Software Developer, Security Analyst, and public speaker looking for new opportunities.
© 2023. All rights reserved.
August 2017 - Present
Senior Manager, Global Developer Security
Responsible for evaluation, hiring, managing, and setting OKRs to achieve company wide objectives. James set direction and process for application security interaction and augmentation for 1,300+ products, solutions, and offerings. Leading a team responsible for Training, Selection and Implementation augmentation. developed and supervised the three day in-house application security training.
As the Senior Manager for Developer Security James was responsible for budgeting, evaluating, and executing the revitialization of the company DAST, and the launch of the IAST program.
James was responsible for ensuring that direct communications were handled about best practice through the release of Lesson Learned Documents and Community management. As a member of the Cyber Leadership team James worked in direct concert with the CISO to ensure that infromation directly related to the application security was correctly reported.
Global Developer Security Program Manager
As the Global Developer Security Program Manager, James has been responsible for both developer security as well as all aspects of application security. James lead a team of AppSec Engineers to launch inititives for container security, SAST, and DAST solutions. Acting as a subject matter expert in the area of Application Security perfroming audits for individuals groups, in a consulting perspective. Additionally acting as a subject matter expert and leading others in the process of threat modeling.
In addition to Running a 3 day training course targeted at teaching the fundamentals of Developer Security (2004 - 2021 OWASP Top 10 + Mobile Top 10 + SDLC + Threat Modeling), he was responsible for consulting with groups to find solutions to securing platforms and solutions.
Additionally as part of the role James was expected to participate as part of the technical team in responding to incidents that occured that included Application Security issues. Providing techincal guidance directly related to shipping products with direct business impact.
Developer / Security Engineer
While working with 10-4 James was responsible for performing security audits / penetration tests of the main Freight Portal Application as well as mobile applications. As part of the security team James helped to set the parameters of the external penetration test and helped to give context to some of the security related events.
Additionally, James was responsible for the scripting of building of the developer environments taking the install times from weeks to hours, allowing the faster onboarding of new developers.
Finally, James was responsible for active development against the application adding features that were requested by end users and making sure that the tasks were driven to completion. As a member of the development team James pushed for higher standards and improved patterns as well as defining structures for helping to revitialize an aging application.
June 2013 - July 2017 While with BlueBolt James wore many hats including Architect, IT Manager, Security Analyst, and Development lead for implementation of website and systems integration work. Customer implementations existed in the Association, eCommerce, Commercial Aviation, and Manufacturing verticals. On several occasions was responsible for leading development teams on several projects at the same time.
As the foundation part of the BlueBolt Security team, James was responsible for being the first line of defense in the event of a client needing a response to a security event. This expanded into the providing of services for verifying the security of applications for customers as well as within BlueBolt, when they decided to take on legacy work from other vendors. James was responsible for communicating with clients to accurately express security concerns, as well as provide meaningful help to understand surfaces and mitigation. Additionally the implementation of a service for helping customers stay ahead of security events by taking actions to reduce attack surfaces and ensure that servers were properly secured in an on going basis.
Work with BravoSquared included the creation (architecting and implementing) of two products, a content staging solution that was retired because of a combination of business and technical issues. As well as a tool for the rapid implementation of Search solutions for teams with large amounts of data.
November 2007 - June 2013
James McKee was selected for the role of development operations for the modification of the development process which had spanned a decade and included several dozen developers. Moving the team to a structured branching and merging pattern that would allow for multiple ongoing releases as well as development processes, eliminating a process that included the referencing of a spreadsheet to manually perform merges on a line by line basis. He was also responsible for implementing an build solution that centralized dependencies and made it clear to all members of the development team which releases were included with the build.
Duration: 2 months
James McKee was responsible for the architecture and implementation of backend services including security layers within a high volume, high monetary ecommerce platform for the sale of automobiles. He was one of two developers responsible for the architecting and implementation of the backed services. High points included the outpacing of the front end development team at a ratio of 4 UI developers to 1 backend developer.
