Resume of Ronny Roethof

Career Profile

I am a driven IT specialist with extensive all-round knowledge of Linux, Security and Networking. My passion lies in Open Source, Cloud solutions, High Availability solutions and Security. I have gained relevant work experience in the roles of Linux System Administrator, Technical Specialist, Architect, Team Lead and Security Engineer. With this experience within complex work environments and my unprecedented interest in new techniques I do not shy away from a challenge.

My specialization lies in the following areas of knowledge:

System Administrator
System Architect
Security Engineer
Linux Automation Specialist
Linux Migration Specialist

Experience

Security Consultant / Pentester / Security Officer / Internal IT

AnyLinQ B.V. June 2022-Present

Responsible for internal IT, hardware, network and software. Responsible for Security & ISO 27001 certifications. Responsible for providing secure, fast and reliable access to data and applications for our employees.

Technologies Used: VMWare, Debian, Windows, Azure, Ansible, Huawei, Fortigate

Security Consultant / Pentester

AnyLinQ B.V. November 2021–June 2022

Within AnyLinQ I was engaged in various security tests of websites, infrastructures and applications of clients. This resulted in a more secure environment for various clients.

Technologies Used: Kali, Debian, Ubuntu, VMWare, Ansible, Cisco, Juniper, Huawei, Fortigate

Area Product Owner / Teamlead / Architect / Senior System Engineer

RIVM / KNMI (Detached) October 2020–November 2021

Product Area Owner and Senior Engineer of the Specific Hosting team of SSC Campus. The dedicated hosting team is responsible for the hosting services RIVM.nl and KNMI.nl, among other things. One of the major projects of Specific Hosting is the National Immunisation Programme with the associated Covid 19 vaccination registration.

Technologies Used: 1000+ virtual servers, VMWare, RedHat, Ansible, Gitlab, Satelite, IPA, MySQL, PostgresQL

Developer / Senior System Engineer

Non disclosed (Detached) Juli 2019–September 2020

Due to the high secured environment and duty of confidentiality, it is not possible to elaborate on the assignment or its activities. It is closely related to Public Key Infrastructure, data encryption, and highly secure computing environments.

Technologies Used: 100+ virtual servers, VMWare, RedHat, PHP, Python, Ansible Tower, Gitlab, Satellite

Senior System Engineer

Neostrada B.V. May 2017–June 2019

In this position I was part of a team of 3 people who were responsible for the management of about 500 physical hosting servers, 3500 virtual machines and a 5 petabyte offsite backup platform. The hosting servers require a 24/7 99.995% uptime and run in a high availability cluster environment with 24/7 monitoring and monitoring.

Technologies Used: 500+ physical servers, 3500+ virtual servers, CloudLinux, CentOS, Debian, Ubuntu, FreeBSD, Apache, Nginx, Exim, cPanel, DirectAdmin, NFS, ZFS, Ceph, Ansible, KVM, Proxmox, Ceph, Docker, Huawei Switches, HP Switches, Dell PowerEdge, HP Proliant, SuperMicro

Senior System Engineer

Liberty Global B.V. (Detached) January 2017–March 2017

At Liberty Global, I was part of a team of 9 people, which was responsible for designing and building the Operational Data Hub, part of the One Back Office platform. The basis of the ODH platform can be deployed to perform real-time performance analytics on CPEs, BSS and OSS based on real-time data.

Technologies Used: 100+ physical servers, RedHat, Ansible, Zookeeper, Kafka, Flume, Hdfs, Spark, Logstash, Elasticsearch

Security Consultant

Ultimum B.V. November 2016–Januari 2017

Within Ultimum I was engaged in various security tests of websites, infrastructures and applications of clients, hosting workshops for colleagues and clients. This resulted in a more secure environment for various clients, a higher level of knowledge regarding internet security among employees and more stable and secure websites.

Technologies Used: 100+ virtual servers, Kali, Debian, Ubuntu, VMWare, Ansible

DevOps Engineer / Automation Specialist

Meyn B.V. (Detached) August 2016–November 2016

At this company I was hired to develop a deployment system for various virtualization techniques and in-house software products. The customer's requirement was a central platform based on Kickstart and Ansible, from which the entire virtualization platform could be deployed and managed at remote locations using simple methods.

