Peter Burkholder pburkholder@pobox.com http://www.pburkholder.com Note: This résumé has been sanitized of sensitive personally identifiable data. SUMMARY OF QUALIFICATIONS * System Administrator with a successful record providing reliable computing support for technology development and research. Expert in managing heterogeneous environments of Sun Solaris, RedHat Linux, Windows (2000, XP, 2003) and Mac OS X, and in meeting custom development and production needs. * Web Administrator/Engineer providing reliable web services on the Solaris/Linux, Apache 2.x, and J2EE (Apache Tomcat) application stack. Provides support throughout software development life cycle from implementation planning to deployment, including configuration management, monitoring, troubleshooting, optimization and debugging. * Dedicated to project management across cross-functional teams of system administrators, software engineers, content developers, and end users. Able to self-manage time and resources in dynamic technical environments, and to communicate clearly in written and oral form. PROFESSIONAL EXPERIENCE (Educational Digital Library at Major Federally-Funded Research & Development Center) SENIOR SYSTEM ADMINISTRATOR (May 2002 - September 2006) * Guided the technical infrastructure for a J2EE-based digital library as it grew from 10,000 web sessions a month to over 1,000,000 sessions a month. Administered software development life cycle and configuration management for eight production Apache Tomcat Java servlet applications. Automated deployment of Java web applications from CVS/Subversion with Ant and shell scripts into development, QA and production instances. Provided on-call support, troubleshooting, monitoring, incident notification, and documentation of procedures and best practices. * Grew an ad-hoc collection of three servers into a rigorous infrastructure of ten RedHat Linux (RHEL) servers with Kickstart deployments, CfEngine+Subversion configuration management, NIS+Kerberos directory service and authentication, automated backups, monitoring and alerting. Supervised administration of 80 desktop and portable systems. * Provided outstanding customer support in Windows, Linux (Redhat), Unix (Solaris) and MacOSX environments. Won bids to assume system administration operations for two other programs within our corporation. Expanded from a solo operation to a team of three full-time system administrators. Collaborated with content developers and software engineers. Development and release of (Digital Library) version 2.0 won the "UCAR 2004 Outstanding Accomplishment Award in Education and Outreach." * Corporate service: Established myself as a technical leader within the community of system administrators at (FFRDC). Served on five technical committees. Of note: * Chair: Web Advisory Group (WAG) for 2004-2006. * Chair, Web Security Task Force (2005-2006): Initiated an effort to analyze the state of web application security at UCAR. We analyzed web application development and operation practices and recommended security and training policies. (Ocean Science Research Lab, Flagship State University) INTERIM COMPUTING SERVICES MANAGER / SENIOR COMPUTING SPECIALIST (July 2000 - December 2000) * Managed a team of four staff providing central computing services for a research lab with a staff of 350. Ran network services (DNS, DHCP, mail, etc.) for 500+ nodes. Configured, installed, and managed core servers (Solaris 2.6-2.8, Linux (RedHat and Debian), Windows 2000 and MacOS) for subsidiary groups. Expanded network infrastructure from three Class C subnets to five. Configured and upgraded Sendmail, bind, dhcp, ftp and printing services. IT SECURITY MANAGER / SENIOR COMPUTING SPECIALIST (March 2000 - July 2000, December 2000 - July 2001) * As the lab's first manager of IT security, implemented a program of vulnerability scanning and patching, system administrator education, automated hardening, and a formalized incident response and forensics program. Built relationships with over 50 scientists and engineers to identify and resolve host and network security issues. Practically eliminated email viruses with server-side mail scanning. Implemented automated patching for Sun Solaris and Linux (RedHat, Debian) systems, and formalized system hardening. Enforced migration to secure protocols for remote access. Developed and led a Linux security workshop for scientists and engineers. Wrote policies, procedures and technical training materials. Exploits of Unix-like workstations reduced by over 75% over twelve months. GEOPHYSICS PROGRAM, (Flagship State University) RESEARCH SCIENTIST (August 1998 – March 2000) * Managed the "Spyder" system on Sun Solaris 2.6 for gathering global seismic data and providing web data access. Upgraded CGI code in C and Perl for newer data formats and eliminated Y2K