• WebsiteDevo Website
• Contributions

  At Devo, I played a crucial role in the data ingestion team, specifically focusing on the load balancer. Given the sensitivity of the data and its importance for diagnosing potential attacks, the service needed to be both reliable and fast. Under my expertise, the system was able to handle an impressive ingestion volume of approximately 60TB per day. Additionally, I significantly contributed to Devo's efforts in adapting to the necessary standards for integration with U.S. federal systems, achieving FedRAMP certification. Furthermore, I participated in the creation of a multi-region and multi-cloud backup system, ensuring data redundancy and reliability across diverse environments. My work ensured that Devo's platform met the highest levels of security and compliance, enhancing the company's capability to serve its clients effectively.

  Project 1: Improve existing load balancer

  I contributed significantly to enhancing the performance of Devo's load balancer by implementing advanced strategies that improved fault tolerance and optimized the monitoring of data ingestion services. I meticulously analyzed the system's requirements and identified key areas for improvement, ensuring that the load balancer could handle varying levels of traffic with greater efficiency. My efforts in improving the fault tolerance mechanisms helped the system recover swiftly from unexpected failures, maintaining high availability and reliability. Additionally, I created support for the RELP (Reliable Event Logging Protocol) from scratch, ensuring reliable and efficient event logging across the system.

  Furthermore, I developed methods to balance the load based on the client, which facilitated more compact data queries. By ensuring that data was not unnecessarily mixed across all nodes, I streamlined the data retrieval process, making it faster and more efficient. This client-specific load balancing approach not only improved query performance but also reduced the overhead on the system. My contributions led to a more robust and responsive load balancing system, significantly enhancing the overall performance and user experience at Devo.

  Project Links

  DocumentationLoad balancer documentation

  Technologies

  Node.jsCC++FIPSFedRAMPSonarQubeSnykOwaspJenkinsGitlab CI/CDKubernetesGITJiraTDDBDD

  Project 2: Create a multi-cloud backup system

  I spearheaded the development of a cutting-edge multi-cloud backup system from scratch, a crucial advancement for Devo's data redundancy and disaster recovery capabilities. This system was designed to store client logs across multiple regions and cloud environments, ensuring maximum data protection and availability. One of the key features of this system was its ability to configure storage types on-the-fly, allowing for seamless adjustments to the cloud storage configurations based on real-time needs and criteria.

  I implemented sophisticated data transition criteria, which automated the movement of data between various storage classes based on usage patterns and retention policies. This feature ensured that data was always stored in the most cost-effective and efficient manner, without compromising accessibility or performance.

  In addition to this, my system included robust node recovery mechanisms, enabling quick restoration of service in the event of a node failure. This significantly reduced downtime and maintained the integrity and availability of critical data. To further enhance the system's efficiency, I developed advanced data compaction methods for data nearing its end-of-life, streamlining storage usage and reducing overhead.

  Finally, I integrated precise system cleanup schedules, ensuring that obsolete data was purged in a timely manner, maintaining optimal system performance and storage health. My contributions to this multi-cloud backup system not only fortified Devo's data management capabilities but also ensured compliance with stringent security and data retention regulations. This project underscored my expertise in creating resilient, scalable, and highly efficient data storage solutions, reinforcing Devo's commitment to excellence in security and data analytics.

  Technologies

  JavaAWSGCPFIPSFedRAMPSonarQubeSnykOwaspJenkinsGitlab CI/CDKubernetesGITJiraTDDBDD

  Project 3: Integrating Quality and Security Reviews into the CI/CD Pipeline

  I played a pivotal role in the integration of comprehensive quality and security checks into Devo's CI/CD pipeline. This initiative was instrumental in elevating the development process to meet stringent industry standards, including NIST, FIPS, and FedRAMP.

