Howdy! I'm Graham Freeman. I'm a SuperNerdDad in the San Francisco Bay Area, USA.
I work at UC Santa Cruz in a technical leadership role in information security. Before UCSC, I worked as a systems and network engineer in a team working on bioinformatics metadata at Stanford University School of Medicine.
Through my past consulting work, I've provided excellent IT infrastructure for nice folks who do good work.
From 2011-2015, I was a technical lead in the areas of systems, networking, and information security at Sungevity, a multi-national solar company. My work was called out by a major investor as a significant factor in their decision to invest. After I left, the co-founding CEO wrote this of my work:
Graham is a real talent. He demonstrated the rare gift of mixing technical leadership with organizational leadership and people skills. His personable style, hard-work ethic, high-integrity, and passion for his role set him out as a gifted member of the team - combining his technical expertise (first class) with passion and zeal for the mission at Sungevity. I strongly recommend Graham for future roles in high-growth, challenging technical environments and roles that need the combination of technical and business skills.
-- Andrew Birch, Co-Founder & CEO, Sungevity, May 2017
Prior to that, I co-founded and helped run several cooperatives and public-benefit organizations.
Most importantly, I'm a doting (single) dad, and I have a strong interest in engaging in the world around me. I'm especially fond of intentional community, e-bikes, solar power, sea kayaking, and photography.
[ XML feed ]
This is my online portfolio, with the dual purpose of showing off what I do, and giving me a testbed for interesting tech.
Hosted on GitHub Pages, using Jekyll. Backed up to AWS CodeCommit. Served via CloudFlare and Hover. Load-tested with Loader.io. Performance monitoring by StatusCake. Build validation with Travis CI. Sanity-checking with Git-Secrets. Security scanning with Cert Spotter, linkchecker, Nessus, and Hakiri. Aggregated metadata fed to Slack.
 There is a well-reasoned debate in which at least one brilliant infosec mind makes a powerful case against the use of DNSSEC. By using DNSSEC on my personal portfolio, I intend only to demonstrate my competence in its use, and suggest that it can be worth using under the right circumstances (with an appropriate threat model). I respect the arguments against the use of DNSSEC, and factor them in to my decisionmaking process.