Working at the intersection of individual contribution and engineering leadership.- Implemented Continuous Deployment to facilitate organizational shift to mission-oriented feature teams and reduce cycle time. Technology included AWS, CircleCI, Github, and Aptible PaaS- Implemented transition from self-hosted ELK to Sumologic. Reduced logging activity over 40% by intercepting logging output with lograge, fixing deprecation warnings from ActiveRecord, Sidekiq, and other components while meeting HIPAA compliance requirements and providing logs for debugging run-time and customer issues.- Implemented Ruby on Rails proof-of-concept for eCQM, and CCDA components of ONC certification. Shepherded eRX, eCQM, CDS, and C-CDA sections of the ONC proctored assessment to obtain ONC certification.- Hiring activities to more than double the Engineering headcount over the course of 2022 and 2023. Wrote job descriptions, technical interview and behavioral interview templates for Technical Lead, Full Stack, Infrastructure, Platform, and API focused engineering roles. Wrote interview questions and participated in hiring VP Infosec. Conducted resume screening, hiring manager interviews, behavioral and technical interviews.- Defined career and leveling framework for engineering ICs and EMs. Collaborated with HR and VP Engineering to define competencies and levels for ICs and EMs. Outcomes, Responsibilities, and Competencies were defined for each level and role.- Rolled out LaunchDarkly feature flags to reduce risk of new feature releases and decrease cycle time; flags are audited monthly and deleted appropriately.

Led the internal tools and revenue cycle management teams, ensuring the invoices go out so the checks come in and supporting internal logistics teams. Duties include: managing team performance using team-specific metrics jointly developed with technical leads; leveling up 7 to 12 direct reports in Hinge Health's competencies rubric with weekly 1-1s to establish tight feedback loops for unblocking delivery; monitoring developer engagement and psychological safety as measured by weekly survey; leading adoption of new R&D-wide Ostrom-inspired process for managing the shared Ruby on Rails codebase.

Adapted DevOps culture from Google SRE to Hinge Health to build core infrastructure team operating with daily standups, sprint-based infrastructure projects; tracked toil, propagated SRE Working Agreement to stakeholders to buffer incoming requests. Brought AWS assets under TerraForm control, including S3 buckets, IAM users and policies, and SFTP implementation via AWS Transfer. Started “push button provisioning” with AWS secrets management, Subaccounts, and ECR Container provisioning.• Transitioned from self-hosted Sentry and ELK to hosted Sentry and Sumologic, ensuring HIPAA compliance with appropriate BAA, and contractual terms allowing for data deletion as warranted. Alerting and monitoring framework with a variety of SLOs and SLIs established to provide autonomy for microservice teams to establish team-specific alert levels. Oncall rotation established with PagerDuty.• Created initial security and operations incident management systems: report templating, defining incident criteria, creating playbooks for remediating operations incidents; managed operations incidents and trained developers to use the system for operations incidents requiring templated incident reports. Reportable incident occurrence dropped from multiple weekly incidents to less than monthly occurrence for server side applications.• Managed compliance and security responsibilities: monitoring backup activity for S3 buckets and platform databases, emailing stats, and uptime reports. Implemented quarterly disaster recovery exercises via runbook. Launched “push button” evidence collection for compliance automation. Participated in business continuity planning.• Left shifted data, security, and infrastructure compliance assessments for new microservices, ensuring relevant stakeholders are notified before work starts, with planning guided by associated stakeholder concerns.• Managed 9-12 direct reports. Participated in engineering-wide hiring, engineering team doubled in size.

* Interim CISO Q3 2019: customer security assessments, vendor due diligence, policy and procedure development, security awareness training, compliance and auditing, finalized HITRUST CSF certification. * Technical lead and manager for integrated application and data team. Managed up to 10 direct reports with focus on performance and professional development. Developed estimation framework and socialized estimation across engineering teams.* Hiring: scorecarding and job description descriptions for statistical scientist, data engineer, operations engineer (SRE), Rails back end engineer. Engineering team doubled in size.

