paul/resume
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

updating the details

Browse Source
This commit is contained in:
paul
2026-03-04 21:13:57 -05:00
parent 84a189add4
commit ed9c347e6b
3 changed files with 290 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

366
paul-halvorsen-resume-detailed.md
View File

@@ -1,115 +1,327 @@
---
name: Paul Halvorsen
keywords: rust, cargo, python, c, docker, containers, tdd, test driven development, pytest, ci/cd, javascript, jquery, php, mysql, rest, api, json, xml, git, gitlab, nginx, remote, testing
left-column:
- 'Phone: +1-410-236-4665'
- 'Citizen of the United States'
right-column:
- 'Email: [work@halvo.me](mailto:work@halvo.me)'
---
# Summary
# About Me
I'm a Software Engineer with over (started in 2011) years development and (started in 2006) years professional experience, with exposure to Rust, C, Python, PHP, Go, JavaScript, Java, and C++ languages; various SQL databases; JQuery and Pytest frameworks; Docker containerization; and Rest API, NATS, JSON, XML, and nginx technologies.
## General Info
# Work Experience
- Name: Paul Halvorsen
- Contact
- Email: paul.halvorsen@pm.me
- Phone: +1-410-236-4665
- Links
- Personal Blog: https://flow.halvo.me
- Git Repo: https://git.halvo.me/paul
- LinkedIn: https://www.linkedin.com/in/paul-halvorsen
- Citizen of the United Stats
## Binary Defense
## Summary
**Sr Software Engineer**: April 2022 - Present
I'm a Software Engineer with over (started in 2011) years development and (started in 2006) years professional experience, with exposure to Rust, C, Python, PHP, Go, JavaScript, Java, and C++ languages; various SQL DBs; tokio, JQuery, and Pytest frameworks; Docker and GitLab CI/CD; and Rest API, NATS, JSON, XML, and nginx technologies.
- Rust development using cargo, nextest, cmake, WIX, and cross compilation
- Python development using pyenv, pipenv, cython, docker build environment, gitlab pipelines, and static compilation
- Develop security alarms for Windows, Linux (Debian, Ubuntu, CentOS, RedHat), and MacOS
- Written RFC and ADR to drive design and decision making on project direction
- Design and build containment for all platforms upon detected compromise
- Design and build secure key exchange and connections
- Perform public key pinning and certificate transparency logs for server verification: Rust, Python
- Perform API calls to Azure for data transfer
- Testing performed using VMs built in Proxmox and Virtualbox
### Keywords
rust, cargo, python, c, docker, containers, TDD, test driven development, pytest, CI/CD, JavaScript, JQuery, PHP, MySQL, rest, API, JSON, XML, git, GitLab, nginx, remote, testing
## Work Experience
### Abnormal AI
**Software Engineer**: Jan 2026 - Present
- Utilize claude AI, summarize code, aid in coding, planning
- Build and maintain k8s and aws infrastructure
- python
- pacman
- haml
- yaml
- Build and maintain service to aggregate data
- golang, python
- pytest, unit testing
- running cron jobs in k8s
- using kubectl, k9s to control k8s
- RBAC
### Binary Defense
## Kyrus Tech
**Sr Software Engineer**: April 2022 - Oct 2025
- Gitlab
- CI/CD pipelines for unit and integration testing, compilation, and deployment
- docker images for Linux, Windows
- VMs for MacOS
- MR/PR contributions, comments and testing
- Rust development
- cargo, nextest, cmake, WIX, cross compilation, unit tests
- sqlite encrypted db
- libraries: tokio, reqwest, anyhow, serde
- Containment
- Azure Library
- Library to watch for windows event logs, file system changes, user changes, and firewall changes
- White and blacklists for files, file types, file contents, and hashes
- Sanatize, decorate (add additional data), serialize data for transfer to backend
- De-duplicate data to reduce network traffic and backend storage costs
- Event driven
- Unit tests
- Public key pinning and certificate transparency
- Secure key storage
- Encrypting and decrypting on disk sqlite db
- dpapi for Windows
- org.freedesktop.secrets for Linux
- Python development
- pyenv, pipenv, cython, docker build environment, static compilation, pytest
- Containment
- Public key pinning and certificat transparency logs
- end-to-end integration testing
- Spin up pre-configured VMs (Windows and Linux)
