About Me

Education

Fanshawe College

(2015-2018) - Computer Systems Technology advanced diploma

Presidents List - 4.0+ Cumulative GPA


My career so far:

Specific details have been redacted. For more info, please contact me.

System Admin - Healthcare Tech Startup

2019 to the present

This company creates innovative health care web applications.

My work included routine maintenance as well as architecture for a very diverse web application stack. Working closely with the Dev team, I was responsible for the performance, reliability, and security of multiple 24/7 production environments.

Video Game Company (Casino for Children) - IT Specialist

Co-op: Sep-Dec 2017, May-Aug 2018

I did two internships at this software company while completing my education. My work involved supporting a wide range of desktop applications from dev tools to art, animation, and everything in between. Part of this was network and server upgrades, maintenance, and a push towards open source tooling.

Small Local Charity/Nonprofit - IS Systems Support

Co-op: Dec 2016 to March 2017

This organization is an employment and education service founded on Canadian Indigenous principles. My work involved keeping our people safe and helping our clients. This included everything from endpoint management and support, all the way up to security focused network upgrades. As my first real experience with PHI data management, this was an eye opening and formative experience.

Managed Service Provider/PC Shop

Co-op: Jan-June 2015; Full Time: July-Aug 2015, May-Aug 2016

An IT consulting company in Stratford Ontario. During my time there, I started off as a computer repair tech and worked up to network installation on a large commercial job. I think every young techie should spend some time crawling through dusty service tunnels, it builds character!


Reading List

  • The Checklist Manifesto, Atul Gawande
  • The Shock Doctrine: The Rise Of Disaster Capitalism, Naomi Klein
  • Normal Accidents: Living with High Risk Technologies, Charles Perrow
  • Cult of the Dead Cow, Joseph Menn
  • CISSP Study Guide / 5th Edition, Harris & Maymi

Things I think I’m pretty good at

Application Stacks I’ve run:

  • Java, Tomcat, Spring framework
  • PHP-FPM on Nginx (NextCloud, Drupal, Wordpress)
  • Ruby on Rails (Mastodon)
  • NodeJS (JSwiki, BookStack, etc.)
  • Horrifying golang blobs full of mysteries
  • Just putting Nginx in front of anything
  • Just putting PostgreSQL behind anything

Orchestration & IaC tools I’ve used:

  • Ansible
  • Saltstack
  • Terraform
  • Kubernetes (training wheels phase)

Monitoring Stacks:

  • Sensu Framework, Sensu Go client/server
  • ELK Stack - ElasticSearch, Logstash, Kibana
  • ELK + Graylog
  • EFK stack - Rip out Logstash and replace with Fluentd
  • Telegraf + InfluxDB + Grafana
  • LibreNMS
  • Prometheus
  • Wazuh or OSSEC
  • Suricata or Snort
  • Plain old SNMP

Databases where I have put data:

  • PostgreSQL (9.5, 10, 12)
  • Mysql & MariaDB
  • MongoDB
  • ElasticSearch
  • Apache Solr
  • Microsoft SQL server

Performance and Security tools

  • Apache JMeter for Load Testing
  • Burp Suite
  • OWASP ZAProxy
  • NAXSI plugin for Nginx
  • Suricata, inline IPS or SPAN-port IDS

Clouds that have rained down upon me:

  • Amazon EC2
  • Digital Ocean
  • Google Cloud
  • IBM’s weird Kubernetes fever dream
  • Netlify (That’s where you’re reading this!)
  • CloudFlare
  • FireBase

(Don’t talk to me about Oracle Cloud, I’m not interested)

Operating Systems I like:

  • Debian Stable and derivatives
  • Gentoo Linux
  • Arch Linux
  • OpenBSD (Other BSD’s are cool too)

Operating Systems I don’t like:

  • Windows server
  • Red Hat Enterprise Linux
  • Amazon AMI Linux
  • VMware ESXi (We have a complicated relationship)
  • Any MacOS/OS X release after SIP became mandatory
  • PFSense

Meatbag Layer tech stacks:

  • PIPEDA (Canada)
  • GDPR compliance and controls
  • HIPAA compliance for web apps
  • NHS Data Processing regulations

Fun Projects

I like to keep some projects going at home. Here’s what’s on the back burner right now:

  • Two very low spec Intel NUCs, one running VMware ESXi, one running Debian with Libvirt/KVM/Qemu.
  • Home-made IDS & firewall appliance, gigabit speeds for cheap
  • One very dubious eastern european Mikrotik switch.

Naturally, I have lots and lots of VMs…

Things I want to learn

The more you know, the more you know you don’t know…

I really want to pick up some more skills in the next couple years. Here’s a quick rundown of what I want to learn.

  • Kubernetes. I know the basics, but I want to do a proper deep dive
  • GitLab CE - It just looks super cool
  • Learn more webapp fuzzing tools
  • Become an emacs guru
  • Get into overlay networking, service mesh architecture etc.
  • Build a massive object store. I have a potential project coming up where I will need to store 60+ TiB with high uptime and data resiliency. Sounds like a job for Ceph!
  • Scale out my small home datacenter with more NUCs, more eastern European switches, and more scabby old laptops! Viva la Cheapo!

But in all seriousness,

The most important thing I want to learn is how bring ethics to technology.

The very last thing I want is to become part of the system that abuses privacy, freedom, and takes advantage of the most vulnerable persons.

We don’t need a few people to do it perfectly, we just need most people to do an okay job of it. And, as somebody with a strong technical background I feel that it is my responsibility to act ethically at all times. Privacy and security are so intangible and nebulous, we don’t know what we’ve lost until they’re gone.