Digital DevOps Senior (Contract)2019 - 2020NHS Business Services Authority
Technologies: Amazon Web Services (AWS), GitLab, Vault, Consul, Ansible, Terraform, Kubernetes, Docker, Linux, CentOS, AWS
- Developed a Kubernetes platform and CI/CD pipelines consisting of multiple clusters in AWS utilizing EKS, GitLab, Helm, and Terraform.
- Developed a CI/CD pipeline using Ansible orchestrated via GitLab CI to automatically build, test, and deploy the multiple Node.js and Java Springboot microservices and PostgreSQL databases comprising the new NHS Jobs website.
- Oversaw the first live deployment of the first phase of a complete overhaul of the NHS Jobs website: a site hosting over 20 000 job opportunities at any one time.
- Assisted the NHS Jobs project with the integration of AWS managed services such as SQS, ElastiaCache, and Lambda as well as with third-party APIs such as job site and postcode lookup services and on-premise legacy NHS services.
- Oversaw the build and migration of SVN source code repositories responsible for hosting legacy code from on-premise hardware to the cloud.
- Liased with penetration testers, security and compliance, platform, and development teams to assist with assuring the security and integrity of the platform and hosted services.
- Mentored and provided training to new and existing staff in Linux, Terraform, Ansible, AWS, Docker, Kubernetes, DevOps best practices, and many other tools.
- Assisted in the design and implementation of a new monitoring platform using Datadog.
- Improved and enhanced existing CI/CD pipelines and infrastructure code across the NHS AWS Cloud platform.
DevOps Engineer (Contract)2018 - 2018Insure The Box
Technologies: Amazon Web Services (AWS), ELK (Elastic Stack), Nginx, PostgreSQL, Ansible, Terraform, Jenkins, GitLab, Docker, AWS
- Developed Ansible roles and scripts to automate many BAU tasks, greatly increasing the efficiency of members of the platform team by freeing them from many manual jobs.
- Developed CI/CD pipelines to build, test and deploy multiple projects and services to multiple AWS cloud environments using Jenkins and Ansible significantly reducing the time and effort required to deploy applications.
- Wrote Terraform infrastructure-as-code to define and build cloud servers and services in a new AWS cloud platform, greatly reducing the time required to build infrastructure from days to a matter of minutes.
- Developed multiple Ansible roles to aid in the build, configuration, and deployment of ITB's many products to their AWS cloud platform.
- Containerized multiple legacy Java Tomcat and Python applications to enable them to be more easily used for local development work and be reliably deployed to multiple environments.
- Created a CI/CD pipeline in Jenkins to automate the deployment of the company Wordpress website.
- Automated the deployment of microservices to Amazon ECS and Fargate using GitLab and Go scripts.
- Automated the deployment and configuration of ELK stack to AWS using Ansible and Jenkins.
Digital DevOps Senior (Contract)2017 - 2018NHS Business Services Authority
Technologies: Amazon Web Services (AWS), PostgreSQL, GitLab, Vault, HashiCorp, Consul, Ansible, Terraform, Docker, CentOS, AWS
- Designed and built a new AWS cloud platform to be used by hundreds of projects across the NHS BSA and NHS Digital which has since been presented at AWS conferences both in the UK and the US as a model platform for public sector cloud services.
- Designed and implemented a template CI/CD pipeline using a combination of Ansible and bespoke scripts, orchestrated via GitLab CI for use by hundereds of projects to build, test and deploy applications to multiple AWS environments.
- Developed Terraform and Ansible infrastructure-as-code for the NHS' AWS cloud environment capable of deploying and configuring underlying infrastructure and networks, as well as applications and servers.
- Mentored and provided training to new and existing staff in Linux, Terraform, Ansible, AWS, Docker, Kubernetes, DevOps best practices and many other tools.
- Implemented CI/CD pipelines in Terraform and Ansible and oversaw the launch of the first projects to go live on the new NHS AWS cloud platform.
- Liaised with security, development and operations teams to maintain the security of the platform and implement fixes for problems highlighted in penetration tests.
- Oversaw the migration of many legacy projects to the new AWS cloud platform.
- Automated deployment and configuration of intrusion detection and anti-virus software, OSSEC and Trend Micro.
- Automated service discovery using Consul.
- Automated the deployment and configuration of PostgreSQL and MySQL in RDS using bespoke SQL scripts and Ansible.
- Assisted with the establishment of routine penetration testing of the platform and projects.
- Assisted with the continuous improvement of the AWS platform.
Senior Digital DevOps (Contract)2016 - 2017NHS Business Services Authority
Technologies: Amazon Web Services (AWS), GitLab, Vault, Consul, Ansible, Terraform, VMware vCloud, Linux, CentOS, AWS
- Designed and built a proof of concept, infrastructre-as-code cloud platform in VMWare VCloud using Ansible, Terraform and GitLab CI which laid the groundwork and secured sign-off for a production cloud environment.
- Deployed the first NHS BSA pilot project into the cloud using a fully automated CI/CD pipeline in GitLab paving the way for the NHS's future cloud-first policies.
