Here should be some serious title
Hi, my name is Alex and I’m a CTO. If you wanted to find a technology-savvy person who cares not only about computers but about your business too at the same time - you found the right person!
Experience
- Perform regular high-level research across current threats in the cybersecurity domain
- Track and analyze all ongoing developments in the EU regulatory field in domains of cybersecurity, data protection and AI
- Co-found Cytopus
- Help with preparing documentation templates for the architecture department in the company, evaluating existing practices, and improving them
- Initiated work on preparing and maintaining a tech radar for the company’s IT landscape
- Help to define business strategy regarding video conferencing future in the company. Evaluate several video conferencing solutions in the market and establish communication with multiple vendors
- Introduce initial cloud support to our on-premise-only environment (an initial step on the hybrid-cloud journey)
- Lead all discussions with external cloud providers like VK Cloud, Yandex.Cloud, SberCloud
- Participate in migration process from VMs to Kubernetes platform (on-premise installation)
- Work closely with the Information Security department, evaluate and improve security standards across the company
- Help the Information Security department with implementing regulator requirements (GDPR-like) regarding PII usage across the systems
- Design a roadmap for how the company implements GDPR-like requirements across all systems in the company
- Mentor system architects and engineering teams on different topics like modern monitoring approaches, k8s-native patterns, etc
- Start an initiative inside the company regarding internal conferences (as a part of knowledge-sharing activities). Gave multiple talks: “Serverless architecture”, “C++ standardization process”, “Profile-Guided Optimization (PGO) and beyond”, “C++ sanitizers”, “HashiCorp Vault”, “PII requirements for data”, etc.
- Start migration process of multiple log systems into the company-wide one, help with designing a central log system
- Design central secret storage (based on Hashicorp Vault) usage across the company: cluster design, integration into multiple workflows
- Design storage for security-related events (ad-hoc SIEM) in the company
- Design a new Video Conference System for the company and integrate it into the multiple products
- Lead activity about introducing LLM into the company landscape: evaluate current industry approaches, working with SaaS vendors, evaluate new risks and mitigations, review corresponding laws, establish process around LLM in the company, etc.
- Redesign highly-available ElasticSearch cluster across several data centers. On this project I did some reverse-engineering of existing solutions, identifying stakeholders, collecting functional and non-functional requirements, evaluating data centers availability optimizing ElasticSearch configuration in several dimensions (redundancy like replicas count, performance characteristics like optimal shard size, and using proper Java GC, scalability)
- Participate in regular architecture meetings, and provide valuable feedback regarding multiple internal processes
- Tools: Confluence, Jira, Draw.io
- Agile frameworks: SAFe (twice certified), Kanban
N-able (SolarWinds)
Software engineer (mostly C++)
February 2018 - February 2022
https://n-able.com (https://solarwinds.com)
- Work on Cloud-To-Cloud product - a backup solution for Office365.
- Lead threat modeling activities in our team: prepare all required artifacts, facilitate threat modeling sessions, work with an architecture team and security experts on the threat model stabilization, help the architecture team with threat modeling tooling evaluation
- Perform end-to-end log solution design (identifying and engaging stakeholders, gathering functional and quality requirements, comparing different ready and semi-ready 3rd party solutions, implementing proof of concepts, COGS estimation, presenting results, and much more
- Evaluate provided ADRs from the architects and provide feedback as a developer representative
- Get huge experience with Microsoft Graph API, Exchange API, SharePoint Online REST API. Work in touch with Microsoft Graph API team for several workarounds
- Being a part of an internal C++ committee. As a committee member, I was working on internal C++ guidelines, adopted modern C++ features for the code base, investigated C++ Standard upgrades, helped with choosing dependency manager, etc.
- Being a speaker on internal knowledge-sharing events (we call it TechCafe)
- Push using Clang-Format for our sources. Compared clang-format to code formatting tools (like uncrustify), review several code styles, preparing clang-format builds and proper internal documentation
- Investigate using fuzzers (AFL, Libfuzeer-based, self-hosted Oss-Fuzz) for some parts of our code
- Push forward continuous performance testing
- Push forward using Google Sanitizers on CI as a part of an internal workflow
- Help with building our solution on the Windows platform with Clang - fixing Clang-specific stuff on Windows
- Port our solution to ARM architecture (AWS Graviton CPUs)
- Design from the scratch storage format for SharePoint feature
- Implement several Proof-of-Concept for features like OneDrive restore
- Debug on production several really difficult problems, related to C++ memory issues and undefined behaviors
- Work with a support team as an on-duty developer
- Work in a geographically dispersed team
- Trying to push modern DevOps practices
- Participate in regular releases
CIB Software
Software engineer (C++)
June 2016 - February 2018
- Work on several projects: CIB PDF Brewer (Windows desktop application that works with printers), CIB IPL (proprietary OpenCV-and-ImageMagick-based library with different classic computer vision algorithms), CIB OCR (proprietary Tesseract-based OCR system with several enhancements), CIB PDF (proprietary library for work with PDF files).
- Being the only developer on IPL and OCR, so manage the full lifecycle: several discussions with business and support, planning, make design and implementation, testing (manual and with autotests), release
- Do research & development (R&D) for different image-related algorithms like Mixed-Raster Compression (MRC), real-time edge detection, PDF reverse engineering, etc.
