| Phone | 480-269-0609 |
| kochmanncody@gmail.com | |
| GitHub | https://github.com/CodyKochmann |
| https://www.linkedin.com/pub/cody-kochmann/57/268/6b1 | |
| @CKochmann |
I am a cloud architect, automation specialist, programming polyglot, security developer, teacher, and technical lead.
- I read manuals..
- I am very good at saving companies a lot of money.
- I comfortably code in a wide variety of languages.
- I am commonly the go to for advice before engineers go down another rabbit hole.
- If someone brings me a problem, I'm gonna quickly spot the issue somewhere most would never look.
- No matter how big or fast it is... I can make it faster.
Parts of following experience is intentionally vague to prevent information leakage.
Drove the development of the tools and workflows needed to quickly generate fresh development environments for isolated experiments. This unlocked the company from working out of the same shared development infrastructure and provided developers safe and isolated environments to work and experiment in independently.
| Company | Strake |
| Time | 2023 - 2023 |
| Technologies | GitHub, CloudFormation, BuildKite, Make, Python, Bash |
| Roles | Project Owner, Solutions Architect |
Lead, designed and implemented the entire company's GitLab organization, security layout, and repo architecture. This removed duplicate efforts, enabled developers to safely deploy on their own, and acted as the foundation of an entire culture change in the company to operate and develop more efficiently.
| Company | QOMPLX Inc. |
| Time | 2020 - 2023 |
| Technologies | GitLab |
| Roles | Project Owner, Solutions Architect, Security Architect, Teacher |
Designed and lead the development of CI/CD pipelines that would reshape how the entire company operated. My most proud achievement was inventing mechanisms for dynamic jinja based CI/CD pipelines. This allowed developers to code CI/CD logic in a language they already vividly understood. It also allowed pipelines the ability to alter themselves so teams could focus on the code/applications they were building instead of the infrastructure it would eventually be deployed to. This was one of many game changing discoveries that helped accelerate the company's productivity.
| Company | QOMPLX Inc. |
| Time | 2020 - 2023 |
| Technologies | GitLab, CI/CD |
| Languages | Python, Bash, Make, Jinja |
| Roles | Project Lead, Lead Solutions Architect, Security Architect, Teacher |
Lead, designed, and implemented many tools that provided deep insights to every corner of the company's infrastructure, development patterns, communication effectiveness, adoption rates and developer empowerment. That work provided primary cornerstones for the devops team to perform investigations and spot issues that previously would have silently hurt the company.
| Company | Strake |
| Time | 2023 - 2023 |
| Technologies | GitHub, CI/CD, BuildKite |
| Languages | Makefile, Bash |
| Roles | Project Lead, Lead Solutions Architect, Security Architect, Teacher |
and
| Company | QOMPLX Inc. |
| Time | 2020 - 2023 |
| Technologies | GitLab, SQLite3, CI/CD |
| Languages | Python, Golang, Makefile |
| Roles | Project Lead, Lead Solutions Architect, Security Architect, Teacher |
Researched, designed and implemented many iterations of runner architectures to provide highly reliable, isolated and safe execution environments for developers to safely test and deploy builds. This effort played a key role in eventually maturing teams to adopt fully test driven CI/CD pipeline deployments.
| Company | QOMPLX Inc. |
| Time | 2020 - 2023 |
| Technologies | Kubernetes, Docker, Linux Kernel Security, AWS EKS, AWS ECS, AWS EC2 |
| OS | Debian, Amazon Linux, CoreOS |
| Languages | Golang, Python, Make |
| Roles | Project Lead, Solutions Architect, Security Architect, Security Developer, System Admin, Teacher |
I was the lead security architect that laid out how the company was going to turn their adoption of kubernetes into an opportunity to vastly improve the company's security posture. This included designing how the isolation would work and be enforced between the network, cluster and application levels along with improved secrets management practices, permission models, risk assessment, and security scanning.
| Company | QOMPLX Inc. |
| Technologies | Kubernetes, AWS, GitLab |
| Time | 2020 - 2021 |
| Roles | Lead Security Architect, SME, Teacher |
Designed and built the company's centralized log collection using lessons learned from previous endeavors. Got close to breaking some world records and after handing off the project to other amazing people I eventually became the go to source of knowledge when they got stuck with future endeavors as they developed new designs.
| Company | QOMPLX Inc. |
| Time | 2019 - 2023 |
| Technologies | rsyslog/syslog-ng, Postgres, HPC AWS EBS, LVM, Loki, Grafana, ElasticSearch, Logstash, Kibana, Kafka, Kubernetes, Linux Kernel, AWS |
| OS | Debian, Amazon Linux, Ubuntu, CoreOS, CentOS |
| Languages | Golang, Python, Rust |
| Roles | Project Lead, AWS architect, Solutions Architect, SME, Teacher |
Designed and built the fastest free DDOS mitigation solution my company could find. This solution was able to block 720,000 new malicious hosts per minute across our entire distributed network.
