Release Date: Oct 1, 2014
This project was a nightmare. I was brought on to act as lead developer in the middle of the web app's servers getting owned. They were leaking credit card and secure data left and right. There was a severe lack of understanding, appreciation, and patience from PCI to the leaders of the company in trying to solve the issues. I spent hours and hours looking through error codes and executing heavy devops work. It was like all of the worst parts of programming rolled into one experience.
I advised directly to the CEO. Performed a full scale security audit to determine the source of the server breach. Prepared & communicated a detailed analysis of the system and security-related issues. Large amounts of debugging and refactoring code. I upgraded this massive, complex rails installation to v4 from out-dated v2. I automated the server build process to speed up deployment / setup. Migrated the existing live app code while maintaining the old code to a new Rackspace server, setting up production, staging & database instances while implementing a new RackConnect firewall. I then set up continuous deployment, solved the breach, and brought the project back under PCI security standards. I interviewed/vetted the next developers to be hired as I couldn't sustain the working environment any longer.