Portfolio

Some highlights of the last decade.

Zerocopter, a security scaleup

Initially brought on to help with a small devops project, ended up staying a few years to professionalize infrastructure and application security.

Built a docker-based infrastructure for running security scanners.
Assessed, centralized and enhanced logging/monitoring of all infrastructure to improve reliability and security.
Designed and implemented a highly customized VPN solution.
Built a hack test platform: a web app that has various types of simulated vulnerabilities where potential researchers can demonstrate their skills. One of the challenges was simulating vulnerabilities without actually being vulnerable.
Security audit, code review, security awareness training, application security training.

After an acquisition, I worked with the new CEO to completely overhaul the platform and IT activities.

Built a much more secure, robust new backend system to replace the legacy platform.
Worked with all stakeholders to plan and execute the migration to the new system.
Sparred with CEO on hiring, outsourcing, IT management, security.

Snooty Software, my development tooling startup

I started Snooty Software with Joachim Nolten to build products that automate the repetitive parts of programming.

Prototyped the core technology, most of which is on github now. Monocle and erb2builder in particular are novel ways of juggling ASTs.
Wrote a few blog posts about what goes on under the hood.
- Monocle: bidirectional code generation (this made it to the Hacker News front page, see thread).
- erb2builder: convert erb templates into builder templates and back (this made it into the Ruby Weekly newsletter).
- Using XPath to rewrite Ruby code with ease (this one is a bit older but made it into the Ruby Weekly newsletter and Ruby Inside).
Learned a ton about copywriting, market research, marketing and sales.
Made some product demo videos together with Joachim Nolten.
- Snooty builder, a prototype of a bidirectional low-code platform.
- Textractor, a tool to automatically prepare your ERB templates for internationalization.

Silk, a data visualization startup

After nearly a decade of mainly developing software, I wanted to try my hand at full-time SRE work.

Professionalized ops: introduced a number of processes such as backup recovery tests, capacity planning, security checks and more.
Greatly improved reliability. Resolved various recurring production issues, among them complex cascading failures. At the same time I tweaked monitoring to eliminate false-positives and anything not actionable, so that alerts were no longer ignored.
Made large performance improvements: among other things by adding profiling instrumentation to the micro-services to pinpoint bottlenecks, and optimizing the Varnish configuration to strongly improve the cache hit-ratio.

Blendle, a journalism startup

Joined right at the start together with two others, as the initial development team.

Grew backend/ops team to fifteen people.
Designed and built micropayments system, including double entry book-keeping and much more.
Built custom profiler, pipelining proxy, CDN config simulator, newspaper processing monitoring system, and more.
Was responsible for reliability, performance, and appsec.

Open Embassy is an online helpdesk that enables status holders (refugees with a permit) to ask questions about their integration process in a privacy proof private chatroom.

Consulted on various privacy/security/infrastructure problems.
Security awareness training.
Code review.

Confidential

Some gigs have strict confidentiality requirements, so I can’t go into details. But I have experience with:

Technical due dilligence for small and large acquisitions.
Incident response.
Security assessments.