- Provided training for the existing platform team in infrastructure-as-code (Ansible and Terraform) and Public Cloud and DevOps methodologies and toolsets.
- Designed and developed a fully automated CI/CD pipeline including automated testing, code quality analysis, vulnerability scanning, capable of deploying to multiple environments and adhering to company change control procedures.
- Ensured security and compliance best practices were followed throughout the AWS platform.
- Automated secret management using Hashicop Vault and Ansible.
DevOps Engineer (Contract)2016 - 2016University of Bristol
Technologies: Amazon Web Services (AWS), WordPress, Drupal, GitHub, Puppet, Jenkins, Hyper-V, Azure, AWS, Hypervisors, Xen
- Performed a detailed analysis of the university's existing cloud infrastructure and utilization.
- Made recommendations for the design of a new cloud platform based on current utilization.
- Developed recommendations for improvements and more efficient utilization of CI/CD pipelines for the automated deployment of services to the existing and future cloud platforms.
- Made recommendations for increasing efficiency and cutting costs of resource utilization in the current cloud platform.
- Advised on improvements to existing configuration management tools, Puppet and Bcfg2.
DevOps Engineer (Contract)2016 - 2016MyLife Digital
Technologies: ForgeRock, HAProxy, TeamCity, Rancher, Docker, Terraform, Ansible, OpenStack, VMware vCloud
- Designed and built a fully infrastructure-as-code, scalable and secure cloud platform in OpenStack utilizing Docker, Rancher and Kubernetes capable of hosting multiple isolated and dynamic environmenst each consisting of multiple microservices.
- Oversaw the first release of MyLife Digital's consent management platform.
- Created a CI/CD pipeline using TeamCity, Ansible, and Terraform to manage the full development and deployment lifecycle of multiple microservices.
- Implemented the containerization of many supportive services such as ForgeRock and Tyk API gateway as well as assisting with the dockerization of MyLife Digital's own microservices.
- Assisted with the implementation of ISO27001 security standards.
- Developed Docker containers for microservices and supporting applications.
Web Infrastructure Developer and Administrator2015 - 2016African Conservation Experience
Technologies: Concrete5, Zend Framework, New Relic, GlusterFS, HAProxy, Memcached, Ubuntu, Apache, MySQL, PHP
- Converted the existing public website from a bespoke PHP site to a new content management system called Concrete5.
- Developed integration plugins for the interoperation of the new website and the existing backend management system.
- Built the SMS integration for a Zend back-end management system.
- Made improvements to the performance and stability of the existing cloud infrastructure.
- Ensured the security, high availability, and scaling of cloud-based application servers and infrastructure hosted in DigitalOcean running on Ubuntu Server.
Enterprise Infrastructure Specialist2013 - 2015Open GI Limited
Technologies: DRBD, MySQL, ASA, Cisco, SaltStack, CFEngine, Linux, SUSE, Nagios, Riverbed, VMware vSphere
- Facilitated the adoption of DevOps methodologies across the business, breaking down barriers between development and operations departments, thereby improving the efficiency of the software development lifecycle.
- Facilitated the establishment of a new service operations center within the business.
- Made continual improvements to server and network monitoring and analytics including implementation of Cacti and development of bespoke modules for Nagios and Munin.
- Implemented continual improvements to the availability and performance of the key server and network infrastructure.
- Liaised with penetration testers and security and compliance managers, platform engineer,s and developers to ensure security and integrity of the hosted platform and software.
- Implemented a new and improved managed services platform for the hosting of customer office systems on VMware and Citrix.
- Trained and mentored new and existing support staff.
- Developed custom modules for Nagios and Munin.
- Implemented Cacti for monitoring networks.
- Tasked with the continual improvement of infrastructure performance and availability.
- Managed the continual improvement of server and network monitoring and analytics.
- Assured the high availability and scaling of the hosted platform to meet future business needs.
- Assisted in creating a robust backup and DR program.
- Oversaw performance tuning, upgrades, and availability improvements of a multiterabyte MySQL cluster serving tens of millions of daily transactions.
Technical Delivery Consultant2011 - 2013Open GI Limited
Technologies: DRBD, MySQL, Cisco, Linux, SUSE, Nagios, Riverbed, VMware vSphere
- Developed a bespoke continuous deployment tool in Python and Django capable of reliably and automatically deploying multiple daily software releases and configuration changes to multiple web services and servers.
- Designed and built two separate VMware private cloud architectures spanning multiple datacenters capable of hosting two separate software platforms capable of securely and reliably serving over 10 million transactions per day.
- Deployed and configured a comprehensive suite of monitoring tools and scripts to monitor cloud-hosted architecture and services.
- Performed a seamless migration of live-hosted services from a managed platform to the new self-managed private cloud architecture.
- Migrated internal server infrastructure from physical hardware to a new VMware virtualized platform.
- Sourced and purchased storage, server and network hardware for two separate private cloud environments.
- Configured Cisco network devices to provide a secure and resilient network for private cloud infrastructure spanning multiple datacenters.
- Migrated Open GI's personal line software from existing managed hosting platform to new self-built and managed private cloud, with minimal downtime and disruption. The migration included multiple web services and a highly multi-terabyte MySQL database.
