Nikolai Lifanov 919.348.0211 [email protected]
Summary: Linux/Unix engineer familiar with development, with over a decade of experience building and supporting automated and reliable infrastructures for the web with focus on security, virtualization, data, and storage and strong affinity for open source
Skills: Unix Operating Systems: FreeBSD, NetBSD, DragonFly Linux Distributions: Amazon Linux, CentOS, Debian, Gentoo, Arch Linux Microsoft: used Active Directory, IIS 7, Windows XP, Windows 7, Windows 10, Windows Server 2003 RedHat: Katello, Satellite, kickstart (Cobbler), yum, RPM packaging and deployment Systems Programming: expert shell programming (sh, csh, bash, ksh); understand awk, C Software Programming: PHP, Perl, used Common Lisp, Clojure; used Qt with C++; understand Java DevOps: Jenkins, Terraform, Packer, Vagrant, Vault, Consul, Fastlane Virtualization: strong Xen, Citrix XenServer, VMWare vSphere, Jails, bhyve, Docker, VirtualBox, KVM, Zones Cloud: Amazon Web Services; some Google App Engine, familiar with OpenStack Configuration Management: Ansible, Salt Stack, CFengine 3, CFEngine 2 Firewalls: prefer pf; used iptables, ipfw Monitoring: Netdata, Prometheus, Xymon, Nagios (Icinga), Graylog Web: Apache httpd, nginx, Tomcat, Squid, Varnish, Solr Mail: Postfix, Sendmail, Dovecot, Procmail, deliverability, spam management Database: MySQL (MariaDB, Percona and tools), Galera Cluster, PostgreSQL, Redis, and some exposure to Oracle Storage: NetApp, S3, Amazon EFS, Sun/Oracle, iXsystems; DAS, NAS, SAN (iSCSI) High Availability: Amazon ELB, F5, Linux heartbeat, DRBD, LVS, pen; FreeBSD corosync, CARP, HAST Security: exploitation lifecycle, Metasploit, NMap, vuls, vulnerability auditing and management, credential and secret management, audit trails, filesystem integrity monitoring, operating system, service, and application hardening Troubleshooting: DTrace, perf, understanding of C and C++ runtimes, USE method Other Technologies: expert ZFS, DNS and DNSSEC, SSL/TLS, *make dialects and software build systems, SVN, Git, NFSv4, PXE, IPv6, OpenLDAP, Kerberos, Shibboleth, and NNTP; OS Cloning/Unattended Installations, Linux/FreeBSD/NetBSD live CD/USB Creation, Data recovery, Porting/Packaging software for FreeBSD, NetBSD, and Linux Values: Reliability, availability, performance, observability, automation, simplicity, maintainability
Experience:
Playmaker CRM | Site Reliability Engineer | June 2017 -- present | Raleigh, NC ● In progress
WebAssign/Cengage | Senior Systems Engineer | November 2016 -- June 2017 | Raleigh, NC Summary: Managed and automated rapidly growing web application infrastructure serving K-12 and university students as part of both Infrastructure and Platform teams. ● Participated in and completed an infrastructure modernization project upgrading legacy systems running diverse operating systems on diverse hardware to CentOS 7 running on Cisco UCS and VMware vSphere with managed configuration and continuous deployment ● Migrated system configuration and applications in object-oriented Perl to new software and hardware stack ● Solved complex performance problems both in first party and third party software ● Provided expert assistance to the database team managing a monolithic 5T+ MySQL database ● Wrote database tools to archive data and manage performance and data migration ● Managed Shibboleth infrastructure implementing configuration and code for integration with large schools ● Managed performance of computer algebra systems, like Maple, Mathematica, and Matlab
McClatchy Company | Senior Systems Engineer | July 2012 -- November 2016 | Raleigh, NC Summary: Maintained and evolved a mission-critical news delivery infrastructure for over 30 online newspapers across United States in a team of seasoned engineers. ● Took over and wrote tools to automate system provisioning and monitoring ● Managed database performance, availability, backups, and upgrades of over 300 MySQL and Percona databases ● Performed upgrades and performance analysis of NAS products from NetApp and Oracle ● Engineered operating system upgrades to CentOS 5, CentOS 6, CentOS 7 ● Engineered and tooled migration to a virtual infrastructure based on Citrix XenServer, which measurably reduced infrastructure cost and improved system management, availability, and performance analysis ● Deployed DNSSEC among over 2000+ public and private DNS domains ● Engineered and implemented a