Determined, energetic and diligent Linux/DevOps professional with 10 years of experience in IT including monitoring, troubleshooting, networking, security, scripting, automation and configuration skills. Passionate about emerging technologies, interested in designing and implementing automated and redundant solutions, proficient in design & implementation of complex and fully automated Continuous Integration, Continuous Delivery, Continuous Deployment pipelines and DevOps processes for Agile projects. Ability to work independently and in a team environment, with a minimum amount of supervision. Strong ability to solve complex problems, absorb new information, work under pressure and adapt to evolving circumstances. Able to work in high stress environment with 24/7 on - call rotation. Excellent communication and collaborative skills.
Operating System: RHEL/CentOS 6.x and 7.x, Windows 2012/2012R2.
Networking: TCP/IP, DHCP, SSH, FTP, NTP, NAC, VPN, DNS.
Scripting language: Bash Shell, Python, Java.
Logging: At, cron, Anacron.
Database: LAMP stack, SQL, MySQL, MariaDB.
Disk Management: Mounting, File systems troubleshooting, lvm.
Mail: Sendmail, dovecot, Squirrelmail.
Application and Web Servers: Load-balancer(HAProxy),Tomcat, Apache, Nginx.
Identity Management: OpenLDAP, PhpLDAPadmin.
Automation: Ansible, PXE, Kikstart. Mirror/Repo
Change Management(ITIL): Manage Engine Service Desk, Service Now, JIRA, ITOP .
File Sharing: FTP, NFS, AutoFS, SAMBA.
Monitoring: Nagios, PRTG, Solarwinds
Security: Firewall/Iptables, SElinux, Standard and Advanced File Permissions, ACL
Virtualization: VMWare ESXi 5.x and 6.x, exposed to XenServer 6.x and Linux KVM.
DevOPS Tools: Git, Jenkins, Docker(SWARM), Kubernetes(Cluster), Ansible.
Hardware: Dell PowerEdge 29XX series, R310 -350, Dell Blade C6100, HP-DL380 G5, G6, G7 & Gen8, RAID arrays, SAN, NAS, NFS Dell EMC VNX 5300 or VNX5400, Cisco Layer2 and Layer3 switches, Cisco routers, Cisco ASA
Cloud: AWS(VPC, EC2, LB, AUTOSCALING, S3, GATEWAY, SUBNET etc)
- Participate fully in RedHat7 migration project, which includes migration of hundreds of servers from RHEL6 to RHEL7. Building and configuring new VMs needed for the project, created DNS entries.
- Troubleshoot day to day system and user problems including resolving issue tickets and documentation of the issues and their solutions.
- Maintain, support, troubleshoot, configure, install, and deploy upgrades on Linux servers.
- Create and manage LAMP Stack, using Linux, APACHE, MariaDB, MySQL, PHP. Manage LAMP servers in a Highly-Available, 24x7 production environment. Use lamp to build our internal wiki pages and migrating documentation from share point.
- LDAP user authentication and user/group management.
- Install and configure VMware server instances for virtual server setup, deploying and creating VMware virtual guests running Linux, and Windows.
- Configure Firewall to allow Applications to run.
- Manage SELinux for proper work of applications.
- Install and configure Ansible. Use ad-hoc commands to actively manage multiple services. Install and modify several packages using Ansible modules. Write and deploy various playbooks.
- Follow job's policies to create user accounts. Manage groups of multiple user accounts.
- Manage and prioritize all processes and services on servers
- Install and configure redundant DNS servers in order to increase efficiency of network exponentially. Automate and add new records to the DNS server, leading to 50% increase productivity.
- Install and configure Nagios to monitor all servers in environment; identifying malfunctioning servers and creating solutions to restore their functionality.
- Develop Linux shell scripts to accomplish redundant tasks to simplify in distributed administration. Use multiple scripts to schedule task during off hours. Assist with writing scripts on daily job duties which increased revenue by 20% within six months.
- Set up NFS, FTP and Samba file sharing services on Linux and Windows environments.
- Set up secure passwordless authentication on servers using ssh keys.
- Build and implement redundant and scalable load balancers with HAProxy
- Use PXE/DHCP and Kickstart to deploy servers.
- Manage and configure RPM package building tools for building and patching of applications from source codes for Centos and RHEL systems.
- Install, configure and support of Apache(HTTP) on Linux production servers.
- Synchronize time,using NTP and Chrony services to ensure consistency within network.
- Install, upgrade and manage packages via RPM and YUM package management.
- Manage Cron jobs, at Jobs, and job scheduling.
- Install and configure Hardware.
