Career Profile
25+ years experience on Linux/Unix server & container systems, inc Alpine, RHEL / CentOS, Slackware etc, especially high-speed / high-availability database & server applications rising to spend the ten years as CTO & Complex Systems Architect for the dot-IO domain registry.
Designing and developing complex wide-area network server systems incorporating public & private clouds, fixed and dial-up VPNs, multiple v4 & v6 Anycast networks, with GSLB load balancing and failover, on a hardened Linux operating system.
Extensive full-stack development experience "C", Python, shells script & Javascript. Developing secure full-stack webapps, XML & Rest api services from the ground up. Designing & implementing secure Linux based operating systems, from the kernel up. Extensive experience in the use of a wide range of open source packages, including building from source.
Contributed & credited in a range of open source packages, including various utilities as well as the Linux Kernel and Kernel Support (Kernel Bugzilla).
Write high quality documentation, blog posts and general reporting. Give clear & well structured online and public presentations supported by network & service architecture diagrams, suitable for both a technical audience and those less familiar with the subject matter.
A wide ranging understanding of IT and its uses with a talent for being able to explain complex concepts & architectures to C-suite / non-IT executives, so they can understand the decisions that need to be made.
Example Code / Open Source Projects
Experience
Research, plan & implement a high volume wide area "protectvie DNS" system, including a full data collection service. Including writing a full QA/validation suit to run a post-install validation. Collecting from multiple global sites, using multi-layered `vector` data-piplining, stored in AWS/S3, to provide data for cybersecurity research. Instrument & measure every layer of the process using a Prometheus Federation & Grafana. Provide Ops with appropriate dashboards. All installation & configuration automated with ansible.
Key Skills: RHEL Linux (baremetal & AWS), prometheus (inc Federation), grafana, vector, ansible, shell script, python, presentation, documentation
Responsible for installing & running domain name registry & registrar systems on bare metal using Alpine Linux VMs, MySQL & docker containers
Key Skills: Python / Flask, Docker/containers, nginx (proxy & web server), postfix, squid, shell script, C, Alpine Linux, PowerDNS, ISC "bind", Some NN (language models) & OpenAI API
With a global private cloud of 1000s of servers, ServiceNow provides a PaaS for enterprise level ITIL compliant IT management used largely in the corporate and government markets.
The Systems Engineering Team architect, maintain and run all the infrastructure services that support the ServiceNow application - e.g. email, DNS, authentication and server / VM infrastructure
Role – Engineering Automation Developer / Subject Matter Expert for DNS
Architect a complete refactor of the internal DNS, using python & rest/APIs to automate common tasks, and add malware filtering. Present proposals for approval to upper management and fully implement without any service interruption.
Using Python and Rest/APIs, automate the teams ITIL change management submission and implement a full server / service validation / QA package, integrated with the ITIL system.
Help build an IL4 (high security) data centre for use by US government agencies, ensuring FIPS-140 compliance for DNS services.
Tech Skills: Linux (Centos / RHEL), networking, puppet, agile, ITIL, python, rest api, github / gerrit, DNS, DNSSEC, PowerDNS, "bind", vcenter / vmware, LDAP.
Soft Skills: Documenting & presenting proposals, documentation for 24/7 teams, co-ordinating projects across multiple teams & time-zones, technical presentations (live & on-line)
Dot-IO Domain registry was responsible for running and maintaining all domain names ending dot-IO, as well as those ending dot-AC, dot-SH and dot-TM. This involved me writing & running a full-stack registration / membership & renewal application, with an EPP XML API, and all the necessary DNS infrastructure to ensure the domain names work 24/7/365
Originally part of dot-IO, "CommunityDNS" was spun off as a separate brand under the same business to sell DNS anycast services externally. At the peak we had over 50 ccTLDs on the platform. I was CTO of both business divisions.
Lead Architect / Lead Developer / Project Manager - Domain Name Registry
Design, write, implement and run (24/7) a full-stack domain name registry system & separate DNS publishing service.
Includes designing the hardened operating system platform, server infrastructure and all necessary backup & failover
strategies at multiple data centres - London (x4), New York (x2) and Chicago (x2) linked by VPN.
Backend: MySql, “C”, python, shell script
Frontend: XML API written in “C” and three full-stack WebUIs for end-users, resellers and customer services (internal) - “C”, Javascript, python, HTML, CSS
Skills: Linux, KVM, networking & VPN, MySQL, Open Source, “C”, shell script, python, HTML, CSS
Lead Architect / Lead Developer / Project Manager – DNS Anycast Service
Design, write, implement and run (24/7) an attack resistant (esp D/DoS) DNS publishing & reporting service
using a hardened Linux O/S and hardened authoritative DNS Server I wrote.
Skills: Linux, DNS, “C”, VPN, IPv4 / IPv6,
Designing secure, hardened, ultra-reliable custom Linux based operating systems for embedded applications, e.g routers, network storage, firewalls, web proxy cache & filter, content distribution for education.
Sold and licensed Operating System designs and code to external vendors including 3-Com and ApplianSys
Mostly working with Sybase on Unix based system, especially Solaris, specialising in front-office trading systems for merchant banks. Clients included BNP Paribas (French Bank), Goldman Sachs, Sun Microsystems as well as various software vendors.
Covering in the EMEA territory from the office in the UK, but with frequent time spent working on technical issues at the head office in Cambridge MA. Providing technical backup for the front-line customer support staff.
This includes analysing technical issues, fixing bugs and porting the product to new platforms. Accompanying sales and/or support staff on customer visits throughout the EMEA territory.
Providing technical support and technical development services to teams of developers and customer support staff for SCO/Unix based Ingress accounting and time-costing system for SMEs.