bugs in C, Perl and tcsh/bash code. Ran eight Linux (RedHat and Debian) workstations. Developed MySQL database for managing station and event data. DEPARTMENT OF GEOPHYSICS, ( Reputable University in Developing Nation ) – 1998 SYSTEMS ENGINEER / FIELD ENGINEER (March 1997 - August 1998) * Installed and serviced 14-stations of a 55-station portable seismograph network with US and southern Africa research institutions. Served as primary regional technical resource for program collaborators in South Africa, Botswana, and Zimbabwe. Led a two-day "Unix for Geophysicists" workshop for geophysicists and graduate students from across southern Africa, and developed majority of the curriculum. * Expanded department's computing lab from one workstation to five Sun Solaris (1.x and 2.4) and Irix systems, and put them on the Internet. Built workstations from donated parts, isolated and repaired board-level failures. Collaborated with graduate students from a wide variety of backgrounds on using Unix for geophysical research. (Major Newsweekly) , New York, NY SCIENCE REPORTER (Summer 1996) Under the auspices of the AAAS Science and Mass Media Fellowship, reported on breaking science stories, wrote copy and pitched story ideas at a major newsweekly. DEPARTMENT OF GEOLOGY & GEOPHYSICS, (Major Research University) RESEARCH ASSISTANT (1991 - 1996) While pursuing Master's degree, operated SunOS and Solaris workstations, wrote C programs and shell scripts to analyze seismic data, and prepared reports, papers and presentations. Conducted five major field geophysics campaigns: two seasons installing and operating an array of portable seismographs in the Lake Baikal region of souther Siberia, and three seasons conducting passive and active seismic experiments in Antarctica. Assumed primary responsibility for field IT operations and data integrity. PUBLICATIONS & PRESENTATIONS "SSL Man-in-the-Middle Attacks," SANS Reading Room,http://www.sans.org/rr/whitepapers/threats/480.php. "Under the Hood with Plone," (FFRDC), April 2006. "The RT3 Trouble Ticket System," (FFRDC), December 2004. "Shibboleth: Privacy-Preserving Authentication for the Web," Web Advisory Group, October 2004 "Subversion: An alternative to CVS," Colorado SAGE Meeting, February 2004 "Securing Web Applications," ISSA Denver Chapter Monthly Meeting, April 2002 "SSH and SSL for SysAdmins," Colorado SAGE Meeting, November 2001, and ( Major Univeristy ), January 2002 "Linux Security Essentials," a two-hour course for researchers self-administering Linux systems on patching, system scanning, and ipchains, ( Ocean Science Lab ) "Unix for Geophysicists," a two-day course on shell commands, essential system administration, and using geophysical analysis tools. Johannesburg, South Africa, June 1998. EDUCATION & HONORS MS Geophysics / Seismology BA Physics, cum laude, 1987 Honors: Phi Beta Kappa, National Merit Scholar PROFESSIONAL AFFILIATIONS System Administrators Guild (SAGE), USENIX, League of Professional System Administrators (LOPSA), American Geophysical Union, Electronic Frontier Foundation KEYWORDS AND SKILL SUMMARY Web Administrator, Web Engineer, System Administrator, IT Security, Web Security, Web Infrastructure, 24x7, Java Web Applications, J2EE, Unix Relocating to Washington DC, suburban Maryland, or northern Virginia-- available immediately. Area codes: 202, 301, 703 Operating Systems and Platforms: Sun Solaris (1.x - 2.9)/Sun Sparc, Linux 2.4/2.6 - Intel/x86 (RHEL, Fedora, Ubuntu, Debian, and other distributions), MacOSX, OpenBSD, Windows 95-XP/2003 Infrastructure: Kickstart, CfEngine, LDAP, Active Directory, NIS, ntpd, bind, dhcpd, NFS, Samba, lprng, cups, Amanda, DRBD, heartbeat, VmWare (workstation and server), DAS, SAN, NAS, Tape Libraries Web Servers and Applications: Apache Tomcat 4.X, Apache Tomcat 5.X, Apache webserver 1.3, Apache webserver 2.0, Zope/Plone, Nutch, Swiki, MediaWiki, RT3 (trouble tickets), Webmin, UserMin, Ruby on Rails, PHP, Mason, Typo, MySQL, PostgreSQL, SQLite Web and Network Protocols: HTTP, CGI, SSL, JSP, Servlets, CSS, cookies, TPC/IP, SMTP, IMAP, SMTP, DNS, NTP Change Management: Subversion, svn, svk, CVS, Make, Ant, Capistrano/SwitchTower Monitoring and Logging: Nagios, Spread/SpreadLog, Syslog, Syslog-NG, swatch, Big Brother Programming and Scripting Languages: Unix command line, Unix shell scripting, Perl, Ruby, Python, bash, Korn shell, Expect, C, Java, tcsh, tcl/tk Mail Services: Sendmail, Postfix, Majordomo, Mailman, UW-IMAP, Dovecot, SpamAssassin Security: SSH, OpenSSL, mod_security, iptables, Nessus, nmap, snort, ethereal, tcpdump, ssldump, snoop, ngrep, Scotty, crack, tripwire, IPSec (FreeS/WAN), PGP/GnuPG, TCT (coroner's toolkit) Scientific Applications: Matlab, Mathematica, Seismic Unix, GMT, IDL Other Applications: Enact Project Management, Basecamp Project Collaboration