This site has been deployed from Github repository tjtharrison/README.md

Tim Harrison

Infrastructure Security Team Lead

me

Tim Harrison

Infrastructure Security Team Lead

About Me

Aim: To use my technical expertise and excellent communication skills to help a team achieve success.

I am a self-motivated team player with experience in both heavily technical roles and client facing account management roles. I am a good communicator (both written and verbal) and have an ability to form close relationships with internal team and external shareholders.

I am flexible with working hours and travel and have held a full, clean UK driving license for >10 Years.

I am strong technically, with the ability to make strategic decisions under time and budget constraints and execute reliably.

Key Skills

Cloud Management: I have over 6 years experience working with AWS (EC2, S3, Cloudfront, EKS, IAM, EFS, Storage Gateway, Load Balancers, Autoscaling Groups, RDS, Cloudtrail, Cloudwatch, EKS, KMS). I also have experience working with GCP (Including GKE, Networking), Azure (limited) and other smaller Cloud Providers (Scaleway, Digital Ocean etc) as well as code hosting platforms such as Heroku.

Cloud Security: I have proven experience working with security services within AWS (AWS Config, Cloudtrail, Security Hub, Guardduty etc). I have also written design documents for AWS Client VPN, CIS Compliance etc.

DevOps: CI/CD (Gitlab / Github / Teamcity / Jenkins), Ansible (inc AWX), Building and deploying Pipelines, Docker (docker,docker-compose), Kubernetes (Helm, ISTIO, Velero Backups, Rancher, EKS, GKE) and IAC (Terraform, Cloudformation).

Communication Skills: Strong communication skills both written and verbal, both in team leadership and Customer facing account management to key stakeholders and budget owners (Including project and incident management with communication).

Network Management: Physical Networking, TCP/IP, VLAN, DHCP (Windows, linux DHCPD), DNS (Windows, Linux BIND), Cisco, Juniper, Wireless (Cisco, Ubiquiti), SNMP, Log management (ELK, Graylog), VPN (Openvpn, L2TP/IPsec), DNS and Domain Management, SSL Certificates (Inc Lets Encrypt), Two Factor Authentication (Duo Mobile, Google Authenticator), Network Security.

Server Management: Physical Hardware Management (Purchasing, Hardware + Software RAID), Virtualisation (Vmware, Hyper-V, KVM), Windows Server (2002-2019), Linux (Ubuntu, Redhat, CentOS), backups (Inc Acronis, VMWare, Windows Server Backup), Kubernetes, Docker, docker-compose, Monitoring (Nagios), Databases (SQL, MySQL, Mongodb, redis, redis-cluster), Log Management (rsyslog, Windows Events). Cloud hosted solutions (AWS, Azure, Digital Ocean).

Coding: Bash, Python, Javascript, Powershell, HTML, CSS, Code Versioning (Gitlab, Github, SVN).

Project Management: SOC and SIEM implementation, consultancy, Office 365 Migrations, P2V (Physical > Virtual Server Migrations), Brand Development (Inc Website, Corporate Branding, Marketing Campaigns) working to tight Deadlines with close Customer contact. Understanding of App Development processes (Agile) and different release methods (Canary, Blue / Green).

Acheivements

AWS Security Specialist AWS DevOps Professional

AWS Security Specialist: I have recently completed my AWS Security Specialist certification. This covered a wide range of security focused services on AWS and has helped me with my day to day work implementing solutions on AWS to improve security posture.

AWS DevOps Professional: I have recently completed my AWS DevOps Professional certification. This has helped establish my knowledge over a range of AWS services related to CI/CD pipelines, audits, monitoring and logging.

DevOps - CI/CD Implementation: Built a CI/CD Pipeline from design through to implementation with requirements from team leaders - Combining Gitlab, Jenkins Multibranch Pipelines, Helm, Kubernetes, Slack, Jira (Transitions, RemoteLinks, Comments) and Private NPM Repository.

DevOps/Sysadmin - Documentation: Build a self-hosted Documentation platform based on Python. Ensuring processes are in place for documentation to be update for all system changes and systems to be self-documenting where possible (Eg using input from Nagios monitoring system for server config).

