Luke Marty

Cloud Jedi

Contact

Website https://lmarty.com

About

Hailing from Minneapolis, MN. Luke is in his 27th year in the IT industry, fulfilling many roles from ground floor to leadership. His first formal security role was in 1999 at Secure Computing. His venture into the cloud space started roughly a decade later at Digital River when he was brought on as a Virtualization Consultant. It's been nothing but up from there. From architecting a global on-prem cloud solution that hosts some of the web's biggest e-com sites, to building the 'fastest web store in the world*', to helping some of the worlds largest retailers/e-commerce providers secure their cloud environments, Luke has a long track record of demonstrating passion for systems, security and automation

Linkedin

Work

Optum Technology/United Health Group

Sr Principal Engineer/Director - Enterprise Pipelines, SCM and B&D teams
2021-12-31 - 2025-12-31

At Optum, we bring together advanced data and technology, deep clinical experience and professional partnerships — making health care smarter and simpler for you.

  • Providing technical leadership to the Enterprise Pipelines, Source Code Management and Build and Deploy teams at Optum
  • Engineering Lead of the Enterprise Pipelines team. The role of this 10 person team is to create tools, standards and process to empower app engineering teams to work faster and more securely; developing solutions that further enable engineers to leverage automated testing and security scanning, gitops, chatops, GH actions, workflows, templates and automation consistently throughout the organization
  • Architected and currently managing the Kubernetes based Action Runner Controller pipeline runner farms, servicing 20k developer workflows per day
  • Designed, architected and led a team of engineers to the release of a full stack automation platform that provides an opinionated, standardized means for teams to leverage CI/CD automation in containerized environments. Automated all steps of a product's lifecycle, from project instantiation to deployed in production and everything in between
  • Providing technical expertise to the team that develops tooling, process and automation around the adaptation of Github Enterprise Cloud. Supporting teams in their migration from Github Enterprise Server, SVN and Gitlab
  • Developed a pipeline library leveraging Github workflows and actions to supplant current Jenkins infrastructure
  • Helping teams migrate from their complicated legacy integrations to modern languages and pipeline driven solutions
  • Supporting the 20k multi-language developer user base who leverages the tools built and managed by my teams

Target

Lead Technical Architect - Cloud Security
2016-01-10 - 2020-12-31

Target is recognized as a leader in innovation across the retail industry. From pioneering the concept of designer partnerships to consistently being best in class in store design, Target remains focused on not only meeting, but exceeding, its guests' needs.

  • Acted as lead technical voice on a 10+ seat engineering team. Architected and delivered custom cloud security tooling, leveraging next-gen toolchains and processes. Operating with a strong focus on compliance, detection and containment
  • Generated creative full-stack solutions in support of securing our cloud workloads. Efforts range from coding tooling that augments our CICD pipelines, to automating responses to incidents/failures. Engaged in every step of the solutions lifecycle from conception to development, deployment and day-2 operations.
  • Developed cutting edge security tools at a pace ahead of the current security industry. Some examples include various CICD pipeline scanners, a CDN event log grabber, a chatops enabled endpoint auto-remediation system, a system for automatically isolating potentially compromised assets, Github scanner and others.
  • Leveraged tools such as Stackstorm, ELK, Kafka, Tanium and others to pioneer event driven automation within Target. Successfully reduced administrative overhead on numerous teams by identifying common failure/incident event patterns and writing automations to remediate them.
  • Demonstrated expertise working with modern cloud tech. Some of the day to day tools include Spinnaker, Kubernetes, Docker, Kibana, Kafka/MQTT, Graphiz, InnoDB, Jira, Consul, Vault, The Hashi toolset, Drone 5/6, Github, Chef, go-proxy, Uchiwa, Sensu, and others

McAfee / Intel Security

Enterprise Sales Engineer
2014-06-06 - 2016-01-10

McAfee is one of the world’s leading independent cybersecurity companies. Inspired by the power of working together, McAfee creates business and consumer solutions that make the world a safer place for the benefit of all. Our holistic, automated open security platform allows all your disparate products to co-exist, communicate, and share threat intelligence with each other anywhere in the digital landscape.

