Petar Denev, PCI-DSS Developer in Sofia, Bulgaria
Petar Denev

PCI-DSS Developer in Sofia, Bulgaria

Member since June 28, 2019
Peter has over ten years of experience as a DevOps engineer, with a strong focus on Java projects and payment providers such as PCI-DSS compliance for eMerchantPay, and Concardis. He has built, migrated and re-architectured many projects, with expertise in turning a large monolith architecture into an elegant microservice. Peter writes and debugs Java Spring, OSGI, Terraform, Ansible, Puppet, BASH, GO, and Perl.
Petar is now available for hire

Portfolio

  • Endava
    Java Spring, OSGI, Sitecore, NuGet, AWS, PowerShell, BASH, TeamCity...
  • eMerchantPay
    Ruby On Rails, Puppet, VMware ESXi, MariaDB Galera Cluster
  • SoftServe
    Java, Cassandra NoSQL, Puppet, Apache Spark, Nginx, Spring, Apache ZooKeeper...

Experience

  • MySQL, 12 years
  • Bash, 12 years
  • AWS HA, 10 years
  • Java, 7 years
  • Gradle, 5 years
  • Jenkins Job DSL, 5 years
  • NoSQL, 5 years
  • PCI-DSS, 5 years

Location

Sofia, Bulgaria

Availability

Part-time

Preferred Environment

Linux, Atom IDE, Git Workflows, Jenkins 2, JMeter

The most amazing...

...project I've built was a replacement for an API Gateway, using Nginx and a Java daemon.

Employment

  • Senior DevOps Software Engineer

    2017 - 2019
    Endava
    • Buil a Sitecore CI and CD pipeline for https://www.randa.org/ hosted in AWS within three months.
    • Utilized AWS CloudFormation PowerShell automation to provision the Sitecore application stack. The stack ran on Windows 2012 servers, with PowerShell DSC modules.
    • Automated the build and deployment of NuGet packages with JetBrains TeamCity and Octopus Deploy. Тhe Sitecore CloudFormation application stack provision time dropped to 47 seconds. It took 16 minutes for the building and deploying of the Sitecore NuGet packages. This was done with Octopus.
    • Developed a small Java SpringBoot project with image recognition in under two weeks. The development environment was created with docker-compose. https://play.google.com/store/apps/details?id=com.citizenwatch.android&hl=bg.
    • Built, deployed, and ran performance tests in BASH.
    • Created a payment gateway monolith with Java Spring, OSGI, MariaDB, Apache Karaf, Apache Ignite, ELK stack, and Docker. https://concardis.com/.
    • Oversaw performance improvements on the Docker and MariaDB layers.
    • Planned and executed three months' migration of the development environment, providing developers the ability to independently build and deploy the whole application stack on both development environments (old and new), and ensure the smooth progress of the project.
    • Analyzed and proposed moving the monolith architecture to a microservice one, involving Kubernetes, Apache Kafka, and MongoDB Cluster.
    • Excluded PCI-DSS related services to separate the network, thus lowering the scope of the PCI-DSS audit to be done only on particular microservices.
    • Replaced the ELK stack with Elasticsearch and Search Guard (due to PCI-DSS compliance). Kibana and Fluentd were used to lower the hardware requirements of the Log Aggregator Nodes. This allowed them to satisfy more than one application including Devenv, UAT, and the ProdEnv service load.
    • Successfully passed PCI-DSS audit on the new infrastructure.
    • Actively participated in building the local DevOps discipline in Endava, Sofia.
    • Built the DevOps hiring template and process.
    Technologies: Java Spring, OSGI, Sitecore, NuGet, AWS, PowerShell, BASH, TeamCity, Octopus Deploy, Docker, AWS CloudFormation, MongoDB, MariaDB, Apache Ignite, Logstash, Elasticsearch, Kibana, FluentD, Search Guard, RHEL
  • Senior DevOps Engineer

