Luke Marty

Optum Technology/United Health Group

• Providing technical leadership to the Enterprise Pipelines, Source Code Management and Build and Deploy teams at Optum
• Engineering Lead of the Enterprise Pipelines team. The role of this 10 person team is to create tools, standards and process to empower app engineering teams to work faster and more securely; developing solutions that further enable engineers to leverage automated testing and security scanning, gitops, chatops, GH actions, workflows, templates and automation consistently throughout the organization
• Architected and currently managing the Kubernetes based Action Runner Controller pipeline runner farms, servicing 20k developer workflows per day
• Designed, architected and led a team of engineers to the release of a full stack automation platform that provides an opinionated, standardized means for teams to leverage CI/CD automation in containerized environments. Automated all steps of a product's lifecycle, from project instantiation to deployed in production and everything in between
• Providing technical expertise to the team that develops tooling, process and automation around the adaptation of Github Enterprise Cloud. Supporting teams in their migration from Github Enterprise Server, SVN and Gitlab
• Developed a pipeline library leveraging Github workflows and actions to supplant current Jenkins infrastructure
• Helping teams migrate from their complicated legacy integrations to modern languages and pipeline driven solutions
• Supporting the 20k multi-language developer user base who leverages the tools built and managed by my teams

Target

• Acted as lead technical voice on a 10+ seat engineering team. Architected and delivered custom cloud security tooling, leveraging next-gen toolchains and processes. Operating with a strong focus on compliance, detection and containment
• Generated creative full-stack solutions in support of securing our cloud workloads. Efforts range from coding tooling that augments our CICD pipelines, to automating responses to incidents/failures. Engaged in every step of the solutions lifecycle from conception to development, deployment and day-2 operations.
• Developed cutting edge security tools at a pace ahead of the current security industry. Some examples include various CICD pipeline scanners, a CDN event log grabber, a chatops enabled endpoint auto-remediation system, a system for automatically isolating potentially compromised assets, Github scanner and others.
• Leveraged tools such as Stackstorm, ELK, Kafka, Tanium and others to pioneer event driven automation within Target. Successfully reduced administrative overhead on numerous teams by identifying common failure/incident event patterns and writing automations to remediate them.
• Demonstrated expertise working with modern cloud tech. Some of the day to day tools include Spinnaker, Kubernetes, Docker, Kibana, Kafka/MQTT, Graphiz, InnoDB, Jira, Consul, Vault, The Hashi toolset, Drone 5/6, Github, Chef, go-proxy, Uchiwa, Sensu, and others

McAfee / Intel Security

• Represented the Mcafee/Intel Security portfolio of solutions to named enterprise accounts in the central region
• Performed customer presentations, demos and PoC security implementations; leveraging security technologies in both the endpoint and network arenas
• Created custom demo/preso content in support of specific customer use cases
• Built and managed customer relationships ranging from support staff to C-level
• Awarded SE of the Quarter, Q1 2015; “Outstanding Sales Performance”

Digital River Inc.

• Managed a multi-discipline team of engineers/architects responsible for the design of Digital Rivers’s commerce cloud infrastructure
• Managerial responsibilities included technical direction, evangelism, project/staff/vendor management, financial forecasting and management of $54M budget over 5 years, special projects, team workload prioritization and top-tier escalation remediation
• Created toolchains in support of a zero-touch infrastructure model
• Performed the lead role in the Digital River IT transformation from legacy model to next generation DevOps enablement
• Played primary role in all aspects of cloud systems architecture. Areas of architectural responsibility assigned were Virtualization, Systems, Storage, Network, Security, Automation and Tooling. Technologies include the VMware product suite, Opscode Chef, Cisco Nexus, Juniper SRX, F5, Netapp, and Redhat variants

Digital River Inc

• Architected and engineered the high availability 10g network designs for the generation 2.5 Digital River cloud
• Responsibilities included all network fabric, firewalls and load balancing globally in the virtualized commerce environments
• Performed network migrations, moving core infrastructure from Arista to Cisco Nexus
• Migrated environment from a SPoF Netscreen implementation to a HA Juniper SRX firewall solution

Digital River Inc

• Converted from consultant to Digital River's first FTE dedicated to the company’s cloud computing effort, responsible for all *nix cloud guests and underlying infrastructure
• Engineered automation solutions for systems deployment and management
• iPerformed architectural role representing virtualization, systems, network, storage and security for Digital Rivers’s generation 2.5 cloud expansion effort

Digital River Inc

• Engaged as a Virtualization Systems Consultant to stabilize Digital Rivers Typhoon generation 1 virtualization effort
• Performed normalization and validation of entire virtual stack from hardware to guest services
• Areas of responsibility included the following technologies; VMware vSphere Suite, Arista switches, Sun Blade Chassis, Sun/Amber Road storage devices, Netscreen firewalls, IBM xi50, Solaris 10 and Redhat derivatives

