Eric Korte

Team: Developer Infrastructure

Services: Least Privileged AWS Permissions Model, 2-Way SSL Nginx Proxy, SCA and SAST scanning tools

• Designed a least privileged AWS permissions model used across hundreds of micro-services in shared AWS accounts to reduce security risk and providing teams permissions in these shared accounts to only resources they own.
• Operated and made enhancements to customer facing Nginx application leveraging 2-way SSL to send messages to intelligence agency customer.
• Executed case studies across several SCA and SAST scanning tools to compare reliability across many features in order to consolidate on tooling to save on cost and enhance CICD processes across the org.

Team: SecOps DevOps

Services: Tenable Security Center, Nessus, Steampipe, ePolicy Orchestrator, AWS Log Collector, Security Dashboards

• Designed and developed infrastructure and application code for a security suite to scan a classified ground system with hundreds of microservices, identifying vulnerabilities, system hardening needs, malware, NIST 800-171 compliance, and central logging. This system was used for weekly audits by an intelligence agency customer on a $300M/year contract, directly supporting mission-critical security assessments.
• Led a team in creating dashboards to report security audit events based on ICS 500-27 across AWS, Linux and Windows machines, enabling the detection and attribution of malicious activities in real-time.
• Architected and developed a dynamically scalable log aggregation platform used to collect logs from all AWS sources, Windows and Linux machines, forwarding them to Elasticsearch to power dashboards for security monitoring and incident response.

Team Developer Services

Services: GitHub, GitLab, Artifactory, Vault, AMQ, UAA, Eureka, AWS accounts

• Architected security focused, robust, fault tolerant, push button deploys, written in Terraform, deployed in AWS and air-gapped environments for tools such as GitHub, GitLab, Artifactory, Vault and AMQ.
• Wrote Terraform to automate Disaster Recovery and SSH key rotation in AWS using services such as Lambda and SSM Runbooks.
• Contributed to Kubernetes/Helm/Docker and builds and deployments via pipeline.
• Administered CICD tools such as GitHub, GitLab, Artifactory, Vault, AMQ, UAA, and Eureka.

Team: Mission Vehicle Management Team

Services: Java applications managing GPS satellites in orbit

• Involved in the development of mission software applications that consisted of Java Web Services that analyze the orbits and provide user control of the satellites that the GPS constellation is comprised of.
• Supported the continuous integration and functional testing of the orbital analysis software along with the rest of the enterprise applications that provide Earth modeling and atmospheric data in order to generate predictions of the orbits of the constellation.
• Developed automated functional tests that leveraged Cucumber and Eggplant testing frameworks.
• Lead the transition of System Engineers, Software Engineers, and Test Engineers to new platform environments while increasing automation across the environment and software setup procedures that were manual for many years.
• Provided support and maintenance to the team’s continuous integration development and production pipelines while collaborating directly with the Platform team.