Danny Sauer
resume@dannysauer.com - 217-314-9149
Objective: To find a job where I can perpetually learn while continuously working to automate myself out of a job.
Work
Experience:

Senior Linux OS / Automation Engineer - State Farm Insurance, 2015-present

  • Convert existing CFEngine 3 infrastructure to Puppet 4
  • Convert several existing one-time configuration scripts to continuous-validation native Puppet logic
  • Develop and tune PostgreSQL configuration management database
  • Develop utilities and scalable, geographically-distributed web services using ksh93, perl, and python languages, backed by etcd and PostgreSQL data store
  • Provide third-level enterprise Linux OS support (~200K virtualized kernelspaces; mix of RHEL/CentOS and Ubuntu)
  • Implement enterprise-wide Prometheus / Grafana / ElasticSearch centralized monitoring / logging / alerting system
  • Provide consultation on various Linux OS configuration and automation issues to business partners through project assignments
  • Employ Kanban and SAFE Agile methodologies for service-oriented work
  • Work within a geographically-distributed team which unified formerly separate Security and OS support
  • Consult on migration to new compute environment (hostnaming convention, system bootstrap design, etc)
  • Participate in third-level 24x7 on-call rotation
    • Respond to incidents escalated from second-level support
    • Own and resolve problem records
    • Develop knowledge items for use by first- and second-level teams
  • Use ITIL-based change control process to deploy environmental changes
  • Automate software deployments using in-house Gitlab/Jenkens infrastructure

Tier 3 Unix Security Problem Management - State Farm Insurance, 2006-2015
(contract via TekSystems 2006-2008; direct 2008-2015)

  • architect and oversee deployment of CFEngine to a mixed Unix environment
    • Planned multi-year project to convert ~80K lines of shell and perl scripts to native CFEngine policy / self-service web application
    • Developed database back end to serve as central store for security configuration and all security configuration information (sudo rules, account attributes, system access permissions, system classification, ssh keys, etc)
    • Designed and implemented software version control repository for all CFEngine and Webmin module code, with hooks for automated deployment, defect tracking integration, and peer review, and transparent structured deployment
    • Designed and implemented self-service web applications using Webmin framework and several custom modules (Perl) for ~50K end-users
    • Designed and implemented active-active management cluster with geographic fail-over, primarily using Gluster and Postgres behind pgpool-II with etcd-based heartbeat
    • Replaced legacy form-based non-automated system
    • Added complete accountability for all security attributes on all managed Unix platforms, improving auditability
    • Enabled systems to self-repair all known security configuration items (~43,000 checks done every 15 minutes as of mid-2013, will be over 100K by project completion)
    • Integrated with concurrently-developed Puppet environment.
      • Install CFEngine through Puppet manifest
      • Develop custom facts using Ruby and JSON to share information between CFEngine and Puppet
      • Work with Puppet support area through regular sync meetings to ensure appropriate separation of duties and avoid managed resource collisions
  • diagnose and resolve unique issues on Unix platform (HP-UX, AIX, Linux (primarily RHEL and SLE))
  • share knowledge of advanced Bourne shell and Perl scripting
  • develop scripting style guide and code beautifier for ksh scripts
  • develop scripts for first and second level tech support staff to use, primarily in Ksh and Perl
    • developed multi-platform single-pass user synchronization tool (soon to be open-sourced)
    • completely rewrote interactive user management tool
    • developed automated system security auditing tool
    • developed several tools to enforce consistency of security configuration, such as sudo management, kerberos configuration, password generation, ssh key management, etc
  • Participate in third-level 24x7 on-call rotation
    • Respond to incidents escalated from second-level support
    • Respond to incidents directly opened by business partners and automation
    • Own and resolve problem records as problem management team
    • Develop knowledge items and procedures for use by first- and second-level teams
    • Own and maintain configuration items
  • Deploy environmental changes following ITIL-based change control process
  • mentor newly-hired / less experienced security analysts
  • advocate and drive adoption of open source software products
  • work with business partners with varying backgrounds to identify and communicate potentially complicated technical and security issues
  • provide Unix security consultation for business partners
  • maintain high-level knowledge of various regulatory / audit requirements inherent in a domestic multi-line insurance and banking company which processes credit card payments (PCI, SOX, GLBA, HIPAA, etc)
  • set policy for future Unix environment growth and usage, accounting for management tool scalability and anticipated business requirements

Technical Reviewer - Packt Publishing, 2014

  • Identify and correct technical issues in PostgreSQL Cookbook​ (ISBN 139781783555338)
  • Provide feedback on draft copies of chapters within 2-3 days of receiving the chapters
  • Topics included common Postgres administration tasks, including data optimization, interaction using various programming languages, and management of extensions.