- Make specific testing changes to those VMs via ssh
- Spin up temporary servers
- Run tests
- Performance improvements
- Reduce CPU usage by filtering out previously observed issues
- Reduce memory usage by using regex and filtering
- Reduce network traffic using regex and filtering
- Reduce disk size by turning multiple strings into regex
- Libraries for watching network traffic on Windows and Linux
- Event driven
- White and blacklists in regex
- Specific Windows events
- Filesystem changes
- User changes
- Event driven
- Windows
- Server 2009, 2012, 2019
- xp, 7, 8, 10, 11
- Linux
- Debian, Ubuntu
- Redhat, CentOS
- MacOS
- Written RFC and ADR to drive design and decision making on project direction
- Containment
- Design and build containment for all platforms upon detected compromise
- Containment meaning no network access other than to BD servers
- Use Linux iptables, windows firewall, and MacOS ip firewall
- Design and build secure key exchange and connections
- Public key pinning and certificate transparency logs
- For server verification
- Prevent MITM attacks
- Azure Library
- Setup library for communication: rust and python
- Perform API calls for uploading and updating data in database
- Setup database when it doesn't exist
- Testing performed using VMs built in Proxmox and Virtualbox
- SCRUM
### Kyrus Tech
**Sr Software Engineer**: Nov 2020 - April 2022
- Perform test driven development: C, Python/Pytest, Docker, GitLab CI/CD
- Build covert communications and file transfers proxy: C, HTTPS, Apache Thrift, Rest API
- Design compact router fingerprinting and vulnerability analysis: Android, HTTPS, TCP/IP, StreamCypher Encryption
- Modify existing code to suppress system logging from Linux Kernel module: various Linux Kernel versions, Ghidra
- Router Fingerprinting
- C and Python
- Run on Android phone
- Compact and rolling logs
- Aggregated logs
- Scan for connected routers
- Perform fingerprinting and vulnerability analysis on device
- HTTPS, TCP/IP, StreamCypher Encryption, ICMP, DNS
- Covert communications
- C, Python, Docker
- HTTPS, Apache Thrift, REST API
- Multi threaded
- Routing through multiple middle
- C front end, and middle, python backend
- Encrypted transfers
- RSA key exchange
- Linux kernel backdoor
- Supress system logging
- Monitor filesystem changes
- Supress system monitoring
- Support for various Linux Kernel versions
- Ghidra, C
- Test driven development
- C, Python, Pytest, Docker, GitLab CI/CD
- SCRUM
## Parsons
### Parsons
**Cyber Security Software Engineer**: Apr 2018 - Nov 2020
- Continue development of covert Windows application: C, C++, Python
- Build modular solution for plugin architecture
- Design and develope custom API for minimal data transfer to back-end
- Reverse engineer custom data storage solutions to parse and manipulate target data
- Reverse engineer API calls to proprietary tools to manipulate communication
- Encrypt storage and comms using AES shared key to maintain confidentiality and integrity
- Build prototype back-end service for file storage and search: Java, Tomcat, Niagarafiles (NiFi), nginx, Hadoop, MySQL, LDAP, RBAC
- Create API for uploading files via web interface or CLI
- Verify duplication before storage
- Track and maintain multi-level user access
- Generate metadata for searching
- Covert Windows Application
- Library injection
- C, C++, Python
- Modular solution for dynamic and static plugins
- Cluster of nodes
- Custom API and serialization
- Extremely limited network traffic
- Reduce size of data transfer
- Aggregate/Consolodate data from multiple nodes
- Reverse engineer target's custom data storage to parse and manipulate target data
- Reverse engineer API calls to proprietary application
- Manipulate lagitimate traffic
- Inject traffic
- Encrypt local storage and comms using shared AES key
- Back-end service for file storage
- Java, Tomcat, Niagarafiles (NiFi), nginx, hadoop, MySQL, LDAP, RBAC
- API for uploading files
- Web interface
- CLI
- Remove duplication before storage
- Allow reads from multiple users uploading the same file
- Create new file on write
- Multi-level user access, RBAC and LDAP
- Produce metadata
- Provide search functionality
