About

Here’s me in a nutshell…

Summary

John loves tech, his wife and his children… not necessarily in that order. He’s a military brat that started life in Germany, moved all around the United States as a kid, and settled down in eastern Washington (state).

My work life as mostly focused on information technology in higher education. I have done almost it all, but have most recently focused on identity and access management and DevOps and containerization.

Work History

Yale University (August 2021-Current)

IAM Architect
Summary: Providing a vision for the future of IAM at Yale University
Highlights:

Expanding †he footprint of key services to both on-prem and cloud for high availability to a global community
Supporting Apereo CAS, Shibboleth IdP, Microsoft Entra ID (formerly Azure Active Directory), Internet2 Grouper, and SailPoint Identity IQ
Modernizing our devops practices
Encouraging individual and teams to make good IAM-related decisions

University of California, Berkeley (July 2019-Aug 2021)

IAM Application Developer
Summary: Focused on directory (LDAP) data aalysis and clean-up; Vue.js/Java Development
Highlights:

Developing a replacement CalNet Directory Update application using Vue.js, Java, and Spring Boot.
Removing 100+ directory schema attributes
Identifying and fixing various data integrity issues with the CalNet directory data.
Any thing else asked of me.

Unicon, Inc (December 2013-July 2019)

IAM/DevOps Architect/Consultant
Summary: Installs and supports CAS, Shibboleth, and Grouper; trains and consults on Docker and DevOps
Highlights:

Implemented the TIER Grouper Docker image
Architected the functional side of a hosted/SaaS-like Shibboleth IdP service.
Deployed Apereo CAS server using the JDBC, Hazelcast, and Ehcache Ticket Registries; JSON and JDBC Services Registry; ClearPass & LPPE
Developed a Google Groups provisioner for Internet2 Grouper.
Developed a 2 day training course on Docker, Docker Swarm, and Jenkins
Office 365 integration directly with the Shibboleth IdP.
Office 365 integration with ADFS and ADFS integrated with Shibboleth IdP.

Eastern Washington University (November 2000-December 2013)

IT Specialist 5 (formerly 1, 3, 4)
Summary: Various duties ranging from report writing to Banner & pl/sql development/consulting to Active Directory Administration
Highlights:

Managed various team of developers, web server administrators, and database administrators.
Lead initiative to cluster application servers to provide highly available web applications.
Automated the account provisioning for ~200K user accounts and groups.
Led the charge on Single Sign-On (SSO), which had more than 70 client applications when I left.
Integrated Jasig’s CAS and Microsoft’s ADFS v2.0 to form a single SSO environment.
Implemented Eduroam using Microsoft NPS.
Managed the university’s enrollment in InCommon.
Developed web frontend (ASP.NET-based) to allow dept heads to manage shared departmental storage (folder creation, permission assignments)
Self Service Banner (SSB), Internet Native Banner (INB), Banner Workflow, and Luminis 5 administrator

Education & Certifications

Bachelor of Computer Science, Eastern Washington University (June 2002)
Docker Certified Associate (October 2018)
Amateur Radio License (June )

Skills/Technology

I have experience in the following generic catagories:

IAM protocols: CAS, SAML, OIDC
Languages: C#, Java, JavaScript, PHP, pl/sql, PowerShell, Python, VB.NET
Operating Systems: Windows, OS X, Linux
Containers & Orchestrations: Docker, Docker Swarm, Kubernetes
Cloud Providers: Amazon Web Services (API Gateway, DynamoDB, ECS, EKS, Lambda, SNS, SQS), Digital Ocean, Google Cloud Platform (Container Registry, Kubernetes Engine, Load Balancer), Microsoft Azure (Azure AD)

I have experience with the following “vendor” groupings:

Apache: httpd administration, JMeter script development, Tomcat administration
Apereo: CAS Server administration, contributor, and development
Cisco: IP Phone Services development
Ellucian: Banner Enterprise Identity Services administration, Luminis Server administration, Self-Service Banner administration and development
Docker: Docker Engine administration, Docker image development, Docker Swarm administration
Internet2: Grouper development and administration
Microsoft: Active Directory (AD) administration, Active Directory Federation Services (ADFS) administration, ASP.NET development, IIS administration, Identity Lifecycle Manager (ILM) administration and development, Network Policy Server (NPS) administration, SharePoint administration, SQL Server administration, Windows Server administration
Oracle: mod_plsql development, WebLogic Server/Fusion Middleware administration, basic Oracle database administration
Shibboleth Consortium: Shibboleth IdP administration and development, SP administration
Uninett: SimpleSAMLphp administration and development
Misc Stuff: Ansible management, Fluentd management, GnuPG, Jenkins administration, JQuery, Log4j/Logback, X.509 certificates

Pet Projects

avus framework - author
cas-server-support-wsfederation - initial developer

Hobbies

Development: Groovy, Python
Hardware: Android, Arduino, Raspberry Pi
Podcast: Security Now, Lets Talk BitCoin, Radio Free Mormon, Defensive Security, Mormon Discussions, DevOps Radio, .NET Rocks, Mobycast
Sports: Volleyball, Basketball, Tennis

Volunteer Work

The View Talent Agency LLC - IT support and website development
West Plains Arts Academy (501c3) - General IT consulting
Mormon Discussions Podcast Network (501c3) - General IT consulting

All Pages