Duration: 1 year
James McKee assisted in the implementation of a DSL to assist in the rejuvenation of applications that relied on data provided by AS/400 systems running Cobol. His responsibility was the generation of dynamic objects based on information from the database to produce serializable data that would then be passed to the AS/400 via binary serialization.
Duration: 4 months
With this project James McKee was responsible for the conversion of an outage mapping application, using GIS data and information provided by outage systems the goal was to redesign a system that would allow emergency personnel and government officials to make better decisions about the allocation of resources in times of need. Original project collapsed under 100,000 outages in a 15min block, resulting in several hours of time required to produce usable data. After the renovation of the application, it was capable of producing outage maps including 1.6 Million outages in a 15 min block, with no additional processing time.
Duration: 4 Months
With this project James McKee was selected for his skill working with the underlying CLR to assist with the debugging of an AS/400 emulator for the ASP.Net platform.
Duration: 3 Months
With this project James McKee was selected to act as the Team Foundation Server (TFS) Subject Matter Expert for the refactoring and reimplementation of a TFS from 2008 to the 2010 version of the software. Leaning on several year of knowledge of the server product, the immediate task was the refactoring of multiple applications into a common structure that would allow for the proper use of branching and merging strategies. This was later extended to the implementation of build tasks to maximize rewards from the practice of continuous integration. Tasks also included the training of personnel in the proper usage of the product so that the maximum information can be retrieved from the system.
Project Duration: 2 Months
James McKee was a member of the team responsible for late stage bug fix for a large application renewal project. During this project he was tasked with application clean up tasks to reduce complexity in the application as well as modification of code to emulate previous application infrastructure.
Duration: 4 Months
James McKee was a member of a team responsible for the implementation of Team Foundation Server for a new department to provide consolidated delivery of the organization’s internet properties. As a member of this team it was his responsibility to work with local admins to work through the build and deployment strategy for the installation of TFS. This role also included the documentation of the processes that were to be used for the installation in both development and production environments Since the client previously used cold fusion it was James’ responsibility to figure out the integration points of TFS 2010 with the Eclipse IDE. In many cases this included interacting with the client to discover issues in their integration, find the correct method to translate to the new environment, then document and educate the client.
Duration: 2 Months
James McKee was a member of a team responsible for producing a proof of concept statistical stream analysis (Complex Event Processing) software package. As a part of this project Mr. McKee was responsible for the code base surrounding the Microsoft StreamInsight implementation. Mr. McKee was responsible for building queries, monitoring, and troubleshooting issues that arose during application demoing.
Project Duration: 2 weeks
While working on this project James McKee acted as the technical architect of the application to alleviate duplicate steps in a complicated office workflow. The application was designed to coexist with the current desktop architecture and integrates with already allocated MySQL servers using Visual Studio Tools for Office 2003. James was responsible for leading an offshore team of two developers to design and build the application on an extremely limited time schedule. James’ responsibilities incorporated elements of the entire application life cycle, from requirements gathering to user acceptance testing.
Project Duration: 1.5 months
While on the project James was responsible for design of BizTalk applications to integration with three external vendors. During the build and deployment of the applications he became familiar with key BizTalk functionality as well as external toolkits for creating repeatable processes. While on the project he functioned as the SME for the BizTalk Build and Deployment Framework and was responsible for training others in its use. Technologies that were included in the project included but were not limited to use of SFTP adapters, Commerce Server adapter, Sql Server Adapter, SharePoint web services, WCF Adapter, File adapter and Email adapter. Because of needs based on the project James was also responsible for the modification of the SFTP adapter to meet the needs of the project. He was charged to unit test certain applications using the BizUnit frame work. In earlier phases of the project James filled the need of acting as the BizTalk administrator, because of this need he became familiar with the installation process as well as the troubleshooting process that is involved. Later in the project he was responsible for trouble shooting issues that arose in the environment and was expected to operate as a one person team to find resolutions and drive them to completion. James was responsible for designing service and data contracts for multiple services. He was also responsible for improving prototypes into production level code. Technology that was used on the project included ACA.NET 6.1, Unity Framework, Enterprise Library 4.1 and service oriented architecture. James was responsible for the Design, Development and implementation of WCF and ASMX Services targeting high demand and quick response situations, including experience implementing REST services through the WCF Rest Starter Kit. James was also responsible for the design and implementation of Data Contracts, Service Contracts, and Fault Contracts. Responsibilities also included management of a Linux server for a component of the architecture. Soft skills that were used included writing deployment information and working with other developers to clear code review tasks.