- Integrate the libraries with other products
- Help with long and short-term design for the libraries
- Port the libraries to CMake from a custom build system
- Port the libraries to Android x64
- Integrate the libraries with an Android application with SWIG and JNI
- Integrate an application into MS Office (Word, Excel, PowerPoint) application as an addin
- Use C++ <-> C# interop for MS Office Addins
Conferences
- A program committee member in CoreHard and C++ Russia, do talks review for CppNow, CppCon, CoreHard, C++ Russia conferences
- A semi-regular speaker (and a regular attendee:) in different conferences
- CoreHard 2017 Spring “Boost.Algorithm” (ru)(video, pdf, odp)
- CoreHard 2017 Autumn “CppNow 2017 trip report” (ru)(video, pdf, odp)
- CoreHard 2017 Autumn lightning talk “Fuzzy search” (ru)(video)
- C++ User Group 2017 Nizhniy Novgorod “Compare different C++ compilers optimizations” (ru)(pdf, odp)
- LVEE 2018 Winter “Comparing of OCR tools” (ru)(pdf, odp)
- Corehard 2018 Spring “Profiling programs for C++” (ru)(video)
- LVEE 2018 Summer “Automatic bug search in C/C++” (ru)(video)
- CoreHard 2018 Autumn “What cannot be optimized by C++ compilers” (ru)(video)
- CoreHard Zoom-based talk about a culture of coding in the C++ community
- An invited expert on C++ Russia 2020, moderated several talks
- TechSpot 2022 Cybersecurity meetup “SolarWinds hack and all the stuff around that” (ru)(video)
- TechSpot 2024 Performance meetup “Profile-Guided Optimization (PGO): 101” (video, slides)
- Winglang Community Meeting March 2024 “Profile-Guided Optimization (PGO) for Winglang”
- Tech Internals Conf 2024, Cyprus “Profile-Guided Optimization (PGO): (Ab)using it for fun and profit”: abstract
- OxidizeConf 2024, Berlin “Profile-Guided Optimization (PGO) in Rust - 101”: abstract, video
- RustFest 2024, Zurich “Profile-Guided Optimization (PGO) in Rust: unknown parts”: abstract
- p99conf 2024, “Profile-Guided Optimization (PGO): (Ab)using it for Fun and Profit”: link
- RustLab 2024, Florence “Profile-Guided Optimization (PGO) for Rust applications: Practical Guide”: abstract
Publications
- Several C++ proposals (Add more std::hash specializations, Changing attack vector of the constexpr_vector, bunch of proposals about constexprifying C++ containers, Numerics TS)
- My talks from the LVEE conferences were published in an international digest
- Habr publications (Algorithms for palindrom search, Conan: package manager for C++ (ru))
- An article about Vector (ru)
Pet project (YourGame)
- Highlight all possible stakeholders and work with them (that’s not only me, fortunately :)
- Work with use scenarios
- Work with stakeholders’ concerns and resolve conflicts between concerns in the architecture
- Work with functional and non-functional (quality) requirements
- Evaluate and adjust the architecture
- Prepare different models (text and boxes, UML diagrams). We use draw.io
- Implement and adjust the ARD template (based on Arc42 template and “Viewpoints and Perspectives” book)
- Maintain ARD (AsciiDoc-based)
- Evaluate different public clouds from different perspectives: provided services, pricing, toolkit compatibility
- Implement proof of concepts (e.g. ECS-based architecture evaluation)
- Design full application lifecycle: transformation requirements into the architecture, development, testing, deploy and operation
- Design CI process (CD coming soon)
- Choose technology stack (programming languages, main frameworks/game engines, deploy tooling, etc.)
- Use the following principles and design patterns: Twelve-factor, Event-Driven, Client-Server, Domain-Driven Design, ECS-based approach
Open Source activities
I love all kinds of open-source projects, so I’m trying to do something cool and/or useful :)
- In the past was an active Russian WG21 member (C++ standardization committee): writing and reviewing proposals
- Conan (Bincrafters): Packed several libraries for Conan package manager - packed a lot of different libraries (especially core image libraries). Was a Conan advocate (now I am a language-specific dependency manager advocate :)
- Boost: added several utility algorithms to Boost.Algorithm library. Work on fuzzy search algorithms
- Clang: work on static analysis tools (Clang Tidy, Clang Static Analyzer, my analyzer as a diploma project)
- PRLib: a library with several image preprocessing algorithms: link
- gImageReader: implemented better PDF support, small fixes
- Maintained rust-serverless project: we maintain Docker image for using AWS Lambda with Rust
- Set of Rust Teloxide-based Telegram-based for several chats with large communities
- A semi-active contributor to Vector
- The main admin in the largest Russian-speaking Telegram-based communities about Vector and Grafana Loki
- Advertising Profile-Guided Optimization (PGO) across the industry: https://github.com/zamazan4ik/awesome-pgo
- A lot of small fixes in several libraries and applications (see my GitHub account history)
Programming interests
I had and have different interests in different computer science areas. Some years ago I was crazy about image pre and post-OCR processing. I was reading a lot of papers and articles and even implemented PRLIB. But this area is too specific (at least I think so) and later I switched to another area: compilers and static analysis. Mostly I was (and a little am) interested in compiler optimizations and static analysis problems (you can check my diploma project).
Now for me is interesting to design and develop modern cloud-based highly-scalable high-performance (throughput and latency) systems. Also, interested in building robust socio-technical systems.