My Profile

Nicholas Andre

Hello!

I'm an information security engineer at 10x Genomics. I'm a true geek, and I love software, hardware, nutrition, bacon, and photography.

Skills

  • Programming

  • java - experience working with Java 8 at Google
  • c++ - experience working in the Microsoft Office codebase
  • c# - web service experience on OneNote, used for hackathon with the ASP.NET MVC framework
  • python - Django and various scripting tasks
  • Databases/ORM - MySQL primarily, raw SQL + Django and other ORMs
  • c/assembly - microcontrollers, OS programming, network programming
  • php - the old & faithful LAMP stack has saved many an hour of onerous tasks with a single file of PHP.
  • Platforms

  • Application Development - I spent a lot of my time at Microsoft working with C++ client code in the Office codebase. Integrated with web service for a hackathon project enabling automatic online analysis of diagnostic logs.
  • Web Services - I love working with Django, particularly for the automatic database migrations and sane query syntax. As bonus, I can make an HTTP/1.1 request using Telnet
  • Databases - MySQL the most, along with some work in Postgres, Mongo, Azure blog storage.
  • Networking - QoS, IGMP + Multicast, Cisco (2960 and SG-500), I <3 Ubiquiti
  • System Architecture - KVM setup and management, web applications, manage Rivendell at WMFO.

Work Experience

For a summary take a look at my resume.

10x Genomics

January 2021 to Present

At 10x I do a variety of infomration security-related tasks. I am really excited about the overall mission of the company because I understand the value of the underlying technology for health research.

Google

January 2017 to January 2021

At Google I work on the Cloud Security team, specifically Security Health Analytics. We are doing vulnerability detection for various benchmarks like CIS.

Microsoft Corporation

Summer 2015 Intern & Full Time August 2016 to December 2017
Authentication

I spent a lot of time working on improving the reliability of authentication. There were a lot of user complaints surrounding authentication problems -- particularly being prompted to re-enter account information daily but also not being able to sign in at all.

I was able to trace the issue back to an error caching behavior in the Office code. Errors were remembered and the presence of any error would set an "Invalid" flag on the account. Many routines would first check against the "Invalid" flag and explicitly fail if it was set, therefore any mishandled error would cause many routines in the future to break. There was no well-defined way in which this error would be cleared except for sign-in, so the clients would end up displaying "Please re-enter your credentials" and after a user re-entered them the error state would be cleared. The underlying OAuth account object never experienced a problem.

The investigation was fairly lengthy and involved the analysis of a "black box" system. We had the advantage of being able to read the code (not that the code was readable...) but the large number of modules and the high level of overengineering made this a bit difficult. We also spent a while interfacing with "politically distant" teams to do pair programming and additional discussion of best practices.

To accomplish this, I spent a good deal of time instrumenting a telemetry system. To make matters worse, there was no good set of hooks to keep track of the authentication subsystem. Each state (unauthenticated or authenticated) was valid and we cared primarily about "invalid" transitions between state. I ended up doing feature work to:

  1. Map identity to resource at time of opening
  2. Develop a modularized authentication system to track state in a thread-safe way
  3. From the state, produce telemetry about the system on a per-account level
  4. Use an activity telemetry system to track progress and behavior of user sign in to understand behavior of authenticaiton modules. I had to optimize this telemetry to limit data volume given the scale of our deployment (installed on every Windows 10 device by default).

This also gave me hooks to retry things like clearing the underlying error state after an initial authentication error (which ended up clearing up 90%+ of the "Please sign in" bars).

I also did other bug fixing work, particularly refining the errors that we interpreted as "authentication-related." I also ironed out a problem with incomplete module initialization which I later discovered resulted in some 4 million spurious prompts per month.

Support & Customer Engagement

I'm very passionate about strong customer engagement and providing an exceptional support experience. Upon seeing some of the difficulties users were facing working with our application, I helped develop a support tool for agents to resolve common problems within OneNote and refined it based upon feedback.

I also got a chance to fly down to Dallas and engage with our support team there, particularly to provide support and escalation procedures and to help identify communication barriers that were hampering their progress. The result has been greatly improved cooperation between support and engineering and the support was recently called out at a conference as being some of the best in Office.

In the spirit of listening to customers, I also assisted in the development and implementation of a customer engagement procedure to leverage our pre-production deployments for early discovery of any build or service problems. We wanted to maximize the value of our investigations by setting individual procedures for the value of the data, giving greater priority to internal "dogfood" users as well as customers running pre-production versions of our product.

I've also worked with internal teams to optimize external messaging for any ongoing incidents, and monitored social media platforms like Reddit myself.

Other

Architected and implemented a collaboration telemetry set and dashboard to monitor usage and performance of collaboration scenarios.

Implemented a telemetry dashboard for error reporting on the health of OneNote files in the cloud. Included work in C# and ScopeScript.

Boston AV Productions, LLC

Founder and President (April 2013-December 2016)

I founded an Audio Visual Event Services company to compete with my University's own AV Services in an effort to provide better service and better value to on-campus groups. My roll is obviously flexible, but I went through LLC registration, accounting, strategic planning, insurance, payroll, taxes, etc. Fantastic learning experience and I'm glad I had the opportunity to do it!

General Electric Intelligent Platforms

Software Development Intern (Summer 2014)

Worked an the Proficy Vision platform team, up and down the stack from Database work to Java coding to interfacing multiple components. Spearheaded a project to enable SSL termination through a NodeJS-based proxy server that integrated all APIs during the transitional development phase and enabled future support for web sockets.

Editshare, LLC

Software Development Intern (Summer 2013)

Software development including some fun reverse engineering work. Architecture help with a Linux kernel cgroup-based QoS system for disk access. Reverse engineering work on OSX platform and a bit of dynamic library shimming to "overcome some technical restrictions on Apple's platform."

Cartera Commerce, Inc.

Operations Intern (Summer 2012)

Implemented scripts to integrate company and third party services. Also worked on provisioning and managing servers through Puppet for company web services.

Interests

Nutrition and Health

Check out my presentation and the work I'm doing on the endotoxemia hypothesis for chronic disease. I eat a mostly carnivorous diet.

Microcontrollers and Embedded Systems

At Tufts I TA for our microprocessor architecture class and our digital logic and FPGA intro class. Very interested in various embedded systems, RTOSes, protocols and busses.

Audio Visual Work

I started an AV Event Services company during my Sophomore year to compete with the University's own services. I enjoy audio recording and sound production from both an aesthetic and a technical (EE) sense. My one claim to fame is that I can sing Piano Man while playing the piano and using the harmonica.

The Radio Station

Dovetailing with the above, I'm the Director of Operations at Tufts' Radio Station, WMFO Medford. We run a full Audio over IP network and I love to tinker with everything from Servers to VoIP to broadcast compressors and Radio Data Systems.

Amateur Radio and RF

From RFID to programming to tuning duplexers, RF is fun! I bought an HP8924C Service Monitor and had it in my dorm room Sophomore year.

Photography

I have a color darkroom in my spare bedroom to make clown sized prints from Hasselblad negatives. Lots of fun :)

Education

Tufts University

MS Electrical Engineering
2014-2016

Power electronics, high performance computer archiecture, .

BS Computer Engineering
2011-2016

Belmont Hill School

2005-2011

I did, in fact, graduate from high school.