modern, downtime-free database infrastructure ● Designed and implemented AWS infrastructure with flexible IAM access controls for content delivery (CloudFront and S3), with several services running in EC2 in separate VPCs to augment on-premise infrastructure ● Set up RDS infrastructure in AWS for databases servicing applications in EC2 ● Set up DeviceFarm for migrating on-premise mobile device test suite to AWS ● Participated in cost analysis of AWS migration of specific applications with different options and instance types ● Participated in research, specification, and evaluation for new hardware purchases ● Implemented Kerberos to augment security and management of existing directory services based on NIS and OpenLDAP ● Responded to security issues, including backporting fixes to legacy systems like RHEL 3 ● Led investigation and repair of system performance and security issues, including writing post-mortem analyses ● Wrote documentation and trained other team members in performing operational and troubleshooting tasks that could then be delegated in order to focus on engineering work ● Participated in on-call rotation and response to off-hours infrastructure issues ● Participated in managing DNS and configuration management infrastructure ● “Bridged the gap” between Ops and DevOps departments, providing specialized expertise and help
VoiceThread | Senior Systems Administrator | April 2011 -- June 2012 | Raleigh, NC Summary: Provided unique media-rich presence service to higher-education institutions and public school districts across United States and abroad. ● Maintained, upgraded, and developed demanding, high availability web, media, and database infrastructure based on hybrid CentOS/FreeBSD and Xen ● Developed and programmed a custom monitoring and reporting system ● Deployed pkgsrc as a uniform source management solution, replacing software in /opt ● Maintained and upgraded enterprise hardware in a datacenter environment ● Created initial documentation for operations and troubleshooting procedures ● Improved application performance by tuning operating system and network performance ● Started migration of all on-premise services to AWS
Plaid Skirt Marketing | Technical Lead and Developer | May 2010 -- January 2011 | Raleigh, NC Summary: Targeted advertising for the womens’ apparel market and other agency customers, while supporting internal systems and websites. ● Installed and supported Linux/Unix web-server architecture to support advertising clients ● Developed applications with PHP and ASP.NET ● Engineered Social Networking content and Apps for Facebook (PHP, ASP.NET) ● Designed and implemented AWS infrastructure for high-traffic promotion delivery ● Managed high availability Amazon EC2 clusters with CloudFront and Elastic Load Balancer on AWS ● Deployed PHP (Quercus) applications to Google App Engine ● Optimized web content for Search Engine Optimization
Wade Edwards Learning Lab | Senior Systems Administrator | October 2003 -- April 2010 | Raleigh, NC Summary: Supported a non-profit across from Broughton High School that provided teaching and computer lab services to over 2000 students, faculty, and staff ● Administered over 2000 users and 100 Unix/Linux machines in a public computer lab ● Implemented single sign-on (SSO) with roaming profiles for both Linux and Windows (OpenLDAP, Scripts) ● Cloned operating systems for quick recovery and ease of maintenance over PXE and multicast ● Managed network and firewalls with VPN ● Supported File and Authentication Servers (Windows, followed by build out of BSD) ● Migrated Users, including Administrators and Students to using Linux, BSD, OpenOffice and other tools to save the non-profit money ● Trained students as Junior Systems Administrators
Certifications: BSD Associate - December, 2010 : by BSD Certification Group http://www.bsdcertification.org/ Certification on BSD Unix administration, administered in NYC
Public Speaking: BSDCan 2012 - May, 2012 : http://www.bsdcan.org/2012/ Technical BSD conference in Ottawa, Canada
Education: Wake Technical Community College - 2012: Associate in Engineering
Languages: Fluent and can read English and Russian
Open Source: FreeBSD committer ([email protected]): ports, base system, Linux emulation (kernel), documentation Contributed to NetBSD, Debian, and Arch Linux in the past Patches and bug reports to a variety of projects
References: Available upon request