Technologies Used: 10 physical servers, CentOs, Ansible, Citrix XenServer, CentOS 7, Git, Ansible, Icinga, Ruby, Perl, Kickstart, Dell PowerEdge

Senior System Engineer

Ultimum Managed Services (Internal projects) June 2016–August 2016

Within Ultimum, I handled various Linux/Unix and Open Source tasks, including management and migrations of complex customer platforms (Slackware 13, Keepalive, Zebra, Openvpn and Amazon, among others)

Technologies Used: 100+ virtual servers, RedHat, CentOS, Debian, Ubunut, SlackWare, Amazon AWS, VMWare, Ansible, Puppet, Nagios, Docker, PRTG, Zabbix, PHP

Senior System Engineer / Database Specialist / Recovery Specialist

Merus N.V. (Detached) March 2016-June 2016

For Merus, I was asked to replace an outdated database platform with various problems, with a new PostgresQL cluster virtualized on HyperV.

Technologies Used: 5 physical servers, Windows Server, Debian, HyperV, PostgresQL

Senior System Engineer / Monitoring Architect

SLTN (Detached) December 2015–Maart 2016

SLTN had a need for a 24/7 monitoring platform for a large telecom supplier, due to the complexity of the platform and network I was asked to develop it. As the end result a central monitoring system where multiple locations can be managed, rollout of new controls through an automated system. All within the requirements of the end customer, taking into account their security requirements through VPN tunnels, Encryption, SSL, etc. was delivered.

Technologies Used: 6 monitoring nodes for 1000+ systems, CentOS, Nagios, MySQL, Ansible, HP Blades, HP 3PAR Storage, HP Switches and Routers.

Senior System Engineer / Network Engineer

FD Mediagroep B.V. (Detached) February 2015-November 2015

Within FD Media Group I dealt with all Linux / Solaris systems, network equipment, Storage systems and related other hard/software

Technologies Used: 100+ virtual servers, CentOS, Debian, Ubuntu, Solaris, VMWare, Ansible, Nagios, Cisco, HP Procurve, HP Lefthand

Senior System Engineer

Tele2 Nederland B.V. (Detached) February 2014-February 2015

Within Tele2 I dealt with all Linux, HP-UX, Solaris, SUNOS systems and related other hardware/software, including F5/A10 load balancers, Cisco Contents switches. Projects within this assignment included:

Setting up an emergency high availability load balancing system for 9292.nl based on HA Proxy, KeepAlived and Nginx.
Setting up a high availability LDAP system for Tele2 4G consumer data.
Designing a central system logging setup based on Logstash, Elasticsearch, Kibana and Graphite.

Technologies Used: 100 physical servers, RedHat, Centos, Debian, Solaris, VMWare, OpenLDAP, Active Directory, Dell Netvault, Dell PowerEdge, HP Proliant, F5 BigIP, A10 Loadbalancers

NOC Engineer

eBay Classifieds Group (Detached) January 2013-February 2014

eBay Classifieds Group hired me as part of a large group of NOC Engineers to monitor and develop monitoring tools of various platforms, including ebay.com, marktplaats.nl and 2ehands.be, among others.

Technologies Used: 2000+ virtual servers, Debian, Ubuntu, SVN, Mercurial, Git, Puppet, Nagios, Graphite, Cacti

Senior System Engineer

YourHosting B.V. February 2012-December 2012

Within Yourhosting, I dealt with all Linux hosting servers. I was also involved in various projects, where I provided the technical input or designs. At this employer I was responsible for the following projects:

Design, implementation and maintenance webmail cluster
Design, implementation and maintenance of KVM virtualisation clusters
Design, implementation and maintenance of Puppet in combination with Passenger configuration systems

Technologies Used: 100+ physical servers, Dell PowerEdge, CentOS, Ubuntu, Apache, MySQL, Postfix, SendMail, Courier, Git, Puppet, Nagios, Graphite, Cacti

Senior System Engineer

News Service Europe B.V. April 2011-December 2011

Within News-Service I dealt with all Debian Linux systems running there and the UseNet platform based on it. News-Service Europe was one of the top 3 newsgroup providers in the world with 24/7 support and monitoring, driven by a 7-man team. News-Service had, as a healthy company, to cease its operations by external factors. As a result followed the termination of all employments.

