Build, integrate, maintain, and support websites for private individuals and smaller businesses.

CI/CD pipeline setup, integration, deployments, and support.

Facilitate continuous delivery of quality software, design and support robust build, deployment and configuration management systems for multi-tier applications, cloud provisioning and taking a lead on automation.

• Design and support robust build, deployment, and configuration management systems.
• Support and maintain Jira and Confluence clustered installations.
• Enhancing security for multi-tier applications.
• CIS hardening for AMI using OpenSCAP, Syft and Grype.
• Monitoring and logging of supported systems using AWS CloudWatch, Prometheus, Grafana, Elasticsearch, Filebeat and Kibana.
• Technical support for team members.
• Documentation of procedures and policies.
• Working within strict governance policies.

• Migration of Jira and Confluence Data Center clusters from a manual setup to automated deployments with Gitlab CI pipelines in multiple AWS environments using Terraform and Gitlab CI with monitoring solution using AWS CloudWatch, Prometheus and Grafana.
• Automated process to provision, test and verify custom service AWS AMIs, hardened to CIS Level 2, based on RHEL 8 using Packer, Gitlab CI and Terraform.
• Creation and development of a unified versions dashboard (Python, Gitlab Pages/MkDocs) across multiple environments providing insights into service versions running on estate and comparison to the latest available versions from providers with certificate chain expiry information for each service. Security insights into AWS AMI versions for each service providing all available custom built AMIs, their versions and build artifacts for review including reports for OpenSCAP CIS Level 1 and 2, Grype/Syft and Software Bill of Materials (SBOM).
• Introduction and implementation of Gitlab security scanning tools: SAST, IaC, Secret Detection, License Scanning, DAST, Container and Dependency Scanning.

Reporting to CTO, managing IT infrastructure on multiple datacentres and in cloud, managing IT team, providing 2nd line IT support for the company.

• Management of IT team.
• Build, setup, monitoring and support of multiple application environments in AWS and on-premises datacentres.
• Look at new technologies to help the company grow (Ansible / Terraform / Docker / Kubernetes).
• Administer live database systems (MySQL / MongoDB / Linux).
• Management of the IT ticket queue.
• Documentation of procedures / policies.
• Management of Buddi Servers / Network / Infrastructure (Linux / Windows).
• Implementation of security policies.
• Member of ISMS Board.
• Support the company’s obligations regarding Data Protection and Information Security.
• Support the company’s ISO/quality management activities as they may relate to the areas of IT.
• Provide support escalation.

• Created and implemented new environment setup procedure in AWS with Terraform (VPC, IGW, Route tables, EC2 instances, Security Groups, EIPs, ELB, ALB, WAF).
• Created new CI/CD pipelines for automated deployments to multiple environments using Ansible Tower, GitLab, Bash, Python.
• IT maintenance task automation with Ansible, like security updates.
• Created secrets storage with Hashicorp Vault and Consul for application configuration.
• Restructured management network spanning across 3 offices and multiple environments globally using AWS Transit Gateways, AWS VPC Peering and Tinc mesh VPN.
• ISO 27001 certification for the company.

Build, manage and maintain infrastructure required for internal and external use including physical servers and network devices. Facilitate continuous delivery of web applications for in-house developers. Provide support and escalation for clients.

• Level 2/3 support for internal and client infrastructure located in on premise datacentres, AWS, and Azure cloud.
• Support for open-source hypervisors running Proxmox with NFS, ZFS and Ceph storage, setup, maintenance, balancing.
• Support for production, development and staging/UAT environments and agile development including Continuous Integration and Release Management (Jenkins / TeamCity / GIT), Deployment (Octopus Deploy / Jenkins) and High Availability (HAproxy / Microsoft ARR, AWS ELB).
• Infrastructure automation with Ansible (Linux and Windows).
• VPN mesh solution aggregating AWS, Azure, remote datacentres, and local office into one local network using Tinc and SoftEther VPN servers, iptables and ansible.
• Continuous monitoring using Check_MK/Nagios and development of plugins using Python, Bash, and Perl.
• Database administration and management including MSSQL, MySQL and MongoDB.
• Datacentre management, networking, and servers.
• Support for Hyper-V and VMware hypervisors with Veeam backup solution.
• Web servers and load balancing (Windows/IIS, Linux Apache / HAproxy / Varnish / Memcached).
• SOLR servers’ setup for search services.
• MongoDB clusters.
• Support for Linux distributions including Ubuntu, Debian, Centos, Amazon Linux.
• Support for Windows Servers 2008, 2012 and 2016.
• Internal systems management (AD, Office 365, LAN, laptops, printers).

Manage deployments for clients into multiple environments across on-premise datacentres and AWS cloud, assuring high availability and high resiliency, provide out-of-hours support and escalation.

• Level 2 support for client infrastructure located in AWS and personal datacentres.
• Linux distributions supported: Amazon Linux, Centos, Ubuntu, Debian.
• AWS infrastructure and network creation, development, and administration.
• AWS services used daily: EC2, S3, CloudFront, Glacier, RDS, ElastiCache, Redshift, VPC, Route53, CloudWatch, CloudTrail, IAM.
• Internal and client facing Service Desk software ManageEngine ServiceDesk Plus administration including request, problem and change process adaptation and improvements.
• Monitoring software Solarwinds administration and management.
• JumpBox software Wallix Admin Bastion administration and management.
• Local DNS and DHCP administration and management.

Manage a wide range of services for internal and client use, including but not limited to AD, DHCP, DNS, Email, Web, built on top of physical and VMware virtual servers.

• DNS administration (Bind9, OpenLDAP / Linux, Unix).
• Email administration (Cyrus, Dovecot, Postfix / Linux, Unix, Mac OS X).
• Email technical support, client configuration, delisting from RBL blacklists.
• Web server administration (apache2, Parallels Plesk Panel / Linux, Unix, MacOS X).
• MySQL server administration and replication (mysqld / Linux).
• DHCP configuration and administration (DHCPd / Linux).
• Windows Domain configuration and administration (Samba, OpenLDAP /Linux, Mac OS X).
• Network devices monitoring (Cacti, Nagios / Linux).
• VMware server virtualisation.
• Server backup using Veeam.