Nathan hails from San Jose, with frequent long visits to Michigan. While his work focuses on applied information science, mostly API design or scripting adaptive security pipelines, his non-work interests range widely, everything from cryptopolitics to swing dancing. He's looking for a small, tight-knit team with a long term vision.

Skills

Cryptocurrency

Advanced
  • Bitcoin
  • Multisig
  • lnd operations
  • Automated Arbitrage

Secure Operations

Advanced
  • Bitcoin
  • Hashicorp Vault
  • Hashicorp Vagrant
  • End-to-End Encryption
  • Secure Messaging

Education

Intermediate
  • Hands-on
  • Dialectic
  • Pair Programming
  • Philosophy

Backend Developer

Intermediate
  • API
  • MVC Architectures
  • Cryptographic Data
  • Python 3
  • Git
  • Elixir

Continuous Build & Release

Intermediate
  • Python 3
  • SaltStack
  • ParallelSSHX
  • Proguard
  • Continuous Delivery
  • Linux

Infrastructure as Code

Advanced
  • Puppet
  • SaltStack
  • Ansible
  • Terraform
  • AWS
  • GCP
  • Azure
  • Consul
  • ReDiS
  • Vault

Work Experience (18)

Enterprise Security Consultant at various Fortune 500 Companies
DigitalOnUs
April 2018 - February 2021
digitalonus.com

DevOps and SRE Services to accelerate development of cloud native apps for Enterprises

  • Product Manager for VaultAIDE

  • Developed and open-sourced an alternative to Terraform for managing Vault as Code using only Python standard libs & Requests, still in use at multiple HashiCorp Vault Enterprise customers

  • Produced multiple risk management recommendation reports for IT platform security for Fortune 100 financial services companies, addressing billions of dollars worth of risk

  • Designed, presented, and deployed holistic, company-wide secrets management services, using end-to-end encryption mechanisms, integrated via ReST APIs

  • Wrote other code (Python/GoLang/Terraform) as needed to improve architecture flexibility, software development speed, and reliability.

  • Introduced and instituted direct, code-based collaboration mechanisms for enterprise security policy automation

  • Secured automation pipelines by coding and integrating new Secure Authentication Mechanisms for Cloud, Hybrid, and legacy infrastructure, Secure Authorization Mechanisms, and Secure Dynamic Resources.

  • Developed and deployed self service & "platform onboarding" work flows for security platform adoption that moved from a 100% manual process to a touchless process that occurs by a deployment pipeline triggering security platform automation.

  • Prepared comprehensive vision for movement to Self Service & SRE model for Secrets Management & some Encryption platforms

  • Established generalized work flow for 'onboarding by default' where adding an app to a platform includes security platform featureset, using Vault ACL Policy Path Templating to scale adoption

  • Drafted vision for 'Platform Onboarding' model of which the above would become a part

  • Automated setup of OIDC Authentication method for Vault in Azure Active Directory, and scripted the addition of new Security Groups to Vault Enterprise as Identity Groups

  • Scripted onboarding of databases into Vault Enterprise

  • Developed a simple tool for parsing Vault Data for connections among objects for Vault Data filtering.

  • Currently pursuing the final and highest level of Vault Enterprise certification, which has not yet even been issued to anyone yet, by studying HashiCorp Sentinel

Systems Integrator Partner at HashiCorp Implementation Services
DigitalOnUs
March 2019 - April 2020
digitalonus.com

DevOps and SRE Services to accelerate development of cloud native apps for Enterprises

  • Developed and open-sourced an alternative to Terraform for managing Vault as Code, still in use at multiple HashiCorp Vault Enterprise customers

  • Product Manager for VaultAIDE (https://github.com/DigitalOnUs/VaultAIDE)

  • Advisor/mentor for the winning DigitalOnUs Hackathon project

  • Designed, presented, and deployed holistic, company-wide secrets management services, using end-to-end encryption mechanisms, integrated via ReST APIs.

  • Design, present, and deploy holistic, company-wide data protection services, using ReST integration and encryption mechanisms, for GDPR compliance, 90% PCI scope reduction, and beyond.

  • Rapidly establish deployment pipelines for Vault as Code via Terraform or Python in a matter of weeks for various customers.

