Norm.

Hi, I'm Norm.

I computer, usually.

Download a PDF resume!

About Me

I am a Cloud-focused, security-minded, operations and development generalist. I have a long history of designing, developing, and implementing robust and easy-to-use security and operations tooling and services for use by developers. I am passionate about allowing developers and other technologists to implement robust security and operations practices through the use of Cloud technologies, open source software, and easy-to-use tools and services.

What I'm Looking For

I live in Central Massachusetts, so Boston is a bit of a haul for me. Ideally, I'd love to find a completely remote role. However, for the right opportunity, I could be convinced to commute to Boston once or twice a week or the 128 corridor area (Burlington/Waltham/etc) 3-4 times a week. I'd love to work for a smaller company (not necessarily a start-up) with a lot of opportunity to make an impact. A company with a flatish-but-not-non-existent hierarchy where everyone is passionately working together for a common goal, while still respecting work-life balance. I think I'd like to continue working in an infrastructure or developer-supporting role. Developing tools, services, patterns, and documentation to help technologists deliver better software faster, run it more reliably, and fix it faster when it breaks. I'd really dig a Cloud-native (or Cloud-first) organization that affords me to the opportunity to work with technologies like AWS/GCP/Azure, Node, Vue, Golang, and Docker.

Professional History

Principal Software Engineer - Cimpress (2016-07 - Present)

As a software developer on the UnOps team, I lead the Cloud Engineering squad. We are a small team of Cloud-focused generalists with Operations mindsets in charge of Cimpress' Cloud footprint. We manage a majority of Cimpress' AWS accounts and GCP projects and provide teams throughout the organization with tooling, services, support, and consulting to help them architect their services to be operable, secure, fault-tolerant, and cost-effective.
  • Led the initiative to define, codify, and document Cloud Operations and Security standards for all of Cimpress. Provided tooling, training, and documentation for developing and operating secure and operable services within AWS, GCP, and Azure using open source tooling and industry-standard best practices.
  • Helped move Cimpress from a single AWS account to more than 150 linked accounts owned by service teams. Made accounts easy to request/create, provisioned accounts are secure by default and come with several "quality of life" features for improved security and operability.
  • Helped design and implement a collection of tools and microservices (dubbed "Cork") to help service teams analyze and understand security risks and cost data for their AWS accounts.
  • Established and/or maintain Enterprise relationships with AWS, Google, and Cloud security service vendors.
AWSRubyNodeVueRESTOAuth2BashDockerGCP

Senior Software Engineer - Cimpress (2014-07 - 2016-07)

As a software developer on the Infrastructure Core Engineering team, I was responsbile for providing tooling and running services that enabled development teams to break apart a monolithic codebase into a microservices ecosystem. Tooling and services focused on development, CI/CD, and monitoring.
  • Contributed to in-house, self-service microservice deployment service and surrounding tooling.
  • Later led efforts to retire said in-house deployment system in favor of Cloud-native or third-party deployment technologies. Provided support and documentation to technology teams on adopting industry or community standard tools and services for deployment.
RubyNodeC#WindowsIISPuppetUbuntuNginxSensu

System Administrator - Vistaprint (2010-10 - 2014-07)

As a System Administrator on the NOC Admins team, I was a member of a 24/7 team responsible for monitoring the production website, deploying patches, and troubleshooting/triaging issues. A typical shift involved deploying new code to production, coordinating with teams on change management, triaging alerts from monitoring systems, and developing automation or documentation for troubleshooting and remediating production issues.
  • Built a change management and collaboration tool to coordinate multiple remote parties during major production activities.
  • Built tooling and scripts for automating the detection, troubleshooting, and remediation of production issues.
  • Communicated with development and operations teams throughout the organization to help understand, troubleshoot, and remediate production issues.'
WindowsPowershellIISC#SCOMNagios

Recent Projects

Red-X

A Lambda function that can automcatically detect abandoned or misconfigured subdomain delegations within a Route53 Hosted Zone. A misconfigured delegation can obviously present a problem if it is meant to be in-use. But an abandoned zone can actually be entirely hijacked by an attacker for their own use.

Felix

A Lambda function that can automatically rotate IAM keys used by third-party services like GitLab, SumoLogic, and TravisCI. Because sometimes you need to interact with someone that can't use cross-account roles and you still need to be able to rotate your keys. Uses convention-based configuration to determine where a key is used and uses configuration from the EC2 Parameter store to update values in third-party APIs. Pluggable architecture can easily be extended to include additional endpoints.

Guiding Principles

Use and contribute to open source.

Practice empathy in communication with others.

Construct secure, composable, and maintainable systems.

Make it easy for people to do the right thing.

Build reliable and repeatable processes.

Adopt industry and community standards and tooling where possible.

Skills

I'm pretty heavily diversified between Operations and Development skills. Here's a smattering of stuff I've been working with recently.


Web/API Developmentpretty good

pretty-good
VueNodeRESTOauth2JWT

Programming and Scriptingpretty good

pretty-good
NodeRubyGoBash

Cloud Operations and Securitypretty good

pretty-good
AWSGCPTerraform

System Administrationalright

alright
LinuxDebianNginxBINDPuppet