Andrew Flury

📍 Pacifica, CA, USA ∙ ✉️ [email protected] ∙ 📞 650-515-6072 ∙ 📆 Meet ∙ 🤝 LinkedIn

Summary

Software engineer with over 25 years of expertise in the areas of networking, security, and infrastructure.

Experience

Principal Software Engineer - Memyard 📂 Apr 2024 - present

Memyard is an early-stage startup building a social document intelligence platform integrating Google Drive and other services with LLMs to provide context-aware analytics. I'm currently the company's primary engineer, so my areas of responsibility span from infrastructure to front-end feature development.

• Built infrastructure on Vercel+GCP+Supabase with automated CI/CD using Github Actions and Terraform and monitoring with GCP+Sentry.
• Lead development of company pivot from a document update notifier to a document-focused social network.
• Built backend task management system on top of Python/Celery to handle user data ingestion.
• Wrote integrations for various 3rd-party data providers including Google Drive, Dropbox, MS OneDrive+Teams, Github, Linear, Salesforce, and others.
• Developed front-end features using TypeScript/React.

Staff Software Engineer - TRM Labs 💸 Nov 2022 - Apr 2024

TRM is a blockchain analytics company that works with cryptocurrency exchanges, government agencies, and other regulators to provide insights into illicit blockchain activity. My team, known internally as Network Intelligence, is responsible for gathering and analyzing data pertaining to blockchains' network interactions while correlating crypto wallets and transactions with networks, IP addresses, and people.

• Automated deployment of blockchain node software, including Bitcoin, Ethereum (geth/lighthouse), Monero, and others.
• Modified various blockchain software to capture and report network activity and ingest that data into TRM's systems for further research and/or inclusion in our products.
• Added product features that provide insights into IP addresses, including geolocation, network providers, and classifications.

Principal Software Engineer - Agari / Fortra 📧 Sep 2009 – Mar 2022

Agari is an email security company focused on preventing spoofing attacks. We were one of the creators and early proponents of the DMARC (https://dmarc.org) email authentication and reporting standard and provide related SaaS security offerings. I was Agari's first employee and was deeply involved in most facets of engineering, from initial proofs of concepts to production operations and on-call support. The company was acquired by HelpSystems (now Fortra) in 2021.

Agari's Customer Protect product helps senders protect their domains using DMARC, instructing mailbox providers such as Gmail/Microsoft/Yahoo to provide data about email sent on behalf of customer domains, and to enforce customer policies to block messages failing authentication.

• Wrote system to aggregate email statistics (XML data sent as email attachments) from email receivers.
• Implemented ingest of real-time messages failing authentication.
• Created reports giving insights into what IP addresses etc. sent how many emails, plus authentication-related metadata.
• Built hosted DMARC/SPF/DKIM system with custom DNS-based backend.
• Built/managed initial infrastructure and drove migration from on-premises to AWS.
• Authored open-source Ruby SPF client https://github.com/agaridata/spf-ruby

Enterprise Protect is Agari's inbound security product. Originally designed to provide similar telemetry into companies' inbound email as Customer Protect does for domains' outbound email, it became a more general email security offering focused on detecting and mitigating abnormal traffic patterns.

• Developed "sensors" - SMTP sinkholes to collect data from messages split from a customer's primary mail stream and report that data to Agari.
• Wrote systems to ingest data into multiple data stores: Postgres, Elasticsearch, etc.
• Implemented system to block messages after processing by moving/deleting them via mailbox provider APIs.
• Integrated 3rd-party URL and attachment scanning engines.
• Developed tertiary "Incident Response" service for post-breach incident mitigation, largely built on top of the Enterprise Protect service.

Member of Technical Staff - Topsy Labs 🔍 Apr 2007 - Jul 2009

Topsy was a search engine startup focused on searching sentiment on streams of social data (read: Twitter). I was responsible for building the company's early product infrastructure. During my time at the company, we went from running the service under a desk to running a datacenter with dozens of racks of servers. Topsy was acquired by Apple in 2013.

• Procured datacenter space/power/bandwidth.
• Responsible for physical datacenter installation and maintenance.
• Set up system installation (CentOS/Kickstart), monitoring & alerting (Nagios), configuration management (Puppet).

