# Christopher Brawn > Cloud Armor TLM - Google Cloud Networking Location: San Jose, California, United States Profile: https://flows.cv/christopherbrawn A serial entrepreneur and technologist with 25+ years of experience planning, building, and operating global mission-critical applications. As an experienced operational manager, I my early career focused on growing early-stage technology companies, with engineering successes ranging from broadcast hardware to cryptographic primitives, threat analysis, and reverse engineering, to high volume, low latency financial transaction processing. In the last decade, I worked with (and led) some of the best teams in the Bay Area. At eBay., we built out the next generation of eBay's Global Platform Framework around polyglot stack support (Scala, Python, Node.js, and Go). At Paypal, I led our nextgen cloud services work on software load balancing (which was open-sourced as Neutrino). At Apple Maps, I delivered products and infrastructure combining real-time global data to support vehicle navigation and ETAs. In Apple Pay, we built out cloud infrastructure across our data centers, and I founded and led the software load-balancing initiative (becoming the the Traffic team). Now, in Google Cloud, I'm part of an incredible team protecting Google and our customers from DDoS, volumetric, and WAF attacks. I hold a Honours Bachelor of Mathematics from the University of Waterloo. I am also a local and international disaster management delegate with the Canadian Red Cross. ## Work Experience ### Staff Software Engineer / TLM - Google Cloud Armor @ Google Jan 2022 – Present | Sunnyvale, CA Google Cloud Armor and DDoS team help protect Google's production infrastructure and your Google Cloud deployments from multiple types of threats, including distributed denial-of-service (DDoS) attacks and application attacks like cross-site scripting (XSS) and SQL injection (SQLi). Highlights: - Per-client rate limiting / throttling - Machine learning-based Adaptive Protection - Network-based threat intelligence - Bot management with reCAPTCHA Enterprise - WAF protection featuring preconfigured OWASP and custom rules Our Project Shield is a free service that defends news, human rights, and elections-related sites from DDoS attacks. See https://projectshield.withgoogle.com for more information. Our team in the news: - https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps - https://cloud.google.com/blog/products/identity-security/how-google-cloud-blocked-largest-layer-7-ddos-attack-at-46-million-rps - https://www.kmu.gov.ua/en/news/mihajlo-fedorov-vruchiv-pershu-vidznaku-miru-kompaniyi-google ### Staff Software Engineer / TL - ApplePay Infrastructure @ Apple Jan 2018 – Jan 2022 | Cupertino, CA Engineering lead for software load-balancing / traffic management in Apple Pay. Engineering lead on HSE app migration from bare-metal to managed containers. Delivered several WWDC and launch tentpole features, including Apple Card, Identity, Transit, and Access verticals as Cloud Infrastructure DRI (lead) Highlights: • To modernize infrastructure and maximize capacity, lead internal cloud initiative using Nomad/Consul/Docker in all ApplePay owned datacenters/HSEs., built docker base and app image build pipelines, secrets management, deployment orchestration, and migrated workloads in first two datacenters. Achieved >300% increase in capacity, and deferred new HSE stand-up more than 2 years. • Built side project into org-wide traffic strategy to replace Netscaler fleet with Envoy to addressin launch observability gaps, long/complicated deployments, and porous security policies. Encompassing web- and app-tier LBs, L4 and L7 egress proxies, and several worldwide production services in Go, including control plane, perimeter auth, identity, and security services for all traffic, API Services used by SRE org, and extensive telemetry. Provided foundation for 2021 tentpole features, reduced deployment times from hours to nominal, and drastically reduced MTTD and MTTR on application and infrastructure issues in all environments. • Built out traffic infrastructure from part time resource to dedicated team, hired 1 manager, 3 FTE hires, and 10 dedicated contractors across three geo centers. Operate all traffic concerns related to WPC, from Envoy and Netscaler fleets to IP allocation, DNS, GSLB, WAF, and ACLs across HSEs in all global datacenters, • As Cloud Engineering DRI, improved velocity across 400+ person WPC engineering org, lead programs for platform images, JDK11 upgrade, open-telemetry adoption, protobuf standardization, and started Technology Dependency Council. Saved $MMs in legal/licensing requirements and reduced new application onboarding from months to days. ### Staff Software Engineer / TL - Apple Maps (Services) @ Apple Jan 2015 – Jan 2018 | Santa Clara Valley Worked on, lead, and owned several large-scale production services within Apple Maps. Initially worked on real-time vehicle traffic data ingest and distribution. Engineering lead for tentpole initiative to build Vehicle ETA service, which ultimately provided foundation of Traffic team’s ML-based services. Built initial versions of several other Traffic projects, including Apple- owned Incidents service. Highlights: • To improve Maps customers’ service quality using Traffic Routing feature, built Traffic ETA Service, a high-volume very- low latency route evaluation service written in Java/Scala, and companion ML/data Spark model pipelines. Achieved ability to run extensive user experimentation and reduced customer latency worldwide from off-heap memory management for large runtime datasets on JVMs, ultimately improving ETA quality between 5% and 8%. • Engineering DRI (lead) and/or product owner for several Maps projects, including traffic incidents, real-time location ingress, real-time traffic data infrastructure, and extensive work (including co-development) with Apple business partners in EU and China, resulting in successful product delivery (including Apple-owned Maps and indoor maps), global expansion to 42 countries, and service SLAs met/exceeded throughout my tenure. - Now public! (as of 2024): built initial version of Apple's Offline Maps support. ### Staff Software Engineer - Cloud Engineering @ eBay Inc Jan 2014 – Jan 2015 | San Jose, CA Senior staff engineer with eBay/Paypal's Global Platform and Infrastructure group (GPI) based out of Paypal head office in San Jose. Engineering and design lead for software load-balancing in eBay and PayPal. Responsible for architecting and building eBay’s next generation of traffic-management, platform stack and perimeter services within the Global Platform and Infrastructure (GPI) division. Our award winning team is responsible for next-generation PaaS, provisioning, deployment, and cloud engineering services for eBay Inc., Marketplaces, Paypal, and members of the extended eBay family, and are building out the next generation of cloud technologies for both companies going forward. As engineering lead - software load balancing - I work with some of the best researchers and engineers from around the world to enable dynamic, scalable traffic management and engineering agility. I built the Neutrino software load balancer (open-sourced 2016). It was fun but please use Envoy - it's great!!! ### Staff Software Engineer - Frameworks @ eBay Inc Jan 2013 – Jan 2014 | San Jose, California I'm a member of the eBay/Paypal Global Platform Framework Group at our main campus in San Jose. My current focus is on large-scale asynchronous platform components using Scala, Akka, Spray, and ZeroMQ. Our elite team is building out the next generation of eBay's global technology platform, including: • Large-scale and distributed caching systems • High performance configuration management • Resource aggregation and optimization frameworks • Adoption and operationalization of polyglot systems, most notably Node.js, Scala, Python, Go, and PHP. ### Senior Software Engineer @ Solium Capital Jan 2012 – Jan 2013 | Calgary, AB Projects: - Banking and share reconciliation systems (Ruby/Rails/Postgres) - Acquisition and integration of Scenarios by Shareworks, our industry leading private-company analysis tool (RoR/Redis/C++) ### Disaster Management Delegate @ Canadian Red Cross Jan 2009 – Jan 2013 | Canada, Haiti Disaster Management Volunteer: we provide 24/7/365 humanitarian assistance to those affected by fires, floods, and other local tragedies, alongside our municipal partners. Disaster Response Team: on-call/emergency activation for provincial and national disasters throughout western Canada in a variety of roles, including logistics, human resources, response and recovery management. International Relief Delegate: providing humanitarian relief and reconstruction in international deployments (including post-earthquake Haiti) in a variety of roles, including logistics, IT/operations, and shelter assessment and distribution. ### Chief Technical Officer @ Chaordix Jan 2011 – Jan 2012 Built on the successes of our initial product offering to architect and engineer the next generation of the Chaordix crowdsourcing platform: - defining a new field of products and services - consolidating technical operations to scale business and technical growth - drastically reduce time-to-prototype new features ### Managing Partner @ Agilabs Software Jan 2003 – Jan 2012 | Canada, Ramat Gan Israel Early-stage software incubation and R&D consultancy which I founded in 2003. We provide full cycle solution engineering for stealth and startup partners - from technical R&D, analysis, evaluation, and hedging to full-system development and operational