Sjon-Paul Brown, Developer in Eagle Mountain, UT, United States
Sjon-Paul is available for hire
Hire Sjon-Paul

Sjon-Paul Brown

Verified Expert  in Engineering

DevOps Engineer and Developer

Location
Eagle Mountain, UT, United States
Toptal Member Since
July 21, 2020

Sjon-Paul is a DevOps engineer who thrives on producing scalable systems and automation that stand the test of time. While deploying and managing software within the cloud, he understands and handles the complexities of the cloud so that everything works smoothly and scales. Sjon-Paul is also an advocate of creating secure, stable software and infrastructure that is predictable and maintainable over time.

Portfolio

Dapper Labs
Blockchain, Terraform, Ansible, Grafana, Prometheus...
Alteryx - DevOps Engineering Enablement
Cloud Security, Amazon Web Services (AWS), CI/CD Pipelines, Terraform...
Udacity
AWS IAM, Identity & Access Management (IAM), Role-based Access Control (RBAC)...

Experience

Availability

Full-time

Preferred Environment

Amazon Web Services (AWS), Teams, Slack, Visual Studio Code (VS Code), Docker, Linux, Blockchain, Google Cloud Platform (GCP)

The most amazing...

...thing I have helped engineer and maintain was the Flow blockchain network that provided service for NBA Top Shot, NFL ALL Day, Ticketmaster, etc.

Work Experience

Senior Infrastructure Engineer

2022 - PRESENT
Dapper Labs
  • Developed automation that contributed to a 90% reduction in downtime during blockchain network upgrades.
  • Identified and engineered cost savings opportunities to save over $1 million in operational infrastructure costs.
  • Oversaw and developed a project to create automation to Bootstrap and deploy blockchain network to Kubernetes for advanced testing within the SDLC.
  • Managed over 500 blockchain nodes and 300 TB of data.
  • Owned and led all infrastructure changes to the Flow Blockchain.
  • Managed and executed migration of observability stack that included migration of logs, metrics, synthetics, alerts, and dashboards.
  • Created automation and processes to execute rolling deployments to blockchain nodes.
  • Oversaw the capacity planning with a cloud provider to ensure infrastructure availability.
  • Improved node availability by further distributing nodes across availability zones.
  • Implemented tracing infrastructure to provide better observability into node operations.
Technologies: Blockchain, Terraform, Ansible, Grafana, Prometheus, Google Cloud Platform (GCP), Go, P2P, Linux, Kubernetes, Envoy Proxy, Cloudflare

AWS Cloud Security Engineer

2021 - 2021
Alteryx - DevOps Engineering Enablement
  • Implemented and monitored organization cloud security services across the multi-tenant cloud.
  • Architected, developed, and deployed a multi-tenant logging solution for multi-tenant cloud service logs to be delivered to SIEM.
  • Implemented and presented a multi-tenant authorization proxy that centralized access to environments.
  • Integrated databases to authorization proxy to centralize authentication and authorization.
  • Coached engineers on software development and engineering.
  • Presented implementations to engineering stakeholders, including VPs and directors of engineering.
Technologies: Cloud Security, Amazon Web Services (AWS), CI/CD Pipelines, Terraform, AWS Systems Manager, AWS IAM, SecOps, Web Application Firewall (WAF), SIEM, GitLab CI/CD, Ansible

Security Content Creator/Instructor

2021 - 2021
Udacity
  • Developed a capstone project to display a student's technical ability.
  • Designed and created exercises to guide students towards accumulating skills to complete a capstone project.
  • Created and designed content and material to teach students.
Technologies: AWS IAM, Identity & Access Management (IAM), Role-based Access Control (RBAC), ABAC, Access Control

DevOps Engineering Contractor

2020 - 2021
Health IQ
  • Created and implemented a log delivery mechanism for delivering CloudWatch logs to SIEM.
  • Audited and evaluated the security of the AWS environment as well as third-party systems that maintained data.
  • Helped implement credential management for containerized services.
  • Evaluated current CI/CD processes and provided recommendations for streamlining builds/deployments.
  • Evaluated resource utilization with costs to provide recommendations for reducing infrastructure costs.
Technologies: AWS Elastic Beanstalk, Amazon Simple Queue Service (SQS), Amazon Simple Email Service (SES), Amazon Kinesis, Amazon CloudWatch, AWS OpsWorks, New Relic, Sumo Logic, Amazon Web Services (AWS), SIEM

Senior DevOps Engineer

2020 - 2021
Built Technologies
  • Created automation framework for creating GitHub repos and CI processes to enforce standard repo configurations.
  • Managed and deployed web application firewalls (WAF) in front of all public-facing endpoints.
  • Migrated the existing service infrastructure to the Terraform resources.
  • Implemented highly available site-to-site IPSec tunnels in a multi-region capacity.
  • Designed and created a custom passwordless authentication flow for Amazon Cognito.
  • Created and implemented DevSecOps CI processes for executing static code analysis on purchase requisition (PR) creation.
  • Migrated self-hosted and on-premise Sentry to Sentry.io.
  • Constructed a cross-region and cross-account snapshot backup service for disaster recovery.
  • Created a log delivery service for delivering logs to various providers.
Technologies: Amazon Web Services (AWS), AWS CodeBuild, AWS ALB, Web Application Firewall (WAF), Amazon CloudFront CDN, AWS CloudFormation, Terraform, Python, Docker, Amazon Cognito, DevSecOps, GitHub, Amazon API Gateway, Amazon Kinesis, Amazon Simple Queue Service (SQS)

