Michael Hanley
[email protected] | GitHub | LinkedIn
Principal Software Engineer with 15+ years of experience designing distributed systems, CI/CD infrastructure, and backend services in Rust, Go, and C#. Deep expertise in NixOS, Kubernetes, and cloud, on-prem, and hybrid architectures. Architect and hands-on engineer with a proven record of improving reliability, cutting costs, and leading high-impact technical transformations.
Skills
- Languages: Rust, Go, C#, TypeScript/JavaScript, Python
- Data Systems: PostgreSQL, MySQL/TiDB, SurrealDB, TiKV, DynamoDB, Prometheus, Redis
- Protocols & Messaging: HTTP, GraphQL, gRPC/Protobuf, OpenTelemetry, MQTT, JSON, Syslog, SQS, SNS
- Infrastructure & DevOps: Nix/NixOS, Kubernetes, Docker, Terraform, AWS, Linux
Experience
Calamu - Remote
Principal Software Engineer - November 2023 to October 2025
- Built a fully declarative Nix-based CI/CD system for both cloud and on-prem deployments.
- Leveraged Nix, NixOS GitHub self-hosted runners, distributed binary caches, and remote (distributed) builds to generate and deploy NixOS configurations, Docker images, Terraform, and Kubernetes YAML.
- Achieved reproducible, deterministic builds with significant speed and reliability gains.
- Discovered and demonstrated a critical vulnerability, responsibly disclosed it, and led a complete architectural redesign.
- Delivered high-performance cross-platform implementations in Rust and C#.
- Eliminated the flaw and improved throughput.
- Developed a TUI for provisioning on-prem clusters.
- Implemented in Rust with Nix-based deployment.
- Reduced provisioning time from ~3 hours to under 15 minutes.
- Developed a distributed execution engine in C#, then built migration and purge features on top of it.
- Implemented durable queuing, retries, and coordination between backend services and distributed agents.
- Supported seamless data migration across AWS S3, GCP, Azure Blob, and S3-compatible services.
- Built a Rust-based benchmarking suite for comparing S3-compatible services.
- Measured performance data for regression tracking and product validation.
- Re-architected infrastructure to replace an expensive and fragmented AWS stack (Fargate, Lambda, DynamoDB, Neptune).
- Migrated to Kubernetes and SurrealDB/TiKV, achieving a 10x cost reduction and multi-cloud/on-prem portability.
- Featured in SurrealDB's case study: Storing cybersecurity data at scale with SurrealDB
Tably - Remote
Senior Software Engineer - August 2022 to May 2023
- Developed a Notion-style block editor for an interactive web-based computing platform (conceptually similar to Jupyter Notebook).
- Implemented in Rust using Sycamore and a proprietary operational transform engine.
- Delivered real-time synchronization and structured data editing across users.
KnowBe4 - Hybrid (Clearwater, FL)
Senior Software Engineer - November 2017 to July 2022
- Developed a replacement SCIM identity provisioning service to support massive traffic bursts.
- The previous open-source system frequently ran out of memory under load and required replacement.
- Proposed and led the adoption of Rust for the project due to its performance and predictable memory management.
- Designed and implemented a Rust-based Lambda + DynamoDB replacement handling 2.5 M requests/day and >7 K/min bursts, isolated tenant issues, and reduced AWS costs tenfold.
- Featured in: Software Architecture and the Art of Doing it Right the First Time
- Delivered the backend for CARA, a CMMC compliance readiness tool.
- Took over from a struggling team and met a hard deadline.
- Implemented with Python, GraphQL, API Gateway, Lambda, and S3.
- Adopted as the foundation for the team's future microservices.
- Built internal integration microservices to continuously scan customer domains via EEC and synchronize results to product and data pipelines.
- Implemented in Go using Step Functions, Lambda, SNS, and S3.
- Runs ~67 K state machines to scan 130 K+ domains each month.
- Rebuilt PhishER's VirusTotal integration to support complex upstream rate limits and reliability constraints.
- Implemented in Go using Lambda and DynamoDB.
- Processes > 3 M requests and 8 M invocations/month.
- Contributed to the design and migration of the internal email delivery system.
- Led migration from MySQL to PostgreSQL to address transactional and performance limitations.
- Implemented in Go using Fargate, Aurora, and SQS.
- Used across the company to send > 40 M emails/month.
- Created the PhishER: Threat Map: a live map visualizing global phishing activity.
- Developed full stack in Go + JavaScript (VueJS & Canvas) with Fargate, SQS, and WebSockets.
- Handled > 3 M subscriptions before being replaced on the homepage with a simulated view.
- Engineered core backend services for PhishER, including a rule evaluation engine, YARA integration, and Syslog integration.
- Implemented using Go, gRPC/Protobuf, libyara, Fargate, ELB/NLB, and consistent hashing for distributed load balancing.
- Co-inventor on U.S. Patents: US10812507B2, US11108791B2, US11902302B2 - Systems and methods for efficient combining of characteristic detection rules.
- Developed backend services for several public tools: Email Exposure Check, Weak Password Test, Breached Password Test, Password Exposure Test, Second Chance, and Multi-factor Authentication Security Assessment.
- Implemented in Go using Fargate, ELB/NLB, gRPC/Protobuf, and cryptographic libraries.
nThrive - Remote
Senior Systems & Software Engineer - June 2012 to November 2017
- Created a proprietary interactive lesson format used in 1.6 K+ lessons taken by millions of healthcare professionals.
- Implemented in JavaScript using React, Redux, Material Design, SCORM, and xAPI.
- Automated content packaging using a build system written in Go integrating ffmpeg, ImageMagick, Ghostscript, and inotify.
- Produced 1 K+ lessons with 3.6 K+ interactive elements, dramatically improving productivity.
- Built a mobile application (iOS and Android) to allow searching complex hierarchies of medical codes in JavaScript (Titanium).
- Ranked #67 globally and #1 in Medical on the App Store for several months.
- Modified and administered an existing learning management system (LMS), allowing it to scale to hundreds of thousands of learners.
- Transitioned from PHP to Go microservices, introducing Redis caching, HAProxy/Nginx load balancing, and Ceph distributed storage.
- Developed a web app for live and on-demand streaming of medical seminars.
- Frontend in JavaScript using AngularJS, VideoJS, and xAPI.
- Backend in Go using Authorize.net, RethinkDB, and ffmpeg.
Focus School Software - St. Petersburg, Florida
Software Engineer - March 2010 to June 2012
- Optimized core data manipulation functions, replacing inefficient and insecure eval() logic with recursion for an application-wide ~16% performance gain.
- Fixed critical SQL injection vulnerabilities by replacing regex-based escaping with parameterized database calls.
- Automated generation of Department of Education reports in PHP, simplifying compliance workflows.
- Integrated memcached caching to cut query load and reduce page times by up to 35%.