Enterprise Security Architect at Gap
DigitalOnUs
April 2018 - March 2019
digitalonus.com

DevOps and SRE Services to accelerate development of cloud native apps for Enterprises

  • Designed, presented, and deployed holistic, company-wide secrets management services, using end-to-end encryption mechanisms, integrated via ReST APIs.

  • Design, present, and deploy holistic, company-wide data protection services, using ReST integration and encryption mechanisms, for GDPR compliance, 90% PCI scope reduction, and beyond.

  • Introduce and institute direct, code-based collaboration mechanisms for enterprise security policy automation.

  • Evaluate and compare new Adaptive Security systems.

  • Create and deploy new Infrastructure as Code.

  • Secured automation pipelines by coding and integrating new Secure Authentication Mechanisms for Cloud, Hybrid, and legacy infrastructure, Secure Authorization Mechanisms, and Secure Dynamic Resources.

  • Wrote code to improve architecture flexibility, software development speed, and reliability.

  • Automated operational discipline and standardization where necessary, e.g. local and remote development environments _as code_ via Vagrant or Docker (https://www.vagrantup.com/intro/vs/docker.html).

Cisco WebEx Systems Engineer / Architect
Netpace, Inc.
February 2017 - July 2017
netpace.com

Cisco WebEx allows people the flexibility to work and meet remotely.

  • Wrote a custom orchestration service in Python 3 for ReDiS Clusters

  • Wrote server-side code for maintaining ReDiS as the core "MicroService" for production Jabber session data handled by Cisco and WebEx.

  • Coded "launch on trigger" system for starting unattended deployment whenever a central repo gets updated.

  • Develop deployment code for HashiCorp Consul micro-services system for custom VIPs on demand, within the confines of a legacy network infrastructure.

  • Contributed to multiple open source repositories, including PuppetLabs and Consul.

  • Automate deployment & Consul monitoring for clustered HashiCorp Vault as another step toward managing secrets & infrastructure data as a REST-Based "MicroService"for all Cisco Jabber & WebEx Push Notifications.

  • Develop operational regimen for Vault, including master key management, along with a plan to move to the mantl.io stack.

  • 'Puppetize' Vault into our infrastructure as code repositories.

  • Start and help to design & develop our product's first CI/CD pipeline with fully automated deployments triggered by every code commit.

  • Deploy our first RedisLabs Enterprise Cluster (RLEC).

  • Developed our first host-centric network security profile code.

  • Developed, tested the code, documented and configured 6 modules, more than all else in our group combined.

  • Scripted a compatibility checker for Symantec certificate replacements, coded an automatic CSR generator, and an automatic certificate installer.

  • Successfully encourage all members of our group using github.com and our internal github.

  • Deploy first CEntOS 7 machines for our Production Environment.

  • Write and present the first set of infrastructure testing (as opposed to application testing) guidelines & justification for our product, including automated 'chaos monkey' style testing.

  • Write 1000+ question & answer page to complement more than 100 step-by-step how-to guides and design discussions, including video documentation.

  • Set up PKI based access for our beta systems.

Cisco WebEx Systems Engineer / Architect
Experis
July 2015 - February 2017
http://experistechfutures.com/en/company/cisco/

Cisco WebEx allows people the flexibility to work and meet remotely.

  • Orchestrate and and automate deployment for clustered ReDiS as the core "MicroService" for all production Jabber session data handled by Cisco and WebEx.

  • Implement Python 3 control systems for same to support stateless architecture.

  • Start the tech. refreshes for Python 3, Git, Vagrant, Docker, etc.

  • Proactively provided Cost Reduction and Security recommendations.

  • Refactor and port automated load testing in Python 3 for scalability, (tested at 1000%+ speed improvement for features replaced).

  • Prepare and give 6+ informal Python 3 and Git development training sessions for Operations, on my own initiative.

Senior Researcher
Bad Shell
April 2015 - Current

Bad Shell is a secure holding company for some research interests.

  • Develop a simple, stateless protein fold-completion verification algorithm capable of later extension by machine-learning and variable grammar.

  • Set up working relationships with contractors and possible enterprise customers.

