Principal Skills

Experience

OCT 2024 - PRESENT

Chief Engineer (Clarity Innovations) / Herndon, VA

Senior Technical Program Lead for an eight-figure cyber operations platform, directing 30+ senior engineers across multiple teams. Accountable for system architecture, program execution, and delivery of a highly complex, mission-critical platform. Drove rapid operational capability growth while aligning engineering outcomes with both corporate strategy and customer mission objectives.

Core Competencies and Accomplishments:

• Built and led a multi-team engineering program delivering a highly visible, federated Kubernetes-based platform with national security impact, significantly increasing cyber operator capability, scalability, and operational resilience.
• Established and scaled high-performance engineering teams by setting technical standards, leading senior engineer onboarding, and driving engineering excellence across platform and software disciplines.
• Architected a state-of-the-art distributed cyber operations system, led the design and implementation of a federated architecture using Rust and NATS.io to enable secure, resilient, and high-performance inter-system communication.
• Played a key role in capture and proposal efforts for high-priority contracts by contributing technical strategy, cost estimates, solution deep dives, and architecture narratives that improved proposal quality and competitiveness.
• Selected as 1 of 6 mentors for the inaugural Technical Leadership Development Program, chosen from several hundred candidates to coach and develop emerging technical leaders.
• Designed and implemented a secure WireGuard-based remote access solution enabling protected development within sensitive enclave environments while maintaining strong security and usability.
• Developed a declarative, deterministic hardware image build pipeline for secure system provisioning, including automated baseline configuration and hardening, enabling rapid, repeatable hardware deployment at scale.

FEB 2019 - FEB 2022 …(break for startup)... APR 2023 - OCT 2024

Principal Special Communications Software Engineer (Brilliant Solutions, Inc.) / Alexandria, VA

Senior Technical Subject Matter Expert (SME) leading the design and implementation of highly secure communications solutions supporting government and military Special Operations missions in both advanced and austere environments.

Serve as a key technical authority throughout the full software and systems development lifecycle, guiding architecture, security design, and technology selection for mission-critical special communications capabilities. Own technical requirements and system design direction, ensuring solutions meet stringent security, reliability, and operational resilience standards.

Provide technical leadership and mentorship to a diverse, cross-functional team of active-duty personnel, government civilians, and contractors, aligning engineering execution with mission needs and operational realities.

Core Competencies and Accomplishments:

• Engineered high-performance secure data handling tools (GUI + CLI) for classified environments, achieving 10× throughput improvements over legacy solutions (30 MB/s → 300+ MB/s).
• Built and matured multiple CI/CD pipelines for automated testing, security scanning, and deployment, significantly improving system reliability, repeatability, and security posture.
• Led in-depth security assessments of vendor systems, identifying multiple critical vulnerabilities and driving remediation before production deployment.
• Architected and delivered a core automation platform that reduced system stand-up time by over 90% and enabled seamless horizontal scaling to meet demanding operational requirements.
• Developed a fully automated, multi-cloud network obfuscation infrastructure using Python, Ansible, Terraform, and Bash to support resilient and discreet operations.
• Designed and implemented an in-kernel packet multiplexing capability using Rust and eBPF, enabling high-performance, low-overhead network traffic control.
• Built a distributed intrusion detection and host security ecosystem in Rust and Python, including low-latency host-based security daemons and network analysis tooling.
• Led system architecture and design efforts across control plane, data plane, CI/CD, and inter-service interfaces, ensuring secure, scalable, and maintainable solutions.
• Guided clients and partners in defining complex technical requirements, championing secure-by-design and secure-by-default engineering principles.
• Produced joint reference architectures, configuration guides, and security best practices adopted by business partners to standardize and harden deployments.
• Led and mentored engineers across experience levels, raising engineering standards through design reviews, peer code reviews, TDD practices, and secure development process improvements.

FEB 2022 - APR 2023

Software Engineer (Seaplane.io) / Mountain View, CA (Remote)

Rust software engineer at a fast-moving startup building a globally distributed cloud platform for running complex, performance-sensitive automation workloads across major cloud providers, edge environments, and bare metal. Lead the design and development of core networking, orchestration, and developer-facing platform components that enable secure, efficient, and location-aware workload execution at global scale.

Regularly author detailed design proposals, architecture diagrams, and technical documentation to align engineering teams and provide clear implementation and integration guidance for internal and external technical stakeholders.

Core Competencies and Accomplishments:

• Architected and built the platform’s open-source customer toolchain and SDK in Rust, delivering cross-platform support for Windows, macOS, and Linux on AMD64 and ARM64. Enabled developers to integrate and deploy workloads seamlessly across the global platform.
• Designed and implemented a Linux routing daemon in Rust that consumes internal BGP anycast updates and dynamically programs kernel routing tables based on real-time performance and policy metrics.
• Built a production-grade CNI plugin and companion daemon (Rust) for Podman, enabling creation of custom Linux network namespaces and interfaces connected to a distributed OVN-backed software-defined network (SDN).
• Designed, deployed, and documented a globally distributed SDN spanning hundreds of production nodes across all major cloud providers and bare metal environments, providing a unified and programmable networking layer for customer workloads.
• Core contributor to a global workload orchestration platform responsible for placing and managing customer workloads across cloud, edge, and bare metal infrastructure. Helped design systems that interpret customer intent, optimize placement for latency and data locality, and continuously rebalance workloads based on real-time telemetry. (Core services implemented in Rust.)
• Implemented a comprehensive CI/CD framework for both internal services and public SDKs, standardizing build, test, and release processes across diverse engineering teams and significantly improving delivery consistency and quality.