- Create physical volumes, volume groups, logical volumes (LVM) and file systems.
- Perform daily system monitoring, verify the availability of all server resources, systems and key processes.
- Document and update IT procedures & user guidelines in companies Wiki page.
- Deploy multiple instances and static websites using AWS EC2 and S3.
- Project lead for Cloud(AWS) projects.
- Well versed in writing ansible playbooks used for configuration management and automation.
- Well versed in writing bash/shell scripts to automate simple and complex tasks.
Information Security specialist
- Protect confidentiality, integrity, availability of servers and endpoint infrastructure of Confidential . Design, install and manage security mechanisms that protect information systems
- Installation, configuration, maintenance and support of Centralized Anti-Virus, Data Loss Prevention(DLP), Public Key Infrastructure, Centralized Patch Management, Configuration Management, Application Control, Device Control, SIEM, Incident Management systems.
- Early detection and fast reaction to unexpected “suspicious” situations (i.e. unusual system behavior, virus outbreaks, rogue devices, etc.)
- Server and host infrastructure design and security.
- Operating system exploit identification.
- Host based Intrusion detection/prevention.
- Protect confidentiality, integrity, and availability of information transport system of Confidential . Monitor computer networks for security threats, unauthorized users or misuse of network assets.
- Installation, configuration, maintenance and support of Firewalls, VPNs, Website and Email Filtering devices, AAA services, NAC, Remote Access and Intrusion Detection/Prevention systems, Centralized Time Clock System, Vulnerability Assessment and Mobile Security Solution.
- Network Traffic monitoring- early detection and fast reaction to unexpected “suspicious” situations (i.e. unusual traffic volume, port attacks, rogue devices in the network, etc.)
- Network design and security.
- Web and network security exploit identification.
- Intrusion detection/prevention and network traffic analysis.
- Security event analysis and monitoring.
- Monitoring for compliance with information security procedures and policies.
- Liaising with colleagues on the development of new designs and standards.
- Integration of new products into the infrastructure.
- Acting as escalation point to vendor to resolve problems.
- Writing and maintenance of technical documentation including design docs, test plans, project plans, procedures, incident reports and troubleshooting guides.
- Respond to incidents, investigate violations and recommend enhancements to plug potential security gaps. Collaborate with other security team members to facilitate incident handling.
- Communicating systems and network security exposures, misuse, or noncompliance situations to management.
- Report to head of Information Security Division.
- Experience with Cisco Video Surveillance Operations Manager software
- Experience with Cisco IP cameras
- Experience with Cisco Physical Access Manager (CPAM) application
- Experience with Cisco Physical Access Gateway
Information Security Specialist/Leading IT Specialist
- Coordination of technical support staff.
- Coordination of regional IT Technicians and solving their problems
- Dividing requests coming from users and assigning them to technicians.
- Assisting technicians in their workflow problems.
- Investigation of user dissatisfaction
- Control of ManageEngine Service Desk Plus (writing support tickets, assign them to technicians, manage and track all incidents)
- Creating a new username and giving appropriate privileges (Email, shared disk, Internet access).
- Control of Terminal Servers
- Research and application of new software for technical support group
- Transfer of the data of users’ flash cards/external storages to their computers
- Restoring users’ lost files from backup
- Configuring and monitoring various portals for internet Access
- Protection of the system against viruses - installing, configuring antivirus server and controlling user computers.
- Adding new network printers and scanners to printer server and appropriate access to divisions
- Daily monitoring of company spam server(SPAMTitan), whitelisting unsuccessful emails and forwarding them to users.
- Reports to chief of the department about the works done
- Configuration of printers and scanners, replacement of parts.
- Installation of network and telephone cables, changing their connectors
- Diagnostics and repair of PCs and Laptops at the hardware level
- Formatting and configuration of PCs, laptops, Thin Clients and installation of allowed program applications(including Antivirus), recovering lost files.
- Solution of Microsoft Office suite, and Linux OS problems
- Providing internet access for guests
- Configuration of new user profiles (Email, shared disk(s), printer connection)
- Migration of user profiles to new terminal servers
- Configuration of internet and email connection on mobile devices.
- Configuration of ERP software applications (Unity, Mikro, Exen) on user computers.
- Connection of external cameras, headsets, network or local printers and scanners to computers and their configuration
- Configuration of FIXGSM equipment
- Diagnostics and Configuration of switches and Wi-Fi Access Points
- Configuration of camera software and solving hardware problems on DVRs
- Solving hardware and software problems on tourniquets.
- Registration of entry-exit cards on the system and solving the problems with them.