Aaron Goldsmith

Managed the team operating the Cash App Kubernetes compute platform and cloud infrastructure.

• Worked closely with internal teams to maintain PCI and SOX platform compliance.
• Established a cross company Kubernetes platforms sync with the intent of identifying shared problems that could be tackled together regardless of organizational silos.
• Team executed a major platform shift to multiple Kubernetes clusters that required multiple quarters of planning and focus.

Managed a product engineering team who launched Kubecost Cloud, a tech writer, and an infrastructure team.

• Operated the infrastructure that scaled through the Kubecost Cloud soft launch, beta launch, and general availability while keeping costs below $1k per month.
• Managed small engineering team of 4 through building, operating, and launching the Kubecost Cloud product.
• Integrated our tech writer into engineering practices and worked to connect them with the product engineering release cadences for both the Cloud and Self-Hosted products.
• Helped the company achieve SOC2 Type 2 through establishing company policies, bringing in a compliance monitoring platform, collecting auditor necessary evidence, and handling nearly all project management along the way.

Member of team maintaining and operating company’s deployment systems.

2019 - 2021: individual contributor and tech lead

• Maintain datacenter uptime, reliability, and compliance through tooling improvements and server management.
• Created a standards based Kubernetes deployment platform by founding and leading a team of volunteers to replace our legacy, proprietary deployment platform.

2021 - 2022: engineering manager

• Took the Kubernetes platform generally available for all engineers to deploy their services in a secure by default environment.
• Designed the Kubernetes clusters for PCI and SOX compliance, achieving both by aiding with documentation, evidence collection, and participating in interviews with auditors.
• Doubled team from 7 to 14 engineers, establishing squads to reduce surface area per engineers, including a squad building a new continuous deployment platform that targeted both Lambda and Kubernetes deployments.
• Organized and led multiple gameday activities focused on partnering with the security incident response team and our Kubernetes platform.
• Helped establish the DevOps hiring process as a fork from the standard software engineering interviews.

Member of team managing Kubernetes clusters across multiple regions.

• Monitored and maintained multiple Kubernetes clusters, differentiating SLAs between development and production environments.
• Built in zero downtime deployments for cluster level updates and upgrades.
• Built self-service portal to improve eng credentialing process.
• Trained teams on moving services and applications into Kubernetes using workshops, documentation, office hours, and one-on-one mentorship.
• Automated the infrastructure as code that managed the Kubernetes clusters and requisite AWS resources with a CI/CD solution.
• Unified the platform engineering development environment with a single toolset in a shared Docker container.

Member of platform team for the company’s public website.

• Architected proxy layer to facilitate platform switch from legacy systems.
• Managed AWS footprint for greenfield projects and switched team to doing infrastructure as code (AWS CloudFormation).
• Introduced security-minded system configuration, including enhancing visibility by bringing in an external vendor to audit AWS configs.
• Ran a security workshop to show how a single weak link can compromise an organization (github.com/ausmith/poormans-labyrinth).
• Spoke internally about what we learned moving off a legacy platform.
• Mentored others on general coding best practices and Ruby specifics.
• Automated the setup of engineer development environments to reduce spin up time for new engineers.
• Managed relationships with multiple vendors and encouraged collaboration between organizations.

Member of team managing primary Ruby on Rails application.

• Maintained, updated, and upgraded applications to fulfill customer needs.
• Contributed to upgrading Rails projects from 3.X to Rails 4.X.
• Closely collaborated with quality assurance and product management.
• Rebuilt internal Jenkins build box via Puppet while upgrading from CentOS 5 to CentOS 6.

Member of an internal services and platform team that helped research and other engineering groups.

• Managed and maintained field data for data scientists to process.
• Handled all infrastructure between threat analysts and the knowledge delivery to systems in the field.
  • Command line tools for annotating threat knowledge.
  • Application with business logic for converting research data to product consumable format.
  • Delivery engine of knowledge base updates for devices in the field.
• Stored information about files collected by systems in the field, managed infrastructure to analyze those files, and delivered results via an API.