Areas of Expertise

On This Page
Certification
DevOps, Agile, Lean, IaC & CI/CD Methods
Team Leadership, Technology Leadership & Work Management
​Collaboration, Mentoring & Knowledge Sharing
​​DevOps, IaC, CI/CD Technology​
Cloud Architecture, Containers & Cloud Native ​
Site Reliability Architecture & Engineering (SRE)
​Security Practices and Coding
​Operating Systems & Related Technology
​PowerShell Deployment Automation
Linux Bash Deployment Automation
Multiplatform DevOps Automation Coding for Linux & Windows​
​Escalation Troubleshooting and Automated Testing
​Technical Writing
Conference Speaking
Publishing & Blogging
Classroom Course Creation & Delivery
Windows Application Internals & Integration
Work  Blend
In a given week I spend 65-70% of my time in technical designing and coding and the remainder in technology, team and work management.
Certification

Professional Scrum Product Owner

Professional Scrum Master

AWS Solutions Architect Associate
2016-2019
DevOps, Agile, Lean, IaC & CI/CD Methods
  • Agile: I have embraced and applied agile management methods to my automation coding and project activities and worked on teams whose work is managed 100% with Agile methods and tools.
  • DevOps: I am an advocate of the application DevOps methods where they are appropriate - most especially making Security, Monitoring, Backup and Operational Ruggedness first class citizens that are designed in from day 1.
  • Scrum Master: for multiple, simultaneous small team projects.  Certified Professional Scrum Master.
  • Product Owner: for multiple products including Gitlab as a Service.  Certified Professional Scrum Product Owner.
  • Continuous Integration & Continuous Delivery: I understand the goals, requirements and ideals behind these methodologies and I have helped build and maintain CI / CD pipelines based on TeamCity and Octopus and Jenkins (including Blue Ocean on Windows and Linux).
  • Desired State and Idempotent Coding: I understand how to code for desired state and idempotency - this perspective and skill are important for writing custom code for any of the frameworks that function with these concepts (Chef, PowerShell DSC) and are very handy for all code.
Technology Leadership, Team Management & Work Management
  • Team Management: Managed a small team of direct reports for delivery of multiple DevOps developer tooling services and products.
  • Professional and Leadership Development: Created and implemented "Solutions Lead" delegation framework for both effective delegation and pushing leadership opportunities to individual contributor roles.
  • Created Customer Value Vision to focus team on owning customer value realization and on a cadence of value delivery rather than vanity metrics of work progression. 
    Customer Value Vision: 1) Know customer value, 2) Build customer value, 3) Release and publicize customer value, 4) Facilitate adoption of customer value realization.
  • Customer Value Log: devised and published Customer Value Log to openly display team's accomplishments, including releases, customer kudos and improvements in adoption facilitating materials and activities.
  • Performance Appraisal and Compensation Management for small team of direct reports.
  • Service Management of Gitlab SCM and CI as a Service (highly available, scalable).
  • Scrum Product Ownership of IaC fast start template kits (e.g. ECS Kickstart), IaC as a Service for deployment automation, Windows and Linux template images (AWS AMI) as a service and Linux Security Hardening.
  • Innovative Work Forecasting Worksheet: for team capacity and planned work for both recurrent release work and new build activities.
  • Work Management Visualization: of complex work activities.
    Deep Dive: Work Dashboard     http://www.darwinsanoy.com/detailed-visuals.html#workdashboard
  • Agile Work Management and GTD: Create and refine stories, groom backlog, sprint planning, retrospectives, lead standups, demos.  GTD discipline.  Tools: Rally Dev and Jira.
Collaboration, Mentoring & Knowledge Sharing
  • Internal Blogging: I have been a leader in initiating and leading by example for company internal blogging (usually on Yammer) to share my team's resources and create a positive social environment.
  • Initiate Lunch and Learn Sessions: I love to share and have delivered internal learning sessions where I work, including initiating lunch learning sessions. 
  • Mentoring:  I enjoy helping others within and outside of my team.
  • Seeding Leaders in Collaboration: I encourage and nudge others to get involved in positive collaboration by speaking and blogging.
  • External: I effectively collaborate with vendor engineers, contribute to open source and participate in expert communities (e.g. CIS community).
  • Documentation: Code as documentation, markdown in source control, .
  • Escalation and Incidents: Effective at leading collaborative troubleshooting sessions and creating appropriate documentation for collaboration across timezones and teams.
