Aaron Collins

Background

About

I have 20 years of experience in programming, security, operations and release engineering. As an early cloud adopter, I’ve learned, the amount of services I manage increases to infinite possibilities. Using containers, I’ve changed my mental model of what a task is. I strive to make all scripts, jobs and apps run out of a container to achieve my goal of sleeping all night. Since all tasks should now be run from a container most of my time is now spent creating configurations to building C.I.C.D. pipelines or auditing security and training other engineers best practices.

Work Experience

Sr. Staff DevOps Engineer,
Apr, 2018 - Present
Designed entire cloud infrastructure with Reform/Terraform. Created custom tool suite for managing Terraform called Reform. Reform manages multiple environments, secrets, provides tooling for missing terraform features like templates, feature flags, loops etc (Some of this has since been added in terraform 0.12). Created universal CICD pipeline for company to manage all products. Regularly train engineers on design principles and peer review their code to make it better. Also responsible for tracking, and patching all security vulnerabilities in company & 3rd party code. In addition I also made,
- Custom tooling around Jira project management
- ECS/Docker management tooling
- Ansible playbooks
- Developer tooling for engineers
- Training guides and workshops for engineers
- AWS Lambdas for devops automation
Sr. Devops,
Aug, 2015 - Mar, 20182 years 7 months
Responsible for implementing software defined infrastructure, training Jr. engineers and researching new infrastructure goals. Developed automated jobs to deploy code and manage infrastructure. Helped marketing team implement blog platform and assisted engineering team debug performance issues.
- Deployed identity management solution to grant access to 1k developers across 2500 hosts
- Developed automated monitoring and provisioning system to aid in auto-scale
- Created and managed docker clusters via Spotinst and ECS to lead effort in moving from virtual servers to containers
- Created base images and deployment tools to deploy new applications to containers
- Acted as monitoring evangelist giving lots of presentations and doing lots of personal training
Technical Director / Lead Developer,
Feb, 2012 - Aug, 20153 years 6 months
As Technical director and lead developer, I built a team and created an enterprise level activity reservation and booking system. The product immediately got the attention of the travel industries top players including Expedia, Disney, Pleasant Holidays, AAA etc. The system was designed as a SaSS product and featured a suite of tools for both mobile and desktop productivity. I was responsible for increasing revenue 1000% in 2012.
- Personally responsible for getting company PCI/DSS Compliant (Wrote Policies & Procedures, Created Security Awareness Training, Completed QSA Audit & Pentest Audits)
- Created and soley managed entire auto-scaling infrastructure in the cloud (Chef and autoscale groups).
- Developed global enterprise activity booking and reservation system for web and mobile
- Built and managed build pipeline for all product lines git, Jenkins, Gradle and xCode
- Built container clusters to run customer facing web apps for each env
IT Manager/Software Engineer,
Jul, 2010 - Feb, 20121 year 7 months
As It Manager and Staff Software engineer I was responsible for several critical services for the company. The company was coming out of bankruptcy and I was hired to train new staff, build a new e-commerce site and get the corporate network infrastructure modernized and under budget.
- Rebuilt and standardized network infrastructure across all islands and migrated corporate network to AWS cloud.
- Personally responsible for getting company PCI/DSS SAQ-D Compliant (Wrote Policies & Procedures, Created Security Awareness Training, Completed QSA Audit & Pentest Audits)
- Trained IT Team on how to manage POS systems and support accounting and ERP services
- Developed multiple ecommerce sites using C#, Java and PHP
- Implemented company first change control program.
- Created company first build pipeline with Jenkins, Maven and git
Lead IT Engineer/Programmer,
Aug, 2008 - Jul, 20101 year 11 months
Took a troubled observatory and turned it around by training the existing IT team and teaching them the skills to administer the legacy Irix/Solaris/Linux infrastructure. Then got to work on modernizing the site. Designed and implemented a modern Linux/Windows infrastructure with emphasis on stability and security. Implemented enterprise LDAP infrastructure to manage systems. Wrote first ever site infrastructure documentation (War book). Upgraded and re-baselined all Switches, Routers and Firewalls. Got site Airforce EITDR certified (Security Requirement). Received multiple awards for my work from the Airforce, Boeing and CSC.
- Obtained DOD TS Clearance
- Updated and secured entire site network.
- Developed an opensource LDAP management webapp to manage provisioning users and password policy for entire site
- I was hand picked by the Air Force to design new Space Program Observatory Control Kit (S.P.O.C.K.) in C++ & QT.
- Created new build and release systems for mine and other engineering teams apps
- Was sent to other Air Force Bases to implement my software
- Setup sites first monitoring service and trained staff on monitoring and updating it
- Got Security+ certified
Senior Systems Analyst and Security Analyst,
Apr, 2004 - Aug, 20084 years 4 months
Originally hired as the release engineer for the State of Hawaii web portal ehawaii.gov. I was quickly put in charge of managing all operations projects. As I advanced the network to a stable enterprise state, I was then put in charge of managing all security projects. This included certifying the infrastructure against HIPAA, SOX, PCI/DSS. Developed documentation portal using MediaWiki + LDAP Auth to keep all docs current. As the systems analyst I designed and managed a high availability Linux based Apache/Tomcat web farm. Managed and secured routers and firewalls (BPG & OSPF).
- Developed Ant & Maven build and release scripts
- Performed security audit of entire network
- Patched and updated entire infrastructure
- Created fault tolerant site with load balanced backup site
- Created custom corporate security tools to audit and alert for other state sites (Won company award for this work)
- Created SNMP based usage trend analysis to predict upgrade budget requirements
- Developed web applications using PHP, Perl and Java
- Administered Oracle and MySQL database servers
Consultant,
Feb, 2003 - Sep, 20052 years 7 months
I did onsite consulting for clients to manage and lockdown networks. Performed Novell to Windows migrations. Created managed turnkey firewalls for client sites that allowed for remote administration. Administered Windows 2000 Active Directory implementations for 10K users. Developed BSD NIS support in C for Samaba Project. Managed all IT projects for clients. Developed meta directory applications in Perl and C. Wrote Meta Directory White Papers. Developed automated desktop re-image software solution. Configured and managed Sonicwall Firewalls and Cisco Routers and Switches. I did on call 24/7 Support as well as IDS monitoring and vulnerability scanning/mitigation.
Lead Internet Infrastructure Engineer,
Aug, 2001 - Dec, 20021 year 4 months
I was relocated to California at the age of 19 to rescue a failing Internet Service. Within 6 months I had taken the ISP from 5k to 20k customers. Developed companies Disaster recovery policy and network security policy. Developed secure redundant firewalls, enterprise class LDAP infrastructure to manage all customers, customer web portal (using SSO via the previously mentioned LDAP) and custom AOL style signup CD.
- Created customer support training guides
- Performed security awareness training for handling customer credit cards
- Built company first VMWare cloud cluster to manage ISP and make it highly available.
Network Administrator, Tech Support Manager,
Mar, 1998 - Jun, 20013 years 3 months
Starting in tech support I quickly became the manager of tech support and the systems administrator for a large ISP. I administered Linux, Windows and Solaris servers. Managed Apache and IIS web farms. Installed and managed the internal exchange server as well as customer sendmail/postfix servers. Trained and managed entire tech support staff. Developed billing software in Perl and C. Managed Cisco Routers and configured ATM circuits for DSL.

