My CV

As generalist...

I'm a well rounded technology person who is effective at bridging the development and business worlds.

I spend loads of personal hours every week researching and developing personal projects which allow me to keep ahead of emerging techniques, tools and thinking around software development, cryptography and information security.

I am a great communicator, and tend to gravitate towards building strong relationships with key stakeholders in any project I work on. I am a proponent of MVP and always try to steer stakeholders to focus on the user experience, and user value on any software project.

As technology specialist...

Hyper-scale Distributed Systems

I have immersed myself into the public cloud space, and in the process re-taught myself everything I know about distributed systems (and why they are hard). I am thoroughly convinced that the future will be wrapped in a Docker or RKT container, and deployed upon an ocean of Kubernetes nodes, and that the basic premise that software must run on a computer is now optional. Matching supply to demand is the new software economy, and the industry equaliser. Enterprises that sit back and believe that the size of their infrastructure investment is somehow a barrier to entry are going to be severely disrupted. Cassandra, Spark, R, Docker, Kubernetes, ETCD are my new weapons of choice, and AWS is my new horse! :)

Functional Programming

I've been inspired by functional programming for a while, and especially the potential to write code which has much fewer exploitable bugs by default. I have spend hundreds of hours on researching the topic, starting initially with Scala, then ML and F# and am currently busy with Haskell. I was fortunate enough to get a fair amount of F# into production through 2 previous projects, so had the ability to spend a few months of working hours also focusing on getting my coding DNA aligned with the functional universe :)

Javascript

Javascript is fast becoming my scripting and general purpose language of choice. Although it's a horrible language in it's native form, it's uniquity and ecosystem are awesome, and converters such as coffeescript and livescript can "fix" the language nasties anyway.

The ability to slant slightly object-oriented, or slightly functional as the problem requires it feels fluid, and it's a language that is constantly surprising me. The language I love to hate, but after Haskell is the one most often on my mind while I'm stuck in traffic...

Python

My previous do-anything language of choice. Quickly being replaced by Javascript as I find Python's support for asynchronous and functional programming lacking. Decent and simply implemented cryptography support means it's still my #1 crypto-calculator language for double checking test vectors etc.

C

Although less frequently, I am required to write a fair amount of C / C++ code - generally to be run within customized hardware security modules. It takes a couple days to get back into it, but I soon get into the groove and love the language (especially C - for it's simplicity). (rant) C is the language that absolutely every wannabe software developer should learn, and write at least 6 months of production code in - to many good lessons and concepts to mention. (/rant)

Objective-C

A surprisingly cool language that I needed to pickup while looking at IOS development for a proof of concept project I worked on. I ultra-love the ability to switch into C, but also the language is super modern with automatic reference counting, and asynchronous constructs optionally built in. I absolutely love the objective-c language additions - they are quirky and show their amazing history. I personally prefer languages like this over boring, clinical and soul-less others (which will remain unnamed...).

.NET

A great, solid, practical and easy to use language for everyday use. This is the language that I tend to recommend for most of the projects which I bootstrap, because it runs the least risk generally. Microsoft have done a great job of including a monumentally awesome standard library into the runtime, but produced an amazingly powerful core language.

As project specialist...

Director of Information Security Division

Synthesis Software Technologies, Johannesburg, South Africa

~ Dec 2004

In this role I manage a team of approx 8 developers deployed on various projects, interface directly with customers through the sales, contracting and implementation stages and dive into architecture and development head first to get projects up and running as effectively as possible.

I am passionate about writing secure, clean and bugfree code and am an agile and MVP evangelist. I used to be nuts about security, cryptography, vulnerabilities, penetration testing and the security industry and it's ecosystem. These days I prefer to focus my energy in areas which are more positive and creative, but I always have a slant towards developing applications which require higher levels of security, privacy and compliance.

