Hi, my name is Thom Dixon.

I’m a software engineer based in Seattle with over a decade of professional experience and an additional 6 before that contributing to open source projects as a hobby.

My time at both small startups and large corporations has enabled me to become a proficient full-stack developer, but building distributed systems and infrastructure that focus on security and privacy are my specialties.

Discord

Staff Security Engineer, March 2022 - Present

Technologies used: JavaScript, Python, Rust, Elixir

• Happy to be helping bring communities together!

Twitter

Senior Software Engineer, November 2020 - March 2022

Technologies used: Python, JavaScript

• Provided a unified technical vision for infrastructure vulnerability management.
• Designed and implemented a stopgap solution for vulnerability scanning across datacenter infrastructure.
• Contributed to the selection process of Go as one of two future primary backend languages at the company (the other will be Java).

Oracle Cloud Infrastructure

Principal Member of Technical Staff, April 2018 - November 2020

Technologies used: Go, Python, Java, JavaScript

• Designed, implemented, and drove the adoption of an SSH Certificate-based solution for automated service accounts.
• Owned and maintained an authentication and authorization sidecar that permitted service owners to quickly meet and maintain security and compliance requirements.
• Key contributor to numerous internal security projects involving managing and enforcing access control policies for internal operators across a large, heterogeneous cloud environment.

Uber

Security Software Engineer, June 2016 - April 2018

Technologies used: Python, Go, JavaScript, Redis, MySQL

• Improved the performance of Uber’s secret storage service by reducing network utilization by 90%, reducing p95 response time by 66%, and increasing load capacity by 80x.
• Suggested and implemented significant architectural changes to Uber’s cloud document retention policy enforcement tool in order to improve efficiency and debugability.
• Implemented a FUSE filesystem client to Uber’s secret storage service to permit the consumption of file-based secrets across Uber’s infrastructure.

Influence Mobile (Louder Rewards)

Senior Software Engineer, September 2015 - May 2016

Technologies used: Ruby (on Rails), PostgreSQL, Java, JavaScript, React Native

• Principal engineer implementing a new ad platform with Ruby on Rails aiming to incentivize user engagement and re-engagement with customer mobile apps.
• A primary developer on the Louder Rewards mobile applications, utilizing React Native.

Ultimate Software

Security Software Engineer, May 2013 - September 2015

Technologies used: Python, RabbitMQ, MySQL, Elasticsearch, Angular, JavaScript

• Developed a plugin-based threat detection system with supporting microservices (in Python, using RabbitMQ for IPC) and a corresponding web front-end (with Angular).
• Designed and implemented a lightweight JWT-based authentication system and middleware that provide role-based security and service discovery.
• On the build and deployment team, I spearheaded the development of a web administration portal to be used by Ultimate’s operations teams for inventory and customer tracking.

Check out my GitHub! Some recent contributions of note include: implementing a YubiKey OTP parser in Elixir, exposing access to HTTP headers in the Go OpenAPI runtime, and adding functional options to go-jwt. In the distant past, I fixed a bug for Android’s pull refresh in React Native, fixed a bug in the AES implementation of Google’s KeyCzar, and implemented five ciphers for Bouncy Castle.

University of Florida

B.S. Mathematics with a minor in Computer Science, Spring 2011 - Spring 2013

Graduated with a final overall GPA of 3.91