Curriculum Vitae - Tim Small
Tim
Small
Monday 17 March 2008
0.1
17 Jan 2005
ts - tim@buttersideup.com
First draft, incomplete
0.9
18 Apr 2005
ts - tim@buttersideup.com
First release of DocBook version
1.0
19 Apr 2005
ts - tim@buttersideup.com
Minor updates, workarounds, etc.
1.1
19 Apr 2005
ts - tim@buttersideup.com
More minor updates, workarounds, etc.
1.2
19 May 2005
ts - tim@buttersideup.com
Change in availability.
1.2
20 Dec 2005
ts - tim@buttersideup.com
Add EADS Astrium, and other experience
1.3
1 Mar 2006
ts - tim@buttersideup.com
Minor edits, availability
1.4
2 June 2006
ts - tim@buttersideup.com
Minor edits
1.5
19 July 2006
ts - tim@buttersideup.com
Minor edits
1.6
17 March 2008
ts - tim@buttersideup.com
Update Availability to point to SEOSS main page
Name and Address
Tim Small
tim@buttersideup.com
Brighton & Hove
East Sussex
United Kingdom
+44 (0)7970 057284
Nationality: British
Availability
Notice Period:
N/A
Start Date:
Please see http://www.seoss.co.uk/
Preferred Locations:
Commutable from Brighton (United Kingdom) (e.g. London, Sussex, Surrey, East Hampshire)
Other Locations:
Other locations considered for short term projects only
Role Sought:
Unix/Linux/Development/Embedded/Security/Systems/Networks
Type:
Normally Contract Only (will consider permanent positions in Brighton only)
Getting the Latest version of this CV, and other formats
The latest version of this CV, information on current availability, further material, and
this CV in alternative document formats - e.g. HTML (web page), PDF (Adobe Acrobat format), RTF (which you can view and edit in Microsoft
Word), is available at http://www.buttersideup.com/wpad/consultants/timsmall/
.
Agencies - please check the web page for current
information in the first instance.
Summary
Highly Experienced Linux Engineer
Sound Theoretical Knowledge
Experience in Semiconductor, Communications, Financial, and Scientific Research sectors
Management/Team Leadership
Linux Kernel Maintainer
My best-fit projects encompass Linux-based development and/or systems
design, on business and/or embedded systems. I am particularly suited
to hybrid positions.
I have knowledge spanning a wide variety of IT disciplines, as well as
familiarity with a variety of engineering and scientific topics. As a
result I particularly enjoy projects that can benefit from
cross-disciplinary approaches. I adapt rapidly to new environments,
and enjoy challenging projects. Whilst Linux is my platform of
choice, I am also proficient on Microsoft platforms and other
Unices.
I have an in-depth knowledge of Linux distributions (particularly
Debian and Redhat), high reliability environments, hosting, computer
hardware, operating systems architecture, open source tools, and
networking technologies (across all layers).
This wide overview helps greatly with tasks such as application
design, performance tuning and security.
My commercial experience includes new startups, a Fortune 500 company,
and an Internationally renowned research establishment. I have
carried out work in the UK, the US, and continental Europe. My past
roles have included team leadership and recruitment responsibilities.
I have successfully carried out projects involving the creation, and
support of business-critical infrastructure - from planning, through
deployment, to hands-on support and rolling upgrades.
Embedded projects which I have undertaken include control of
highly complex industrial systems, and high reliability military
communication systems (for which I underwent an MOD security check).
Computing Experience
Development Platforms and Environments
POSIX
Linux (user, and kernel space)
Embedded systems
Solaris (application)
Win32
DOS
Document Processing and Publishing
LaTeX
DocBook
XHTML
Wikis
PostScript
Installation, Development, Administration
Linux
Solaris
NetBSD
FreeBSD
Windows 3.x
Windows 9x
Windows NT family
Heterogeneous environments
My Linux experience includes the Debian, Redhat, (including Fedora Core, and Enterprise AS), and Slackware distributions, on x86, x86-64 (AMD64), ARM, SPARC, MIPS, and Alpha hardware. My use of NT family products includes NT3.51, NT4, Windows 2000, XP, across Terminal Server, Server, Workstation, Professional, and Embedded Editions.
