Monday 17 March 2008
| Revision History | ||
|---|---|---|
| Revision 0.1 | 17 Jan 2005 | ts - tim@buttersideup.com |
| First draft, incomplete | ||
| Revision 0.9 | 18 Apr 2005 | ts - tim@buttersideup.com |
| First release of DocBook version | ||
| Revision 1.0 | 19 Apr 2005 | ts - tim@buttersideup.com |
| Minor updates, workarounds, etc. | ||
| Revision 1.1 | 19 Apr 2005 | ts - tim@buttersideup.com |
| More minor updates, workarounds, etc. | ||
| Revision 1.2 | 19 May 2005 | ts - tim@buttersideup.com |
| Change in availability. | ||
| Revision 1.2 | 20 Dec 2005 | ts - tim@buttersideup.com |
| Add EADS Astrium, and other experience | ||
| Revision 1.3 | 1 Mar 2006 | ts - tim@buttersideup.com |
| Minor edits, availability | ||
| Revision 1.4 | 2 June 2006 | ts - tim@buttersideup.com |
| Minor edits | ||
| Revision 1.5 | 19 July 2006 | ts - tim@buttersideup.com |
| Minor edits | ||
| Revision 1.6 | 17 March 2008 | ts - tim@buttersideup.com |
| Update Availability to point to SEOSS main page | ||
Table of Contents
Tim Small
<tim@buttersideup.com>
Brighton & Hove
East Sussex
United Kingdom
+44 (0)7970 057284
Nationality: British
| Notice Period: | N/A |
| Start Date: | Please see http://www.seoss.co.uk/ |
| Preferred Locations: | Commutable from Brighton (United Kingdom) (e.g. London, Sussex, Surrey, East Hampshire) |
| Other Locations: | Other locations considered for short term projects only |
| Role Sought: | Unix/Linux/Development/Embedded/Security/Systems/Networks |
| Type: | Normally Contract Only (will consider permanent positions in Brighton only) |
The latest version of this CV, information on current availability, further material, and
this CV in alternative document formats - e.g. HTML (web page), PDF (Adobe Acrobat format), RTF (which you can view and edit in Microsoft
Word), is available at http://www.buttersideup.com/wpad/consultants/timsmall/
.
Agencies - please check the web page for current information in the first instance.
Highly Experienced Linux Engineer
Sound Theoretical Knowledge
Experience in Semiconductor, Communications, Financial, and Scientific Research sectors
Management/Team Leadership
Linux Kernel Maintainer
My best-fit projects encompass Linux-based development and/or systems design, on business and/or embedded systems. I am particularly suited to hybrid positions.
I have knowledge spanning a wide variety of IT disciplines, as well as familiarity with a variety of engineering and scientific topics. As a result I particularly enjoy projects that can benefit from cross-disciplinary approaches. I adapt rapidly to new environments, and enjoy challenging projects. Whilst Linux is my platform of choice, I am also proficient on Microsoft platforms and other Unices.
I have an in-depth knowledge of Linux distributions (particularly Debian and Redhat), high reliability environments, hosting, computer hardware, operating systems architecture, open source tools, and networking technologies (across all layers).
This wide overview helps greatly with tasks such as application design, performance tuning and security.
My commercial experience includes new startups, a Fortune 500 company, and an Internationally renowned research establishment. I have carried out work in the UK, the US, and continental Europe. My past roles have included team leadership and recruitment responsibilities.
I have successfully carried out projects involving the creation, and support of business-critical infrastructure - from planning, through deployment, to hands-on support and rolling upgrades.
Embedded projects which I have undertaken include control of highly complex industrial systems, and high reliability military communication systems (for which I underwent an MOD security check).
| POSIX | Linux (user, and kernel space) | Embedded systems | Solaris (application) |
| Win32 | DOS |
| C | C++ | Perl (CGI, DBD) | (X)HTML | XML |
| SQL | Java | x86 assembly | 680x0 assembly | Bugzilla |
| Booch | GCC / GNU tool chain | Flex and Bison | gdb | Visual C++ |
| CVS | Rational Rose | Prolog | Miranda | distcc/ccache |
| Linux | NetBSD | Windows 3.x | Windows NT family | |
| Solaris | FreeBSD | Windows 9x | Heterogeneous environments |
My Linux experience includes the Debian, Redhat, (including Fedora Core, and Enterprise AS), and Slackware distributions, on x86, x86-64 (AMD64), ARM, SPARC, MIPS, and Alpha hardware. My use of NT family products includes NT3.51, NT4, Windows 2000, XP, across Terminal Server, Server, Workstation, Professional, and Embedded Editions.
