Résumé (long version)

Personal Information

Name

Mark Janssen

Title

Ing.

Age

44

Nationality

Dutch

Languages

Dutch (native), English (fluent), German (conversational)

E-mail

mark (at) sig-io (dot) nl

Phone

+31-6-5886.7992

Conferences

I prefer visiting tech-conferences as a good method to expand my knowledge instead of commercial training and certification tracks. I regularly attend and participate in the following conferences

  • NL Unix User Group (2x per year) (1999 – 2021)

  • Chaos Computer Conference (1999? – 2020)

  • Linux Open Administration Days (2011 – 2020)

  • Technical Dutch Open Source Event (2006 – 2018)

  • Free and Open Source Developer Europe Meeting (FOSDEM, 2000 - 2019)

And various smaller or one-off conferences, like HackerHotel, Eth0, Megabit, Berlin B-Sides, PH-Neutral, Plubmercon, Linux Kongress, SANE, WhatTheHack, Hackers At Large

Education and Certification

Year(s)

Description

2014

Red Hat Certified System Administrator — Red Hat Enterprise Linux 7

2013

SkySQL Conference

2011

Competa: AIX Essentials

2010

Novell Certified Linux Administrator

2009

Sun Certified Solaris Administrator (Solaris 10)

2009

SNIA Certified Storage Professional

2008

ITIL Foundations

2007

Linux Professional Institute, LPI-2 certification

2005

Linux Professional Institute, LPI-1 certification

2001

Brainbench Certifications (Unix-, Linux- and Apache-Administration, Internet Concepts, Internet Security, TCP-IP Administration, Written English)

2001

Brainbench MVP for Linux Administration

2001

LDAP, Short introduction into using LDAP, Hewlett-Packard, Netherlands

1999

HP-UX 10.X System Administration, Hewlett-Packard, Netherlands

1997

Crashcourse Windows NT, InfoSupport, Venendaal, Netherlands

1994-1998

Computer Science, Haagse Hogeschool, The Hague, Netherlands

1989-1994

Havo, Alfrink College, Zoetermeer, Netherlands

Expertise

The last few years I have mostly focussed on doing systems administration and configuration using Ansible for configuration management and deployment. I have written a large collection of ansible roles which are used in various customer environments and have created custom filters and ansible modules.

I prefer to use Open Source and open solutions as much as possible, and release most of my own software and creations under open and free licenses.

OS:

Linux (Ubuntu, Debian, RHEL, CentOS, Fedora) HP-UX (9.x – 11.x) AIX (4.3 – 5.2L) Solaris (7.x-10.x)

Languages:

Ansible, Yaml C, Arduino, Perl, Php, Python, Bash, KSH, Expect, Tcl-Tk

Applications:

Apache, H2O, HAProxy, Nginx, Varnish, Squid, Postfix, Sendmail, Courier, MySQL, MariaDB, Galera.

Networking:

TCP/IP (v4/v6), Routing, Firewalling, Proxying, DNS, NFS, NIS, Samba, SMTP

Security:

OpenSSH, Firewalling, Kerberos, SSL, TLS

Job Experience

Besides the below-listed jobs and assignments, I’m currently active in the following roles:

  • Founding boardmember and chair of ‘Stichting Revelation Space’, a hackerspace in Den Haag (since 2009)

  • Treasurer of the NLUUG, The dutch Unix User Group (since 2016)

  • Member of ITGilde, a co-operative of Freelance Unix Professionals in the Netherlands

  • Member of Bitlair, a hackerspace in Amersfoort

Jobs are listed in reverse chronological order, based on the end-date of the assignment.

Period

Company

Job Description

2021-Ongoing

MinVWS, Den Haag

Sr system administrator for Project RDO, Realisatie Digitale Overheid. As part of a small OPS team I was responsible for daily system management, deployments of applications, troubleshooting, monitoring and tuning of the server infrastructure behind applications like BRBA, HKVI, ZKVI, and Coronacheck.

All systems are fully configured and managed by a custom Ansible stack, with applications deployed from artifacts generated by Github CI/CD workflows. My team was responsible for quickly and securily delivering application environments under very tight deadlines and following the strictest security guidelines and best-practices.

