Resume
Maksim Kramarenko’s Curriculum Vitae
Email\Skype: [email protected] Telegram: Maksim LinkedIn: Maksim Kramarenko
When you do nоt focus on just one technology, your CV becomes a mishmash. It needs more and more tailoring for particular offers. This is an attempt to write a generic CV that reflects all my career ways. So, I have a very broad IT skillset. Let me describe it.
I am working with many services and systems, that is why I sometimes need to refresh knowledge and re-read the documentation.
A few of my credos are:
- systems which troubleshoot easily are systems which well-documented
- design and implement of the simplest solution, as simple as it is possible (in other words: grow complexity system then grow the complex trouble and fixing time)
- Automate any (all kinds of) routine!
What I can do
Certified RHCE engineer with 13+ years of experience in the IT industry. Strong Linux and Microsoft administration skills, Networking Knowledge, Virtualization, and systems automation with Python, Shell scripting, and Ansible. Skilled problem identifier and troubleshooter systems in a range of IT environments. Ability to design and implement IT solutions.
Qualifications Summary
- Highly motivated individual with the ability to learn new technologies
- Certified RHCSA/RHCE (ID 200-027-068)
- Certified MicroFocus NNMi Administrator
- Certified Python for Network Engineers developer
- 13+ years of experience in the IT industry from small businesses to international enterprise companies.
- 12+ years self-educated Microsoft Windows Administration (MCSA-level)
- 11+ years Administration/Technical Support/Troubleshooting Enterprise Environments
- 10+ years Datacenter, Compute, Network Virtualization (VCP-level)
- 10+ Network monitoring and Management Center Systems (NOC) Support/Design/Modernisation
- 8+ years Enterprise Networking operations and support (CCNP RS-level)
- 8+ years Backup and Disaster Recovery solutions
- 8+ years combined Helpdesk Support
- 8+ years Storage systems (SAN and NAS) Design/Deploy/Modernisation (NCDA-level)
- 3+ years of automation systems with shell, Python, Ansible
Systems administration and analytics
General
Mostly, I can do and I keep doing it every day or almost every day:
- Analyze business requirements, and design and develop system architecture and specifications
- Develop and conduct design verification simulations and lab and on-site tests of components, perform security and quality controls
- Supervise, inspect and provide design support during the manufacturing, installation, and acceptance of systems
- Assess, document and optimize the capacity and performance of information and communication systems
- Develop policies and procedures for application and database access, testing and usage, for the backup and recovery of data.
- Perform data backups and disaster recovery operations
- Write scripts to automate routine tasks
- Coordinate teams of engineers, technicians, and drafters in the design and development of computer and telecommunications hardware
- Develop and implement best practices to improve service availability
- Maintain, troubleshoot, repair and administer local area networks (LANs), wide area networks (WANs), datacenter networks, computer workstations and servers, connections to the Internet and peripheral equipment
- Evaluate, install, maintain, troubleshoot and upgrade\update computer and networking hardware, networking software, operating system software, and software applications
- Implement performance and security monitoring systems, estimate and optimize server, storage and network performance
- Control and monitor software usage and installations
- Identify, report, track and propose solutions to product defects
- Reproduce, diagnose and resolve technical problems encountered by users
- Provide advice and training to users in response to identified difficulties
- Collect, organize and maintain a problems and solutions log for use by vendor’s technical support analysts
Currently, I am working with the next hardware vendors HP\HPE, NetApp, Brocade, and Cisco. I have experienced in IBM, Dell, EMC (a little), and some Russian vendor hardware equipment as well.
UNIX\Linux
I have certified as a RHCSA and RHCE. Certification ID 200-027-068.
Strong experience with different rpm and deb-package distributives, such us: RHEL/CentOS/Scientific/SLES/etc.., Debian/Ubuntu and FreeBSD a little.
Design, configure, deploy and maintain such kind of services us: SMB\CIFS, NFS, iSCSI, Postfix, Exim, Sendmail, NTP, Squid, DHCP, SSH, Syslog, Netfilter/iptables/ufw/firewalld, CUPS (a little), Apache, Lighttpd, Ansible.
I can integrate Linux to Microsoft AD infrastructure with DNS, NFS, SMB\CIFS, ssh services.
Can perform the usual tasks: install packages, configure services, add users, performance troubleshooting, configure network and system parameters.
I write shell scripts routinely.
Perform management of Ansible to automate VMs, Virtualization hosts, network equipment.
Microsoft
13+ years working with different Microsoft Windows operating systems (from XP till 10 and from 2000 till 2019 Server). I am self-educated on Microsoft products.
Design, configure, deploy and maintain such king of services like NTP, DNS, DHCP, Active Directory, Group Policies, IIS, SMB\CIFS, DFS, WSUS, Windows Terminal Server.