Security
Application security, and exploitation techniques
Infrastructure, and risk evaluations
Security policy definition
Incident forensics, and recovery
Firewalls (e.g. iptables)
IDS (e.g. Snort)
Real-time Virus scanning
Higher Level Protocols and Server Software
LDAP - OpenLDAP
SMTP - Sendmail, Postfix, DSPAM, ClamSMTP
DNS - Bind8, Bind9, NSD
HTTP - Apache, IIS, Squid
NTP - INND
SMB - Samba
SSH - OpenSSH
SQL - MySQL, PostgreSQL, DB2
TCP/IP and IP
Routing
Firewalls
Connection tracing + debugging
Proxying
NAT
VPNs (PPTP, L2TP, IPsec)
Clustering
Load balancing
IP fail-over/take-over
DHCP/BOOTP
ARP/RARP
NFS/SunRPC
Differentiated services (QoS)
Fair queueing
Low Level Networking
Structured cabling
Managed switches
Routers
Ethernet (including gigabit)
Wireless (802.11b/g)
Long distance 802.11b links
xDSL
ISDN
GSM/GPRS
VLANs (802.1q)
(Rapid) Spanning Tree Protocol (802.1d, 802.1w)
PPP
Hardware
19" rack layout and cabling
CompactPCI, and PMC/PrPMC
Production-line test software
x86 hardware (in depth)
Server specification and purchase
Redundancy and reliability (e.g. RAID)
Storage Technologies
Flash storage (esp. for Linux systems)
Electrical power distribution
Cooling and HVAC
Structured cabling
Digital electronics
Simple analogue electronics
1Wire Bus
Soldering (including some SMT work)
Test gear and diagnostics
PC remote management hacks
RF principles and techniques
Simple microwave antenna design
ARM, SPARC, and MIPS hardware
Education
1992 to 1994
Collyer's Sixth Form College, Horsham, W.Sussex, UK
I attained the following grades at A-Levels: Chemistry - B, Maths - A, Physics - A. I also attained a grade of Merit at S-Level Maths.
1994 to 1997
University of Kent, Canterbury, Kent, UK
BSc. (Hons) Computer Science: Upper Second Class
Technical Experience
May 2005 to March 2006
EADS Astrium
I carried out work for EADS Astrium on the Paradigm Modem project.
The Paradigm modem combines a large amount of bespoke hardware
and Linux on commercial embedded x86 hardware, and provides the
communications end-points (ship-borne, and ground based) for the
UK MOD's
Skynet 5
secure satellite communications project.
EADS Astrium are a major international manufacturer of spacecraft,
current and past project include Astra 2B, Mars Express, Venus Express,
Galileo, and Meteosat.
Areas of the Paradigm Modem project with which I have been involved include:
Diagnosing hardware memory subsystem problems (including creating a Linux kernel module for the Linux EDAC project, which is tailored to the memory controller of the embedded chipset in question, and feeding back these changes to the Linux kernel maintainers)
Creating software for production-time testing of in-house hardware, and liaising with hardware manufacturing subcontractors
Creating a device driver for the Intel 21555 non-transparent PCI bridge chip, for communication between multiple Linux systems over a shared PICMG CompactPCI backplane
Adapting the Linux PIIX EIDE device driver to the embedded chipset in use by the project
Debugging in-house hardware implementation (e.g. PCI IRQ routing), feeding back to hardware designers, and creating workarounds in the Linux kernel where necessary
Customisation of PrPMC (processor card) interrupt priorities to provide necessary latencies for real-time tasks
Supplying Linux technical support and advice to other developers on the project
Stress testing, evaluation, and supplier feedback for COTS hardware
Communication with other EADS Astrium software development teams on integration issues with the Paradigm Modem
Customising mainstream Linux packages for embedded operation
Reliability analysis, and design feedback for memory and solid-state storage subsystems
Improving developer infrastructure (e.g. deployment of an in-house wiki, development server reorganisation)
Consultancy on the use of 1-wire bus (iButtons) as part of the project
May 2003 to December 2004.