Bulletproof Networks

• Acted as a hands on technical specialist performing network and security consulting services to a wide range of customers around the twin cities area. Projects spanning from new installs to upgrades through maintenance and redesign of enterprise data networks.
• Designed, engineered and installed all layer 2 and layer 3 networking for a fully redundant enterprise data center solution. Project involves 3 remote offices and a remote data collocation center. Responsible for all troubleshooting of the routing, switching and firewalling of the environment. Specific technologies include Cisco ASA/PIX firewalls, Cisco 2900 /3600 series switches and 2800 series routers.
• Performed ongoing care and feeding of multiple customer network implementations. Duties include break/fix, add/move/changes and documentation. Responsible for all scheduling and change control of projects. Tasks including test plan, implementation plan, verification plan, and back out plan creation /documentation. Technologies utilized include MS Visio, MS Office, Cisco 800/1600/1800 and 2800 series routers, IPSEC VPN, SSL VPN, Anyconnect VPN, GRE tunneling and Cisco 6500 series switches
• Performed trusted enterprise evaluations, security policy review, vulnerability/penetration testing and regulatory compliance auditing (PCI/GLB/SOX)

ADP

• Engineering network solutions for ADP’s international customer base. Utilizing products by Cisco, Radware, Redhat and software proprietary to ADP. Specific technologies include IPSEC VPNs, IOS firewall, GRE tunneling, EIGRP routing, VLANS/layer 3 switching and MPLS
• Provided remote network install support to field service representatives for engineered solutions via phone and dial-in. Project ownership cycle spanned from post-sales architecture to final network certification
• Performed remote implementations of ADP’s ASP solution to a varied customer base. Standard implementations included multiple Cisco routers/switches, dual ISPs, edge devices by AdTran and various customer owned internal equipment
• Delivered top-tier post install support to ADP ATAC group for escalated and irresolvable networking issues

Northwest / Delta Airlines

• Performed planning and implementation of all new firewall infrastructure components enterprise wide. Projects involved policy and standards development, hardware/software configuration and migrations between firewall platforms
• Achievements included major efforts contributing to 2006 PCI compliance. The completion of numerous “zero downtime” station migrations. And contributions to global DR exercises resulting in no disruption of service
• Lead departmental efforts for rule set refinement, DMZ re-architecture, upgrade planning/implementation, product evaluations and support of portfolio driven initiatives
• Provided top tier support to a 24x7x365, highly connected, fully redundant security infrastructure. Environment consisting of hundreds of remote sites, a “Hot” DR Datacenter and over 50 globally deployed firewalls. Firewall infrastructure frontends over 200 partner connections, a multimillion dollar e-commerce presence and 40k+ employees
• Other duties included monitoring of environmental health and utilization. Auditing of security posture, documentation and reporting. Played lead role in 2007 firewall environment review project
• Worked closely in a team of three to meet issue resolution SLA’s. Resident SME for Checkpoint product suite. Other technologies utilized include Cisco switches and routers, PIX/ASA firewalls, Cisco IOS firewall, Snort IDS, Loglogic, Linux, BSD, Spectrum, tcpdump, ethereal, nmap, Perl, tcsh, hammerhead, BIND and Sun

NetSPI

• Performed security solution implementations nationwide. Customer infrastructure sizes ranging from 300 to 50000 nodes. Technologies used include Cisco PIX, Sidewinder, Symantec, Checkpoint, Sourcefire and SNORT.
• Engaged in multiple endpoint security projects from initial consultation to final rollout. Utilizing solutions from Symantec to reach goals.
• Provided on-site incident response to emergency calls facilitating minimum impact to customers. Projects involved intrusion assessment, threat management, and loss assessment while determining prevention recommendations.
• Carried out client security audits of systems and scenarios. Audits included wireless, phone/PBX, internal, server and external assessments.
• Engaged in extensive research of current security trends, attack methodologies and solution response.

SwiftKnowledge

• Solely responsible for the design, implementation and administration of the corporate network infrastructure. Performing planning, monitoring and troubleshooting of all network equipment. Environment consisted of Windows 2003 based servers, XP workstations, Cisco LAN equipment and UNIX based firewalls. Technologies leveraged include Active Directory, Exchange 2003, SQL Server, Analysis Services, IIS, Sidewinder, Symantec products and VERITAS solutions.
• Telecom administration of Iwatsu PBX, Blackberry handsets and Blackberry enterprise server. Duties included call flow design, system maintenance and mailbox administration.
• Performed corporate security policy design and enforcement in a complex, multi DMZ network environment. Implementation encompassing VPN, policies firewall ACLs, SQL database security, antivirus management, group policies, wireless management and IIS hardening.
• Installation and support of up to terabyte scale data warehouse(s) and high speed analytics solutions for internal clients as well as in partner environments.
• Performance/Load testing of network solutions and scenarios to determine scalability and effective capacities. Worked closely with QA department as needed during product testing cycles.

True-Security Inc.

