SUMMARY:

• Technology expert providing elegant solutions to complex problems that improve performance, decrease risk, and save money. Lead System Architect, Systems Engineer, Software Developer, and Security Expert with 31 years of experience in designing, coding, implementing, and managing new technologies for heterogeneous large - scale server and network infrastructure, and diverse applications and systems. Specialize in: mission critical systems in the financial industry, Linux, UNIX, networking, virtualization, high availability, and system/network security. Design, code, and implement system-level scripts and tools for application integration and automating system administration. Created plans and built consensus among management, development and infrastructure leaders. Leveraged open source and off the shelf software and utilities to rapidly provision Production systems. ITIL Certified. Implemented infrastructure using QA methodologies to ensure reliability when put into Production.

TECHNICAL SKILLS:

• Linux
• RHEL/CentOS 7
• 6 and 5
• OpenBSD
• AIX
• Solaris
• HP-UX
• MS Windows
• Citrix and VMware ESXi
• C
• C++
• Perl
• AWK bash shell scripting ksh regular expressions
• MySQL
• MariaDB
• PostgreSQL
• Sybase sockets programming
• PHP
• Apache
• Nginx
• Tcl/Tk
• Kernel tuning
• TCP/IP networks switches routers
• VLANs firewalls ipsec VPNs
• TLS/SSL ssh
• SFTP
• SELinux tcpdump
• Wireshark
• DNS
• PowerDNS
• NTP
• LDAP
• FreeIPA
• LVM
• DRBD
• NFS
• NAS servers autofs/automount
• GlusterFS
• Samba
• SMTP
• Postfix
• DHCP
• PXE and kickstart
• X/Windows
• XDMCP
• Firewall rule sets: IPtables
• PF and Sidewinder. Linux/UNIX Kernel tuning. JIRA and Service Now

PROFESSIONAL EXPERIENCE:

Confidential

System Engineer and System Architect

Responsibilities:

• Designed and coded systems and automated administration tasks in Perl and shell. Improved security of data center servers: blades, 10 GB switches and routers, and VMware ESXi. Implemented FreeIPA for centralized authentication across three data centers.
• Installed, configured, tested, and maintained Apache and Nginx Web servers, MySQL and MariaDB servers, PowerDNS and SFTP servers, and Tomcat on RHEL 7 and 6.

Confidential

Systems Engineer, Security Expert, Application and System Integrator

Responsibilities:

• Migrated hundreds of system and application servers to a new data center while at the same time converting them from HP-UX and Solaris to Linux guests on a VMware ESXi server farm.
• Developed and implemented secure Web (Apache) gateway servers that authenticate the user with LDAP, set authorization cookies, and proxy the HTTPS connections to internal application servers. Collaborated with the networking group to set routes, open firewall ports, and set ACLs for TCP.
• Designed and deployed secure Citrix infrastructure via redundant Sidewinder Firewalls. Coded scripts to test availability of the network path before launching the Citrix Receiver.
• Debugged networking and firewall issues with tcpdump and Wireshark.
• Hardened Linux servers to prevent potential security vulnerabilities.
• Designed and implemented secure application-to-application authentication using sudo and restricted file permissions preventing access to root.
• Migrated a PHP+PostgeSQL+Apache application to RHEL 6 and PostgreSQL 8.4 via extensive PHP coding and dump/load of the DB schema and DB to PostgreSQL.
• Coded infrastructure software in Perl, shell scripts, and C++, for NYSE trading systems with tight security and high availability.
• Provided 24x7 last-resort systems fixes.
• Coded and implemented firewalls through which all NYSE order traffic passed using RHEL 5, IPtables, and C++ FirewallBuilder GUI, reducing latency, improving security, and reducing costs.
• Coded Perl, shell scripts for securely distributing IPtables rules updates to these 16 Linux firewalls.
• Debugged IPtables issues. Debugged SELinux issues.
• Coded and implemented Perl script for tracking successful and failed application launches. This script analyzed Sidewinder Firewall logs for successful and failed network connections.
• Migrated Apache, Firefox, and XDMCP authentication servers to RHEL 6 from HP-UX.
• Created a customized version of RHEL 6/5 running on a thousand trader workstations powering screens on the NYSE Trading Floor. These read-only root workstations automatically configure themselves and connect seamlessly on the trading floor during boot via data from configuration servers. Coded numerous scripts to automate these processes.
• Coded and implemented custom PXE imaging server and advanced kickstart scripts for bare-metal imaging of customized read-only root workstations.
• Designed, coded, tested, and implemented an automated system for remotely upgrading the customized Linux workstations using an alternate root partition.
• Coded Perl scripts that automatically check for system and network issues across 1,000 Trader workstations and create configuration and error reports.
• Evaluated two network printing vendor products to be used for printing order tickets. Presented the results with recommendations to Management for purchase decision.
• Developed an automated test suite for a network printing system used on the NYSE Trading Floor. Coded using Perl sockets modules to test printing protocol and network connectivity, including timing out incomplete connections. Statistically measured time to print under various workloads.
• Coded scripts in TCL to replace C++ utility programs for managing and authenticating Kerberos users.
• Packaged application and system releases into products that are easily installed by the Production Operations group along with detailed instructions for installing and backing out. The Operations group often commented that my step-by-step documents were easy to follow.

