Craig Zeller - Resume
Sr. Systems and Network Security Specialist, Sr. Linux/UNIX Systems Administrator, Technical Sales or Sales Support, Contract Linux/UNIX Consulting.EDUCATION
Cal Poly College, Pomona, California. Major in Electronic Engineering (drafted into U.S. Army, October 1967). Additional technical training in Broadcast-TV systems, Compaq Tru64 UNIX (a.k.a. Digital UNIX, OSF/1) and Ultrix operating systems and layered-software products. Attended Digital's Tru64 UNIX Focused Technical College. Sendmail Multi-Switch training.SKILLS
UNIX/Linux Systems Administration and Security, to include Firewalls and Intrusion Detection. Extensive Linux iptables/ipchains firewall experience, system security hardening, Sarbanes-Oxley compliance issues, IDS. C/C++, Bash/Bourne shell scripting, some Perl. Installation and configuration of MySQL, Oracle Standard Edition 10g, Apache, Tomcat4/5, J2EE (Jboss 4.0.1-sp1) Samba, OpenLDAP including TLS, TCP/IP Networking, DNS/BIND including multiple views and ACLs, DHCP, Sendmail, Sendmail Multi-Switch, Procmail, Squirrelmail, SPAMassassin, MIME-Defang, Clam Anti-Virus, Netsaint/Nagios & MRTG network monitoring, MS-Exchange 5.5, MS-SQL 7, MS-SQL 2000.OPERATING SYSTEMS
Solaris 2.5.1 - 10, Redhat 4.1-9, RHEL 3/3u4/4, Fedora 1-4, Slackware, Tru64, OSF/1, Digital UNIX, Ultrix, some HP/UX, VMS, Windows/NT/2000/2003/Clusters.HARDWARE
HP/Compaq Pro-Liant servers including HP-Blade servers, Dell 2850, 1850, 1650, etc. Sun SPARC and UltraSPARC. DEC Alpha and VAX. F5 Big-IP Load Balancers, Nortel Contivity IPSEC VPNs. DEC/Compaq/HP StorageWorks SANs, Brocade Silkworm FibreChannel switches.EMPLOYMENT HISTORY
In December of 2003, the death of my mother and subsequent inheritance issues caused me to take a year off from full-time employment to finalize legal matters and move. During that period, I was engaged in two consulting assignments at 5Square Systems and Walt Disney Studios:
Mar, 2005 - July, 2005
Initially engaged for a two week assignment to fix DNS issues, wound up staying for 4 1/2 months. Customer had not patched RHEL3 installations, and had no firewalls protecting his ISP-hosted server environment. All servers in ISP-hosted environment were under SSH login attack. Redesigned network with Linux iptables firewalls and a DMZ. Set up a YUM/Current (up2date) server and installed all patches and hardened systems. Installed redundant DNS servers with multiple views. Installed RHEL3u4 on HP Blade BL20p servers. Moved ISP-hosted servers to new facility due to lack of rack space. ASP environment using JBoss and Oracle Standard Edition 10g. Hardware mixed Dell and HP/Compaq rack mount x86 servers including HP BL20p Blades.
Nov, 2004 - Jan, 2005
Hired on a 9 month contract for MIS Linux and UNIX support. Resigned after three months due to Disney issues with outsourcing MIS department.
Dec, 2002 - May, 2004
Sr. Linux Systems Administrator. Responsible for administration and maintenance of 40+ Redhat Linux servers and iptables Firewalls. Brought PCS installed base of un-updated systems up to latest revs and configured security. Fixed mis configured iptables Firewalls and configured additional firewalls and servers for deployment. Installed and configured Nortel Contivity IPSEC VPNs. Configured OpenLDAP with TLS as secure replacement for NIS authentication. Configured local SSL Certificate Authority. Integrated new MRI GL/AP/AR/PO systems on Windows 2000 Server with MS-SQL 2000. Capacity planning and architecture design. Systems administration to include user account maintenance and backups including MySQL replication. Perl, C, Bash shell scripting, MySQL, Apache, Tomcat, OpenLDAP. Remote server and firewall administration with Firewall Builder (fwbuilder) and OpenSSH. Also Windows-NT 4.0 Cluster, MS-Exchange 5.5 and MS-SQL 7/2K administration. Compaq StorageWORKS MA8000 Switched Fibre Channel SAN, and Brocade Silkworm FC-SW admin.
May, 2000 - Jan, 2002
Sr. UNIX System Administrator. Responsible for maintenance of 12 servers and 200+ workstations plus LAN/WAN. System administration duties included user account maintenance, NFS automount, DNS, Sendmail, Apache web servers, Tomcat. Established a new Intranet web server architecture, and implemented UNIX Security Audit. Heavy emphasis on system security implementation. In November, 2000, Nortel outsourced its IS Department to CSC. Assumed duties as Sr. System Admin for Nortel's worldwide email UNIX backbone servers. Project Lead responsible for updating 40 worldwide email servers processing > 2,500,000 emails/day to Sendmail Multi-Switch technology on Solaris 8 with upgraded security, including remote administration with OpenSSH.