  • Technology Instruction: I do technology instruction by creating PluralSight courses and by doing conference speaking.
DevOps, IaC, CI/CD Technology
  • Desired State and Idempotent Coding: I understand how to code for desired state and idempotency - this perspective and skill are important for writing custom code for any of the frameworks that function with these concepts (Chef, PowerShell DSC) and are very handy for all code.
  • Agile Work Management and GTD: Create and refine stories, groom backlog, sprint planning, retrospectives, lead standups, demos.  GTD discipline.  Tools: Rally Dev and Jira.
  • git: Manage and collaborate on all code using git - including branching, tagging, mergingand understand how to use it in CI / CD and have worked with Stash, Gitlab CE (internal), Github.com Gitlab.com.  I use it for open source as well.
  • PowerShell for DevOps: I am accomplished in PowerShell for software deployment and configuration automation.  I am confident in creating, testing and releasing frameworks and functions for others to use.
  • Chocolatey Nuget: I have used Chocolatey NuGet to create componentized infrastructure artifacts that can be installed via most any type of automated orchestration - whether infrastructure or CI/CD oriented (e.g. PowerShell, Chef, Packer, TeamCity, Ocotopus).  I have also used it to create enhanced code deploy NuGet packages that are also consumable independent of the CI / CD tools that created the packages.
  • NuGet: Product prototyping, selection and deployment of NuGet server.  Prototyped ProGet and deployed Nexus Repository (Windows & Linux).
  • Pester: for test automation in CI/CD builds.  I have built over 100 Pester tests for automated infrastructure QA.
  • Artifact Repositories: I have and done a production implementation of Nexus Repository OSS on Linux and I maintain the Chocolatey package for the Windows version.
  • TeamCity: Use of TeamCity for infrastructure automation and code packaging automation.
  • Linux & Bash: Completely comfortable in supporting and automating Linux environments.  Over 15 years supporting LAMP stack and doing administration at the bash console and writing scripts.
  • Jenkins: including Blue Ocean on Windows and Linux.
  • Hashicorp Packer: Use of packer to create complex builds with one packer source file.
  • SQL Server & IIS: Created scripts to install SQL and IIS and configure them using PowerShell and Get-Carbon PowerShell module.
Cloud Architecture, Containers & Cloud Native 
​Note: In the below,"Configuration Automation" means setting these things up using Cloud Formation or another orchestration tool rather than relying on human driven setup using the AWS console.
  • IaaS: Extensive AWS EC2 build and operations experience, including: Windows 2016, 2012 R2 (Core, Full GUI, Container Instances), Amazon Linux, CentOS, Ubuntu - including creating AMI templates.
  • PaaS, Cloud Native, Serverless: configuration automation and troubleshooting of AWS SNS, AWS CloudWatch, AWS Config.  Usage of CodeDeploy.
  • Networking: Configuration automation and troubleshooting of AWS VPC including subnets and route tables and security groups.
  • Security: Configuration automation and troubleshooting for IAM roles, permissions policies, trusts and cross-account access.  AWS Certificate Manager and SSL termination for CloudFront and Loadbalancing.
  • Scaling: configuration automation and troubleshooting for AWS Autoscaling via ELB, ALB and NLB.  Cloudfront for global static content and for network backhaul (no caching).
  • Containers: Windows and Linux containers on AWS ECS.
  • Deployment Automation / IaC: AWS CloudFormation for configuring all AWS services and IAM permissions.
  • Instance Automation: AWS Cloud Formation templates which call Bash and PowerShell scripts for on-instance automation - including advanced cfn-init and cfn-signal usage.
  • SaaS via PaaS Cobbling: AWS has several solutions which require the technician to cobble together existing services.  Configuration and understanding of AWS Systems Manager for global, cross-account software and patch inventory.
Site Reliability Architecture & Engineering (SRE)
  • Internal SCM as a Service SRE: Company internal Source Code Management (SCM) as a Service deployment based on a private, highly available GitLab CE implementation on AWS Linux Docker containers, ECS, EFS (AWS PaaS file system), CloudFront and ProgreSQL RDS with Sumo Logic logging.
  • Automation: Deployment and update automation based on Cloud Formation, Bash and internal tooling.  Automation is capable of standing up nightly builds and complete test stacks.
