Berk Demir

Engineer at Facebook

San Francisco, CA

How does this work?

I'm an engineer living in San Francisco Bay Area. I work at Facebook, focusing on authentication, authorization, and use of cryptography. Previously, I worked at Twitter, Cloudflare, and StumbleUpon, focusing on traffic, resiliency, and security. I offer office hours on wide range of information security topics, large scale internet service delivery, and distributed systems resiliency.

Ask me about
Duo Security
Apache Mesos
Apache Aurora
Content Distribution Networks
Work experience

Aug 2016 - Present



Authentication, authorization, and use of cryptography. Previously: – Web Foundation: availability and resiliency – Traffic Foundation: global scale optimal service delivery


Nov 2012 - Aug 2016


Sr Staff Site Reliability Engineer

Availability, performance, and reliability. Complex Incident Response. Traffic Engineering.


Sep 2012 - Oct 2012

CloudFlare, Inc.

Systems Engineer


Oct 2009 - Aug 2012


Software Architect

Availability, latency and security. • Infrastructural Components - Near real time MySQL to HBase replication. (Java) - ZooKeeper based service discovery. (Python) - Kafka based messaging system with an HTTP gateway. (Scala) - Content addressable storage for binary large objects on top of HBase used as a CDN origin. (Scala) - K-ordered, multi datacenter capable, distributed ID generator. (Scala) - Time series collectors for kernel, JVM, SNMP, and proprietary APIs of appliances. (C, Python) • Service Delivery - Frontend serving, caching and load balancing. - TLS termination. • Networking - Data center networking. - Move from Layer 2 (VLANs) to Layer 3 (IP) leaf and spine with OSPF in the core. - Diversifying upstream connectivity by becoming multi-homed and establishing MLPEs with BGP at the border. - OpenBSD based packet filtering and direct server return load balancing. • Advisory Engineer - OpenTSDB: An open source, scalable, high performance time series database built on top of HBase and written with Java. - An N+2 system to serve StumbleUpon badges (around 70% of the all HTTP requests StumbleUpon gets) with very low latency and high availability. Written with Scala.


Aug 2005 - Sep 2009

Meteksan Sistem

Solution Architect (Integration, Scalability, Security)

• Scalability ­ - Bottleneck analysis and refactoring of Java, .NET, and LAMP stack applications. ­ - RDBMS performance work for MySQL and Oracle via engine tuning, sharding, and query refactoring. ­ - Migration of aging conventional OLAP systems to Hadoop and HBase. ­ - Anycast CDNs • Integration ­ - Peddler of Service Oriented Architecture. SOAP, XML-RPC, and RESTful web services. ­ - Enterprise Service Buses with Oracle Fusion, BEA AquaLogic and Apache ServiceMix. ­ - Message Queue, Business Process Mgmt. and Data Services Platform integrations to ESB. • Security ­ - Security engineer for software product line and customer proprietary information security projects. ­ - Black box and white box vulnerability assessment, penetration testing, and audit automation. ­ - MSSP operations lead for homeland security, law enforcement, and finance sector customers. • Business Continuity and Disaster Recovery Planning & Compliance (2006-2007) ­ - BCP and DRP for government information systems. ­ - ISMS auditor for ISO 27000 and PCI-DSS. • Product Development (2004-2006) ­ - DDoS Mitigation Appliances, Load Balancers with SSL offload. - Kernel development for OpenBSD based network security appliances.

Jul 2003 - Aug 2005

Meteksan Net

Internet Systems Engineer

• Planning, deployment and administration of large scale Internet services in an ISP environment. - Operations on OpenBSD, Solaris, and Linux based systems. - Veritas and Red Hat Cluster Server based high availability clusters. • Planning, deployment, and administration of customer premises network security devices. - Checkpoint, OpenBSD, and Linux based firewall, VPN, and detection systems. - Design and implementation of OpenBSD and Linux based embedded security appliances. • Web services for ISP infrastructure management and monitoring. - XML-RPC and SOAP services implemented in C and Python. • Integration of open source software to create high performance, scalable Internet services.


Oct 1999 - Jun 2003


Systems and Security Consultant

• Contract agent with Andersen Consulting. • Enterprise risk assessments, penetration tests, incident handling, computer forensics. • Unix migrations. HPC, and high availability clusters.

Aug 1996 - Jun 1999

birNET Information Systems Ltd.

Network and UNIX Systems Administrator

• Day-to-day administration of ISP services on Unix and Windows NT based systems. • Technical support for WAN connectivity with Cisco and Nokia network active devices. • End-user technical support for dial-up customers.


2004 - 2009

M.Sc. Candidate, Software Engineering

2000 - 2003

B. Sc., Computer Engineering

1999 - 2000

B. Sc., Electrical and Electronics Engineering

Talk to Berk

@ Copyright 2020 OfficeHours Technologies Co.