    2016 - 2017
    eMerchantPay
    • Built a local development environment used by software engineers to deploy source code changes and run a payment gateway application stack.
    • Reverse engineered clones of all VMs part of the staging Devenv. Connected all of them to a PuppetMaster using Puppet2 architecture, as this was the original setup done from the datacenter engineers.
    • Wrote Jenkins files to allow developers to independently deploy different services on the local Devenv with server-lock during deployment, and automated unlock after the QA tests were completed.
    • Fixed all pre, and post-deployment issues, providing the company with a fully automated way to deploy to all environments (development, staging, and production) using Jenkins files.
    • Created a Docker development environment with one container used only for Ruby Gems cache, allowing a quick rebuild of all modules which improved the development process on the stage.
    • Managed a team of two DevOps engineers. Guided them in the application stack architecture, and provided knowledge on different problem debugging techniques.
    Technologies: Ruby On Rails, Puppet, VMware ESXi, MariaDB Galera Cluster
  • Senior DevOps Software Engineer

    2015 - 2016
    SoftServe
    • Built a complex API gateway with Nginx that was managed from a Java daemon, allowing a dynamic API key rate limit and scaling based on the load of the particular cluster of Nginx machines.
    • Developed tools to improve the ability to rapidly deploy, and effectively monitor custom applications in a large-scale UNIX environment.
    • Designed Cross Data Center world-wide systems with a high availability mindset.
    • Built an automated ETL (in this case DB anonymization) process to provide developers the ability to always be able to do performance tests with the latest production data.
    • Integrated EU GDPR rules in emoDB for Bazaarvoice.
    • Migrated the project from Puppet3 to Puppet4.
    Technologies: Java, Cassandra NoSQL, Puppet, Apache Spark, Nginx, Spring, Apache ZooKeeper, Jenkins
  • System Specialist

    2012 - 2015
    Comptel
    • Installed, configured, maintained, troubleshoot, and optimized Red Hat Enterprise Linux servers, VMware ESXi, and HA environments.
    • Wrote custom tools on Groovy, PHP, PowerShell, Bash, and Perl to improve the internal IT and development environments.
    • Troubleshoot and optimized GIT, and SVN-like software version control.
    • Built three site Artifactory clusters.
    • Built a Groovy confluence and Jira plugin that provisioned VMware virtual machines to help the Comptel support engineers create customer environments such as RHEL with OracleDB and Java JDK via a drop-down menu in Confluence.
    Technologies: VMware ESXi, RHEL, Groovy, Jenkins, PHP, PowerShell, BASH, Perl, Mercurial, Artifactory
  • System Administrator

    2011 - 2012
    MochaHost
    • Built a cPanel plugin to deploy Java WAR files in shared hosting accounts.
    • Built PERL automations to clean old, shared web hosting accounts.
    • Built PERL automations to clean hacked, shared hosting accounts.
    • Built a Puppet automation to provision and manage CentOS virtual machines used for shared web hosting servers.
    Technologies: Perl, PHP, cPanel, CentOS, Apache Tomcat
  • Linux System Administrator

    2009 - 2011
    ResellersPanel
    • Implemented Puppet automation for managing shared web hosting servers.
    • Implemented PERL automation for provisioning cPanel servers.
    • Implemented PostgreSQL triggers to help manage the shared web hosting customer plans.
    • Implemented MySQL clusters for managing the payments of the resellers of the shared hosting account.
    Technologies: CentOS, Debian, Perl, cPanel, BASH, Puppet, MySQL, PostgreSQL

Experience

  • PCI-DSS Compatible EFK Stack (Development)
    https://github.com/petardenev/efk-stack-pci-dss

    PCI-DSS compliant Elasticsearch, FluentD, Kibana, and Search Guard for security compliance. The setup utilized Docker Containers. Each service ran on a different virtual machine. The setup consisted of Ansible roles for two Elasticsearch Data Nodes, two Elasticsearch Master Nodes, two FluentD Aggregator Nodes, one Elasticsarch Cross Search Node, and a SearchGuard Container for managing security, all done as Docker containers.

  • Ansible Role of PCI-DSS MariaDB Cluster Hardened Configuration (Development)
    https://github.com/petardenev/pci-dss-mariadb-cluster

    This MariaDB Cluster Hardened service configuration provides security configurations for MariaDB. It is intended to set up production-ready MariaDB instances that are configured with minimal surface for attackers. Furthermore, it is intended to be compliant with the PCI-DSS v3.2.1.