  • Troubleshooting / Escalation: Level 2 for tickets, Level 3 for production outages or service degradation.
  • Monitoring and Capacity Management: Monitoring of KPIs for scaling requirements and log alerting for problems.
  • Highly Available Deployment: GitLab CE has many implementation patterns - this installation followed both the GitLab HA implementation pattern (leverages PaaS where ever possible) and Docker Linux Container implementation pattern.
Security Practices and Coding
  • Advocate and Implement Security Built-in: I am an advocate of Security Built-in and push for production like security controls to be brought into development environments - otherwise security ends up being compromised to a retro-fitted afterthought.
  • Advocate and Implement Security Built-in: I am an advocate of Security Built-in and push for production like security controls to be brought into development environments - otherwise security ends up being compromised to a retro-fitted afterthought. 
  • Center for Internet Security: I have served on the committees and contributed to CIS Benchmarks.
  • IAM Security and Permissions: Review and approve Cloud Formation templates for production - including detailed review of IAM permissions for adherence to least privilege.
  • Least-Privilege Research: I have the patience and tenacity to work through to technical and people challenges raised by researching and testing for the optimal least-privilege security implementation for a given solution.  Strongest on Windows, but also able to implement least-privilege Linux software deployments.
  • CIS AWS Foundations Benchmark Coding: I have coded platform neutral scripting to implement this benchmark for a new account.  I have created a PluralSight course that teaches the concepts, practicalities and code for implementing this benchmark: Securing AWS Using CIS AWS Foundations Security Standard.
  • Highly Privileged IT Employee Perspective: I understand and consent to the obligations, care and ethics that must be practiced by employees who have high levels of security access that I generally have.
Operating Systems & Related Technology
  • Server: Windows 2016, Nano Server, 2012 R2, 2008 R2  - internals, 64-bit, automation, applications, CentOS.
  • Windows Internals: process profiling, troubleshooting, escalations, 64-bit, application integration and dev best practice.
  • Linux: Centos - management of LAMP stack for business site, hardening, software install, some bash, VMware Virtualization.
  • HyperVisors: VMWare Workstation, Win 8/10 Hyper-V, Virtual Box.
  • Cloud HyperVisors: AWS (Certified Solutions Architect), Skytap, Azure.
  • Containers: Docker containers on Windows and Linux, AWS ECS.
  • Languages / Automation: PowerShell (Expert), PowerShell DSC, .CMD/.BAT, Bash
  • DevOps Tools: Git CLI, GitLab CE High Availability (SRE), Packer, NuGet Packaging & Repositories, TeamCity, Jenkins.
  • Troubleshooting Tools: Procmon, Procexp, Rohitab API Monitor, Nektra Spy Studio
  • Virtualization & Containerization: App-V 4.6, 5.0, Windows and Linux Containers.
  • Management: Chef, PowerShell DSC, SCCM 2007, 2012 (complex software deployment automation)
PowerShell Deployment Automation
  • I feel very confident with PowerShell and welcome all opportunities to tackle new problems and enjoy opportunities to grow in it.
  • Extensive use of PowerShell Console for prototyping - which improves first pass code quality and reduces test time.
  • Lead developer for enterprise software distribution team's shared functions library and template.
  • Library compatible with 17 Windows MUI languages, XP, three versions of Windows client and server, PowerShell 2.0 and 3.0 and 32-bit and 64-bit execution.
  • Library handles all 32-bit / 64-bit software configuration management and script execution issues.
  • Management of script releases with agile methodologies.
  • App-V 4.6 PowerShell Function Library.
  • Development in sync with underlying PowerShell philosophies: functionality discoverable via built-in function help, verb-noun pairs, pipeline compatibility.
  • Coding for error handling and logging.
  • Significantly improved in PowerShell code quality - including UAT rejections and production problems - via detailed, structured testing and regression testing of releases.
  • Exposing attributes of system and user via many prepopulated variables.
  • Mindset to continuously template-ize functionality that will likely be needed repeatedly by other team members and in the greater organization.
  • Portfolio: PowerShell Template Development for Enterprise Desktop (with walkthrough video) http://darwinsanoy.com/portfolio.html#Portfolio_PSHDevelopment
Linux Bash Deployment Automation
Multiplatform DevOps Automation Coding for Linux & Windows
Escalation Troubleshooting and Automated Testing
  • Handle various AWS escalations including IAM permissions diagnosis and DNS.
