Summary

• I enjoy involvement with advanced technology and engineering solutions to difficult problems. My lifelong passion for software engineering, including thirty years of commercial experience, has equipped me with a solid practical and theoretical understanding of computer science and electronic engineering. I have an excellent understanding of algorithms, data structures, programming languages, commercial product development and project management. I have extensive experience leading small engineering teams, have worked on a wide range of technical problems, and offer a demonstrable track record of success in terms of technical and business challenges. I am a practical problem solver and creative thinker.
• Core subject matter expertise in data structures, algorithms, design patterns, systems/backend programming, desktop applications, object oriented design, application/computer/network security, malware detection / remediation / sample processing, compiler design, device drivers, digital rights management, embedded systems, project management, reverse engineering, static and dynamic code analysis, operating systems, Agile and test driven development.
• In addition to my passion for software engineering, I bring dedication, integrity and hard work to my efforts. I excel at bringing complex and interesting ideas to life in software.

Skill Summary

Roles

• Analyst/Software engineer Technical architect
• Team leader Consultant
• Project manager
• Test engineering manager
• Core Competencies

Core project competencies:

• analysis, requirements, prototypes, architecture, roadmaps, project management
• Agile development, test driven development, test engineering

Core development competencies:

• C , assembler, python programming
• Object oriented design and development
• Performance optimization and multithreading
• Team mentoring and leadership

Core subject matter expertise:

• Data structures, algorithms, design patterns, efficient designs
• Desktop applications and server software
• Malware detection, remediation and processing systems
• Endpoint and network security systems
• Digital rights management and application security
• Device drivers, embedded systems, real time programming
• Operating systems and compiler design
• Static and dynamic code analysis o Binary content parsing and analysis

Languages

• C Visual C , STL, C , C, gcc, STL, design patterns C .NET 3.5
• Web JSON, XML, HTML, JavaScript, XSLT, Ruby on Rails SQL Microsoft SQL, MySQL, Transact SQL
• Scripting Python, Perl, Ruby, shell
• Assembly / Processors x86, 68k, PIC, 6502, 6811, Z80, TI320 DSPs shell shell scripts, Makefiles, Powershell, bash, grep, awk, etc.
• Graphics Qt5, MFC,Win32 Installers WIX

Operating Systems

• Windows all consumer and enterprise SKUs UNIX Linux Ubuntu, CentOS, RHE , Solaris MacOS X
• Embedded proprietary RTOS, BIOS, BSP, etc.

DevOps / Configuration Management

• Administration RunDeck
• Build automation TeamCity, Jenkins Deploy Ansible
• Cloud AWS, S3

Tools / Applications

• Database MS SQL Server, MySQL
• NoSQL Hadoop, Kafka, Avro exposure but not proficient
• Revision control git, Subversion, CVS, PVCS, Visual SourceSafe Agile CSM, CSPO, TDD, Jira, VersionOne, github
• UML modelling Visio, Enterprise Architect, OmniGraffle
• Virtualization VSphere, VMWare Workstation, Fusion, Virtual Box Compiler tools lex, yacc, flex, bison
• Security firewalls, HTTPS, SSL, certificates, endpoint / enterprise security, intrusion detection Unix sysadmin server configuration, deploy, SSH, etc.
• Electronic design/debugging: Logic/protocol analyzers, oscilloscopes, ICE, benchtop test equipment, digital/analog circuit design, schematics
• Microsoft Office Word, Excel, PowerPoint, Visio, Project

Protocols / Formats

• Networking - TCP/IP, HTTP, PPP, SMTP, NNTP, FTP, SNMP, DNS, DHCP, POP, IMAP, MIME, socket programming, REST
• Cryptography - RSA, DES, MD5, SHA1/2, AES, PKI
• File formats: PE, ZIP, RAR, OLE, PDF, SWF, Markup, JSON, Elf, MachO, COFF

