I'm a Cloud Architect for DICK'S Sporting Goods who is driven to solve hard problems and adapt to a fast-paced and ever changing environment. I strive to create and support systems that not only function efficiently under the hood, but also are stable and scalable for consistent future use. I am always looking forward to the next iteration of faster more efficient technology with custom PC building a favourite past-time. When I'm not in front of a computer screen, I'm probably hiking, skiing, hammocking, managing musical productions, adventuring with the pup, or getting lost in a novel.
David Dobmeier
[email protected]
Master's Degree • Computer Science • December 2018
GPA: 4.0/4.0
Associations: Sigma Alpha Pi, UB Honors College, Robotics Club, UB ACM (Association for Computing Machinery), Schussmeister's Ski Club, IEEE
Coursework: Computer Systems Administration, Information Assurance, Computer Security, Large-Scale Distributed Systems, Modern Networking Concepts,
Advanced Wireless Networking, Millimeter-Wave Networking, Operating Systems, Algorithms for Modern Computer Systems
B.S. Degree • Computer Science • August 2016
GPA: 3.8/4.0
Associations: Sigma Alpha Pi, UB Honors College, Robotics Club, UB ACM (Association for Computing Machinery), Schussmeister's Ski Club, IEEE
Coursework: Software Engineering, Data Structures, Programming Languages, Algorithm Analysis and Design, Digital Systems, Discrete Structures, Theory of Computation
Sr. Cloud Engineer• August 2020 - Present
Partnered directly with product teams to architect solutions, implement new platform capabilities, and remove blockers for a more streamlined development experience. Automated upgrade life-cycle and day two operations with Infrastructure as Code and CI/CD to ensure stable operations across the platform toolchain. Redesigned the deployment of core platform services like Hashicorp Vault, Sonarqube, Prometheus, Github Actions, and Concourse to increase reliability. Collaborated across the tech organization on large initiatives in the Azure Cloud, Monitoring, Networking, and Security domains as part of the Cloud Center of Excellence. Developed best-practice Terraform modules with corresponding reference architectures for Azure Services and worked closely with product teams to teach the process of infrastructure deployments via IaC. Maintained and upgraded large scale deployments of Pivotal Cloud Foundry and Kubernetes supporting critical applications.
Cloud Engineer II• August 2017 - August 2020
Consulted and Engineered solutions for companies worldwide, including those in the Fortune 10 and Government sector, in the creation and deployment of open source cloud management solutions. Deployed and maintained large scale application platforms as well as built tools and infrastructure to automate Cloud Foundry, Kubernetes, and Bosh. Leveraged Infrastructure as Code, CI/CD, and DevOps principles to deploy and scale complex systems in a repeatable and efficient manner. Contributed to and released several large scale open-source projects into the Stark & Wayne, Cloud Foundry Community, Shield Project, Genesis Community, and Blacksmith Community organizations as well as several others.
Development Team Lead• August 2015 - Present
Responsible for leading a team in developing an Autograding system capable of providing real-time feedback for coding assignments that is language agnostic and can detect academic integrity violations. Developed the back-end distributed system in python which allowed jobs to be dispatched onto a scalable cluster of servers for efficient and reliable processing. Ensured the servers and infrastructure were capable of supporting the daily load of 2500+ students as well as prepared for future scalability with increased performance and stability.
Adjunct Professor Of Practice• August 2019 - June 2020
Taught CSE410 - Modern Infrastructure Operations for junior and senior-level students that covered a variety of topics including capacity and network planning, equipment racking, installation and configuration of physical servers, physical and digital security practices and implications, virtualization and containerization, implementation of Infrastructure as Code, and tools and practices for monitoring production infrastructure. The course was designed to be a very hands-on experience, focused on the practical application of systems planning and administration using modern Agile and DevOps methodologies.
Systems Administrator • July 2012 - September 2017
Analyzed computing and network needs in order to implement appropriate solutions within the organization. Administered servers both physical and virtual, workstations, phones, remote locations and recommended future upgrades. Researched and implemented a Disaster Recovery procedure including a solution that would allow all services to be available within 5 minutes regardless of the disaster scale. Virtualized major servers to allow for more cost effective, centralized upgrades as well as improved redundancy in the event of a hardware malfunction. Implemented a new procedure of remote software deployment and master images for simple and seamless upgrades of user workstations in addition to reliable asset tracking. Redesigned the server room layout to be more organized including strategic server, patch panel, and switch layout which aided cable management and troubleshooting efficiency. Worked closely and effectively with users to provide efficient technical support and informative documentation for hardware and software systems.
Undergraduate Teaching Assistant• February 2015 - December 2017
Designed homeworks/projects, performed grading, and instructed students both in group settings and 1-on-1 in Modern Networking Concepts, Software Engineering, Operating Systems, Data Structures, Intro to the Internet, Intro to CS I, and Intro to CS II
Systems: VMware vSphere, AWS, GCP, Azure, OpenStack, Linux/Unix, Windows Server
Platforms: Kubernetes, Cloud Foundry, EKS, GKE, AKS, Rancher, VMware Tanzu
Networks/Protocols: LAN/WAN, TCP/IP, DNS, DHCP, NAT, SNMP, SMTP, FTP, VPN, HTTP
Programming Languages: Go, Python, Shell Scripting, C/C++, JavaScript, Java, Ruby
Hardware: Cisco Routers, Switches, WAPs, ASAs, Netgear Switches, EMC SAN, Workstations, Servers(HP, Dell, IBM, SuperMicro)
Software: Terraform, Concourse, Jenkins, Wireshark, AD, Office Suite
July 2016 - Present
Autolab is a course management service, initially developed by a team of students at Carnegie Mellon University and University at Buffalo, that enables instructors to offer autograded programming assignments to their students over the Web. The two key ideas in Autolab are autograding, that is, programs evaluating other programs, and scoreboards. Autolab also provides other services that instructors expect in a course management system, including gradebooks, rosters, handins/handouts, lab writeups, code annotation, manual grading, late penalties, grace days, cheat checking, meetings, partners, and bulk emails. I am currently leading the development team at University at Buffalo as well as conducting the release engineering and future architecture roadmap.
