Andrew Charles Denslow
Andy@Denslow.net Austin, TX

Professional Profile

Linux / UNIX Architect with over 14 years of experience implementing, administering, securing and managing IT networks for telecommunications, Internet, Software and financial companies. Creative problem solver with the ability to reduce costs, improve uptime, and consistently meet budgetary goals.

  • Administration - Red Hat Certified Engineer with a solid background successfully administering large and complex UNIX environments. Make use of programming skills to automate routine tasks and ensure standards are followed.
  • Architecture - Red Hat Certified Architect with a proven ability to design and implement scalable, reliable, and supportable information systems in environments requiring 24 x 7 availability.
  • Security - Red Hat Certified Security Specialist / Checkpoint Certified Security Engineer with experience developing security policies, implementing perimeter and system security including custom targeted SELinux policy modules, and auditing networks for high-profile, high-risk web properties. I am capable of obtaining a US Government Security Clearance.

    • Experience in a Nutshell
    Operating Systems:
  • Enterprise Linux (including Red Hat, Oracle, and CentOS) versions 2.1 through 5
    		•
  • Sun Solaris 2.2 through 10
    		•
    Virtualization Platforms:
  • VMware, Xen, QEMU and KVM
    		•
    Linux / UNIX Technologies:
  • SELinux, Red Hat Satellite, Spacewalk, YUM, Red Hat and Fedora Directory Server (LDAP), Bind (DNS), Sendmail and Postfix (SMTP), Apache, Dovecot (IMAP), LVM, EMC Powerpath, Linux native Multipathing, LUKS disk encryption, ssh, openssl, rsync, ntp, NFS and iSCSI, custom RPM building.
    		•
    Oracle Technologies:
  • 10g Enterprise Database, Real Application Cluster (RAC), Cluster Ready Services (CRS), Automatic Storage Management (ASM), Oracle Clustered File System (OCFS v2)
    		•
    Programming Languages:
  • I author code in UNIX Shell (Bourne, Korn, Bash), and Perl.
  • I debug and modify code written in C, php, and python.
  • I can also author and debug HTML, DHTML / CSS, JavaScript.
    		•

    Certifications
  • Red Hat Certified Architect (RHCA).
  • Red Hat Certified Security Specialist (RHCSS).
  • Red Hat Certified Datacenter Specialist (RHCDS).
  • Red Hat Certified Engineer (RHCE #804006621920237).
  • Sun Certified Solaris 2.x Systems Administrator.
  • Checkpoint Certified Security Engineer.
    		•

    Experience
    Oracle USA, Inc. (2004-2005 as Tek Systems Contractor) 2004 - Present
    Principal Systems Administrator - Linux Technical Product Manager
    Principal Systems Administrator on the Global IT (GIT) Systems Design team (formerly known as GIT Architecture). The Linux Technical Product Manager (TPM) is the lead resource for all Linux issues in Global IT.
    • As the Linux TPM I am responsible for developing, documenting and implementing Linux OS standards.
      • These standards are deployed to thousands of servers across multiple data centers and must support all current Oracle tech stacks (including RAC with NFS and ASM storage).
      • The standards developed must satisfy SOX, SAS70, and PCI audit requirements.
    • Conduct architecture reviews for GIT projects to ensure they meet standards.

    • Recent Projects:
      • Received GIT Pacesetter Award for work on migrating metalink to "My Oracle Support".
      • Developed Linux patching process to support SOX, SAS70, PCI and corporate security requirements.
      • Designed a virtual team model to streamline end-to-end system provisioning process from 5 days to 1.

    • Prior to working in Service Design I supported Oracle's Global Single Instance environment - a 24x7 mission critical system containing over 100 hosts.
    Independent Contracting 2006 - Present
    Debit Card Processor 2007 - 2009
    Contracted to help stabilize/standardize 400 server Solaris environment and then convert it to Linux.
  • Standardized sudo configuration across all hosts.
  • Restructured the Active Directory based central authentication system and implemented it across all servers using existing Vintella licenses.
  • Developed Linux Kickstart system to allow rapid / repeatable CentOS installations for bare-metal and VMware guests. Installation included custom support for in-house JAVA based applications.
  • Implemented Spacewalk (open source RHN Satellite server) to manage Linux configurations and patching per PCI guidelines.
  • Wrote a custom rsync based backup solution using hard links for "de-duplication" to allow operating system backups.
  • Replaced vintella / AD based central auth system with a 4-way multi-master Fedora Directory server setup saving over $100K/yr in support costs.
  • Developed custom scripts to allow automatic maintenance of the disaster recovery site.
  • Implemented targeted SELinux policies on all public facing systems to protect them from day 0 exploits.
  • Created extensive documentation for all projects allowing ongoing support to transition to employees.

