I am a highly experienced software engineering generalist with a wide variety of skills acquired over 20 years of industry experience, with emphasis on integration, interoperability, performance and security in some of the most demanding large-scale production environments including retail and high-stakes gaming. I have demonstrated strengths in investigative and analytic work, in heterogenous system architectures and complex debugging environments, and I have remained very hands-on throughout my career.
My deep interest in the security implications of software systems (and how they're routinely sidelined) has threaded through my entire career and often made me a cross-team authority despite it not being my official role. I've frequently brought to light vulnerabilities in design and implementation as well as working with more routine PCI assessment activities.
I've a longstanding enthusiasm for investigating and experimenting with diverse technologies outside my career responsibilities; my home lab ranges over reverse engineering, electronics interfacing, environmental data capture, telephony, remote control, cellular data, radio signal analysis, access control systems, visual processing, cryptography, JTAG data extraction, Android application development, cryptocurrencies, and service framework interfacing of many application areas. I have a keen interest in geodata and mapping, and contribute to various crowdsourced projects.
Over the last eight years I have been the principal ongoing developer and maintainer of monitoring and management functionality for our online gaming system. This included design and implementation of a suite of collection tools in Java, C, Perl, PHP, and Python centred on a Linux based manager, but also including Windows components in C++ and C#.NET, all integrating to industry standard open source monitoring tools such as Nagios.
Current work is focused on a Big Data solution for client-side error monitoring across all our customer-facing applications (web, mobile, native); currently in an architecture and technology-selection phase between Logstash/ElasticSearch and Hadoop, with related ecosystem projects such as Kafka and Storm, and service development using Spring.
This is a large SDLC function across multiple teams - business stakeholders, technology board, development teams responsible for their own architecture proposals and design, QA process, with elements of Agile methodologies. We have relied heavily on contemporary lifecycle tools and processes - JIRA, SCM (Accurev, Git), CI and deployment automation (bespoke).
I worked on defect resolution and profile implementation for the Bluetooth protocol subsystem in Symbian OS, including multimedia and Personal Area Networking, in a large and complex object-orientated component system, with extensive multithreaded debugging of the host layers of the protocol stack.
I developed a new integrated help system in Cyan's IDE for their proprietary embedded microcontrollers, using Adobe presentation software in a Qt framework.
I also set up a certificate system to get a critical USB interface driver through the then-arduous Microsoft digital signing process.
I produced and maintained comprehensive utilities, reporting tools and process flow management for the backend systems generating catalog content for Amazon's extensive product websites, integrating layers from legacy file transfer to modern service frameworks and database configuration management.
I developed performance analyses for existing systems, and migrated data reconciliation algorithms from a legacy batch system to a low-latency streaming replacement.
This was a challenging role requiring tight adherence to SLA timescales in a continuous delivery production system for one of the most dominant and groundbreaking online retailers in the world, with complex team and department dynamics and high pressure to minimise downtime.
Here I did extensive localisation and internationalisation work for European and East Asian languages, driver-level emulation of graphics support, audio streaming and storage support for the Citrix thin-client display products on eight hardware platforms.
I was also responsible for liason with RedHat over our inclusion in their Applications CD release, and production of suitably packaged releases for delivery.
In the Resource Manager development team, I built user interfaces in early MVC frameworks, and back-end services for generating notifications over email, SMS and other channels.
Both periods included a full range of project lifecycle tasks, from influencing process guidelines and product requirement decisions, writing functional specifications and design documents, to writing module implementions.
I developed integrated debugging and other features for our groundbreaking runtime cross-compilers (technologies only much later coined by the industry as "JIT" and "adaptive optimisation") for multiple RISC editions of Microsoft Windows. I had prime responsibility for the DEC Alpha version and worked on-site at Microsoft in Redmond as Insignia's technical consultant in the weeks leading up to the release of the NT 4.0 Beta. I gained immersive knowledge of multiple CPU architectures and assembler-level development, analysis and debugging.
Later I developed network protocols and OS interfacing for filesystem access in thin-client products, and made stability improvements to a custom product license enforcement system based on FLEXlm.
Processing an ever-increasing flow of new malware, I produced many analyses and detection patterns/algorithms for integration with a monthly subscription software release. This consolidated my knowledge of assembly language and low-level systems processes and architecture including OS bootstrap, executable formats and hardware storage structures, most of which are still highly relevant today.
I provided 24/7 technical support for corporate and government customers with malware incidents.
I also designed and implemented various encryption products and libraries using C and assembler, including a bespoke international document transfer system for a UK agency using RSA Public-Key cryptography.
I regularly wrote articles for the industry magazine Virus Bulletin, gave presentations on security for the Civil Service College, conferences and trade shows, and assisted with training courses delivered by the company for IT security managers.
BSc hons Computer Science, University of Warwick, UK
|[Validated XHTML 1.00] http://hackery.net/jmb/cv.html||$Id$|