{ "basics": { "name": "Edward Northcutt", "label": "Staff Platform Engineer", "email": "northcutted@gmail.com", "phone": "+1 (618) 541-8770", "url": "https://northcutted.github.io/resume/", "summary": "Platform engineer specializing in enterprise container infrastructure, software supply chain security, and developer tooling at scale. Architect and technical owner of a multi-architecture, multi-runtime container image platform powering 700+ applications and 100,000+ builds at a Fortune 50 company. Proven track record of driving organizational adoption of image hardening, zero-trust software supply chain security, automated vulnerability remediation, and modern CI/CD practices.", "location": { "postalCode": "61920", "city": "Charleston", "countryCode": "US", "region": "Illinois" }, "profiles": [ { "network": "LinkedIn", "url": "https://www.linkedin.com/in/edward-northcutt-b06386101/" }, { "network": "GitHub", "username": "northcutted", "url": "https://github.com/northcutted" } ] }, "work": [ { "position": "Lead Software Engineer II", "name": "State Farm", "location": "Bloomington, IL/Hybrid-Remote", "summary": "Spearheaded the architectural vision and served as the founding engineer for the enterprise container image infrastructure, now powering the majority of production containerized workloads. Drove the evolution of the platform from a basic community-driven offering into a secure-by-default, multi-runtime, multi-architecture ecosystem with distroless hardening and automated signing pipelines.", "highlights": [ "**Enterprise Scale & Adoption:** Scaled adoption from zero to over **700 unique applications** leveraging official enterprise container images in 2025, used in over **100,000 image builds**.", "**Distroless & Multi-Runtime Platform:** Designed and maintain distroless base images comparable to Google's distroless offering, drastically reducing the attack surface. Built on Amazon Linux 2023 libraries for broad compatibility. Expanded runtime support to include **Java/JVM, Javascript/Typescript, Python, Go and .NET**, delivering a secure-by-default multi-runtime image ecosystem.", "**Multi-Architecture:** Architected a modular image suite supporting both **Linux/arm64 and Linux/amd64** across all runtimes and distroless variants, enabling runtime cost savings through layered inheritance that maximizes caching and minimizes storage footprint.", "**Supply Chain Security:** Implemented cryptographic image signing and provenance attestation using **Sigstore/Cosign** and **Docker Buildx**, elevating the enterprise SLSA posture. Integrated with **JFrog Artifactory's Evidence** feature to deliver verifiable, zero-trust software supply chain compliance across all enterprise images.", "**Security Automation & Vulnerability Management:** Achieved a near-zero-CVE base image posture by slashing vulnerability remediation time to **under 24 hours** through automated patching pipelines. Built nightly health dashboards powered by **Syft** (SBOM generation) and **Grype** (vulnerability scanning), providing full package-level visibility and CVE tracking across every image in the ecosystem.", "**JVM Middleware Innovation:** Delivered a tool written in **Go** integrated into JVM base images to optimize heap sizing and garbage collection for JVM applications on Kubernetes, significantly improving stability and reducing cognitive load for teams migrating from legacy platforms.", "**Observability:** Built comprehensive OpenSearch/Kibana dashboards to visualize adoption trends and track legacy registry usage, enabling data-driven governance decisions.", "**Developer Enablement:** Created searchable, RAG-optimized documentation to facilitate LLM-powered knowledge retrieval for engineering teams." ], "startDate": "April 2025", "endDate": "Present" }, { "position": "Lead Software Engineer", "name": "State Farm", "location": "Bloomington, IL/Hybrid-Remote", "summary": "Directed and enhanced Source Control Management (SCM) and CI/CD capabilities, supporting over 10,000 engineers. Focused on pipeline architecture, service resiliency, and development best practices.", "highlights": [ "**Shared