  Jenkins Pipeline Integration

  Initially, I focused on incorporating SonarQube into the Jenkins pipeline for continuous code quality analysis. I configured SonarQube to perform static code analysis, which allowed the team to detect code smells, bugs, and potential vulnerabilities early in the development cycle. This integration ensured that only high-quality code was merged, significantly reducing the number of issues that reached production.

  Transition to GitLab CI/CD

  Following the success with Jenkins, I transitioned the pipeline to GitLab CI/CD. I leveraged GitLab's advanced features to streamline the process and enhance the automation of code deployments. This move facilitated better collaboration and efficiency across the development team.

  Security Vulnerability Scanning

  To address security vulnerabilities, I integrated Snyk and OWASP into the CI/CD pipeline. Snyk provided real-time scanning of open source dependencies, identifying and suggesting fixes for known vulnerabilities. Meanwhile, OWASP tools were utilized to perform comprehensive security assessments, focusing on identifying and mitigating risks associated with web applications.

  Achieving Compliance Standards

  My meticulous work ensured that the pipeline adhered to the rigorous standards required by NIST, FIPS, and FedRAMP. I established automated checks and balances within the CI/CD process, ensuring that every code change underwent thorough quality and security reviews before deployment. This not only improved the overall security posture of the applications but also streamlined the compliance verification process, making it easier for Devo to demonstrate adherence to these critical standards.

  Outcome

  My contributions significantly enhanced the robustness of Devo's CI/CD pipeline, ensuring that code quality and security were maintained at the highest levels. The integration of SonarQube, Snyk, and OWASP tools into the pipeline resulted in a more secure and efficient development process, aligning with the company’s commitment to innovation and excellence. This project was a crucial step in maintaining Devo's position at the forefront of cybersecurity and data analytics, providing clients with reliable and secure solutions.

  Technologies

  Gitlab CI/CDJenkinsNISTFIPSFedRAMPSonarQubeSnykOwaspKubernetesJira

  Project 4: Creation of an Alert System for Monitoring with Prometheus

  I was instrumental in the development of a comprehensive alert system designed to monitor performance and critical situations in production environments using Prometheus. Recognizing the need for real-time monitoring and prompt response mechanisms, I architected a solution that provided detailed insights into system performance and detected potential issues such as fraud, attacks, and other anomalies.

  To achieve this, I integrated Prometheus into Devo's infrastructure, setting up robust metrics collection and alerting mechanisms. I defined key performance indicators (KPIs) and thresholds that were crucial for maintaining system health and stability. By leveraging Prometheus' powerful querying capabilities, I established a series of alert rules that could identify abnormal patterns in data ingestion, processing times, and system resource usage.

  In addition to setting up the alert system, I developed a thorough troubleshooting guide to assist the operations team in diagnosing and resolving issues swiftly. This guide included step-by-step procedures for identifying the root cause of alerts, recommended actions, and escalation protocols. The guide ensured that team members had a clear understanding of how to handle different types of alerts, from minor performance degradations to critical system failures.

  Furthermore, I implemented automated early response actions to mitigate potential issues before they escalated. These automated actions included restarting services, redistributing load, and scaling resources dynamically based on the nature and severity of the alerts. By automating these initial responses, I significantly reduced the mean time to recovery (MTTR) and minimized the impact of issues on the end-users.

  To enhance the overall effectiveness of the monitoring system, I also designed protocols for handling critical system situations. These protocols outlined the roles and responsibilities of team members, communication strategies, and coordination efforts required during major incidents. This structured approach ensured a swift and coordinated response, reducing downtime and maintaining service reliability.

  My contributions to the creation of the alert system not only improved the monitoring capabilities of Devo's platform but also bolstered its security posture by enabling the early detection of fraud and attacks. My work ensured that the system could maintain high performance and resilience, providing Devo's clients with a reliable and secure data analytics platform.

  Technologies

  PrometheusGrafanaKubernetesDockerElastic StackKibanaPythonBashAnsibleGIT

Job Images