Andy Potanin, Developer in Durham, NC, United States
Andy is available for hire
Hire Andy

Andy Potanin

Verified Expert  in Engineering

Network Protocols Developer

Location
Durham, NC, United States
Toptal Member Since
February 9, 2018

Starting in the elite 0656 Tactical Data group, Andy collaborated with Marine Recon and Navy SEALs on secure, real-time data solutions. Transitioning to tech, he founded a software company that scaled to millions of users. He led digitization projects for Apple and Blackboard and transformed Transact into a cloud-native powerhouse, processing $65 billion annually. Andy's expertise in cloud security and digital logistics sets him apart as a tech leader.

Portfolio

Transact Holdings
Azure, Azure DevOps, Octopus Deploy, Network Architecture, Network Design...
Blackboard
Docker, Windows PowerShell, Jenkins, Octopus Deploy, Azure Service Fabric...
Usability Dynamics
Platform as a Service (PaaS), Cloud Computing, DevOps, Technical Leadership...

Experience

Availability

Full-time

Preferred Environment

Google Compute Engine (GCE), Docker, SFTP, SSH, Atom, Visual Studio, GitHub

The most amazing...

...thing I've created was a container-driven hosting platform focused on CI and workflow that allows developers to deliver more quickly and efficiently.

Work Experience

Cloud Automation Manager

2020 - PRESENT
Transact Holdings
  • Orchestrated the Cloud Automation Group (CAG), enhancing platform engineering for secure automation and a cloud-first approach following the divestiture from Blackboard, marking a significant transition for the organization.
  • Developed decentralized deployment automation infrastructure, managing diverse multi-tenant customer workloads, significantly boosting operational efficiency and scalability across various platforms and environments.
  • Incorporated stringent security and compliance standards like SOC 2 and PCI-DSS into all cloud automation and platform engineering initiatives, ensuring an uncompromising security posture and reflecting industry best practices.
  • Integrated real-time, normalized data collection and feedback loops into the value delivery chain, significantly enhancing business intelligence and fostering rapid, informed decision-making throughout the organization.
  • Led the modularization and wide-scale distribution of force-multiplier technologies, strategically leveraging the power of microservices to improve operational agility and align with best-in-class software delivery methodologies.
  • Enabled rapid code deployment to the cloud in under 20 minutes with built-in disaster recovery and compliance, creating 30+ reusable IaC templates that significantly reduced labor costs and facilitated team self-service.
  • Conducted over 400 consulting and training sessions, embedding in new teams to enhance quality from the start, shifting quality left, and augmenting development expertise, transforming the culture, tools, and practices.
  • Onboarded six product teams into standardized pipelines, reducing onboarding time from 12 months to 35 days, deprecating legacy tools while maintaining 100% uptime, and facilitating thousands of releases and deployments.
  • Proposed and implemented an Infrastructure as Code solution for high availability, ensuring automated setup, deployment, and security of critical servers, and managed a multi-region architecture to enhance reliability.
  • Leveraged a comprehensive suite of repositories to drive DevSecOps practices, utilizing tools like GitHub, JFrog, Terraform, Kubernetes, Docker, Azure DevOps, and Key Vault, inspired by the 12-factor app methodology.
Technologies: Azure, Azure DevOps, Octopus Deploy, Network Architecture, Network Design, Team Leadership, IT Security

Senior DevOps Engineer

2018 - 2020
Blackboard
  • Automated Dockerized microservice deployments to Azure Service Fabric, boosting scalability and operational efficiency, resulting in a 50% increase in deployment speed and reliability.
  • Streamlined microservice deployments and infrastructure updates using Octopus Deploy, reducing manual intervention by 40% and minimizing deployment errors.
  • Implemented high-availability multi-region service and infrastructure deployments, ensuring 99.9% uptime and robust application performance across multiple regions.
  • Developed and modularized reusable deployment scripts and modules, reducing set-up time by 60% and improving overall operational efficiency.
  • Provisioned diverse Azure resources, including Key Vault, Cosmos DB, Service Bus, and Event Hubs, enhancing flexibility, scalability, and security of cloud operations.
  • Created advanced multi-environment and multi-region ARM templates for Azure resource management, improving resource orchestration efficiency by 30%.
  • Leveraged a comprehensive toolkit, including Azure, Azure Service Fabric, Octopus Deploy, PowerShell, Jenkins, and Docker, to support efficient and resilient cloud operations.
  • Architected and implemented a cloud-native solution for Mobile Credential for Apple Pay, earning commendation from Apple for creating a secure and innovative cloud automation pipeline.
  • Reduced administrative overhead by automating access control and service management, allowing staff to focus on strategic initiatives and improving overall productivity.
Technologies: Docker, Windows PowerShell, Jenkins, Octopus Deploy, Azure Service Fabric, Azure, Terraform, Amazon Web Services (AWS), Technical Leadership, Kubernetes, Redis, Load Balancers, Azure DevOps, Azure Functions, Azure Kubernetes Service (AKS), DevOps Engineer, Python, Cloud Architecture, Network Security, Azure Cosmos DB, Azure Service Bus, Azure Key Vault, Compliance, Role-based Access Control (RBAC), CI/CD Pipelines, Infrastructure as Code (IaC), Network Architecture, IT Security