• Performed firewall/network deployments for a large base of small to medium sized businesses. Security policy development and remote support were also key responsibilities. Worked primarily with Netscreen based solutions and Soft Remote VPN client.
• Provided corporate and client web development utilizing Macromedia tools on Apache and ColdFusion based servers. Project roles spanned from server setup through site development and deployment.
• Shared administrative role on corporate network. Responsibilities included Firewall maintenance, Server setup and maintenance, DNS and Sendmail administration. Utilizing solutions such as Sidewinder, Windows 2003/XP and various Linux distributions.
• Duties also included sales and pre-sales footwork. Lead generation, Sales support and follow-up. Tasks involve presentations and heavy customer contact.

Secure Computing

• One of three Leads responsible for five person teams of network engineers. Worked in a 24 hour, high volume network support call center. Primary customers being US Military and Government installations. Responsible for team ticket review, quality assurance, customer follow-up and Level 3 escalations. Consistently held a top three position in call volume and “time till resolution” reports. Other responsibilities involved on-call duties, conducting training classes, and on-site customer consultation.
• Developed and executed the security audit plan for the Sidewinder 5.0 firewall to ensure release readiness. Provided contributions to Common Criteria efforts by performing product penetration testing and code review. Utilized in depth knowledge of vulnerability identification and exploitation, along with secure coding methods to complete assignments. Specific technologies included C/C++ languages on BSD platforms.
• Shared administrative role in multi-firewall high availability architecture. Responsibilities involved setup/maintenance, security policy design/enforcement, network planning and health monitoring. Solely responsible for load balancing equipment. Environment included: Solaris, BSD, Linux and Windows platforms; Sidewinder, Checkpoint and Raptor firewalls; Cisco routers as well as Radware, Alteon and F5 BigIP load balancers.
• Performed multiple specialized research projects. Findings distributed to entire customer base via threat response “news blasts”. Results have also been included in press releases, and their public quarterly “Internet Security Newsletter”.

Various Contracts

• Performed various roles for a wide range of local companies. Positions spanned from network rollouts to CTI development projects. Specific technologies included: Win NT/95, UNIX, Novell Servers; PBX Integration, Call center deployment, CCC Vectoring. Hardware utilized included: Lucent Switches, Cisco routers. Some clients include US BANK, Dayton Hudson, Spanlink Communications, Metro Transit, Star Tribune, Target Stores, Ellerbe Beckett, MinBlue Digital printing, Norwest Banks, RSP architects and ERS.

• Network Technologies
• Development in C/C++
• SQL Development
• Programming using MFC

• Automation
• Development
• DevOps
• CICD
• Immutability
• Idempotency
• Autoscaling
• Global Load Balancing
• Chatops
• Agile
• Cloud Security
• Microservices
• Containerization

• Offensive Security
• Defensive Security
• Audit
• GRC
• PCI
• Pen Test
• Risk Assessment
• OSINT
• Firewalls
• WAF
• IDS/IPS
• EDR - Endpoint Detection and Response
• Cloud Security
• Security Tooling

• Golang
• Ruby
• Python
• Node
• C/C++
• YAML
• Javascript
• Typescript
• Groovy
• JSON
• Solidity
• Hardhat
• Truffle Suite
• Shell
• TDD
• Atom
• VS Code
• Goland
• Agile
• Drone 5/6
• Artifactory
• Jenkins
• Github Actions
• Kustomize
• Tekton
• Team Coding
• Declarative API Architecture
• Kubernetes Controller Model
• Github API
• AWS API
• Azure API
• Gcloud API
• Prow

• Spinnaker
• Kubernetes
• Drone
• Tekton
• Jenkins
• Gitlab
• Github
• ArgoCD
• Consul
• Github
• Chef
• Kind
• Minikube
• Vault
• Heroku
• Consul
• Elasticsearch
• Kibana
• Splunk
• Logstash
• Terraform
• VMware
• VCOps
• Stackstorm
• Alert Manager
• PagerDuty
• ServiceNow
• Slack
• Big 3 Cloud Providers
• API Development

• Amazon AWS
• Google GCP
• Google GCE
• Azure
• Rackspace
• VMWare Cloud
• Dreamhost Dream Compute

• Metasploit
• Burp Suite
• ZAP - Zed Attack Proxy
• Armitage
• Shodan.io
• Nessus
• Foundstone
• SQLMap
• Veil-Evasion
• Rubber Ducky
• ESP8266 Net Tools
• Wireshark
• TCPDump
• Aircrack-NG
• Netcat
• Backtrack
• IDA Pro
• Cain and Able
• John the Ripper
• Kali
• Nikto Sitescanner
• Hydra
• SQLmap
• Claire
• Homebuilt Tooling

• IFTT
• Stackstorm
• Python
• EDA

• Blockchain
• Solidity
• HardHat
• Truffle Suite
• Smart Contract Development
• Gaming NFT Development
• IPFS
• Alchemy
• Metamask
• Ledger
• Remix IDE
• Etherscan

• ChatGPT
• Midjourney
• BabyAGI
• AutoGPT

• Procreate
• Sketchpad
• Adobe Photoshop
• Gimp