Personal profile

At the moment, my current specialization is a Linux System Administrator with knowledge of building DevOps processes.
You can obtain detailed CV in PDF format via email request.

Competencies and activities:

DevOps Engineer

• Converted the control system from cgit/Gitolite + Puppet to comprehensive pipeline integrating GitLab CI + Ansible, reducing writing of rules by 35% and manual tasks by 25%.
• Organized the technical separation of the developers environment from the organization infrastructure, as well as was involved in GRC (Governance, Risk and Compliance) policy creation.
• Installed and configured HashiCorp Vault integration with GitLab to provide security for credentials, tokens, API keys, and other sensitive data.
• Wrote numerous Ansible PlayBooks for setting up various services and applications related to day-to-day administration tasks.
• Was engaged in basic implementation of ChatOps tools.
• Wrote a bot in Python for sending notifications, monitoring and management based on Matrix protocol and an Element messenger for mobile phones and employee workstations.
• Configured GitLab CI integration with Matrix for continuous tracking of configuration changes.
• Documented end-to-end process using Sphinx and GitLab Wiki.

Linux System Administrator

• Worked on building a closed infrastructure according to the Zero-Trust concept, including servers in different geographies, connected to On-Premises equipment.
  The infrastructure included Cloud frontend NGINX, HAProxy and network load balancing to internal servers and application services.
• Implemented advanced Nginx logic for connection flow using Lua modules.
• Performed a full infrastructure audit to minimize the attack surface, every entry-point was hardened by ultimate configuration and best practice recommendations.
  Additionally organized services separation and migration to KVM and/or LCX/Docker with applying minimal possible system rights, MAC, subuids/subgids shifting.
• Configured infrastructure orchestration using Puppet based on the VCS cgit+Gitolite, reducing the need for manual management by 85%.
• Optimized kernel parameters, reaching OpenVPN speed of 99.5% of the channel throughput.
• Maintenance of several GIT mirrors with custom branches of services with adaptations for a specific use environment.
• Maintained and adapted the software to the tasks of the environment and equipment:
  patching, compiling from sources, setting up automatic checking and installation.
  kernel, qemu-system, plan9fs, zfs, nginx modules, etc...
• Solving small routine tasks by writing custom scripts in Bash/ZSH/Python, when necessary, using loading dynamic parameters from GIT.
• Setting up internal corporate services: Matrix synapse / Element, Nextcloud.
• Was performing a security audit of systems, writing rules for Apparmor, was configuring monitoring and reporting of system checks, produced by Lynis, rkhunter, chkrootkit, ClamAV.
• Good skills in vulnerability assessment using various tools like Wireshark/Tshark/tcpdump, Burp Suite, Suricata IDS/IPS, ZMap/Nmap;
  ° prevention of website crawler,
  ° prevention of infrastructure intelligence attempts with scanners,
  ° sniffers and other malicious activity.
• Implemented custom Honeypot algorithm against website crawlers, based on analysis of bot activity surface, User-Agent and TLS Fingerprint combination, and consequently: blocking the activity of 95% of robots.
• Experienced in numerous of obvious duties, like initial system installation, configuration and upgrades;
  ° package management;
  ° resolving system, hardware, application and network errors;
  ° security rights management, user/group permissions;
  ° process monitoring.
• Engaged in the writing documentation, descriptions of equipment and processes.

Web Developer

• Was engaged in the creation of websites from ideas, visual concepts and sketches to a fully functional code with complete graphics design.
• Developing and integrating custom themes for WordPress, Joomla, phpBB, vBulletin.
• Built numerous custom websites and landing pages, only using pure HTML, CSS, PHP, JavaScript and JQuery, without CMS.
• Optimized and accelerated site loading with simultaneous reduction of numbers of connections to server, resulting in a 50% reduction in page load and render times for client applications.
  ° redraw separated layout images to complex single CSS-sprite;
  ° used JavaScript/CSS compressor and advanced PNG Compression tools to achieve scripts size minimization by 55% and graphic assets size reduction by 45%;
  ° configured implementation of Memcached caching system
• Responsible for management and updating the company's websites and administering forum.

SEO Advisor

• Performed a full SEO audit for profiling, optimization and refactoring of existing CMS templates.
• Was engaged in creating a semantic core and SEO Strategy for clients' websites to achieve organic traffic.
• Organized websites' initial promotion with customized SMM/SEM technique.

Graphic designer

• Designing visual concepts and logotypes for websites and digital products identities.
• Created complete graphic Layouts for User Interfaces, including UX functionality concepts, wireframing and prototype.
• Performed stylistic integration of all UI Components such as Logos, Headers, Navigation Buttons, Banners, Backgrounds, Font-styling, Icons, etc. to follow the main design idea.

Experience

• DevOps IaC, GIT, GitLab, Ansible, Puppet, Kubernetes
• System Debian and its derivatives, FreeBSD, CentOS
• Utilities virtualization: KVM, LXC, Docker; web-servers: Nginx, Apache; databases: PostgreSQL, sqlite;
• Scripting Python, Bash, Zsh
• Cryptography openssl, WireGuard, OpenVPN, luks, tls, dpi, gpg
• Network ip, iptables, nft, iproute2
• WebDev HTML4/5, XHTML, XML, CSS2/3, JavaScript, JQuery
• Design Adobe Photoshop, Adobe Illustrator, GIMP

Languages

• English Advanced
• Русский Native
• Italiano Intermedio
• Українська Proficiency