Kevin Knapp

Executive Summary

An accomplished Rust and Python software engineer with an active TOP SECRET (+SCI) Security Clearance who thrives at developing internal tooling, build systems, backend systems, network systems and automation. Areas of specialization include networking, command line tooling, Linux, distributed systems and those with high security requirements.

A senior / principal engineer with over 15 years of professional experience who takes pride in, and loves mentoring, growing, and leading teams into their full potential.

An active open source developer with a record of creating highly utilized projects and developing a community and ecosystem around them.

Principal Skills

Active TS/SCl Security Clearance (with outdated CI Polygraph)
Languages : Rust, Python, Bash, Go, C#.NET
Linux : Red Hat, CentOS, Fedora, Ubuntu, NixOS
Instructing / Teaching: courses include Digital Identity Management and Network Attribution, Programming/Scripting and Linux Operating Systems
Orchestration : Nomad, Consul, Kubernetes
Containerization and Virtualization : Docker, docker-compose, Podman, LXC/LXD, VMWare, Vagrant, VirtualBox, ESXi
Infrastructure as Code : Ansible, Terraform, Pulumi
Version Control : Git (+hosted platforms GitHub, GitLab, GitTea)
Cloud Environments : GCP, AWS, Azure, DigitalOcean, Linode
Networking : eBPF (XDP/TC), Cisco equipment, software defined networks (OVN, OVS)

CI/CD : GitHub Actions, GitLab CI, ArgoCD, TravisCI, CircleCI
Databases : PostgreSQL, SQLite3, Redis
Load Balancing and Routing : Envoy, ipvs, BGP, Anycast
Firewalls : iptables, firewalld, nftables, ufw
Storage : ZFS, btrfs, and GlusterFS
Monitoring : Prometheus, Grafana, Datadog, AlertManager, Node Exporter
Editors : (Neo)Vim
Data Formats and Configuration languages : JSON, TOML, YAML, HCL, INI, Jinja2, Nickel, Nix
Podcasting
Basic Level Spanish

Experience

OCT 2018 - FEB 2022 …(Seaplane IO)... APR 2023 - PRESENT

Principal Special Communications Engineer (Brilliant Solutions, Inc.) / Alexandria, VA

The senior technical subject matter expert (SME) responsible for design and implementation of highly secure solutions. Heavily involved in the software development life cycle, decisions and designs. Solutions are primarily for special communications systems utilized by government and military agencies in the Special Operations community in both first world and austere conditions. Responsible for overseeing all technical requirements and designs of the special communications development. Leads and advises a mixed team of active duty soldiers, contractors, and government civilians in all technical matters.

Core Competencies and Accomplishments:

Designed and developed a GUI/Command Line tool for secure storage of classified information in a highly efficient manner with over 10x performance improvement gains previous tools (from 30MB/s to over 300MB/s)
Built multiple CI/CD infrastructure pipelines for automated testing of code and solutions increasing security, reliability, and robustness of all systems
Conducted detailed security reviews and analysis of vendor provided solutions and systems, discovering several CRITICAL vulnerabilities
Designed and developed an automation system that increased efficiency of core offering by reducing stand up time over 90% and allowing horizontal scaling to meet demanding customer requirements
Developed fully automated and highly flexible multi-cloud network obfuscation infrastructure in Python, Ansible, Terraform and Bash
Formulated design strategies to integrate Brilliant Solution’s current and future offerings by advocating for new and novel uses of technology with new and prospective clients
Assisted clients and business partners in defining and articulating complex requirements and gave guidance for secure by design and secure by default principles
Lead architectural discussions of system designs, programming interfaces, and inter-dependencies of control/data plane, CI/CD, etc.
Lead a diverse team through multiple highly complex and sensitive projects with an eye on high quality, security, and timely delivery
Developed joint reference architectures, configuration guides, and security best practices documents to be made available to business partners.
Lead and participated in test-driven development (TDD), solution architectural design and peer code reviews that included automation to prevent and detect security flaws in the phases of development
Developed in-kernel network packet multiplexing system in Rust via eBPF
Developed distributed intrusion detection system in Rust, Python and Bash
Mentored junior through senior level engineers in security and software architecture best practices by defining and influencing processes to develop secure products and solutions
Conducted design reviews and manual security assessments of software provided by vendors
Developed low latency host security daemons in Rust
Developed extendable and configurable network analysis tool in Rust

FEB 2022 - APR 2023

Software Engineer (Seaplane IO) / Mountain View, CA (Remote)

A Rust Software Engineer for an agile software based startup that is responsible for implementing, designing, and developing a globally distributed cloud platform and backend service for running highly complex and efficient automation workloads across all major cloud providers and regions. Responsible for writing and communicating complex design proposals and diagrams for technical audiences and colleagues as implementation and usage guides.

