Sjon-Paul is available for hire
Hire Sjon-PaulSjon-Paul Brown
Verified Expert in Engineering
DevOps Engineer and Developer
Location
Eagle Mountain, UT, United States
Toptal Member Since
July 21, 2020
Sjon-Paul is a DevOps engineer who thrives on producing scalable systems and automation that stand the test of time. While deploying and managing software within the cloud, he understands and handles the complexities of the cloud so that everything works smoothly and scales. Sjon-Paul is also an advocate of creating secure, stable software and infrastructure that is predictable and maintainable over time.
Portfolio
Dapper Labs
Blockchain, Terraform, Ansible, Grafana, Prometheus...
Alteryx - DevOps Engineering Enablement
Cloud Security, Amazon Web Services (AWS), CI/CD Pipelines, Terraform...
Udacity
AWS IAM, Identity & Access Management (IAM), Role-based Access Control (RBAC)...
Experience
Availability
Full-time
Preferred Environment
Amazon Web Services (AWS), Teams, Slack, Visual Studio Code (VS Code), Docker, Linux, Blockchain, Google Cloud Platform (GCP)
The most amazing...
...thing I have helped engineer and maintain was the Flow blockchain network that provided service for NBA Top Shot, NFL ALL Day, Ticketmaster, etc.
Work Experience
Senior Infrastructure Engineer
2022 - PRESENT
Dapper Labs
- Developed automation that contributed to a 90% reduction in downtime during blockchain network upgrades.
- Identified and engineered cost savings opportunities to save over $1 million in operational infrastructure costs.
- Oversaw and developed a project to create automation to Bootstrap and deploy blockchain network to Kubernetes for advanced testing within the SDLC.
- Managed over 500 blockchain nodes and 300 TB of data.
- Owned and led all infrastructure changes to the Flow Blockchain.
- Managed and executed migration of observability stack that included migration of logs, metrics, synthetics, alerts, and dashboards.
- Created automation and processes to execute rolling deployments to blockchain nodes.
- Oversaw the capacity planning with a cloud provider to ensure infrastructure availability.
- Improved node availability by further distributing nodes across availability zones.
- Implemented tracing infrastructure to provide better observability into node operations.
Technologies: Blockchain, Terraform, Ansible, Grafana, Prometheus, Google Cloud Platform (GCP), Go, P2P, Linux, Kubernetes, Envoy Proxy, Cloudflare
AWS Cloud Security Engineer
2021 - 2021
Alteryx - DevOps Engineering Enablement
- Implemented and monitored organization cloud security services across the multi-tenant cloud.
- Architected, developed, and deployed a multi-tenant logging solution for multi-tenant cloud service logs to be delivered to SIEM.
- Implemented and presented a multi-tenant authorization proxy that centralized access to environments.
- Integrated databases to authorization proxy to centralize authentication and authorization.
- Coached engineers on software development and engineering.
- Presented implementations to engineering stakeholders, including VPs and directors of engineering.
Technologies: Cloud Security, Amazon Web Services (AWS), CI/CD Pipelines, Terraform, AWS Systems Manager, AWS IAM, SecOps, Web Application Firewall (WAF), SIEM, GitLab CI/CD, Ansible
Security Content Creator/Instructor
2021 - 2021
Udacity
- Developed a capstone project to display a student's technical ability.
- Designed and created exercises to guide students towards accumulating skills to complete a capstone project.
- Created and designed content and material to teach students.
Technologies: AWS IAM, Identity & Access Management (IAM), Role-based Access Control (RBAC), ABAC, Access Control
DevOps Engineering Contractor
2020 - 2021
Health IQ
- Created and implemented a log delivery mechanism for delivering CloudWatch logs to SIEM.
- Audited and evaluated the security of the AWS environment as well as third-party systems that maintained data.
- Helped implement credential management for containerized services.
- Evaluated current CI/CD processes and provided recommendations for streamlining builds/deployments.
- Evaluated resource utilization with costs to provide recommendations for reducing infrastructure costs.
Technologies: AWS Elastic Beanstalk, Amazon Simple Queue Service (SQS), Amazon Simple Email Service (SES), Amazon Kinesis, Amazon CloudWatch, AWS OpsWorks, New Relic, Sumo Logic, Amazon Web Services (AWS), SIEM
Senior DevOps Engineer
2020 - 2021
Built Technologies
- Created automation framework for creating GitHub repos and CI processes to enforce standard repo configurations.
- Managed and deployed web application firewalls (WAF) in front of all public-facing endpoints.
- Migrated the existing service infrastructure to the Terraform resources.
- Implemented highly available site-to-site IPSec tunnels in a multi-region capacity.
- Designed and created a custom passwordless authentication flow for Amazon Cognito.
- Created and implemented DevSecOps CI processes for executing static code analysis on purchase requisition (PR) creation.
- Migrated self-hosted and on-premise Sentry to Sentry.io.
- Constructed a cross-region and cross-account snapshot backup service for disaster recovery.
- Created a log delivery service for delivering logs to various providers.
Technologies: Amazon Web Services (AWS), AWS CodeBuild, AWS ALB, Web Application Firewall (WAF), Amazon CloudFront CDN, AWS CloudFormation, Terraform, Python, Docker, Amazon Cognito, DevSecOps, GitHub, Amazon API Gateway, Amazon Kinesis, Amazon Simple Queue Service (SQS)
AWS Engineer
2017 - 2020
Ramsey Solutions
- Supported the infrastructure and deployments for hundreds of services hosted on Amazon ECS and AWS Lambda.
