—Download CV (pdf)—
DevOps and Infrastructure Engineer specialising in Automation, Infrastructure as Code and security solutions.
Skills
Software/Scripting | Operating Systems/Platforms |
Terraform | Amazon Web Services |
Ansible/Tower | Microsoft Azure |
Git | Google Cloud Platform |
Vault | Linux (CentOS/Ubuntu/Debian) |
Packer | Windows Server (19/16/12/08/03) |
Helm | Kubernetes |
Docker | VMWare ESXi/vCenter (6/7) |
Netbox | Microsoft Hyper-V |
Active Directory | KVM/qemu |
Microsoft DNS/DHCP | Mac OS X Server (7/6/5) |
NGINX | Exchange Server (19/16/13/10/03) |
BIND DNS | Juniper JUNOS |
PowerShell | Cisco IOS/ASA |
Bash | HP ArubaOS |
Ubiquiti AirOS |
Experience
Caspian
06/2020 – Present
DevOps Engineer
Cloud DevOps Engineering; supporting an industry leading RegTech Anti Money Laundering platform over multiple public cloud environments (AWS, GCP and Azure) in partnership with a major US Stock Exchange.
Deployment and maintenance of Kubernetes clusters over multiple platform providers (EKS, GKE, AKS). Management of custom Kubernetes integrations (Istio Service Mesh, fluentd, cloud-specific PaaS components).
Design and implementation of Infrastructure as Code/Configuration Management CI/CD strategy, leveraging Terraform, Helm and Ansible.
Deployment of centralised secret management leveraging Hashicorp Vault in conjunction with specialised bespoke security hardening.
Fenwick Ltd
10/2018 – 06/2020
DevOps Engineer
Cloud/On-Premise Infrastructure and Application Administration, Implementation and Architecture for a nationwide retail estate of Windows and Linux platforms.
Design and implementation of Infrastructure as Code and automation (AzureRM/VMWare) stacks leveraging Ansible/Ansible Tower, Netbox, PowerShell / Bash scripting and git source control (Azure DevOps). Delivery and design of source control (git) in to a team previously unfamiliar with source control management, for use with IaC and configuration management.
Design and implementation of estate-wide IPAM and configuration management for network platforms (via Netbox, NAPALM and RANCID) to provide centralised locations for the store of network data.
Maintenance of a Windows, Linux and Cisco centric infrastructure (physical, virtual and hybrid cloud environments supporting VMWare ESXi, Azure and Baremetal deployments), involving the configuration and support of standard Microsoft infrastructure technologies (ADDS / DNS / DHCP / ADCS) and Linux systems management (NGINX / Apache / OpenLDAP / Django / Gunicorn), proactive systems monitoring (via Dynatrace APM).
Creation and deployment of Test and Development environments (including decoupling such content from the existing production clusters) leveraging VMWare vSphere, Ansible Tower, Terraform and Azure DevOps).
Design and deployment of two-tier PKI implementation to an estate previously leveraging no TLS encryption services; allowing for shared certificates between multiple domains.
RMT Technology
04/2015 – 09/2018
IT Engineer
An all-encompassing Systems Administration and IT Support role including server maintenance and implementation (Windows/Linux), desktop/server support, backup management, patch management, network configuration and troubleshooting, bespoke scripting and application support.
Covering support, network implementation and design for primarily Windows Server 2008-2016 centric networks for companies of varying sizes in the SME sector in both physical and virtual environments (Hyper-V and VMWare ESXi), utilizing the configuration and support of standard Microsoft infrastructure technologies (Active Directory/Exchange/DNS/DHCP/DFS/Hyper-V/Print Management/PowerShell Scripting).
Support and configuration of Citrix XenApp, encryption technologies (Data at Rest and Data in Use), network management (LAN/WLAN/Client and static VPN configuration) and cloud hosted Microsoft Infrastructure (Office 365 Exchange Online/SharePoint/Azure AD), patch management and storage management (SAN/NAS).
Application support for a range of financial and standard as well as SharePoint and Microsoft desktop applications (2003 – 2016).
Home Group
11/2014 – 04/2015
2nd Line Application Support Partner
Providing support, data analysis and troubleshooting of enterprise applications; specifically Capita OPENHousing, OPENFinancials, OPENQuery and iTrent, as well as the administration and support of SharePoint 2010/2013 and Citrix XenApp.
Design, implementation and troubleshooting of bespoke solutions using Progress 4GL, Microsoft SQL and PowerShell scripting.
Atos – Dept. of Health
02/2013 – 11/2014
2nd Line IT Analyst / Capacity Management Analyst
Primary duties include the creation, administration and support of accounts, mailboxes, machines and security for nationwide Department of Health, Care Quality Commission and NHS staff, also including the configuration and support of Blackberry devices and other mobility solutions.
Responsible for controlling access to file and mail servers across both a physical and managed VDI, including designing security setup using NTFS and Exchange ACLs.
Responsible for the creation, distribution and persistent updating of advanced technical documentation of User Administration tasks covering all functions of Active Directory, Exchange, SCCM, Lync and various other server technologies.
Additionally within the role I fully designed, tested, documented and implemented a bespoke application system built around PowerShell and VBS scripts to automate AD account/Exchange mailbox/Lync record creations and modifications via an HTA front end. Managed the ongoing development and improvements of the application from its creation to ensure that file servers and mailbox databases were used dynamically to avoid single points of over-utilisation and to avoid cross-site Data Centre traffic where possible.
Designed and implemented a load balancing solution for use against data hosted on the shared SAN storage in order to ensure that account and shared data was reliably balanced over finite shares without reaching points of over-utilisation.
Responsible for the creation of scripts and processes to output, analyse and modify Active Directory, Exchange and Lync/OCS data via LDAP/PowerShell connections to identify trends on emerging issues and potential issues.