Team lead / Architect / Manager
Inmarsat
Total years of experience :19 years, 5 Months
Part of the OneIT transformation project leading the strategic vision of the migration from multi-DC physical infrastructure to multi-vendor agnostic cloud infrastructure. A major culture change for an organisation that has seen a need to look at the transformative nature of cloud and DevOps. An SME defining the road-map for the organisation to adopt cloud computing and DevOps methodology. Working closely with different stakeholders to demonstrate AWS capability, IBM softlayer, Chef, Openstack, DCOS, Kubernetes and Redhat OpenShift, containerisation, Mesos, automation, orchestration. Architecting and leading by example of multiple projects demonstrating best practices pertaining to Cloud computing and DevSecOps methodology. Implementing Infrastructure as code and continuous compliance framework based on CIS benchmarks using serverspec and rspect for all projects.
Transforming thinking, tooling, development (onshore and offshore), engineering, deployment and automation. Creating standard in naming conventions, development of code and branching methodology, CI/CD pipelines. Architecting, deploying IDAM (using PingFederate and PingOne) and other strategic capability to onboard industry standard SAML and OAUTH2 for SSO for meeting AAA requirements. Leading a team of 15 SME's looking at all aspects of cloud migration to BAU. Devising training plans for existing staff and on-boarding them towards a cloud/DevOps methodology.
Devising testing and automation strategy
Building DevOps teams across business units
Drive Cloud and DevOps adoption throughout the organisation
Promote CI/CD and Unit/Integration testing for all projects
Mentor Operations and Development teams to adopt agile methodology
Encourage organisation to adopt micro-service and containerisation architecture
Develop templates for driving infrastructure as code throughout cross functional teams
Working with cutting edge technology on an R&D project to prove out Big Data compute power. Hyperscale compute using bleeding edge technology. Likes of Google, twitter, facebook are using these frameworks to process large amounts of data with hyperscale compute power. Mixture of private cloud and public cloud. Instantiating private cloud using openstack, hyperscale, hypercompute using the likes of Mesos, Kubernetes, Chef-Server to achieve auto-scaling, auto-healing and automatic distribution of workload. Further information can be provided upon request
Working for an organisation supplying digital services to National Health Service trusts throughout England and Abroad. Bringing together the best of breed technologies within the DevOps space to automate/scale and deliver an API layer with modular apps developed by the software house and NHS trusts to service hospital Consultant, Nurses, frontline and backoffice staff, Ambulance services and GP's. Using orchestration tools like Cloudify to define blueprints to deploy to multi cloud provider (aws, openstack, vSphere)
Lead WebOps team across 2 scrum teams
Architect Private/Public and Hybrid cloud solutions
Organise tenders from cloud providers and analyse requirements according to business needs
Analyse NHS England guidelines, data security and location requirements
Design fit-for-purpose solutions with particular emphasis on geo-location of patient data, N3 network connectivity and security constraints.
Hold daily stand-ups with DevOps teams located in Europe and track Kanban tasks assigned to DevOps engineers.
Setup POC's with different cloud providers to ascertain suitability for project requirements
Test and verify suitability of DevOps tools like chef, puppet, salt, nagios etc to find the best mix of tools for our environment.
Analyse PaaS solutions like Cloudify and Cloud Foundry in order to achieve independence from cloud providers and their proprietary tooling.
Delegate tasks and manage workload of teams.
Compile policy documents for
Patching
reporting
monitoring
change management
build pipelines and deployment
authentication
backup/restore
network addressing and subnetting and security
naming standards
British Petroleum is a very large OIL and GAS company known worldwide for its core business, OIL and GAS. It has an extensive range of IT services for its internal and external use. My role was in the GOI devision (Global Operations & Infrastructure). To design a resilient portal using the chosen ITSM tool (Service Now) in the Cloud with multi vendor service using AWS, Google Compute, Azure and others to service any BP business requirement for Cloud computing consumption.
Work closely with the BP cloud governance board to get sign off on design principals around Cloud adoption..
