Ian Macdonald
ian@caliban.org

phone number available on request

Overview Versatile system administrator with extensive experience and expertise with open source software, skilled in the architectural design, implementation and maintenance of high-availability systems for all major networked services, possessing a strong background in system security, strong troubleshooting skills and a proficient programmer in multiple languages.

I have written for Dr. Dobbs Journal and authored numerous free software libraries and utilities, including the bash completion suite, which is now included in all major Linux distributions.

I am a citizen of The Netherlands and can work unimpeded in any European Union country. Rates start at around €100 per hour for interesting or unusual assignments. I will waive my fee for deserving charities.

Experience

July 2001 - June 2006

Google, Mountain View, California, USA

Senior System Administrator/Senior System Programmer

  • Designed and implemented key corporate and production systems
    • Administered and maintained tens of thousands of Linux servers.
    • Designed and implemented from scratch company-wide international LDAP infrastructure, including schema design, replication, redundancy, integration with existing systems, etc.
    • Deployed Kerberos 5 authentication across entire company as Sarbanes-Oxley prerequisite for IPO.
    • Designed and instituted operational change management procedures. Also designed Web-based application for implementing said procedures.
    • Designed and implemented company-wide IMAP e-mail servers.
    • Configured and deployed HTTP-anonymising proxies for anonymous corporate use of WWW.
    • Extensive programming in bash, Perl, Ruby and C. This includes the authoring and maintenance of several open source packages, the integration of Heimdal Kerberos V password authentication with LDAP, the integration of a proprietary calendar system with other systems via its C API, and the writing of dozens of utilities for internal use, including a full suite of high level LDAP data maintenance tools.
    • Extensive DNS (BIND) and Web server (Apache) administration
    • Authored and defended numerous design documents.
    • Gave presentations to peers, as well as to middle and senior management.
    • 24/7 rotational on-call pager duty, involving emergency system maintenance and repair.
    • Mentored junior system administrators.
    • Extensive CV screening, interviewing and hiring responsibilities.
    • Promoted to highest position within my field.
Experience

March 2000 - June 2001

Linuxcare, San Francisco, California, USA

System Architect and Engineer

  • Defined company IT direction and infrastructure and designed all major components thereof
    • designed new company infrastructure; migrated from ad hoc collection of systems to fully standardised, monitored server farm
    • designed and built secure, custom Linux distribution for all company servers
    • developed LDAP schemas and deployed redundant servers for centralised resource administration and user/system authentication
    • designed and implemented new company e-mail system architecture using Postfix and LDAP directory service
    • integrated diverse subsystems using Perl, Bourne shell, and C
    • produced extensive documentation for all of the above
    • co-developed custom Linux rescue CD known as Bootable Business Card

Senior System Administrator

  • Managed day-to-day operations of company network and systems
    • diagnosed and eradicated system and network problems
    • implemented and administered international VPNs (Linux FreeS/WAN IPSec)
    • implemented multi-layered firewalls and conducted regular security audits
    • administered company-wide DNS, Web, e-mail, LDAP, Samba, NFS, CVS, and other services
    • conducted performance analysis and tuning

MIS Technical Lead

  • Provided technical leadership of system administration and helpdesk teams
    • set operating procedures and practices, technical direction, and security policy
    • acted as mentor to other system administrators, providing technical instruction and tutelage
    • advised members of executive staff on technical issues (equipment purchase, technology standardisation, etc.)

September 1999 - February 2000

@Home Benelux, Amsterdam, The Netherlands

Senior UNIX System Administrator

  • Administered all ISP services for thousands of users:
    • InterMail, sendmail, and Netscape e-mail
    • Cyclone/Typhoon news server systems
    • Inktomi Traffic Server Web/FTP proxy servers
    • Apache Web and Netscape Suitespot servers
    • large-scale DNS (bind 8.x)
  • Programmed database back-ends and CGI scripts in Perl
  • Trained junior system administrators and Network Operations Centre personnel

April 1998 - August 1999

Sonera Corporation (formerly Telecom Finland), De Meern, The Netherlands

Linux/UNIX System Administrator

  • Administered all ISP services for thousands of users:
    • sendmail (multiple virtual domains)
    • various POP and IMAP servers
    • Apache Web servers
    • large-scale Web caching and transparent proxying
    • multiple on-line gaming servers
    • full feed Internet news over satellite link
    • streaming audiovisual broadcasting
  • Implemented Linux callback servers using PPP over ISDN for remote system management/maintenance
  • Held responsibility for all system and network security, including implementation of packet-filtering firewalls
  • Authored diverse administrative programs (using Perl, Bourne shell, C, and expect)
  • Administered databases (PostgreSQL, MySQL, Perl DBI, CGI back-ends)

August 1995 - April 1998

Market Research Bureau Inter/View, Amsterdam, The Netherlands

System Administrator/Programmer

  • Administered Novell Netware 3.x/4.x servers
  • Implemented and administered Linux file servers
  • Programmed telephone questionnaire applications

Tools, Skills, and Technologies

Operating Systems: Linux (all major distributions), FreeBSD, OpenBSD, NetBSD, Solaris, OnTap, Windows NT/XP

Hardware: x86, Sun, NetApp, SCSI, RAID

Languages (Computer): Perl, Bourne (Again) shell, Ruby, C, Pascal, Modula-2

Languages (Natural): English (native), Dutch (fluent), German (basic)

E-mail: Postfix, sendmail, qmail, Netscape, qpopper, UW IMAP, Cyrus IMAP, majordomo, Mailman, SpamAssassin, Mirapoint

News: INN, Cyclone/Typhoon, suck, leafnode

Web: Apache, squid, Junkbuster, CGI, mod_perl, mod_ruby, SSL, auth_ldap, virtual hosts

LDAP: schema design, OpenLDAP 1.x/2.x, Net::LDAP, Ruby/LDAP (which I maintain), nss_ldap, pam_ldap

DNS: BIND 4.x/8.x/9.x, DNSSEC, RIPE IP management

TCP/IP: IPSec (FreeS/WAN), packet filtering, load balancing, transparent proxying, NAT, tunnelling, iptables, ipchains, ipfwadm

NFS: Linux, Network Appliance (various models)

Databases: MySQL, PostgreSQL, Oracle, Perl DBI, Ruby DBI

Development: GNU tool suite rpm

Documentation: SGML (LinuxDoc and DocBook DTDs), HTML, XML

Revision Control: CVS, RCS, Perforce

Certification: Red Hat Certified Linux Engineer

Membership: Member of USENIX, System Administrator's Guild and the Electronic Frontier Foundation

Interests

Computer security, programming, linguistics, music, cycling, and travelling