Nicholas P. Bernstein

nick@nicholasbernstein.com

http://nicholasbernstein.com

 

 

Education:

Ubuntu Certified Trainer   #19 (2nd in US)                3/09

Ubuntu Certified Professional                               3/09

Linux Professional Institute Level 1 certified          2/09

Netapp Certified Technical Instructor                     6/08

@stake Application Security Principles                              7/03

@stake Cyberattacks & countermeasures                       7/03

Sun Admin II Course Certification                                          3/99

Worchester Polytechnic Institute                                          3/99

Sun Enterprise Certified Reseller                                           1/99

Sun Workgroup Certified Reseller                                          1/99

Marblehead High School                                        6/97

 

Skills:

 

Programming/ Scripting: Perl, PHP, Shell, c#

Operating Systems: Linux, Solaris, *BSD, AIX, Mac OS, Windows, Data Ontap

Apps: postfix, mysql, apache, bind, sendmail, samba, nfs, nis, tomcat, hylafax,ldap, Active Directory, Exchange, IIS

Security: Nessus, Snort, ISS, Antisniff, COPS, Tripwire, ISS/CISCO/Sourefiere IDS

Devices: Foundry, Netapp, Cisco

 

Speaking Engagements:

 

Unix User Association of Southern California Speaker: 

       "Network Security Audits: Nessus",  Oakley Inc, One Icon, Foothill Ranch,  Nov 10, 2003

       "OSS IDS: Using Snort/Acid/Mysql", Sun Microsystems, El Segundo, Jul 8, 2004

 

Experience:

 

Technical Instructor:

 

One of the top-ranked technical instructors working with Fastlane.Courses taught include:

       Data Ontap Fundamentals

       Advanced SAN

       Advanced NFS

       Advanced CIFS

       Data Protection & Retention

       Netapp NCDA Bootcamp

       Fundamentals of (netapp) Performance Analysis.

       Ubuntu Certified Professional – was chosen by canonical inc. to teach course pilot.

 

Service Administrator, Microsoft Business Services Operations (formerly Frontbridge Inc):

 

Microsoft Business Services Operations is the operations and hosted services wing of Microsoft. We supported Microsoft Exchange Hosted Services (frontbridge) which provides hosted antivirus/antispam email filtering for corporate customers.

 

       One of only two Unix Admins brought up after acquisition of Frontbridge

       Managed LA->Redmond Datacenter Migration

       Managed rollout & Deployed New Server classes across global network

       Built initial staging environment

       One of two Operations Members responsible for 24x7 administration & maintenance of network for six months

       Administered a global, multi-datacenter network consisting of mailservers(postfix+), nameservers(bind), database servers(mysql/sql server), netapps, foundry serverirons

       Wrote various perl scripts / php scripts like:

o    Identifying & deleting/quarantining spam/virus outbreaks on the fly

o    Webpages showing config file versions/anomalies

o    Installations scripts for daily changes

o    Package Management

o    Emergency feature additions to mitigate high priority customer impacting events

       Acted as security point person

o    Nessus security audit

o    Snort NIDS/ISS NIDS

o    Member of Frontbridge Attack Team

o    NIDS/NIPS Eval/Rollout

       Worked with WebRT/Product Studio change management process

       Installed / Deployed hundreds of hosts

       Responsible for responding to high priority customer impacting events

       Responsible for working with dev to identify bugs & create workarounds

       Point person for deploying webapps/web related applications

       Setup linux LDAP authentication

       Wrote multiple design documents for systems & features

       Contributed to release specs

       Created Service troubleshooting guides

       Created Standard Operating Procedures and automated SOP tasks.

       Wrote C# Server Iron Configuration tool  

o    Generated real & virtual server entires

o    Dynamically created hosts file entries

o    Dynamically created Monitoring configurations

o    SQL inserts for central management database

 

 

Unix Systems Administrator, Document Systems Inc. (11/02 – 11/2005):

 

I was the sole unix administrator at Document Systems, Inc., the largest loan document production company in the U.S. providing auto-generated Loan/Mortgage for realeastate agencies & banks.

       Designed an extensive RedHat kickstart rapid installation system, which duplicates any system w/ 45 minutes start to finish. 

       Tied down unix systems chrooting applicable services, migrating away from r* tools to ssh, installing tripwire, local and remote logging tightening down on user permissions, 

       Implemented a network monitoring system using nagios. The system provides real-time alerts by email & sms phone messages for any service that goes down. In addition, it provides statistics regarding service uptime. 

       Implemented a hylafax fax server, and wrote an perl email->fax gateway which received information regarding destination, subject, etc and inline raw PCL (HP's printer control language), pdf, gif, jpeg, and postscript converted fax image to tiff and passed the file to hylafax for faxing. 

       Implemented OpenMosix Linux Cluster (Testing Purposes Only)

       Implemented Linux High Availability using drbd and heartbeat. The system would monitor service and respond to them on a virtual ip. In the case that the primary system went down the secondary system would take over the service and be started within 10 seconds.  (Ran in test nework)

       Implemented jakarta-tomcat using apache 2.0 as a front end w/ mod_jk connectors to replace sun iplanet servers. By replacing iplanet and switching from Sun's Java to IBM java 's implementation, we were able to reduce average response time to ¼ the original time.

       Implemented an openbsd based postfix/spamassin email gateway to stand inbetween internal MS exchange server and outside world. 

       Audited network both internally & externally using nessus and other various security tools monthly. 

       Implemented a bugzilla bug reporting system.

       Internal secure jabber server with company wide user lists & conferencing rooms as well as message logging.

       General administration of apache, iplanet, postfix, nfs, rsync, backupexec and all of the standard daily administration tasks including utilities like web-based log viewers.

       Implemented chkrootkit on all linux servers.

       Implemented SNORT/ACID custom IDS system

 

Torch Concepts (Formerly Innoverity, Inc.): Systems  & Network Admin,( 9/2000-5/2001 )

 

Torch Concepts is a Software development firm where I worked as the Systems & Network Admin. The environment consisted of different flavors of UNIX: Solaris, Linux (RH, SuSE, Debian), and FreeBSD as well as MacOS 9 & X and Windows 95-2k and NT.

 

Belenos, Inc.: Systems & Network Engineer,( 7/1999-8/2000 )

 

At Belenos, I worked as a UNIX Systems and Network Administrator contracting on many smaller clients.

I was responsible for all level three technical support calls at Network Plus, a Boston Based Level 2 ISP with several thousand users, and one of our main clients.