Eric Bullen ----------------------------------------------------------------------- 408.781.4043 Santa Clara, Ca 95051 eric_resume@thedeepsky.com http://www.thedeepsky.com OBJECTIVE: To further use my enthusiasm, dedication, and extensive skills in a leading and competitive Internet Technology environment. EDUCATION/TRAINING: * Partial BS, Computer Science, San Jose State University. * Veritas Volume Manager 3.1.1 to 3.5 for Solaris * PMBOK Project Management Level 1 course * Veritas Cluster Server 1.1.2 (Unix) * EMC ControlCenter StorageScope * Solaris 7 System Administration I - SA 237 * Solaris 7 System Administration II - SA 287 * Solaris TCP/IP Network Administration - SA 387 * Platform LSF v. 4.2 clustering software for Linux * Lion SRS v. 6.0.7 bioinformatics data integration platform * Network Appliance Data ONTAP System Administration (formerly "NetApp 101") * Network Appliance Data ONTAP Advanced System Administration and Troubleshooting (formerly "NetApp 202") TECHNICAL EXPERIENCE: * Internetworking Equipment: Cisco CSS series (formerly Arrowpoint), HP, 3Com, Foundry Fastiron/Serveriron * Network Operating Systems: Sun Solaris 2.5.1 to Solaris 10, Solaris Express CE, Linux (Redhat), FreeBSD, OpenBSD, NetBSD * Network/System Monitoring: Nagios, Netsaint, MRTG, RRDTool, snort, symon, ORCA/RICHPse, BMC Patrol, DTrace, truss/strace * Network Management: UCD SNMP * Sun Hardware: Sun Fire V880, Netra t 1125, E450, E220R, E420R, E250, Ultra 1, Ultra 2, Ultra 10, Ultra 60, StorEdge L1000 * IBM Hardware: Bladecenter HS20, X345, and OpenPOWER 720 servers. * System Management: UCD SNMP, RCS, Subversion, CVS, RedHat, kickstart, CFEngine, zoneadm/zonecfg * Network Testing: snoop, tcpdump, Ethereal, Nessus, NMAP * Lan Topologies: Ethernet, Fast Ethernet, Gigabit Ethernet (fiber and copper), VLANs, Wireless Ethernet (IEEE 802.11) * Programming Languages: C, shell (sh, ksh, bash), Perl, Python, php4/php5 * Storage: Software raid (VxFS, VxVM, LVM, VINUM, Raidframe, Sun ZFS), Network Appliance cluster, Network Appliance 7xx, 8xx and 9xx series filers, StorEdge D1000 and A1000, IBM Shark 2105, DS4500, DS6800, and FAStT SAN storage * Network Services: Sendmail, Exim, Postfix, Procmail, Spamassassin, Bind 4, 8 and 9, Stronghold 3.x and 4.x, Apache 1.3.x and 2.x, ISC DHCP 2.x and 3.x, OpenSSH, courier-imap, CUPS, Samba * Security: GnuPG, Solaris RBAC, PGP, mod_securid (Apache), OpenSSL (key/certificate generation, etc.), OpenSSH, Cisco PIX, SOCKS5 proxyservers (Squid), IPCHAINS, IP Filter, PF (from OpenBSD 3.0+), SecurID/ACE, Tripwire, Systrace, Crack, IPTables JOB HISTORY: SR. SERVICE ENGINEER, - July 2007 - Present Yahoo!, Sunnyvale, California. Responsibilities Included: * Responsible for one of the top destinations at Yahoo! (Yahoo! OMG). This includes all aspects of the site, and meeting existing SLA standards for both site performance and availability. At peak, omg.yahoo.com would get in excess of 7k requests a second, which would put significant strain on the database back end, the API, and multiple caching layers. * Responsible as the primary engineer for numerous second-tier properties such as Yahoo! Starwars, Yahoo! Entertainment, and Yahoo! Shine. This included working with development engineers and managers to analyze site performance before major releases, and for troubleshooting issues related to SLA misses. * Launched Yahoo! Starwars (Worlds)- This included all aspects of project management, including obtaining hardware by justification of site performance expectations, as well as working with many groups (site ops, net ops, etc.) to ensure goals are met based on established project plan. Later, worked with the transition of the site's maintenance to our counterparts in Bangalore India SR. UNIX ADMINISTRATOR, - August 2006 - July 2007 Shutterfly.com, Redwood City, California. Responsibilities Included: * Was responsible for doing a detailed analysis and reporting on the feasibility of implementing a massive Squid caching layer in front of the entire storage farm to improve performance, and reduce load on the back-end. Work included doing a size distribution of 10's of millions of cachable objects, as well as their request frequency. After this, determining number of required systems to achieve a significant level of performance, and creating a roll out plan for bringing it live. * Implemented a multi-tiered Nagios installation using a completely custom roles based administration tool (I wrote it in Perl) to manage 2.5k nodes, and 25k active service checks. The design allowed for dynamic slave allocation based on increased usage, and was responsible for finding limits with Nagios 2.6's design, and worked with Ethan (Nagios creator) to improve performance. * Was the primary administrator for their 4 PB multi-tiered "HSM" NAS storage environment that was receiving 2.5TB of data a day. Work included debugging file corruption issues, and NIS issues with mounting the filesystems. SR. UNIX ADMINISTRATOR, - August 2005 - July 2006 Netflix, Los Gatos, California. Responsibilities Included: * Leading a two person team to test IBM's SVC (SAN Volume Controller) for possible integration into our existing SAN environment to provide a layer of abstraction for over 200TB of storage. The SVC project will also include using Veritas' VVR (Veritas Volume Replicator) to allow for replication of data to other datacenters, and for DR planning. * A part of a small team that is responsible for the daily maintenance of all production servers (mostly all UNIX). This includes the website, database backend, SAN environment, and systems to support the nationwide distribution hubs. Through performance monitoring, analysis, troubleshooting, and mitigation, we obtain a very high level of performance and reliability. * Improved Netflix's kickstart solution with a PHP-based solution (which I wrote) that allows for very rapid deployment of Linux servers. The new system allows the delegation of system building to less skilled admins, and improved the build time from 1 hour to about 8 minutes. * Did basic SAN storage allocation for the expansion of database filesystems. This included assigning LUNs to the system, and expanding filesystem using VxFS and VxVM. Storage allocation was done using both the command line and the ESS GUI for IBM Shark and FAStT storage. * A part of the migration team to move from the current bladecenter deployment to virtual servers leveraging IBM OpenPOWER P720's and Linux. SR. UNIX ADMINISTRATOR, - February 2004 - August 2005 Nuance Communications, Menlo Park, California. Responsibilities Included: * Responsible for the 24/7 upkeep of the entire Solaris/Linux production environment. This includes all DMZ hosts (web servers, smtp gateways, etc.) as well as the lab farm, and internal core corporate infrastructure Unix systems. Total systems under my responsibility were greater than 200. * Was the architect and developer of a Perl based inline hybrid HSM application that abstracts multiple storage devices (in this case, Network Appliances), and provides version control for tens of terabytes of data. Features included: * Capable of directory-level locking during check-out/check-in. This allows other operations to be performed in parallel that do not threaten data/file integrity. * Wrote the interface as a Layer-4 protocol so that it can easily communicate with the numerous applications already in house. * User account management, and access restriction. * Ability to merge multiple Network Appliances into a single virtual directory to provide a uniform file structure to the users. * User aware in that during file check-in arbitration, the user is able to see who previously checked out/in a file to help determine if their changes can be overridden, or merged back into the repository safely. * Was the architect and developer of a corporate-wide spam solution where none existed prior. I used a Markovian based spam algorithm as well as custom Perl scripts that operated on the mail gateway to munge the spam message as an attachment to prevent malicious code from running during preview. All the original headers are left intact so the user can still filter the message as they wish. Learning is all email based- sending corrections back to the mail gateway so it can learn from its errors. * Responsible for the identifying of high-depreciation Sun systems, and building a migration plan to move those systems to cheaper commodity based hardware and Linux. * Due to a severely reduced IT staff, constantly finding ways to simplify complex systems to help us in managing those environments. Areas included how Nuance publishes internal DNS records, user account management, LDAP maintenance, etc. * Installed a PHP based Linux kickstart solution that allows for the building of profiles based on IP address- this system allows for rapid installation of new Linux systems simply by defining profiles/macros for those systems. I wrote this application prior to Nuance, and can be found at: http://freshmeat.net/projects/phpkickstarter/ SR. UNIX ADMINISTRATOR, - February 2001 - February 2004 Incyte Genomics, Palo Alto, California. Responsibilities Included: * Responsible for the 24/7 upkeep of 60+ production co-located servers, and 100's of production in-house servers. SLA agreements required that the production servers have at most 30 minutes a month of downtime for maintenance (99.932% uptime)- this goal was easily met. * Was the architect and project manager for the trans-data center relocation of our two external websites and all equipment. Responsible for planning the relocation and outage of the entire lifecycle from scoping, to development and testing, to completion. This project had extremely high visibility amongst senior management and was the highest project to be completed by the company. Accomplishments included: * Achieved an "outperform" rating from the Director of IT by bringing everything online in less than 24 hours- the target goal was 48 hours. * Was the coordinator between different departments including networking, facilities, and application delivery to ensure that project deadlines were met, and dependencies were resolved. * Planned the data center floor plan layout- considered power/HVAC requirements to ensure reliable service, and efficient rack layout (given limited space) to allow maximum growth to reduce the risk of moving equipment in the future. * Achieved no downtime (some decreased functionality though) by forcing a split brain in the HA environment, applications affected included Apache, Oracle, and Weblogic. * Was the project manager and architect for the building out of a network and it's systems for the support of Incyte's new products. This required project planning spanning multiple departments (engineering, marketing, and sales) to determine a best-fit solution by keeping costs down and allowing for growth based upon expected growth forecasts. Responsibilities included deciding what platform and hardware to use, user management, and security risk mitigation. * Was the architect and builder of the backup system for one data center to allow it to handle 100's of Gigabytes with a short backup schedule. Due to strict time constraints, numerous techniques were required to reduce the window of vulnerability during upgrades to the data being provided for the online customers. * Was the architect and builder of their host monitoring system to provide an efficient system to monitor 2000+ nodes in multiple networks. This included writing custom Perl modules to extend functionality, and creating packages to aid in duplication of the custom configuration. * Was the architect for a centralized email processing system to improve efficiency of analyzing emails sent by the 2000+ production systems. Due to the variety of emails received, this helped reduce overlooking key important notifications, and reduced the amount of time spent perusing the emails significantly. * Was the architect and builder of a RedHat Linux kickstart server to aid in building new Linux cluster nodes. I leveraged the PXE standard, and dynamic DNS (found in Bind 9, and ISC DHCP 3.x) to allow systems to be rebuilt just from the network card (not needing a CD or a floppy). This allowed for rapid build out of new machines in anticipation of increased cluster processing needs. * Was the architect and builder of a Linux cluster using Platform LSF to assist in processing/analyzing multi-terabyte data volumes to be used for the online product. * Was a key member in a small security taskforce setup to assess and mitigate security risks for a new product expected to generate roughly half of the company's revenue. I am responsible for the online version of the product. * Was the sole architect and systems administrator for the entire web-based presence including the corporate site and subscription site spanning three data centers. The subscription site that houses all of the web-based products is used heavily by many tier-1 pharmaceutical companies. Due to the high requirements of the customers, security, accountability, and QOS requirements are extremely high. The systems included OpenBSD, Solaris 2.6 to 8, and Linux for clustering needs. Due to the large number of systems supported, a high amount of automation was required to provide first-class service. * Supported a group of developers that worked in the above environments, and provided a high level of service for them. During my tenure, I received two awards for my services to the company and their group. SR. UNIX ADMINISTRATOR, - July 1999 - December 2000. Riffage, Palo Alto, California. Responsibilities included: * Responsible for the 24/7 upkeep of the entire Solaris/Linux/OpenBSD production environment. This includes all DMZ hosts (web servers, smtp gateways, bastion hosts, etc.) as well as internal core corporate infrastructure Unix systems. During my tenure, 40+ systems were under my responsibility. * During the potential sale of Riffage, a due diligence crew came and evaluated the production and corporate infrastructure that I designed and built. The president of Riffage told me that the crew rated my design as one of the top of about 20 companies that they reviewed over a two-month period. * Was the architect and developer of a fully automated file processing system that was capable of operating over a LAN or WAN, and also designed to be clusterable across heterogeneous Unix machines. This program operated continuously for over a year until a newer version replaced it (which I also wrote). * Was the project manager tasked to find an adequate data center co-location, including the management of all contracts and logistics. Was the systems architect that designed the network infrastructure, rack layout, and was the architect that determined specifications and forecasting what hardware would be required given current expectations. Evaluated countless vendors demonstrating cutting-edge technologies to determine a best-fit scenario for the company. * Was the systems architect that designed and implemented the corporate network and server environment (which had greater than 50 nodes and 15 servers), which included OpenBSD, Linux, and Solaris 2.6 to 8. * Designed and implemented the corporate mail system, and production Bind DNS servers (including satellite offices). The mail system included a specialized mail gateway that filtered both incoming and outgoing mail using a custom PCRE based filter essentially making the company immune to popular mail viruses such as the "Ilove you" virus and variants. * Designed an extensive auditing system using Tripwire, ingress and egress firewall rules, and snort reporting that aided in the identification of numerous attacks and compromised systems, which brought a swift response. * Was the systems architect that designed the security policies that controlled access in and out of the facility. This includes firewall design, access controls, and implementation of operating system policies to ensure a highly secure environment. * Designed a cost-effective way to obtain high-availability for the production environment leveraging custom scripts and taking advantage of inexpensive technologies to reduce costs. * Created and maintained corporate and production policies. Directly managed three subordinates. Area of authority included the multi-million dollar data center (that I worked on below), as well as the network for central HQ, and offices nationwide. * Improved and maintained an already existing heterogeneous Unix environment for a pre-production website- including security risk assessment and mitigation, creation of a reliable system, etc. Variants of Unix included Linux, OpenBSD, FreeBSD, and Solaris 2.6, 7, and 8. * Wrote a program called mp3_check that is playing a pivotal role in the quality of the music files available of the website. After being made publicly available, there have been over 8,000 downloads of the program, and I frequently get kudos from people around the world. The page for the program is located at freshmeat.net. People use it from satellite transmission processing, to extraction of MP3s from Shockwave Flash files. UNIX ADMINISTRATOR / INTERNET DEVELOPER, Jan 1996 - July 1999. Diamond Multimedia, San Jose, California. Responsibilities included: * Was the architect and developed all of Diamond Multimedia's Online Store, including the customer interface, database schema, transaction system, and the administration back-end. * Maintaining enterprise databases (Microsoft SQL Server, and Oracle), supporting developers in a Unix development environment under Solaris 2.5.1 and 2.6, and developing applications for online/Internet related purposes. * Created an enterprise level WAN based e-commerce data exchange system that provided a critical function in managing shipments of huge quantities of Rio MP3 Player product to third-party distribution centers nationwide. * Implemented a remote server administration system for data replication and clustering capabilities to Diamond's co-location at Digital Island in Hawaii for their international customers. * Created an online HTML page generation system used to build static pages for certain high-load areas of the production website. * Created an HTML based mass emailing system (subscription based) used by Diamond Multimedia for direct marketing. * Created intranet-based reporting tools for measuring e-commerce and direct marketing results of mailings and promotional specials on the online store. * Created an extranet for field engineers, allowing secure access to current product information, including features such as automatic email notifications of changes and threaded discussion forums. * Developed an FTP/HTTP staging server for web development, including a tiered security model, automatic notification of files checked-in for quality-assurance, automated data-replication of approved files to production servers. UNIX DESKTOP SUPPORT, Aug 1993 to Jan 1996 Diamond Multimedia, San Jose, California. Responsibilities included: * Supported hardware engineers and software developers in a mixed Unix environment. Daily responsibilities included creation of user accounts, permissions, and troubleshooting typical desktop problems such as connectivity and application/OS issues. UNITED STATES ARMY, posted in Europe, August 1989-August 1992. PERSONAL: Habits/Interests: Tai-Chi, volunteering for California School of the Deaf and San Jose Unified School District, running, snow skiing, gardening, reading, biking, scuba diving, Unix hacking / programming, world travel, and zymurgy. Myers-Briggs Type: ENTJ REFERENCES: Available upon request. $Id: resume.txt,v 1.5 2008/09/04 11:13:32 ericb Exp $