blackroad-os/alexa-amundson-resume
9
0
Fork 0
mirror of https://github.com/blackboxprogramming/alexa-amundson-resume.git synced 2026-03-18 04:34:12 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
e5d83b37a8f4143ac93338cc7a23ed9894396f60
alexa-amundson-resume/roles/14-security-engineer.md
Alexa Amundson 292fa97a8e kpi: auto-update metrics 2026-03-13 
RoadChain-SHA2048: 9f948f149bd9f508
RoadChain-Identity: alexa@sovereign
RoadChain-Full: 9f948f149bd9f508d25792c617d1c4049cf814c3acbb3181886684f1d89e2ab84fdb0364ce227ef1c03c0b59335e5d1aad9434f983ad375d50eca597e7daea8f9bb2a3e40116fa13de0453865ff2665fb759fc63204fe222360becc3b8c447fb1fbe7e10a440e8107745b57c643682cb2e4f7cffbb9c8c0e1bc5b03623fcbd41d0ab39740c02f148d5309591013f3d65810692706da448cf7e04b4368ef3738898fcc0f2414377cf1ff1f5897a27cfd96289c1f1875a3a93ec732453686f07621952135ae7df10cce155ebc206d3d3a3a9931fc7683d635c74b67d080fc170a8b8238a9eda91ba9193aaeb17737276b9140330cf622d656efdb3e968f46d1a24
2026-03-13 01:07:28 -05:00

72 lines
2.6 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Alexa Amundson
**Security Engineer**
amundsonalexa@gmail.com | [github.com/blackboxprogramming](https://github.com/blackboxprogramming)
---
## Summary
Security engineer who identified and remediated malware, credential leaks, and misconfigurations across a 7-node distributed fleet. Implements zero-trust networking via Cloudflare tunnels, WireGuard encryption, firewall policies, and credential management across 256 managed services.
---
## Experience
### BlackRoad OS | Founder & Security Lead | 2025Present
**Incident Response**
- Discovered and removed obfuscated cron dropper executing from /tmp/op.py (Cecilia)
- Identified leaked GitHub PAT (gho_Gfu...) in Lucidia service file, initiated rotation
- Found and investigated xmrig crypto miner service configuration on Lucidia
- Migrated credentials from plaintext crontabs to secured env files (chmod 600) fleet-wide
**Network Security**
- Zero-trust architecture: all external access through 4 Cloudflare tunnels (no exposed ports)
- WireGuard encryption for all inter-node communication (10.8.0.x mesh)
- UFW firewall with INPUT DROP policy on edge nodes
- Tailscale ACLs for management access (9 peers)
**Access Management**
- SSH key audit: identified 50+ keys on Alice and Octavia requiring cleanup
- NOPASSWD sudo policies documented across all nodes
- Identified 3 Tailscale ghost nodes (offline 15+ days) for decommissioning
- Per-user cron job audit across all fleet nodes
**Infrastructure Hardening**
- Disabled 16 unused skeleton microservices (freed 800 MB RAM, reduced attack surface)
- Masked crash-looping services (rpi-connect-wayvnc) to prevent service abuse
- Removed overclock settings causing instability
- Secured GitHub relay credentials in ~/.github-relay.env (chmod 600)
**Monitoring & Detection**
- Self-healing autonomy scripts detecting and restarting failed services
- 12 failed systemd units tracked and investigated daily
- Fleet-wide power monitoring detecting anomalous CPU usage
- Daily KPI collection tracking security-relevant metrics
---
## Technical Skills
**Security:** Incident response, credential management, malware removal, hardening
**Networking:** WireGuard, Cloudflare Tunnels (zero-trust), UFW, nftables, Tailscale
**Linux:** systemd, SSH, file permissions, audit, service isolation
**Monitoring:** Custom KPI system, anomaly detection, SSH probes
**Tools:** Bash (212 CLI tools), Python, GitHub CLI
---
## Metrics
| Metric | Value |
|--------|-------|
| Incidents remediated | 5+ |
| Services managed | 256 |
| Firewall policies | UFW + nftables |
| VPN tunnels | 4 CF + 7 WG |
| Services disabled | 16+ |
| Credentials rotated | 4+ |
| Fleet nodes secured | 7 |
Reference in New Issue View Git Blame Copy Permalink