Hi, my name is Thom Dixon.

I’m a software engineer based in Seattle with over 8 years of professional experience and an additional 6 before that contributing to open source projects as a hobby.

My time at both small startups and large corporations has enabled me to become a proficient full-stack developer, but building distributed systems and infrastructure that focus on security and privacy are my specialties.

Twitter

Senior Software Engineer, November 2020 - Present

Technologies used: Python, JavaScript

• Recently joined the Security Automation and Tooling team.

Oracle Cloud Infrastructure

Principal Member of Technical Staff, April 2018 - November 2020

Technologies used: Go, Python, Java, JavaScript

• Designed, implemented, and drove the adoption of an SSH Certificate-based solution for automated service accounts.
• Owned and maintained an authentication and authorization sidecar that permitted service owners to quickly meet and maintain security and compliance requirements.
• Key contributor to numerous internal security projects involving managing and enforcing access control policies for internal operators across a large, heterogeneous cloud environment.

Uber

Security Software Engineer, June 2016 - April 2018

Technologies used: Python, Go, JavaScript, Redis, MySQL

• Improved the performance of Uber’s secret storage service by reducing network utilization by 90%, reducing p95 response time by 66%, and increasing load capacity by 80x.
• Suggested and implemented significant architectural changes to Uber’s cloud document retention policy enforcement tool in order to improve efficiency and debugability.
• Implemented a FUSE filesystem client to Uber’s secret storage service to permit the consumption of file-based secrets across Uber’s infrastructure.

Influence Mobile (Louder Rewards)

Senior Software Engineer, September 2015 - May 2016

Technologies used: Ruby (on Rails), PostgreSQL, Java, JavaScript, React Native

• Principal engineer implementing a new ad platform with Ruby on Rails aiming to incentivize user engagement and re-engagement with customer mobile apps.
• A primary developer on the Louder Rewards mobile applications, utilizing React Native.

Ultimate Software

Security Software Engineer, May 2013 - September 2015

Technologies used: Python, RabbitMQ, MySQL, Elasticsearch, Angular, JavaScript

• Developed a plugin-based threat detection system with supporting microservices (in Python, using RabbitMQ for IPC) and a corresponding web front-end (with Angular).
• Designed and implemented a lightweight JWT-based authentication system and middleware that provide role-based security and service discovery.
• On the build and deployment team, I spearheaded the development of a web administration portal to be used by Ultimate’s operations teams for inventory and customer tracking.

Check out my GitHub! Some recent contributions of note include: implementing a YubiKey OTP parser in Elixir, exposing access to HTTP headers in the Go OpenAPI runtime, and adding functional options to go-jwt. In the distant past, I fixed a bug for Android’s pull refresh in React Native, fixed a bug in the AES implementation of Google’s KeyCzar, and implemented five ciphers for Bouncy Castle.

University of Florida

B.S. Mathematics with a minor in Computer Science, Spring 2011 - Spring 2013

Graduated with a final overall GPA of 3.91