Founder

2011 - 2020
Usability Dynamics
  • Launched Usability Dynamics (UDX), a VOSB focusing on delivering secure, compliant tech solutions, leveraging my USMC cyber operations background.
  • Led a landmark project for Lockheed Martin, developing a cloud-based interface for their SBIR/STTR programs, showcasing our ability to deliver innovative solutions.
  • Pioneered business strategies in the B2B space, identifying niche markets and partnerships while ensuring secure, compliant solutions.
  • Fostered a culture of continuous learning and growth, developing a robust, decentralized deployment automation infrastructure with stringent security standards.
  • Released transformative open-source solutions, including WP-Invoice, WP-CRM, and WP-Property, contributing to the tech community and demonstrating our commitment to transparency.
  • Managed a diverse team of full-stack engineers and product owners, providing strategic guidance and mentorship.
  • Partnered with senior engineers to construct a tech roadmap, focusing on operational sustainability, scalability, and risk mitigation.
  • Championed cross-team collaboration to build strategies that improved our ability to scale, integrating DevSecOps principles into our workflows.
  • Oversaw the development of Node.js-based web services and engineered deployment strategies on AWS, GCE, and Azure, leveraging Docker to build a proprietary hosting platform.
Technologies: Platform as a Service (PaaS), Cloud Computing, DevOps, Technical Leadership, Load Balancers, Site Reliability Engineering (SRE), Datadog, Cloud Architecture, Enterprise Architecture, Continuous Integration (CI), Leadership, Vendor Management, Team Leadership

Senior Technical Manager

2014 - 2017
Usability Dynamics
  • Migrated 140 client applications from single-node deployments to containerized horizontally scalable clusters on Google Cloud Platform (GCP).
  • Engineered various deployment strategies on AWS, GCE, and Azure.
  • Trained team members on stateless application development patterns and continuous integration (CI) patterns.
  • Gained a great deal of experience with Docker while building a proprietary Docker-based hosting platform.
  • Implemented container-based continuous deployment (CD) and development and workflow principles.
  • Published 13 public packages and 17 more private packages; more information can be found at Npmjs.com/~andy.potanin.
  • Published over 40 Docker images. (more information can be found at Hub.docker.com/u/andypotanin/).
  • Oversaw the development of multiple Node.js-based web services.
Technologies: NGINX, HAProxy, RabbitMQ, CircleCI, Elasticsearch, CoreOS, Docker, Node.js, Azure, Google Compute Engine (GCE), Google Cloud Platform (GCP), Technical Leadership, Kubernetes, Redis, Load Balancers, DevOps Engineer, Amazon Web Services (AWS), Cloud Architecture, Enterprise Architecture, Role-based Access Control (RBAC), Google Cloud SQL, Google Kubernetes Engine (GKE), CI/CD Pipelines, Infrastructure as Code (IaC), Team Leadership, IT Security

Full-stack Senior Developer

2012 - 2014
Usability Dynamics
  • Developed a WordPress hosting infrastructure based on Docker; oversaw the development of WP-Property, WP-Invoice, WP-CRM, and WP-Stateless.
  • Leveraged a variety of technologies (Elasticsearch, RabbitMQ, and Percona) and deployments on numerous long-term projects.
  • Published and participated in over 400 repositories.
  • Made over 7,000 codebase contributions and revisions; more information can be found at the link: Github.com/andypotanin.
  • Reached the top 11% in 2017 on Stack Overflow; can be seen using the link, Stackoverflow.com/users/104247/andy.
  • Oversaw the development of WordPress products with over 630,000 downloads; more information can be found at Profiles.wordpress.org/andypotanin/#content-plugins.
Technologies: VMware vCenter, Linux, MySQL, HHVM, PHP, WordPress, GitFlow, GitHub, Varnish, Load Balancers, Amazon Web Services (AWS), Enterprise Architecture, Network Security, Role-based Access Control (RBAC), Google Cloud SQL, Google Kubernetes Engine (GKE), CI/CD Pipelines, Infrastructure as Code (IaC), IT Security