Technical Reviewer - Packt Publishing, 2013

  • Identify technical issues in Webmin Administrator's Cookbook (ISBN 9781849515849)
  • Provide feedback on draft copies of chapters within 2-3 days of receiving the chapters
  • Topics were common UNIX (Primarily Linux) cross-platform administration tasks, often performed through a web interface
  • Several pieces of feedback were included as sidebars in the final book

Applications Benchmarking Engineer - Intel Corp., 2005-2006
(contract position)

  • Assemble, configure, test and debug production and pre-production hardware in a clustered, high-performance environment, generally running RHEL 3.x and 4.x as well as SUSE Linux
  • Configure HP and Linksys managed switches for performance Gigabit Ethernet interconnects, as well as managing and configuring Myrinet and Infiniband interconnects using a variety of products
  • Develop new and maintain existing scripts for automation and validation purposes, using primarily Perl and Bash.
  • Rewrite, reorganize, and expand roughly 12,000 lines of Perl, finishing and correcting the rough implementation started by a previous contractor while making the coding style consistent and more modular. 90% of the script was rewritten, and the codebase roughly doubled in size from the new features.
  • develop moderately complex Perl framework for gathering, collating, and graphing performance benchmarking information
  • Actively share knowledge of Linux operating system and Perl with members of the Cluster Development team as well as with the local IT department.
  • Assist in diagnostics of other computing areas as appropriate

Network Systems Administrator - Teleologic Learning Co., 2000-2005

  • Maintain all Internet services, including www, smtp, ftp, cvs, subversion, mysql, DNS, etc. Manage redundant servers in most cases.
  • Research, recommend, and assemble new network workstations
  • Maintain mixed Win9x/Mac/Linux network workstations
  • Provide workstation support for local and remote (either at home offices or connected via VPN) employees
  • Developed a ~2000 line Perl script and an associated markup language which reduced roughly three weeks worth of work down to under one minute, and reduced web developer staffing requirements 30% while greatly increasing Content Developer productivity and content reusability
  • Developed a tree-based Java program distributed via Java WebStart which allowed simple editing of fields within a structured XML file from within a .zip file without requiring the end user to know that they were using XML or .zip (SCORM-compliant manifests edited from within packages SCOs)
  • Maintain and upgrade internal data network and phone system, including basic configuration of managed switches and Cisco equipment
  • Maintain Internet connectivity, including the planning and construction of Linux based firewalls (both whitebox and embedded) using iptables and ipchains rules generated by hand.
  • Automate server and network device tasks using scripts written in a variety of scripting languages, generally Bourne shell and Perl.
  • Monitor system and network uptime using custom scripts as well as pre-written systems such as MRTG, NetSaint/Nagios, Big Brother, NetSNMP, etc.
  • Manage security patches on various Linux distributions, Windows, and OS X, as well as performing periodic security audits / penetration testing using tools such as nmap, and Saint.
  • Monitor network security using Intrusion Detection tools including Snort and Acid, as well as diagnostic tools such as Ethereal, Etherape, ntop, etc
  • Develop server-side and client-side web scripts using PHP, JavaScript, Perl, MySQL, HTML, Cold Fusion
  • Provide JavaScript and PHP training to developers

Unix Administrator - Parkland College, 1999-2000

  • Plan and implement conversion of student BSDi labs over to SuSE Linux
  • Research and implement web-based ~10K student email system using LDAP, Courier IMAP, Postfix, and Gnu Horde
  • Develop custom LDAP user management utilities using Perl and Net::LDAP both for CLI and web-based tools, some of which were open-sourced and given back to the Internet community
  • Maintain Linux lab and student email system
  • Provide basic faculty Linux training
  • Supervise and train student Linux administrator

Part-time Microcomputer Specialist - Parkland College, 1998-1999

  • Install + maintain Win 9x lab and faculty workstations
  • Provide application help-desk services
  • Co-supervise student employees

Student Microcomputer Specialist - Parkland College, 1998

  • Assist with maintenance of Win 9x lab and desktop workstations
Skills:

Operating Systems

  • Linux - 18+ years

    • LPIC-1 (Linux Professional Institute Certified)
    • LPIC-2 (Linux Professional Institute Certified)
    • SuSE, Slackware, YellowDog, LinuxPPC, Redhat (RHEL, Redhat, and Fedora), Gentoo, Ubuntu, Debian, Knoppix, custom systems, etc
  • HP-UX - 7 years
  • AIX - 7 years
  • Win 3.x/9x/NT/2K/XP - 12 years cumulative
  • MacOS X/classic - 6 years cumulative

Programming Languages

  • Perl, Bourne shell (ksh, bash, posix sh), CFEngine, awk, PHP, SQL (Postgres, MySQL), HTML, JavaScript, Puppet, Java, C, C++, PIC assembler, Python

Web Servers

  • Apache, Boa, Thttpd, Roxen, custom

Email Systems

  • Postfix, Sendmail, Procmail, Courier Imap, Qpopper, Imp, IMHO, SquirrelMail, SpamAssassin, DSpam, DBMail

Various

  • navigation of large organizations, working independently and with a team, working to help people with varying levels of familiarity to understand complex technical concepts
  • network debugging, intrusion detection, various Internet services, backup/recovery, PC component assembly, network design, DHCP, DNS, LDAP, NIS, Samba, rsync, PIC mid-range microcontrollers, Arduino, HPC, RAID, LVM, EVMS, PPP. Some Cisco, including PIX firewalls (20-node multi-platform home network is behind a Linux firewall with a PIX DMZ and Cisco managed and unmanaged switches connecting the Internet servers and internal workstation. Cisco security certification pending)
Education:

University of Illinois at Springfield

  • BS Computer Science, security emphasis