Virtualization
Work with the VMware vSphere\ESX, VirtualBox and Hyper-V. Most of all it is Vmware products.
Design, Configure, Deploy and Maintain several virtual datacenters, which contain 2-4 rack-server hosts with each a few dozen high loaded VMs, vCenter, HA, vDS, VDP (with host-off backup solutions), DFS, Resource pools and so on. Made OVA\OVFs for VMware and VirtualBox, used VMware OVF fields for appliance configuration.
I am familiar with Cloud architecture but have just lab experience with it since currently, I am working in Industrial isolated systems.
Backup solutions
I can design, deploy and maintain backup solutions. I work with Symantec\Veritas Netbackup and Veeam (a little) for file-based, Vmware-based, FC-storage solutions-based to make Application-consistency backups. Write many automation backup scripts with bash, cmd, PowerShell.
I am good at many kinds of backup technic, like file-based, Snapshots, Tape, D2D backups and known methods on how to lowering Recovery Point Objective (RPO) and Recovery Time Objective (RTO) parameters. I understand the differences between application-consistent, crash-consistent backups.
Antivirus
I made design, install and maintain Dr.Web Security Suite, NOD32 Smart Security business edition, Kaspersky endpoint security.
Databases knowledge
In general, I can do most of database administration tasks:
- Installing and upgrading the database server and application tools
- Allocating system storage and planning storage requirements for the database system and application
- Planning for backup and recovery of database information to prevent data loss
- Ensure that databases operate efficiently and without error
- Maintain databases and update permissions
- Merge old databases into the new ones
- Create a simple database schema
- Perform simple SQL queries against a database
Experienced in MySQL\MariaDB, Sybase\SAP ASE and IQ, MSSQL and PostgreSQL.
Networking
General networking
Assess, design and deploy small and medium-size networks to match business requirements, including build IP-address plans, choose physical media, protocols, etc. Able to determine and predict the future of the network needs by analyzing current data traffic and estimating how growth will affect the network.
Can diagnose network problems, use standard and advanced tools (traceroute, Nmap, Netcat, whois, dig, etc.), make and interpret traffic dumps with tcpdump/Wireshark.
Worked with many kinds of vendors, like Cisco (IOS, NX-OS, IOS XR), ProCurve\3COM, D-Link, Brocade FC switches, Linux-based (such us OpenWRT), OTN System Network equipment and Management systems: OTN150\OTN-X3M SDH networks. I have experience with dual-stack setups.
I am familiar with SCS design, installation, and maintenance. Worked with Panduit, Hyperline copper and optical SCS.
Telecom and IT Network Management Systems
I am highly skilled in NMS. For the last 8 years (from 2012) one of my main responsibility has been building, Design, deploy and maintain telecom Network Management Systems.
I am skilled in most network management protocols and features such as SNMP, Syslog, RMON, NetFlow.
One of my favorite enterprise NMS product which I have, a lot of experience in is Microfocus NNMi (formerly HP OpenView) with different iSPIs: MPLS, Metrics, Traffic, QA for different scale: from 300 to 4000 network nodes with more 100 000 sensors, different configurations from Standalone to Application Failover.
Besides, I have already experienced in such kinds of NMS services: MRTG\PRTG, cacti, Nagios, Solarwinds, Manageengine products and Cisco PI (a little) as well.
Switched networks
Build networks with 802.1q VLANs, link aggregation. I can setup spanning tree protocols when I have to (I prefer link aggregation whenever the topology allows).
Familiar with L2 security features such as private VLAN and MAC address policies.
I have experience with the optical network infrastructure like DWDM.
Routed networks
I am good at static routing principles, routed protocols (a little): EIGRP, OSPF, BGP, RIPv2. In most cases for network diagnostics.
Used multiple VPN protocols and scenarios including IPsec, OpenVPN in site-to-site and client-server modes, L2TP/IPsec and PPTP for remote users.
Security
I estimate my security knowledge in the upper-average level.
I am experienced in the servers hardening methods for each kind of operating systems Windows and Linux. Hardening of this king of service Active Directory, Vmware, Databases and Network devices I have experienced also. I am good at basic cybersecurity principles: password requirements, timely testing and installing updates and patches, backing up and restoring, firewalling network connections, virus protections, Authentication, authorization and accounting, test environment.
I am familiar with Federal Service for Technical and Export Control (FSTEC), NIST and ISA-99 security standards to securing PCN (Process Control Networks).
Storages, Network Storages and Tapes
I work with NetApp FAS-series products in different configurations. Design, deploy, and maintain these king of configurations: standalone HA pair as well as Clustered storage, both 7-mode and CDOT versions. I am good at all kinds of storage protocols SAN and NAS: NFS, CIFS, iSCSI, FC, FCoE.
