Principal Skills

Experience

OCT 2024 - PRESENT

Chief Engineer (Clarity Innovations) / Herndon, VA

The senior technical program leader for an eight-figure contract of 30+ senior engineers; responsible for design, implementation and execution of a highly complex cyber operations platform for customers by leading teams of senior engineers with technical excellence to rapidly achieve mission success in alignment with corporate and customer objectives.

Core Competencies and Accomplishments:

• Lead a program consisting of multiple teams of senior platform and software engineers on highly visible and complex federated Kubernetes platform with potential nation security implications by increasing cyber operator capabilities and robustness
• Stood up a team of senior platform and software engineers including setting and demonstrating standards for engineering excellence, conducting senior engineer on-boarding, and being intimately involved with writing cost estimates, proposals, and technical deep dives on solutions
• Designed and guided implementation for a state of the art federated system in Rust and NATS.io at the core of a complex distributed system for cyber operations
• Assisted in writing technical proposals for high priority and highly visible new contracts ensuring technical accuracy and clarity
• Selected as one of six mentors in an inaugural Technical Leadership Development Program out of a pool of several hundred
• Designed and developed WireGuard based remote access solution for secure enclave development
• Designed and developed declarative and deterministic hardware image build pipeline consisting of initial configuration and hardening ready for automated hardware deployment and stand up

FEB 2019 - FEB 2022 …(break for startup)... APR 2023 - OCT 2024

Principal Special Communications Software Engineer (Brilliant Solutions, Inc.) / Alexandria, VA

The senior technical subject matter expert (SME) responsible for design and implementation of highly secure solutions. Heavily involved in the software development life cycle, decisions and designs. Solutions are primarily for special communications systems utilized by government and military agencies in the Special Operations community in both first world and austere conditions. Responsible for overseeing all technical requirements and designs of the special communications development. Leads and advises a mixed team of active duty soldiers, contractors, and government civilians in all technical matters.

Core Competencies and Accomplishments:

• Designed and developed a GUI/Command Line tool for secure storage of classified information in a highly efficient manner with over 10x performance improvement gains previous tools (from 30MB/s to over 300MB/s)
• Built multiple CI/CD infrastructure pipelines for automated testing of code and solutions increasing security, reliability, and robustness of all systems
• Conducted detailed security reviews and analysis of vendor provided solutions and systems, discovering several CRITICAL vulnerabilities
• Designed and developed an automation system that increased efficiency of core offering by reducing stand up time over 90% and allowing horizontal scaling to meet demanding customer requirements
• Developed fully automated and highly flexible multi-cloud network obfuscation infrastructure in Python, Ansible, Terraform and Bash
• Formulated design strategies to integrate Brilliant Solution’s current and future offerings by advocating for new and novel uses of technology with new and prospective clients
• Assisted clients and business partners in defining and articulating complex requirements and gave guidance for secure by design and secure by default principles
• Lead architectural discussions of system designs, programming interfaces, and inter-dependencies of control/data plane, CI/CD, etc.
• Lead a diverse team through multiple highly complex and sensitive projects with an eye on high quality, security, and timely delivery
• Developed joint reference architectures, configuration guides, and security best practices documents to be made available to business partners.
• Lead and participated in test-driven development (TDD), solution architectural design and peer code reviews that included automation to prevent and detect security flaws in the phases of development
• Developed in-kernel network packet multiplexing system in Rust via eBPF
• Developed distributed intrusion detection system in Rust, Python and Bash
• Mentored junior through senior level engineers in security and software architecture best practices by defining and influencing processes to develop secure products and solutions
• Conducted design reviews and manual security assessments of software provided by vendors
• Developed low latency host security daemons in Rust
• Developed extendable and configurable network analysis tool in Rust

FEB 2022 - APR 2023

Software Engineer (Seaplane.io) / Mountain View, CA (Remote)

A Rust Software Engineer for an agile software based startup that is responsible for implementing, designing, and developing a globally distributed cloud platform and backend service for running highly complex and efficient automation workloads across all major cloud providers and regions. Responsible for writing and communicating complex design proposals and diagrams for technical audiences and colleagues as implementation and usage guides.

Core Competencies and Accomplishments:

• Designed and implemented the open source customer facing tools and the software development kit (SDK)/libraries for the entire platform which supports using Windows, macOS and Linux in both AMD64 and ARM64 architectures (Written in Rust)
• Designed and implemented a Linux routing daemon which listens for internal BGP anycast messages and updates the Linux kernel routing table based on specific metrics (written in Rust)
• Designed and implemented a Container Networking Interface (CNI) Plugin and daemon used with Podman to create and set up a custom Linux Network Namespace and networking interfaces connected to a custom Software Defined Network (SDN) using Open Virtual Network (OVN). (Written in Rust)
• Designed, implemented and documented a globally distributed software defined network for hundreds of production servers using OVN and spanning all major cloud providers and bare metal machines
• Worked on the team responsible for the platform that runs customer workloads seamlessly around the globe across all major cloud providers, edge providers and bare metal. This team's product is responsible for accepting customer intent and workload images and orchestrating them throughout the globe, monitoring utilization and making modifications and adjustments to placement in order to improve desired metrics such as latency, data locality, etc. (core components written in Rust)
• Implemented a comprehensive CI/CD pipeline for both internal and public facing tools and libraries standardizing builds across the company in a wide range of engineering skill sets and projects