## NSA
### NSA
**Security Software Engineer**: Nov 2011 - Apr 2018
- RedTeam DevOps development of browser enumeration, manipulation, and exploitation: PHP, JavaScript, JQuery, CSS, Python, MySQL, Java, Apache, Tomcat, Linux, Windows, Chrome, Firefox, Safari, IE, Edge
- Design Rest and JSON API to transfer data between targets, server, and UI
- Deliver covert JavaScript to targets for enumeration and exploitation
- Design front-end to provide a dynamic UI with real time target data, graphs, and charts for in-depth data analysis
- Design MySQL database to hold and quickly query enumeration and exploitation data
- Design and develop new browser exploits using public CVE and POC
- Update PHP back-end for security and performance
- Advise and develop vulnerability mitigation strategies for various military and government customers
- Train and provide SOPs to NSA RedTeam operators for various tools
- Train new development employees on test system and deployment procedures
- Update Windows and Linux software package to also run on MacOS
- RedTeam DevOps
- Browser security
- enumeration, manipulation, exploitation
- Languages: PHP, JavaScript, JQuery, CSS, Python, MySQL, Java
- Platforms: Tomcat, Apache, Nginx
- OS: Linux, Windows, Android, iOS
- Browsers: Chrome, Firefox, Safari, IE, Edge
- Rest JSON API for data transfer to and from target and backend server
- Recon from browser
- Browser name, type, version
- OS name, type, version
- Possible device make and model
- Plugins in browser and versions
- Design dynamic browser UI using JQuery
- View all data on all connected targets
- Interact with the targets browsers
- Change the look
- Monitor key presses and mouse movements
- Mimic legitimate sites
- Redirect the page
- View stats on currently and past connected targets
- Query CVEs to view possible exploits
- Number of versions seen
- Plugins seen
- Add more as needed by operator
- Send exploits to target with backdoor payload
- Build browser exploits using CVE and POC (half day and full day vulnerabilities)
- Obfuscate
- PHP and JS obfuscation
- Randomly change the JS and PHP to hide and evade detection
- Design and maintain MySQL database
- Hold data on each browser, os, and possible exploits
- Hold and relate data for CVEs and available exploits
- Reduce redundancy
- Increase efficiency with pre-compiled queries and indexes
- Maintain backend server
- Additional projects as needed
- Java Tomcat web backdoor
- ASP.Net web backdoor
- ASP.Net document backdoor
- Run JS inside documents and PDFs
- Re-work windows backdoor to cross compile on MacOS
- Provide feedback
- Train and provide SOPs to NSA RT operators for various tools
- Produce documentation for new developers
- Train new developers
- Advise and develop vulnerability mitigation strategies for various military and government customers
- Aid in scoring the NSA Cyber Defense Challenge
- Build token scoring system
- Keep track of scores and provide feedback to the teams
- Report scoring throughout the competition
### NSA
**Systems Engineer**: Sept 2009 - Nov 2011
- Deploy, maintain, and monitor 30+ systems with 130+ Red Hat Enterprise Linux (RHEL) servers each
- Maintain multiple services on each system including; LDAP, DNS, Apache, NiFi, Hadoop, Apache, Puppet, DHCP, PXE boot
- Develop and deploy monitoring, reporting, and issue correcting scripts: Python
- Repoting sent via Web API to graphic interface for viewing as well as emailed out to the team
- Organize, train, and participate in team performing 24x7 call-in rotation
- Stage new deployments to verify viability before deployment
- Responsible for 5+ domestic and foreign system deployments
- Ownership over 30+ systems with 130+ RHEL servers each
- Stage 10+ systems
- Deploy 3+ systems, domestic and foreign
- Soley responsible for 5+ domestic and forign systems
- Maintain all systems as part of a 24x7 call-in rotation
- Multiple services on each system
- LDAP, DNS, Apache, NiFi, Hadoop, Puppet, DHCP, PXE boot
- Develop scripts to aid in maintenance
- Python
- Auto fix known issues
- Scan and produce report of all systems in under 30 min
- Report sent via Web API to Web UI and alerting system
- Reduced call-ins
- Organize and train team of contractors
- Spun up to work 24x7
- Provide SOPs for quick fixes
- Provide SOPs for tier 1 to reduce call-ins for 24x7 team
## Salisbury University
### Salisbury University
**Software Developer**: Nov 2006 - May 2008
- Funded through the Wallops Flight Facility (NASA)
- Provide simplified UI and scenario builder for the Satellite Tool Kit (STK): Managed C++
- Tasked to provide risk assessments
- Launch vehicles and UAVs over the DELMARVA peninsula
- Provide simplified UI and scenario builder for the Satellite Tool Kit (STK)
- Wizard walk through for standard set of launch and safety scenarios
- Build scenario in both custom simplified UI as well as full STK
- C++, UI built using Visual Studio and Managed C++
- Provide reports on risks of scenarios
- Realtime graphs and charts
- Post analysis reporting
- Create graphs designed to display risk throughout the scenario
- Design risk assessment scenarios for launch vehicles and UAVs over the DELMARVA peninsula
- Collaborate with Geographic Information Science (GIS) for mapping
- Display emergency services and response time on the map throughout the simulation
- Collaborate with Geographic Information Science (GIS)
- Provide maps with POI
- Distances and response times for emergancy vehicles
### Salisbury University
**Lab Administrator**: Sept 2007 - May 2009
- Support Math and CS departments at SU
- Maintain the Linux labs on campus: dual boot OpenSUSE, WindowsXP, and OpenSUSE server
- Perform backups, updates, user management (LDAP), disk quotas, and remote access
- Maintain the Linux labs on campus
- In charge of 2 labs
- Dual boot OpenSUSE, WindowsXP
- OpenSUSE server
- Provide SSH access both internal and external
- Perform regular tasking
- Backups
- Updates
- User management (LDAP)
- Disk quotas
- Remote access
- Installation of needed software
- Monitor the labs while in use
- Provide ssh access into the lab for remote work
# Education
## Education
- **University of Maryland Baltimore Campus**: Masters in Computer Science; 2013. Thesis: "Stateless Detection of Malicious Traffic: Emphasis on User Privacy"
- **Salisbury University**: Bachelors in Computer Science; 2009. Magna Cum-Laude
- **Security+**: ID: COMP001021281239; Exp Date: 04/04/2024
- **Royal Military College (RMC Canada)**: Training in OpenBSD development and administration
- University of Maryland Baltimore Campus
- Masters in Computer Science
- Graduated 2013
- Thesis: "Stateless Detection of Malicious Traffic: Emphasis on User Privacy"
- Salisbury University
- Bachelors in Computer Science
- Graduated 2009
- Magna Cum-Laude
- Security+
- ID: COMP001021281239
- Exp Date: 04/04/2024
- Royal Military College (RMC Canada)
- Training in OpenBSD development and administration
# Miscellaneous
## Miscellaneous
- **RedBlue Conference**: Presented combination web enumeration/exploitation tool
- **National Conference for Undergrad Research (NCUR)**: Presented development of STK scenario building and manipulation
- **SANS Courses**: Staying up-to-date on security research
- **Homelab**: Running email, cloud storage, gitea, DNS, multimedia, geneology, and static web page services
- **Web Admin for PTA**: Setup and maintain a Wordpress site
- RedBlue Conference
- Presented combination web enumeration/exploitation tool
- National Conference for Undergrad Research (NCUR)
- Presented development of STK scenario building and manipulation
- SANS Courses
- Staying up-to-date on security research
- Homelab
- Proxmox
- Running email
- Cloud storage, TrueNAS, Nextcloud
- gitea
- DNS, pi-hole, adguard
- Multimedia, Plex, Jellyfin
- Geneology, Webtrees
- Static web page services, docs, hugo, blogs, dashboard
- Home assistant
- Web Admin for PTA
- Setup and maintain a Wordpress site
- Setup and maintain weebly site

2
paul-halvorsen-resume.md
View File

@@ -21,7 +21,7 @@ I'm a Software Engineer with over 14 years development and 18 years professional
## Binary Defense
**Sr Software Engineer**: April 2022 - Present
**Sr Software Engineer**: April 2022 - Oct 2025
- Rust development including: tokio (test), reqwest, anyhow, serde, windows, cargo, cmake, and WIX
- Python development using pyenv, pipenv, cython, docker, GitLab pipelines, and static compilation

BIN
paul-halvorsen-resume.pdf
View File

Binary file not shown.