Nathan hails from San Jose, with frequent long visits to Michigan. While his work focuses on applied information science, mostly API design or scripting adaptive security pipelines, his non-work interests range widely, everything from cryptopolitics to swing dancing. He's looking for a small, tight-knit team with a long term vision.
DevOps and SRE Services to accelerate development of cloud native apps for Enterprises
Product Manager for VaultAIDE
Developed and open-sourced an alternative to Terraform for managing Vault as Code using only Python standard libs & Requests, still in use at multiple HashiCorp Vault Enterprise customers
Produced multiple risk management recommendation reports for IT platform security for Fortune 100 financial services companies, addressing billions of dollars worth of risk
Designed, presented, and deployed holistic, company-wide secrets management services, using end-to-end encryption mechanisms, integrated via ReST APIs
Wrote other code (Python/GoLang/Terraform) as needed to improve architecture flexibility, software development speed, and reliability.
Introduced and instituted direct, code-based collaboration mechanisms for enterprise security policy automation
Secured automation pipelines by coding and integrating new Secure Authentication Mechanisms for Cloud, Hybrid, and legacy infrastructure, Secure Authorization Mechanisms, and Secure Dynamic Resources.
Developed and deployed self service & "platform onboarding" work flows for security platform adoption that moved from a 100% manual process to a touchless process that occurs by a deployment pipeline triggering security platform automation.
Prepared comprehensive vision for movement to Self Service & SRE model for Secrets Management & some Encryption platforms
Established generalized work flow for 'onboarding by default' where adding an app to a platform includes security platform featureset, using Vault ACL Policy Path Templating to scale adoption
Drafted vision for 'Platform Onboarding' model of which the above would become a part
Automated setup of OIDC Authentication method for Vault in Azure Active Directory, and scripted the addition of new Security Groups to Vault Enterprise as Identity Groups
Scripted onboarding of databases into Vault Enterprise
Developed a simple tool for parsing Vault Data for connections among objects for Vault Data filtering.
Currently pursuing the final and highest level of Vault Enterprise certification, which has not yet even been issued to anyone yet, by studying HashiCorp Sentinel
DevOps and SRE Services to accelerate development of cloud native apps for Enterprises
Developed and open-sourced an alternative to Terraform for managing Vault as Code, still in use at multiple HashiCorp Vault Enterprise customers
Product Manager for VaultAIDE (https://github.com/DigitalOnUs/VaultAIDE)
Advisor/mentor for the winning DigitalOnUs Hackathon project
Designed, presented, and deployed holistic, company-wide secrets management services, using end-to-end encryption mechanisms, integrated via ReST APIs.
Design, present, and deploy holistic, company-wide data protection services, using ReST integration and encryption mechanisms, for GDPR compliance, 90% PCI scope reduction, and beyond.
Rapidly establish deployment pipelines for Vault as Code via Terraform or Python in a matter of weeks for various customers.
DevOps and SRE Services to accelerate development of cloud native apps for Enterprises
Designed, presented, and deployed holistic, company-wide secrets management services, using end-to-end encryption mechanisms, integrated via ReST APIs.
Design, present, and deploy holistic, company-wide data protection services, using ReST integration and encryption mechanisms, for GDPR compliance, 90% PCI scope reduction, and beyond.
Introduce and institute direct, code-based collaboration mechanisms for enterprise security policy automation.
Evaluate and compare new Adaptive Security systems.
Create and deploy new Infrastructure as Code.
Secured automation pipelines by coding and integrating new Secure Authentication Mechanisms for Cloud, Hybrid, and legacy infrastructure, Secure Authorization Mechanisms, and Secure Dynamic Resources.
Wrote code to improve architecture flexibility, software development speed, and reliability.
Automated operational discipline and standardization where necessary, e.g. local and remote development environments _as code_ via Vagrant or Docker (https://www.vagrantup.com/intro/vs/docker.html).
Cisco WebEx allows people the flexibility to work and meet remotely.
Wrote a custom orchestration service in Python 3 for ReDiS Clusters
Wrote server-side code for maintaining ReDiS as the core "MicroService" for production Jabber session data handled by Cisco and WebEx.
Coded "launch on trigger" system for starting unattended deployment whenever a central repo gets updated.
Develop deployment code for HashiCorp Consul micro-services system for custom VIPs on demand, within the confines of a legacy network infrastructure.
Contributed to multiple open source repositories, including PuppetLabs and Consul.
Automate deployment & Consul monitoring for clustered HashiCorp Vault as another step toward managing secrets & infrastructure data as a REST-Based "MicroService"for all Cisco Jabber & WebEx Push Notifications.
Develop operational regimen for Vault, including master key management, along with a plan to move to the mantl.io stack.
'Puppetize' Vault into our infrastructure as code repositories.
Start and help to design & develop our product's first CI/CD pipeline with fully automated deployments triggered by every code commit.
Deploy our first RedisLabs Enterprise Cluster (RLEC).
Developed our first host-centric network security profile code.
Developed, tested the code, documented and configured 6 modules, more than all else in our group combined.
Scripted a compatibility checker for Symantec certificate replacements, coded an automatic CSR generator, and an automatic certificate installer.