| Application security, and exploitation techniques | Firewalls (e.g. iptables) |
| Infrastructure, and risk evaluations | IDS (e.g. Snort) |
| Security policy definition | Real-time Virus scanning |
| Incident forensics, and recovery |
| LDAP - OpenLDAP | NTP - INND |
| SMTP - Sendmail, Postfix, DSPAM, ClamSMTP | SMB - Samba |
| DNS - Bind8, Bind9, NSD | SSH - OpenSSH |
| HTTP - Apache, IIS, Squid | SQL - MySQL, PostgreSQL, DB2 |
| Routing | VPNs (PPTP, L2TP, IPsec) | ARP/RARP |
| Firewalls | Clustering | NFS/SunRPC |
| Connection tracing + debugging | Load balancing | Differentiated services (QoS) |
| Proxying | IP fail-over/take-over | Fair queueing |
| NAT | DHCP/BOOTP |
| Structured cabling | Wireless (802.11b/g) | GSM/GPRS |
| Managed switches | Long distance 802.11b links | VLANs (802.1q) |
| Routers | xDSL | (Rapid) Spanning Tree Protocol (802.1d, 802.1w) |
| Ethernet (including gigabit) | ISDN | PPP |
| 19" rack layout and cabling | Flash storage (esp. for Linux systems) | Soldering (including some SMT work) |
| CompactPCI, and PMC/PrPMC | Electrical power distribution | Test gear and diagnostics |
| Production-line test software | Cooling and HVAC | PC remote management hacks |
| x86 hardware (in depth) | Structured cabling | RF principles and techniques |
| Server specification and purchase | Digital electronics | Simple microwave antenna design |
| Redundancy and reliability (e.g. RAID) | Simple analogue electronics | ARM, SPARC, and MIPS hardware |
| Storage Technologies | 1Wire Bus |
Collyer's Sixth Form College, Horsham, W.Sussex, UK
I attained the following grades at A-Levels: Chemistry - B, Maths - A, Physics - A. I also attained a grade of Merit at S-Level Maths.
I carried out work for EADS Astrium on the Paradigm Modem project. The Paradigm modem combines a large amount of bespoke hardware and Linux on commercial embedded x86 hardware, and provides the communications end-points (ship-borne, and ground based) for the UK MOD's Skynet 5 secure satellite communications project.
EADS Astrium are a major international manufacturer of spacecraft, current and past project include Astra 2B, Mars Express, Venus Express, Galileo, and Meteosat.
Areas of the Paradigm Modem project with which I have been involved include:
Diagnosing hardware memory subsystem problems (including creating a Linux kernel module for the Linux EDAC project, which is tailored to the memory controller of the embedded chipset in question, and feeding back these changes to the Linux kernel maintainers)
Creating software for production-time testing of in-house hardware, and liaising with hardware manufacturing subcontractors
Creating a device driver for the Intel 21555 non-transparent PCI bridge chip, for communication between multiple Linux systems over a shared PICMG CompactPCI backplane
Adapting the Linux PIIX EIDE device driver to the embedded chipset in use by the project
Debugging in-house hardware implementation (e.g. PCI IRQ routing), feeding back to hardware designers, and creating workarounds in the Linux kernel where necessary
Customisation of PrPMC (processor card) interrupt priorities to provide necessary latencies for real-time tasks
Supplying Linux technical support and advice to other developers on the project
Stress testing, evaluation, and supplier feedback for COTS hardware
Communication with other EADS Astrium software development teams on integration issues with the Paradigm Modem
Customising mainstream Linux packages for embedded operation
Reliability analysis, and design feedback for memory and solid-state storage subsystems
Improving developer infrastructure (e.g. deployment of an in-house wiki, development server reorganisation)
Consultancy on the use of 1-wire bus (iButtons) as part of the project
I was originally engaged by Semantico to carry out Perl programming tasks, and worked with them to assist with time-sensitive development projects. I was able to make major improvements to Semantico's infrastructure - particularly in the areas of manageability, security, and reliability. My work culminated in the hand-over of systems support duties to a new permanent system administrator.
Semantico are a Brighton-based company, whose clients include major reference publishing houses, such as Oxford University Press. Semantico provides a complete outsourcing service for subscription-based on-line versions of traditional paper reference works. A product such as the award-winning Oxford Reference Online contains over a hundred paper titles in a single web site. Semantico's products are written in a combination of Perl, and Java. They make extensive use of XML, PostgreSQL, and Debian.
I managed Semantico's migration from Redhat to Debian, and from managed server based hosting solutions to their own colocated rack-space (providing increased value-for-money, reliability, and manageability).
