Welcome | Welkom | Willkommen
Hi, I'm Drew. I'm a Multi-Cloud Security, Threat Hunting, SecOps, and Automation (ML & AI) student and fanatic with over 25 years in IT working from dev and engineering into senior Director roles managing IT, SaaS, IT Security and IT Architecture.
About Me
For 20+ years, I designed, managed, secured, and administered domestic and international IT teams and systems. These were operational, development, and production SaaS systems that ran in private, hybrid, and public clouds. On the production side, these systems processed (and still process) hundreds of millions of US healthcare records annually. I'm proud to be part of a team that built a successful cloud SaaS from scratch to a unicorn billion+ acquisition. I'm even more proud that we met our customers' SLAs and had ZERO *known* security breaches. I'm currently working with a confidential tech start-up helping with privacy & security and not seeking new opportunities.
Recent Activity
January '25: Well, well, well, DeepSeek has arrived. Hmmm...
Resume
I've spent most of my career on the hiring manager side of the desk, so I'm posting a few versions for you to choose from. The first resume is a simple one-page PDF I've created through a markdown to PDF script tied into a GitHub actions (Credit to: Pandoc. The second link is pure markdown if you want to see the source and the last link will whisk you away to my LinkedIn profile. If you need more information, or you would like to offer suggestions on how I can improve my resume, please let me know.
One Page Resume
Markdown Resume
Full Resume
Lab: Automation
I'm rebuilding my lab moving away from Portainer and Docker back into Terraform to test out some new TF State files. This is not a production environment nor how I would recommend setting up anything important. The goal is that a PR (pull request) on main branch in GitHub kicks off a series of GitHub actions that will scan for security, syntax, and policy issues. If all green it will initiate a 'terraform apply' and off we go. Fun.
Lab Topology
Security Issues
- TLS v1.0 & TLSv1.1 enabled
- No CSP (Content Server Policy) Support
- Server does not allow slipping CSP into meta tag in HTML
- No ability to add a CAA (Certificate Authority Authorization) record in DNS
- 'bizland.com' cert included in the bundle
- Weak ciphers:
- TLSECDHE_ECDSA_WITH_AES_128_CBC_SHA
- TLSECDHE_ECDSA_WITH_AES_128_CBC_SHA
- TLSECDHE_ECDSA_WITH_AES_128_CBC_SHA256
- TLSECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
- TLSECDHE_ECDSA_WITH_AES_256_CBC_SHA
- TLSECDHE_ECDSA_WITH_AES_256_CBC_SHA384
- TLSECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
- ... and so on ...