Semantico Ltd.
I was originally engaged by Semantico to carry out Perl programming
tasks, and worked with them to assist with time-sensitive development
projects. I was able to make major improvements to Semantico's
infrastructure - particularly in the areas of manageability, security,
and reliability. My work culminated in the hand-over of systems
support duties to a new permanent system administrator.
Semantico are a Brighton-based company, whose clients include major
reference publishing houses, such as Oxford University
Press. Semantico provides a complete outsourcing
service for subscription-based on-line versions of traditional paper
reference works. A product such as the award-winning Oxford Reference Online
contains over a hundred paper titles in a single web site.
Semantico's products are written in a combination of Perl, and Java.
They make extensive use of XML, PostgreSQL, and Debian.
I managed Semantico's migration from Redhat to Debian, and from
managed server based hosting solutions to their own colocated
rack-space (providing increased value-for-money, reliability, and
manageability).
The projects that I have carried out for Semantico include such tasks as:
Perl programming (e.g. HTML Mason work, performance tuning and analysis, session locking)
Server purchase, setup, testing and deployment
Software architecture design
Server platform design
Extensive server remote management, and monitoring
Research and deployment of Linux x86-64 based servers
Deployment of Redhat Enterprise Linux AS2.1 on HP Proliant hardware
Deployment of IPMI, HP "Lights-Out" and other remote management solutions
Deployment of Debian 3.1 (Sarge) on Intel SR2300 hardware
Hardware, OS, and application resource usage tracking and trend-analysis
Hosting deployment
CoLo deployment
Incident analysis
3rd line technical support
Developer support
Supplier and client liaison
Infrastructure evaluation and improvement
Security
Work area acoustic management
Electrical infrastructure loading analysis and troubleshooting
Infrastructure documentation
Firewall, mail system, LDAP, DNS infrastructure overhaul/replacement
NexNix
Following changes in focus and staffing at NexNix, I was asked to
provide analysis, and recommendations for this small Horsham based
computer supplier and audiovisual systems specialist.
Important aspects of the project included:
Security
Identifying solutions appropriate to changing staff skills within the organisation
Providing value for money solutions
Outsourcing DNS, web and mail services where appropriate
Recommending appropriate 3rd party service providers
Transition planning
Other Projects with Commercial Relevance
I have recently made use of the Linksys NSLU2 NAS product to create a
customised low-power (9watts max) wireless router. This cheap, and
capable hardware (£50 for a 266MHz Intel StrongARM, with Ethernet, and
USB2 interfaces, 32MiB of RAM, and 8MiB of NAND flash) provides
an excellent platform for the OpenEmbedded Linux distribution, which
I customised to my own purposes for this deployment.
I have carried out extensive property renovation, which has given me a solid
knowledge of subjects such as the IEE Wiring Regulations
(16th Edition). This knowledge has been helpful
during subsequent large scale systems deployments, from both a reliability, and
safety point of view. In my experience, this is a blind spot for the majority
of systems planners.
I am interested in wireless networking, and home automation. I helped to
set up a local community wireless ISP, and have carried out work on the Linux
kernel drivers for the Atmel at76c503a USB 802.11b chip (http://at76c503a.berlios.de), work on
the ALSA project (Advanced Linux Sound Architecture) USB-audio kernel driver,
in conjunction with a USB-audio based SPDIF i/o device. Secure, long range
802.11b links (over a mile) using high gain antennas, and VPN software. I have
also debugged IRQ routing within the Linux kernel for the Texas Instruments
PCI1031, and related PCI<->PCMCIA bridge chips.
