Portfolio
Some highlights of the last decade.
Zerocopter, a security scaleup
Initially brought on to help with a small devops project, ended up staying a few years to professionalize infrastructure and application security.
- Built a docker-based infrastructure for running security scanners.
- Assessed, centralized and enhanced logging/monitoring of all infrastructure to improve reliability and security.
- Designed and implemented a highly customized VPN solution.
- Built a hack test platform: a web app that has various types of simulated vulnerabilities where potential researchers can demonstrate their skills. One of the challenges was simulating vulnerabilities without actually being vulnerable.
- Security audit, code review, security awareness training, application security training.
AVG Programma, a GDPR compliance scaleup
After an acquisition, I worked with the new CEO to completely overhaul the platform and IT activities.
- Built a much more secure, robust new backend system to replace the legacy platform.
- Worked with all stakeholders to plan and execute the migration to the new system.
- Sparred with CEO on hiring, outsourcing, IT management, security.
Snooty Software, my development tooling startup
I started Snooty Software with Joachim Nolten to build products that automate the repetitive parts of programming.
- Prototyped the core technology, most of which is on github now. Monocle and erb2builder in particular are novel ways of juggling ASTs.
- Wrote a few blog posts about what goes on under the hood.
- Monocle: bidirectional code generation (this made it to the Hacker News front page, see thread).
- erb2builder: convert erb templates into builder templates and back (this made it into the Ruby Weekly newsletter).
- Using XPath to rewrite Ruby code with ease (this one is a bit older but made it into the Ruby Weekly newsletter and Ruby Inside).
- Learned a ton about copywriting, market research, marketing and sales.
- Made some product demo videos together with Joachim Nolten.
- Snooty builder, a prototype of a bidirectional low-code platform.
- Textractor, a tool to automatically prepare your ERB templates for internationalization.
Silk, a data visualization startup
After nearly a decade of mainly developing software, I wanted to try my hand at full-time SRE work.
- Professionalized ops: introduced a number of processes such as backup recovery tests, capacity planning, security checks and more.
- Greatly improved reliability. Resolved various recurring production issues, among them complex cascading failures. At the same time I tweaked monitoring to eliminate false-positives and anything not actionable, so that alerts were no longer ignored.
- Made large performance improvements: among other things by adding profiling instrumentation to the micro-services to pinpoint bottlenecks, and optimizing the Varnish configuration to strongly improve the cache hit-ratio.
Blendle, a journalism startup
Joined right at the start together with two others, as the initial development team.
- Grew backend/ops team to fifteen people.
- Designed and built micropayments system, including double entry book-keeping and much more.
- Built custom profiler, pipelining proxy, CDN config simulator, newspaper processing monitoring system, and more.
- Was responsible for reliability, performance, and appsec.
Open Embassy, a social enterprise
Open Embassy is an online helpdesk that enables status holders (refugees with a permit) to ask questions about their integration process in a privacy proof private chatroom.
- Consulted on various privacy/security/infrastructure problems.
- Security awareness training.
- Code review.
Confidential
Some gigs have strict confidentiality requirements, so I can’t go into details. But I have experience with:
- Technical due dilligence for small and large acquisitions.
- Incident response.
- Security assessments.