Jeffrey C. Jacobs

12522 Philmont Drive, Herndon, VA 20170-2561
jeffrey@timehorse.com
(703) 904-1735 (H)
(703) 209-2976 (M)


Objective

A challenging career in Scientific, Mathematical or Object-Oriented Software Development in C++, Python, XML, JSON, Assembly, Objective C, Java, or Scala with emphasis on Client-Server, Real-Time, and Embedded solutions.

Status

Citizenship: U.S. Citizen

Clearance: Available upon request

Availability: Immediate

Ability to Travel: 50%

Driving Distance: Up to 100 mi (160 km) from Herndon, VA if unable to refuel Electric Car at work site, 220 mi (350 km) if allowed to Charge at Work

Willing to Relocate: Yes


Summary

A successful Technical Software Lead and Senior Software Engineer with 25 years of professional Software Development experience.  Up to date technical skills, including expertise in ISO C++ 2020, Python 3, Embedded and Object-Oriented development, with Static and Dynamic Analysis.  Experience with many aspects of software development, including the design and development of:

  • Developed iOS App
  • Designer & developer for Hawkeye Tactical Sensor Grid 2.0
  • Built Abstract Syntax Tree of PDFs and Microsoft Office Documents
  • Task master for 3Point Escalate training
  • Wrote Docker component
  • Disassembled Malware attack
  • Wrote PDFParser, a run-time PDF Malware analyzer
  • Developed PROSE documentation format
  • Handled network message monitoring
  • Developer for PUMP-II Bidirectional Cross-Domain Solution
  • Worte Scala code for DFDL parser
  • Reverse-Engineered RADAR hardware
  • Developed XML parser for Windows executables
  • Developed Math routines in PowerPC Assembly
  • Designed many-to-one Byte Code language for Trusted Platform Machine
  • Wrote browser plugin to interface with Facebook
  • Researched Distributed Denial of Service attacks within Service Oriented Architecture
  • Designer for PEIP-III
  • Designer and Developer for PEIP-II
  • Designed and Developed Single Point Keying Command and Control software
  • Developed Stock Market analysis algorithms
  • Designed and developed Stock Market event logging system

  • Expertise

    Operating Systems: Windows 8/10, UNIX/Linux/Ubuntu/CentOS/RedHat/Solaris, REMnux, DOS, X-Windows, KDE, NeXT, MacOS

    Computer Languages: ISO C++, STL, boost, Python 3, Python 2, Scala, C, Objective C, Java, Flex, Bison, LLVM, XML, XSLT, XML Schema, XPath, XQuery, BaseX, JavaScript, JSON, Docker SDK, REST, Active Server Pages, SeaMonkey JavaScript API, JQuery, UNIX Shell, POSIX, Regular Expressions, VHDL, ATL, COM+, ASM, MFC, Excel Basic, Facebook Client Code, CXX Test, Apple Developer Program, iOS, deprecatedVisual C++, Generic Programming (Templates), Object-Oriented Analysis (OOA), Object-Oriented Design / Development (OOD), Object-Oriented Programming (OOP), SQL, HTML, MS Platform SDK, PowerPC Assembly, ARM Thumb, Antlr 2, deprecatedLisp, TCL/TK, CLIPS (SmallTalk)

    Applications: deprecatedSQL Server, Visio, MS Office (Word, Excel, Access, Powerpoint), Libre Office, OpenOffice XML, Escalate by 3Point, IDA Pro, x64dbg, x32dbg, ThreadGRID, Cuckoo, OPSWAT, VMWare, Abbyy Fine Reader, Rational Rhapsody, Rational Rose (Case Tools), MS Project, Adobe Photoshop, Intellij, Eclipse, JBuilder, GRUB, ALDO, Facebook Security, CodeSurfer, deprecatedVisual SourceSafe, git, mercurial, Subversion, CVS, make, Autotools, Trac

