>> Narrator: From theCUBE studios in Palo Alto in Boston, connecting with thought leaders all around the world this is theCUBE conversation. >> Hi, I'm Stu Miniman, and coming to you from our Boston area studio. theCUBE is happy to participate in the CloudHealth CloudLIVE event, Corey Quinn and myself going head to head with The Great Cloud Debate but of course, one of the things we always love is that talk to the practitioners and so thank you to the CloudHealth team for bringing us the guest that I'm about to speak to you with, Patrick Hetherton. He is the vice president of tech ops at Jobcase, also a Boston area company. Patrick, thanks so much for joining us. >> Thanks for having me, I appreciate it. >> All right, so let's start, if you could just give our audience a little bit, Jobcase, what the company does and your role in the art? >> Sure, so you know, Jobcase we like to position ourselves as the company that is the people first social platform for, you know, empowering America's workers. So we've been working with the frontline workers for a number of years, helping them secure jobs. When you looked at companies like LinkedIn or other companies that cater towards more advanced degrees, we're doing more of the frontline workers, the blue collar workers. About 80 to 85% of our members don't have advanced degrees and we are, you know, currently at about 110 million members right now. We get 25 million unique visitors a month but, you know, we're basically trying to help those frontline workers navigate through these challenging times right now. >> Well, yeah, Patrick, I have to imagine that right now with the global pandemic going on, and jobs in a bit of flux, your team must be really busy, especially if you talk about frontline, you know, there's some very large manufacturing and service companies that are doing massive hiring, I know, I poked around the Jobcase site quite a bit and saw plenty in the in the Boston area. So if you could, you know, is that architecturally, are there anything you need to do differently is, you now, how are you thinking scale and adjust and to manage with kind of the spike in traffic that I expect you're seeing? >> Yeah, so it's been interesting, you know, we've seen a lot of different peaks and valleys throughout but right now, what we're doing is we're trying to help a lot of folks, there's certain folks who aren't comfortable going back to the workforce at this time or can't because of daycare situations. So we've done a lot of things about filtering for jobs that are remote only. We've done a lot of things about navigating the unemployment lines and things like that on how to make sure that you're focused on getting things and those who do want to go back to work we've been working with some partners to make sure that those opportunities are presented to our user base. >> Excellent, well, your session for the CloudHealth CloudLIVE event is about security. Before we get into the security piece, just your role as tech ops, can you give us a little bit of how that fits into the landscape at Jobcase? You know, how do you look at tech ops? You know, my understanding tech ops is very similar to SRE, big, buzz job lately for a site reliability engineer, so what's your responsibility? How does that fit through the rest of your work? >> Sure, so I joined Jobcase about four years ago and you know, it was, I was given the role of technical operations or tech ops, which basically meant everything that the developers weren't doing from the technology side. So it was more of IT, onboarding and security of the laptops and systems there, a little bit of facility work as far as making sure the office was set up properly and things like that, but also the DevOps or SRE team reported to me. When I first started four years ago, it was one IT person and one DevOps person and now we have six DevOps engineers and three IT people. >> Excellent, well, security, of course, you know, in general it has been a very important topic, something you're speaking on, you know, I've been hearing for years, the discussion of security can't be a bolt-on, it can't be an afterthought, it is everyone's responsibility. You know, the DevOps movement, of course, has put that fully front and center. So tell us a little bit about, you know, how cybersecurity fits into your role and a little taste of what you're going to be sharing at the CloudHealth CloudLIVE? >> Sure, so you know, it's gone through so many iterations, I mean, you've got DevSecOps, you've got the SREs, you've got risk ops. You know, we don't tend to get caught up in the buzzwords too much but more about roles and responsibilities. So, we started off as traditional Dev and Ops teams that basically dev wrote the code, we deployed the code. We found that we didn't scale very well at that and we wanted to make sure that we could get a little bit more velocity in the place so we rolled out the DevOps model and things like that and started giving more responsibility to the development team. That freed up a lot of my team's time to basically go out and start looking at more secure ways of letting our software go out. So that whole shift left mentality where we wanted to find things a little bit quicker. Make sure we were doing some baseline examples of secure practices and things like that. So that was really where we started focusing in on and what we've been doing for the past year and trying to roll this process out. >> Okay, I did a little poking around online, I understand you're also involved in the Kubernetes rollout in your company. In early days of container security was, you know, a hot button topic. Feels like we've made some good progress on that but maybe if you could connect the dots between what you're doing on the security side and general containers, we'd love to hear more about your Kubernetes deployment tool? >> Sure, so we do everything through templates, through CloudFormation so we kind of lock them down to a certain security groups and things like that but we're also having a rollout of making sure things are patched in a cohesive manner. So we have a rollout process for, you know, running the latest versions of code, updating everything. And now the, that's what my team really focuses on is making sure that we have a clear, concise process for the development team to focus in on and roll out so that they're comfortable with it, whether it goes through all the environments, our dev environment, our integration environment, our staging environment, all the way up to production, it's the same process. >> Yeah, and how do you look at that kind of a line between the developers and the infrastructure? So tech ops usually is building the place and not the ones that are actually building the new products and how does Kubernetes fit into that overall discussion? >> So we have a