- Designed, built and configured platform for hosting of Open GI's new commercial line platform.
- Installed and configured ESXi and Vsphere to support a private cloud spanning multiple datacenters.
- Configured Cisco and Juniper Firewalls to provide a secure and highly available private cloud environment and site-to-site VPNs linking multiple datacenters and on-premise networks.
- Automated many BAU tasks and procedures through the use of Puppet and bespoke Python and Bash scripts.
- Developed a service-monitoring dashboard and monitoring scripts using Python and Django.
- Implemented service and infrastructure monitoring of the hosted server architecture using Nagios, Munin and bespoke Python scripts.
Hosted Infrastructure Administrator2009 - 2011Open GI Limited
Technologies: Corosync, ldirectord, DRBD, MySQL, Openswan, Apache Tomcat, Linux, SUSE
- Implemented a highly available, scalable hosted platform running on SuSE Enterprise Linux running Apache Tomcat, Corosync, Ldirectord, and DRBD capable of reliably and securely hosting hundreds of distinct web services.
- Performed a large-scale data center migration of over 200 hosted servers incurring minimal downtime and disruption to live services.
- Implemented multiple site to site VPNs interopping Cisco ASA's with SuSE Linux using OpenSwan.
- Built a highly available MySQL cluster capable of reliably scaling to many terabytes of data and many millions of daily transactions.
- Designed, built and deployed the first servers for Open GI's first online offering, built on SuSE Enterprise Linux to serve Java Tomcat web services.
- Implemented a highly available MySQL cluster using DRBD, Corosync, and Ldirectord.
- Implemented resilient Tomcat web services using Apache, Corosync, and Ldirectord.
- Implemented site-to-site VPN interoperating Linux, Cisco and Juniper VPNs.
- Developed Bash and Python scripts to automate server configuration and software deployment.
- Implemented a remote diagnostics solution providing secure remote access to the on-premise back-office systems of Open GI customers using Python and SSH tunneling.
Linux Server and Website Administrator2005 - 2009Open GI Limited
Technologies: Openswan, Snort, SpamAssassin, Squid, Qmail, Citrix, Cisco Webex, Xen, Joomla, PHP, Iptables, Linux, SUSE
- Developed a new company website in PHP.
- Created an online customer training website integrating Joomla, Webex, Citrix, and Xen.
- Built a virtualized development platform on Xen to enable the testing and development of OpenGL software in a virtualized environment, removing the requirement for physical hardware thereby speeding development turnaround and reducing costs. The platform included a bespoke shell environment written in Python allowing users to spin up or delete new environments.
- Established a VPN using OpenSwan on SuSE Linux, allowing remote workers to access network resources when on the road or working from home.
- Implemented ingress-and-egress security, including firewalls, proxies, intrusion detection, and spam and virus protection, using open-source tools such as iptables, Squid, Snort, SpamAssassin, and Qmail.
- Developed a highly available platform capable of hosting OpenGI's EDI messaging software delivering many millions of daily messages, enabling these services to be brought in-house thus saving costs and improving stability and reliability.
- Fixed security holes in an existing company website.
- Developed a new customer support website in using Joomla and including bespoke Joomla modules integrating with a bespoke on-premise CMS.
- Built resilient web services on SuSE Enterprise Linux to self-host the company website.
- Debugged Open GI software running on Linux to solve critical problems with the first release of Open GI's core products running on non-propriety hardware.
- Configured and maintained company mail servers using Qmail and SpamAssassin.
- Maintained and upgraded the HPUX server responsible for hosting in-house helpdesk and accounts software and Informix databases.
- Developed a customer training website utilizing bespoke Joomla modules integrating with Citrix and Webex.
Systems Programmer2001 - 2005Dilko School of English
Technologies: Windows, Linux Servers, GNOME, Apache, Iptables, Squid, Linux, Slackware, Python, PHP
- Built a laboratory from unwanted hardware for use by students to study and access the internet, utilizing a bespoke version of the Linux terminal server project.
- Developed a web-based English language assessment tool in PHP which allowed for the accurate assessment of potential student's English ability enabling more accurate placement in courses according to their ability.
- Built a student registration system to allow staff to track details of prospective and existing students as well as integrating with the above-mentioned assessment tool to assist in the placement of students in suitable groups according to ability.
- Integrated the above-mentioned student registration system into the existing accounts system to allow easy tracking of due and late payments.
- Developed a time-tracking and project-management system which integrated with PHProjekt utilizing its calendaring, messaging, and scheduling functionality.
- Created web-based examination and testing software expanding upon the above-mentioned assessment tool to allow teachers to create revision tests and end-of-term examinations; it was integrated with the student registration and tracking system.
- Developed software in Python and PyGTK to track the distribution of books published by the school's publishing arm.
- Built and configured company mail servers using Sendmail and SpamAssassin running on Slackware Linux.
- Configured firewalls and gateway servers running on Slackware Linux using iptables and squid to maintain ingress and egress network security.
- Modified a GNOME desktop to better run as a kiosk desktop on diskless terminals.
- Developed a custom Linux distribution (distro) to run on diskless terminals.