Part time development work, working mainly in Perl. Development work often leverages mariaDB SQL servers, updating schemas or sometimes creating whole new databases, depending on project. Nearly everything, except for some dedicated networking and storage equipment, is built on top bare-metal Ubuntu servers. Largest task has been not only bug fixing but also converting into Kubernetes/container-based microservices.Occasionally asked to look into results of metasploit or gvm/openvas scans and help with mitigation or other one-off jobs involving network or storage equipment, etc.

Member of small engineering group focused on security scanning utilizing Tenable & Nessus.. Responsible for standing up both hardware servers and VMs, primarily Ubuntu & CentOS as well as hardware ESXi machines. In addition to standing servers up responsible for installing, configuring and maintaining the tenable installs (and various other security tools, including nessus). Maintained a handful of scripts that parsed nessus reports for certain pieces of data as well as looked for certain security edge cases that Tenable wasn’t great at.Responsible for accurate, performant, and comprehensive Tenable scan policies. Separate mitigation team was responsible for taking the reports & alerts we generated and actually fixing the issues, although in practice there was some cross-over between the two teams.

PfSense firewall administration. Lots of VPN work, both IPSec and OpenVPN-style VPNs. Other network hardware included Juniper, Cisco and Dell switches, all configured into RANCID & Observium, with all switch configs stored in a git repo. This included the pfSense devices (their config.xml) which required some modifications to the standard Perl code in RANCID. Network debugging of firewall rules in pfsense requires good familiarity with standard PF tools (e.g. pfctl) as well as, of course, tcpdump and netcat/traceroute/ping/etc.Most time was actually spent working on Linux and FreeBSD systems, both physical & VM. This included upgrading the OS in FreeBSD (using freebsd-update or building the world from source), installing latest OS & software patches, installing and configuring desired software, and writing custom scripts where needed. Particular pieces of software in wide use included (but NOT limited to) - nginx, mariadb, mysql, apache, node, nodeBB, mongodb, ELK stack, openVAS, RANCID, SaltStack... and many others. OS choices were latest stable FreeBSD versions, moving towards FreeBSD 12-STABLE, but many still at FreeBSD 11.x-STABLE, CentOS 7 for Linux (with one or two Kali Linux VMs), and multiple VMWare servers. VMWare was setup in a clustered environment, across multiple datacenters, and was used to create large number of FreeBSD & Linux VMS (as described above). This required a fairly advanced VMWare setup which we maintained.Most coding was either shell, perl or python, with a Salt server configured to manage ALL of our UNIX machines (Windows was not used) with custom formulas using custom Python code. The Salt project was never finished before I left, although excellent progress in centralized management (user & software & patch management, etc) was made. Other scripts written were cleanup scripts to fix ZFS ACLs or setup ZFS arrays, backup scripts for mariadb/mongodb/various other things, and lots of one-offs that served a particular function.

Primarily responsible for assessment of vulnerabilities at NLM amongst the Windows, Linux and MacOS computers and various public-facing web services. Tools used for assessment largely comprised of Tenable & Nessus, IBM AppScan, Burpsuite, Bigfix, Bigfix web reports, and custom Kali Linux configurations. Responsible for mitigation of discovered security issues. This includes not only standard patching of security problems but maintaining correct software configurations, correct firewall configurations, and flagging developers when they have code that offers potential vulnerabilities (XSS scripting/SQL injection/bad input validation/etc.).Additionally, I was the primary coder on the Security team, and it is my responsibility to maintain all the many Python, Perl and shell scripts that we use on a daily basis. There is code that parses the tenable XML data and generates various reports, code to parse and verify firewall configurations pulled down by rancid, code to connect to a list of servers and verify their HTTPS SSL configuration, code to harden new Linux and Windows machines, and many other examples.Other duties include: primary IBM Bigfix administrator (for roughly 900 endpoints), primary Splunk (100GB license) administrator, primary F5 LTM administrator (3600s and 4000 series, running 10.2.4, 11.5.1, and upgrading to 12.x in the near future), and the Linux administrator for all the security specific machines (nessus, Splunk, Bigfix, Kali, etc).There have been a number of interesting projects at NLM. One example is the way I use Bigfix to collect data about all the individual accounts on each Linux, Mac and Windows machine, store that data in CSV files using the Bigfix web-reports front-end, and process it w/ Perl into a set of reports on all user and system accounts in the facility, ultimately stored in a text report and in a MySQL db. These reports ensured compliance with our user account policies.

Member of a team (Product Engineering or PE) whose primary focus was the development of automated solutions for installing Linux-based operating systems without requiring any end-user interaction. Lots of paired programming inside screen or tmux, lots of development of rpm spec files & the resulting rpms, as well as developing headless installs using anaconda AND VMWare/KVM-based VM software, to handle bare metal or VM orders. Automation work, very similar to later DevOps work I’ve done, using a custom workflow engine. Lots of Linux debugging – etc.builds, installs, workflow failures and successes, differences between how to accomplish things on VM and bare-metal,

Sr. Systems Admin responsible for rack of Linux and Solaris servers. Sr. developer responsible for primarily PHP programming including working with Drupal, Joomla and Wordpress (and other solutions from the ground up as the various customer needed). Interesting projects included home brewed spam filter machine that used spamassassin + clamav + qmail to protect roughly 1000 domains from spam, with a custom front end written in PHP. Other projects included a custom IDS system utilizing OpenBSD + IPF + snort to actively detect intrusion attempts and block them at the host firewall level.

Sr Linux systems administrator. Administered standard Linux/UNIX services, as well as dial-up servers, asterisk PBX server, and wrote lots of custom Perl and PHP code.

Systems admin for small Linux and Windows based network. In addition to keeping the corporate network up and running and secure, there was roughly 30-40% of my time spent coding in a few different scripting languages, mostly Perl again, but also quite a bit of bourne shell. I did everything I could to eliminate Windows servers whenever possible using early versions of things like Samba, etc.

Part time (generally around 20 hours per week) programmer, mostly using Perl but occasionally stepping into whatever other language might be needed. The main code drove the, now defunct, web site www.clsonline.com.. It used Perl’s Mason module to approximate Perl-as-PHP, for reasons I don’t really recall. I think the owner was more comfortable with Perl. PHP was still young I suppose.

Administration of Solaris servers for a large statewide ISP with over 10,000 customers. Wrote custom code to graph binary completion of alt.binaries.* UseNet groups, using Perl + mrtg with generated HTML graphs – it worked quite well for keeping eye on health on the INN server pair (old times: two E450s running Solaris 8, using ISC INN, with Netapps for the storage, connected via fiber). Usenet was a particular obsession of Kenneth Smith (the owner of Jump.net and later CoreNap), and at the time I worked there we were still in running with Texas.Net, AKA Giganews, for the fastest, most complete, and simply the best Usenet setup in central TX. This was one of many interesting things I worked on at Jump.net, which otherwise included lots of Perl and shell coding, lots of E250, E450 and smaller Sun boxes, NFS, and a ton of Cisco gear.