Successfully encourage all members of our group using github.com and our internal github.
Deploy first CEntOS 7 machines for our Production Environment.
Write and present the first set of infrastructure testing (as opposed to application testing) guidelines & justification for our product, including automated 'chaos monkey' style testing.
Write 1000+ question & answer page to complement more than 100 step-by-step how-to guides and design discussions, including video documentation.
Set up PKI based access for our beta systems.
Cisco WebEx allows people the flexibility to work and meet remotely.
Orchestrate and and automate deployment for clustered ReDiS as the core "MicroService" for all production Jabber session data handled by Cisco and WebEx.
Implement Python 3 control systems for same to support stateless architecture.
Start the tech. refreshes for Python 3, Git, Vagrant, Docker, etc.
Proactively provided Cost Reduction and Security recommendations.
Refactor and port automated load testing in Python 3 for scalability, (tested at 1000%+ speed improvement for features replaced).
Prepare and give 6+ informal Python 3 and Git development training sessions for Operations, on my own initiative.
Bad Shell is a secure holding company for some research interests.
Develop a simple, stateless protein fold-completion verification algorithm capable of later extension by machine-learning and variable grammar.
Set up working relationships with contractors and possible enterprise customers.
Set up Bitcoin-funded infrastructure.
Co-developed a cryptocurrency arbitrage platform, 10+ exchanges integrated
Responsible for communicating all project related process changes to the rest of the team.
Just like at my last job, I was the resident Git expert, and I have some tricks I can show you. One person actually told me, 'I am amazed.' It was a good day for me!
Demonstrated proficiency in Agile methodologies to support delivery.
Designed, developed, documented and tested Python 3 tool to automatically download, update via repository subscription, and manage local virtualized development environments using Vagrant, Virtualbox, Nexus, Git, and Sphinx.
Established drive encryption for me and a fellow team member (Ali Gowher
Source-control configuration management for Nexus server via SaltStack and Pillar for staging, test, build, and local deployment environments.
Created Vagrant system with Saltstack provisioning for one of our test environments.
I'm still relatively junior, and I jumped at the opportunity to work in established environments like Tesla and WD. Although the time I spent there was short, I was able to accomplish a lot.
Implemented portable, virtualized development environment using Vagrant with automatic Puppet provisioning.
Set up version control for two codebases using the Git version control system.
Debugged Python build-scripts.
Set up asynchronous pre-receive validation Git hooks, asynchronous post-receive validation git hooks, and fabric scripts for our production codebase.
Automated branching strategy with shell script, later with LibGit2 bindings.
Set up merge-revert procedure that would allow a transparent un-merge and re-opening of a pull-request without removing or hiding results of a Git differential, and without needing intervention from the client software like Stash or Github.
Specified and scripted Copy-on-Write artifact replication, and server requirements for same.
Bitwage allows people to receive a percentage of their paycheck via the Bitcoin network.
Set up shell-provisioned vagrant build system.
Set up, on a short schedule, a really frustrating AML/KYC API for automatic customer approval on signup.
Refactored security and dependency management incrementally.
37coins is a platform for secure SMS messaging for Bitcoin transactions.
Assisted with continuous integration system, packaged Android app release, and supported templating scheme for localization.
Furthered ease of multisignature implementation by helping to draft and present article on the Married Wallets "meta-standard".
Onboarded other programmers, and reviewed code.
This is a shell company I formed for some consulting work.
Fit and Flow Studio was a kind of “un-coop”. We tryed to combine the best features of co-op and regular business in a sort of non-profit style.
Learned some bangin' Bollywood dance moves.
Saved the company several thousand dollars in my first two weeks of work.
Handled contracts and other paperwork.
Found contractors for our renovations.
TeraRAM is a data-center wholesale company.
Set up multiple websites.
Enforced company security.
Set up the usual data management systems.
Added online sales channels.
Set up inventory control and testing regimen.
TeraRAM is a data-center wholesale company.
Changed business model by increasing volume of national and materials only sales to >50%, cutting our time/sale by 80% and increasing profits by 30%.
Developed, scripted, and trained for our Customer Relationship Management system, resulting in hundreds of new 'warm' leads.
Set up online sales channels and expanded existing sales channels.
Showed our upper management how to use our data to identify new avenues for the rest of our team to pursue.
Centralized fileserver, hosting, and backup services for multiple operating systems, which twice prevented catastrophic data loss to our acoustic side, and once prevented the loss of an entire division of the company.
Began document control program.
Star-Vista is a public services organization supporting San Mateo County.
Technical lead for rebranding and rapid setup of a new website.
In the interest of speed, they wanted someone who could be relied upon to fuss with some of the more time-consuming technological i's to be dotted and t's to be crossed.
Habitat for Humanity lends a hand up to those who need it in Western Wayne County.
I just helped make sure that things which needed to get ordered got ordered, and kept track of what happened when the Construction Coordinator wasn't available.
Forever After Productions has been providing quality performing arts education and entertainment in the community since 2009.
I played supporting lead characters for two years in musical theater productions.
Offer soccer teams and leagues to the youth of Canton.