Three month consulting contract to establish firewall logging and procedures for Axent Raptor firewalls running on Sun Solaris-SPARC v2.6. Responsible for scripting installation of firewall software w/Bash, and debugging logging rule sets for Axent Intruder Alert (ITA).
Jun, 1998 - Nov, 1999
Sr. Systems Engineer (pre-sales) by acquisition of Digital Equipment Corporation on June 12, 1998. Continuing duties from DEC involving support of Alpha Servers with Tru64 UNIX (aka: Digital UNIX, OSF/1), Windows-NT, and Linux. Also support of Compaq ProLiant Intel-based x86 servers in Windows-NT and Linux configurations. Involved heavy on-site system administration and installation/update support to very large sites. Evangelized Linux on Alpha and x86 to customer base, including detailed Linux presentations to Oracle and Lockheed. Arranged for John 'Maddog' Hall, Director of Compaq UNIX Marketing and President of Linux International, to meet with local Linux user groups. Accounts included Lockheed-Martin including 'Skunk Works', Oracle corporate headquarters, and Reuters-Quotron.
Apr, 1990 - Jun, 1998
Staff Sr. Technical Consultant specializing in DEC Tru64 UNIX-based Alpha 64-bit RISC servers and workstations, high performance SCSI and FibreChannel SAN storage subsystems, PC's, and networking products. Extensive (8+ years) on-site work with GTE Government Systems Corp. Responsible for customer support to include application porting assistance to large-scale U.S. Government Imagery Intelligence programs, and systems administration of local user accounts and networking, web site, e-mail servers, and dial-up SLIP/PPP Internet access. Heavily involved in specification, design, and integration of DEC Tru64 UNIX systems into multi-vendor UNIX environments, including Sun Solaris and HP/UX. Provided third-tier technical support to Intelligence Community sites through GTEGSC's support contract. Wrote proposals in response to government RFP's. Provided principal west coast technical support for installation of DEC Tru64 UNIX and Windows-NT-based AlphaServer RenderTower systems for high-end 3D Special Effects for entertainment industry. Wrote Tru64 UNIX device drivers and provided troubleshooting support for third party graphics and high-end networking hardware, including ATM and HiPPI. Began experimenting with Linux in early 1993. Joined the San Gabriel Valley Linux Users Group (SGVLUG), and became heavily involved in Linux 'activism', both within DEC and to public. Accounts included GTE Government Systems and the DoDIIS (Department of Defense Intelligence Information Systems) community, CIA, DIA, USAF ACC (SAC/TAC), TRW, Hughes, Cinesite (Kodak), Walt Disney Studios, Rhythm & Hues, Warner Bros., and Netter Digital Entertainment (Babylon 5).
1989 - 1990
Principal in a venture to build a state-of-the-art digital broadcast television post-production editing, computer graphics, and special effects facility in the Burbank media district. Wrote a comprehensive business plan and created technical, architectural, and business documentation and plans for the technical facilities. The project failed due to the inability to locate sufficient capital under acceptable terms and conditions.
1982 - 1989
Manager of Computer Imaging. Principal systems architect and Manager of the Computer Imaging department and the Multiple Access Graphics Imaging Center. Responsible for conceptualization, design, equipment procurement, and systems management of a highly sophisticated electronic graphics department. Responsible for annual capital equipment budget of $3.5 to $5 million, as well as equipment acquisition and staffing justifications. Recruited and managed a staff of highly skilled artists. Systems administration of SunOS and Silicon Graphics Iris UNIX workstations and servers.
1979 - 1982
Senior R&D Engineer. Responsible for the design, construction, and programming of a computerized videotape editing system. Designed intelligent Videotape Recorder interfaces and Edit computer system.ADDITIONAL EXPERIENCE and INTERESTS
I have administered my own Internet domains (zdi.net, fatpenguin.com, .net, .org) since 1993. I am the author of several Linux firewall scripts which are open source and in use worldwide. In addition, I have significant experience in architecting large networked systems. Founding member and principal organizer of one of the largest Linux Users Groups in Southern California (SGVLUG). I have been an enthusiastic Linux activist since 1993. I am currently involved with the Simi/Conejo Linux User's Group (SCLUG). I have been a licensed Amateur Radio operator since 1974, and hold an Advanced Class FCC license.MILITARY
1967 - 1973
Assigned to the United States Army Special Security Group, Assistant Chief of Staff for Intelligence, Dept. of the Army. Overseas duty included 18 months at USMACTHAI/JUSMAG in Bangkok, Thailand (1968 - 1969); followed by four years at Supreme Headquarters Allied Powers Europe (SHAPE), Belgium (1969 - 1973). Performed extensive TDY in support of SALT II, 18-Nation Disarmament Conference, and Law of the Sea Conference. Security clearance Top Secret, Sensitive Compartmented Intelligence (SCI), Crypto (not current).
References and salary history available upon request.
Some work experience information has been deleted for brevity. The full version, as well as additional copies of this resume are available in PDF, Postscript, MS-Word, Open-Office, and text formats at <http://www.zdi.net/czeller/>.