The projects that I have carried out for Semantico include such tasks as:
Perl programming (e.g. HTML Mason work, performance tuning and analysis, session locking)
Server purchase, setup, testing and deployment
Software architecture design
Server platform design
Extensive server remote management, and monitoring
Research and deployment of Linux x86-64 based servers
Deployment of Redhat Enterprise Linux AS2.1 on HP Proliant hardware
Deployment of IPMI, HP "Lights-Out" and other remote management solutions
Deployment of Debian 3.1 (Sarge) on Intel SR2300 hardware
Hardware, OS, and application resource usage tracking and trend-analysis
Hosting deployment
CoLo deployment
Incident analysis
3rd line technical support
Developer support
Supplier and client liaison
Infrastructure evaluation and improvement
Security
Work area acoustic management
Electrical infrastructure loading analysis and troubleshooting
Infrastructure documentation
Firewall, mail system, LDAP, DNS infrastructure overhaul/replacement
Following changes in focus and staffing at NexNix, I was asked to provide analysis, and recommendations for this small Horsham based computer supplier and audiovisual systems specialist.
Important aspects of the project included:
Security
Identifying solutions appropriate to changing staff skills within the organisation
Providing value for money solutions
Outsourcing DNS, web and mail services where appropriate
Recommending appropriate 3rd party service providers
Transition planning
I have recently made use of the Linksys NSLU2 NAS product to create a customised low-power (9watts max) wireless router. This cheap, and capable hardware (£50 for a 266MHz Intel StrongARM, with Ethernet, and USB2 interfaces, 32MiB of RAM, and 8MiB of NAND flash) provides an excellent platform for the OpenEmbedded Linux distribution, which I customised to my own purposes for this deployment.
I have carried out extensive property renovation, which has given me a solid knowledge of subjects such as the IEE Wiring Regulations (16th Edition). This knowledge has been helpful during subsequent large scale systems deployments, from both a reliability, and safety point of view. In my experience, this is a blind spot for the majority of systems planners.
I am interested in wireless networking, and home automation. I helped to set up a local community wireless ISP, and have carried out work on the Linux kernel drivers for the Atmel at76c503a USB 802.11b chip (http://at76c503a.berlios.de), work on the ALSA project (Advanced Linux Sound Architecture) USB-audio kernel driver, in conjunction with a USB-audio based SPDIF i/o device. Secure, long range 802.11b links (over a mile) using high gain antennas, and VPN software. I have also debugged IRQ routing within the Linux kernel for the Texas Instruments PCI1031, and related PCI<->PCMCIA bridge chips.
I have also been working on a Java based HVAC (Heating, Ventilation, and Air Conditioning) control system, utilising a network of 1wire bus remote temperature sensors, connected with cat5 cable. Initial control hardware is a PC running Debian Linux.
Based in Brighton, East Sussex, UK, I worked full-time for Digitalbrain PLC, as Head of Internet Systems
Digitalbrain PLC is Britain's leading online educational content, and
managed learning environment provider. They also manage public, and
private sector educational portals, such as the London Grid for
Learning (http://www.lgfl.net/)
Originally employed as sole system administrator, I oversaw the growth of the company's system administration team to a total of 6 (while the company grew from 20, to nearly 100 employees).
Important aspects of the role included:
Team management and hiring
Operating 24/7 services in a rapidly growing environment
Web serving infrastructure, architectural design, and day to day management
Developer support (tools, and environment as well as OS related technical support)
Security of internal, and external systems - including company-wide security policy and standards
Advising, and assisting with product architecture and direction
Communicating with, and advising, senior management
Communicating with suppliers and customers
3rd line technical support
Notable areas that I worked on included:
Managing the release of updated versions of the company's products on live web servers, including testing, live-environment simulation, and change management elements
Minimising planned, and unplanned down-time of customer-facing, and internal network services
A distributed compilation system for C++ - utilising over 30 CPUs with a perl/ssh system, co-developed by myself and a colleague - use of the system increased developer productivity by slashing compilation times
Performance tuning, and testing of a C++ based in-house Apache module
Quicktime media support for an in-house Apache module (size interrogation for layout purposes)
Porting C++ Apache module, and development environment from FreeBSD to Linux
Web server configuration tool in Perl, for developer, and production web sites
Refactoring and extending Perl-based developer tools (in-house "make" replacement etc.)
