Automated the setup of customers' https certificates for their Salesforce.com-hosted web sites from the UI down to the API calls made to the internal load balancer hardware and to the DNS provider. This involved designing, championing, and implementing this and its supporting features across multiple stakeholders, including product management, technical operations, security, development, quality engineering, support, and customers. Integrated a WYSIWYG web site editor and content management system with a team into the Salesforce.com codebase. My focus areas involved low-level connections and tie-ins to Salesforce.com as well as working with the release engineering and technical operations teams to get the site runtime systems configured and deployed. This product is known as Site.com. ­Brought attention to specific cross-site scripting (XSS) vulnerabilities by writing a Firefox Firebug extension that looked for improper string escaping and having quality engineers from every functional team test the system with the extension. After the bugs that this extension identified were fixed, and with other security improvements in place, a security auditing firm highly praised Salesforce.com's security. Improved an internal production testing tool's scheduling of tests by adding prerequisite expressions and event-driven processing to increase test parallelization Championed an improvement to an anti-phishing feature's design successfully before it was released Automated HTTPS troubleshooting with an internal utility for support representatives that substantially reduced the number of escalated HTTPS cases Resolved customer cases related to the application programming interface (API) and secure sockets layer (SSL), quickly becoming a go-to person for HTTPS and SSL Enhanced the user interface of, added Apache Ant build files to, significantly improved the configuration system of, and added multiple-window browser screenshots to an internal production testing tool Data Design Tips for Developing Robust Apps on Force.com

Maintained and upgraded Huang-Iboshi Architecture's server, workstation, and network systems, including their anti-virus, backup, file sharing, authentication, and directory software. This included transitioning the network to be an all-wireless network using Ruckus wireless equipment and RADIUS authentication in ActiveDirectory. This maintenance is low-touch as the systems run themselves.

Maintained a 200-user multi-tenant three-tiered HIV/AIDS database system that was used by all Ryan White CARE-funded AIDS service organizations in San Francisco in collaboration with the Department of Public Health AIDS Office and two direct partners. That involved all aspects of the software development lifecycle as well as server and client deployments, network maintenance, and top-tier user support. Gathered requirements for new features collaboratively with stakeholders, designed those features, coded them, tested them, and deployed them Implemented large parts of the data conversion and customization of the Foundation's purchased donor relationship management system Secured the Internet-facing presence of the donor relationship management system using a locked-down Apache configuration and strict URL regular expressions Obviated a need for Crystal Reports by implementing web-based PDF reports using Microsoft Access, a customized PHP build to run as a COM server, and a custom-built COM object for use by ASP on the reporting server, saving a significant amount of money Migrated client operating system data during the Windows XP transition using a multi-platform Java-based profile migration tool that I wrote Developed improvements in collaboration with the other database administrator to the foundation's customized customer relationship management (CRM) and donor relationship management systems Planned, deployed, and provided training for Mozilla Firefox as the default web browser to all foundation users and created IE URL Lock for business-related sites that only worked in Internet Explorer Maintained the Cisco network equipment, including the PIX firewall's access control lists (ACLs) and routers' virtual local area network (VLAN) ACLs Cut unsolicited commercial email (UCE or SPAM) drastically and added virtual private networking (VPN) using Astaro Secure Linux (ASL) in the demilitarized zone (DMZ) behind the Cisco PIX firewall

Provided award-winning hardware and software support, worked with wide-area network configurations, and wrote a networked printer driver to save thousands of dollars in licenses by allowing printing from their AS/400s to local printers.