| Company | Embedded Flight Systems Inc. |
| Time | 2016-2019 |
| Technologies | BerkleyDB, SQLite, BGP, Quagga, RabbitMQ, Linux Kernel |
| OS | CentOS |
| Languages | Python, JavaScript, Perl, PHP |
| Roles | support then project lead, software architect |
Reduced forecasted log aggregation costs by architecting a distributed ELK cluster designed to ingest and analyze host/network/app logs across our hybrid cloud/on-prem network.
| Company | Embedded Flight Systems Inc. |
| Time | 2017 - 2019 |
| Technologies | ElasticSearch, Logstash, Kibana, syslog/rsyslog/syslog-ng, Kafka, TensorFlow, Docker, Kubernetes, OpenShift, Linux Kernel, AWS, Digital Ocean, VMWare ESXI |
| OS | CoreOS, Kali Linux, Alpine, FreeBSD, CentOS |
| Languages | Golang, Python, Rust |
| Roles | project lead, AWS architect, software architect |
Built, tested and deployed a multitude of both home-brewed and enterprise container security systems to learn which were worth the company's time. This saved the company years of redeploying to different solutions to just shortcut to the best options.
| Company | Embedded Flight Systems Inc. |
| Time | 2017 - 2019 |
| Technologies | Twistlock, Sysdig, Aqua, HELK, Security Onion, OpenShift, Kubernetes, Docker, Amazon Lambda, Amazon ECS, Amazon EKS, Digital Ocean, Kubernetes, Google GKE |
| OS | Kali Linux, CoreOS, FreeBSD, CentOS, Alpine, Ubuntu |
| Languages | Python, Golang, Rust, C |
| Roles | project lead, container specialist, cloud architect |
Built, tested and deployed a multitude of netflow/packet capture/firewall log analysis tools to give the company deeper insight to AWS, on-prem, and container network traffic.
| Company | Embedded Flight Systems Inc. |
| Time | 2017 - 2019 |
| Technologies | PacketBeat, IPTables, Linux Kernel, Berkley Packet Filter, Juniper Netflow, ELK stack, Kafka |
| OS | Kali Linux, CoreOS, FreeBSD, CentOS, Alpine |
| Languages | Python, Rust |
| Roles | support then project lead, solutions architect, kernel developer |
Built an automated stock analysis framework that ingests stock metrics, generates predictions with ML libraries and predicts what the safest stock to invest in was at that moment.
| Company | self |
| Time | 2014 - current |
| Technologies | SQLite, BerkleyDB, RabbitMQ, Kafka, ElasticSearch, TensorFlow, Scikit Learn, Digital Ocean, AWS |
| OS | Debian, CoreOS, Alpine |
| Languages | Python, Rust, OpenCL, CUDA |
| Roles | all? |
I am the lead author and architect for all of the following projects.
Fully automated function fuzzer that within seconds can highlight every crash your code will raise over time. This has given quality assurance audits a serious run for their money due to how many undiscovered issues it is able to find in seconds.
The fastest pure python graph database available on pypi. This database combines the flexibility of graph databases with the portability and stability of SQLite.
Library that turns tiny functions into fully functional async queued services. This was inspired by the DDOS mitigation tool I wrote to give programmers a way to organize a ton of little async monitorable services within a single process or multiple cores.
A collection of function decorators that enable things like restricted global access, function overloading, async protection, and automatic crash logging. This library has allowed myself and many others to write more stable and predictable libraries in less time.
This started as a collection of special iterator tools and evolved into a library primed for writing high speed pipelines in a single line of pure python. This library has become my bread and butter for quickly solving problems that require pipeline processing.
All of the following were solid people I had the honor to work with and would love to work with again one day.
| Name | Position | Contact Information |
|---|---|---|
| Marcin Pohl | Systems / Security Engineer @ NASA | marcin.pohl@nasa.gov |
| Adam Younce | CTO @ Strake | ayounce@ripcord.net |
| Jim Treinen | CEO @ Strake | |
| Beck Norris | Information Security / Compliance Expert @ Frontier Airlines | rrnorris33@gmail.com |
| Mason Walton | Automation Engineer @QOMPLX | fin.mwalto7@gmail.com |
| Jason Hurley | Technical Lead @ QOMPLX | j.m.hurley@gmail.com |
| Nic Ladas | Senior Platform Architect @ Federal Reserve Bank | https://www.linkedin.com/in/nicladas/ |
| Christopher Mishaga | CISO @ NASA | christopher.a.mishaga@nasa.gov |