    deprecated

    Other Skills: Agile Development, Test-Driven Development, Team Development, Solo Development, Full Life Cycle, Design Documents, COA Documents, Abstract Syntax Tree, Open XML Markup Documents, PDF Parsing, Malware Detection, Portable Executable Format, bitbake, rsyslog, Common Vulnerability Exposures, Dynamic Analysis, Static Analysis, gdb, SFTP, Xerces, Apache, Coverity, SAXON, RSA, IRC, UDP, SICD, MPEG, zero-mq, JOVIAL, Dynamic Byte Code, Trusted Platform Machine, CoreBoot, Service Oriented Architecture, Security Assertion Markup Language, Distributed Denial of Service, Firefly, Elliptic Curve Cryptography, Cross-Domain Solution, Security Kernel, Single-Point Keying, OpenSource, Data Format Description Language, VirtualBox, el Gamal, AES, Fourier Analysis, DES, Galois Fields, Sink-Source & Dykstra’s Algorithm, χ², Gaussian Distribution, Error & Unit Propagation, GraphViz, DOT Graphics Library, OpenGL, Optical Character Recognition, ASN.1, 1-Wire Protocol, Full-Scale Development Article, H.263, SNMP, TCP/IP, RS232, TL-1, SONET, AVI

    Languages: English (native), French (fluent), German (conversational), Italian (conversational)


    Work Experience

    TimeHorse, LLC, Herndon, Virginia

    2009 present

    CEO, CTO
  • Objective C, Apple Developer Program, iOS, Subversion, Trac: Designed, developed and released the Lothar app for the iPhone.  The app challenges users to solve the long-standing 3n+1 mathematical problem known as the Collatz Conjecture.  Available in the App Store
  • The US Naval Research Laboratory, Washington, District of Columbia

