Languages:
C++, Python, SQL, C, C#, and others less recently.
Operating Systems used:
Various varieties of Unix (including Linux), Windows.
Pulse Secure wanted vADC (rebranded as Virtual Traffic Manager) to be the the ingress controller for the cloud based SaaS Controller of their planned new multi-tenant Zero Trust Access product, and I moved to the new Platform Infrastructure Foundation team, which I am currently the Scrum Master for.
The Platform Infrastructure teams researched, designed, and delivered the new platform from scratch for the product launch in 2020 (after an earlier Beta release).
Ivanti acquired Pulse in December 2020, and the product is now Ivanti Neurons for Zero Trust Access
The ZTA Controller platform uses Azure Kubernetes Service. Work included deployment of Azure PostgreSQL server with Azure private link using Terraform, use of pgBouncer within the cluster for connection pooling, tooling to provide per-microservice credentials with design and testing of associated disaster recovery procedures and assisting the micro-service teams with their use, leading design of tenant separation defence in depth features, a Golang Kubernetes controller to run per-tenant schema creation jobs (with proof of concept migration to using Argo Workflow), work on the Jenkins Continuous Integration pipeline and GitOps based Continuous Delivery system, investigative work on use of distributed databases, service meshes and Kubernetes network policies.
Working on the Application Delivery Controller, initially on Web Content Optimizer, then joined the Performance and Security Team. Deliveries included updating the codebase to C++11, profiling memory usage, updating supported TLS versions, adding Kerberos Constrained Delegation, update of PKCS#11 HSM support, responding to security vulnerabilities, and build system improvements including converting an in-house build and test system tied to Perforce to a Jenkins based one when we migrated to git. This included parallelising the existing test system delivering much shorter wait times for test results, adding test coverage builds (gcov and lcov) and adding static analysis and sanitizer builds.
I also helped with organising recruitment fairs and hackathons.
Riverbed sold the ADC business to Broadcom in 2015. In 2017 Brocade were bought by Broadcom and committed to divesting the IP Networking business unit because other parts of it competed with some Broadcom customers. The ADC product was formerly Zeus Extensible Traffic Manager, branded by Riverbed as Stingray and then SteelApp, and by Brocade as vADC.
Most recently working as lead of a small sub-team working on providing replication services for an Informix database, using C# with Mono on Linux as part of a large project to write a next generation product, which was eventually cancelled (after I had left). There was a requirement to make the database available (including write access) even when connectivity to other clusters was lost, so eventual consistency potentially required manual intervention.
Before that I worked on a middleware server providing a common API for use by PKCS#11, MS-CAPI and CAPI-NG providers for the new project, and delivered a working proof of concept based on the older HSM software.
I also provided advice and help to the team who maintained the older product, and other teams within the new project.
Earlier work included delivering a PKCS #11 interface for nCipher HSMs, a prototype for an MS-CAPI provider (which became the first commercial non-Microsoft CAPI provider), and I was team lead for the nCipher CryptoAPI NextGen provider, which was delivered in time to meet a deadline of the launch of Windows Server 2008.
PKCS #11 work included working with customers and partners, and participating in RSA PKCS workshops.
I also wrote key management support software for the nForce Ultra SSL offload product (using the miniHSM to integrate OASIS KMIPS based key management with the main Ultra board, and added PKCS#11 support to the keyAuthority key management system (which is not the same as the Thales e-Security product named keyAuthority), including some Python GUI work.
I also wrote the initial version of the build system, using Cygwin and GNU make to support a common environment for Windows and Unix builds, and did some later maintenance on it.
API coding was done in C with more recent work in C++ and C# (along with Python, and odd bits of Tcl, Perl, make and bash scripts for other things).
nCipher were acquired by Thales e-Security in 2008, and is now part of Entrust
I joined Setanta Software to work on Print.Flow, a work flow monitoring product initially targeted at pre-press printing based on an object-relational active database.
The main database client was written in C with a GUI toolkit that ran on X Windows, Microsoft Windows, and MacOS, and there were additional tools written in Borland Delphi. There were also tools to export information as HTML pages, and to interface with other systems, for example taking information from a Sybase database using ODBC. I worked on all these parts of the system, as well as the source management system and development tracking system (which used the same database). Work was in a small development team with no management structure.
I was also at times webmaster for Setanta's web site (some fragments of which are in the Wayback Machine, but Setanta no longer exists).
I joined Shape Data as part of a team working on an object-oriented interface on top of relational databases (Oracle, Ingress, and RDB), written in C and embedded and dynamic SQL, for a product that ended up as IMAN (Information Manager) after a number of name changes, but is currently Teamcenter Engineering. Work included writing a test framework. I then moved to the N-able team, a project to explore architectures for a possible new product, working in C++ with an object-oriented database (ObjectStore).
The areas examined included reflexive data modelling, combining method dispatch with remote procedure calls, and journalling/undo/update. This job also involved some training of other team members. N-able produced some prototypes, but it was decided to divert work to the existing product, Unigraphics (now NX) and I became part of the Assemblies team. New UG code was written in C, with some work on existing Fortran.
I also helped with the introduction of a new RCS based source management system, and I learnt Lisp and did some X-windows work for emacs customisation.
[Shape's exact name changed several times when EDS bought the division of McDonnell Douglas that owned it. At the time I left it was "Shape Data, a division of EDS-Scicon Ltd.", later part of "EDS Unigraphics", then "UGS", and now part of Siemens.]
Work on the Document Manager, Engineering Drawing Analysis, and in-house bug tracking applications, all using MDB (Medusa DataBase), a semi-relational database, included specification, design, coding, and the writing of the EDA User Manual. Most work was done in BaCIS, a high-level in-house language (an ancestor of Smallworld Magik), with some C and Fortran.
[CIS was part of Prime Computer UK when I left, after Prime bought Computervision who owned CIS.]
MA, Engineering and Computer Science. (2.2 in final exams).
9 month engineering training course followed by a three month project looking at possible improvements to a wind tunnel cooling system. Later college vacation placements included time in a drawing office, planning, producing NC tapes, and a management project.
British, Married with two children. Clean driving license. I can read French, but have an appalling accent.