Curriculum Vitae

March 29, 2022 5 minute read

Summary

πŸ‘‹ Hi, I’m Jonathan Pulsifer, a security engineer who fits into the Staff Engineer Tech Lead & Architect archetypes. I enjoy working with Open Source, Google Cloud Platform, Kubernetes, and Containers. Some might call me a sysadmin, some might call me a DevOps engineer, but I just like computers πŸ§‘β€πŸ’»

Employment History

Shopify, 2016-2021

Staff Infrastructure Security Engineer

I spent the majority of my time at Shopify on the Infrastructure Security team, where I was the engineering lead. My teams were responsible for reducing the blast radius of Shopify’s applications and services in production and cared about things like:

  • 🐳 Containers and Kubernetes
  • πŸ‘₯ Identity and Access Management
  • πŸ“ Infrastructure as Code
  • πŸ”’ Multi-tenancy Security
  • πŸ“¦ Secure Software Supply Chains
Positional Achievements:
  • Engineering lead for Cloud Security during the ☁️ migration
  • kubeaudit inventor
  • Production Engineering Hackdays 2018 πŸ₯‡ πŸ†
  • Quoted in the Google Cloud Blog when Grafeas launched
  • Artisanal just-in-time permissions management with sudo for the ☁️
  • Powered Shopify’s Support Quality Assurance system with Google Workspace Add-ons and a little bit of BigQuery ✨
  • … and many more!

Canadian Armed Forces, 2008-2015

I retired from the Canadian Armed Forces a Master Sailor working as what’s now called a Cyber Operator. I was a course developer for and the instructor of a computer network defence course, as well as a Senior Surveillance Analyst – I would describe this as being a team lead at a super spoopy πŸ‘» SOC.

Expand for more details

Canadian Forces Network Operations Centre

Senior Surveillance Analyst, 2012-2015

Technical lead for a group of surveillance analysts β€” providing focus and direction on computer security incident response, and incident handling on one of the largest computer networks in Canada.

Responsible for anomaly detection, network intrusion detection systems, alert triage, escalation of malware, botnet, and rookit behaviour. Engineered custom tools to increase the unit’s capability and assist in the generation of metadata. Produced end product reports, briefings, and incident reports.

Positional Achievements:
  • Commander Canadian Forces Information Operations Group Commendation “[…] His initiative, professionalism, and the ongoing benefits that have arisen from his leadership within Op ENVELOPE have brought great credit upon himself, his Unit, and the Formation.”

  • CFNOC Member of the Year (2014-2015) “Presented on behalf of the Canadian Forces Network Operations Centre for exceptional dedication, fellowship and professionalism to both the Unit and the Canadian Armed Forces from 1st Jul 2014 to 30th Jun 2015. All of these highly respected attributes have been witnessed on a daily basis and serve to motivate those around him. He epitomizes the highest standards that CFNOC adheres to and strives to help his peers achieve these same standards. Jonathan Pulsifer has been a true representative of CAF values and ethics and is held in the highest regard by co-workers and supervisors alike.”

  • Commanding Officer’s Coin Received for dedication to the unit and professional development during personal hours.

Canadian Forces School of Communications and Electronics

Lead Instructor - Computer Network Defence Analyst, 2012-2015

Employed as lead developer and instructor for the Computer Network Defence Analyst (CNDA) course. The four week CNDA course was created in order to provide basic level knowledge and skills required to be employed as a network analyst in the conduct of Defensive Cyber Operations (DCO). The CNDA course is comprised of two main sections.

The first section is intended to provide a fundamental understanding of the cyber environment in which the analyst operates and tools of the trade. The second section shifts focus to introduce students to the tradecraft of traffic analysis that enables the analyst to understand and identify when and how a given security posture has been compromised.

Canadian Forces School of Communications and Electronics

Building Security NCM, 2010-2011

Responsible to the Building Security NCO, duties included physical security and access control for a secure building and multiple SCIFS, classified publication accessibility, pass control and access control list management.

Canadian Army Doctrine and Training Centre HQ

Database Administrator, 2009-2010

Responsible for the creation and maintenance of a secure, distributed, relational database and front end which assisted in the management of over 100 personnel at the Directorate of Army Training. The database included functions such as mail merge, report generation, historical vacation day tracking, and updated positional information sourced from other intranet APIs.

SANS Institute, 2015

While still in the Navy, in 2015 I started to get involved with the SANS Institute as a mentor and co-instructor for SEC401 and SEC503. I also proctored exams for candidates in the National Capital Region, but fell off after joining Shopify πŸš€

Community, Memberships, & Volunteering

Whenever I have enough spoons πŸ₯„ left I like to give back to the community. Right now, I identify as a:

As a Google Developer Expert and Kubernetes community person, I host and partipate in Google Developer Group chapters and Cloud Native Computing Foundation meetups:

Here are some places where I’ve “kept the lights on” during times of digital transformation πŸ˜„

Courses, Competitions, Training, and Education

Certified Kubernetes Administrator (CKA)
LFS258: Kubernetes Fundamentals
LFS158x: Introduction to Kubernetes
SANS Canadian CyberTalent Competition πŸ₯‡
BSides Ottawa 2015 Capture the Flag Competition πŸ₯ˆ
SEC401: Security Essentials: Bootcamp Style
SEC503: Intrusion Detection In-Depth
SANS Mentor Training
Intrusion Detection and Extrusion Analysis Skills
Computer Network Defence Analyst
Short Course in Networks and Security
Instructor Supervisor
Advanced Instructional Techniques
Basic Instructional Techniques

Talks

Compliant Infrastructure as Code
Container Security Summit 2018 Keynote
Infrastructure Security 2.0
Keyless Entry: Securely Access GCP Services From Kubernetes
Securing Shopify’s PaaS on GKE
Securing the Software Supply Chain

Publications

How Shopify Governs Containers at Scale with Grafeas and Kritis
CEVO Client Information Disclosure