All inter-process communication used TLS/SSL encryption and many applications integrated with HSM modules. Dealing with various forms of encryption, certificates and encodings was almost a daily occurance.

2020-Ongoing

EDRi, Brussel

System administrator for the EDRi (a collective of NGOs, experts, advocates and academics working to defend and advance digital rights). Responsible for maintaining (part) of their online infrastructure.

2016-Ongoing

Chalet, Woerden

System administrator for Chalet Vacations, tasks include configuring and deploying systems with Ansible playbooks, tuning webserver configurations and securing the server infrastructure.

2010–Ongoing

Greetz B.V. Amsterdam

Sr system administrator and IT-architect for Greetz, responsible for the network design and setup, routing, firewalls, wireless infrastructure, webservers, fileservers, batch-processing, performance tuning, monitoring and backups. Almost all of the IT-Server/Network environment used over the last 10 years has gone through my hands.

Since 2020 as a mostly remote 3rd-line support for the local team who perform the day-to-day assignments, with monitoring and 24/7 support/availability still as my responsibility.

2018-2020

Cybersprint, Den Haag

Sr. System administrator, in charge of setting up, securing and monitoring the Cybersprint production environment using an Ansible-based deployment pipeline. All systems were fully provisioned, installed, configured and monitored using Ansible playbooks.

2018

ITGilde, Amstelveen

Trainer for LPI Linux courses

2015-2018

ITGilde, Amstelveen

Trainer for RedHat Enterprise Linux 7 Certified System Administrator courses.

Jun-Dec 2016

Vesting Finance, Hilversum

Migrating RedHat Linux systems to external cloud infrastructure, documenting and improving system-configuration using Ansible configuration-management tooling

2015

SpeedCast Europe, Rotterdam

Builing a mail and office infrastructure for offshore shipping, optimizing for minimal data transfer over sattelite links

2015-2016

Logius, Den Haag

Logging and Monitoring Administrator for Logius / MijnOverheid.nl, building and maintaining a Logstash/ElasticSearch/Kibana stack using Ansible configuration management.

2013-2016

Imatica, Veenendaal

Trainer for various Linux and TCP/IP courses for Imatica / InternetOpleidingsCentrum.nl, including a 5 and 10-day Linux courses and sigle-day TCP/IP and networking courses.

Mar/Apr 2013

Advo (nee: StepCo) Houten

  • Migrate RedHat 5.x systems to RedHat Enterprise 6.4.

  • Configure backup-environment for Linux systems

  • Troubleshoot RedHat Enterprise Linux crashes on Microsoft Hyper-V platform

Mar 2013

Imatica, Veenendaal

Gave a 1-day training on Apache webservers

Mar 2013

Transfer-Solutions, Leerdam

Configure a few RedHat Enterprise Linux systems for a customer of Transfer

Dec 2012

MG Technical Solutions

Upgrading linux server environment to new major releases.

Nov 2012

National Distributor

Executing an audit of a NagiosXI monitoring environment for a large distributor.

Okt/Nov 2012

FloorIS Internet Services

Setting up a clustered webserver and database server environment for hosting customer websites based on Red Hat Cluster Suite, Apache, Mysql and GFSv2. Creating a backup infrastructure for all hosted systems with off-site backups using backupninja, rdiff and rsync.

Sept/Okt 2012

System Integrator

Setting up a monitoring infrastructure for a large system-integrator in Utrecht based on NagiosXI.

July 2012

NBD-Biblion

Setting up a web-invironment for a Drupal/Apache/PhP/Mysql based intranet/extranet solution on Solaris. Performance-tuning this environment

April 2012

Gemeente Drechterland (via Transfer)

Setting up an Oracle Enterprise Linux system. Configuring iscsi connection to Equallogic SAN

February 2012

DutchDeltaGroep (via Fencer)

Upgrading Suse Linux 9 servers to Suse Linux 10.

Nov2011–Dec2011

Habufa B.V. Hapert (via Transfer)

  • Setting up a cluster of RedHat Enterprise Linux 5.7 systems on HP BL460-G7 systems.