I prevented soccer games from reverting to their war-like origins, grew a thick skin, and arrived on time, every time.
Peer to peer risk contracts on a Blockchain.
Advised on the information security implications of various technical decisions, and lent my thoughts on multi-party conditional transactions using Bitcoin.
I also gave some brief lessons on source control with tools like Git rebase.
Advise on TLS, Bitcoin scripting, and Git
Discuss and recommend different Bitcoin transaction types, (e.g. HTLC vs CLTV and CSV)
Discuss and recommend threat models
Help define branching model
Do light security testing
Begin CLI client in GoLang
Ask and answer various questions, and do some light moderation work
"First place winners were Michael Folkson (he also wrote a personal recap of the event, here), Alex Bosworth, and Nathan Basanese for their Monetizing Fullnodes project. They showed a PoC that would allow fullnode operators to receive an income for running their own individual nodes, that utilized Lightning and bcoin." --https://v.gd/XFgOpG
The Director presented me with this for my Encryption as a Service (using HashiCorp Vault) Presentation on CEO's Global Demo Day.
“ Nathan was one of the early HashiCorp consultants hired and certified in our DevOps Practice. He has proved his ability at implementing and configuring HashiCorp Vault for a number of client engagements. His specialization lies in adoption and building integrations with Vault and leveraging Terraform Vault provider to automate many of the configurations details. Nathan is also great at doing high level assessments in the DevSecOps area and building vision documentation that serves as a roadmap for clients in their transformation journey. He has provided a number of inputs in improving the internal DevOps practice processes as well as being a mentor and trainer for new hires. He communicates well with the clients, co-workers and management teams and does not shy away from difficult conversations. I would definitely recommend him for any technical consulting, development or DevSecOps role in a cutting-edge enterprise. ”
“ Nathan is a brilliant and gifted guy, who is all about technology while still keeping a strategic mindset. I was blessed to come across Nathan at DigitalOnUs, who became a mentor to me, and allowed me to expand my horizons by involving me in his different initiatives. Contributed to DigitalOnUs by developing furthermore its InfoSec division through his very particular skillset in HashiCorp Vault and programming skills. He became one of the first contributors to the company's repositories by creating several projects to install HashiCorp enterprise products on AWS and Azure. Because of his accomplishments, his opinion and vision within the company are very well respected. He is one of the most driven people I've ever know who outperform his objectives. Nathan is a problem solver and a very dedicated person who adds great value anywhere he is. I'd like to emphasis that he is an ace of all trades, from architecture and development, to sales and soft skills; that being said, he is a must-have in your team/organization. He loves pushing others learn through example, he has mastery in lots of technologies like AWS, Azure, Python, Git, HashiCorp Vault, Terraform, and Blockchain. I, personally, have learned lots from him and his influence has been fundamental for my personal and career growth. Wherever and whoever Nathan crosses paths with, he leaves a very positive mark behind. ”
“ Nathan constantly pushes people to become better versions of themselves. He has a pretty good leadership skills, and he always seems to know a solution for a given problem. He has strong competence in Technology and Software Development, and is a strong advocate for encryption technologies. ”
“ Nathan has that passion for learning new technologies and excellence. When we worked together at Cisco, he took on setting up Redis, Vault, and Consul, all while spending countless hours learning how Puppet, Jenkins and other automation tools functioned within the automation deployment process. When his hard work came to fruition, he became the subject matter expert and helped other teams understand how to use those technologies to their advantage. Although he has gone on to other ventures, the services he built are still running successfully, showing how well he thought of and implemented everything. I really enjoyed working with Nathan, he is a great team player and is someone you can learn a lot from. ”
“ Nathan is the type of thinker and tinkerer that built the reputation of Silicon Valley in the first place. He can not only solve complex technical problems (which is valuable in itself) but he also has an understanding of what short term actions cause those problems in the first place. Once you learn to filter out Nathan's self deprecation, it'll become abundantly clear to you of the value that he could bring to your organization. He is also enthusiastic about educating others and great company! ”
“ Nathan is thoughtful, scientific in his approach to solving problems. When talking with him at length it is apparent that he has a well rooted understanding of a broad range of topics from computer programming, cryptography, psychology, economics and governance to name a few. At the Silicon Valley Bitcoin Meetup we've come to find Nathan's questions of the presenters to be insightful, imaginative and interesting. He holds a genuine interest in helping humanity. It's always fun brainstorming with Nathan. I think Nathan would be the sort of person who would be good at leading an integration of DevOps techniques given his demonstrated experience with automating system builds with vagrant and his interest in Docker for automating speedy deployments of Internet infrastructure. ”
“ In the role of Network Manager, Nathan helped refine West General Acoustics' web presence, which resulted in increased sales and a broader market reach. We greatly benefitted from Nathan's expertise in handling all of our technical/network related tasks. His extensive knowledge base and experience is clearly an asset to any team. ”
“ I've been meeting Nathan at Bitcoin meetups in Sunnyvale. I was impressed by how fast Nathan pickups up new technologies to get stuff done - both for his work projects and for personal use. Nathan is also a good teacher when it comes to explaining technology to the less savvy. ”