			`\item Wrote custom FluentBit plugins in Ruby to support generalized logging event patterns for applications running on ECS`
			`\item {Wrote Terraform module to abstract AWS Kinesis Streams and then assisted teams with a migration away from Kafka}`
			`\item {Designed immutable infrastructure pipeline using Jenkins pipelines, Ansible playbooks, and Packer to produce AWS AMIs that fed into EC2 nodes within autoscaling groups}`
			`\item {Wrote custom integrations for running GPU dependent tasks on ECS nodes in order to support complex topgraphical image generation}`
			`\item {Wrote CLI tooling in Go for Cloud Platform team to automate checking ECS clusters, interacting with internal HTTP endpoints, and more}`
			`\item {Extended and customized aws-azure-login Node.js application to support logging into accounts federated to AWS from Azure AD via SAML}`
			`\item {Co-designed a hub and spoke model that used AWS accounts as a security and management segregation layer for environments with Transit Gateway linking all of the environments together}`
			`\end{cvitems}`
			`}`

			`%% \cventry`
			`%% {}`
			`%% {}`
			`%% {}`
			`%% {}`
			`%% {`
			`%% \begin{cvitems}`
			`%% \item {Eliminated Nagios CPU bottleneck by retooling clusters to run PyPy}`
			`%% \item {Wrote CLI tooling in Go for Cloud Platform team to automate checking ECS clusters, interacting with internal HTTP endpoints, and more}`
			`%% \item {Designed and wrote an access system in Go and Terraform that created jumphosts scoped to a team and then synced SSH keys to them for internal network access}`
			`%% \item {Replaced that SSH system with AWS Systems Manager when the product was releases in order to improve security and better integrate access control with IAM}`
			`%% \item {Extended and customized aws-azure-login Node.js application to support logging into accounts federated to AWS from Azure AD via SAML}`
			`%% \item {Co-designed a hub and spoke model that used AWS accounts as a security and management segregation layer for environments with Transit Gateway linking all of the environments together}`
			`%% \item {Managed account creation process for dozens of AWS accounts}`
			`%% \item {Heavily pushed for testing Infrastructure-as-Code by introducing and establishing testing patterns for Terraform modules and EC2 instance OS state}`
			`%% \end{cvitems}`
			`%% }`

			`%---------------------------------------------------------`
			`\cventry`
			`{Software Engineer, Infrastructure and Operations} % Job title`
			`{Opower / Oracle} % Organization`
			`{San Francisco, USA} % Location`
			`{January 12. 2015 - May 23. 2016} % Date(s)`
			`{`
			`\begin{cvitems} % Description(s) of tasks/responsibilities`
			`\item {Refactored and wrote Puppet manifests to converge data center localized hardware nodes to prepare them as Proxmox hosts}`
			`\item {Co-designed with DBA a distributed file system storage array using Ceph}`
			`\item {Designed resilient high-availability MySQL cluster using Heartbeat to float a VIP between multiple masters}`
			`\item {Maintained several applications deployed via Proxmox as VMs that were converged via Puppet}`
			`\item {Wrote a tool in Ruby that migrated Opower from FreeIPA to Active Directory}`
			`\item {Designed and implemented Active Directory sync mechanism to Proxmox VMs via SSSD (System Security Services Daemon)}`
			`\end{cvitems}`
			`}`

			`%---------------------------------------------------------`
			`\cventry`
			`{DevOps Engineer} % Job title`
			`{InsideVault} % Organization`
			`{San Carlos, CA, USA} % Location`
			`{Febuary 24. 2014 - December 15. 2015} % Date(s)`
			`{`
			`\begin{cvitems}`
			`\item {Managed MongoDB cluster used by SEO optmization platform}`
			`\item {Used Jenkins to build testing and deployment pipelines for Scala applications using sbt}`
			`\item {Wrote Chef cookbooks for deploying Apache Mesos cluster members to EC2}`
			`\item {Managed Apache Mesus cluster that was used for distributed batch processing}`
			`\end{cvitems}`
			`}`
			`%---------------------------------------------------------`
			`\cventry`
			`{Systems Administrator} % Job title`
			`{Apollo Group} % Organization`
			`{San Jose, CA, USA} % Location`
			`{January 23. 2012 - January 10. 2014} % Date(s)`
			`{`
			`\begin{cvitems} % Description(s) of tasks/responsibilities`
			`\item {Wrote a custom deployment web UI using Ruby and jQuery to integrate Chef, AWS EC2 nodes, and Haproxy to serve as the main deployment interface for ~100 engineers for a dozen of Java based microservices}`
			`\item {Wrote Chef cookbooks that converged EC2 nodes so that they could run Java based applications}`
			`\item {Rewrote the aforementioned deployment tool as part of a migration from AWS to a data center platform runnign VMWare VSphere}`
			`\end{cvitems}`
			`}`
			`\end{cventries}`