Skip to content
View J8k3's full-sized avatar
๐Ÿ’ญ
Building things. Writing about it at jacobmarks.com.
๐Ÿ’ญ
Building things. Writing about it at jacobmarks.com.
0 followers · 2 following

Block or report J8k3

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please donโ€™t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this userโ€™s behavior. Learn more about reporting abuse.

Report abuse
J8k3/README.md

Jacob Marks

Senior Engineering Leader | Payment Cryptography | Distributed Systems | ex-AWS

I build and scale security-critical, regulated infrastructure where correctness, compliance, and availability are non-negotiable. Most recently I led the architecture and launch of AWS Payment Cryptography โ€” a globally deployed, hardware-backed cryptographic service โ€” taking it from ambiguous customer input to production under strict PCI and regulatory constraints.

I operate at the boundary between deep technical design and durable execution: defining systems, authoring threat models, governing hardware and software designs, and building the operational practices that hold up over time. I stay hands-on in critical paths and set technical direction that scales beyond my direct involvement.

Currently targeting Director of Engineering, VP Engineering, or senior IC roles in fintech, payments, and security-critical infrastructure.

๐Ÿ“„ Blog & Website ยท ๐Ÿ’ผ LinkedIn

๐Ÿ”ง Active Project: CyberChef Payments

J8k3/CyberChef โ€” AI-assisted development

A fork of GCHQ's CyberChef extended with structured payment cryptography tooling for engineering, debugging, and interoperability work in regulated payment environments.

If you've done engineering, debugging, or interoperability work in payments, you know how much time goes into testing payment schemes and data structures. Often you don't need a live HSM โ€” you just need to inspect, parse, validate, or construct a structure and see what's going on. That's the gap this fills.

Current capabilities:

  • TR-31 key block parsing and encoding
  • Key metadata inspection and structural validation
  • Deterministic, test-vector-driven transformations for offline analysis

Roadmap: TR-31 decryption (with provided KBPKs), DUKPT (3DES/AES) derivation helpers, PIN block parsing, payment-specific MAC and KCV utilities

๐ŸŒ Live hosted demo ยท All operations are explicit, inspectable, and composable โ€” fully client-side, nothing leaves your browser.

๐Ÿ—๏ธ Engineering Background

AWS Payment Cryptography (2021โ€“2026)

Led the definition, architecture, and launch of a globally deployed, hardware-backed cryptography-as-a-service platform โ€” a first of its kind in the cloud.

  • Authored the foundational threat model and security posture from early customer input through launch and steady-state
  • Defined and governed control-plane, data-plane, and hardware designs โ€” maintaining system coherence through technical review
  • Established operational and observability practices focused on customer impact and failure modes
  • Introduced daily HSM fleet health evaluation, reducing unsellable capacity from ~10% toward ~5%
  • Established hardware-backed design patterns later reused across related cryptographic services

EC2 Core Platform (2018โ€“2021)

Owned core EC2 platform services and led architectural improvements at massive scale.

  • Led architectural separation of telemetry and billing systems supporting hundreds of petabytes of customer data
  • Owned platform-level reliability and cost tradeoffs across core EC2 infrastructure during periods of rapid scale

Defense & National Security (Booz Allen Hamilton, 2008โ€“2016)

Progressed from hands-on engineer into technical and program leadership on systems operating under security and compliance constraints.

๐Ÿ› ๏ธ Technical Depth

  • Languages: C# / .NET (primary), Rust, JavaScript
  • Domains: Payment cryptography, HSM/PCI compliance, distributed systems, key management, cloud infrastructure
  • Security: Threat modeling, PCI-DSS, NIST/DoD ATO, hardware security modules
  • Leadership: Multi-team engineering orgs, technical direction, engineering management

๐Ÿ“ Other Projects

  • aws-ms-deploy-assistant โ€” AWS Labs project (contributions under legacy account @J8K3-zz)
  • LightningPDF โ€” Fast-loading PDF viewer with merge, rotate, and reorder features; built for speed when reviewing large document volumes (C#)
  • document-sorter โ€” PDF document classifier that automatically organizes scanned documents into folders based on keyword matching rules (C#)
  • awssescredgen โ€” CLI tooling for AWS SES credential generation (C#)
  • speventreceiverman โ€” Utility for SharePoint event receiver management (C#)

Note on GitHub accounts: Due to a legacy account recovery issue, my original profile was renamed by GitHub. Current active account: @J8k3. Historical contributions: @J8K3-zz.

๐Ÿ“ซ Connect

Pinned Loading

  1. CyberChef CyberChef Public

    Forked from gchq/CyberChef

    CyberChef fork extended with structured payment cryptography tooling for analysis and engineering workflows.

    JavaScript 1

  2. aws-ms-deploy-assistant aws-ms-deploy-assistant Public

    JavaScript

โšก