I am skilled in NetApp storage efficiency technologies: deduplication, thin\thick provisioning, Snapshots, Flash and data protection solutions: RAID-DP\TEC, SnapMirror, SnapVault, NDMP. I’m familiar with 7-mode and CDOT.
Worked with HP EVAP6300 as a SAN (FC) Storage for Windows Server and Vmware hosts.
I have designed, installed and managed Brocade (HP) Fibre Channel Storage Area Network switches in dual switched Fabric configurations with NetApp and HP EVA Storages and point-to-point Fibre Channel between servers and FC devices (Tape drive\robot).
Telephony
I have experienced in installation a single PBX Panasonic KX-TDA for 100 users with PSTN external lines, route calling internal and external subscribers.
Cloud
Last 7+ years I worked with the disconnected and on-premise only Enterprise environments. I experienced with Cloud (mostly AWS) only as a Lab and test deployments.
I am really motivated to find real experience in Cloud.
Programming and System Automation Skills
For the last 3 years, I am learning hard the Python programming language. I use Python in my routine automation tasks and network management and automation.
I am also familiar with the basics of next set of programming languages.
I have skilled in Web, like HTML, CSS, and PHP. Deployed and Maintained Websites, built on WordPress, Joomla CMSs. Fixed problems and optimized performance by modifying code.
Can read, understand and fix some problems: Perl, PHP.
I am highly skilled in the shell and command-line scripting for automation routine operations and management systems. Bash, PowerShell, cmd.
Where I worked
JSC Caspian Pipeline Consortium-R, http://www.cpc.ru, 2012 – Present
Full-time Telecommunications Engineer. CPC is the large international oil transportation project.
Key duties: Conducted the Expansion Project of SCADA, Industrial Network, Virtual Datacenter, and NMS. Controlled, consulted, and supervised subcontractor’s drawings, design, construction, acceptance tests, and commissioning. Perform farther servicing and maintenance of implemented solutions to match 99.97% uptime.
Key Contributions
- Optimized server infrastructure by VMware vSphere virtualization services. More than 20 Bare Metal servers were virtualized therefore optimized and reduced consumption of power, rack space, and ambient temperature.
- Accurately processed upgrade of operating systems from Windows Server 2008R2 to the 2016\2019 with minimal service downtime. Services and Databases were migrated to the new OS.
- Designed and maintained installation and configuration of different NMS systems: Microfocus NNMi (formerly HP Openview) with iSPI plugins on the industrial network. Cacti with Weathermap on the video-streaming network. It improved proactive monitoring of the network health and allowed to resolve performance incidents fast.
- Increased team productivity and automated repetitive tasks by implementing the Failover Application configuration of Microfocus NNMi between 2 geographically dispersed standalone NNMi instances.
- Reengineered the backup solution to decrease RTO and RPO from a few hours and days to minutes by replacing NetBackup agent-based backups to NetApp SMVI, snapshot, and SnapVault. Implemented application-consistent backups. Reduce backup and patches testing time with NetApp FlexClone and VMware functionality.
- Optimized backup storage space by migration from FC Storage HP EVA to NetApp NFS and implemented storage efficiency solutions (dedup, compression, snapshots).
- Increased team productivity by implementing Ansible as a network automation and configuration management system, wrote shell and python scripts.
- Conducted developing a learning course to educate new and current employees. It increased the team’s understanding of maintenance processes, Network solutions, and protocols implemented by the Expansion Project.
I have a good experience with project management of this job, but I prefer to avoid the administrative role and to remain in a technical area.
LLC SAG, http://sagcompany.com, Trade company, Full-time System Administrator, 2010-2012
Key duties: Managed and maintained a middle-size headquarters office with some remote warehouses with about 50 desktop and laptop workstations, a few dozen servers, and routers, plus about a few tens of branches with remote access laptops. Kept the network and the workstations running, provided technical support to network clients, and performed hardware installations/repairs.
Key Contributions
- Transferred some of the accounting application services from Microsoft to the Linux platform to save the cost of IT infrastructure and save budget.
- Increased fault tolerance and service availability by implementing core network redundancy and bonded ethernet channels.
- Increased security by implementing solutions: encrypted VPN for branches, web proxy (Squid) with authentication and authorization internet access users and block not safe for work websites. Services NFS, Squid, and SAMBA were integrated into the Active Directory Kerberos infrastructure.
- Installed redundant servers and Vmware Virtualization to improve service availability.
LLC «Na Kubani.ru», https://otdih.nakubani.ru, Mass media, and PR-company, Remote system administrator, 2009 — 2012
Key duties: Managed company network, servers, workstations, and PBX. Provided support to staff, fixed cabling, and performed hardware installations/repairs.