    		•
    Debix Identity Protection Network 2006 - 2007
    Contracted to develop system architecture and manage other technical contractors.
  • Desgined 4 tiered network architecture to support a secure operation.
  • Installed a 2 node Oracle 10G RAC w/ ASM on EMC storage using raw devices on PowerPath.
  • Wrote custom filter to allow email posting to bugzilla.
  • Wrote and implemeted custom rsync based backup solution.
  • Reviewed and directed work performed by DBA and systems administration contractors.


    		•
    NLX Corporation 2002 - 2004
    Senior Systems Engineer
    Responsible for conducting a study on integration of the US Air Force B-1B weapons systems trainers into the Air Force's distributed mission operations (DMO) network using the DoD's high level architecture (HLA).
  • Designed and implemented a network of Dell Poweredge 2650 servers running Red Hat Linux to integrate the legacy B-1B Weapons System Trainers (WST) into the DMO network.
  • Also responsible for supporting several Sun Solaris / SPARC based training subsystems.
  • A US government security clearance was required for this role.


    		•
    Excite@Home 1999 - 2002
    Senior Systems Architect
    Part of a team responsible for designing, implementing and standardizing computer systems and storage solutions to support the operation of Excite@Home's network.
  • Responsible for beta testing new hardware and software to evaluate whether it can reduce costs and improve performance for Excite@Home's network.
  • Hardware evaluated included EMC Symm5 storage, Sun Serengeti servers, Arrowpoint and Netscaler load balancing switches, X86 based web servers, and Cisco routers and switches
  • Software evaluated included Veritas Volume Manager and File System, Sun Solaris 8 for Sparc and Intel, Sun's cachefs, EMC Powerpath, AT&T Mailenium, Openwave's Intermail, and Microsoft Windows 2000 Server.
  • Systems I specified and helped implement saved over $15 million in hardware costs.

    		•
    Senior Manager, Product Operations
    Oversaw a team of 3 managers and over 30 technical staff responsible for supporting the media assets of Excite@Home. Responsible for managing the operation of a 10,000 square foot data center housing thousands of Sun and Intel based servers.
  • Grew the team of systems administrators from 23 to 34 in a little over 6 months.
  • Managed an operations budget of $15 million.
  • Conducted "post mortem" and root cause analysis meetings for all outages.
  • Conducted monthly data center backup power tests. (generators and UPS)
  • Reduced system downtime by over 15%


    		•
    Nextel Communications, Inc. 1993 - 1999
    Manager, Security
    Managed the team of system administrators responsible for information security at Nextel's Internet data center.
  • Developed and implemented a comprehensive security policy.
  • Designed and implemented a "DMZ" consisting of 2 pairs of Checkpoint VPN-1 firewalls in a redundant configuration.
  • Researched, specified and verified implementation of host based security measures for Sun Solaris and Windows NT hosts.
  • Conducted quarterly security audits and oversaw annual third-party audits.
  • Investigated all suspected security incidents.
  • Educated management on the importance of information security and developed security training for all data center personnel.

    		•
    Sr. Systems Engineer
    Senior technical adviser for all projects in the Abilene facility.
  • Responsible for implementation, configuration, and administration of several web sites operated by Nextel Communications.
  • Responsible for the creation of a DMZ utilizing 4 Checkpoint Firewall-1 firewalls installed in two H/A pairs (using H/A software I developed)
  • Implemented TCP Wrappers and security policies to prevent the spread of damage in case of a firewall breach.
  • Implemented dialup and VPN solutions to allow remote access for local and remote employees.

    		•

    Click here to download this resume in Adobe PDF format.