  • Represented the Mcafee/Intel Security portfolio of solutions to named enterprise accounts in the central region
  • Performed customer presentations, demos and PoC security implementations; leveraging security technologies in both the endpoint and network arenas
  • Created custom demo/preso content in support of specific customer use cases
  • Built and managed customer relationships ranging from support staff to C-level
  • Awarded SE of the Quarter, Q1 2015; “Outstanding Sales Performance”

Digital River Inc.

Technical Manager/Datacenter Architect
2012-03-01 - 2014-06-06

At Digital River, we believe in commerce with accountability. That means, we are all-in, 100% committed to commerce and our clients. Our advanced commerce cloud, monetization tools and global services are set up to give your online business an edge and risk-free entry into markets worldwide.

  • Managed a multi-discipline team of engineers/architects responsible for the design of Digital Rivers’s commerce cloud infrastructure
  • Managerial responsibilities included technical direction, evangelism, project/staff/vendor management, financial forecasting and management of $54M budget over 5 years, special projects, team workload prioritization and top-tier escalation remediation
  • Created toolchains in support of a zero-touch infrastructure model
  • Performed the lead role in the Digital River IT transformation from legacy model to next generation DevOps enablement
  • Played primary role in all aspects of cloud systems architecture. Areas of architectural responsibility assigned were Virtualization, Systems, Storage, Network, Security, Automation and Tooling. Technologies include the VMware product suite, Opscode Chef, Cisco Nexus, Juniper SRX, F5, Netapp, and Redhat variants

Digital River Inc

Sr. Cloud Security Engineer
2011-10-01 - 2012-03-01

At Digital River, we believe in commerce with accountability. That means, we are all-in, 100% committed to commerce and our clients. Our advanced commerce cloud, monetization tools and global services are set up to give your online business an edge and risk-free entry into markets worldwide.

  • Architected and engineered the high availability 10g network designs for the generation 2.5 Digital River cloud
  • Responsibilities included all network fabric, firewalls and load balancing globally in the virtualized commerce environments
  • Performed network migrations, moving core infrastructure from Arista to Cisco Nexus
  • Migrated environment from a SPoF Netscreen implementation to a HA Juniper SRX firewall solution

Digital River Inc

Sr. Cloud Systems Engineer
2010-09-01 - 2011-10-01

At Digital River, we believe in commerce with accountability. That means, we are all-in, 100% committed to commerce and our clients. Our advanced commerce cloud, monetization tools and global services are set up to give your online business an edge and risk-free entry into markets worldwide.

  • Converted from consultant to Digital River's first FTE dedicated to the company’s cloud computing effort, responsible for all *nix cloud guests and underlying infrastructure
  • Engineered automation solutions for systems deployment and management
  • iPerformed architectural role representing virtualization, systems, network, storage and security for Digital Rivers’s generation 2.5 cloud expansion effort

Digital River Inc

Virtualization Consultant
2010-04-01 - 2011-09-01

At Digital River, we believe in commerce with accountability. That means, we are all-in, 100% committed to commerce and our clients. Our advanced commerce cloud, monetization tools and global services are set up to give your online business an edge and risk-free entry into markets worldwide.

  • Engaged as a Virtualization Systems Consultant to stabilize Digital Rivers Typhoon generation 1 virtualization effort
  • Performed normalization and validation of entire virtual stack from hardware to guest services
  • Areas of responsibility included the following technologies; VMware vSphere Suite, Arista switches, Sun Blade Chassis, Sun/Amber Road storage devices, Netscreen firewalls, IBM xi50, Solaris 10 and Redhat derivatives

Bulletproof Networks

Network Security Consultant
2008-01-01 - 2010-04-01

Bulletproof Networks was established in 2008 with a single goal in mind, provide the best network security services available. Offering vendor agnostic security consulting services to the twin cities area.