Confidential

System Engineer and System Architect

Responsibilities:

• Deployed and administered servers across four data centers located in the U.S. and Europe.
• Introduced new technologies and expanded capacity and high availability of data center servers running Linux, VMware ESXi, and Solaris. Debugged and rectified network issues.
• Implemented VMware ESXi hypervisors with CentOS, Windows Server (2008 and 2012) and OpenBSD guests, 10 GBit networking, Virtual Switches, VLANs, and vCenter.
• Installed, configured, tested, and maintained Apache Web servers, Postfix e-mail servers, MySQL and Sybase DB servers, and Tomcat on RHEL/CentOS 6 and 5. Installed, configured, and maintained OpenBSD-based firewalls and PF rule sets.
• Dramatically reduced costs via creating system architectures with open source software, innovative technologies, and commodity hardware to implement server-based infrastructure.
• Exceeded financial system security expectations to prevent unauthorized access.
• Evaluated and implemented highly available storage architectures using Gluster, DRBD, NFS, HA-NFS, Samba, and autofs on commodity Linux hardware.

Confidential

UNIX/AIX System Engineer

Responsibilities:

• Developed, built consensus for, and implemented changes to mission-critical AIX-based gateway servers resulting in improved uptime.
• Analyzed, developed, and presented plan to management to reduce cost of adding disk storage by utilizing AIX LVM to move logical volumes to larger disks rather than adding additional drawers of disks. Used LVM to reorganize the logical volumes without downtime and risk.
• While on-call overnight, diagnosed and restored failing AIX servers in time for market open.

Confidential

Founder of start-up E-mail Security Company

Responsibilities:

• Created security tools for analyzing outbound enterprise SMTP e-mail traffic on Solaris.
• Administered a test server running Solaris. Wrote test scripts in Perl and Tcl/TK.

Confidential

Lead AIX Systems and Network Engineer

Responsibilities:

• Provided network access for data stored on legacy systems to insurance agents nationally from Windows PCs and notebooks. Installed, configured, and tested AIX RS/6000 gateway systems initiating CICS transactions with MVS mainframes from X.400 and SMTP e-mail.
• Utilized AIX LVM to optimize disk usage by changing filesystem layout without downtime.
• Implemented and maintained NIS+ servers and clients on Solaris.
• Mentored and trained key NY Life technical staff.
• Determined root causes of failures and rapidly restored Production systems.
• Evaluated, recommended, and implemented enhancements to security, networking, performance.
• Installed and configured Sybase Open Client, NFS server, Open Source tools, and CICS/6000 with SNA sessions over Token Ring to Confidential mainframes.

Confidential

Financial Application Architect, Developer, and Systems Converter

Responsibilities:

• Redesigned a portfolio client/server application utilizing DB loading and Oracle Stored Procedures with Pro*C SQL, C, Perl, and a Motif GUI builder.
• Converted the application from Oracle to Sybase Stored Procedures, DB-Library, and SybPerl.
• Normalized database schema and isolated database-specific code converting it into stored procedures to improve performance.
• Coded the interface to GUI front-end in Perl and coded Sybase queries and stored procedures enabling users to search institutional investor’s portfolios, trades, investment histories, and contact info with data from multiple feeds. Portfolios included bonds, equites, and derivative securities.
• Coded Perl scripts for reading DB data from tapes and inserting the data into the Sybase DB.

Confidential

AIX System Engineer and Troubleshooter

Responsibilities:

• Resolved severe system performance and uptime problems. Tuned the AIX kernel.
• UNIX/AIX expert for administration and security of enterprise-wide RS/6000 Production network with 500 simultaneous users running a mission-critical database.
• Coded AWK, shell scripts, and C programs automating systems administration.
• Improved response time, throughput, security, fault tolerance, and recovery procedures.

Confidential, Rockville, MD Automated System Test Expert

Responsibilities:

• Wrote applications in C, C++, AWK, and Korn shell. Strengthened security of a networked AIX 300-node system using TCP/IP, NFS, and NIS. Automated and improved thoroughness and efficiency of testing for the FAA’s National Air Traffic Control System. Developed test methods and tools for determining accuracy of algorithms used for radar processing and aircraft tracking. Coded tools for distributing application code and test results to and from hundreds of computers.