CI/CD Service:** Engineered a shared CI/CD service using GitLab Runners, enabling users to leverage isolated, secure container builds via Sysbox. By 2022, this system managed over half of all pipelines at State Farm.", "**Cloud Migration:** Successfully migrated the CI/CD infrastructure from on-premises to AWS in 2023, implementing robust autoscaling to handle peak loads.", "**Inner-Source Leadership:** Launched Terraform modules and container images for pipeline usage to accelerate development velocity.", "**Metrics & Observability:** Developed a cloud-based solution to collect CI/CD metrics across all jobs, using Grafana to visualize usage data for consumer-facing dashboards.", "**Platform Migration:** Transitioned users from legacy Jenkins services to the shared GitLab CI/CD platform, providing custom solutions for complex migration challenges." ], "startDate": "August 2020", "endDate": "April 2025" }, { "position": "Software Developer", "name": "State Farm", "location": "Bloomington, IL", "summary": "Collaborated with a team of seven engineers to maintain and enhance proprietary tools for insurance product design, managing complex backend validations and database integrations.", "highlights": [ "**Security Tooling:** Developed an internal tool to scan projects for vulnerable dependencies and provide automated upgrade suggestions. This tool was adopted by the application security team.", "**Legacy Modernization:** Maintained REST endpoints and Java IMS services interacting with IBM MQ. Played a pivotal role in migrating applications from a legacy WAS platform to Pivotal Cloud Foundry/Tanzu (Postgres, RabbitMQ, Spring Boot)." ], "startDate": "June 2018", "endDate": "August 2020" }, { "position": "IT/Systems Intern", "name": "State Farm", "location": "Champaign, IL", "summary": "", "highlights": [ "Developed a solution to assist with PCI DSS compliance audits as a full-stack developer.", "Assisted business partners in writing recovery plans for business continuity." ], "startDate": "Summer 2017", "endDate": "Spring 2018" } ], "education": [ { "institution": "University of Illinois at Urbana-Champaign", "area": "Agricultural and Consumer Economics - Finance in Agribusiness", "studyType": "B.S.", "startDate": "Fall 2014", "endDate": "Spring 2018", "score": "3.55", "courses": [ "CS 225 - Data Structures" ] } ], "skills": [ { "name": "Programming/Scripting", "keywords": [ "Go", "Python", "Java", "JavaScript/TypeScript", "Ruby", "HTML", "CSS", "Bash" ] }, { "name": "Containerization & Orchestration", "keywords": [ "Docker", "Kubernetes", "Red Hat OpenShift (ROSA)", "Multi-Arch Builds (ARM64/AMD64)", "Distroless Images", "Helm", "Sysbox" ] }, { "name": "Supply Chain Security", "keywords": [ "Sigstore / Cosign", "SLSA Framework", "Docker Buildx Provenance", "Syft (SBOM)", "Grype", "JFrog Artifactory", "JFrog Evidence", "Zero-Trust Architecture" ] }, { "name": "Cloud & Infrastructure", "keywords": [ "AWS (EC2, ECR, S3, IAM, CloudWatch)", "Fargate", "VPC Networking", "Red Hat OpenShift", "Terraform/OpenTofu", "Ansible", "Puppet" ] }, { "name": "CI/CD & DevOps", "keywords": [ "GitLab CI/CD", "GitHub Actions", "Jenkins", "Supply Chain Security" ] }, { "name": "Observability", "keywords": [ "Grafana", "ELK Stack (Elasticsearch, Logstash, Kibana)", "OpenSearch", "Prometheus", "CloudWatch" ] }, { "name": "System Design", "keywords": [ "JVM Tuning/Profiling", "Linux System Administration", "Distributed Systems", "API Design", "LLM workflow integration" ] } ], "publications": [ { "name": "DevSecFinOps: The Challenge of Implementing a Secure and Cost-Effective Container-Based CI/CD System", "publisher": "State Farm Engineering Blog", "releaseDate": "2025-07-01", "url": "https://engineering.statefarm.com/devsecfinops-the-challenge-of-implementing-a-secure-and-cost-effective-container-based-ci-cd-c2257eac8eb4", "summary": "Co-authored a technical deep dive detailing the architecture and implementation of a secure, cost-effective container-based CI/CD system, highlighting solutions to key engineering challenges." } ], "languages": [{ "language": "English", "fluency": "Native speaker" }] }