GEORGE LARSON Email: george.g.larson@pm.me Phone: 412-945-0101 Location: Pittsburgh, PA SUMMARY Director of Technology and long-time builder with a career across software engineering, infrastructure, and manufacturing. I lead calm, pragmatic teams that deliver Linux and cloud systems, DevOps automation, and resilient ecommerce platforms while decades of Zen practice keep the room steady under pressure. I stay close to the keyboard, understand the whiteboard, and use AI with an eye toward privacy and measurable outcomes. KEY METRICS (2025) - 36 public assets scanned continuously via HostedScan + OWASP ZAP with 33 findings closed in the past 60 days and zero critical/high issues in backlog. - 36 active GitLab projects (11 users, 2 groups), 2,204 merge requests, 739 CI pipelines (avg 565 successes / 58 fails) and 16 managed SSH keys. - Mattermost workspace with 7 teams, 40 channels, ~1.0M lifetime posts, 313 calls, and alert channels wired to uptime, upgrade, helpdesk, GitLab, and web-critical events. - Zammad helpdesk processed 1,487 tickets YTD (~150–206/month in Jun–Aug) with ≥97% close rate, 68% resolved inside 24 hours (56% inside 8 hours), zero reopen events. - Uptime Kuma monitors 31 services (GitLab, Helpdesk, Shopify APIs, FTP, chat, docs, etc.) as part of 24×7 observability feeding Mattermost. CURRENT FOCUS - Building and operating manufacturing and ecommerce platforms with 99 percent uptime targets. - Coaching teams through lean, testable delivery practices that keep production stable. - Scaling an AI-assisted knowledge stack and security programs that keep data, people, and compliance boundaries protected. CORE STRENGTHS DevOps and Infrastructure Automation - CI and CD design, infrastructure as code, container orchestration, and repeatable releases on self-hosted runners. - Observability, incident response, high-availability design (replication, backups, CDN), and pragmatic SLO tracking for hybrid environments. Technology Leadership and Strategy - Strategic roadmaps that connect executive goals to team-level delivery. - Calm stewardship for blended internal, offshore, and vendor teams. Software Development and Engineering - Full stack delivery across Python, PHP, Perl, C++, SQL, and TypeScript. - Code review, automated testing, and performance tuning for legacy and greenfield systems. Security and Privacy - Network hardening, IAM, HostedScan/ZAP/Nikto assessment loops, and zero-trust rollouts. - Privacy-preserving AI workflows, regulated-data guardrails, and tabletop response drills. AI, Data, and OCR - Workflow design using open and commercial models, RAG pipelines, and model selection. - OCR digitization for historical archives with validation and quality control. OPEN SOURCE PROJECTS Deep Research Privacy Edition, Creator and Maintainer (2024 to Present) - Created a privacy-focused research tool combining Venice.ai's uncensored language models with Brave Search capabilities. - Implemented robust privacy features ensuring user data protection and local processing. - Developed clean, maintainable TypeScript codebase with comprehensive documentation. - Integrated multiple AI models and search providers with intelligent rate limiting and error recovery. Interactive Resume (georgelarson.me/resume.html), Builder (2024 to Present) - Shipped a static, terminal-themed resume with AI-assisted lens summaries running on Cloudflare Pages. - Serves the canonical resume.txt for printing and diffing while keeping inference tokens server-side for privacy. - Highlights saved lenses and quick prompts so visitors can explore leadership, manufacturing, or privacy angles in seconds. SELECTED WORK HISTORY Director of Technology, FM Expressions (2018 to Present) - Lead technology strategy for a mid-size manufacturing company serving ecommerce channels. - Improved database performance by 93 percent while driving critical systems to 99 percent uptime; cut MySQL slow-query volume by 96 percent to accelerate incident response. - Built an AI-assisted knowledge stack (Wiki.js, Gitea, Qdrant, ETL pipelines) that captures production logs, transcripts, and operator notes so teams can search, surface, and act on institutional knowledge in real time. - Resolved conflicting manufacturing documentation, created a style guide and glossary, and instituted monthly and quarterly review cycles to keep safety and operations guidance consistent. - Reduced a 1.03 GB legacy software repository (4,656 binary artifacts) to a clean, LFS-ready codebase, eliminating clone failures and enabling sustainable development practices. - Hardened hybrid infrastructure with Authentik SSO, HashiCorp Vault, automated TLS renewal, firewall hardening (iptables, UFW, CrowdSec, fail2ban), DMARC/SPF/DKIM enforcement, HostedScan/OWASP ZAP sweeps across 36 public assets, and Red Sift OnDMARC (p=reject, 1.5M emails/month at 99.48% compliance) to keep critical/high findings at zero and close 33 issues in the past 60 days. - Run GitLab (36 projects, 11 users, 739 CI pipelines) and Mattermost (7 teams, 40 channels, ~1M posts) as the collaboration core tied into Redmine (22 cross-functional projects), Zammad (~200 tickets/month with 68% closed inside 24 hours), and Uptime Kuma (31 monitors feeding alert channels). - Maintained high-availability platforms: dual MySQL replicas, VMware ESXi with Datto backups, Active Directory, Cisco Meraki switching, SonicWall/pfSense firewalls, and a staged CDN migration from self-hosted edges to Contabo and Cloudflare. - Built the Mashy internal dashboard plus tooling such as Psono vault, PrivateBin, phpMyAdmin/Adminer, DBeaver, knowledge mining utilities, and status pages so teams access credentials, data stores, and observability in one click. - Driving adoption metrics for the knowledge stack (semantic search, embeddings, saved lessons) to quantify time-to-answer gains for production and customer operations. - Captured Meteor print-head PCAPs and tuned Nikto, Metasploit, and custom fuzz rigs to secure industrial protocols while migrating remote access from VPN to zero-trust policies. - Implemented Agile delivery, ticketing, and analytics to align product, operations, and finance on throughput, defect, and margin targets. Senior Software Engineer and Manager, Universal SmartComp (2009 to 2016) - Helped scale the company from a 50 person startup to a national leader in medical billing. - Designed EDI frameworks, ACH processing, ERP integrations, and a medical payer portal. - Led internal and offshore teams across development and Linux infrastructure. - Acted as security response lead and Linux SME; migrated project management to Redmine with custom plugins. - Built OCR bill entry validation that reduced errors and sped turnaround. Software Engineer and Team Manager, Sony Electronics (2004 to 2009) - Directed software development, logistics, and technical operations for the Pittsburgh Customer Satisfaction Center. - Designed and ran the TiVo firmware upgrade station for the United States market. - Built hardware testing suites for CD drives, set-top boxes, PCBs, televisions, cameras, and MP3 players. - Created an AS/400 parts ordering interface that saved millions in operational spend. - Managed more than 50 combined technical and non-technical staff. - Developed a VT-52 terminal emulation system used for inventory management. Maintenance and Automation Technician, T. Marzetti Company (2000 to 2004) - Led second shift maintenance for robotics, conveyors, and packaging machinery. - Programmed PLCs and tuned sensors, actuators, and industrial controls on the production line. Earlier Career Highlights (1990s to 2000s) - Software developer and webmaster for non-profit organizations. - Engineer for The Sounding Board, a psychotherapeutic BBS in Columbus, Ohio; built custom C++ modules for Major BBS and kept one of the first internet-connected BBS systems alive. - Contract developer for Daifuku USA working on material handling support systems. - Two-time Business Professionals of America chapter president; regional competitor in extemporaneous speech. VOLUNTEER WORK - Systems administrator for a volunteer Linux community, digital radio station, and open shell environment. - Long-term support for animal shelters, including events, outreach, and facilities work. - OCR and digitization project contributor for historical legal documents. TECHNICAL SKILLS Languages: Python, Perl, PHP, C++, SQL, TypeScript Web and Data: MySQL, PostgreSQL, WordPress, Redmine, Gitea, Wiki.js Infrastructure: Linux, Apache, Nginx, Caddy, IIS, Kubernetes, VMware ESXi, Datto backups, Cisco Meraki, SonicWall, pfSense, CrowdSec, Let's Encrypt/ACME, Cloudflare CDN Cloud: AWS, Azure, Google Cloud, Proxmox Security and Identity: Authentik, HashiCorp Vault, Psono, CrowdSec, HostedScan, OWASP ZAP, Nikto, Metasploit, SSL/TLS, iptables, UFW, fail2ban, DMARC/SPF/DKIM, DefectDojo, OpenVAS, zero-trust network design Collaboration: Agile, Scrum, Kanban, Redmine, Zammad, GitLab, Mattermost, CryptPad Mail Systems: iRedMail, Postfix, Dovecot Commerce: Shopify, custom ecommerce platforms, payment integrations AI and ML: Venice.ai integration, Model Context Protocol, applied research workflows, RAG design, model governance, privacy safeguards Vector Search: Qdrant, semantic embedding pipelines, AI-assisted knowledge bases Monitoring & Dashboards: Uptime Kuma, HostedScan, Red Sift OnDMARC, Dashy internal portal