Design Cloud Service Line (name of project) VPC (private and Public) with cloud formations scripts. VPC design consisting of IP addressing (CIDR blocks), security groups, ACL's, server groups and isolation, VPC peering, Routing, Internet Gateway, VPN connectivity to customer site. Multi-vpc's per AZ operating in a blue/green configuration.
Build out CSL's strategic environments to service BP global customer base:
Design and deploy Consul and Consul templating for HA/Clustering and dynamic configuration.
1. Chef Server V11 (for Infrastructure automation)
2. ServiceNow ITSM
3. Gitlab (Private GITHUB - for source Code Revision system)
4. FileServer (local yum, Gem repo)
5. Windows AD 2012 (to service user authentication and BP group policies)
6. vFense (cross platform patching solution)
7. WSUS (windows local software repo)
8. OpenVPN (to provide failover backup connectivity incase HW VPN ever went down)
9. RDP Gateway (centralized RDP gateway service to control RDP access from BP business segments)
This formed our service offering to BP - globally. This entire infrastructure was designed and implemented by myself across Multi AZ in AWS. The same will follow for all other cloud providers. The idea will be that business segments within BP will login to a cloud portal, add items they want to purchase and submit their order. This will kick off a whole series of steps from authorisation and sign off for costs, Cloud account creation, VPC creation, instance/s instantiation according to the options selected from the catalogue. Full stack delivery. A shopping cart style portal allowing BP business to consume cloud service with all complexities around business process, technological challenges removed.
Create chef cookbooks/recipe's to automate application, database, domain joins, dynamic configurations of entire stack..
Work with each BP business segment throughout the world to go through an on-boarding process, to understand their user-cases, design their solution and delivery it with Chef and Cloud formations. Fully automated and auto-scaled (if required).
Test All infrastructure connectivity between user segment VPC and CSL VPC (VPC peering) to ensure patching, domain joins etc are all available for user segments.
Handover each user-cases after completion with full documentation
Swrve is an integrated marketing, A/B testing and optimization platform for mobile apps. Targeted in-app marketing. Data analytics and tracking.
Analyse and sanitize current Nagios monitoring tool implementation in Swrve and ensure alerts are not false positives.
Help Swrve DevOps automate provisioning into AWS for all Apache/Tomcat/Linux builds using Chef.
Automate tomcat builds and deployments for DC and cloud based systems using chef.
Create chef cookbooks/recipe's to implement Nagios environment entirely chef managed.
Hosts/Services/HostGroups/ServiceGroups etc are all to be managed and implemented by Chef. Auto populate new provisioned hosts into Nagios. Remove decommissioned nodes from Nagios automatically.
Advise Swerve on best practice around automated deployment, systems management, monitoring, disaster recovery and naming conventions.
Plan, design and implement Chef roll-out for Which? DevOps department.
Help Which? DevOps automate provisioning into RackSpace cloud for all Apache/Tomcat/Linux builds using Chef.
Automate tomcat builds and deployments for DC and cloud based systems using chef.
Help organise development and staging environment for Which? To better cater for developers crash and burn hosts when work demands it. Recommend better working practices so DevOps are not required to intervene when new environment are needed.
Write wrapper bash scripts for Chef provisioning and deployments with automated IPTABLES entries for jump hosts.
Debug and troubleshoot Dev/Staging environment problems with Apache/Tomcat. Help organise and sanitise extensive Which? redirect rules and re-write rules.
Develop chef ruby scripts to create recipe’s for package installations
Leading a team of 6 system engineers to design Burberry World 2.0 project consisting of the following technologies:
• Responsible for Amazon Web Services system provisioning for all Centos/Redhat cloud solutions hosting all of Burberry’s infrastructure services.
• RFID regents street store implementation. Hugely successful project praised worldwide for the positive impact on customer experience.
• Responsible design authority for Burberry infrastructure and implementation engineer, overseeing the implementation of SSO cross platform IDM (Identity Management) solutions.