Professional Achievements

• Patent 7,581,103 Software Self-Checking Systems and Methods, 2009 co-inventor Patent 8,001,388 Software Self-Checking Systems and Methods, 2011 co-inventor
• These patents describe a stealthy and robust software self-checking mechanisms for improving software tamper resistance. The system described incorporates redundant tests to detect runtime modifications to a program, along with components to record or report these changes. The system is compatible with copy-specific static watermarking and other tamper-resistance techniques.
• Lead Author, Pimp My PE: Taming Malicious and Malformed Executables, Proceedings of the Virus Bulletin Conference, October 2007, Vienna, Austria
• Conference Presenter, Pimp My PE: Taming Malicious and Malformed Executables, Virus Bulletin Conference, October 2007, Vienna, Austria
• During the development of our new malware detection and remediation engine at ThreatTrack, we became deeply involved with the anti-virus community. We recognized a unique opportunity to publish our work and exploited the opportunity with this paper and presentation.
• Co-Author, Dynamic Self-Checking Techniques for Improved Tamper Resistance, Proceedings of the Association of Computing Machinery ACM Workshop on Security and Privacy in Digital Rights Management, Nov. 2001

confidential

Senior Software Engineer for agent system team, responsible for productizing and deploying a prototype enterprise malware diagnostic and remediation system used by Mandiant consultants to identify, diagnose and resolve enterprise security breaches by sophisticated attackers. Agent components communicate securely to central server which exposes REST API to client. Agent system implemented in Python and C and targets Mac, Windows and Linux hosts. Server implemented in Python and runs on Ubuntu and RHE. Performed diverse activities including system characterization and debugging, system functional testing, new feature development, AWS administration, linux server administration, scaling the architecture to support tens of thousands of endpoints Windows driver debugging devops activities.

Program Manager responsible for managing development of malware definition production automation system used for workflow management by malware researchers.

ThreatTrack Security

• Joined Sunbelt Software when it was a small software reseller and helped lead its transformation into a 40M world-class endpoint security vendor. Primary role as Scan Engine Architect was to lead development of a modern, successful endpoint security product.
• Key Accomplishments:
• Architect and lead developer of VIPRE engine, a lightweight, portable malware detection and remediation engine
• Founding member of scan engine and test engineering teams
• Built a robust, effective Test Engineering team around anti-malware engine and backend systems Persistently evangelized SWE best practices and moved organization away from Build and Test to
• Agile and TDD
• Data-driven approach allowed QA / Ops teams to solve numerous, difficult challenges and vastly improve scan engine quality and operations metrics, including:
• Created and analyzed simple production metrics, allowing identification of system-wide inefficiencies, then re-designed them out. This holistic approach reduced production latency for threat definition packages by > 80 .
• Resolved difficult memory leaks in engine C codebase and drove leak defects to zero. o Implemented efficient, fully automated production testing system which enabled high
• frequency, 24x365 release of threat definition updates to customers
• As Scan Engine Manager, acted as architect and technical lead for anti-malware engine, a replacement for legacy anti-spyware product. C /assembler, targeting Windows, Linux and Mac. Sole developer of first two product iterations eventually mentored and managed team of 12 engineers on- and offshore. Responsible together with CTO for R D effort culminating in production launch in July 2008 of VIPRE technology, moving organization from legacy signature-based detection technology to a completely rewritten scan/remediation engine with compact memory and disk footprints and excellent runtime performance. Architected and developed major technology components including PE parser/loader, x86 execution emulation, dynamic translation, Win32 emulation, and extensible archive processing. Built and maintained production codebase and CM systems. Led presentation of technical work at Virus Bulletin conference.

• As Test Engineering Manager, led a team of 10 engineers and analysts. Designed and implemented robust automated testing solution providing extensive engine test coverage and enabling 24x365 definition releases. Solved various production and operations challenges using an iterative, metrics-based approach. Developed custom test automation tools in C to fully automate definitions handling. Identified memory leak and corruption defects in scan engine responsible for long term, highly intermittent defect reports. Drove development of in-band quality system to provide 100 leak/corruption validation on all code changes prior to RTM. Developed organized approach to managing diverse, dynamic project set competing for limited resources and providing executives with actionable operations metrics. Developed performance metrics for core scan engine and endpoint products drove deep performance optimizations.
• As Senior Researcher, worked with CTO to implement next-generation A/V lab sample/workflow management system prototype. Technologies include Hadoop, Kafka, Ruby, Rails, Javascript and Avro, hosted on AWS. Development in Mac environment in Ruby and Java. Develop Rails web application for Avro schema management. Build tools for metadata extraction from Windows PE files

