Josh Rendek

Kubernetes (bare metal, eks, rancher, digital ocean) (2017-Present) — AWS (2012-Present) — Docker (2014-Present) — KVM/Virtualbox/ESXi (2011-Present)

Led and executed on a multi-year effort that reduced cloud spending by over $25 million.

Developed and scaled a company-wide mentoring and internship program focused on early talent and diversity, generating long-term referrals and goodwill across the organization.

Led cross-functional security convergence initiatives between XDR and MDR platforms, driving streamlined user experiences and improved response times.

Defined and executed multi-tenant architecture for XDR/VDR offerings, enhancing scalability for enterprise customers.

Spearheaded executive-level roadmap prioritization and delivery planning for partner integrations and core infrastructure improvements.

Established and facilitated senior stakeholder engagements with MSSP partners to advance detection and platform initiatives.

Championed organizational transformation by mentoring engineering managers, establishing career growth frameworks, and supporting team expansion initiatives.

Led C-level security and compliance reviews including audit visibility, GDPR readiness, and infrastructure hardening efforts.

Introduced collaborative design reviews, engineering retrospectives, and incident response planning across globally distributed teams.

Drove product initiatives such as custom RBAC, alert suppression workflows, and centralized partner access, increasing customer flexibility and platform adoption.

Facilitated high-impact talent decisions including senior leadership reorgs and performance evaluations across technical and managerial tracks.

Scaled the platform engineering team from 4 to over 50 engineers across 6 managers, introducing structured hiring practices including objective-based evaluation, post-interview surveys, and NPS tracking.

Established and led a high-performing, cross-functional organization delivering key product milestones across multiple business units with conflicting priorities and aggressive timelines.

Drove strategic alignment between product and platform teams, translating technical requirements into executable roadmaps to accelerate platform maturity and organizational growth.

Orchestrated multi-team initiatives that enhanced delivery velocity and operational reliability while mentoring new leaders and embedding long-term process improvements.

Designed and implemented systems to track release frequency and defect escape rates across 50+ microservices, improving engineering visibility and accountability.

Built foundational release analytics using in-house tools and Sentry, evolving the solution into a comprehensive observability platform leveraging Datadog and APM.

Championed the adoption of service-level metrics and platform telemetry, enabling data-driven decision-making and continuous improvement across engineering teams.

Created and implemented a structured engineering onboarding program, reducing time-to-productivity by 50%.

Built an anonymous, org-wide retrospective and mood tracking process to surface cross-team concerns and promote transparency and psychological safety.

Designed career development and promotion guides for both ICs and managers that laid out clear examples of expectations and growth paths.

Delivered internal tech talks and launched training screencasts to promote technical excellence and team engagement on topics like Kubernetes, deployment workflows, and team recognition.

Championed and launched the company’s first product-oriented SDK, supporting customer adoption and integration across multiple vendor ecosystems.

Advocated for and led the migration from REST to GraphQL using gqlgen and nautilus, significantly improving developer experience and API flexibility. Eventually evolved into a full GraphQL platform utilizing the Apollo platform and tooling.

Built a CLI developer toolkit to streamline service generation, code scaffolding, and local testing workflows.

Delivered critical platform features pre-launch, including a unified API gateway, customer syslog receiver, PKI API, and common code frameworks that enhanced security, auditability, and developer velocity.

Designed and evolved a structured post-mortem process with clear triage flows and scope identification; used PagerDuty and MTTR metrics to improve operational visibility and reduce bus factor risks.

Led the development of release and deployment tracking systems for 50+ microservices, evolving into a full observability platform integrated with Datadog and APM.

Delivered custom release management and environment tracking tools to coordinate complex multi-environment deployments with audit trails and dependency visualization.

Built and maintained Kubernetes operators for service integrations with Sentry and Consul, increasing automation and operational consistency.

Built a container scanning pipeline system to provide static analysis of the container operating system and packages, as well as analysis of the applications’ language packages to check for insecure packages in golang.

Built a WAF with microsecond response times in golang to protect customer applications from things like directory traversal, DNS checks (against known block lists), HTTP verb checking, SQL injection, XSS injection, CSP enforcement, Content-Type enforcement, and X-Frame enforcement. Built tooling and a test suite around this to verify different types of attacks, as well as the ability to replay ELB logs from already deployed applications to ensure applications wouldn’t break. Ability to deploy it as a sidecar application/helm dependency so it was easy to integrate with existing applications for customers.

Built out several kubernetes controllers/operators to enable customer deployments and integration with things like secret storage, automatic oauth client generation, and existing legacy applications. Added per-tenant encryption to a shared secret system to ensure all customer data was secured at rest and in transit.

Created a release management system to enable developers to continuously deploy as well as provide a tracking and promotion mechanism for higher level environments (ie, dev to staging to prod) that integrated with helm, kubernetes, and our cicd process.

Lead a cross-team group for several months to ensure customer success by focusing on end-to-end integration of the product from customer standup to application installation on the tenant kubernetes clusters.

Moved all servers to use Ansible as configuration management, as well as teaching other teams how to use configuration management. Worked to find and build a hybrid solution (mix of dedicated / AWS) for our security scanning infrastructure and performance needs, including procurement in Europe and China. Heavy focus on performance optimizations with Go-lang and security tools like nmap; took lead on building out different tools and automation using Go.

Built, scaled, and setup monitoring for our elasticsearch clusters with over 50 billion documents. Lead the effort to consolidate disparate http services/endpoints and redis servers and move towards a queueing infrastructure with RabbitMQ for reliability. Scaled and debugged RMQ issues at scale. Converted a large MySQL DB to Postgres with a final cutover and zero downtime. Managed elasticsearch upgrades on clusters with tens of billions of documents across multiple point and major releases.

Built from the ground up a (Shodan-like) tool to scan the entire internet using masscan and nmap, Go-lang, RabbitMQ and elasticsearch.

Setup monitoring stack using Grafana, StatsD, InfluxDB for application metrics, Zabbix for alerting and server monitoring, and the ELK stack for log aggregation. Wrote tooling and libraries in Go to clean up projects, helped educate others on Go best practices. Migrated disparate server environments and one-off-tools to Docker and deployed via Jenkins/Ansible.

Setup build environment and automation for all projects using Jenkins, Docker, and Ansible, including security and auditing tools to run on every build to check for vulnerabilities. Lead the way in implementing tests for both rails and go projects. Gave talks on various topics for security, docker, and infrastructure automation. Built several tools in house to audit AWS security groups and github permissions automatically.