Systems Engineer | Applications Developer

2010 - 2012
Northrop Grumman | TASC
  • Oversaw the development of a web-based ERP system customized for the unique business process of the technical engineering and assistance team (TE&AT) with an objective to support the US Marine Corps logistics forces.
  • Supported the Marine Corps' mission as a member of a 25-person team.
  • Improved daily operations by leveraging various technologies.
  • Created methods for analyzing and quantifying team member performance.
Technologies: Linux, MySQL, PHP, WordPress, Load Balancers, Enterprise Architecture, Network Security, IT Security

Information Technology Chief

2005 - 2010
United States Marine Corps
  • Led a group of eight-to-eleven IT personnel in the day-to-day operations.
  • Coordinated and scheduled IT training sessions which were tailored specifically for the individual at hand.
  • Conducted performance evaluations and recommendations for promotion.
  • Implemented a SharePoint powered asset and task tracking system for section cohesion.
  • Delegated and supervised a monthly average of 42.5 individual tasks and projects within IT.
  • Managed an inventory valued over $1.2 million—achieving a 100% compliance in a field supply and maintenance analysis office (FSMAO) inspection.
Technologies: Linux, Security, WiFi, SharePoint, Windows Server 2003, Cisco Networking, Technical Leadership, Enterprise Architecture, Network Security, Network Architecture, Network Design, Team Leadership, IT Security

Apple Pay Campus ID (Mobile Credential)

https://marketing.transactcampus.com/campus-id
As the DevOps lead for the Mobile Credential project, I played a crucial role in integrating cloud automation and Apple Pay to enhance campus security and operational efficiency. I automated Dockerized microservice deployments to Azure Service Fabric, significantly boosting scalability and deployment speed. By streamlining deployments with Octopus Deploy, I reduced manual interventions and minimized errors. Implementing a high-availability multi-region architecture ensured 99.9% uptime and consistent performance. I provisioned Azure resources such as Key Vault, Cosmos DB, Service Bus, and Event Hubs to enhance flexibility and security.

Additionally, I developed advanced ARM templates for efficient resource orchestration and set up comprehensive monitoring and alerting systems to maintain service reliability. Collaborating with Apple, we ensured compliance with stringent security standards, earning commendation for our innovative and secure solution. This project reduced operational costs, streamlined processes, and provided students with a seamless, user-friendly experience, enabling secure, contactless access and payments using Apple Pay.

Rabbit.ci Container Platform on Google Cloud Platform (GCP)

A robust PaaS for a Node.js, WordPress, and PHP application deployment that is focused on the GitHub workflow. The platform was created to be a hosting solution that puts the workflow first, making it one of the first hosting platforms that can handle the entire CI process.

This platform predates Kubernetes but is very similar in many ways. However, many things that Kubernetes does not provide, our platform handles very well, most notably a native caching and proxying layer.

The platform is a self-healing network of CoreOS machines that are moving production and staging containers around the data center with zero-downtime due to a status-aware state-of-the-art proxy, powered by a tightly coupled HAProxy, Varnish, and Node.js proxy layer.

Containers are provisioned automatically when new GitHub branches are created and retired when a branch is removed. Developers can SSH or SFTP into any running environment using their GitHub credentials.

The stack provisions CloudFront distributions for each application and handles invalidation requests automatically. Meanwhile, the data layer is handled by client-specific Percona clusters with a Memcached-based object-caching.

BoxMLS Infrastructure on the Google Cloud Platform (GCP)

A San Francisco-based company that is changing the real estate scene, BoxMLS runs a highly distributed network of Node.js microservices with a rock-solid continuous integration process. Millions of records are stored in an optimized Elasticsearch cluster with tasks and jobs being distributed via RabbitMQ.

BoxMLS service monitors a number of multiple listing services (MLS) for data changes, normalizes and standardizes real estate data, and can send change notifications to subscribers even faster than MLS serverless.

Transact IDX

https://www.transactcampus.com/solutions/campus-id/transact-idx
As the DevOps lead for the Transact IDX project, I spearheaded the integration of cloud automation to modernize campus ID solutions. I streamlined Dockerized microservice deployments on Azure Kubernetes Service (AKS), enhancing both scalability and deployment speed. Leveraging Azure DevOps for our CI/CD pipelines, I effectively eliminated manual interventions and reduced errors. By designing a multi-region, high-availability architecture, I ensured 99.95% uptime and robust performance. I provisioned essential Azure resources, including Azure Active Directory for secure access, Blob Storage for scalable data management, and Azure SQL Database for reliable data handling.

To optimize resource management, I developed sophisticated ARM templates and implemented comprehensive monitoring and alerting with Azure Monitor and Application Insights, ensuring consistent service reliability. Working closely with our security and compliance teams, we adhered to strict standards, earning praise for our secure and innovative solution. This project not only cut operational costs but also simplified campus processes, offering students a seamless, secure, and contactless experience for access and transactions.