• Version Control: Subversion/GitHub, Hudson and Jenkins, Apache WebDAV with ACL, Redhat HA clustering, multi node SVN setup, multi-master mesh with hot copy on commit. Hudson for continuous integration.
• Identity management: Ping Federate, IBM Websphere Cast Iron, Windows 2008 AD (ldap), Salesforce, mysql for SAS provisioning, Internal SSO Kerberos, NTLM external sign in. Support for multiple devices, mobiles, laptops, desktops and ipads. Cross browser compatibility debug and testing.
• Developing automated installation, configuration and management of Linux/Unix and AWS instances.
• OpenVPN, VPNcubed
Leading a team of 10 Engineers dealing with Redhat 5 and Solaris 10 System engineering. Highly secured system build and deployment. System integration between solaris 10 and Redhat 5+ with Windows 2008 AD environment (using samba, kb5, cups, ldap).
Due to the secure nature of this project, further details available on request.
Contracted to allow GroupNBT to attain PCI compliance using opensource tools like ossec for file integrity monitoring, active passive enforcement of security based on pre-defined rules along with Nessus for network vulnerability scanning and security enhancements. Setup and configured mysql cluster/multi master replication using VM's across multiple sites for redundancy. Radius server for network AAA authentication with Daloradius as the front end management tool.
Application and tools used and deployed:
Apache
Radius
Mysql5 (cluster and replication using NDB)
Nessus
Ossec client and server
Daloradius
Nikto (webserver security scanner)
Iptables (linux firewall)
Single Sign on
09/2009- Current CGI System Engineer - Contractor
Working for the Egaming department at CGI client site looking after Linux and Solaris infrastructure.
· Design and architect the Kickstart Environment along with documentation. Fully automate and create kickstart package in readiness for portability to international sites (Italy, Spain, China and Malaysia).
· RPM packaging and deployment using kickstart for custom toolsets and applications.
· Devising and planning configuration management from single management host on the Egaming network.
· Advise management on best practices for ITIL and Live code releases for production environment.
· Day to Day Linux and Unix system administration
· Configuring RedHat Satellite servers with local repo and updates
· Registering servers with Satellite for patching/updates/security.
· Script and develop automated scripts for code releases and configuration releases on production environments.
· Provide 1 stop expertise on all matters pertaining to UNIX related technologies
Overall analysis of architecture, communication and process with particular emphasis on Operations interaction with Engineering and Development. Advise and build process driven approach to system administration and service delivery.
· Script system acceptance testing criteria for operations department for all systems/servers handed over from Architecture Department
· RPM packaging and deployment using kickstart for custom toolsets and applications.
· Dealing with Feeds from external parties, automating feeds and remote syncing.
· High Availability and Clustered environment, Apache, php and Oracle 10g.
· Day to Day Linux and Unix system administration
· Configuring RedHat Satellite servers with local repo and updates
· Registering servers with Satellite for patching/updates/security.
· List full departmental tasks and “thing to do”, delegate to team members and monitor work completion
· Design Cacti and Nagios system monitoring
· Establish Nagios SNMP passive checks to reduce email alerts, thereby keeping only important and actual fault report emails for attention
· Advise on system automation toolsets for future server/application/patching and tools management - View to adopt Opsware as a system management tool.
Working for BT on the NHS project within the design and implementation team. Leading a team of 13 engineers developing Operations infrastructure Using Opsware deployment/build software to automate physical and VMWARE RHEL3/4/5, HPUX, AIX, Solaris 10 system/global/non-global zones and application builds.
ESX 3 and 3.5 Kickstart builds with remote application deployment including taking VMWARE snapshot and recovery. Design large-scale server farms for the NHS data centres across the UK. Work with project managers to implement project specification for servers and server infrastructure. Plan and submit standardised server, application, patching and other naming standards to management with scalability and maximum flexibility in mind. Design Kickstart/Jumpstart environments to manage automated builds and deployment for all Linux and Solaris 10 operating systems.