    2002 present

    Senior Staff Software Engineer
  • Python 3, git, MS Word, Confluence, Test-Driven Development, Agile Development, Team Development, Design Documents, COA Documents: Member of the Hawkeye Tactical Sensor Grid 2.0 development team.  This project has a one year development timeline.  Was involved in the early planning, including initial development and writing design documents and Course of Action (COA) Documents.  Developed some code for this system in Python 3 using Git
  • Python 3, ISO C++, Abstract Syntax Tree, Open XML Markup Documents, PDF Parsing, Malware Detection, Solo Development: Principle developer on the Majestic research project.  The project endeavors to use Abstract Syntax Tree (AST) analysis to look for common patters of malware in the shape of these trees.  Modified PDFParser to provide AST data in XML.  Wrote Python 3 to parse Microsoft Open XML Markup documents (DocX, XlsX, PptX, etc) into AST via XML
  • Escalate by 3Point, Malware Detection, Solo Development: Managed section account with 3Point for the Escalate training software.  Completed many of the Escalate challenges in rapid order
  • Python 3, REST, JSON, git, Docker SDK, Solo Development: Wrote a Docker component for PDFParser in the Malware Catalog using the REST API and JSON in git
  • Malware Detection, IDA Pro, x64dbg, x32dbg, REMnux, Portable Executable Format, VMWare, Windows 10, Active Server Pages, Dynamic Analysis, Static Analysis, Solo Development: Analyzed a piece of malware found by NCIS, examined encoded document payloads, the including Active Server Pages (ASP), and 4 Portable Executable (PE) using REMnux, IDA Pro, x64dbg, and x32dbg on Windows 10
  • MFC, UNIX, CentOS, Ubuntu, JavaScript, PDF Parsing, SeaMonkey JavaScript API, Dynamic Analysis, Common Vulnerability Exposures, ThreadGRID, Cuckoo, OPSWAT, git, Solo Development: PDFParser is a sandboxed runtime analyzer using Dynamic Analysis of PDF files which can detect numerous known Common Vulnerability Exposures (CVE) and other common PDF malware exploits.  Ported PDFParser from Windows to UNIX.  Adapted it for CentOS and Ubuntu, using the SeaMonkey JavaScript library.  Tested with 30,000 sample corpus and compared with ThreatGRID, OPSWAT and Cuckoo.  Researched competing PDF malware detection tools in preparation for public, OpenSource release of git repository
  • LLVM, Flex, Bison, IRC, UDP, SICD, MPEG, Python 2, Cross-Domain Solution, Full Life Cycle, Solo Development: Developed the Protocol Reference Overview Specification Enumeration (PROSE) standard.  PROSE allows an interface to be defined in such a way that, using Flex, Bison, and LLVM, a software interface can be built conforming to the PROSE-specified API.  Examined the Internet Relay Chat (IRC) and User Datagram Protocol (UDP).  PROSE was tailored for the Resilient Embedded Environment (REE) under the Advanced Sensor Technology, High Assurance Guard (AST HAG) Cross-Domain Solution (CDS).  Studied the Sensor Independent Complex Data (SICD) and Motion Picture Experts Group (MPEG) protocols for potential security holes using Python 2
  • zero-mq, ISO C++, Solo Development: Modified the Enabling Capability (EC) messaging system by updating the Panser Daemon, PanserD, to use zero-mq messaging
  • ISO C++, Generic Programming, UNIX Shell, bitbake, rsyslog, gdb, SFTP, XSLT, Xerces, Apache, Coverity, Cross-Domain Solution, Team Development: The Network Pump-II was a project which would upgrade the original Network Pump Cross-Domain Solution (CDS), which only allowed data flow from low-to-high, to be a fully bi-directional CDS with traffic allowed to go from both low-to-high and, once scrubbed, high-to-low.  Worked on Watchdog and Monitor Daemons to perform housekeeping functions on Pump-II in ISO C++, Generic Programming, and Unix Shell Script.  Configured logging for Pump-II including interfacing with rsyslog.  Implemented the Pump-II Task Orchestrator.  Designed a patch for SFTP.  Wrote XSLT to generate Trusted Subject configurations with Schema validation in Xerces.  Worked with Apache.  Analyzed Pump-II code with Coverity and other code efficiency tools.
  • Scala, XPath, XML, Regular Expressions, Data Format Description Language, VirtualBox, IntelliJ, OpenSource, Team Development: Worked, with Tresys, on Scala-based DaffodilDaffodil is an one of two canonical specifications for the Data Format Description Language (DFDL) specification which at the time was under ISO review.  Now apart of the Apache Incubator, the OpenSource Daffodil project was developed to convert any, arbitrary specification into a concise XML or JSON.  Developed Daffodil as part of the Tactical Assured Information Sharing (AIS) effort with NSA and sponsored by Assistant Secretary of Defense for Research and Engineering(ASD R&E).  Used XPath to transform data and Regular Expressions to identify fields
