Nikolai Lifanov 919.348.0211 [email protected] Summary: Linux/Unix engineer familiar with development, with over a decade of experience building and ​ ​ supporting automated and reliable infrastructures for the web with focus on security, virtualization, data, and storage and strong affinity for open source Skills: Unix Operating Systems: FreeBSD, NetBSD, DragonFly ​ ​ Linux Distributions: Amazon Linux, CentOS, Debian, Gentoo, Arch Linux ​ ​ Microsoft: used Active Directory, IIS 7, Windows XP, Windows 7, Windows 10, Windows Server 2003 ​ ​ RedHat: Katello, Satellite, kickstart (Cobbler), yum, RPM packaging and deployment ​ ​ Systems Programming: expert shell programming (sh, csh, bash, ksh); understand awk, C ​ ​ Software Programming: PHP, Perl, used Common Lisp, Clojure; used Qt with C++; understand Java ​ ​ DevOps: Jenkins, Terraform, Packer, Vagrant, Vault, Consul, Fastlane ​ ​ Virtualization: strong Xen, Citrix XenServer, VMWare vSphere, Jails, bhyve, Docker, VirtualBox, KVM, Zones ​ ​ Cloud: Amazon Web Services; some Google App Engine, familiar with OpenStack ​ ​ Configuration Management: Ansible, Salt Stack, CFengine 3, CFEngine 2 ​ ​ Firewalls: prefer pf; used iptables, ipfw ​ ​ Monitoring: Netdata, Prometheus, Xymon, Nagios (Icinga), Graylog ​ ​ Web: Apache httpd, nginx, Tomcat, Squid, Varnish, Solr ​ ​ Mail: Postfix, Sendmail, Dovecot, Procmail, deliverability, spam management ​ ​ Database: MySQL (MariaDB, Percona and tools), Galera Cluster, PostgreSQL, Redis, and some exposure to Oracle ​ ​ Storage: NetApp, S3, Amazon EFS, Sun/Oracle, iXsystems; DAS, NAS, SAN (iSCSI) ​ ​ High Availability: Amazon ELB, F5, Linux heartbeat, DRBD, LVS, pen; FreeBSD corosync, CARP, HAST ​ ​ Security: exploitation lifecycle, Metasploit, NMap, vuls, vulnerability auditing and management, credential and secret ​ ​ management, audit trails, filesystem integrity monitoring, operating system, service, and application hardening Troubleshooting: DTrace, perf, understanding of C and C++ runtimes, USE method ​ ​ Other Technologies: expert ZFS, DNS and DNSSEC, SSL/TLS, *make dialects and software build systems, SVN, Git, ​ ​ NFSv4, PXE, IPv6, OpenLDAP, Kerberos, Shibboleth, and NNTP; OS Cloning/Unattended Installations, Linux/FreeBSD/NetBSD live CD/USB Creation, Data recovery, Porting/Packaging software for FreeBSD, NetBSD, and Linux Values: Reliability, availability, performance, observability, automation, simplicity, maintainability ​ ​ Experience: Playmaker CRM | Site Reliability Engineer | June 2017 -- present | Raleigh, NC ​ ● In progress WebAssign/Cengage | Senior Systems Engineer | November 2016 -- June 2017 | Raleigh, NC ​ Summary: Managed and automated rapidly growing web application infrastructure serving K-12 and university students as ​ part of both Infrastructure and Platform teams. ● Participated in and completed an infrastructure modernization project upgrading legacy systems running diverse operating systems on diverse hardware to CentOS 7 running on Cisco UCS and VMware vSphere with managed configuration and continuous deployment ● Migrated system configuration and applications in object-oriented Perl to new software and hardware stack ● Solved complex performance problems both in first party and third party software ● Provided expert assistance to the database team managing a monolithic 5T+ MySQL database ● Wrote database tools to archive data and manage performance and data migration ● Managed Shibboleth infrastructure implementing configuration and code for integration with large schools ● Managed performance of computer algebra systems, like Maple, Mathematica, and Matlab McClatchy Company | Senior Systems Engineer | July 2012 -- November 2016 | Raleigh, NC ​ Summary: Maintained and evolved a mission-critical news delivery infrastructure for over 30 online newspapers across ​ United States in a team of seasoned engineers. ● Took over and wrote tools to automate system provisioning and monitoring ● Managed database performance, availability, backups, and upgrades of over 300 MySQL and Percona databases ● Performed upgrades and performance analysis of NAS products from NetApp and Oracle ● Engineered operating system upgrades to CentOS 5, CentOS 6, CentOS 7 ● Engineered and tooled migration to a virtual infrastructure based on Citrix XenServer, which measurably reduced infrastructure cost and improved system management, availability, and performance analysis ● Deployed DNSSEC among over 2000+ public and private