SUMMARY:

• IT professional with 22 years of Linux and Windows experience.
• Set up CentOS/Ubuntu Single Sign On to Win 2012 R2 AD w/Kerberos authentication.
• Virtualization using VMware ESXi/vCenter 5.5, Xen, KVM/QEMU and VirtualBox.
• Developed Powershell, AutoIt deploy scripts for 1150+ Win7/10 remote desktops.
• Developed Enigma Tiny Encryption Algorithm w/mutating key and strength analysis.
• RPi Zero $51 P2P encrypted IP phone via Asterisk IAX2 AES128 NAT'ed “channel.”

TECHNICAL SKILLS:

Linux: RedHat/CentOS (3 - 7), Debian/Ubuntu (all) and SUSE (9-12), Qubes R3.2.

Windows: NT, 2000, 2003, 2008 R2, 2012 R2, Confidential DC with Desktops 7/10 Pro.

Hardware: Cisco Pix/ASA firewalls, routers (1800), switches (3600), Confidential and Dell servers.

Software: Mainly open-source Apache/Nginx/Hiawatha web servers, Squid proxy server, Nginx reverse proxy load-balancer, MySQL, PHP-Drupal CMS, Wordpress, Magento shopping cart, Sendmail/Exim/Postfix mail servers, iptables/ebtables, Snort IDS, Asterisk PBX, Xen, VMware ESX/vCenter/Workstation, VirtualBox, KVM, vsftp, Tomcat, SOLR/Lucene search engine, Ruby on Rails/Mongrel, CVS/SVN/git, Confidential crypto-systems, Kickstart, Amanda backup, Bind9 DNS server, DHCP3 server, Dovecot imap/pop server, openSSL, openVPN, Confidential, Samba (CIFS), Heartbeat 2 for clustering/HA, iSCSI, syslog for Pix archival, tcpdump packet recording on mirrored switch ports for Wireshark analysis, ssh, gpg, telnet, Zoneminder video surveillance/ffmpeg, Single Packet Authorization, Tripwire/AIDE, ntp server, rpm/dnf/yum/zypper/apt-get package management.

Filesystems: Ext2/3/4, XFS (real-time capable, fastest/preferred), LVM, ZFS, BtrFS, NTFS.

Languages: C/C++, Assembly, Perl, Bash, Python, PHP, Ruby and Javascript.

Security: Implemented LAN Zero Trust Zones via iptables/no default route/IDS, etc.

EXPERIENCE:

Confidential, Maitland, FL

Script developer/troubleshooter

Responsibilities:

• Used Powershell, AutoIt, Strawberry Perl and batch scripts for unattended updates to remote Windows clients.
• Wrote dangerous script to change local Admin password en masse, as requested. Set up JumpCloud Agent mass deployment from Lansweeper.
• Documented then tutored IT staff on methods and usage. Investigated the Confidential open source Confidential domain controller for use with Confidential G-Suite accounts and application sync.
• Began to use the Win 10 Pro Ubuntu 14.04 sub-system (Bash shell) to add open source tools and use ssh remote commands.
• Interested in using parallel-ssh to work on Win 10 remote clients for malware mitigation requirements.
• Troubleshot pfSense firewalls.

Confidential, Orlando, FL

Systems Administrator

Responsibilities:

• On-call for a week with 4 week rotation. Provided support to older “On Premise” systems located at school districts in the US and Canada.
• First project used Perl regex scripting to update 44 Windows 2003 IVR systems with Dialogic telephony cards used in call-out to substitute teachers at various school districts.
• Second project set up Linux single sign on (SSO) to Windows 2012 R2 Active Directory server using highly secure Kerberos encrypted password authentication.
• Tasked with Confidential certificate updates for On Premise websites and scripted Comodo Confidential (domain control validation) to automate cert update process.
• Updated old Ubuntu 8.04 32/64bit systems with custom compiled Bash shells for shell-shock bug and used parallel ssh scripts to deploy versions then test new Bash shell with logging. Supported Confidential access to MySQL databases by school districts.
• Set up special VPN access for Confidential authentication use by San Diego school district.
• Created special iptable rule sets for districts with slowness caused by Cloud based Job Shopping vendor programs.
• Identified 2 Confidential virus signatures and suggested simple Tripwire-like method to warn Linux server is infected. Created new virtual servers for school districts as required. Scripted check for duplicate IPs using arping and corrected servers with duplicated IPs.
• Documented scripts, methods and architecture as required. Documented all configuration file changes with date, case number and person making change for audit trails.
• Troubleshot telephony issues and opened trouble tickets with Level 3 in the US and Teliphone-Navigata-Westel in Canada.
• Provided Tier 3 support and updated Salesforce cases with customer support information for call center response.
• Product was an Apache Tomcat/Java architecture for websites and Windows 2003 IVRs (PRI lines) or newer Linux Call Managers using SIP.
• All databases were MySQL with no more than 2 instances/districts per server.
• Confidential systems monitored servers and alerted staff on failures. Data storage were Dell SANs.
• Began to use/learn Salt Stack for server configuration management. Investigating DevOPs tools.