OCT 2018 – FEB 2019

Senior Unix Engineer (Brilliant Solutions, Inc.) / Alexandria, VA

Responsible for an enterprise’s Unix and Linux fleet of servers. Over 100 servers in a mix of virtualized and physical environments distributed globally. Used Red Hat Enterprise Linux (RHEL) 6 and 7, CentOS 7, Ubuntu 18.04, macOS and Solaris 10. Responsible for security, maintenance and administration of these servers. During this role I was able to modernize many aspects of the fleet by utilizing automation through Ansible, Python, Rust and Bash which drastically reduced human error, and incidents reported. Required Rust, Python and Bash scripting, virtualized environments including ESXi, LXC/LXD, Docker, and traditional virtual machines, disassembling and Android APKs and distributed networking knowledge.

Core Accomplishments:

• Containerized multiple web based application deployments with Docker
• Developed Red Hat Satellite baseline and control daemon in Rust
• Instituted use of Ansible for automated configuration management of over 100 RHEL servers including the development of Playbooks and custom Roles

OCT 2015 – OCT 2018

Digital Media Forensics Specialist (U.S. Army) / Alexandria, VA

Conducts digital media exploitation and forensics as well as sensitive site exploitation supporting intelligence collection and coordination with the national intelligence community. Responsible for utilizing commercial products, including both Windows and Linux variants, to analyze digital media during various operations including security reviews and supporting intelligence collection. Software experience includes Cellebrite Physical Analyzer (as well as Touch and UFED4PC), Encase, Oxygen Forensics, Blacklight, Santoku Linux, and more.

May 2013 – Oct 2015

Special Communications Technician (U.S. Army) / Alexandria, VA

Responsible for the development, installation, operation, and maintenance of commercial and military special communications systems used by highly specialized small teams on a global scale. Formulates fielding strategies supporting all elements of unit special communications systems. Developed a unit and command wide standard operating procedure which encompassed procurement, testing, evaluation, maintenance, and lifecycle of all unit owned special communications systems. Responsible for conducting security reviews of the designed software architecture, operational testing and evaluation, and procurement of sensitive systems. Worked with other governmental agencies, national labs, and commercial vendors through all phases of the special communication lifecycle. Required working with many Linux systems and servers, Python and Bash scripting, virtualized environments including ESXi, LXC/LXD, Docker, and traditional virtual machines, disassembling and Android APKs.

Feb 2009 – OCT 2018

Forward Communications Operator (U.S. Army) / Alexandria, VA

Responsible for installation, operation, and maintenance of worldwide military and commercial communications infrastructure. This includes setup and operations of Windows Servers such as Domain Controllers, Exchange, and File servers. Also managed, set up, and maintained tactical radio networks (including IP based, HF, VHF, and SHF). Responsible for the installation and operation of Cisco based network stacks which connect via both satellite and commercial backhaul WANs over six world locations throughout multiple deployments to austere locations. Network systems supported a range of customers from highly specialized small teams in austere locations, to dozens of users grouped in clusters across multiple geographic and political boundaries. Commercial training includes courses such as Network+, Security+, Cisco CCNA, and KLAS Technologies.

Mar 2004 – Feb 2009 - Further work history and details available upon request

Open Source and Volunteer Projects

A more detailed and comprehensive list of projects can be found at https://kbknapp.dev/projects and https://github.com/kbknapp 

CLAP / github.com/clap-rs/clap

A full featured, extremely fast and modern Command Line Application framework for Rust

• Over 16,000 GitHub stars
• Over 632M downloads with many production users from very well-known top tier companies
• Top 35 most downloaded Rust crates (libraries) out of over 131k crates
• Over 17,700 known dependent packages (according to libraries.io)

Clarity Technical Leadership Development Program Mentor / clarityinnovations.com/

A mentorship program to assist upcoming technical leaders in the complex domain of cyber warfare solutions.

Rust Reach Mentor / reach.rust-lang.org/

A mentorship program to assist those under-represented in technology. Mentored two international individuals over a six month program in advanced systems programming using the Rust programming language.

Podcast Co-Host on Linux Dev Time / linuxdevtime.com

A podcast about Linux and Software Development, part of the Late Night Linux Podcast Network.

Violin / github.com/kbknapp/violin

A Rust implementation of the Vivaldi Network Coordinates system allowing accurate latency estimates between network systems. Written to function even in embedded systems without access to a standard library or memory allocation.