Skills

Devops
Terraform

Chef

Puppet

ansible

Cloudformation

Jenkins
Development
C

C++

Perl

PHP

Javascript / Ecmascript

Python

PHP
Security
Vulnerability Scanning

Pen Testing

PCI, HIPAA, SOX Certification
Release Engineer
Gradle

Ant

Maven

Grunt

Composer

C.I.C.D. (Jenkins, Gitlab, Travis Ci, Rundeck)

Make

QMake
Cloud Architect
Amazon Web Services (Certified)

Google Compute Engine

VMWare

Azure
Containerization
Docker

Kubernetes

ECS

GKE

Nomad

Education

Meets the ISO 17024 standard and is approved by U.S. Department of Defense to fulfill Directive 8570.01-M requirements., , CompTIA Security+
Feb, 2010 - Feb, 2010
AWS Certified Developer, Associate, AWS
Nov, 2017 - Nov, 2019

Awards

Boeing Excellence award , Boeing
Awarded on: Nov 11, 2008
Granted for my effort in training the staff and developing a new fibre infrastructure
Boeing Excellence award , Boeing
Awarded on: Mar 10, 2012
Granted for my efforts to develop a new Observatory control system

Interests

Home Automation
SmarthingsZWaveZigbeeSonoff

References

Tim Galyean <timg@chegg.com>
Sr. Devops Engineer & Sr. Security Engineer at Chegg
Alex Boatwright <drdelambre@gmail.com>
Lead Developer / Co-Worker for ActivityRez
Patrick Leonard <dreamtear@gmail.com>
Developer for ActivityRez & Chegg Inc
Josh Hancock <josheightysix@gmail.com>
Partner Unity Crayons & Downbeat Diner