OBJECTIVE:

• A skilled technologist with an emphasis on security and compliance. Combines solid knowledge of technology, standards, and industry practice with teh goal of providing outstanding customer service.
• Team player that has demonstrated teh ability to lead and follow with success in demanding environments.

TECHNICAL SKILLS

Availability: Pacemaker / Confidential Cluster System, Keepalived, Galera, DRBD

Cloud: CloudForms, OpenShift, AWS, VMware vSphere /ESXi / vCenter, RHEV, oVirt, Docker

Database Systems: MariaDB 5.5 / 10, Oracle 11g / 12c, MarkLogic 6, PostgreSQL 9

Development: Jenkins, Maven, Java, Python, Ruby, Bash, SQL, PL/SQL

Frameworks: Vert.x, Aurelia, Pyramid

Operating Systems: RHEL 5/6/7, CentOS 5/6/7, Windows 7/2K/2K3/2K8

Provisioning: Satellite 5/6, Ansible, Puppet, Cobbler

Security: Keycloak, RHDS, Confidential Certificate System, IdM/FreeIPA, SAML, OpenID - Connect, PKI/CAC, Kerberos, OpenSCAP

Storage: Gluster, Ceph, GFS2, pNFS

Web: Nginx, Haproxy, Apache

PROFESSIONAL EXPERIENCE

Lead DevOps Engineer

Confidential

Responsibilities:

• Setup and maintain virtualization environments to support development pipelines. Plan updates of system baseline templates and replacement of virtual machines according to release schedule. Provide automation and tooling to improve deployment efficiency and reliability.
• Design roles to best support user responsibilities that do not restrict productivity. Create policies to restrict unauthorized access applications and environments. Provision identity to allow user access to systems perform tasks according to their assigned roles.
• Provide services to facilitate proper source code management with collaboration. Create and maintain automated builds to continuously integrate source while maintaining clean development and master branches. Ensure that master always matches production and is properly tagged for retrieval when required. Configure builds, deployment and provisioning while streamlining teh continuous delivery applications.
• Review system and application documentation and best practices to meet business needs while maintaining proper and secure operation. Consistently apply settings to all systems of same type. Ensure drift does not occur by encompassing all systems under configuration policy or schedule replacement. Adhere to operations protocols ensuring that only approved changes to systems are applied.
• Review existing infrastructure and determine inefficiencies or risks to project success. Determine solutions to enhance operations and mitigate redundancy. Create similar environments to test solutions and proof methods of implementation. Review possible implementation options and select best architecture based on needs. Create automation to better manage complex interactions while standardizing their execution.

Cloud / DevOps Consultant

Confidential

Responsibilities:

• Configure Confidential Satellite system deployments to government specifications in accordance with customer needs. Provide consulting, documentation and reference material with needed experience to navigate FISMA requirements.
• Maintain system configurations to specification throughout multi-tennant enterprise.
• Implemented Confidential IdM and Active Directory replication.
• Responsible for maintaining development lifecyle environment. Configure CI/CD build process while maintaining consistent versions.
• Worked with developers to document unpublished configuration and security parameters for Confidential Certificate System 8.
• Determined performance configurations to provide a PKI system for over 1 million users with key escrow. Worked with systems engineers and developers to maximize number of running instances on a system.

Senior Systems Engineer

Confidential

Responsibilities:

• Design, test, and implement automation for management of server and host machines including installation of agent software, collection of logs, and diagnosing client to server connectivity.
• Act as configuration manager for teh customer by monitoring teh approval process to ensure that deliverables are submitted. Oversee that change request are reviewed and tested in a timely manner. Ensure that all parties involved understand teh need for teh completion of teh process, and wat benefits each package entails. Obtain certificate to field and plan changes according to established organizational policy.
• Work with analyst to tailor policies for teh CND efforts enterprise wide with an emphasis on insider threat mitigation and identification of unsafe practices. Ability to translate analyst requirements into policies for client software using regular expressions while minimizing collection of redundant data. Work with database administrators to monitor performance metrics ensuring policies maintain do not become to resource intensive.
• Maintain, monitor, performance tune, backup, and recovery of data for 19 servers. Provides system backups on schedule, log sizes and time completed. Acted as liaison to service provider that maintained tapes ensuring that backups completed and periodicity maintained.
• Responsible for 19 production RHEL servers allocated for computer network defense. Install, support and maintain servers, and plan for and respond to service outages. Support CND analyst needs insuring their are no service interruptions while providing technical assistance and training. Other duties include insuring CND agent software is present enterprise wide for 50,000 machines worldwide and diagnosing any non- manageable systems while creating automation to facilitate efforts.
• Rack, setup and maintain 30 servers. Determine needed hardware requirements suitable for system design. Monitor performance and make recommendations to improve system readiness. Maintain and replace system raid arrays as needed ensuring no loss of data with minimal interruption of service.
• Create and manage server SSL/PKI identities ensuring secure connectivity from client to server. Maintain certificate revocation list to ensure proper certificate management.
• Manage application services including Tomcat, JBoss, Apache, PostgreSQL from RHEL servers. Ensure secure replication utilizing TCP wrappers and iptables. Utilize logwatch to generate daily health reports and notifications of systems that need immediate attention.