Michael Sawyer

---

Project maintained by masstamike Hosted on GitHub Pages — Theme by mattgraham

Michael Sawyer

Email	masstamike@msawyer.io
Github	https://github.com/masstamike
Website	https://msawyer.io/
LinkedIn	https://www.linkedin.com/in/michaelasawyer/

Open Source Contributions

• lyft/python‑blessclient (Vault backend), hashicorp/vault (Okta MFA), fog‑aws, vagrant‑aws, jenkinsci/maven‑plugin

Skills

• Development: Go, Python, Node.js, Angular, Ruby, MongoDB, MySQL, PostgreSQL
• Deployment & Ops: Kubernetes, Helm, Terraform, Packer, AWS, GCP, MQTT, Vault, Consul, Temporal, HA, Geo‑aware, Zero‑downtime deployments
• Security: mTLS, x.509, PKI, JWT, threat modelling, WAF, WebAuthn, SSH
• Payments: Thales PayShield 10K (HSM) certified engineer, issuer working keys, EMV
• Networking: DD‑RTT, OpenVPN (tap/tun), WireGuard, DNS, DHCP, BeyondCorp (Zero‑Trust), Istio (service mesh)

Experience

Instacart – Staff Security Engineer

April 2023 – Present

• Product Security: bug bounty program, embedded gravitational/teleport agent for remote connectivity
• Fulfillment: released Passkey support for Shoppers app; privacy engineering; SQL performance optimization for millions of Sidekiq tasks; geo‑location privacy banners; third‑party DSAR integrations; unified data‑annotation framework; AI‑assisted temporal workflow; finite‑state machine for DSAR workflows

Marqeta – Staff Security Engineer

July 2019 – April 2023

• Cloud Native: owned & managed production Kubernetes clusters; containerized CI/CD; Helm chart packaging
• Transport Security: designed, implemented, & maintained mTLS connectivity and PKI for partners
• Payments: PCI PIN SR 18‑3 implementation, migration to TR‑31 key‑block format; Thales PayShield 10K certified engineer
• Low‑latency, high‑availability, single‑digit ms architecture

Byton North America – Senior Security Engineer

October 2018 – July 2019

• IoT: secured infrastructure from car gateway to cloud services; defined ECU vendor requirements
• Incident response: managed, secured, redeployed critical services; WAF deployment
• Cloud: managed Kubernetes clusters in Aliyun & GCP; Istio multi‑cluster service mesh

Veeva Systems – Security Engineer

June 2017 – October 2018

• Deployments: Certificate‑signing Lambda; IAM principals for corporate‑root‑CA certificates; data‑stream integration with incident‑response tools; Terraform/CloudFormation automation
• HashiCorp Vault: HA, automated DR, immutable infra; Packer & Terraform deployments; cross‑account role assumption for DNS changes
• Security design: BeyondCorp zero‑trust model for SSH/web access; championed Jira/Agile, OKRs

Veeva Systems – DevOps Engineer

March 2015 – June 2017

• Build infra: Jenkins, GitLab, Gerrit, Git hooks, Nexus, Jira
• Tools: web‑page version manager, SSH key access control page, AWS developer resource limiter
• Provisioning: Vagrant, Chef, Ansible, VirtualBox, AWS, SoftLayer

Hewlett‑Packard – Tools & Infrastructure Intern

May 2014 – December 2014

• Software‑defined networking, Agile development
• Build infra: Jenkins, Gerrit, SonarQube; scripting in Bash, Python, Ruby
• Projects: Confluence wiki updater, Jenkins‑Gerrit link, SonarQube properties generator

Education

CSU, Chico – B.S. in Computer Science, Minor in Mathematics
June 2010 – December 2014