Core Competencies and Accomplishments:

Designed and implemented the open source customer facing tools and the software development kit (SDK)/libraries for the entire platform which supports using Windows, macOS and Linux in both AMD64 and ARM64 architectures (Written in Rust)
Designed and implemented a Linux routing daemon which listens for internal BGP anycast messages and updates the Linux kernel routing table based on specific metrics (written in Rust)
Designed and implemented a Container Networking Interface (CNI) Plugin and daemon used with Podman to create and set up a custom Linux Network Namespace and networking interfaces connected to a custom Software Defined Network (SDN) using Open Virtual Network (OVN). (Written in Rust)
Designed, implemented and documented a globally distributed software defined network for hundreds of production servers using OVN and spanning all major cloud providers and bare metal machines
Worked on the team responsible for the platform that runs customer workloads seamlessly around the globe across all major cloud providers, edge providers and bare metal. This team's product is responsible for accepting customer intent and workload images and orchestrating them throughout the globe, monitoring utilization and making modifications and adjustments to placement in order to improve desired metrics such as latency, data locality, etc. (core components written in Rust)
Implemented a comprehensive CI/CD pipeline for both internal and public facing tools and libraries standardizing builds across the company in a wide range of engineering skill sets and projects

Feb 2009 – Oct 2018

Special Communications Operator (U.S. Army) / Alexandria, VA

Responsible for the development, installation, operation, and maintenance of commercial and military special communications systems used by highly specialized small teams on a global scale. Formulates fielding strategies supporting all elements of unit special communications systems. Developed a unit and command wide standard operating procedure which encompassed procurement, testing, evaluation, maintenance, and lifecycle of all unit owned special communications systems. Responsible for conducting security reviews of the designed software architecture, operational testing and evaluation, and procurement of sensitive systems. Worked with other governmental agencies, national labs, and commercial vendors through all phases of the special communication lifecycle. Required working with many Linux systems and servers, Python and Bash scripting, virtualized environments including ESXi, LXC/LXD, Docker, and traditional virtual machines, disassembling and Android APKs.

Professional Education

Senior Leader’s Course (Graduated with Honors) – 2017
Advanced Leader’s Course (Graduated with Honors) – 2016
Military Free Fall Course; P-HETC - 2012
Operations Training Course; SERE; Technical Surveillance Course - 2011
Basic Leader’s Course – 2008
Defense Messaging Systems and Tactical Messaging Systems Course – 2006
I.T. Specialist (MOS 25B) Training Course (Graduated with Honors) – 2006

Certifications

Cisco CCNA / 2013
CompTIA Security+ / 2011-PRESENT
CompTIA Network+ / 2008
Microsoft MCP / 2005

Open Source and Volunteer Projects

A more detailed and comprehensive list of projects can be found at https://kbknapp.dev/projects and https://github.com/kbknapp

CLAP / github.com/clap-rs/clap

A full featured, extremely fast and modern Command Line Application framework for Rust

Over 13,900 GitHub stars
Over 271M downloads with many production users from very well-known top tier companies
Top 35 most downloaded Rust crates (libraries) out of over 131k crates
Over 17,900 known dependent packages (according to libraries.io)

Rust Reach Mentor / reach.rust-lang.org/

A mentorship program to assist those under-represented in technology. Mentored two international individuals over a six month program in advanced systems programming using the Rust programming language.

Podcast Co-Host on Linux Dev Time / linuxdevtime.com

A podcast about Linux and Software Development, part of the Late Night Linux Podcast Network.

Violin / github.com/kbknapp/violin

A Rust implementation of the Vivaldi Network Coordinates system allowing accurate latency estimates between network systems. Written to function even in embedded systems without access to a standard library or memory allocation.