  • In troubleshooting Windows application installation, packaging and operational problems I feel capable to tackle most integration problems.  I also feel confident to be able to identify and advise developers of violations of application and platform compliance and installer best practice.  I have also successfully pointed application developers to the API calls to look for in their code for problems that eventually require recompilation of their code.
  • Judge, Jury & Executioner bug hunting: [a] intercept trending tickets before support can do too much on them, [b] contact customer to help, [c] determine if problem can be handled with code changes, [d] if possible, code a fix while customer waits, [e] test fix on failing system, [f] apply fix to production with high certainty that the issue is fixed.
  • Created structured troubleshooting methodology.  See "CSI-Windows Black Box Structured Troubleshooting Method in portfolio visuals: http://www.darwinsanoy.com/visuals.html 
  • Troubleshooting applications using instrumentation including Process Monitor (Procmon.exe), Process Explorer (Procexp.exe) and Rohitab API Monitor and Nektra Spy Studio, Fusion logs.
  • Use of Debugging Rules from book "Debugging" by David Agans.
  • Detailed log analysis and correlation of all log types.
  • Creation of portable toolkit for system troubleshooting without having to perform tool installations.
Technical Writing
  • Detailed architectural documentation. 
    Examples    http://www.darwinsanoy.com/visuals.html
  • Detailed procedural documentation.
  • Technical briefs.
  • Detailed visuals - including progressive visuals in PowerPoint.
    Exampleshttp://www.darwinsanoy.com/visuals.html
  • In-depth Instructional Design including content selection, aggregation, sequencing, trenching and cognitive load management.  Innovative lab exercise layout and styles to support learner comprehension.
 
Conference Speaking
  • BriForum
    - [2015-July] Windows Application Deployment Automation Forecast: A DevOps Wind is Blowing
  • IT / DEV Connections (Windows IT Pro / Penton)
    - [2016-Sept] Binary Repos: Setting Up Your Own Private, Secured Chocolatey.org, Nuget.org, PowerShellGallery.com or hub.docker.com
  • [2015-Sept] Windows Application Deployment Automation Forecast: A DevOps Wind is Blowing
    - [2015-Sept] Championing PowerShell: Creating Experts at Your Company
  • European AppMangEvent (formerly "Packaging Event")
    - [2014] Office 365 Pro Plus Deployment In the Enterprise, Portfoliohttp://elearning.csi-windows.com/courses/AppManagEvent2014
    - [2014] Templating PowerShell for the Enterprise Desktop, Portfoliohttp://elearning.csi-windows.com/courses/AppManagEvent2014
    - Previous Years: Packaging Skills for 2012 and Beyond, Scripting and Application Management on Windows 64-bit, Managing Windows 8 Metro Apps, PowerShell For Packagers Recipes, SCCM 2012 Migration Challenges for Packagers
  • Microsoft Management Summit
    Securing  Packages When Users Have Admin Rights, Windows Installer Security and Policies, Mitigating Roadblocks for Deployment MSI Packages to Windows 7, What's New In Windows Installer for Windows 7 and What You Should Do About It, Windows 7 - Gaining More Control Over Windows Installer Packaging Infrastructure
Publishing & Blogging
Classroom Course Creation & Delivery
Designed, built and delivered the following courses with full courseware and labs:
 
Windows Application Internals & Integration
  • Having written books and courses and solved many problems with Windows application internals, I feel very confident in tackling tough integration problems.
  • Detailed understanding of 32 and 64-bit issues on Windows (an unexpected source of many challenges for admins).
  • Windows registry and file system.
  • Configuration of UAC elevation via manifesting, shimming, shortcuts, environment variables, reg hacks.
  • Application compatibility toolkit - including passing exam, configuring, detecting shimming and debug logging shims.
  • Competent with advanced monitoring tools Process Monitor (procmon.exe), Process Explorer (procexp.exe) and Rohitab API Montior to test, debug and profile applications and installers.
  • Win32 / XP Application internals including: security tokens, DLL Loading, logon sessions, tracking COM operations, processes, .LOCAL Isolation.
  • Window 7 technologies that affect application installation and operation including User Account Control (UAC), Windows Resource Protection (WRP), User Interface Privilege Isolation (UIPI), IE Protected Mode.
  • Comprehensive Technical Guide to Windows 7 Elevation.
  • Set of over 30 Procmon Filters For Analyzing Installers.