I have also been working on a Java based HVAC (Heating, Ventilation,
and Air Conditioning) control system, utilising a network of 1wire bus
remote temperature sensors, connected with cat5 cable. Initial
control hardware is a PC running Debian Linux.
August 2000 to December 2002
Digitalbrain PLC
Based in Brighton, East Sussex, UK, I worked full-time for
Digitalbrain PLC, as Head of Internet Systems
Digitalbrain PLC is Britain's leading online educational content, and
managed learning environment provider. They also manage public, and
private sector educational portals, such as the London Grid for
Learning (http://www.lgfl.net/)
Originally employed as sole system administrator, I oversaw the growth
of the company's system administration team to a total of 6 (while the
company grew from 20, to nearly 100 employees).
Important aspects of the role included:
Team management and hiring
Operating 24/7 services in a rapidly
growing environment
Web serving infrastructure, architectural
design, and day to day management
Developer support (tools, and environment
as well as OS related technical support)
Security of internal, and external systems -
including company-wide security policy and standards
Advising, and assisting with product
architecture and direction
Communicating with, and advising, senior
management
Communicating with suppliers and customers
3rd line
technical support
Notable areas that I worked on included:
Managing the release of updated versions of the company's products on live web servers, including testing, live-environment simulation, and change management elements
Minimising planned, and unplanned down-time
of customer-facing, and internal network
services
A distributed compilation system for C++ -
utilising over 30 CPUs with a perl/ssh system, co-developed
by myself and a colleague - use of the system increased
developer productivity by slashing compilation
times
Performance tuning, and testing of a C++
based in-house Apache module
Quicktime media support for an in-house
Apache module (size interrogation for layout purposes)
Porting C++ Apache module, and development
environment from FreeBSD to Linux
Web server configuration tool in Perl, for
developer, and production web sites
Refactoring and extending Perl-based
developer tools (in-house "make" replacement
etc.)
Monitoring, and reporting of, faults,
utilising 'mon', with altering via email and GSM/SMS. With
an emphasis on redundancy, I wrote extensions to 'mon' in
Perl, e.g. to interface Nokia mobile phones directly to the
monitoring servers to provide a reliable two-way SMS
alerting and acknowledgement
Evaluation and deployment of hardware for
mobile emergency on-call administration
NOC status display, based on a PC with
multiple video cards and large monitors
SNMP based performance monitoring for web
servers, with logging and graphing
Load balanced pair of redundant Linux web
server directors, using IPVS (IP takeover), and LVS (TCP
level load balancing)
Secure, load balanced DNS deployment,
utilising Bind
Developing low cost, high density storage
servers, utilising IDE RAID (3ware cards)
Developing low cost RS232 based management
system, involving serial consoles, serial BIOSes and custom
hardware to support hardware reset via RS232 (relay driven
by DTR signal) and RS232 over RJ45-based structured cabling
- for ease of maintenance and deployment
Purchasing and deploying high density web
server array (30x Rackable Systems dual Xeon, "half-U"
systems)
Deploying remote office Linux servers (VPN,
Squid Transparent Proxying, SAMBA, LDAP, with remote
management and backup)
Migrating developer workstations to Linux on
the desktop, utilising OpenOffice, Mozilla and rdesktop to
provide remote access to a Windows 2000 Terminal
Server
Deploying account management via OpenLDAP,
NSS-LDAP/PAM-LDAP, Samba-LDAP to manage Windows and Linux
computer accounts + user information in one central database
Migrating mail servers from
FreeBSD/Sendmail/pop3d to Linux/Postfix+SASL+SSL/Courier
POP3+SSL,IMAP4+SSL for improved maintainability and
security
Managing an internal x509 Certificate Authority,
and associated SSL certificates for secure mail and web
access
Acquiring, and managing, certificates issued by
commercial Certification Authorities (e.g. Verisign etc.)