OCT 2018 – FEB 2019

Senior Unix Engineer (Brilliant Solutions, Inc.) / Alexandria, VA

Responsible for an enterprise’s Unix and Linux fleet of servers. Over 100 servers in a mix of virtualized and physical environments distributed globally. Used Red Hat Enterprise Linux (RHEL) 6 and 7, CentOS 7, Ubuntu 18.04, macOS and Solaris 10. Responsible for security, maintenance and administration of these servers. During this role I was able to modernize many aspects of the fleet by utilizing automation through Ansible, Python, Rust and Bash which drastically reduced human error, and incidents reported. Required Rust, Python and Bash scripting, virtualized environments including ESXi, LXC/LXD, Docker, and traditional virtual machines, disassembling and Android APKs and distributed networking knowledge.

Core Accomplishments:

• Containerized multiple web based application deployments with Docker
• Developed Red Hat Satellite baseline and control daemon in Rust
• Instituted use of Ansible for automated configuration management of over 100 RHEL servers including the development of Playbooks and custom Roles

OCT 2015 – OCT 2018

Digital Media Forensics Specialist (U.S. Army) / Alexandria, VA

Conducts digital media exploitation and forensics as well as sensitive site exploitation supporting intelligence collection and coordination with the national intelligence community. Responsible for utilizing commercial products, including both Windows and Linux variants, to analyze digital media during various operations including security reviews and supporting intelligence collection. Software experience includes Cellebrite Physical Analyzer (as well as Touch and UFED4PC), Encase, Oxygen Forensics, Blacklight, Santoku Linux, and more.

May 2013 – Oct 2015

Special Communications Technician (U.S. Army) / Alexandria, VA

Responsible for the development, installation, operation, and maintenance of commercial and military special communications systems used by highly specialized small teams on a global scale. Formulates fielding strategies supporting all elements of unit special communications systems. Developed a unit and command wide standard operating procedure which encompassed procurement, testing, evaluation, maintenance, and lifecycle of all unit owned special communications systems. Responsible for conducting security reviews of the designed software architecture, operational testing and evaluation, and procurement of sensitive systems. Worked with other governmental agencies, national labs, and commercial vendors through all phases of the special communication lifecycle. Required working with many Linux systems and servers, Python and Bash scripting, virtualized environments including ESXi, LXC/LXD, Docker, and traditional virtual machines, disassembling and Android APKs.

Feb 2009 – OCT 2018

Forward Communications Operator (U.S. Army) / Alexandria, VA

Responsible for installation, operation, and maintenance of worldwide military and commercial communications infrastructure. This includes setup and operations of Windows Servers such as Domain Controllers, Exchange, and File servers. Also managed, set up, and maintained tactical radio networks (including IP based, HF, VHF, and SHF). Responsible for the installation and operation of Cisco based network stacks which connect via both satellite and commercial backhaul WANs over six world locations throughout multiple deployments to austere locations. Network systems supported a range of customers from highly specialized small teams in austere locations, to dozens of users grouped in clusters across multiple geographic and political boundaries. Commercial training includes courses such as Network+, Security+, Cisco CCNA, and KLAS Technologies.

Mar 2004 – Feb 2009 - Further work history and details available upon request

Open Source and Volunteer Projects

A more detailed and comprehensive list of projects can be found at https://kbknapp.dev/projects and https://github.com/kbknapp 

CLAP / github.com/clap-rs/clap

A full featured, extremely fast and modern Command Line Application framework for Rust

• Over 16,000 GitHub stars
• Over 632M downloads with many production users from very well-known top tier companies
• Top 35 most downloaded Rust crates (libraries) out of over 131k crates
• Over 17,700 known dependent packages (according to libraries.io)

Clarity Technical Leadership Development Program Mentor / clarityinnovations.com/

A mentorship program to assist upcoming technical leaders in the complex domain of cyber warfare solutions.

Rust Reach Mentor / reach.rust-lang.org/

A mentorship program to assist those under-represented in technology. Mentored two international individuals over a six month program in advanced systems programming using the Rust programming language.

Podcast Co-Host on Linux Dev Time / linuxdevtime.com

A podcast about Linux and Software Development, part of the Late Night Linux Podcast Network.

Violin / github.com/kbknapp/violin

A Rust implementation of the Vivaldi Network Coordinates system allowing accurate latency estimates between network systems. Written to function even in embedded systems without access to a standard library or memory allocation.