Project Duration: 1 Year, 3 Months
While working with the firm James was responsible for planning and executing release 2 of a product that had not completed development on the first release. In this work James worked with members of release 1 and release 2 to make design decisions and draft design documents. During the build process James functioned as the build master with responsibilities including build management, continuous integration server management, and code merging. During this time he also functioned as a developer working on individual pieces of the project, including working with Spring.net, RhinoMocks, and core pieces of the .net framework, becoming increasingly experinced with Aspect Oriented Programming and Dependancy Injection.
Project Duration: 1 Year
James participated in a team that was responsible for reconstructing and completing the presentation layer of a large ecommerce project. During this time he was responsible for in depth work related to HTML and CSS. His responsibilities included an evaluation of the presentation coding standards, and participate in making recommendations for ways to both better execute the ‘skinning’ task as well as produce more efficient and well organized code. During his time working on this project his role changed from working on skinning to assisting management in the discovery phase. During this period he was responsible for developing solutions that would help in the information gathering phase.
Project Duration: 4 Months
August 2007 - November 2007
James was part of a small team responsible for migrating data and ensuring data synchronization from the old to new project. By utilizing SQL Server 2005 and Integrations Services he was able to ensure that data would be consistent on a scheduled basis. During this time James was responsible for meeting with the architect and project manager to continue to meet the changing demands of the organic application. James also worked with other teams working on issues such as deep caching, where portions of the web response would be pulled from the cache in the database and other items would be refreshed from the Web Service, without the knowledge of the application. The final project that James undertook while working for the company involved automating mass data transfers (> 4gb) using FTP on a monthly basis. Using the .Net Framework, James was able to create a flexible utility that met their needs as well as a library that would be used in other projects.
May 2007 - Aug 2007
While working for the company James was solely responsible for designing, developing, and implementing two online library packages for non-profit professional organizations. Utilizing the Google Mini, .Net 2.0, and SQL Server James helped the two groups develop online training repositories for training members of their respective organizations. The project also included the Automation of document submission and review process.
August 2005 - May 2007
James was half of a team responsible for the rewrite of an application written in Access to the .Net Platform. Utilizing 3rd party technology such as Telerik controls and the Enterprise Library he was able to ensure more of the product was delivered with less development time. Due to past failures of the project James was responsible for working with management and stakeholders to implement an agile methodology to insure the deliveries in a prompt and systematic way. By doing this James helped to improve direct communication with the customers and the development team creating a faster turn over cycle for issues. While working on this project James was also responsible for testing and developing the threat model for the application. James was also responsible for an add-on that was designed to add value to the current version while the larger product was in development. On this task James carried the project from design to deployment alone. Using SQL Server 2005, Access, and .NET he was able to build a solution that was met the needs of the customer while also meeting their price point. Also during this time James was the functioning Network administrator, who was responsible for establishing a Windows 2003 Domain, Implementing a backup strategy using Arcserve including off site backups, building a perimeter network and firewall using ISA Server 2004, and setting up WSUS for doing network wide updates for a network of 4 Servers and 13 network Computers.
Aug 2001 - Dec 2004
While working for the university James was responsible for assisting the teaching of Office Technologies. James was selected repeatedly for the adult education class for his ability to be both patient and expressive to those with a limited knowledge of computers. James was also responsible for building, repairing and running both the network and computers for the Linux / Windows lab. Requirements included that each machine needed to be able to boot using either Windows or Linux and had to be able to communicate with the windows domain for the university. This project relied highly on working with both Samba and Active Directory as well as communicating with various parties to ensure a seamless experience in the campuses only Linux lab.