  • Nginx Patched to work with Ey-balancer and Delay Modules with OpenSSL (Development)
    https://github.com/petardenev/ngx-delay-haproxy-queue

    Nginx 1.11.2 patched to work with Ey-balancer and delay modules. Included in the repository are:

    EY-Balance: https://github.com/ezmobius/nginx-ey-balancer
    Nginx-Delay: https://github.com/perusio/nginx-delay-module
    OpenSSL: https://github.com/openssl/openssl

    The setup is suitable for implementation of Java micro caching with low request-response answers. The Ey-balancer patch was created with the possibility to use the least_conn method of distributing incoming requests to the back end. This improved the response time in the critical part of the library.

  • PowerShell Desired State Configuration (DSC) Generator (Development)
    https://github.com/petardenev/dsc-generator

    If you are interested in using PowerShell Desired State Configuration to manage your web server configuration, the DSC Generator can help you get started. You can run the DSC Generator on an existing server, and it will generate a DSC configuration code for your IIS app pools, sites, and virtual directories. The DSC Generator will also generate Desired State Configuration for the Windows features on your IIS site.

  • Ruby DSL for Creating CloudFormation Templates (Development)
    https://github.com/petardenev/cloudformation-ruby-dsl

    This is a Ruby DSL and helper utilities for building CloudFormation templates dynamically.

    Motivation:
    CloudFormation templates often contain repeated stanzas, information which must be loaded from external sources, and other functionality that would be more easily handled as code, instead of configuration.

    Consider when a user data script needs to be added to a CloudFormation template. Traditionally, you would rewrite the script by hand in a valid JSON format. Using the DSL, you can specify the file containing the script, and generate the correct information at runtime.

    :UserData => base64(interpolate(file('userdata.sh')))

    Additionally, CloudFormation templates are just massive JSON documents, making general readability and reusability an issue. The DSL allows not only a cleaner format (and comments), but will also allow the same DSL template to be reused as needed.

  • Reverse Engineer Server Configuration (Development)
    https://github.com/petardenev/blueprint

    Blueprint looks inside popular package managers, finds changes and configures files, then archives software you built from source. It runs on Debian and RPM-based Linux distros with Python >= 2.6 and Git >= 1.7.

    Blueprint reverse-engineers servers.
    Easy configuration management.
    Detects relevant packages, files, and source installs.
    Generates reusable server configurations.
    Converts blueprints to Puppet, Chef or CFEngine 3.
    No DSLs, no extra servers, no workflow changes.

Skills

  • Languages

    Bash, AWK, Sed, Regex, Java, Python
  • Frameworks

    AWS HA, Spring, OSGi
  • Libraries/APIs

    Jenkins Job DSL, Jenkins Pipeline, Spring LDAP, ODBC, Jira REST API
  • Tools

    Jenkins, Docker Compose, Puppet, Gradle, Maven, AWS EBS, GCC, GPG, Tcpdump, Packer, ActiveMQ, AWS CloudFormation, Terraform, Nagios, ELK (Elastic Stack), Logstash, Fluentd, OWASP Zed Attack Proxy (ZAP), Git, Jira, Confluence, Artifactory, Apache Karaf, Ansible
  • Paradigms

    REST, Scrum, Kanban, Agile, Extreme Programming
  • Platforms

    Docker, Apache Kafka, Nexus, Linux
  • Storage

    AWS S3, AWS RDS, MySQL, PostgreSQL, ANSI SQL, Redis, NoSQL, DRBD, MongoDB, Oracle DBMS
  • Other

    Groovy Scripting, Bash Scripting, Apache Cassandra, Grep, Ant, Secure Copy Protocol (SCP), RSync, NFS, LDAP, Crontab, RPM Packaging, Debian Packaging, VMware ESXi, Debugging, GitOps, DNS, PCI-DSS, PCI DSS

Education

  • Bachelor's degree in Computer Engineering
    2005 - 2010
    Plovdiv University Paisii Hilendarski - Plovdiv, Bulgaria
Certifications
  • Red Hat Certified System Administrator
    MARCH 2013 - PRESENT
    Red Hat, Inc.

To view more profiles

Join Toptal
I really like this profile
Share it with others