Sergey's resume

Summary

Productive at being a tech lead or a team lead. Comfortable with high uncertainty. Work ethos.

Has broad knowledge of modern backend technologies and people. Has deep understanding of leadership, architecture, distributed systems, high performance, and cybersecurity.

Contact info

Telegram: @neexee, e-mail: [email protected].

Experience

Since 2024 – Positive Technologies. Team lead. Expert Security Center, Threat Intelligence projects. Team size: 4.

Doing everything a competent team lead should do.

2021 - 2024 – Positive Technologies. Lead programmer. Cybersecurity field, Threat Analyzer and Feeds products. Team size: 36.

Built a communication bridge between development team and cybersecurity experts team.
Set technical goals for two teams (backend and security experts). Decomposed and reviewed most of the backend tasks for two teams (not at the same time, that would be too much).
Bootstrapped a new product: https://cybsi.cloud/. Wrote implementation foundation, organized research, established workflows, wrote most of the documentation, bootstrapped deployment, bootstrapped SDK for the product. Orchestrated first release. Helped other teams to integrate with the product.
Designed Threat Analyzer API allowing to extend system’s functionality using plugins.
Established structure and workflows for Threat Analyzer SDK. Developed reference plugins using the SDK. Gave the plugins and SDK to integrations team and maintained quality standards for plugins developed by them.
Conducted interviews and onboarded people. Mentored developers of all levels.
Gave a lecture on software architecture for system analysis school organized by the company. Co-authored (with a mentee) an article about Go’s context package (this is one of the most upvoted articles in public blog of the company in 2023). Gave talks in internal Go meetups. Co-created a GitHub organization for open-source developments of the team.
Tools: Communication, Confluence, Youtrack, DDD, Go, Python, Kubernetes, ClickHouse, PostgreSQL, Redis, MongoDB.

2020 - 2021 – Huawei Cloud. Principal engineer. Cybersecurity field, automating security workflows inside the cloud. Team size: 7.

First engineer on a team. Hired the rest of the team.
Established development workflows and rules.
Represented the team in demos, integrations, and roadmap negotiations with Chinese customers and teams.
Learned and documented tools and processes of Chinese colleagues.
Gathered requirements to SOAR from zero, developed domain model. My explanation of what SOAR is.
Architected SOAR for internal (Huawei security operations center) and external (cloud customers) users.
Deployed Kubernetes cluster for the team (using Kubespray). Connected it to Gitlab CI.
Built SOAR playbook subsystem consisting of several microservices.
Tools: DDD, Java, Spring + Spring Boot, Spock, REST, OpenAPI/AsyncAPI, Kubernetes, Gitlab CI, Helm, Jib, Openwhisk, Flowable (BPMN engine), PostgreSQL, Apache Kafka, ANTLR.

2019 – 2020 – Positive Technologies. Senior programmer. Cybersecurity field, threat intelligence platform. Team size: 15.

Integrated third-party threat intelligence feeds.
Fixed a huge chunk of technical debt. Increased write/read throughput by two orders of magnitude.
Helped the team to release the platform on schedule.
Tools: DDD, Go, REST, go-chi, Python 3, pytest, Ansible, docker-compose, MinIO, PostgreSQL.

2017 – 2020 – Novosibirsk State University. Assistant professor, invited expert.

Taught 4 separate courses on some of favourite subjects:
- operating systems
- parallel programming
- computing history
- information security

2015 – 2019 – 2GIS. Senior programmer. The company does web and mobile applications with directory, map and navigator. Worked on various mission-critical backend projects used by a dozen of other teams. Team size: 10.

Maintained a content delivery network. It was serving petabytes of map data to 20 millions of users. Automated operator workflow so updated maps could be delivered in one click daily. The updates were monthly before that. Improved Python code quality and performance by orders of magnitude. The service could publish maps of the whole planet to users for a week, the run time was brought to just two hours.
Built a fault-tolerant cross datacenter pipeline based on Apache Kafka. The service delivers application usage statistics from users, deduplicates messages and marks fraud. It is used by all applications produced by the company and handles 3k+ RPS. The service was a replacement for an old single datacenter ZeroMQ-based service. Made the transition seamless for consumers. Wrote service SLA and got approvals from stakeholders. This saved us months of possible work because we discovered that we don’t need too many nines.
Maintained a search service. It was handling search requests from users of web application of the company. Designed a v2 API of the service to replace Apache Thrift-based API contracts. Improved service availability. Allowed the service to reload configuration (it was heavy search indexes) without disrupting user requests.
Maintained multiple services performing collection and filtering information about traffic speed in cities. The information was used by navigation team to detect traffic jams, compute optimal routes, and so on.
Brought a new life to a dying Python-based geopositioning service (you give IP or Wi-Fi access point name, it returns longitude and latitude). It was slow, hard to scale, and fault intolerant. Rewrote and stabilized it using asyncio. As the load increased with years, rewrote it in Go. Handled 2k+ RPS on medium-sized VM.
Improved observability of the systems above by various means like synthetic testing of production. Run a fleet of user simulators in different geographical locations.
Created and executed several long-term team roadmaps. Decomposed, estimated and prioritized hundreds of tasks. Actively participated in sprint planning and process improvement. Coordinated cross-team feature development.
Tools: Python 3, aiohttp, Falcon, mypy, pytest, SQLAlchemy, SQLite, Go, C++14, rdkafka, RapidJSON, Scala, ScalaTest, Vue.js, Apache Kafka, ZeroMQ, Apache Thrift, MongoDB, Redis, Tarantool, Zookeeper, PostgreSQL, ClickHouse, ElasticSearch, syslog, apt, LXD, Docker, Ansible, Jenkins, Grafana, Zabbix.

Education

2009 – 2015. Novosibirsk State University. Master’s degree in Information Technology. Specialized in parallel computing and systems programming.

Main skills and interests

Learning. Lifelong learner. There’s a bookshelf.
Distributed systems. Defended a master’s thesis on this topic. Appreciates the motto “Reliability, Maintainability, Scalability!”. Can explain what’s happening in tcpdump + wireshark, Zookeeper and WALs.
Information security. Hard to summarize in one sentence as the field is very diverse. Let’s say “put more than 10000 hours into learning and practicing it”.
Python. 10 years of experience, daily use for 5 years. Can explain and use import this. Contributed to mypy. Developed a couple of open-source SDKs.
Go. 6 years of experience, daily use for 3.5 years. Wrote a dozen of services from scratch, rewrote a couple of Python services in Go (it was very satisfying). Supported huge monolithic services and bootstrapped some microservices. Wrote a couple of blog posts about Go, for example, a guide to structured logging in Go and a guide on error handling.
Architecture. A proponent of Clean architecture and domain-driven development. Knows how to use them in practice. Understands how to model complex domains. Wrote public articles on architecture.
Documentation. Knows how to document architecture, APIs, SLAs, postmortems, tutorials and so on.
Communication. Knows how to find real problems in generic complaints. Knows common cognitive biases. Knows how to lead and be led. Understands that programming is not just about writing code. Loves connecting testers, developers and analysts. Understands how to motivate people and how to form a team from a group of people. Loves sharing experience, has a Telegram channel.

Wants

Working with people better than him. Domain experts are particularly welcome.
Productivity tools. Modern CI/CD or green light to build one. Modern tools for storing non-code artifacts (documentation, tasks, test cases and so on).
Environment where people are motivated to help each other. Company-wide atmosphere of openness.
Distributed systems under load. A connection with security field is a plus.
Opportunities for growth for everybody on a team.