PDF Resume

Shawn Wilson

srwilson@ioswitch.dev	PO Box 10905
PGP Fingerprint:	Oakland, CA 94610
BD8A 77EE 8991 9B51 5D73 E795 B8AB 96D5 2BF0 B6D4	(202) 505-3363

PROFESSIONAL SUMMARY:

• Experience in:
  • Writing queries in SQL, XPath, and REST
  • Using text processors and DSLs like jq, yq, csv, tsv, xml, TeX
  • x509, ocsp/crl, fpki, and extended UIDs in general
  • Crypto hardware: HSMs, smartcards, pgpcard, FIDO, and HC Vault/KMS/secrets management systems
  • Splunk and Elastic+logstash+fluentbit/syslog
  • Chef, Ansible, AWS Cloudformation, and Terraform
• Deep knowledge of:
  • regex and globs
  • Bash, Perl, Ruby, Python
  • Linux (including some kernel level module/udev topics)
  • git (refer to my blog post on it – see link below)

ACTIVITIES:

I have been writing blog posts (and supporting code) about Linux firewall deployments, systemd, linux containers. I am studying for the professional Kubernetes certificates, learning rust, and extending the Grype database. I’m an Extra class Amateur Radio operator. I publish a blog on random technologies that interest me.

Blog	tmux-start
Github	bashpack
NF-Save	bash libs
mon-hosts	nft policy

PROFESSIONAL EXPERIENCE

DevOps Engineer

Jotform – San Francisco, CA Nov 2022 – Sep 2023

• Maintained servers and infrastructure on Google Cloud platform
• Created new Terraform modules and Ansible roles
• Wrote a Bash script to look at each cert running on a server and report on how many days until it expired

Junior Vulnerability Management Engineer

Jacobs – Herndon, VA Jan 2021 – Aug 2021

• Analyzed remediation and false positive submissions for accuracy
• Built a powershell script to flag false positives

Senior Systems Admin

Innotac (contract: USCIS) – Falls Church, VA Feb 2016 – July 2020

• Worked with 3 AWS accounts containing multiple VPCs to their own Cisco CSR/DirectConnect and multiple deployments/environments
• Designed and implemented a deployment strategy for RHEL/CentOS systems in AWS (created shell scripts, cloudformation templates, updated packer scripts, chef cookbooks)
• Managed two coworkers to upgrade a large Chef environment (version 11 to 14), repo cleanup, and supermarket deployment
• Implemented Hashicorp Vault (including OIDC sign in and AWS instance authentication for host secrets)
• Created a chef resource (LWRP) to create iptables rules from protocol/application rule definitions and created a Splunk dashboard to show iptables log data across all servers
• Investigated and explained or remediated security audit findings
• Made sure that deployments only used internal resources
• Created Groovy libraries and workflows to allow push button deployments and environment updates in Jenkins
• Created/maintained Chef and Jenkins integrations with each other and AWS (boto3), packer, vault, Chef Minimart, etc.

Systems Admin

KoreLogic Security – Deale, MD Dec 2012 – Dec 2015

• Maintained Gentoo and Ubuntu Linux systems at three different geographic locations
• Maintained password cracking hardware, Raritan KVMs, and other hardware
• Wrote a Perl script that analyzes and efficiently presents data from iptables log lines
• Wrote a Perl module that generates iptables rules from a Perl data structure (NF-Save)
• Wrote a Bash script that starts tmux sessions and runs predefined commands
• Wrote a Perl script that packs sourced bash ‘modules’ sourced from a script
• Wrote a bash script to monitor hosts (mon-hosts)