Consultancy - Office 365 Migration: Worked with a local charity to advise on the upgrade from their legacy POP based email solution. From this, I completed 0-Downtime Migration of 30 Mailboxes to Office 365 and migration from an on premise storage solution to Onedrive.

Set up Business and Tech Article Website: Set up my own Business creating Websites for clients, offering Consultancy and one-off projects. My website for articles based on my experience working with Linux servers and various applications consistently gets >500 Unique visitors per week.

Network and Server Management: Managed company servers, network, Cloud hosted servers (Including 24/7 Support). Replaced Legacy hardware with fully virtualised environment and resolved longstanding issues.

Bespoke Website with Database: Wrote a web application based in Python for Music Management startup, including Python Web UI (With account permissions), database backend (to Cloud hosted Database).

Employment History

Smart Pensions (December 2021 - Present) InfraSec Tech Lead: I currently lead a team of 3 Infrastructure engineers with a team focus on ensuring the Infrastructure Security of our Cloud estate (Primarily AWS). This involves initialising, designing and leading infrastructure projects, attending meetings, handling technical escalations as well as team management.

I run regular standups, 1-1s, coaching sessions with junior team members and retrospective sessions. The focus being to highlight where improvements can be made on the team's working environment and cycle time for tickets for our internal and external clients.

Smart Pensions (April 2021 - December 2021) Senior DevOps Engineer (Platform Security Team): I am worked as part of a wider DevOps team of 20+ engineers, working on a range of technologies building, supporting and securing AWS via IAC (Terraform). I work in the Platform Security sub-team, working on implementing various AWS security infrastructure modules (AWS Config, Cloudtrail, Guardduty) including management of alerts via Datadog to our team chat platform.

I have lead a number of high priority security incidents, including communication to senior members of staff, detailed timelines and incident reporting (Post Mortem analysis) and am the primary security support engineer (Responding to alerts from Datadog and assessing before deciding on resolution path).

Xara LTD (Jan 2017 - April 2021) Senior Sysadmin / Devops Team Lead: Running a team managing local network (Servers, Desktops, Physical Network), 24/7 support for Production system, Project planning (Server Upgrades, Virtualisation, Cloud Migrations) and supporting internal staff, cluster of web servers. Working to delivery schedule to complete development tasks efficiently to cut expenditure while ensuring quality of service.

In this role I virtualised all in-house servers which were previously bare-metal and migrated a large number of internal services to Docker / Kubernetes setup (Both in-house and AWS cloud hosted in EKS / EC2 / S3).

I have lead the building of our internal DevOps team focusing on migrating services to Kubernetes (Including backups, monitoring, deployment and scaling) and assisting Developers to focus on coding by implementing CI/CD processes (Taking on existing Teamcity implementation and migration to Jenkins). A large number of internal Sysadmin functionality has been migrated to Automated Tasks, allowing for the Sysadmin Team to focus on Projects and Team Support.

iQuda (Jan 2011 - Jan 2017) Various Roles (Service Desk Management / Level 3 Technician): Rose quickly through the company, starting as a Web Developer before starting in Tech Support as a Level 1 Technician, moving through to Level 3 then onto Servicedesk Management and Project planning. This role included implementing and improving on processes and procedures, Customer account management and Reporting for Client contacts and internal management.

Education

AWS Advanced Networking Specialty: I am currently working on my AWS Advanced Networking Specialty training and aim to complete the certification in mid 2022.

Additional Courses: Udemy Courses in ITIL, Python, Kubernetes, AWS Security Specialist, AWS DevOps Professional, AWS Advanced Networking Specialty, Scrum/Agile.

Parmiter's School: A Levels in Sociology, History, IT and English

Hobbies

DIY: While away from the Computer I spend my time working on DIY projects around the house and going on bike rides.

Personal Projects: In the evenings I enjoy working on personal coding projects (primarily Python3, however, also using JavaScript), deploying via IAC into AWS.

Coding Games: I also spent time on coding websites such as https://codingame.com which helps me improve my coding efficiency.