Securing Stripe's use of AWS and other clouds; work against adversarial outages; security guidance for infrastructure teams.

Tech lead for software to model, control, and monitor Google's production and corp networks, using both Google's own Platforms hardware and vendor devices.

Tech lead for Google's threat detection & response pipeline.

Projects to secure Google's network and edge infrastructure.

Led development of Bazaar, probably the 3rd most popular distributed version control tool in the world. I wrote the first Python code for Bazaar, and have continued work on it throughout its life, across the stack from the storage format (a specialized database with high compression and graph indexing), to a virtual filesystem layer, diff/merge code, and the UI.

Coordinated and contributed code for integration of Bazaar into Launchpad. This is the foundation for Ubuntu’s widely used daily PPA builds, through which users can get up-to-date builds of chosen applications, to get the latest features and give feedback to developers.

Other code contributions to Launchpad include support for DKIM authenticated mail, a feature flags mechanism to incrementally deploy changes, and microformat hints so search engines better understand Launchpad’s content.

We developed a large, automated test system, including improvements to the Python test suite to better express repeated variations of tests, deterministic performance tests, and test execution in the cloud.

Recruited, hired, reviewed and managed people working on Bazaar and for other groups, including the person who’s now our CIO.

Negotiated personnel issues to either a happy resolution or a clean exit. Helped Canonical’s legal department on open source matters including defining our contribution and release process.

I originated and instituted the Patch Pilot process, to help people make changes in Bazaar, with great results: more contributions, lower latency, more developer happiness. I advocated this across Canonical and Ubuntu and it was rated one of the best aspects of participation in Ubuntu in a recent community survey.

A wrapper for C/C++ compilers that slashes build times by up to 90%. I invented it and maintained it for the first few years, then passed maintainership to Fergus Henderson at Google.

Developed, debugged and optimized a popular Samba/Linux print server appliance. Planned and developed a new Apache/Python web user interface, which achieved a substantial improvement in system performance and responsiveness. Taught other engineers new to Linux development tools and techniques to be more productive.

Developed WBEM-based management software within HP Systems Insight Manager for HP Integrity Itanium2 enterprise servers, to expose health, status and configuration state and alerts. As part of this I co-developed a Python WBEM client library and Python/C++ bindings so that we could more efficiently do automatic testing and interactive exploration.