DNS domains ● Engineered and implemented a modern, downtime-free database infrastructure ● Designed and implemented AWS infrastructure with flexible IAM access controls for content delivery (CloudFront and S3), with several services running in EC2 in separate VPCs to augment on-premise infrastructure ● Set up RDS infrastructure in AWS for databases servicing applications in EC2 ● Set up DeviceFarm for migrating on-premise mobile device test suite to AWS ● Participated in cost analysis of AWS migration of specific applications with different options and instance types ● Participated in research, specification, and evaluation for new hardware purchases ● Implemented Kerberos to augment security and management of existing directory services based on NIS and OpenLDAP ● Responded to security issues, including backporting fixes to legacy systems like RHEL 3 ● Led investigation and repair of system performance and security issues, including writing post-mortem analyses ● Wrote documentation and trained other team members in performing operational and troubleshooting tasks that could then be delegated in order to focus on engineering work ● Participated in on-call rotation and response to off-hours infrastructure issues ● Participated in managing DNS and configuration management infrastructure ● “Bridged the gap” between Ops and DevOps departments, providing specialized expertise and help VoiceThread | Senior Systems Administrator | April 2011 -- June 2012 | Raleigh, NC ​ Summary: Provided unique media-rich presence service to higher-education institutions and public school districts across ​ United States and abroad. ● Maintained, upgraded, and developed demanding, high availability web, media, and database infrastructure based on hybrid CentOS/FreeBSD and Xen ● Developed and programmed a custom monitoring and reporting system ● Deployed pkgsrc as a uniform source management solution, replacing software in /opt ● Maintained and upgraded enterprise hardware in a datacenter environment ● Created initial documentation for operations and troubleshooting procedures ● Improved application performance by tuning operating system and network performance ● Started migration of all on-premise services to AWS Plaid Skirt Marketing | Technical Lead and Developer | May 2010 -- January 2011 | Raleigh, NC ​ Summary: Targeted advertising for the womens’ apparel market and other agency customers, while supporting internal ​ systems and websites. ● Installed and supported Linux/Unix web-server architecture to support advertising clients ● Developed applications with PHP and ASP.NET ● Engineered Social Networking content and Apps for Facebook (PHP, ASP.NET) ● Designed and implemented AWS infrastructure for high-traffic promotion delivery ● Managed high availability Amazon EC2 clusters with CloudFront and Elastic Load Balancer on AWS ● Deployed PHP (Quercus) applications to Google App Engine ● Optimized web content for Search Engine Optimization Wade Edwards Learning Lab | Senior Systems Administrator | October 2003 -- April 2010 | Raleigh, NC ​ Summary: Supported a non-profit across from Broughton High School that provided teaching and computer lab services to ​ over 2000 students, faculty, and staff ● Administered over 2000 users and 100 Unix/Linux machines in a public computer lab ● Implemented single sign-on (SSO) with roaming profiles for both Linux and Windows (OpenLDAP, Scripts) ● Cloned operating systems for quick recovery and ease of maintenance over PXE and multicast ● Managed network and firewalls with VPN ● Supported File and Authentication Servers (Windows, followed by build out of BSD) ● Migrated Users, including Administrators and Students to using Linux, BSD, OpenOffice and other tools to save the non-profit money ● Trained students as Junior Systems Administrators Certifications: BSD Associate - December, 2010 : by BSD Certification Group http://www.bsdcertification.org/ Certification on BSD Unix administration, administered in NYC Public Speaking: BSDCan 2012 - May, 2012 : http://www.bsdcan.org/2012/ Technical BSD conference in Ottawa, Canada Education: Wake Technical Community College - 2012: Associate in Engineering Languages: Fluent and can read English and Russian Open Source: FreeBSD committer ([email protected]): ports, base system, Linux emulation (kernel), documentation Contributed to NetBSD, Debian, and Arch Linux in the past Patches and bug reports to a variety of projects References: Available upon request ​.