Monitoring, and reporting of, faults, utilising 'mon', with altering via email and GSM/SMS. With an emphasis on redundancy, I wrote extensions to 'mon' in Perl, e.g. to interface Nokia mobile phones directly to the monitoring servers to provide a reliable two-way SMS alerting and acknowledgement
Evaluation and deployment of hardware for mobile emergency on-call administration
NOC status display, based on a PC with multiple video cards and large monitors
SNMP based performance monitoring for web servers, with logging and graphing
Load balanced pair of redundant Linux web server directors, using IPVS (IP takeover), and LVS (TCP level load balancing)
Secure, load balanced DNS deployment, utilising Bind
Developing low cost, high density storage servers, utilising IDE RAID (3ware cards)
Developing low cost RS232 based management system, involving serial consoles, serial BIOSes and custom hardware to support hardware reset via RS232 (relay driven by DTR signal) and RS232 over RJ45-based structured cabling - for ease of maintenance and deployment
Purchasing and deploying high density web server array (30x Rackable Systems dual Xeon, "half-U" systems)
Deploying remote office Linux servers (VPN, Squid Transparent Proxying, SAMBA, LDAP, with remote management and backup)
Migrating developer workstations to Linux on the desktop, utilising OpenOffice, Mozilla and rdesktop to provide remote access to a Windows 2000 Terminal Server
Deploying account management via OpenLDAP, NSS-LDAP/PAM-LDAP, Samba-LDAP to manage Windows and Linux computer accounts + user information in one central database
Migrating mail servers from FreeBSD/Sendmail/pop3d to Linux/Postfix+SASL+SSL/Courier POP3+SSL,IMAP4+SSL for improved maintainability and security
Managing an internal x509 Certificate Authority, and associated SSL certificates for secure mail and web access
Acquiring, and managing, certificates issued by commercial Certification Authorities (e.g. Verisign etc.)
Running, and updating, company DNS zones (for multiple domains, including customer domains) and DNS serving infrastructure (including load balancing)
Utilising journalling filesystems (ReiserFS, ext3) for increased reliability
Investigating, testing and utilising various kernel patches (e.g. ATA133 48bit large disk support, VLANs, reverse mapping VM, ACLs)
The creation of a system for automatic application-level file replication, implemented in C++ and perl
Deploying a secured NFS network using VLANs for high performance, with minimum network infrastructure cost and impact
(European Organisation for Particle Physics Research)
Near Geneva, French/Swiss border
1 month contract (extended for a further 2.5 weeks)
Short contract to implement a system for automated roll-out of large numbers of Linux systems on differing hardware. The project involved storage of machine information, and discovery of this information. Project implemented using PHP4, Apache, Kerberos, ODBC (unixODBC), PostgreSQL, SMTP, DHCP/TFTP and shell scripting. Principle OS - Redhat Linux.
Travelling (Italy + Uganda). Incorporating ten days consulting for three businesses in Uganda.
Horsham, West Sussex, UK & Santa Clara (Silicon Valley),
California, US http://www.appliedmaterials.com
Approximately 3.5 years (1.5 contract, 2 Permanent).
Applied Materials is the world's largest manufacturer of Silicon Wafer fabrication equipment, and is a Fortune 500 company. It employs around 250 people at its Horsham site, and around 13,000 worldwide.
I carried out several roles at Applied Materials, including periods as a system administrator on SunOS, and Solaris (with an emphasis on security, and problem solving using open source software).
Tasks included the design of a preprint image processing system, and enhancing Unix to PC connectivity (including specifying and installing Samba, and Winframe).
Following graduation, I spent six months at the corporate headquarters in Silicon Valley. The majority of this time was spent writing configuration utilities for a SunOS based machine control system, using Perl and Tk. Other work included setting up from scratch, and administering a web server using Linux and Apache on Sparc hardware.
After my return to the UK in August 1998, I worked with a team of around 15 software engineers, developing control software for a new silicon wafer ion implantation machine, based on Windows NT 4.0. My responsibilities included:
GUI design and implementation (using VC++)
Troubleshooting
Specification
Planning
Benchmarking
Configuration
Research of PC hardware, NT
Troubleshooting networking issues
Supplier liaison
Installation, and administration of departmental Linux, and NT4 servers running:
CGI based developer tools, which I developed from scratch, using Perl, DBI, SQL
IP networking support and troubleshooting (including routing, DNS)
News
Web
Samba file sharing
Bind DNS(sub-domain management)
Mail (SMTP/POP3/IMAP) services
Virtual private network + firewall
In January 1999, I detected an unsuccessful intrusion attempt on the departmental Linux server, and submitted a detailed incident report to the company's security personnel.
The attack had been carried out by a newly appointed in-house security officer at the company's US HQ. With the exception of network administrators at the company's headquarters, I was the only person to report his security probes (at that time Applied Materials employed in excess of 30,000 people worldwide). Following the report he invited me to join the company's "Global Security Task Force" the task force's responsibilities included setting company standards for computer security, and risk assessment (including acting on new security exploits, as they came into the public domain).
| Travel | HiFi | Renewable Energy | Cycling |
| Free software | Property development | Snowboarding | Flying |