AWS Engineer

2017 - 2020
Ramsey Solutions
  • Supported the infrastructure and deployments for hundreds of services hosted on Amazon ECS and AWS Lambda.
  • Developed automation for managing software and infrastructure deployments within CI/CD pipelines.
  • Migrated the automation so that it could be more easily developed and tested.
  • Developed AWS account automation and helped implement networking to connect environments.
  • Created log service to ingest client-side log events.
  • Migrated self-hosted git servers to AWS CodeCommit for better reliability.
Technologies: Amazon Web Services (AWS), Amazon Elastic Container Service (Amazon ECS), Amazon EC2, API Gateways, AWS Lambda, Linux, Ansible, Python, AWS CloudFormation, Docker

System Support Specialist

2017 - 2017
Connected Nation
  • Improved the existing support solutions for internal employees.
  • Helped with planning internal infrastructure migrations.
  • Managed Linux servers used for mobile drive testing.
Technologies: Rackspace, Windows, Linux

Technical Support Assistant

2016 - 2017
Connected Nation
  • Hosted and supported Linux servers used for mobile drive testing.
  • Improved internal help desk support for remote and onsite employees.
  • Managed internal hardware and software support requests.
Technologies: NGINX, Linux, Windows

End User Support Intern

2014 - 2016
Connected Nation
  • Decreased the amount of time it took to image newly provisioned machines.
  • Managed incoming support requests for internal and remote employees.
  • Procured software and hardware for employees upon request.
Technologies: Windows

Blockchain Network Upgrade Automation

https://developers.flow.com/nodes/node-operation/spork
I developed automation that would be used to orchestrate and automate network upgrades for the Flow blockchain. This automation was used to orchestrate the stopping and starting of our network while handling the execution of state extraction over TBs of execution data. This automation was responsible for orchestrating the upgrades while providing the necessary hooks to allow decentralized partners to upgrade their nodes. This automation created a stable process that resulted in a 90% reduction in downtime during network upgrades.

Automated Blockchain Network Bootstrapping and Deployment

https://github.com/onflow/flow-go/tree/master/integration/benchnet2
I developed and led a project to automate the bootstrapping and deployment of Flow blockchain networks to Kubernetes clusters. This project would be provided to partners and internal users to streamline the orchestration and deployment of networks so that they could benchmark and test changes in an isolated manner.

WAF Implementation

I managed and deployed a WAF solution across all public endpoints to ensure that malicious traffic was blocked before being delivered to our application. This required intense evaluation of existing traffic patterns to ensure that valid application traffic would not be blocked upon rollout. The entire solution was managed within the infrastructure as code to ensure the configurations could be enforced, audited, and automated.

GitHub Configuration and CI Framework

I managed the creation and implementation of a configuration framework to standardize and enforce GitHub repo configurations to ensure that repositories were correctly configured with the proper settings. This framework also allowed for the definition and orchestration of various CI processes that allowed for the parallelization of various CI process that would need to be executed throughout the SDLC. This created a framework for creating and enforcing repository standards while also providing the necessary CI infrastructure to allow for easy integration and execution of various workflows.

Multi-region IPSec Tunnel Implementation

I implemented a site-to-site IPsec VPN in a multi-region capacity. This IPSec VPN was configured from scratch and was configured to automatically recover from instance failures and rotations. This implementation ensured that the VPN was available in multiple regions and would automatically recover from failures while also ensuring that proper routing was dynamically configured.
2014 - 2017

Bachelor of Science Degree in Computer Information Technologies

Western Kentucky University - Bowling Green, KY, United States

AUGUST 2017 - SEPTEMBER 2020

AWS Certified Developer — Associate

AWS

JULY 2017 - AUGUST 2020

AWS Certified Solutions Architect — Associate

AWS

Tools

Terraform, Amazon Elastic Container Service (Amazon ECS), AWS CloudFormation, AWS IAM, Amazon CloudWatch, Amazon CloudFront CDN, Ansible, AWS CodeBuild, Slack, NGINX, Amazon Cognito, GitHub, Amazon Simple Queue Service (SQS), Amazon Simple Email Service (SES), AWS OpsWorks, Sumo Logic, VPN, Amazon Athena, Grafana, Helm, Envoy Proxy, AWS Systems Manager, GitLab CI/CD

Paradigms

Continuous Delivery (CD), Continuous Integration (CI), DevOps, Test-driven Development (TDD), Serverless Architecture, Microservices Architecture, DevSecOps, Role-based Access Control (RBAC), ABAC

Platforms

AWS Lambda, Amazon EC2, Amazon Web Services (AWS), Blockchain, Google Cloud Platform (GCP), Linux, Docker, AWS ALB, Windows, Rackspace, AWS Elastic Beanstalk, New Relic, Visual Studio Code (VS Code), Kubernetes

Languages

Python, SQL, Go, Bash

Storage

MySQL, Amazon S3 (AWS S3)

Other

Amazon API Gateway, Cloudflare, AWS CodePipeline, Loki, Teams, API Gateways, Amazon Kinesis, SIEM, IPsec, Web Application Firewall (WAF), AWS WAF, Identity & Access Management (IAM), Access Control, Prometheus, P2P, Cloud Security, CI/CD Pipelines, SecOps

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring