paul/resume
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
b202ec9954cddb32c5533bafc103b9bba2960762
resume/paul-halvorsen-resume-detailed.md
paul b202ec9954 Lots of updates
2026-03-18 23:32:45 -04:00

14 KiB
Raw Blame History

About Me

General Info

Job Target

  • Application development

  • Backend development

  • Security/Cybersecurity

  • Systems programming

  • Remote work environment

  • No on-call

  • Flexible minimum of $130000

  • Preferably Jr or Mid developer (level 1 or 2)

  • Preferably low responsibilities

  • Preferably no mentoring

  • No management

Summary

I'm a Software Engineer with over 15 years of development and 20 years of professional experience, with expertise in Rust, C, Python, and GoLang; various SQL databases; tokio, Pytest, and Docker frameworks; GitLab CI/CD pipelines; and REST APIs, encryption, JSON, and nginx technologies. Specialized in backend development, systems programming, and security-focused applications.

Keywords

rust, cargo, python, c, docker, containers, TDD, test driven development, pytest, CI/CD, JavaScript, JQuery, PHP, MySQL, rest, API, JSON, XML, git, GitLab, nginx, remote, testing

Experience Levels

Languages

  • Advanced
    • Rust, Cargo, Python, PyTest, GoLang, MySQL, C
  • Intermediate
    • JavaScript, PHP, GoLang, JQuery
  • Beginner
    • Java, C++,

OSes

  • Intermediate
    • Linux, Debian, Ubuntu, RHEL, CentOS
  • Beginner
    • Windows, MacOS, OpenSUSE, Android, iOS

Browsers

  • Intermediate
    • Firefox, Chrome
  • Beginner
    • IE, Edge, Safari

Technologies

  • Intermediate
    • MySQL, REST API, JSON, Nginx, Encryption, RSA, Docker, CI/CD
  • Beginner
    • Tomcat, Apache, DNS, k8s, AWS, Azure, Ghidra, k8s, Kubernetes

Work Experience

Abnormal AI

Software Engineer: Jan 2026 - Present

  • Utilize claude AI, summarize code, aid in coding, planning
  • Build and maintain k8s and AWS infrastructure
    • python
    • pacman
    • haml
    • yaml
    • 10 k8s clusters, with auto scale up and down number of instances
  • Build and maintain service to aggregate data
    • golang, python
    • pytest, unit testing
  • running cron jobs in k8s
  • using kubectl, k9s to control k8s
  • RBAC
  • Team of 5
  • Heavy inter-team communication and coordination
  • Monorepo with all teams
  • Customers in US East, US West, EU West, and government
    • Maintain real time storage and long time storage
    • Generate aggregated data
    • Increase efficiency through auto-scaling, and compression
  • 24x7 call

Binary Defense

Sr Software Engineer: April 2022 - Oct 2025

  • Gitlab
    • CI/CD pipelines for unit and integration testing, compilation, and deployment
    • docker images for Linux, Windows
    • VMs for MacOS
    • MR/PR contributions, comments and testing
  • Rust development
    • cargo, nextest, cmake, WIX, cross compilation, unit tests
    • sqlite encrypted db
    • libraries: tokio, reqwest, anyhow, serde
    • Containment
    • Azure Library
    • Library to watch for windows event logs, file system changes, user changes, and firewall changes
      • White and blacklists for files, file types, file contents, and hashes
      • Sanatize, decorate (add additional data), serialize data for transfer to backend
      • De-duplicate data to reduce network traffic and backend storage costs
      • Event driven
    • Unit tests
    • Public key pinning and certificate transparency
    • Secure key storage
      • Encrypting and decrypting on disk sqlite db
      • dpapi for Windows
      • org.freedesktop.secrets for Linux
  • Python development
    • pyenv, pipenv, cython, docker build environment, static compilation, pytest
    • Containment
    • Public key pinning and certificat transparency logs
    • end-to-end integration testing
      • Spin up pre-configured VMs (Windows and Linux)
      • Make specific testing changes to those VMs via ssh
      • Spin up temporary servers
      • Run tests
    • Performance improvements
      • Reduce CPU usage by filtering out previously observed issues ~ %90
      • Reduce memory usage by using regex and filtering ~ %60
      • Reduce network traffic using regex and filtering ~ %80
      • Reduce disk size by turning multiple strings into regex ~ %20
    • Libraries for watching network traffic on Windows and Linux
      • Event driven
      • White and blacklists in regex
    • Specific Windows events
    • Filesystem changes
    • User changes
    • Event driven
  • Supported OSes
    • Windows
      • Server 2009, 2012, 2019
      • xp, 7, 8, 10, 11
    • Linux
      • Debian, Ubuntu
      • Redhat, CentOS
    • MacOS
  • Written RFC and ADR to drive design and decision making on project direction
  • Containment
    • Design and build containment for all platforms upon detected compromise
    • Containment meaning no network access other than to BD servers
    • Use Linux iptables, windows firewall, and MacOS ip firewall
  • Design and build secure key exchange and connections
  • Public key pinning and certificate transparency logs
    • For server verification
    • Prevent MITM attacks
  • Azure Library
    • Setup library for communication: rust and python
    • Perform API calls for uploading and updating data in database
    • Setup database when it doesn't exist
  • Testing performed using VMs built in Proxmox and Virtualbox
  • SCRUM
  • Customers
    • Small to large (Fortune 500 companies)
    • Thousands of endpoints

Kyrus Tech

Sr Software Engineer: Nov 2020 - April 2022

  • Router Fingerprinting
    • C and Python
    • Run on Android phone
    • Compact and rolling logs
    • Aggregated logs
    • Scan for connected routers
    • Perform fingerprinting and vulnerability analysis on device
    • HTTPS, TCP/IP, StreamCypher Encryption, ICMP, DNS
  • Covert communications
    • C, Python, Docker
    • HTTPS, Apache Thrift, REST API
    • Multi threaded
    • Routing through multiple middle
    • C front end, and middle, python backend
    • Encrypted transfers
    • RSA key exchange
  • Linux kernel backdoor
    • Supress system logging
    • Monitor filesystem changes
    • Supress system monitoring
    • Support for various Linux Kernel versions
    • Ghidra, C
  • Test driven development
  • C, Python, Pytest, Docker, GitLab CI/CD
  • SCRUM

Parsons

Cyber Security Software Engineer: Apr 2018 - Nov 2020

  • Covert Windows Application
    • Library injection
    • C, C++, Python
    • Modular solution for dynamic and static plugins
    • Cluster of nodes
    • Custom API and serialization
      • Extremely limited network traffic
      • Reduce size of data transfer
      • Aggregate/Consolodate data from multiple nodes
    • Reverse engineer target's custom data storage to parse and manipulate target data
    • Reverse engineer API calls to proprietary application
      • Manipulate lagitimate traffic
      • Inject traffic
    • Encrypt local storage and comms using shared AES key
  • Back-end service for file storage
    • Java, Tomcat, Niagarafiles (NiFi), nginx, hadoop, MySQL, LDAP, RBAC
    • API for uploading files
      • Web interface
      • CLI
    • Remove duplication before storage
      • Allow reads from multiple users uploading the same file
      • Create new file on write
    • Multi-level user access, RBAC and LDAP
    • Produce metadata
      • Provide search functionality

NSA

Security Software Engineer: Nov 2011 - Apr 2018

  • RedTeam DevOps
  • Browser security
    • enumeration, manipulation, exploitation
    • Languages: PHP, JavaScript, JQuery, CSS, Python, MySQL, Java
    • Platforms: Tomcat, Apache, Nginx
    • OS: Linux, Windows, Android, iOS
    • Browsers: Chrome, Firefox, Safari, IE, Edge
    • Rest JSON API for data transfer to and from target and backend server
    • Recon from browser
      • Browser name, type, version
      • OS name, type, version
      • Possible device make and model
      • Plugins in browser and versions
    • Design dynamic browser UI using JQuery
      • View all data on all connected targets
      • Interact with the targets browsers
        • Change the look
        • Monitor key presses and mouse movements
        • Mimic legitimate sites
        • Redirect the page
      • View stats on currently and past connected targets
        • Query CVEs to view possible exploits
        • Number of versions seen
        • Plugins seen
        • Add more as needed by operator
      • Send exploits to target with backdoor payload
    • Build browser exploits using CVE and POC (half day and full day vulnerabilities)
    • Obfuscate
      • PHP and JS obfuscation
      • Randomly change the JS and PHP to hide and evade detection
    • Design and maintain MySQL database (thousands of records)
      • Hold data on each browser, os, and possible exploits
      • Hold and relate data for CVEs and available exploits
      • Reduce redundancy
      • Increase efficiency with pre-compiled queries and indexes
    • Maintain backend server
  • Additional projects as needed
    • Java Tomcat web backdoor
    • ASP.Net web backdoor
    • ASP.Net document backdoor
    • Run JS inside documents and PDFs
    • Re-work windows backdoor to cross compile on MacOS
  • Provide feedback
    • Train and provide SOPs to NSA RT operators for various tools
    • Produce documentation for new developers
    • Train new developers
    • Advise and develop vulnerability mitigation strategies for various military and government customers
  • Aid in scoring the NSA Cyber Defense Challenge
    • Build token scoring system
    • Keep track of scores and provide feedback to the teams
    • Report scoring throughout the competition
  • Customers
    • Military branches
    • DoD
    • DoJ
    • Other government departments

NSA

Systems Engineer: Sept 2009 - Nov 2011

  • Ownership over 30+ systems with 130+ RHEL servers each
    • Stage 10+ systems
    • Deploy 3+ systems, domestic and foreign
    • Soley responsible for 5+ domestic and forign systems
    • Maintain all systems as part of a 24x7 call-in rotation
  • Multiple services on each system
    • LDAP, DNS, Apache, NiFi, Hadoop, Puppet, DHCP, PXE boot
  • Develop scripts to aid in maintenance
    • Python
    • Auto fix known issues
    • Scan and produce report of all systems in under 30 min
    • Report sent via Web API to Web UI and alerting system
    • Reduced call-ins
  • Organize and train team of contractors
    • Trained up and informally supervised team of 5
    • Spun up to work 24x7
    • Provide SOPs for quick fixes
    • Provide SOPs for tier 1 to reduce call-ins for 24x7 team

Salisbury University

Software Developer: Nov 2006 - May 2008

  • Funded through the Wallops Flight Facility (NASA)
    • Tasked to provide risk assessments
    • Launch vehicles and UAVs over the DELMARVA peninsula
  • Provide simplified UI and scenario builder for the Satellite Tool Kit (STK)
    • Wizard walk through for standard set of launch and safety scenarios
    • Build scenario in both custom simplified UI as well as full STK
  • C++, UI built using Visual Studio and Managed C++
  • Provide reports on risks of scenarios
    • Realtime graphs and charts
    • Post analysis reporting
  • Create graphs designed to display risk throughout the scenario
  • Design risk assessment scenarios for launch vehicles and UAVs over the DELMARVA peninsula
  • Collaborate with Geographic Information Science (GIS)
    • Provide maps with POI
    • Distances and response times for emergancy vehicles

Salisbury University

Lab Administrator: Sept 2007 - May 2009

  • Support Math and CS departments at SU
  • Maintain the Linux labs on campus
    • In charge of 2 labs
    • Dual boot OpenSUSE, WindowsXP
    • OpenSUSE server
  • Provide SSH access both internal and external
  • Perform regular tasking
    • Backups
    • Updates
    • User management (LDAP)
    • Disk quotas
    • Remote access
    • Installation of needed software
  • Monitor the labs while in use

Education

  • University of Maryland Baltimore Campus
    • Masters in Computer Science
    • Graduated 2013
    • Thesis: "Stateless Detection of Malicious Traffic: Emphasis on User Privacy"
  • Salisbury University
    • Bachelors in Computer Science
    • Graduated 2009
    • Magna Cum-Laude
  • Security+
    • ID: COMP001021281239
    • Exp Date: 04/04/2024 (EXPIRED - no longer active)
  • Royal Military College (RMC Canada)
    • Training in OpenBSD development and administration

Open Source & Personal Projects

  • testct & ctclient (Rust) - Certificate Transparency testing, validation, and monitoring tools; forked and enhanced for production monitoring scenarios
  • sjles-pta-vote (Go, TypeScript, React) - Full-stack community voting platform for school PTA organization, leveraging Claude Code for planning, code reviews, and development
  • baseball-nn (Python) - Machine learning project demonstrating AI-assisted development with Claude Code for neural network training and prediction
  • date-scanned-pics (Python) - EXIF metadata utility for organizing and dating scanned photograph collections; automatically processes JPG files with date-encoded filenames and updates metadata
  • task-organizer-assignment (Common Lisp) - Recursive algorithm implementation solving task dependency ordering problem; demonstrates functional programming patterns and Docker-based execution

Miscellaneous

  • RedBlue Conference
    • Presented combination web enumeration/exploitation tool
  • National Conference for Undergrad Research (NCUR)
    • Presented development of STK scenario building and manipulation
  • SANS Courses
    • Staying up-to-date on security research
  • Blog: https://flow.halvo.me
  • Git: https://github.com/malwhile
  • Homelab
    • Proxmox
    • Running email
    • Cloud storage, TrueNAS, Nextcloud
    • gitea
    • DNS, pi-hole, adguard
    • Multimedia, Plex, Jellyfin
    • Geneology, Webtrees
    • Static web page services, docs, hugo, blogs, dashboard
    • Home assistant
  • Web Admin for PTA
    • Setup and maintain a Wordpress site
    • Setup and maintain weebly site
Reference in New Issue View Git Blame Copy Permalink