confidential

• Self-funded R D effort building technology demonstrator for Windows PE binary regeneration platform. This was a full-time effort in 2005, otherwise it has been a part time personal research project since 1999.
• Developed an executable image-analysis demonstrator similar to IDA Professional featuring image parsing, manipulation and regeneration capabilities for Windows executables. System parses a target image and exposes a comprehensive internal representation for manipulation. Subsequent to manipulation components are seamlessly regenerated into a new executable. Win32 user interface integrated with analysis/manipulation engine, fully pluggable, 300k LOC, C , STL, assembler and MFC.

confidential

• Software Engineering Manager leading software development effort for a robotic endoscopic medical device, including software architecture solution, key device algorithm development and safety system. Managed six local and offshore software engineers. Authored system, marketing, safety, technical and quality assurance documentation of portions of the FDA 510 k submission. Drove prototype verification testing effort. Presented prototype system functionality for investors, conference attendees, advisors.
• Designed and built system software architecture and prototype next-generation, actively steered endoscopy system demonstrator. Founded the software engineering group, solved early stage R D challenges, and led all software development culminating in early-production product. Collaborated with the PM to develop a production system architecture based on TI DSPs, PIC 18x processors, and high performance CAN-based system bus. The design involved a large number of DSP processors controlling servo motors, a PC-based system controller and robust system safety architecture.

confidential

Owner and principal consultant for small, high-intensity software consulting firm developing over 100 custom solutions for 70 clients. Led product architecture, system design, business development and project management for team of 6 senior engineers. Projects included robotic systems, embedded software solutions, Windows applications, software security systems, custom device controls, and microcontroller based projects for a wide range of software based systems and devices.

Representative Projects:

• Anti-Tamper System for DRM Platform: Designed a variety of application security technologies to provide tamper resistance, detection and response functions for InterTrust's DRM platforms. C and assembler targeting Windows, Linux and Solaris as well as portable devices. Patents awarded.
• Turnkey Software for Audio Logger: Built turnkey solution for embedded WinNT-based 24-channel digital audio logger system. Integration of driver and custom ISA audio capture card. Developed device drivers to manage hardware interfaces and handle 24 channels of streaming audio, and application to manage 100 GB database of recorded audio with automatic purge feature for fully unattended operation.
• High Performance Industrial Camera System: Built turnkey software solution for the first production Windows software package for 8000 frame per second camera. Managed full turnkey effort including development of product specification, software architecture, implementation and deployment of kernel mode driver component, Windows GUI, PCI interface card bring-up and integration, and system integration.

confidential

Software consultancy designing and developing custom software for DOS, Windows and embedded systems. Developed wire-wrapped prototype devices and system documentation.

Representative Projects:

• Firmware Development for Cellular Repeater Equipment: System control firmware in C and assembler for 6811 based repeater control system.
• Sustaining Engineering for Chemical Generation / Pumping Device: Real-time Visual Basic application controlling chemical generation and distribution device. Object oriented architecture with redundant safety features.
• Diagnostic Application for PC DAT Drive: Developed and supported RVISION diagnostic application enabling real-time diagnostic for DAT tape drive system. Worked closely with principle engineering staff to solve complex tape handling and thermal compensation problems for production devices.

Research Interests

• I continue to pursue various personal research projects in my spare time.
• One such project relates to my interest in digital content manipulation and the application of this technology to a variety of problem spaces in computer security. The project involves development of a binary content manipulation system. Like IDA Professional this system parses the internal structure of Windows PE files. The project's fundamental goal is to expose the executable's abstract internal representation and allow arbitrary transformations to be applied, enabling direct, high-level manipulation of executables as well as other content types.

Areas of interest:

• Operating systems and compiler design Application and network security
• Digital rights management Binary translation
• Reverse engineering and exploit detection Static and dynamic code analysis
• Robotics, computer vision and autonomous systems Embedded systems
• Design patterns User experience