February 2016 - Present
Tango is a standalone RESTful Web service that runs and manages jobs for Autolab It handles the provisioning of docker containers, testing of student code, and result reporting to the Autolab WebUI. I was Responsible for implementing the job queue and scheduler as well as implementing the ability for tango to act as a distributed system across compute nodes with a centralized job manager to more effectively process jobs at a larger scale.
April 2018 - Present
Doomsday is a application that monitors the expiration dates of certificates in Vault, Credhub, and PCF Ops-Manager. It serves as a warning system to prevent the unknown expiration of certificates and the catastrophe that inevitably follows. I implemented the Credhub, and OpsManager interfaces to pull certificates from their respective credential stores as well as assisted in the implementation of the CLI and WebUI
August 2017 - August 2020
Genesis is a tool that facilitates a BOSH deployment paradigm based on localization of general manifests to more specific environments, allowing re-use of common structure (jobs, releases, properties, etc.) across multiple installations. I wrote and contributed to several deployment kits including the cf-kit, bosh-kit, shield-kit, concourse-kit, jumpbox-kit, vault-kit, prometheus-kit, and minio-kit.
August 2017 - July 2020
SHIELD is a data protection solution designed to make it easier for operations to protect their critical infrastructural data. It provides primitives for scheduling automatic backups of key systems, including PostgreSQL, MySQL, Consul, Redis and MongoDB, as well as a means for restoring backups in the event of an outage. Backups can be stored in a variety of cloud providers, including S3, Scality, Microsoft Azure Blobstore, and more. I am one of the main contributors for Shield v8 which added an entirely new CLI, WebUI, Multi-Tenancy and Encryption at Rest support.
July 2017 - September 2019
Cloud Foundry BOSH is an open source tool chain for release engineering, deployment and lifecycle management of large scale distributed services. I have worked with the maintainers to identify and create patches for bugs in both the core as well as the CPIs, especially where air-gapped networks come into play. I have also worked to create and maintain several BOSH releases including the shield-boshrelease, service-fabric-boshrelease, vault-boshrelease, doomsday-boshrelease, jumpbox-boshrelease, and softhsm-boshrelease.
March 2018
The Vault-Broker provides an implementation of the open service broker API for HashiCorp's Vault. The service broker connects to an existing Vault cluster and can be used by multiple tenants within Cloud Foundry. This allows Cloud Foundry applications to be bound to a vault for secure secret generation and storage. I added High-Availability support for the broker such that if one of the backend vaults is unresponsive/down/unreachable, then the broker can failover to another vault in the cluster.
February 2018
SoftHSM is an implementation of a cryptographic store accessible through a PKCS #11 interface. You can use it to explore PKCS #11 without having a Hardware Security Module. I implemented support for CKM_GENERIC_SECRET_KEY_GEN which is required for HMAC operations in PKCS11 2.4.0.
Aug 2016 – Jan 2017
The recent 802.11n standard introduces a variety of mechanisms at the PHY and MAC layers (more aggressive modulation and coding schemes, frame aggregation, channel bonding, short guard interval) offering wireless bitrates as high as 600 Mbps, longer range, and more reliable coverage than legacy 802.11a/b/g networks. The more recent 802.11ac standard (currently in draft status) further pushes the envelope promising bitrates up to 1 Gbps. However, improved communication speeds generally come at the cost of higher energy consumption. This concern is particularly heightened for smartphones, where radio interfaces can account for up to 50% of the total power budget under typical use. It thus becomes critical to understand the performance-power tradeoffs in 802.11n/ac equipped smartphones in order to help designers utilize 802.11n/ac chipsets in an energy efficient manner without sacrificing performance. We used UDP traffic over perfect wireless links trying to measure the maximum possible performance. The goal of this project was to focus on the tradeoffs introduced by rate adaptation algorithms. Specifically, we investigated whether rate adaptation algorithms are (i) effective, i.e., by selecting the highest performance rate, and (ii) energy-efficient, i.e., by selecting the most-energy efficient rate for a given data traffic.
February 2017 - May 2017
Developed an Operating System over the course of a semester by implementing smaller subsystems and integrating them into the overall project once they were proven to be stable. The subsystems consisted of: Synchronization Primitives - mutex locks, semaphores, conditional variables, and reader/writer locks; File System Calls and Process Support - read, write, close, lseek, dup2, chdir ,exec, fork, waitpid to support user level programs; Virtual Memory - address translation, TLB management, page replacement, and swapping. This project had intense design components as the assignments were broad in the sense that the students could approach the issue in entirely new and creative ways. The OS contains no memory leaks and was stable in withstanding rigorous testing by the course staff. More info can be found here: ops-class.org