  • Python 2, ISO C++, XML, XQuery, XSLT, Excel Basic, VHDL, Abstract Syntax Tree, Antlr 2, JOVIAL, Optical Character Recognition, Abbyy Fine Reader, Rational Rhapsody, SAXON, Solo Development: In order to provide upgraded firmware to the Raytheon AN/AGP-73 RADAR, which Raytheon no longer supported, analyzed the schematic diagrams for the equipment and generated Excel spreadsheets of connection diagrams using Optical Character Recognition (OCR) using Abbyy Fine Reader and Excel Basic.  Used XML, XQuery, and XSLT, via SAXON, to transform the data retrieved from the spreadsheets and then created VHDL mnemonic op codes to build a functional model of the components in firmware.  Documented the design using Rational Rhapsody, using it to then generate C++ code and designed a build system using Antlr 2, building Abstract Syntax Tree (AST).  Parsed JOVIAL and built JOVIAL tests.  Used Python 2 to parse the 1750A processor spec into XML
  • Python 2, XSLT, XML, XQuery, XPath, BaseX, XML Schema, ARM Thumb, Portable Executable Format, OpenGL, GraphViz, DOT Graphics Library, Subversion, OpenOffice XML, Visio, PowerPoint, Solo Development: Used Python 2 to parse the Common Language Interface (CLI) of the Partition II Metadata document which defines the Portable Executable (PE) Format, building XML.  Converted code to XSLT and, with SAXON, converted documents to XML.  Optimized XPath queries.  Based on the BaseX definitions, used XQuery to analyze various Intel programs.  LoadedPE Data into an SQL Database and generated XML from SQL requests.  Wrote an XML Schema to define the PE format.  Researched OpenGL, GraphViz, and DOT Graphics Library Programming languages.  Used GraphViz to generate PDF from XML.  Code stored in Subversion; Researched parsing ARM Thumb, .NET, OpenOffice XML, Visio, and PowerPoint formats to see if they could be generated from XML
  • PowerPC Assembly, Galois Fields, AES: Wrote an implementation of AES in PPowerPC Assembly, using Galois maths, modulo products, and Counter Mode, as well as careful use of registers
  • Dynamic Byte Code, Trusted Platform Machine, GRUB, CoreBoot, ALDO, Solo Development: Designed a many-to-one, dynamic Dynamic Byte Code language to allow Just-In-Time execution without a disk footprint as codes would be interpreted in memory alone.  Because multiple opcodes could do the same thing, it would be difficult to piece together the code logic from straight static inspection.  Developed a Trusted Platform Machine (TPM) for the proposed Secure Hardware Execution Platform (SHEP), modifying the GNU GRand Unified Boatloader (GRUB) and installing CoreBoot into the machine BIOS.  Actively developed CoreBoot to add necessary features.  Adapted to use ALDO Morse e Code interpreter.  Documented all work
  • JQuery, Facebook Security, Facebook Client Code, Team Development: Developed a browser plugin, which added a button to automatically configure Facebook to lock down a given account’s Security using JQuery and calling the Facebook Client Code
  • Service Oriented Architecture, Security Assertion Markup Language, Distributed Denial of Service, PowerPoint, Team Development: Researched Service Oriented Architecture (SOA) wish Security Assertion Markup Language (SAML) 2.0.  Researched Distributed Denial of Service (DDOS) attacks on SOA.  Wrote summary paper and PowerPoint presentation
  • Agile Development, Cross-Domain Solution, Team Development: Designed elements of the Programable Embedded INFOSEC Product (PEIP) III (MILES) software including data channel acceleration, memory map layout, and documenting these components.  Documented meetings to design page
  • Agile Development, Python 2, C, CodeSurfer, Firefly, Elliptic Curve Cryptography, PowerPC Assembly, Subversion, CVS, VMWare, HTML, ASN.1, make, Autotools, CXX Test, 1-Wire Protocol, Test-Driven Development, Full-Scale Development Article, Cross-Domain Solution, Security Kernel, Design Documents, Full Life Cycle, Team Development: Designed and Developed the PEIP-II (KG-3x) multi-channel Cross-Domain Solution with data isolation satisfying NSA.  Developed requirements and wrote design documents in the Full-Scale Development Article (FSDA).  Design Lead some elements of the project.  Developed code using Test-Driven Development and CXX Test.  Wrote parsers for various hardware components, including ASN.1, in C.  Wrote Firefly and other Elliptic Curve Cryptography algorithms in C.  Analyzed Security Kernel in C.  Developed a series of big number maths routines in C and PowerPC Assembly.  Wrote a mock ISO C99 implementation of printf to aid in hardware testing.  Wrote Python to generate proper code documentation.  Used Autotools and complex make options.  Optimized code using CodeSurfer, reporting program deficiencies to makers of the tool.  Prepared verbal presentations about architecture for NSA.  Hired software contractors
  • ISO C++, Qt, Benign Fill Keying, TCP/IP, UDP/IP, Boost, Visual SourceSafe, Subversion, Trac, XML, DTD, Python, Team Lead: Designed and Developed the Last Mile Key / Product Management Prototyping architecture subsystem for Benign Fill Keying.  The chief products were the Single-Point Key (SPK) and later Single-Point Command and Control Keying (SPC2K).  Both products interfaced with key loading hardware following military specifications.  Prototyped functionality in Python.  They communicated via TCP/IP and UDP/IP protocols and were developed in ISO C++ using Boost and Qt.  Used XML, with DTD, to allow for dynamic user interfaces based on site needs.  Interfaced with PEIP software.  Initially used Visual SourceSafe but migrated to subversion and Trac.  Developed funding proposals
  • The Nasdaq Stock Market, Gaithersburg, Maryland