Afgri Internet Banking
~ Feb 2014

I am bootstrapping a small, nimble and effective team to develop the next generation of Afgri's Internet Banking platform. Scrum process with a focus on MVP to manage the development, with business interaction on a daily basis to prioritise features. Technology platform is AngularJS frontend, ASP.NET WebAPI backend, integration into SAP PI core banking platform.

Investec Mauritius Online Banking
~ Oct 2010

From first line of code to live to the first client within 6 months. Fully transactional, multi-currency, multiple level authorization, auditable and secure platform that has become a key differentiator for Investec in the Mauritus market. Through the epic success of this delivery, this project has been used as blueprint for future development projects tackled by Investec. Combination of Scrum and Kanban project methodologies, managing a team of approximately 11 people. Technology platform is a very straightforward mix of ASP.NET MVC4 frontend, WCF Webservice backend, Java service layer integrating into the AS400 Bankfusion Equation core banking platform.

ABSA Zero Knowledge of PIN
~ Feb 2009

Secure the ABSA sign-in and registration process through termination of SSL/TLS web traffic within custom code running on Thales nShield HSM devices. Encryption of sensitive (generally PCI PSR / PCI DSS) parameters is done within the FIPS-140-3 boundary and re-originated from within the device en route to final destination. This infrastructure secures 1.3 million users, accessing ABSA web resources upto 4000 requests per minute, across multiple geographies. Technology platform is based upon the Thales nShield CodeSafe development environment which runs our C-language "Zero Knowledge of PIN" application on an emulated FreeBSD kernel.

Investec Issuer Script Generator
~ Oct 2011

Replacement of a heavyweight (read expensive) european EMV scripting engine with a lightweight and fit-for-purpose EMV issuer script generator tied into the card authorisation process handled by the AS400 card host. This application allows the management of cards post-issuance, supporting any number of issuer scripts to be delivered to a card while performing online authorisation, such as managing velocity counters, enabling/disabling contactless support, blocking/unblocking or even pin change. Technology platform is F# .net core service, with integration into a Thales nShield HSM for Secure Messaging encryption / signing. Administrative frontend developed in ASP.NET MVC4.

Senior Software Developer

African Defense Systems, Midrand, South Africa

~ Jan 2001 - Nov 2004

In this role I spent a lot of time writing military grade software against the MIL-STD-498 software development methodology. My focus areas were mainly in fire control, environmental and missile weapon simulation.

Artillery Fire Control System

Worked in the Ground-Based Command and Control Department as a software developer on an artillery command and control system. The system was written in Java using Sun Microsystems’ NetBeans Platform and targeted at the Linux platform. I was a member of the architecture team and was instrumental in redesigning the entire system from scratch after identifying a number of critical flaws in the prototype design. My responsibility on the project involved developing the core module infrastructure of the framework in order to support a pluggable and modular application. Later I was tasked with developing a digital elevation data processing module in C++ integrated into the core product (using Java Native Interface), as well as taking on the role of software configuration manager for the project.

Combat Team Trainer

Worked in the Simulator Systems Department as a Junior Software Developer on a combat-team trainer for the South African Navy’s Patrol Corvette (SANPC) Programme. I was solely responsible for the synthetic environment subsystem which provides the entire system with emulated real-world data of the vessel’s current situation. This simulation engine also allows visualization and modification of the surface situation by an instructor. I was partially responsible for writing both the surface-to-surface and surface-to-air missile console simulators which emulated the actual combat consoles linked to the vessel’s combat management system. This involved writing human-machine interface code as well as simulation of ballistics, flight-path and collision-detection code. The simulator was a complete success and I was instrumental in the delivery and rollout process which occurred over a period of 3 months in Simonstown, Cape Town.

As athlete...

Well... this is mostly in my dreams, but I do spend a lot of time on my 4 bicycles, either ripping up the neighbourhood trails on my singlespeed mountain bike, leading the peleton at the cradle of humankind on my road bike, exploring the drakensberg on my dual suspension mountain bike or trying to better my ironman bike split on my time-trial racing machine.

I have discovered that I really enjoy pushing myself to the next level in everything that I do.