  • Acted as a hands on technical specialist performing network and security consulting services to a wide range of customers around the twin cities area. Projects spanning from new installs to upgrades through maintenance and redesign of enterprise data networks.
  • Designed, engineered and installed all layer 2 and layer 3 networking for a fully redundant enterprise data center solution. Project involves 3 remote offices and a remote data collocation center. Responsible for all troubleshooting of the routing, switching and firewalling of the environment. Specific technologies include Cisco ASA/PIX firewalls, Cisco 2900 /3600 series switches and 2800 series routers.
  • Performed ongoing care and feeding of multiple customer network implementations. Duties include break/fix, add/move/changes and documentation. Responsible for all scheduling and change control of projects. Tasks including test plan, implementation plan, verification plan, and back out plan creation /documentation. Technologies utilized include MS Visio, MS Office, Cisco 800/1600/1800 and 2800 series routers, IPSEC VPN, SSL VPN, Anyconnect VPN, GRE tunneling and Cisco 6500 series switches
  • Performed trusted enterprise evaluations, security policy review, vulnerability/penetration testing and regulatory compliance auditing (PCI/GLB/SOX)

ADP

Senior Network Engineer
2007-01-01 - 2008-01-01

We are a comprehensive global provider of cloud-based Human Capital Management (HCM) solutions that unite HR, payroll, talent, time, tax and benefits administration, and a leader in business outsourcing services, analytics and compliance expertise. Our unmatched experience, deep insights, and cutting-edge technology have transformed human resources from a back-office administrative function to a strategic business advantage.

  • Engineering network solutions for ADP’s international customer base. Utilizing products by Cisco, Radware, Redhat and software proprietary to ADP. Specific technologies include IPSEC VPNs, IOS firewall, GRE tunneling, EIGRP routing, VLANS/layer 3 switching and MPLS
  • Provided remote network install support to field service representatives for engineered solutions via phone and dial-in. Project ownership cycle spanned from post-sales architecture to final network certification
  • Performed remote implementations of ADP’s ASP solution to a varied customer base. Standard implementations included multiple Cisco routers/switches, dual ISPs, edge devices by AdTran and various customer owned internal equipment
  • Delivered top-tier post install support to ADP ATAC group for escalated and irresolvable networking issues

Northwest / Delta Airlines

Network Security Consultant
2006-01-01 - 2007-01-01

What started as a humble, little aerial crop dusting operation called Huff Daland Dusters in 1924 has now grown into one of the world’s largest global airlines, helping more than 160 million travelers get to the places they want to go to each year.

  • Performed planning and implementation of all new firewall infrastructure components enterprise wide. Projects involved policy and standards development, hardware/software configuration and migrations between firewall platforms
  • Achievements included major efforts contributing to 2006 PCI compliance. The completion of numerous “zero downtime” station migrations. And contributions to global DR exercises resulting in no disruption of service
  • Lead departmental efforts for rule set refinement, DMZ re-architecture, upgrade planning/implementation, product evaluations and support of portfolio driven initiatives
  • Provided top tier support to a 24x7x365, highly connected, fully redundant security infrastructure. Environment consisting of hundreds of remote sites, a “Hot” DR Datacenter and over 50 globally deployed firewalls. Firewall infrastructure frontends over 200 partner connections, a multimillion dollar e-commerce presence and 40k+ employees
  • Other duties included monitoring of environmental health and utilization. Auditing of security posture, documentation and reporting. Played lead role in 2007 firewall environment review project
  • Worked closely in a team of three to meet issue resolution SLA’s. Resident SME for Checkpoint product suite. Other technologies utilized include Cisco switches and routers, PIX/ASA firewalls, Cisco IOS firewall, Snort IDS, Loglogic, Linux, BSD, Spectrum, tcpdump, ethereal, nmap, Perl, tcsh, hammerhead, BIND and Sun

NetSPI

Network Security Consultant
2005-01-01 - 2006-01-01

NetSPI is the leading cybersecurity company and solution provider. Proud to be partnered with 6 of the top 10 U.S. banks and the largest global cloud providers.

  • Performed security solution implementations nationwide. Customer infrastructure sizes ranging from 300 to 50000 nodes. Technologies used include Cisco PIX, Sidewinder, Symantec, Checkpoint, Sourcefire and SNORT.
  • Engaged in multiple endpoint security projects from initial consultation to final rollout. Utilizing solutions from Symantec to reach goals.
  • Provided on-site incident response to emergency calls facilitating minimum impact to customers. Projects involved intrusion assessment, threat management, and loss assessment while determining prevention recommendations.
  • Carried out client security audits of systems and scenarios. Audits included wireless, phone/PBX, internal, server and external assessments.
  • Engaged in extensive research of current security trends, attack methodologies and solution response.