Linux Administrator/Systems Architect

Confidential, Orlando, FL

Responsibilities:

• Built Redhat EL 6.4 x64 Confidential Informix 11.7 database servers on 3 Confidential GL380p servers for RAID50 raw access (no filesystem) by Informix: measured 926 MB/sec write speed for 600GB write to 1.4TB database GPT partition. Set up ethernet port bonding on servers to double throughput/reliability.
• Added Bash boot script to Confidential Informix package and cloned (manual P2V) Confidential server to VMware ESX 4.0 virtual database server for developers.
• Cloned another to VMware for child support/State of Florida production use.
• Developed Bash (sftp public key script) plus Perl (replicate password changes/new account script) to transfer master account logins to 3 slave Informix database servers for ~1000 accounts.
• Investigated Confidential filesystem real-time device (SSD) capability as fall-back for raw device.
• Wrote Perl scripts to help dBAs filter/summarize Informix logs and modify SQL scripts.
• Produced back ups for each Confidential dB server for 30 minute bare-metal restore capability.
• Documented all work.

Consulting Engineer

Confidential

Responsibilities:

• Assist PSI in updating their Borland C++ GPIB code under Windows XP after a lightning strike. (2) Developed Enigma Tiny Encryption Algorithm in GNU C for ARM processor with ports to Windows and OS X.
• Confidential compliant (56 bit key is exportable) code sample for the HP50g calculator available upon request.
• Confidential has an algorithm space and a key space with programmable rounds of encryption
• . It is used like a one time pad for critical data.
• Newer versions analyze output encryption strength for algorithm parameters chosen.
• Built an Asterisk free Confidential Voice phone system for small business use.
• Phone PBX had, (GV now has proprietary protocol with no Asterisk support), 3 lines with voicemail, music on hold and SMS email notifications.

Confidential, Boca Raton, FL

Linux Administrator

Responsibilities:

• Set up very fast AES encryption of commodity disk drives using the Linux Unified Key System ( Confidential ) and investigated rescue/backup/restore methods for fully encrypted systems.
• Confidential required system administrators to have encrypted hard drives, as an admin laptop had been stolen in the past.
• Developed Bash scripts for virtual machine (VM) backups and charge-back daily email reporting.
• Managed VMware ESX VMs via the vSphere client on a NAT'ed Virtualbox, Windows 7 x64 VM to access the Linux host networking stack for openVPN tunneling to remote Confidential gateway servers.
• Managed Sendmail and Exim email servers.
• Managed 27 Squid proxy servers with GRE tunnels to a Los Angeles colocation.
• Used cPanel at the LA colo to manage customer web services.
• Set up and maintained Apache web servers and assisted web developers with Apache rewrite rules.
• Maintained iptables firewall rules on all linux servers.
• Managed Linux Asterisk office and remote call center phone systems.
• Debugged VoIP packet loss problem at remote call center. Installed Drupal
• Magento shopping cart and Wordpress blog packages under Apache for web developer use.
• Maintained legacy Xen hypervisors/VMs and Nagios monitoring systems.
• Managed Cisco switches with Linux iptables routing to VLANs.
• Corrected Cisco packet loss/looping problem on trunked VLAN Gb uplinks.
• Used Trac ticketing system and updated architecture documentation.
• Tried photography after working for Superstock, a stock photography business.
• Decided equipment costs were too high to be a profitable business.

Confidential, Jacksonville, FL

System Architect/Administrator

Responsibilities:

• The major achievement developed novel virtualized network attached storage (VNAS) units providing SAS Confidential primary (VM1) and spinning backup (VM2) with failover of high resolution photo image storage within a single, 48TB, 8U, $18k chassis, (1 purchase initially).
• This eliminated the cost of an extra backup device with backup media, requiring long restore plus verification times.
• This split-chassis method also insures backup capacity paces storage capability with only the motherboard as the single point of failure with 1 purchase.
• The Confidential duality permits 24/7 hot switchover for lengthy filesystem repair on the primary copy when the backup copy is online.
• Developed simple VM failover method for an expandable, massive, distributed image storage flat filesystem using Samba (Windows shares) over Confidential to support a Windows server web site infrastructure.
• Heart-beating for this distributed image storage used rpcinfo to monitor foundation VM Confidential servers with seamless failover to backup VM Confidential image storage without loss of customer purchase transactions in progress.
• Confidential VMs use the ultra-fast Confidential filesystem with large RAID1 external journals for eventual support of streaming video.
• Developed Linux infrastructure to push and verify error-free photo images to an off-site data center where the Confidential units and web site are located.