  • Configuring and tuning multipathing and iscsi connection to HP Lefthand SAN

Jan2005–Jan2011

Snow, Geldermalsen

As a consultant for Snow I have worked at many major multinational clients in the Telecommunications, Banking and Minerals sectors, maintaining complex Unix-centric environments.

Jun2010–Jul2010

Roos I-media

Migrating e-commerce website to a new colocation facility

Jun2010–Dec2010

Tele2, Diemen

:: Daily maintenance of HP-UX, SuSE Linux and RedHat Enterprise Linux systems. Designing, building, testing, implementing, maintaining and documenting OpenLDAP based central directory for the multi-vendor Unix environment (HP-UX and Linux) Migrating one of the Tele2 Datacenters to new racks and cold-corridor’s without long downtimes for involved applications Maintenance of the backup environment based on EMC Networker with both physical tape libraries and VTL’s

May 2010

WineCare Pro, USA

Building a custom barcode printing web-interface

Nov 2009

Proteon, Delft

Installing a Solaris 9 machine and some troubleshooting

Sep2008–May2010

T-Systems, Den Haag

:: Migration of Tru64, Solaris, HP-UX environment to AIX 6 LPAR’s and Solaris 10 Zones. Designing, building, testing, implementing, maintaining and documenting OpenLDAP based central directory for the multi-vendor Unix environment (Solaris, AIX and Linux) Building kickstart environment for RedHat Linux virtual machines System monitoring

Oct2007–Aug2008

Venspro, Hoofddorp

:: System administration on Apache/Tomcat clusters, F5 Load balancer, cisco routers and firewalls. Datacenter migration System monitoring

Jan2006–Sep2007

Rabobank, Zeist

:: System maintenance of Solaris 8 and Checkpoint Linux systems Scripting utilities for RSA-ACE server (tcl) automation Incident handling on DNS, firewall and management systems Migrating sudo installation to centralised LDAP-based configurations Auditing systems and writing audit-checking framework and scripts to report on security related settings on Solaris 8 systems.

Apr2006–Dec2006

Shell E-P, Rijswijk

:: System maintenance of shells custom Linux desktop and server systems Building a server, desktop, and office-frontend environment based on OpenBSD for use im embargoed countries. Environment consisted of OpenBSD, OpenOffice, Gnome, cups printing, Exim mailservers, centralised kerberos authentication, ldap, version-controled configurations (svn) and automated package-building, testing and installation.

May2005–Apr2006

Versatel, Amsterdam-ZO Now: Tele2 Zakelijk

:: Design a centralized backup infrastructure for management systems, customer systems and broadcast systems. Design and implement a configuration management system for hardware in the versatel testlab. Design and implement a resource reservations/booking system on top of the configuration management system Design system sub-section of Versatel’s Narrowcasting product Design and implement reporting, management and configuration tools for Versatel’s ADSL2 Triple-Play product.

Feb-Apr 2005

Gaz De France, Zoetermeer Now: GDF Suez E.P.

:: Gaz de France Netherlands has a small permanent IT department that only handled the network and windows system. It also has some Solaris servers that run it’s mission critical application by Landmark Graphics. My job was to administrate these Solaris systems, migrate the Landmark software to a new release, increase performance of the Landmark systems and support the users of those systems.The performance of the Landmark system was increased by tuning kernel parameters, moving data to different raid-arrays and setups (raid1 vs raid5), upgrading hardware and offloading applications to seperate servers or to the desktops. I also standardized a Linux desktop system for use with the Landmark application, made a plan for a new management network and remote administration system.

Nov-Dec 2004

UPC, Schiphol-Rijk

:: UPC is legally required to protect it’s information and have asked for assistance in installing a consistent and current version of Secure-Shell to all it’s Sun Sparc (Solaris 7,8,9) based systems. An inventory of currently running SSH versions was made, applications and users using these versions were identified and a plan was written to migrate all systems to a new site-wide consistent version of Secure Shell.A custom packaged version of OpenSSH was created, fullfilling all UPC requirements and wishes regarding it’s configuration. This packaged version was then installed on UPC’s systems, old settings, users and applications were migrated to the new version while maintaining availability to the users of the production systems.