SwiftKnowledge

Network Administrator
2003-01-01 - 2006-01-01

SwiftKnowledge, LLC is a global software provider of powerful, patented business intelligence (BI) technology delivering a breakthrough experience for business users which drives strategic metrics and enables better decision-making throughout an organization.

  • Solely responsible for the design, implementation and administration of the corporate network infrastructure. Performing planning, monitoring and troubleshooting of all network equipment. Environment consisted of Windows 2003 based servers, XP workstations, Cisco LAN equipment and UNIX based firewalls. Technologies leveraged include Active Directory, Exchange 2003, SQL Server, Analysis Services, IIS, Sidewinder, Symantec products and VERITAS solutions.
  • Telecom administration of Iwatsu PBX, Blackberry handsets and Blackberry enterprise server. Duties included call flow design, system maintenance and mailbox administration.
  • Performed corporate security policy design and enforcement in a complex, multi DMZ network environment. Implementation encompassing VPN, policies firewall ACLs, SQL database security, antivirus management, group policies, wireless management and IIS hardening.
  • Installation and support of up to terabyte scale data warehouse(s) and high speed analytics solutions for internal clients as well as in partner environments.
  • Performance/Load testing of network solutions and scenarios to determine scalability and effective capacities. Worked closely with QA department as needed during product testing cycles.

True-Security Inc.

Network Security Consultant
2001-01-01 - 2003-01-01

True-Security was a small consultant firm working out of the twin cities area. Focusing on security solutions for the small to medium business.

  • Performed firewall/network deployments for a large base of small to medium sized businesses. Security policy development and remote support were also key responsibilities. Worked primarily with Netscreen based solutions and Soft Remote VPN client.
  • Provided corporate and client web development utilizing Macromedia tools on Apache and ColdFusion based servers. Project roles spanned from server setup through site development and deployment.
  • Shared administrative role on corporate network. Responsibilities included Firewall maintenance, Server setup and maintenance, DNS and Sendmail administration. Utilizing solutions such as Sidewinder, Windows 2003/XP and various Linux distributions.
  • Duties also included sales and pre-sales footwork. Lead generation, Sales support and follow-up. Tasks involve presentations and heavy customer contact.

Secure Computing

Network Security Support III/Team Lead
1999-01-01 - 2001-01-01

In 1984, a research group called the Secure Computing Technology Center (SCTC) was formed at Honeywell in Minneapolis, Minnesota. The centerpiece of SCTC was its work on security-evaluated operating systems for the NSA. This work included the Secure Ada Target (SAT) and the Logical Coprocessing Kernel (LOCK), both designed to meet the stringent A1 level of the Trusted Computer Systems Evaluation Criteria (TCSEC).

  • One of three Leads responsible for five person teams of network engineers. Worked in a 24 hour, high volume network support call center. Primary customers being US Military and Government installations. Responsible for team ticket review, quality assurance, customer follow-up and Level 3 escalations. Consistently held a top three position in call volume and “time till resolution” reports. Other responsibilities involved on-call duties, conducting training classes, and on-site customer consultation.
  • Developed and executed the security audit plan for the Sidewinder 5.0 firewall to ensure release readiness. Provided contributions to Common Criteria efforts by performing product penetration testing and code review. Utilized in depth knowledge of vulnerability identification and exploitation, along with secure coding methods to complete assignments. Specific technologies included C/C++ languages on BSD platforms.
  • Shared administrative role in multi-firewall high availability architecture. Responsibilities involved setup/maintenance, security policy design/enforcement, network planning and health monitoring. Solely responsible for load balancing equipment. Environment included: Solaris, BSD, Linux and Windows platforms; Sidewinder, Checkpoint and Raptor firewalls; Cisco routers as well as Radware, Alteon and F5 BigIP load balancers.
  • Performed multiple specialized research projects. Findings distributed to entire customer base via threat response “news blasts”. Results have also been included in press releases, and their public quarterly “Internet Security Newsletter”.