staffing. Some successes (or incubations) include: - SPS: MSP/IPSP multi-currency payment gateway - AgiGIS: Seismic commodity service framework - CardScreen: issuer-side authorization management ### Co-Founder / Director of Technical Operations @ Paygea Processing Co. IL Jan 2005 – Jan 2010 | Tel Aviv, IL Paygea provides payment services for international markets (operating in the EU) with a focus on multi-currency exchange, direct partnership with acquiring banks, geographic growth and scalability issues surrounding new low-risk market verticals. Technical Highlights: • Built out new generation of bank, batch, acquirer, and fraud API integrations, co-developing the international processing API for VisaCAL (Israel)’s EPX conversion, a RBS binary POS-format translation, and Optimal Payments/Authorize.net relay module. • Re-architected authorization, batch reconciliation, and dispute services to cloud-data platform in preparation for cloud adoption (post PCI-certification) • Continued development of Java/J2EE transaction-processing engine, and early Amazon AWS services for asynchronous messaging. • Oversaw software maintenance, administrative support, technical staff and ISPs providing 24 hour coverage across three regions. • Guided technology operations, and merchant/bank migration through purchase of competitor, and eventually acquisition of company. • Led PCI DSS, compliance processes and managed technical growth. ### Co-Founder / Chief Technical Officer @ Rx-Payments.com Jan 2004 – Jan 2008 | Tel Aviv, Israel • Sustained authority for Israel-based operations overseeing two office teams, supporting the technology requirements for the business spanning network administration, backups, and technical support, hardware, and software updates. • Built primary transaction-processing stack • Developed fraud management technology for internal teams • One of eastern-Europe’s first 3D-Secure MSP/IPSP integrator. ### Co-Founder / Director of Global Operations @ MagenDavidMeds.com Jan 2004 – Jan 2007 | Tel Aviv, Israel Developed Israel's premier online pharmaceutical fulfillment network for the North American market. ### DeepSight Threat Analyst @ Symantec Jan 2005 – Jan 2006 | Canada Worked on Symantec’s premier 24x7x365 real-time incident response threat-analysis teams, performing a variety of intrusion- and honeypot-analyses, reverse engineering malicious software and exploits discovered ‘in the wild’. As a security researcher, provided critical incident reporting and generated signature data for Symantec’s suite of security products. ### Co-Founder / Chief Technical Officer @ PrivatePay.com CO IL. Jan 2003 – Jan 2005 | Calgary, Canada / Ramat Gan, Israel Development of internet payment portal mockup to one of Israel's foremost MSP/IPSP/Payment Gateway • Joined team two weeks prior to initial launch to salvage existing technical team failure; boot-strapped prototype into working site. • Re-architected initial JSP-based mockup into enterprise production software • Executed pivot from initial P2P trustee business model to full-fledged global payment gateway. ### Engineering Lead @ Non-Elephant Encryption (NE2) Inc. Jan 2001 – Jan 2003 Developed, patented, and productized a novel cryptographic key-exchange primitive for establishing a secure channel. Highlights: - Developed a TDI-level communication driver for Win32 - Ported existing key-generation primitives from Java to C++ - Split out IP into four patentable components. - Manged hybrid development team of cryptographic researcher and software engineers to create first generation of commercial products. ### Software Engineer - JProbe @ Quest Software Jan 1999 – Jan 2000 KL Group Inc. (eventually acquired by Sitraka Software and, in turn, Quest Software). Build manager for the JProbe Suite of Java profiler tools. Software developer for Java distribution tools product line (codename Fender). ### Embedded Systems Developer @ Leitch Technology Jan 1998 – Jan 1999 | North York, Ontario Prototype and development of an embedded OS compiler for the Leitch hardware bus and component cards. ### Software Engineer @ AGF Management Limited Jan 1997 – Jan 1998 Formerly Global Strategy Investment Funds, prior to acquisition. Internal development and support of fund-management systems • AIX/token-ring network management • Mac UI development using 4GL • Batch aggregation and reporting with Perl ## Education ### Hons. BMath in Computer Science, Combinatorics and Optimization University of Waterloo ### Bachelor of Science (BSc) in Physics Brandon University ### COU (Curso de Orientación Universitaria) in Sciences I.B. Concepción Arenal ## Contact & Social - LinkedIn: https://linkedin.com/in/chrisbrawn --- Source: https://flows.cv/christopherbrawn JSON Resume: https://flows.cv/christopherbrawn/resume.json Last updated: 2026-04-12