Jarod DeWeese

Who am I?

Hi πŸ‘‹ - I'm Jarod. I'm a cyclist, runner, and engineer. I'm interested in secure, highly available, cryptographic systems. I'm particularly interested in infrastructure engineering, availability and diaster recovery for applications that focus on cryptography, and those that seek to democratize technology. In the past, I've worked on web apps that help public servants track the impact they have on their communities, technical support sites, and highly available end to end encrypted communication service used by millions daily.

I also have a website called Parkmark that I originally made to make it easier for people to see information about their national parks, but now provides human-readable insights from several federal data sources (NASA, FEC, USDA ) to make government data more accessible to the public.

πŸ›  What tools do I use?

Here are a few pieces of the tech stack I regularly use as a computer professional.

  • Languages & Scripting: Python (CLI tools, web apps, scripting), Bash (daily use and automation)
  • Infrastructure as Code: Terraform, Kubernetes, and Helm, for managing configuration and deploying infra and application to an precise spec
  • Hosting: EKS, EC2, RDS GlobalDB, CloudHSM, highly available Kubernetes cluster
  • Pipeline: Jenkins, for CI tests, and for orchestrating deployments, failover, and regular cronjobs
  • Experienced with AWS CloudHSM and hardware-backed key management β€” including non-extractable secrets and shifting TLS termination off nginx and into HSMs.
  • I'm comfortable in Unix environments β€” whether that's writing shell scripts, debugging in the terminal, or automating routine tasks with command-line tools.

What have I actually done?

πŸ”‘ TLS Key automation

Turned a deeply manual, high-friction security process into a single Python command

  • Automated key creation, user provisioning, key sharing, CSR generation, and HSM activation for AWS CloudHSM
  • Reduced time to generate a TLS CSR from nearly an hour of manual coordination to under 2 minutes
  • Abstracted complex cryptographic workflows into clean CLI tools usable by non-experts

Automating key management on AWS CloudHSM. CloudHSM out of the box is a very intensely manual service that requires significant amounts of time and expertise to administer. I created Python code to automate routine, time-consuming HSM operations including: creating keys, sharing keys, generating CSRs, generating HSM users, and activating new HSMs into the cluster. This automation reduced the time of generating a new TLS CSR from taking nearly an hour of manual coordination, to a few minutes that requires only running a single python command.

πŸ› οΈ Failover orchestration

Designed a custom failover coordination system for critical services, ensuring minimal downtime during disaster scenarios.

  • Replaced brittle manual failover steps with a structured automation layer, empowering devops engineers to execute complex recoveries with a single command
  • Improved recovery time objectives (RTO) by validating end-to-end failover paths before incidents occur
  • Tested and hardened failover playbooks, turning a high-stakes manual task into a repeatable, reliable workflow

πŸ”§ Automation of dependency upgrades

Closed the loop on vulnerable software faster β€” from detection to validation to deployment.

  • Jenkins + Bash job scanned for vulnerable packages and automatically proposed upgrade MRs
  • Downstream automation updated lagging clusters, keeping dev environments in sync
  • CI pipeline validated deployments and ran targeted regression tests before merging
  • Reduced human effort and made dependency maintenance an always-on background task

πŸ”„ Mass Reboot orchestration tool

Enabled safe, controlled rebooting of 10K+ servers

  • Built an internal platform to manage kernel-patching reboots across global fleet
  • Each team defines safe reboot behavior via declarative YAML: schedules, pool sizes, backoff rules
  • Helped standardize and automate compliance across infrastructure, minimizing toil and human coordination
  • Provided an β€œemergency mode” for teams to accelerate reboots during zero-day vulnerability incidents