Table of Contents
👋 Hi, I’m Jonathan Pulsifer, a security engineer who fits into the Staff Engineer Tech Lead & Architect archetypes. I enjoy working with Open Source, Google Cloud Platform, Kubernetes, and Containers. Some might call me a sysadmin, some might call me a DevOps engineer, but I just like computers 🧑💻
Staff Infrastructure Security Engineer
I spent the majority of my time at Shopify on the Infrastructure Security team, where I was the engineering lead. My teams were responsible for reducing the blast radius of Shopify’s applications and services in production and cared about things like:
- 🐳 Containers and Kubernetes
- 👥 Identity and Access Management
- 📝 Infrastructure as Code
- 🔒 Multi-tenancy Security
- 📦 Secure Software Supply Chains
- Engineering lead for Cloud Security during the ☁️ migration
- kubeaudit inventor
- Production Engineering Hackdays 2018 🥇 🏆
- Quoted in the Google Cloud Blog when Grafeas launched
- Artisanal just-in-time permissions management with
sudofor the ☁️
- Powered Shopify’s Support Quality Assurance system with Google Workspace Add-ons and a little bit of BigQuery ✨
- … and many more!
Canadian Armed Forces, 2008-2015
I retired from the Canadian Armed Forces a Master Sailor working as what’s now called a Cyber Operator. I was a course developer for and the instructor of a computer network defence course, as well as a Senior Surveillance Analyst – I would describe this as being a team lead at a super spoopy 👻 SOC.
Expand for more details
Canadian Forces Network Operations Centre
Senior Surveillance Analyst, 2012-2015
Technical lead for a group of surveillance analysts — providing focus and direction on computer security incident response, and incident handling on one of the largest computer networks in Canada.
Responsible for anomaly detection, network intrusion detection systems, alert triage, escalation of malware, botnet, and rookit behaviour. Engineered custom tools to increase the unit’s capability and assist in the generation of metadata. Produced end product reports, briefings, and incident reports.
Commander Canadian Forces Information Operations Group Commendation “[…] His initiative, professionalism, and the ongoing benefits that have arisen from his leadership within Op ENVELOPE have brought great credit upon himself, his Unit, and the Formation.”
CFNOC Member of the Year (2014-2015) “Presented on behalf of the Canadian Forces Network Operations Centre for exceptional dedication, fellowship and professionalism to both the Unit and the Canadian Armed Forces from 1st Jul 2014 to 30th Jun 2015. All of these highly respected attributes have been witnessed on a daily basis and serve to motivate those around him. He epitomizes the highest standards that CFNOC adheres to and strives to help his peers achieve these same standards. Jonathan Pulsifer has been a true representative of CAF values and ethics and is held in the highest regard by co-workers and supervisors alike.”
Commanding Officer’s Coin Received for dedication to the unit and professional development during personal hours.
Lead Instructor - Computer Network Defence Analyst, 2012-2015
Employed as lead developer and instructor for the Computer Network Defence Analyst (CNDA) course. The four week CNDA course was created in order to provide basic level knowledge and skills required to be employed as a network analyst in the conduct of Defensive Cyber Operations (DCO). The CNDA course is comprised of two main sections.
The first section is intended to provide a fundamental understanding of the cyber environment in which the analyst operates and tools of the trade. The second section shifts focus to introduce students to the tradecraft of traffic analysis that enables the analyst to understand and identify when and how a given security posture has been compromised.
Building Security NCM, 2010-2011
Responsible to the Building Security NCO, duties included physical security and access control for a secure building and multiple SCIFS, classified publication accessibility, pass control and access control list management.
Database Administrator, 2009-2010
Responsible for the creation and maintenance of a secure, distributed, relational database and front end which assisted in the management of over 100 personnel at the Directorate of Army Training. The database included functions such as mail merge, report generation, historical vacation day tracking, and updated positional information sourced from other intranet APIs.
SANS Institute, 2015
While still in the Navy, in 2015 I started to get involved with the SANS Institute as a mentor and co-instructor for SEC401 and SEC503. I also proctored exams for candidates in the National Capital Region, but fell off after joining Shopify 🚀
Community, Memberships, & Volunteering
Whenever I have enough spoons 🥄 left I like to give back to the community. Right now, I identify as a:
- Google Developer Expert
- Kubernetes Product Security Committee emeritus member
- GIAC Advisory Board member
Here are some places where I’ve “kept the lights on” during times of digital transformation 😄
Courses, Competitions, Training, and Education
|Certified Kubernetes Administrator (CKA)|
|LFS258: Kubernetes Fundamentals|
|LFS158x: Introduction to Kubernetes|
|SANS Canadian CyberTalent Competition 🥇|
|BSides Ottawa 2015 Capture the Flag Competition 🥈|
|SEC401: Security Essentials: Bootcamp Style|
|SEC503: Intrusion Detection In-Depth|
|SANS Mentor Training|
|Intrusion Detection and Extrusion Analysis Skills|
|Computer Network Defence Analyst|
|Short Course in Networks and Security|
|Advanced Instructional Techniques|
|Basic Instructional Techniques|
|Compliant Infrastructure as Code|
|Container Security Summit 2018 Keynote|
|Infrastructure Security 2.0|
|Keyless Entry: Securely Access GCP Services From Kubernetes|
|Securing Shopify’s PaaS on GKE|
|Securing the Software Supply Chain|
|How Shopify Governs Containers at Scale with Grafeas and Kritis|
|CEVO Client Information Disclosure|