bunch of different teams that we work with, three primarily, and each one's at a different phase, and I think that's the thing that you have to realize, you have to do what works well for your company. So certain teams do more on the infrastructure side, where we kind of give them base guidelines as to what sizes and things like that for infrastructure they should be using and others, we have to do a little more hand holding and make sure that they understand, you know, okay, let's take a step back and understand what you're trying to accomplish, what kind of traffic patterns you want to roll out and get a little bit deeper understanding and work with them. So each team's a little different but we really blur the line a lot between Dev and Ops, I mean, it's the only way you really develop fast and secure. >> Excellent, what about automation? How does that fit into everything we've been talking about here? >> Yeah, so we've spent a ton of time on that. So again, with the CloudFormation templates, it's basically you could blow up an account and just rerun the scripts and recreate the account from scratch with a bunch of auto scaling groups so if nodes go down, they get replaced automatically. So there's all sorts of automation built in, I think we've cut down on our alerts tenfold over the past year just by all these automation scripts, and we get notifications that things have happened but there's usually no human interaction anymore, you know, for simple hardware failures. We're mostly getting more of a hardware problem right now, as far as some incompatibilities or difference that may have come with an upgrade. >> All right, so Patrick, how does your organization look at cloud? Are you all in a public cloud or using multiple clouds? You know, what's that environment? >> Yeah, so we won in AWS and we've stayed in AWS, we're not multicloud, but we do our DR plan in there and everything but 100% in the cloud. >> Okay, excellent, so you know, you're obviously using CloudHealth as part of your overall solution. How do they fit into that discussion? And give us a little bit about how long you've been using them and what you've been seeing? >> Sure, so we started with their cost program, CloudHealth, and we wanted to get a better understanding of all of our costs, especially when we're going into this more distributed model where developers had the ability to roll out infrastructure, we wanted to make sure not so much that they had budgets, but had an understanding of how much they were spending. So when you go from that centralized control as to releasing controlled individuals, with that control comes responsibility, and you know, we wanted to make sure we're making good business decisions and so we rolled out CloudHealth to all the users to be able to see what each program was costing. We did that about two years ago and we've really just finalized it the last couple of months, I've making sure that everything was tagged appropriately and engineers can see how much each application costs to run. Then last year, we decided to look at some security programs to kind of help us launch that. We're doing a lot of stuff by hand and using some of the AWS services but we wanted something to kind of roll out more to the executive team to be able to see how we're doing, as far as you know, benchmarks and things like that. So we looked at a couple different programs but we had such a really good experience with CloudHealth on the onboarding, we decided to use VMware Secure State and have been rolling that out and using that to my team primarily right now and started rolling out to all the dev teams. >> It's really interesting, Patrick, you know, you've been around long enough, I'm sure that there have been times where security or the billing or all those other things is something that somebody else took care of, if I'm kind of a typical business person, what you're laying out sounds like, there's communication, collaboration, you know the business and the technical side working together. You know, are we are we getting closer to that, you know, we're all pulling in the same direction and have clear visibility as to what the business needs and what the kind of the technical and financial pieces are? >> Yeah, absolutely, I mean, it's definitely been a joint effort, I work with the finance team on a regular basis to kind of give forecasts and things like that, especially during these challenging times, you have to know how much you're spending on these bills, I mean, the cloud is one of our biggest bills, obviously, for Jobcase. So we wanted to have a good understanding there but we also want to drive the business forward. We're working with partners right now, during these times to make sure we're getting, you know, even some free services as far as doing some trials and things like that, to ensure that we're being cost conscious for the company but also driving initiative forward. >> Yeah, Patrick, is there anything out there, you know, in the ecosystem that is on your wish list that would make your company and your job even easier? >> Great question. You know, I think better integration between all the programs, I mean, you've got a lot of best to breed programs out there so you worry about technology sprawl, you know, from application monitoring, to system monitoring, to cost monitoring and things like that, there is no silver bullet. So you know, if there was that would be great but you have to kind of pick the best to breed in all cases, we kind of go with the 80/20 rule. If a program does 80%, but it integrates with other programs and we're going to use that over one that's maybe 90, 95%, just for ease of use and computation. >> Great, well, Patrick, I want to give you the final word, any other final takeaways that you would share with your peers as to things they should be looking at or things they should prepare their teams for to be more effective and more secure? >> Yeah, I'd say don't be afraid of change but also work with your dev teams. If you make it too difficult for them or it becomes an us versus them, it's just never going to work. It has to be a partnership, they have to buy into the things that you're trying to do and in most cases, they will, they want to do the right things but you've got to kind of eliminate the noise from them and make sure that they're only getting the things that are important to the company. >> Well, Patrick, thank you much for sharing and absolutely, a very important service Jobcase is performing especially right now when, you know, jobs and as you said, flexible work environments are critically important. Thanks so much. >> Thank you. >> All right, be sure to check out the CloudHealth CloudLIVE event. I'm Stu Miniman, you'll see me and Corey Quinn in The Great Cloud Debate and thank you for watching theCUBE. (gentle music)