May-Oct 2004

Belastingdienst, Apeldoorn

:: After numerous contract extensions working for the Unix department I moved to the Networking department. My jobs included: - Configuring Avaya, Olicom and Cisco switches and routers (Tokenring and Ethernet) - Writing network-management tools using expect, perl and shell scripts - Analyzing network problems (sniffing, routing)

2003-2004

Personal

:: Together with some (ex-)collegues I have set up a non-profit, private ISP. Together we handle all tasks a real ISP handles. We have placed a unix system/router on a AMS-IX location, setup BGP routing on IPv4 and IPv6, requested a AS-number and IP space from RIPE, setup peering with other ISP’s and provide mail, usenet, web and shell access to ‘sponsors/users’. We have also joined the Domain-Registry organisation, so we can request and administrate our own .nl domain named without relying on other ISP’s.More info on http://nerdcentral.nerdnet.nl

Jul2003-May2004

Belastingdienst, Apeldoorn

:: The belastingdienst (revenue service) needed temporary system administrators to assist it’s personnel during a migration traject to a complete new computing environment, based on AIX. My task was to assist the local administrators and solve all incidents in the production enviroment while the local staff were on vacation or on large training projects. The department was responsible for various websites running on HP-UX and AIX systems, the network equipment (firewalls, routers, intrusion-detection, monitoring) and backups. After several extensions of the original contract I became responsible for maintaining most of the belastingdienst’s webservers and supporting systems. Performing (security) updates and performance tuning the AIX and HP systems, monitoring, IDS and logging.

2003

Geestgronden, Heemstede

Installing MGE’s ups software on Bull AIX systems

2002-2003

SyConOS IT, Emmeloord

:: Installing, testing, documenting and maintaining the company mail server, based on a SuSe linux system, running the courier-mta mail suite. The server provides SMTP, POP3, IMAP, webmail, a support website and mailinglists for the employees of SyConOS. The mailserver makes use of various encryption protocols to provide secure access to the e-mails (TLS, SSL, over either IMAP, POP3 or SMTP). Various methods are used to limit the amount of spam received on the system by using multiple RBL lists, bayesian filtering and analysis of e-mail content to discover spam.

2001-2003

ABN-Amro Bank, Amsterdam

:: System administration and technical lead on security projects for the ABN-AMRO’s e-Banking systems and internal unix (IBM and HP) environments. Tasks included: - Deciding on security enhancing facilities to implement and enforce - Building and testing these facilities, automating installation and configuration. - Documenting configuration-management system - Daily administration of IBM and HP server-farm (250+ nodes) - Implementing custom patched versions of OpenSSH, OpenSSL, SuDo - Supporting junior system-administrators and customers

2001

VVAA, Utrecht

:: The VVAA HP server environment had been without maintenance for some time and needed a serious overhaul and checkup. VVAA wanted to give administration of these servers out to a third party service provider. Before this could be done the environment needed to be cleaned up and analysed. The following actions were undertaken so the third party could take over maintenance and administration for the HP server environment. - Writing planning for analysis and cleanup. - Doing security assesment of the systems and environment. - Writing ‘administrative’ documentation. - Writing security advisories. - Creating and documenting backup procedure HP systems (Ignite tapes) - Documenting problems, planning fix-actions for these problems, documenting and fixing defects. - Analysing performance and creating tools for gathering performance data from the HP server environment. - Creating trend-graphs from gathered performance-data using self-written tools.

2001

ABN-Amro Bank, GTS

:: My team was responsible for managing the test environment for the GTS Portal, doing application intakes, testing their installation in the test environment, documenting these actions and helping the applications for a smooth transition to the production environment. The environment consisted of various HP-9000 systems and using (amongst others) the following software: - Iplanet Enterprise Server - Iplanet Proxy server - Apache webserver - Websphere Application server - SilverStream Application server - Silverstream E-Portal - Oracle 8 - Java The ABN’s use of the Silverstream Application server on the HP 11.x platform was (one of) the first worldwide, so we encourered a lot of problems and issues with the application which we resolved in cooperation with specialists from Silverstream.

