Kevin B. Hicks
DevOps and Security Engineer
A high performance, versatile DevSecOps engineer with experience developing strategies and implementing solutions in companies undergoing extraordinary growth. Diverse experience in software and systems development, cybersecurity, networking, and customer service augmented by the ability to identify and solve complex business challenges through creative applications of technology. Recognized as a highly motivated, disciplined team player with excellent communications and interpersonal skills as well as demonstrated analytical, planning, and organizational skills.
Ubuntu, Amazon Linux 2, FreeBSD, VMware ESXi, Windows Server, Windows 7 and 10, pfSense, Kali Linux, FreeNAS, Citrix XenServer.
Applications and Tools
Amazon Web Services (AWS)
IAM, EC2, ECS, EKS, VPC, S3, EFS, CloudFront, Lambda, CloudTrail, Config, Route 53, CloudWatch, RDS, DynamoDB, QLDB, Organizations, Backup, API Gateway, CloudFormation, Athena, RAM, SSM, Secrets Manager, ACM, WAF, Shield, SES, SNS, WorkSpaces, cost optimization.
Development and CI/CD
Terraform, Docker, Kubernetes, Consul, Vault, Packer, GitHub, GitLab, Jenkins, Ansible, SaltStack, Chef, Burp Suite, SSH.
MySQL, Nginx, Apache httpd, Splunk, Elasticsearch, Kibana, Icinga 2, VMware, LDAP, Active Directory, Group Policy.
Enterprise Apps and Services
Jira, Confluence, Microsoft Office 365, Slack, Box, ServiceNow, Workday, Google Workspace.
Concepts and Protocols
Zero Trust Architecture, Principle of Least Privilege, AES, RSA, DHE, cryptographic hashing, digital signatures, REST APIs, IPv4/6, POP3, IMAP, SMTP, OpenVPN, IPsec, DNS, RADIUS, NAT, DHCP, VLAN, NFS, SMB.
A security-focused software company providing solutions for identity governance and administration with a combination of SaaS and on-premise options aided by artificial intelligence for continuous auditing of user permissions.Senior DevSecOps Engineer (Team Lead), February 25th, 2019 - Present
- Responsible for security operations in the DevOps/SRE team with a focus on defense in depth across multiple platforms and application stacks.
- Lead in implementation of security controls in the SaaS environment such as endpoint protection, vulnerability scanning, and web application firewalls.
- Onboard and provide a welcoming environment for new DevSecOps team members with diverse levels of starting knowledge.
- Ensure compliance with SOC 2, ISO 27001, and FedRAMP security standards in production and data curation environments.
- Respond to customer inquiries pertaining to the SaaS environment such as external penetration testing, on-premise virtual appliances, and tenant isolation.
- Establish strong communication channels between the DevOps and security operations, engineering, and IT teams.
- Maintain records of a diverse and revolving inventory of cloud assets.
- Constantly monitor for cost savings opportunities.
- Recipient of the quarterly company-wide "Security Hero" award within the first month of employment.
An IT solutions firm focused on developing network security software designed specifically for K-12 school districts. Products include an AI adaptive web filter and a comprehensive, teacher-controlled mobile device manager, serving thousands of school districts and millions of users.Senior Systems Engineer, May 15th, 2017 - February 22nd, 2019
- Migrated a complex system of on-premise servers and applications to AWS.
- Implemented solutions for automated continuous integration and delivery of applications.
- Wrote and maintained Chef infrastructure code for complex web applications.
- Designed, implemented, maintained, and provided support for a highly available, secure, and durable environment for HashiCorp Vault on AWS using S3, Terraform, and Consul.
- Participated in on-call rotation to ensure maximum uptime of customer-facing and internal services.
Epicom Corporation (now part of SugarCRM)
A startup-like technology solutions company focused on consulting and executing complex CRM and Marketing Automation deployments, customizations, and integrations for a wide variety of clients in multiple industries. Approximately 100 clients with 3000 users.Software Engineer, August 10th, 2015 - May 12th, 2017
- Responsible for all network systems and administration. Improved overall performance by 50% and hardened network security by redesigning and implementing new configurations and methods.
- Appointed by the CEO to lead all security efforts. Responsible for all security policy creation, tool selection, risk review and governance as well as firewall reconfiguration and elimination of potential risks.
- Team lead on the company DevOps effort providing architecture design and strategic direction as well as fostering regular communications between development, operations and QA functions.
- Assisted the sales staff in gathering requirements, designing integrations, security configurations, network connectivity and implementations for new and existing clients for the SugarCRM (Customer Relationship Management) application.
- Developed integrations with client systems and other 3rd party applications to yield a streamlined, easy to use solution for the client.
- Analyzed, defined, and developed a custom integration between internal MySQL databases and Trello to improve internal project management accuracy and tracking.
- Collaborated with almost all the company's clients on a variety of technical configuration, data transfer and integrity, integrations, and general user support issues.
- Formed a cross-functional group for evaluating internal user needs. Led analysis, review and selection of new technologies to solve business problems.
- Provided analysis and architecture direction on a variety of other efforts, in all phases of development (Define, Design, Test, QA, Production) as needed.
- Active in various multi-media company culture and civil service events on an ongoing basis.
University of Texas at Austin - ITS Networking
Information Technology Services Networking department for one of the largest universities in the country with roughly 51,000 students and 22,000 employees.Enterprise Network Engineer, May 27th, 2013 - August 4th, 2018
- Employed part-time for 2 years when enrolled and offered a full-time position after graduation.
- Created a real-time alerting system to notify IT staff of hosts that consume over threshold bandwidth. Limits are configurable and can be tuned on the fly.
- Created heat map of all wireless device locations on campus using Google Maps API. The map is used for analytics and redesign of wireless infrastructure to better serve users in high volume areas.
- Assisted end users with wireless connectivity issues and handled an average of 50 support calls per day.
- Participated in team building and service events at UT Austin including continued participation in student organizations as an advisor after graduation.
University of Texas at Austin
Bachelor of Science, Computer Science
- Graduated May 2015.
- Specialized undergraduate coursework: Network Security and Privacy, Real World Information Security, Data Management, Information Assurance, Computer Networks, Cryptography.
- Founder of the “Information and Systems Security Society” at UT, a student organization that focuses on information security. Published white papers and gave multiple presentations on topics such as Wi-Fi security, IPv4 address exhaustion and IPv6, 802.11, SQL injection, and Tor.
- Led a team to 2nd place out of 40 schools in the Collegiate Cyber Defense Competition (2012).
L D. Bell High School
International Baccalaureate Diploma
- Graduated May 2011.
Certifications and Accomplishments
- AWS Certified Security Specialist, DevOps Engineer Professional, SysOps Administrator Associate, and Solutions Architect Associate.
- Author of SpaceSiren, a breach detection tool for AWS.
- Independent operator of a group of relays in the Tor network that collectively rank in the top 5 families of guard/entry relays, and the top 10 families by consensus weight.
- Eagle Scout.
Eagle Scout - Boy Scouts of America