Running, and updating, company DNS zones (for
multiple domains, including customer domains) and DNS serving
infrastructure (including load balancing)
Utilising journalling filesystems (ReiserFS,
ext3) for increased reliability
Investigating, testing and utilising
various kernel patches (e.g. ATA133 48bit large disk
support, VLANs, reverse mapping VM, ACLs)
The creation of a system for automatic
application-level file replication, implemented in C++ and
perl
Deploying a secured NFS network using VLANs
for high performance, with minimum network infrastructure
cost and impact
June 2000 to August 2000
Serco
CERN
(European Organisation for Particle Physics
Research)
Near Geneva, French/Swiss border
1 month contract (extended for a further 2.5 weeks)
Short contract to implement a system for automated
roll-out of large numbers of Linux systems on differing
hardware. The project involved storage of machine
information, and discovery of this information. Project
implemented using PHP4, Apache, Kerberos, ODBC (unixODBC),
PostgreSQL, SMTP, DHCP/TFTP and shell scripting. Principle
OS - Redhat Linux.
Jan 2000 to May 2000
Travelling (Italy + Uganda). Incorporating ten days consulting for
three businesses in Uganda.
1993 to December 1999
Applied Materials
Horsham, West Sussex, UK & Santa Clara (Silicon Valley),
California, US http://www.appliedmaterials.com
Approximately 3.5 years (1.5 contract, 2 Permanent).
Applied Materials is the world's largest manufacturer of Silicon Wafer
fabrication equipment, and is a Fortune 500 company. It employs
around 250 people at its Horsham site, and around 13,000 worldwide.
I carried out several roles at Applied Materials, including periods as
a system administrator on SunOS, and Solaris (with an emphasis on
security, and problem solving using open source software).
Tasks included the design of a preprint image processing system, and
enhancing Unix to PC connectivity (including specifying and installing
Samba, and Winframe).
Following graduation, I spent six months at the corporate headquarters
in Silicon Valley. The majority of this time was spent writing
configuration utilities for a SunOS based machine control system,
using Perl and Tk. Other work included setting up from scratch, and
administering a web server using Linux and Apache on Sparc hardware.
After my return to the UK in August 1998, I worked with a team of
around 15 software engineers, developing control software for a new
silicon wafer ion implantation machine, based on Windows NT 4.0. My
responsibilities included:
GUI design and implementation (using VC++)
Troubleshooting
Specification
Planning
Benchmarking
Configuration
Research of PC hardware, NT
Troubleshooting networking issues
Supplier liaison
Installation, and administration of departmental Linux, and NT4 servers running:
CGI based developer tools, which I developed from scratch, using Perl, DBI, SQL
IP networking support and troubleshooting (including routing, DNS)
News
Web
Samba file sharing
Bind DNS(sub-domain management)
Mail (SMTP/POP3/IMAP) services
Virtual private network + firewall
In January 1999, I detected an unsuccessful intrusion attempt on the
departmental Linux server, and submitted a detailed incident report to
the company's security personnel.
The attack had been carried out by a newly appointed in-house security
officer at the company's US HQ. With the exception of network
administrators at the company's headquarters, I was the only person to
report his security probes (at that time Applied Materials employed in
excess of 30,000 people worldwide). Following the report he invited
me to join the company's "Global Security Task Force" the
task force's responsibilities included setting company standards for
computer security, and risk assessment (including acting on new
security exploits, as they came into the public domain).
1997
British Linen Finance (Bank of Scotland)
Dartford, Kent, UK. 6 Weeks (Contract).
Unix + PC support/development, Y2K testing + risk appraisal.
Setup and deployment of a Linux-based mail server with demand dialed
ISDN, and web proxy server.
Interests and Activities
Travel
Free software
HiFi
Property development
Renewable Energy
Snowboarding
Cycling
Flying
Accreditations and Licenses
Clean UK Driving License
Student Pilot License
References
References available on request.