Key Contributions
- Installed stacked core network switches to improve availability and performance network.
- Designed and installed a Linux-based router, firewall, and proxy server to improve security.
- Improved availability of DMZ services for WAN clients by implementing 2 external links from different ISP and source-based policy routing.
KGU “Kubanlitstorg-control”, (Government Department of Consumer Sphere and Regulation of the Alcohol Market Krasnodar Region), Specialist of IT department, 2007 – 2010
Key duties: Did not break anything, kept the network running, and provided support to employees. Maintained services: Firebird SQL, MS SQL Server, Active Directory, remote access PPTP server, and web-proxy.
Languages
English, Russian (native)
Education and training
- Course “Full-stack Python web-developer”, SkillFactory
- Course “Cisco ACI sprint. From beginner to deep drive in 5 days”, Cisco Systems, April 2020
- Certification “Red Hat Certified Engineer“, Feb 21, 2020
- Certification “Red Hat Certified System Administrator“, Jan 31, 2020
- Course “Red Hat System Administration III: Data Center Services for RHEL 7”, Fast Lane Education Center, January 2020
- Certification “Python for Network Engineers“, March 2019
- Course “Python for Network Engineers” by Natasha Samoylenko, March 2019
- Course “Python Programming. Level 2. Advanced”, Computer Training Center «Specialist» at Bauman Moscow State Technical University (Bauman MSTU), March 2019
- Course “Programming with Python. Level 1. Basics”, Computer Training Center «Specialist» at Bauman Moscow State Technical University (Bauman MSTU), February 2019
- Course “ONTAP 9.3 Cluster Administration (ONTAP9ADM) and ONTAP 9.3 Data Protection Administration (DATAPROT9)”, Fast Lane Education Center, April 2018
- Course “NNMI200 – Network Node Manager i Software 10.x Advanced”, HP Education Center, November 2017
- Course “Microsoft Workshop Performance Monitoring Windows Server”, Microsoft, October 2017
- Course “VVNA VMware vSphere on NetApp”, Fast Lane Education Center, May 2017
- Course “OTN-X3M for Service Engineers”, Training Center OTN Systems at Belgium, April 2017
- Course “ICND1, ICND2”, Computer Training Center «Specialist» at Bauman Moscow State Technical University (Bauman MSTU), July 2016
- Course “SISAS Implementing Cisco Secure Access Solutions”, Fast Lane Education Center, July 2015
- Course “DCNX5K Configuring Cisco Nexus 5000 Switches”, Fast Lane Education Center, May 2015
- Course “Implementing Cisco Secure Access Control System (ACS) Version 5.2 (ACS)”, Fast Lane Education Center, May 2015
- Course “IPS [Implementing Cisco Intrusion Prevention System]”, Fast Lane Education Center, April 2015
- Course “ROUTE Implementing Cisco IP Routing”, Fast Lane Education Center, December 2014
- Course “SWITCH Implementing Cisco IP Switched Networks”, Fast Lane Education Center, September 2014
- Course “NNMI120 – Network Node Manager i Software 9.x Essentials”, HP Education Center, September 2014
- Course “VMware vCenter Configuration Manager for Virtual Infrastructure Management [V5.X] and vCOps VMware vCenter Operations Manager: Analyze and Predict”, Microinform Education Center, March 2014
- Course “NetApp ANCDABC87 (Accelerated NCDA Boot Camp Data ONTAP 7-Mode)”, Fast Lane Education Center, September 2013
- Course “NetApp D7ADM (Data ONTAP 8.1 7-Mode Administration)”, Fast Lane Education Center, July 2013
- Course “UNIX (Linux/FreeBSD). Interaction with Cisco Systems networking equipment”, Computer Training Center «Specialist» at Bauman Moscow State Technical University (Bauman MSTU), 2011
- Course “UNIX (Linux/FreeBSD). UNIX-based systems as servers on the Internet”, Computer Training Center «Specialist» at Bauman Moscow State Technical University (Bauman MSTU), 2010
- Course “Linux. Basic Administration and Security”, Computer Training Center «Specialist» at Bauman Moscow State Technical University (Bauman MSTU), 2010
- Specialist’s degree (5 years), Systems Security Engineering, Kuban Information Security Institute, / Krasnodar military institute named for Army General S.M.Shtemenko», Krasnodar. 2003-2008
Personal qualities
Resolute, assiduous, ambitious. Permanent self-education and professional development. Ability to reasonably defend my point of view and find compromises. Problem solver and critical thinker. Able to work under pressure. Reliable team member.
References
Oleg Poltoratskii, CTO, LLC «Na Kubani.ru», [email protected]