  • Set up Bitcoin-funded infrastructure.

  • Co-developed a cryptocurrency arbitrage platform, 10+ exchanges integrated

Contractor at Western Digital
WorkBridge
January 2015 - February 2015
wdc.com
  • Responsible for communicating all project related process changes to the rest of the team.

  • Just like at my last job, I was the resident Git expert, and I have some tricks I can show you. One person actually told me, 'I am amazed.' It was a good day for me!

  • Demonstrated proficiency in Agile methodologies to support delivery.

  • Designed, developed, documented and tested Python 3 tool to automatically download, update via repository subscription, and manage local virtualized development environments using Vagrant, Virtualbox, Nexus, Git, and Sphinx.

  • Established drive encryption for me and a fellow team member (Ali Gowher

  • Source-control configuration management for Nexus server via SaltStack and Pillar for staging, test, build, and local deployment environments.

  • Created Vagrant system with Saltstack provisioning for one of our test environments.

Contractor at Tesla Motors
WorkBridge
December 2014 - January 2015
teslamotors.com

I'm still relatively junior, and I jumped at the opportunity to work in established environments like Tesla and WD. Although the time I spent there was short, I was able to accomplish a lot.

  • Implemented portable, virtualized development environment using Vagrant with automatic Puppet provisioning.

  • Set up version control for two codebases using the Git version control system.

  • Debugged Python build-scripts.

  • Set up asynchronous pre-receive validation Git hooks, asynchronous post-receive validation git hooks, and fabric scripts for our production codebase.

  • Automated branching strategy with shell script, later with LibGit2 bindings.

  • Set up merge-revert procedure that would allow a transparent un-merge and re-opening of a pull-request without removing or hiding results of a Git differential, and without needing intervention from the client software like Stash or Github.

  • Specified and scripted Copy-on-Write artifact replication, and server requirements for same.

Dev
Bitwage
September 2014 - November 2014
bitwage.co

Bitwage allows people to receive a percentage of their paycheck via the Bitcoin network.

  • Set up shell-provisioned vagrant build system.

  • Set up, on a short schedule, a really frustrating AML/KYC API for automatic customer approval on signup.

  • Refactored security and dependency management incrementally.

Contract Developer
37coins
April 2014 - August 2014
37coins.com

37coins is a platform for secure SMS messaging for Bitcoin transactions.

  • Assisted with continuous integration system, packaged Android app release, and supported templating scheme for localization.

  • Furthered ease of multisignature implementation by helping to draft and present article on the Married Wallets "meta-standard".

  • Onboarded other programmers, and reviewed code.

Sales
Bad Shell
November 2013 - April 2014

This is a shell company I formed for some consulting work.

Admin
Fit and Flow Studio
May 2013 - June 2014
fitandflowstudio.com

Fit and Flow Studio was a kind of “un-coop”. We tryed to combine the best features of co-op and regular business in a sort of non-profit style.

  • Learned some bangin' Bollywood dance moves.

  • Saved the company several thousand dollars in my first two weeks of work.

  • Handled contracts and other paperwork.

  • Found contractors for our renovations.

CIO
TeraRAM
January 2012 - April 2013
teraram.com

TeraRAM is a data-center wholesale company.

  • Set up multiple websites.

  • Enforced company security.

  • Set up the usual data management systems.

  • Added online sales channels.

  • Set up inventory control and testing regimen.

Technical Vice President
West General, LLC (San Jose, CA)
April 2009 - August 2012
westgeneral.com

TeraRAM is a data-center wholesale company.

  • Changed business model by increasing volume of national and materials only sales to >50%, cutting our time/sale by 80% and increasing profits by 30%.

  • Developed, scripted, and trained for our Customer Relationship Management system, resulting in hundreds of new 'warm' leads.

  • Set up online sales channels and expanded existing sales channels.

  • Showed our upper management how to use our data to identify new avenues for the rest of our team to pursue.

  • Centralized fileserver, hosting, and backup services for multiple operating systems, which twice prevented catastrophic data loss to our acoustic side, and once prevented the loss of an entire division of the company.

  • Began document control program.