Technologies Used: 500 physical servers, Dell PowerEdge, Dell PowerVault, SuperMicro Storage, Debian, MySQL, PostgresQL, KVM, Apache, Postfix, Spamassassin, Nagios, Diablo NNTP

Senior System Engineer / Network Engineer

ACN Europe B.V. August 2010-April 2011

Within ACN Europe I was involved with all Linux OS systems running there and I developed various toolings based on Open Source Software. In addition, I was the backup administrator for the Windows OS platform and network management. At this employer I was responsible for the following:

Design, implementation and maintenance VMWare clusters
Design, implementation and maintenance of Puppet configuration systems
Design, implementation and maintenance of Squid web filters
Design, implementation, conversion, migration from Exchange to Zimbra
Implementation and maintenance of Zabbix monitoring solution
Backup network Engineer (Juniper SRX240/EX4200 / Cisco 9513/3650)
Backup Windows Engineer (Windows 2003 / 2008)

Technologies Used: 100+ physical servers, HP Proliant, HP BladeCenters, VMWare, CentOS, Windows 2003/ 2008, Cisco IOS, JunOS, MySQL, Apache, Postfix, Spamassassin, Zabbix, Zimbra, Samba, IIS 7, MS Exchange 2003/2010, Active Directory, Cisco switches, Cisco routers, Juniper switches, Juniper firewalls, EMCSAN storage

Senior System Engineer / Internal IT

Leaseweb B.V. December 2008-June 2010

I was the only Linux Engineer for one of the largest hosting parties in Europe to deal with all systems that used Linux and/or Unix. I was also involved in various projects, where I provided the technical input and was responsible for the design and implementation of these projects. The department provided support to approximately 130 workstations, as well as the management and development of more than 250 physical and virtual servers and appliances. In addition, the department was responsible for all customer facing servers. At this employer I was responsible for the following:

Design, implementation, and maintenance of internal network (Cisco ASA/2950/3650)
Design, implementation and maintenance VMware ESX 4 environment
Design, implementation and maintenance of internal and external DNS servers
Design, implementation and maintenance Voice Over IP telephony, faxing
Design, implementation and maintenance of Mailhosting clusters
Design, Implementation and Maintenance Web Hosting Clusters
Design, implementation and maintenance Opsview/ Nagios monitoring cluster
Providing support to the Programming department during changes

Technologies Used: 5000+ physical servers, HP Proliant, HP BladeCenters, Dell PowerEdge, Supermicro, VMWare, RedHat, CentOS, Debian, Ubuntu, FreeBSD, Windows 2003/ 2008, Cisco IOS, JunOS, MySQL, Apache, Postfix, Spamassassin, Zabbix, Zimbra, Samba, IIS 7, MS Exchange 2003/2010, Active Directory, Cisco switches, Cisco routers, Juniper switches, Juniper firewalls, EMCSAN storage, Asterisk

Projects

Ansible role template system

A template for new Ansible roles complete with github automation, funcationality and security checks

Autobackup

Because R1soft backup has proven to be unreliable. Neostrada asked me to design an alternative backup system. Autobackup, a self-designed backup solution based on FreeBSD's ZFS became the solution. With AutoBackup, customers can easily restore all files, databases and even mail accounts from cPanel up to 31 days back!

WSO2 - Single Sign On

For the 4G launch of Tele2 Netherlands B.V. we created a WSO2 single sign on HA application street. This WSO2 application is used to authenticate and authorize user who are loggin in on myTele2 website and/or mobile app. Products used: Tomcat, Apache2, OpenLDAP in Master-Master replication, A10 Loadbalancers and Oracle Database.

Cluster based Webmail

There was a need to replace several single host based squirrelmail webservers with one (1) dedicated webmail cluster. The requirements where :

capable of multiple backend IMAP servers
capable of multiple lables i.e. yourhosting.nl, starthosting.nl, whitelable, etc.
minimize outgoing spam
High availability
Lowest costs possible

We chose for a KeepAlived, HAProxy, NGinx setup based upon a cluster of KVM nodes. The backend servers all used memcached and imapproxy. Outgoing filtering was done by Postfix with Amavisd, Spamassassin, ClamAV, etc, with a failover configuration. We designed the platform in a matter that we could take a physical node, shut it down for maintenance en have no customer impact whatsover.

Volunteering

Search team member / Biker

Stichting Veteranan Search Team 2019-Present

The Veteran Search Team supports the police in the event of a missing person. Here we combine the strength and knowledge of veterans and other uniformed personnel. Distinctiveness lies in maintaining discipline, respect for the cause and the urge to participate among the volunteers.