Alex Ionescu
Lead DevSecOps Engineer
- hello@alexionescu.net
- www.alexionescu.net
- Austin, TX
Hello! Welcome to my place on the web! 👋 I am a DevSecOps engineer, with a passionate enthusiasm for the intersection of cybersecurity and the cloud. My expertise lies in integrating security into every stage of the development livecycle while also ensuring scalability and reducing development friction.
Work Experience
Lead DevSecOps Engineer
- Automated provisioning of cloud infrastructure with Terraform and ArgoCD to support Kubernetes workloads which greatly improved development velocity for Praetorian’s Chariot product.
- Improved security in the cluster using an Istio service mesh utilizing mTLS for pod-to-pod communication.
- Deployed Open Policy Agent (OPA) to secure the external API of Chariot using a multi-tenant RBAC model.
- Developed dashboards using Prometheus and Grafana to visualize stability of the Chariot platform, along with collecting security relevant metrics.
- Implemented an efficient serverless SIEM using GCP Cloud Functions, BigQuery, and Pub/Sub. Presented at Austin’s local DFIR group.
- Assisted IT team with completion of first SOC2 Type II certification for Praetorian.
- Deployed zero touch deployment of end-user workstations, providing seamless access to essential applications, while efficiently supporting end-user equipment during a period of extraordinary growth exceeding 100% throughout the challenges posed by COVID-19.
Lead Security Engineer
- Collaboratively executed purple team assessments with clients to improve their mean time to detection (MTTD) of various threat actors using the MITRE ATT&CK Framework.
- Led and successfully executed multiple NIST assessments for large clients with diverse subsidiaries, ensuring adherence to industry-leading security standards and regulatory compliance.
- Performed offensive penetration tests and vulnerability assessments for Fortune 1000 companies.
Senior Security Engineer
- Performed IoT security assessments against smart devices and medical devices.
- Mentored junior staff on conducing commodity internal and external security assements for clients.
Security Engineer Intern
- Executed social engineering phishing campaigns for user awareness training.
- Collaborated with colleagues for development of a streamlined internal reporting system.
Verification Enablement Engineer
- Wrote verification templates for compliance testing using a random architectural verification engine (RAVEN) for a variable vector length SIMD ISA.
- Benchmarked templates against architectural coverage to verify correctness.
- Developed directed tests which stressed the ISA using tables of interesting numbers.
Software Engineering Intern
- Backported new features to a Windows kernel driver.
- Implemented direct memory access functionality to improve performance.
- Interacted with the hardware team to verify the correct timing of the driver.
Software Development Intern
- Coded a web application in ASP.NET MVC3, and JavaScript to execute scripts on remote linux machines.
- Developed an algorithm to filter invalid data for an application which reported the statistical probability that a driver would speed on a certain street
- Interfaced a Raspberry Pi to stress test the tracking units.
Open Source
GitHub
- hashicorp/vault - Adds support for custom EKU OIDs on the PKI Engine.
- emissary-ingress/emissary - Fix diagnostics service to output logs at the correct severity level for GCP.
- okta/okta-management-openapi-sec - Fixed OpenAPI spec of endpoint in Okta API that was inconsistent with documentation.
- typpo/textbelt - Adds support to retrieve supported set of carriers.