Website Contractor
Star-Vista (San Mateo, CA)
May 2011 - August 2011
star-vista.org

Star-Vista is a public services organization supporting San Mateo County.

  • Technical lead for rebranding and rapid setup of a new website.

  • In the interest of speed, they wanted someone who could be relied upon to fuss with some of the more time-consuming technological i's to be dotted and t's to be crossed.

Assistant to the Construction Co-ordinator
Habitat for Humanity of Western Wayne County (Inkster, MI)
March 2008 - September 2008
habitatwwc.org

Habitat for Humanity lends a hand up to those who need it in Western Wayne County.

  • I just helped make sure that things which needed to get ordered got ordered, and kept track of what happened when the Construction Coordinator wasn't available.

Actor
Forever After Productions (Canton, MI)
August 2004 - September 2006
iheartforeverafter.org

Forever After Productions has been providing quality performing arts education and entertainment in the community since 2009.

  • I played supporting lead characters for two years in musical theater productions.

Canton Soccer Club
Level 8 Center Referee (Canton, MI)
August 2000 - March 2006
cantonsoccerclub.com

Offer soccer teams and leagues to the youth of Canton.

  • I prevented soccer games from reverting to their war-like origins, grew a thick skin, and arrived on time, every time.

Volunteer

Security Advisor
Risk Bazaar
May 2016 - Current

Peer to peer risk contracts on a Blockchain.

Advised on the information security implications of various technical decisions, and lent my thoughts on multi-party conditional transactions using Bitcoin.

I also gave some brief lessons on source control with tools like Git rebase.

  • Advise on TLS, Bitcoin scripting, and Git

  • Discuss and recommend different Bitcoin transaction types, (e.g. HTLC vs CLTV and CSV)

  • Discuss and recommend threat models

  • Help define branching model

  • Do light security testing

  • Begin CLI client in GoLang

StackOverflow
March 2013 - Current

Ask and answer various questions, and do some light moderation work

Education (7)

Associate
Computer Information Systems
West Valley College
2013 - 2014
  • Multivariable Calculus
  • Cryptography I
  • Data Structures
  • MASM x86 Assembly Programming
  • Discrete Math
  • Public Speaking
  • Shakespearean Literature
Decentralizer
Silicon Valley Bitcoin Users Meetup
2013 - 2020
Computer Science
U. of M. Dearborn
2003 - 2005
Computer and Information Sciences, General
Mission College (Hussein's Class)
2012 - 2012
Computer Science
Aquinas College
2006 - 2007
Computer Science
Schoolcraft College
2008 - 2009
Catalyst Cert.
Classics and Classical Languages, Literatures, and Linguistics
Explorers!
2002 - 2003

Awards

Hackathon First Place Winner
BCoin Hackathon
2017

"First place winners were Michael Folkson (he also wrote a personal recap of the event, here), Alex Bosworth, and Nathan Basanese for their Monetizing Fullnodes project. They showed a PoC that would allow fullnode operators to receive an income for running their own individual nodes, that utilized Lightning and bcoin." --https://v.gd/XFgOpG

Outstanding Contribution Award
CEO Global Demo Day - Cloud Engineering Operations
2017

The Director presented me with this for my Encryption as a Service (using HashiCorp Vault) Presentation on CEO's Global Demo Day.

Languages

English

Native speaker

Español

Intermediate

Elixir

Beginner

American Sign Language

Beginner

Interests

Teaching

  • Pair Programming
  • Hands-on Training
  • Continuing Ed
  • Pragmatic Programming

RPG Design

  • Role-playing
  • Games
  • Early Childhood Development

Bitcoin

  • Bitcoin scripting
  • Privacy
  • Lightning Network

Tezos

  • Functional Programming
  • Formal Verification as a Service
  • Formal Methods

Functional Programming

  • Proving Programs Correct
  • Elixir
  • Formal Methods

Dance

  • East Coast
  • Silly
  • Modern

Acting

  • Behavioralism
  • Improv
  • Status games

Behaviorism

  • Stimulus-response
  • Hypergamy
  • Criminology

Forests

  • Pothos
  • Vines
  • Giant Trees

References

“ Nathan was one of the early HashiCorp consultants hired and certified in our DevOps Practice. He has proved his ability at implementing and configuring HashiCorp Vault for a number of client engagements. His specialization lies in adoption and building integrations with Vault and leveraging Terraform Vault provider to automate many of the configurations details. Nathan is also great at doing high level assessments in the DevSecOps area and building vision documentation that serves as a roadmap for clients in their transformation journey. He has provided a number of inputs in improving the internal DevOps practice processes as well as being a mentor and trainer for new hires. He communicates well with the clients, co-workers and management teams and does not shy away from difficult conversations. I would definitely recommend him for any technical consulting, development or DevSecOps role in a cutting-edge enterprise. ”
Parminder Singh
“ Nathan is a brilliant and gifted guy, who is all about technology while still keeping a strategic mindset. I was blessed to come across Nathan at DigitalOnUs, who became a mentor to me, and allowed me to expand my horizons by involving me in his different initiatives. Contributed to DigitalOnUs by developing furthermore its InfoSec division through his very particular skillset in HashiCorp Vault and programming skills. He became one of the first contributors to the company's repositories by creating several projects to install HashiCorp enterprise products on AWS and Azure. Because of his accomplishments, his opinion and vision within the company are very well respected. He is one of the most driven people I've ever know who outperform his objectives. Nathan is a problem solver and a very dedicated person who adds great value anywhere he is. I'd like to emphasis that he is an ace of all trades, from architecture and development, to sales and soft skills; that being said, he is a must-have in your team/organization. He loves pushing others learn through example, he has mastery in lots of technologies like AWS, Azure, Python, Git, HashiCorp Vault, Terraform, and Blockchain. I, personally, have learned lots from him and his influence has been fundamental for my personal and career growth. Wherever and whoever Nathan crosses paths with, he leaves a very positive mark behind. ”
Marco Urrea
“ Nathan constantly pushes people to become better versions of themselves. He has a pretty good leadership skills, and he always seems to know a solution for a given problem. He has strong competence in Technology and Software Development, and is a strong advocate for encryption technologies. ”
Jay-Alexander Elliot
“ Nathan has that passion for learning new technologies and excellence. When we worked together at Cisco, he took on setting up Redis, Vault, and Consul, all while spending countless hours learning how Puppet, Jenkins and other automation tools functioned within the automation deployment process. When his hard work came to fruition, he became the subject matter expert and helped other teams understand how to use those technologies to their advantage. Although he has gone on to other ventures, the services he built are still running successfully, showing how well he thought of and implemented everything. I really enjoyed working with Nathan, he is a great team player and is someone you can learn a lot from. ”
Reginald Roque
“ Nathan is the type of thinker and tinkerer that built the reputation of Silicon Valley in the first place. He can not only solve complex technical problems (which is valuable in itself) but he also has an understanding of what short term actions cause those problems in the first place. Once you learn to filter out Nathan's self deprecation, it'll become abundantly clear to you of the value that he could bring to your organization. He is also enthusiastic about educating others and great company! ”
Michael Folkson
“ Nathan is thoughtful, scientific in his approach to solving problems. When talking with him at length it is apparent that he has a well rooted understanding of a broad range of topics from computer programming, cryptography, psychology, economics and governance to name a few. At the Silicon Valley Bitcoin Meetup we've come to find Nathan's questions of the presenters to be insightful, imaginative and interesting. He holds a genuine interest in helping humanity. It's always fun brainstorming with Nathan. I think Nathan would be the sort of person who would be good at leading an integration of DevOps techniques given his demonstrated experience with automating system builds with vagrant and his interest in Docker for automating speedy deployments of Internet infrastructure. ”
Joe Baker
“ In the role of Network Manager, Nathan helped refine West General Acoustics' web presence, which resulted in increased sales and a broader market reach. We greatly benefitted from Nathan's expertise in handling all of our technical/network related tasks. His extensive knowledge base and experience is clearly an asset to any team. ”
Sharon Sullivan
“ I've been meeting Nathan at Bitcoin meetups in Sunnyvale. I was impressed by how fast Nathan pickups up new technologies to get stuff done - both for his work projects and for personal use. Nathan is also a good teacher when it comes to explaining technology to the less savvy. ”
Avram Kantorovich