blackroad-os/alexa-amundson-resume
9
0
Fork 0
mirror of https://github.com/blackboxprogramming/alexa-amundson-resume.git synced 2026-03-18 05:34:08 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
e5d83b37a8f4143ac93338cc7a23ed9894396f60
alexa-amundson-resume/roles/14-security-engineer.md
Alexa Amundson 292fa97a8e kpi: auto-update metrics 2026-03-13 
RoadChain-SHA2048: 9f948f149bd9f508
RoadChain-Identity: alexa@sovereign
RoadChain-Full: 9f948f149bd9f508d25792c617d1c4049cf814c3acbb3181886684f1d89e2ab84fdb0364ce227ef1c03c0b59335e5d1aad9434f983ad375d50eca597e7daea8f9bb2a3e40116fa13de0453865ff2665fb759fc63204fe222360becc3b8c447fb1fbe7e10a440e8107745b57c643682cb2e4f7cffbb9c8c0e1bc5b03623fcbd41d0ab39740c02f148d5309591013f3d65810692706da448cf7e04b4368ef3738898fcc0f2414377cf1ff1f5897a27cfd96289c1f1875a3a93ec732453686f07621952135ae7df10cce155ebc206d3d3a3a9931fc7683d635c74b67d080fc170a8b8238a9eda91ba9193aaeb17737276b9140330cf622d656efdb3e968f46d1a24
2026-03-13 01:07:28 -05:00

2.6 KiB
Raw Blame History

Alexa Amundson

Security Engineer

amundsonalexa@gmail.com | github.com/blackboxprogramming

Summary

Security engineer who identified and remediated malware, credential leaks, and misconfigurations across a 7-node distributed fleet. Implements zero-trust networking via Cloudflare tunnels, WireGuard encryption, firewall policies, and credential management across 256 managed services.

Experience

BlackRoad OS | Founder & Security Lead | 2025Present

Incident Response

  • Discovered and removed obfuscated cron dropper executing from /tmp/op.py (Cecilia)
  • Identified leaked GitHub PAT (gho_Gfu...) in Lucidia service file, initiated rotation
  • Found and investigated xmrig crypto miner service configuration on Lucidia
  • Migrated credentials from plaintext crontabs to secured env files (chmod 600) fleet-wide

Network Security

  • Zero-trust architecture: all external access through 4 Cloudflare tunnels (no exposed ports)
  • WireGuard encryption for all inter-node communication (10.8.0.x mesh)
  • UFW firewall with INPUT DROP policy on edge nodes
  • Tailscale ACLs for management access (9 peers)

Access Management

  • SSH key audit: identified 50+ keys on Alice and Octavia requiring cleanup
  • NOPASSWD sudo policies documented across all nodes
  • Identified 3 Tailscale ghost nodes (offline 15+ days) for decommissioning
  • Per-user cron job audit across all fleet nodes

Infrastructure Hardening

  • Disabled 16 unused skeleton microservices (freed 800 MB RAM, reduced attack surface)
  • Masked crash-looping services (rpi-connect-wayvnc) to prevent service abuse
  • Removed overclock settings causing instability
  • Secured GitHub relay credentials in ~/.github-relay.env (chmod 600)

Monitoring & Detection

  • Self-healing autonomy scripts detecting and restarting failed services
  • 12 failed systemd units tracked and investigated daily
  • Fleet-wide power monitoring detecting anomalous CPU usage
  • Daily KPI collection tracking security-relevant metrics

Technical Skills

Security: Incident response, credential management, malware removal, hardening Networking: WireGuard, Cloudflare Tunnels (zero-trust), UFW, nftables, Tailscale Linux: systemd, SSH, file permissions, audit, service isolation Monitoring: Custom KPI system, anomaly detection, SSH probes Tools: Bash (212 CLI tools), Python, GitHub CLI

Metrics

Metric Value
Incidents remediated 5+
Services managed 256
Firewall policies UFW + nftables
VPN tunnels 4 CF + 7 WG
Services disabled 16+
Credentials rotated 4+
Fleet nodes secured 7
Reference in New Issue View Git Blame Copy Permalink