- Developed automation for managing software and infrastructure deployments within CI/CD pipelines.
- Migrated the automation so that it could be more easily developed and tested.
- Developed AWS account automation and helped implement networking to connect environments.
- Created log service to ingest client-side log events.
- Migrated self-hosted git servers to AWS CodeCommit for better reliability.
Technologies: Amazon Web Services (AWS), Amazon Elastic Container Service (Amazon ECS), Amazon EC2, API Gateways, AWS Lambda, Linux, Ansible, Python, AWS CloudFormation, Docker
System Support Specialist
2017 - 2017
Connected Nation
- Improved the existing support solutions for internal employees.
- Helped with planning internal infrastructure migrations.
- Managed Linux servers used for mobile drive testing.
Technologies: Rackspace, Windows, Linux
Technical Support Assistant
2016 - 2017
Connected Nation
- Hosted and supported Linux servers used for mobile drive testing.
- Improved internal help desk support for remote and onsite employees.
- Managed internal hardware and software support requests.
Technologies: NGINX, Linux, Windows
End User Support Intern
2014 - 2016
Connected Nation
- Decreased the amount of time it took to image newly provisioned machines.
- Managed incoming support requests for internal and remote employees.
- Procured software and hardware for employees upon request.
Technologies: Windows
Experience
Blockchain Network Upgrade Automation
https://developers.flow.com/nodes/node-operation/sporkI developed automation that would be used to orchestrate and automate network upgrades for the Flow blockchain. This automation was used to orchestrate the stopping and starting of our network while handling the execution of state extraction over TBs of execution data. This automation was responsible for orchestrating the upgrades while providing the necessary hooks to allow decentralized partners to upgrade their nodes. This automation created a stable process that resulted in a 90% reduction in downtime during network upgrades.
Automated Blockchain Network Bootstrapping and Deployment
https://github.com/onflow/flow-go/tree/master/integration/benchnet2I developed and led a project to automate the bootstrapping and deployment of Flow blockchain networks to Kubernetes clusters. This project would be provided to partners and internal users to streamline the orchestration and deployment of networks so that they could benchmark and test changes in an isolated manner.
WAF Implementation
I managed and deployed a WAF solution across all public endpoints to ensure that malicious traffic was blocked before being delivered to our application. This required intense evaluation of existing traffic patterns to ensure that valid application traffic would not be blocked upon rollout. The entire solution was managed within the infrastructure as code to ensure the configurations could be enforced, audited, and automated.
GitHub Configuration and CI Framework
I managed the creation and implementation of a configuration framework to standardize and enforce GitHub repo configurations to ensure that repositories were correctly configured with the proper settings. This framework also allowed for the definition and orchestration of various CI processes that allowed for the parallelization of various CI process that would need to be executed throughout the SDLC. This created a framework for creating and enforcing repository standards while also providing the necessary CI infrastructure to allow for easy integration and execution of various workflows.
Multi-region IPSec Tunnel Implementation
I implemented a site-to-site IPsec VPN in a multi-region capacity. This IPSec VPN was configured from scratch and was configured to automatically recover from instance failures and rotations. This implementation ensured that the VPN was available in multiple regions and would automatically recover from failures while also ensuring that proper routing was dynamically configured.
Skills
Tools
Terraform, Amazon Elastic Container Service (Amazon ECS), AWS CloudFormation, AWS IAM, Amazon CloudWatch, Amazon CloudFront CDN, Ansible, AWS CodeBuild, Slack, NGINX, Amazon Cognito, GitHub, Amazon Simple Queue Service (SQS), Amazon Simple Email Service (SES), AWS OpsWorks, Sumo Logic, VPN, Amazon Athena, Grafana, Helm, Envoy Proxy, AWS Systems Manager, GitLab CI/CD
Paradigms
Continuous Delivery (CD), Continuous Integration (CI), DevOps, Test-driven Development (TDD), Serverless Architecture, Microservices Architecture, DevSecOps, Role-based Access Control (RBAC), ABAC
Platforms
AWS Lambda, Amazon EC2, Amazon Web Services (AWS), Blockchain, Google Cloud Platform (GCP), Linux, Docker, AWS ALB, Windows, Rackspace, AWS Elastic Beanstalk, New Relic, Visual Studio Code (VS Code), Kubernetes
Other
Amazon API Gateway, Cloudflare, AWS CodePipeline, Loki, Teams, API Gateways, Amazon Kinesis, SIEM, IPsec, Web Application Firewall (WAF), AWS WAF, Identity & Access Management (IAM), Access Control, Prometheus, P2P, Cloud Security, CI/CD Pipelines, SecOps
Languages
Python, SQL, Go, Bash
Storage
MySQL, Amazon S3 (AWS S3)
Education
2014 - 2017
Bachelor of Science Degree in Computer Information Technologies
Western Kentucky University - Bowling Green, KY, United States
Certifications
AUGUST 2017 - SEPTEMBER 2020
AWS Certified Developer — Associate
AWS
JULY 2017 - AUGUST 2020
AWS Certified Solutions Architect — Associate
AWS
Collaboration That Works
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
1
Share your needs
Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2
Choose your talent
Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3
Start your risk-free talent trial
Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.
Top talent is in high demand.
Start hiring