WP-Stateless WordPress Plugin for Google Cloud Platform (GCP)

https://wordpress.org/plugins/wp-stateless/
A WordPress plugin that helps WordPress sites operate more like proper "twelve-factor" applications by moving media assets to a Google Cloud Storage bucket used as a backing service, allowing for WordPress sites to be migrated and scaled horizontally without having to migrate the media files. The integration is entirely seamless, with WordPress unaware that the actual files are stored in a remote bucket.

• Wordpress.org/plugins/wp-stateless
• Github.com/wpCloud/wp-stateless

Red Door Company Infrastructure

https://reddoorcompany.com
A cutting-edge brokerage based out of Durham, NC has a native-feeling React.js front-end powered by the WordPress API. The application platform runs in a distributed Docker cluster and is backed by a Percona Cluster for the data layer, augmented by Elasticsearch.

The application consumes MLS changes in real-time, analyzes each listing's data, and constantly generates unique landing pages to deliver market updates to the web faster than any competitor.
2017 - 2019

Master's Degree in General Business Administration and Management (MBA)

University of North Carolina at Chapel Hill - Chapel Hill, NC, USA

2010 - 2012

Master's Degree in Business Administration and Management, Procurement, and Acquisitions (MBA)

Webster University - Camp Lejeune, NC, USA

2005 - 2010

Bachelor's Degree in Information Technology Management and Security

Campbell University - Camp Lejeune, NC, USA

AUGUST 2009 - PRESENT

Security+

CompTIA

JULY 2008 - PRESENT

Network+

CompTIA

Libraries/APIs

Google Cloud API, Google Geocoding API, RequireJS, Lodash, jQuery, jQuery Plugins, WordPress REST API, GitHub API, WordPress API, Node.js, Slack API, Stripe API, Backbone.js, Authorize.net, PayPal API, Google Maps API

Tools

GitHub, Azure Key Vault, Google Kubernetes Engine (GKE), Git, Varnish, CircleCI, WP-CLI, NPM, Google Compute Engine (GCE), Amazon CloudFront CDN, Mocha, Docker Swarm, Terraform, Azure Kubernetes Service (AKS), NGINX, RabbitMQ, Composer, PageSpeed, Atom, Jenkins, PHP-FPM, VaultPress, Google Analytics, Let's Encrypt, AWS CloudFormation, Ansible, Makefile, Grunt, Gulp, Jupyter, Artifactory, Visual Studio, Multiple Listing Services (MLS)

Frameworks

Express.js, Windows PowerShell, Knockout (Knockout.js), AngularJS, PHPUnit

Languages

PHP, Bash Script, PHP 5, JavaScript, Markdown, Less, CSS, HTML5, Go, Python

Paradigms

REST API Architecture, DevOps, Continuous Integration (CI), Continuous Deployment, Automated Testing, Management, Role-based Access Control (RBAC), Agile Software Development, Unit Testing, Azure DevOps, API Architecture

Platforms

Linux, Kubernetes, WordPress, Docker, Azure, Google Cloud Platform (GCP), CoreOS, Amazon Web Services (AWS), Azure Functions, Azure Service Fabric, Debian Linux, Apache2, Ubuntu, Ubuntu 14.04, SharePoint, Windows Server 2003, SharePoint 2013, Percona, Amazon EC2, Heroku

Storage

MySQL, Elasticsearch, JSON, Azure Cosmos DB, Azure Active Directory, MySQL Clustering, Amazon S3 (AWS S3), Azure SQL, Google Cloud SQL, Datadog, JSON/XML Schemas, Memcached, Microsoft Exchange Server, Azure Blobs, MySQL Server, MariaDB, Redis, MongoDB, Google Cloud

Industry Expertise

Network Security

Other

WiFi, Octopus Deploy, Load Balancers, Proxy Servers, RETS, IDX, IDX Integration, RESTful Web Services, Network Protocols, Unix/Linux Virtualization, WordPress Plugins, Security Clearance, Build & Release Engineering, Caching, Amazon Route 53, WordPress Themes, HAProxy, GitFlow, Google, Business, Technical Leadership, DevOps Engineer, Cloud Architecture, Enterprise Architecture, CI/CD Pipelines, Infrastructure as Code (IaC), Azure CLI, Network Architecture, Team Leadership, IT Security, Azure Service Bus, Infrastructure Monitoring, JavaScript Libraries, SaaS, WebSockets, Google Cloud Functions, SSH, Private NPM Modules, HHVM, Platform as a Service (PaaS), Site Reliability Engineering (SRE), Network Design, SFTP, Cloud Computing, Cisco Networking, Security, VMware vCenter, TCP/IP, Transmission Control Protocol (TCP), Enterprise Resource Planning (ERP), Procurement, Acquisitions, IT, IoT Security, Compliance, GitOps, Leadership, Vendor Management, Software Development Lifecycle (SDLC), Operations

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring