Danny Sauer resume@dannysauer.com - 217-314-9149 Objective: To find a job where I can perpetually learn while continuously working to automate myself out of a job. Work Senior Software Engineer - SUSE, 2018-present Experience: * Write code and solve problems in the SUSE CaaS Platform (CaaSP) o Typical technologies: Kubernetes, Ruby / Rails. Python, Jenkins, etcd, Salt, SUSE Linux o Implement feature requests like OIDC configuration and SSL cert management, bugfixes * Open issues and contribute fixes to OpenSUSE and upstream Open Source projects * Provide "sysadmin" perspective within developer team * Mentor more junior teammates * Conduct training sessions / demos on new solutions * Provide engineering support to L3 engineers supporting customers * Employ multiple communication mechanisms to participate in Agile development process with world-wide dispersed team * Act as team lead for "bug squad" and "feature squad" * Act as North America Release Engineer o Coordinate release activities with developers in America timezones and release engineers in Europe & Asia o Package software as RPM and containers for SUSE releases using Open Build Service, Kiwi, Jenkins, and GitHub Actions o Maintain CI pipeline (Jenkins) code o Coordinate security / bugfix releases of customer-facing code * Act as CaaSP Security Champion o Pioneer and advocate Security Champion role within SUSE o Serve as single Point Of Contact for Security within CaaSP team, and as SPOC for CaaSP issues within Security team o Prioritize security bugfixes like CVEs within team o Champion security-related work, such as improving use of capabilities within control plane containers and implementing automated execution of scanners like kube-hunter in CI process Senior Linux OS / Automation Engineer - State Farm Insurance, 2015-2018 * Convert existing CFEngine 3 infrastructure to Puppet 3 (then 5) * Convert several existing one-time configuration scripts to continuous-validation native Puppet logic (occasionally using Ruby facts/functions and defined types) * Develop and tune PostgreSQL configuration management database * Develop utilities and scalable, geographically-distributed web services using ksh93 (bash), perl, and python languages, backed by etcd and PostgreSQL data store * Provide third-level enterprise Linux OS support (>200K virtual machines plus a couple thousand physical machines; mix of RHEL/CentOS and Ubuntu) * Lead Linux OS component of hybrid public cloud migration o Build / automate base Linux OS images (Ubuntu and Amazon Linux) o Provide direction on patch management, security scanning, connectivity, and lifecycle for EC2 instances * Implement enterprise-wide Prometheus / Grafana / ElasticSearch centralized monitoring / logging / alerting system * Research trends and investigate new solutions continuously * Provide consultation on various Linux OS configuration and automation issues to business partners through project assignments and ad-hoc engagement * Employ Kanban and SAFE Agile methodologies for service-oriented work * Work within a geographically-distributed team which unified formerly separate UNIX/Linux Security and OS support * Conduct training for team and second-level support / mentor new team members * Plan/participate in migration to new compute environment (host naming convention, system bootstrap design, secure provisioning, etc) * Participate in third-level 24x7 on-call rotation o Respond to incidents escalated from second-level support o Own and resolve problem records o Develop knowledge items for use by first- and second-level teams * Participate in disaster recovery exercises o troubleshoot and recover physical and virtual machines from bare metal o use PXE boot, file backups, and several custom scripts in isolated environment * Use ITIL-based change control process to deploy environmental changes * Automate software deployments using in-house Gitlab/Jenkens infrastructure Tier 3 Unix Security Problem Management - State Farm Insurance, 2006- 2015 (contract via TekSystems 2006-2008; direct 2008-2015) * architect and oversee deployment of CFEngine to a mixed Unix environment o Planned multi-year project to convert ~80K lines of shell and perl scripts to native CFEngine policy / self-service web application o Developed database back end to serve as central store for security configuration and all security configuration information (sudo rules, account attributes, system access permissions, system classification, ssh keys, etc) o Designed and implemented software version control repository for all CFEngine and Webmin module code, with hooks for automated deployment, defect tracking integration, and peer review, and transparent structured deployment o Designed and implemented self-service web applications using Webmin framework and several custom modules (Perl) for ~50K end-users o Designed and implemented active-active management cluster with geographic fail-over, primarily using Gluster and Postgres behind pgpool-II with etcd-based heartbeat o Replaced legacy form-based non-automated system o Added complete accountability for all security attributes on all managed Unix platforms, improving auditability o Enabled systems to self-repair all known security configuration items (~43,000 checks done every 15 minutes as of mid-2013, will be over 100K by project completion) o Integrated with concurrently-developed Puppet environment. # Install CFEngine through Puppet manifest # Develop custom facts using Ruby and JSON to share information between CFEngine and Puppet # Work with Puppet support area through regular sync meetings to ensure appropriate separation of duties and avoid managed resource collisions * diagnose and resolve unique issues on Unix platform (HP-UX, AIX, Linux (primarily RHEL and SLE)) * share knowledge of advanced Bourne shell and Perl scripting * develop scripting style guide and code beautifier for ksh scripts * develop scripts for first and second level tech support staff to use, primarily in Ksh and Perl o developed multi-platform single-pass user synchronization tool (soon to be open-sourced) o completely rewrote interactive user management tool o developed automated system security auditing tool o developed several tools to enforce consistency of security configuration, such as sudo management, kerberos configuration, password generation, ssh key management, etc * Participate in third-level 24x7 on-call rotation o Respond to incidents escalated from second-level support o Respond to incidents directly opened by business partners and automation o Own and resolve problem records as problem management team o Develop knowledge items and procedures for use by first- and second-level teams o Own and maintain configuration items * Deploy environmental changes following ITIL-based change control process * mentor newly-hired / less experienced security analysts * advocate and drive adoption of open source software products * work with business partners with varying backgrounds to identify and communicate potentially complicated technical and security issues * provide Unix security consultation for business partners * maintain high-level knowledge of various regulatory / audit requirements inherent in a domestic multi-line insurance and banking company which processes credit card payments (PCI, SOX, GLBA, HIPAA, etc) * set policy for future Unix environment growth and usage, accounting for management tool scalability and anticipated business requirements Technical Reviewer - Packt Publishing, 2014 * Identify and correct technical issues in PostgreSQL Cookbook (ISBN 139781783555338) * Provide feedback on draft copies of chapters within 2-3 days of receiving the chapters * Topics included common Postgres administration tasks, including data optimization, interaction using various programming languages, and management of extensions. Technical Reviewer - Packt Publishing, 2013 * Identify technical issues in Webmin Administrator's Cookbook (ISBN 9781849515849) * Provide feedback on draft copies of chapters within 2-3 days of receiving the chapters * Topics were common UNIX (Primarily Linux) cross-platform administration tasks, often performed through a web interface * Several pieces of feedback were included as sidebars in the final book Applications Benchmarking Engineer - Intel Corp., 2005-2006 (contract position) * Assemble, configure, test and debug production and pre-production hardware in a clustered, high-performance environment, generally running RHEL 3.x and 4.x as well as SUSE Linux * Configure HP and Linksys managed switches for performance Gigabit Ethernet interconnects, as well as managing and configuring Myrinet and Infiniband interconnects using a variety of products * Develop new and maintain existing scripts for automation and validation purposes, using primarily Perl and Bash. * Rewrite, reorganize, and expand roughly 12,000 lines of Perl, finishing and correcting the rough implementation started by a previous contractor while making the coding style consistent and more modular. 90% of the script was rewritten, and the codebase roughly doubled in size from the new features. * develop moderately complex Perl framework for gathering, collating, and graphing performance benchmarking information * Actively share knowledge of Linux operating system and Perl with members of the Cluster Development team as well as with the local IT department. * Assist in diagnostics of other computing areas as appropriate Network Systems Administrator - Teleologic Learning Co., 2000-2005 * Maintain all Internet services, including www, smtp, ftp, cvs, subversion, mysql, DNS, etc. Manage redundant servers in most cases. * Research, recommend, and assemble new network workstations * Maintain mixed Win9x/Mac/Linux network workstations * Provide workstation support for local and remote (either at home offices or connected via VPN) employees * Developed a ~2000 line Perl script and an associated markup language which reduced roughly three weeks worth of work down to under one minute, and reduced web developer staffing requirements 30% while greatly increasing Content Developer productivity and content reusability * Developed a tree-based Java program distributed via Java WebStart which allowed simple editing of fields within a structured XML file from within a .zip file without requiring the end user to know that they were using XML or .zip (SCORM-compliant manifests edited from within packages SCOs) * Maintain and upgrade internal data network and phone system, including basic configuration of managed switches and Cisco equipment * Maintain Internet connectivity, including the planning and construction of Linux based firewalls (both whitebox and embedded) using iptables and ipchains rules generated by hand. * Automate server and network device tasks using scripts written in a variety of scripting languages, generally Bourne shell and Perl. * Monitor system and network uptime using custom scripts as well as pre-written systems such as MRTG, NetSaint/Nagios, Big Brother, NetSNMP, etc. * Manage security patches on various Linux distributions, Windows, and OS X, as well as performing periodic security audits / penetration testing using tools such as nmap, and Saint. * Monitor network security using Intrusion Detection tools including Snort and Acid, as well as diagnostic tools such as Ethereal, Etherape, ntop, etc * Develop server-side and client-side web scripts using PHP, JavaScript, Perl, MySQL, HTML, Cold Fusion * Provide JavaScript and PHP training to developers Unix Administrator - Parkland College, 1999-2000 * Plan and implement conversion of student BSDi labs over to SuSE Linux * Research and implement web-based ~10K student email system using LDAP, Courier IMAP, Postfix, and Gnu Horde * Develop custom LDAP user management utilities using Perl and Net:: LDAP both for CLI and web-based tools, some of which were open- sourced and given back to the Internet community * Maintain Linux lab and student email system * Provide basic faculty Linux training * Supervise and train student Linux administrator Part-time Microcomputer Specialist - Parkland College, 1998-1999 * Install + maintain Win 9x lab and faculty workstations * Provide application help-desk services * Co-supervise student employees Student Microcomputer Specialist - Parkland College, 1998 * Assist with maintenance of Win 9x lab and desktop workstations Online references: Personal Blog http://blog.dannysauer.com/ Stack Exchange network profile https://stackexchange.com/users/25511/dannysauer LinkedIn https://linkedin.com/in/dannysauer/ GitHub https://github.com/dannysauer Poorly- Operating Systems maintained keyword / * Linux - 22+ years skill list: o LPIC-1 (Linux Professional Institute Certified) o LPIC-2 (Linux Professional Institute Certified) o SuSE, Slackware, YellowDog, LinuxPPC, Redhat (RHEL, Redhat, and Fedora), Gentoo, Ubuntu, Debian, Knoppix, custom systems, etc * HP-UX - 10 years * AIX - 10 years Programming Languages / Domain-Specific Languages * Perl, Bourne shell (ksh, bash, posix sh), CFEngine, Puppet, awk, PHP, SQL (Postgres, MySQL), HTML, JavaScript, Puppet, Java, C, C++, PIC assembler, Python, Ruby Web Servers * Apache, Boa, Thttpd, Roxen, custom Email Systems * Postfix, Sendmail, Procmail, Courier Imap, Qpopper, Imp, IMHO, SquirrelMail, SpamAssassin, DSpam, DBMail Various * navigation of large organizations, working independently and with a team, working to help people with varying levels of familiarity to understand complex technical concepts * network debugging, intrusion detection, various Internet services, backup/recovery, PC component assembly, network design, DHCP, DNS, LDAP, NIS, Samba, rsync, PIC mid-range microcontrollers, Arduino, HPC, RAID, LVM, EVMS, PPP. Some Cisco, including PIX firewalls (20- node multi-platform home network is behind a Linux firewall with a PIX DMZ and Cisco managed and unmanaged switches connecting the Internet servers and internal workstation. Cisco security certification pending) Education: University of Illinois at Springfield * BS Computer Science, security emphasis