NHS being the project that it is, it is vital that systems, applications (clinical and modular) and network infrastructure are planned in accordance with COE standards. All projects that I am in charge of adhere to COE standards and Build standards. This ensures every system deployed as part of the NHS project is consistent with the design team’s specification. Application and toolsets that are deployed as part of system build policies conform to COE specified version controls. Every system deployed by our team can then be guaranteed to contain exactly the same level of OS, Application, BT standard Toolsets and Access/Security levels.
As well as designing large-scale live rigs, it is also very important to have similar setup for the test environment to be able to test all OS/APPS/SECURITY etc before production release. This also forms part of my responsibility, to specify what is needed by our team to adequately provide a consistent level of service.
Working from PRD (project requirement documents) and providing estimates for time, costings and technology requirements for successful project completion.
Being at the forefront of technology, dealing with project managers and business solutions departments, devising and planning project implementation for AOL technology department. Facilitating all projects, internal and external. Making recommendations on architecture, system specification, network layout, database and backup strategy for all project requiring systems and Engineering input. Projects such as AOL EU portal for music and video download using streaming technologies. Mobile picture upload via text, mass Solaris migration to Redhat Linux
· Supporting and Engineering the Broadband Operations within the AOL technology Team.
· Existing system and process review and improvement, review of existing system deployments with recommendations.
· Apache 2 and Weblogic 9.2 installation and configuration. Weblogic multi-domain, admin server and managed server configuration. Configuration of weblogic nodes and nodemanagers.
· Redhat Kickstart automation. Redhat AS4 system upgrades using up2date and rhn_register. Mysql, apache and ssh configuration on Redhat 4. System security and disaster recovery procedure development and analysis.
· Operating system and Veritas VM upgrades. Solaris and Veritas Patch management.
· Large Scale Server configuration and rollout using Customised JUMPSTART/KICKSTART solution
· Supporting and Engineering the Broadband Operations within the AOL technology Team.
· KSH scripting, process automation and general Sys Admin related tasks.
· Participate in the development and support of web-based and proprietary products. Provide Sybase specific input into the development lifecycle such that known issues or potential issues are highlighted.
· Work within the Database and Server Operations team to ensure the timely resolution of issues assigned to the team and minimize member impact.
· 2nd and 3rd line support on Solaris 7, 8 and 9 and HPUX server. Helpdesk support for over 3000 users.
· System disaster planning and recovery, NIS and NFS server diagnostics and system enhancements
· Jumpstart Server Configuration and system deployment, ODS, More details available if required……
· Supporting and deploying development systems secured and tested with Solaris 7&8 with Solstice ODS and Solstice Netbackup
· System administration of servers and operational maintenance of live public-facing services under UNIX (Solaris) and Windows (2000 and XP).
· Interpreting client requirements and preparing technical specifications.
· Documenting procedures and providing training.
· Contributing to the design and development of high availability, 24x7 services, monitoring, maintenance and reporting systems.
· Providing on-call support for business critical systems on a rota basis.
Working for engineering and network services, developing mission critical systems and software.
Installation and configuration within Solaris 7/8/9.
System testing and implementation within Windows environment with netcool (networking monitoring tool).
· Deployment of Colt Company wide IMAP and Webmail infrastructure using Freeware courier imap and sqwebmail. Built Apache with mod-ssl. Courier IMAP protocols, such as ESMTP, IMAP, POP3, LDAP, SSL, and HTTP. Qmail configuration inline with Webmail facility.
· Hardware configuration and full scale deployment of large servers, SUN Netra’s (T1, T1405, E300, E450…) and HPUX L9000’s, network design and system redundancy management. Email and internet services infrastructure design and implementation. Courier, courier-imap, sqwebmail, qmail, Cisco TACACS. System Administration expertise mainly in Solaris 2.7-2.9.
· Sun Jumpstart configuration and rollout for Colts Europe wide network. Remote system management tools deployment. System Redundancy planning, deploying Solstice DiskSuite and Netbackup. Network redesign proposal and planning, working with different countries and cities. Software hardware auditing, network redundancy analysis. Working for Internet services has given me the ability to master skills in securing systems and services to the highest possible level.