Various Contracts

Consultant
1996-01-01 - 1999-01-01

Working as an independent consultant for IT services in the Twin Cities area

  • Performed various roles for a wide range of local companies. Positions spanned from network rollouts to CTI development projects. Specific technologies included: Win NT/95, UNIX, Novell Servers; PBX Integration, Call center deployment, CCC Vectoring. Hardware utilized included: Lucent Switches, Cisco routers. Some clients include US BANK, Dayton Hudson, Spanlink Communications, Metro Transit, Star Tribune, Target Stores, Ellerbe Beckett, MinBlue Digital printing, Norwest Banks, RSP architects and ERS.

Education

KRS Computer and Business School
1996-06-01 - 1998-09-01
  • Network Technologies
  • Development in C/C++
  • SQL Development
  • Programming using MFC

Skills

Cloud Concepts
Advanced
  • Automation
  • Development
  • DevOps
  • CICD
  • Immutability
  • Idempotency
  • Autoscaling
  • Global Load Balancing
  • Chatops
  • Agile
  • Cloud Security
  • Microservices
  • Containerization
Network Security
Advanced
  • Offensive Security
  • Defensive Security
  • Audit
  • GRC
  • PCI
  • Pen Test
  • Risk Assessment
  • OSINT
  • Firewalls
  • WAF
  • IDS/IPS
  • EDR - Endpoint Detection and Response
  • Cloud Security
  • Security Tooling
Development
Advanced
  • Golang
  • Ruby
  • Python
  • Node
  • C/C++
  • YAML
  • Javascript
  • Typescript
  • Groovy
  • JSON
  • Solidity
  • Hardhat
  • Truffle Suite
  • Shell
  • TDD
  • Atom
  • VS Code
  • Goland
  • Agile
  • Drone 5/6
  • Artifactory
  • Jenkins
  • Github Actions
  • Kustomize
  • Tekton
  • Team Coding
  • Declarative API Architecture
  • Kubernetes Controller Model
  • Github API
  • AWS API
  • Azure API
  • Gcloud API
  • Prow
Cloud Tech
Advanced
  • Spinnaker
  • Kubernetes
  • Drone
  • Tekton
  • Jenkins
  • Gitlab
  • Github
  • ArgoCD
  • Consul
  • Github
  • Chef
  • Kind
  • Minikube
  • Vault
  • Heroku
  • Consul
  • Elasticsearch
  • Kibana
  • Splunk
  • Logstash
  • Terraform
  • VMware
  • VCOps
  • Stackstorm
  • Alert Manager
  • PagerDuty
  • ServiceNow
  • Slack
  • Big 3 Cloud Providers
  • API Development
Cloud Providers
Advanced
  • Amazon AWS
  • Google GCP
  • Google GCE
  • Azure
  • Rackspace
  • VMWare Cloud
  • Dreamhost Dream Compute
Security Tooling
Advanced
  • Metasploit
  • Burp Suite
  • ZAP - Zed Attack Proxy
  • Armitage
  • Shodan.io
  • Nessus
  • Foundstone
  • SQLMap
  • Veil-Evasion
  • Rubber Ducky
  • ESP8266 Net Tools
  • Wireshark
  • TCPDump
  • Aircrack-NG
  • Netcat
  • Backtrack
  • IDA Pro
  • Cain and Able
  • John the Ripper
  • Kali
  • Nikto Sitescanner
  • Hydra
  • SQLmap
  • Claire
  • Homebuilt Tooling

Languages

English
Native speaker

Interests

Event Driven Automation
  • IFTT
  • Stackstorm
  • Python
  • EDA
Web3
  • Blockchain
  • Solidity
  • HardHat
  • Truffle Suite
  • Smart Contract Development
  • Gaming NFT Development
  • IPFS
  • Alchemy
  • Metamask
  • Ledger
  • Remix IDE
  • Etherscan
AI
  • ChatGPT
  • Midjourney
  • BabyAGI
  • AutoGPT
Art and Creativity
  • Procreate
  • Sketchpad
  • Adobe Photoshop
  • Gimp