    2000 2001

    Development Lead
  • ISO C++, STL, OOA, OOP, OOD, real-time, client-server, MSVC++, Win2k, ATL, COM+: Design, Develop complex market algorithms for Stock Market Analysis system
  • XML, ISO C++, STL, OOA, OOP, OOD, MSVC++, ATL, COM: Design, Develop data Logger

  • Education

    SANS Institute, Rockville, Maryland

    2018

    FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques
  • Studied IDA Pro, REMnux, and various malware tools to investigate Portable Executable, Microsoft Office, and PDF malware vectors
  • Arnewsh, Inc, Fort Collins, Colorado

    2003

    MPC860 PowerQUICC/MPC821 PowerPC Microcontrollers
  • Attended course in California going over the specifics and nuances of the PowerPC architecture and the MPC860 specifically
  • Montgomery College, Rockville, Maryland

    2002

    Advanced Java Language and Certification
  • Teaching Assistant as well as study, Certification in Progress
  • McGill University, Montréal, Québec

    1995

    B.Sc. in Computer Science
  • Originally studied 2 years in Physics
  • deprecated

    Interests and Activities

    Computer Languages, Scientific Literature, Writing (See The Witness Paradox), Electric Cars, Music Composition, Acting, Cosplay, Linguistics, Doctor Who, National Popular Vote Interstate Compact, The Equal Rights Amendment, Exotic Travel, Toastmasters, Modern Board and Card games, Vegetarian, deprecatedAviation

    Bibliography

    Martin Wilsey, Jeffrey C. Jacobs et al. The Witness Paradox. Tannhauser Press, 19 October 2018

    A collection of short stories of Time Travel gone wrong, featuring Let’s Kill John A. or John Wilkes Booth Must Die.

    David Keener, Martin Wilsey, Jeffrey C. Jacobs et al. Reliquary (The Hourlings Anthology) (Volume 2). Tannhauser Press, 11 March 2018

    A collection of short stories of ancient and forgotten artifacts, from Virginia writers, featuring The Twin Dilemma.

    Lori Mitchell, Jeffrey C. Jacobs et al. Bleed. Perpetual Motion Machine Publishing, 16 August 2013

    An anthology of horror stories and personal tales; proceeds from the sale are donated to The National Children’s Cancer Society, featuring The Unstoppable Annihilation.

    David Keener, Martin Wilsey, Jeffrey C. Jacobs et al. The Outsiders: An Hourlings Anthology. Tannhauser Press, 29 November 2019

    A collection of short stories of strangers coming to town, from Virginia writers, featuring HOX D2: A Love Story.

    David Keener, Martin Wilsey, Jeffrey C. Jacobs et al. The Curator (Hourlings Anthology). Tannhauser Press, 18 December 2018

    A collection of short stories of long lost works of art, from Virginia writers, featuring The Arctanthropist.

    David Keener, Martin Wilsey, Jeffrey C. Jacobs et al. Tranquility and Other Myths (The Hourlings Anthology) (Volume 1). Tannhauser Press, 22 January 2017

    A collection of short stories from Virginia writers, featuring Mission, Empty, and Branes, 3 Twelve-Word Stories.

    David Keener, Martin Wilsey, Jeffrey C. Jacobs et al. Uncommon Threads (Loudoun Writers Anthology) (Volume 1). Tannhauser Press, 19 June 2015

    A collection of short stories from Virginia writers, featuring Mission, Empty, and Branes, 3 Twelve-Word Stories.

    deprecateddeprecateddeprecateddeprecateddeprecateddeprecateddeprecated

    Text available on-line at http://www.timehorse.com/resume.