2000 – 2001

ABN-Amro Bank

:: Setting up and managing various company websites on HP-UX 11 and Debian GNU/Linux.Managing Sun Oracle8i database servers

2000

ABN-Amro Bank

:: Installing, managing and upgrading the production and test/development environment for ABN-Amro’s new import/export portal website maxtrad.com (The maxtrad.com website has since been discontinued by the ABN Amro). Activities included: - Installing HP-UX 11.x - Installing Netscape/IPlanet Enterprise server - Installing Oracle support software (Java, ODBC) - Installing and managing test servers - Setting up monitoring system - Setting up backup system - Negotiating SLA terms for hosting - Performance tests / Load tests - Performance tuning Other tasks included: - Setting up and maintaining the projects gateway/proxy and firewall systems - Troubleshooting and support for the unix systems and network - Instructing the other sysops about the unix systems.

2000

Ptt-Post Mediaservice

:: Writing action-plan, and executing consulting tasks to increase availability of HP-9000 servers. Tasks executed include: - Setting up disk mirroring with HP’s volume manager (LVM) - Setting up a dedicated backup system - Updating legacy LVM configuration while maintaining full availability during office hours.

2000

Ptt-Post Mediaservice

Emergency restore from a crashed bootdisk on large HP-UX 10 fileserver with corrupted Legato Networker backup indexes.

1999-2000

EP&R Solutions

:: Complete process from idea to deployment and client-consultation of a ‘network-appliance like’ fileserver (unix-based) for Apple MacIntosh networks

1999-2000

Ptt-Post, IT-Operations

:: Developing and implementing a web-based system for managing internal documents, procedures and instructions. A password protected system where employees of Ptt-Post can lookup and modify (if allowed) documents via a web-interface. Tasks included programming the system, installing webserver, database (MySQL) and scripting language (PHP). Entire system developed using a revision control system, and fully documented.

1999-2000

Ptt-Post, IT-Operations

:: Second and third level HP Unix support for production (500+ nodes) and test (50+ nodes) networks. Tasks include: - Troubleshooting: Disk crashes, server crashes, hardware errors, disk-full. - Account management: Creating and deleting user and application accounts, resetting passwords. - Software Distribution management: Installing and removing software (universally) on remote HP sites. - Support for application developers - Installation and setup for new servers - Setting up and maintaining server-configuration database - Scipting, building tools, documenting - Managing NIS, DNS, Bootp, Inetd configurations - Managing backups and restores

1999

Ptt-Post, IT-Operations

Executing Millenium upgrade for the 500+ node HP-UX network (Upgraded from HP-UX 9.04 to 10.20.41).

1999

Ptt-Post, IT-Operations

:: Setting up 50+ remote Legato Networker backup systems on HP-UX using HP SureStor DLT Libraries. All 50+ systems use single setup script and are fully managable from the central management site.

1998

Unix Support Nederland

:: Extending and enhancing existing web-based application written in Server Side Javascript running under Netscape SuiteSpot on a HP700 system. The system stored customer and employee information in a Informix database.

1998

Aggreko

:: Designing and installation of a proxy machine with on-demand dialing for the company internet connection. The system also had a dial-in facility so employees could connect from outside of the company and still be able to access the corporate network directly. Linux machines have been used for proxy, gateway, firewall and e-mail systems, Cisco routers and modem-pools were used for the connections.

1998

PSINet

Assisting in the setting up of a redundant NT-cluster of webservers, using hardware VPN for maintenance.

1998

Algemene Rekenkamer

Installation and configuration of Checkpoint Firewall-1 in combination with the eSafe virusscanner so all Internet traffic was automatically scanned for virii.

1998

Vermeulen & Hollandia

Setting up linux e-mail server and dial-on-demand internet connection.

1998

Unisource Business Networks

:: Builing a web-based DNS updating program for UBN’s customers allowing them to update the secondary DNS entries themselves, saving UBN’s employees a lot of time and also speeding up changes. System was built to help about 1000 customers that used UBN as a DNS secondary.

1996-1997

DelftNet Internet

System administration for this small start-up ISP. Tasks range from system setup to creating web-pages and setting up accounts to doing crash-recoveries etc.