· Use of tcpwrappers, ssh, ssl, apache-ssl, openssl, mod-ssl and many other useful tools used widely in the internet facing environments. Securing all systems and services without disrupting day to day functionalities. Projects ranging from System analysis, system management, backup and system recovery to project leadership. Configuring Remote Console access using Cisco console server and livingstone console servers.
Installation, configuration and support of all spark station, Sun Ultra 2 and 5, running Solaris 2.6 and 2.7.
Enterprise servers include the E250, E3500 and E450 also running Solaris 2.6 & 2.7.
Setup First Telecom ISP on Netra T1 thin client servers running Solaris 2.7.
Configured and installed to run APACHE, DNS, RADIUS and PROXY.
General System Admin involving system performance tuning, user administration, operating system install, upgrade, updating patches,
cross platform compatibility - Windows - Solaris - Linux and system analysis.
Tools used - PC anywhere, Norton Antivirus, WEBMIN 0.8, PC Netlink 1.2 (SUNS’s equivalent to SAMBA), SMC (Sun Management Console.
Course details are on page 3 (SA-237 & SA-287).
AIX administrator on 5x RS/6000 43P/140 and 340H servers running critical applications i.e.
Tetra CS3 and Astra. Responsible for performance analysis, user management and the following:.
· Day to day administration of servers
· Allocation of hardware resources (disks, tape drives, printers and modems)
· Responsible for daily and monthly backup of all IBM servers
· Support of users/printers/modems connections via Lantronix terminal servers
· Technical support of Informix SE 7.2 linkup to Tetra CS3, and ODBC link to Excel and Access
· Liaison with hardware and software suppliers
· Supervision of software and hardware upgrades and Y2K issues.
Solaris System Support and Devleopment
**EDUCATION/QUALIFICATION** Sun Solaris 2.7 System Administration Part 1 **completed** Sun Solaris 2.8 System Administration Part 1/2 **completed April 01** HPUX 11 System Administration **completed Aug 01** Sun Solaris 2.8 Fault Analysis **Completed May 02** Cisco CCNA **Completed Sep 02** Sun Solaris 2.8 Unix and Windows Advanced Integration **Oct 02** Sybase – Fast Track to ASE v11-15 RHC300 - Nov 2006 Thames Valley University 1995 Ealing, London BSc Business Information Technology Tower Hamlets College 1993 Poplar, London Btec National Diploma Computer Studies St. Pauls Way School 1988 6 GCSE’S C and above (Details available if required) **Skills| Software builds|Applications and Tools** · Project Management · System Analysis, design and recommendation · Troubleshooting · Attention to detail · Teamwork · Visio Network Diag and planning · Supplier and Maintenance liaison · Time management · Mod-ssl · Openssl · Apache, Apache-ssl · Mod-ssl · Courier, Courier-imap, sqwebmail · Esmtp-ssl, pop3-ssl, qmail · Cisco tacacs+ Dialup Authentication · Jumpstart Advanced config and rollout **Operating Systems/hardware** · LINUX SUSE/REDHAT AS4 · Sun Solaris v2.4, 2.6, 2.7, 2.8, 2.9. Redhat AS4. CDE on Netra T1, E250, E3500, E450, Sparc * Ultra * · IBM AIX v3.2.5 > v4.3.2 on RS/6000 servers · HPUX 10/11 · NT v4.x server, Windows 95/98/2000/XP **Language Skills:** · Oracle, Sybase (minimal) · ‘C’, C++ (minimal) · K shelscripting · Access Basic **Applications/Tools** · SUN management Centre 2.1 and 3.0 used for remote patch management · Tomcat used as a add-on module for Apache · Solstice Online Disksuite (EXTENSIVE) · Solstice Netbackup · RADIUS, DNS, BIND8, CVS ver control · PC Netlink 1.2 · Samba · Webmin · MS Office Pro v6, ‘95 (v7), ‘97 (v8) · MS Outlook Express · Tetra CS3 & Astra (system management)