Senior Software Engineer - IronPort Systems 🔐 Jul 2002 - Mar 2007

IronPort was a leading provider of enterprise email and web security appliances and services. It was acquired by Cisco in 2007. When I joined the company in 2002 as a software engineer, the company's primary product was a high-volume outbound email gateway appliance. Shortly thereafter, they changed directions toward inbound email security, and the team I started was responsible for developing and running security-related services.

• Developed the Bonded Sender Program (initial engineer), which was an email whitelisting service aimed at allowing senders to bypass anti-spam filters by posting a financial bond as collateral. The service was adopted by Microsoft and popular open-source anti-spam software. This created a lot of DNS traffic that provided telemetry data for other projects.
• Developed first versions of SenderBase (now part of Cisco Talos) which provides information on email senders and recipients on the internet, based on IP addresses, sending domains, and registrar data, using telemetry gathered by other services and later IronPort's appliances. This included writing a custom DNS server and a DNS-based API to feed global traffic data back to appliances for display in their UIs and for grouping traffic by network owner.
• SBRS (SenderBase Reputation Service) (first of two engineers): Created a "badness" score for a given IP address, based on data above plus third-party sources (SBL/SpamCop/other RBLs) and statistics reported by appliances.
• Virus Outbreak Filters / Threat Operations Center (initial/lead engineer): Early warning system for virus outbreaks based on simple patterns (such as filenames/extensions, file size ranges, content hashes, etc.). Helped develop components spanning from on-appliance enforcement code to threat operation center tools.
• SenderBase Network Participation (initial/lead engineer): Mechanism by which appliances "phone home" to send telemetry/diagnostic data. Wrote both the appliance and hosted portions.

Systems / Software Engineer - Zembu Labs 🌐 Apr 2001 - Nov 2002

Zembu was an internet infrastructure startup aimed at developing a globally distributed network of application/database servers that would push more dynamic data closer to the user via home-grown distributed database technology. As a systems/software engineer, my area of focus was writing software to manage the underlying systems in "pods", or small clusters, of servers.

• Wrote software to manage ethernet switches, load balancers, remote power controllers, and serial terminal servers (each "pod" contained at least one of each).
• Wrote software to set up boot/install servers to install/configure OS (RedHat & Solaris), packages, and our applications.
• Physically installed (and later uninstalled) pods in 3rd-party datacenters around the world.
• Ran internal IT during the earlier stages of the company.

Network Engineer - NASA/Ames Research Center 🚀 Jul 1997 - Apr 2001

I joined NASA/Ames as an intern in 1997 to work at their NAS (NASA Advanced Supercomputing) facility. Responsible for building and maintaining networks supporting high-performance computing used for computational fluid dynamics and other scientific applications. Was hired full-time after completing a one-year internship.

• Rebuilt network from 10BaseT hub-based infrastructure (plus FDDI, HiPPI, other esoteric HPC network technologies) to "modern" gigabit Ethernet switching.
• Wrote web app to manage network equipment inventory, software to manage SSH host keys, and other small automation projects.
• Ported netperf utility to Cray Unicos. It used a non-portable binary protocol to negotiate tests, which broke when running between different architectures.
• Led and participated in team training as an intern.

Skills

• Programming Languages: Python, Ruby, Perl, bash, some JavaScript/TypeScript, C/C++
• Services:
  • AWS: EC2, S3, RDS, EKS, Kinesis, SQS
  • GCP: GCE, GCS, CloudSQL, GKE, Cloud Run, BigQuery, Composer (Airflow)
  • GitHub, Cloudflare, Vercel, Terraform Cloud
• Frameworks: Flask, Celery, Django, Rails, NextJS
• Operating Systems: Linux (Debian/Ubuntu, RedHat/CentOS, SLS/Slackware, etc.), {Free,Net,Open}BSD
• Networks: TCP/IP, DNS, SMTP, email authentication (SPF, DKIM, DMARC), DHCP, Ethernet, general networking technologies
• Software: Terraform, Ansible, Kubernetes, Docker, PostgreSQL, Supabase, MySQL, Apache httpd/nginx/lighttpd, BIND, Postfix, most common Unix stuff.

Education

High school education included some college-level curriculum, and college coursework continued through early career (did not earn a degree - hacking on supercomputers at NASA seemed like more fun).

• De Anza College: Computer Science 1996 - 2000
• West Valley College: Business, Computer Science 1995 - 1997