* Technical lead and contributor for Rails-based application: designed and implemented freestanding (Ruby gem) health insurance eligibility api component, implemented GraphQL-based endpoint for mobile client rewrite, evaluated Airflow for initial ETL construction, Rails query optimization. Managed 3-5 direct reports. * Hiring activity focused on screening, interviewing and onboarding back end developers; responsible for hiring 5 engineers during Q3 2018, including data engineer. Engineering team roughly doubled in size. * Security activity included: securing proposals and selecting vendor for penetration testing; remediation with fast turn around for clean reports.

* Technical lead and contributor for rewrite-in-place of core Rails application: evolved data model for business requirements with no-downtime migrations, improved top-of-funnel multipage survey form, paid down significant technical debt, increased test coverage, established code quality standards with technical enforcement.* As security officer: Implemented auditable SDLC process, evaluatedSOC 2 assessors and accounting proposals for Type I & Type 2, handled security assessments and due diligence from sales prospects, redlined contracts for security and engineering concerns.* Hired front and back end developers, participation ranging from sourcing through screening and interviewing; engineering team doubled in size.

Email authentication as a service. Worked full stack on Rails with Bootstrap.

* Moved data storage from Rails ActiveRecord (Postgres) into Cassandra, maintaining relational structure of data. Deployed into live production environment, increased write capacity at least 10x.* Extracted Software Vulnerability Assessment (SVA) component into internal service to support SVA microservice.

Customer portal development for cloud server security monitoring using Ruby on Rails:* Processed Secpod OVAL definitions into flat structure for denormalizing forward and backward references in the Secpod OVAL file increasing vulnerability exclusion processing by 25x.* Extended Log-based Intrusion Detection System (LIDS) for Windows logging (Lua scripting), added functionality to Configuration Security Management (CSM) component, improved agent-based firewall control for Linux-based system.

While at The Fung Institute for Engineering Leadership, a part of UC Berkeley's College of Engineering, I've had the opportunity to achieve the following results:* Disambiguated USPTO inventors using Order-Restricted Bayesian Inference as implemented in a legacy C++ code base. Sensitivity analysis, preliminary validation and verification implemented after refactoring to modularize existing code. Custom unit testing modeled on RSpec written to encourage faster, more complete test coverage.* Built US patent web service API using Ruby on Rails, with PostgresQL containing 100M records for patents between 1975-2012. Remote collaboration with American Institute for Research (air.org) to specified wireframes, allowing USPTO examiners to rapidly generate geocoded attributes for incoming patents.* Extensively revised peer reviewed paper (machine learning method Order-Restricted Bayesian Inference), subsequently (2014) published in Elsevier's Research Policy (154 citations as of April 2016). Paper describes science and innovation policy implications resulting from an accurate disambiguation of inventors granted US patents.* Extended and revised Python-based preprocessing for raw patent data from Google for both XML and (limited) SGML-based records. System required refactoring to allow unit and integration testing to be implemented as needed. Code base now structured to encourage Test-Driven Development (TDD).* Built Fung Institute's cloud-based research platform for software development, using services offered by Heroku, Github and Amazon S3.* Mentored 4 CS undergraduates in modern programming techniques: Test-Driven Development, using agile stories to guide development and revision control with git and github.* Proposed and implemented Fung Institute in-house publishing to promote leadership case studies, whitepapers, technical reports and related literature documenting the activity of Fung Institute faculty, staff, students and collaborators.

Software systems design and build, from desktop to web applications, small business web technology, SEO and content marketing.

Wireless sensor network construction and deployment for monitoring wildfires and underground environments such as Contra Costa County's Black Diamond Mines.

Development and deployment of wireless sensor networks for environmental monitoring of wildfires and underground mines. Work resulted in published and cited patent application and formed basis for incorporating bootstrapped startup. Project funded by National Science Foundation Technology Research grant ITR/IM-0121693.Reverse engineering of legacy C code and file format (VAX) for obsolete data acquisition instruments.

Project JXTA, a Sun Microsystems incubator project in Bill Joy's group focused on building peer-to-peer network messaging and search infrastructure. Responsible for initial conception and implementation of JXTA-C, the C language-based implementation of the Java-based JXTA protocols. Granted four patents as part of this team.

Windows client for the Infrasearch hub-and-spoke distributed search system. Infrasearch was an Andreeson-funded startup sold to Sun Microsystems in early 2001.