Download PDF

Sergej Alikov

sergej.alikov@gmail.com
+44 7490 693608

Hi!

I consider myself a “full-stack IT geek”. For more than two decades I have been constantly improving my expertise both in automation, software development and systems/network design and management. This set of skills enables me to find optimal solutions to complex IT problems.

For the past few years I've been heavily involved in all stages of the software product development lifecycle, managing development infrastructure and deployment environments (AWS EKS and ECS).

Highlights

Rich experience with a wide range of automation, configuration management, and provisioning tools (Terraform, CloudFormation, AWS CDK, GitLab CI, Jenkins, Concourse CI, Bash, Puppet, Ansible, Foreman/Katello), in-depth understanding of cloud platforms (AWS, Kubernetes, OpenStack), event/metric data collection (Prometheus, Loki, Elasticsearch, Logstash, Kibana, InfluxDB, Grafana, Telegraf, collectd) and processing (RIEMANN) systems, virtualization and containerization technologies (Podman, Docker, KVM, VirtualBox).
AWS Certified Solutions Architect - Associate (score: 940/1000)
Red Hat Certified System Administrator 160-204-715, Red Hat Certified Engineer 160-204-715
Excellent software development skills (Python) and knowledge of the version control systems (Git, Perforce). Able to read and modify programs in other languages (Java, JS, Golang, Groovy, Kotlin, C, PHP, etc.). I am passionate about the functional programming, and using Clojure for some of my personal projects.
Good problem solving and analytical skills.
Thorough understanding of the internals and working principles of operating systems and computer networking.
Many years of work experience with the network equipment and technologies from the different vendors (Cisco, HP, ZTE).
Extensive knowledge about common application layer network protocols. Significant experience in secure and RFC-compliant configuration of various Internet services (SMTP, DNS, DHCP and others) using the best practices.
Database administration and tuning experience (PostgreSQL, Sybase, and MySQL), workload-specific hardware/OS tuning and architecture design, SQL query optimization.

Open source projects

automated.sh (https://github.com/node13h/automated) - Remote execution framework for Bash scripts with an extensive set of features. Alternative to Ansible and Puppet Bolt.
grafana-dashboards (https://github.com/node13h/grafana-dashboards) - Grafana dashboards as code (Jsonnet).
libvirt-instance (https://github.com/node13h/libvirt-instance) - VM provisioning tool.
shelter.sh (https://github.com/node13h/shelter) - Shell-based testing framework.
trail (https://github.com/node13h/trail) - IP address history management API written in Clojure with a BDD test suite.

Professional experience milestones

2020 (current) | Security Cleared Senior DevSecOps Engineer at General System, UK

Designed release and distribution system for multi-component products. Implemented well-documented tooling and web UI for it.
Simplified software versioning and release processes.
Improving, documenting, and automating software test/build/release/package/publish processes using CI (GitLab) pipelines for multi-language (Python, Rust, Node.js, Go, Ruby) product components. Ensuring all released software has passed security, static code analysis (Trivy, GitLab DAST/SAST), and got sufficient code coverage (Sonarqube).
Developing Helm charts for automated software deployments to multiple Kubernetes (AWS EKS) clusters.
Managing AWS cloud infrastructure using Infrastructure as code (Terraform, CloudFormation, Atlantis). Cloud costs control and reduction (Skeddly, Vantage). Performing EKS cluster upgrades and troubleshooting.
Reviewing code, providing guidance, support, and advice to developers on best practices, cloud infrastructure cost efficiency, scalability, and security.
Implemented centralised log, metric, and trace collection, monitoring dashboards, alerting (Loki, Prometheus, Tempo, Grafana, Robusta), synthetic monitoring (CloudWatch Synthetics Canaries).
Creating playbooks for on-call rotas.
Performance-tuning systems for tests and benchmarking.

2018 | Senior DevOps Engineer at GeoSpock Ltd, UK

Ownership and developent of Infrastructure as code (Terraform/CloudFormation) for the AWS-based product.
Product release framework design and implementation.
Migration of a large and complex set of Terraform configurations and related tooling from HCL1 to HCL2.
Prototyping of the product components migration to Kubernetes.
Automating manual processes.
Maintenance and development of the CI and cloud infrastructure used by QA and developer teams.

2017 | Senior DevOps Engineer at Nokia, UK

Design and prototyping of automated solutions to provision complex environments for our software on AWS, OpenStack (Terraform) and bare-metal (Ironic).
Technical lead on the project aimed at replacing the custom in-house software configuration and deployment tool with Puppet and Terraform.
Development of GitLab CI pipelines for testing the infrastructure automation and configuration management code.

2016 | DevOps Engineer at Nokia (formerly Alcatel-Lucent), UK

Key member of the team responsible for automating the product migration from the custom-built Linux distribution to Enterprise Linux in the remote unmanned locations.
Developed the Ceph OSD hardware modeling tool.
Release process design and automation using Jenkins and Foreman/Katello.
Development of the Ansible roles and playbooks for the automated provisioning of the server systems.
Improvement of the build/CI pipelines.
Technical lead on the team responsible for automating the deployment of the product builds on the OpenStack.

2015 | NOC Engineer at Alcatel-Lucent, UK

First and second level of support for the Velocix customer CDN networks. Monitoring and maintenance of the Linux-based CDN nodes. Traffic data and trend analytics.
Introduced the Elasticsearch/Logstash/Kibana stack to enable the quicker log analysis and report generation.

2014 | Senior system administrator at INIT Corporation, Lithuania

Team lead responsible for the migration of the core network to the Cisco ASR9000 platform. Post-migration support and maintenance.
Conversion of the large parts of heterogeneous production network from PVST and RSTP to MSTP with minimal impact on service.
Puppet infrastructure setup, module development, and automation of the both new and existing servers.
Built the ELK stack for NetFlow data collection from the network equipment. Data is used to detect and blackhole the DDoS attacks.

2007 | Senior system administrator at INIT Corporation (formerly Vinita), Lithuania

Member of the team responsible for building the small Tier 3 data center. 19" rack design and component selection (Rittal).
Multicast video distribution network design and implementation using the Cisco equipment.
GPON-based network design (architecture and provisioning) and implementation using the ZTE OLT. Development of the IP lease history registry and REST query API for that registry.
Site-to-site VPN implementation using Cisco ASA security appliances.
Tuning and administration of the Sybase ASE database server.
Virtualization cluster deployment using the KVM and the OCFS2-based shared storage. Migration of the majority of the company’s physical servers to the virtual machines.
Adding the IPv6 support to network, IPv6 BGP configuration (basic)

2001 | System administrator at Vinita, Lithuania

Network administration and security on the various hardware and software platforms, including a wide range of Cisco equipment, Linux, and FreeBSD. Work with the static routing, various flavors of STP, firewalling. A brief experience with BGP and OSPF.
Management of the 20K subscriber DOCSIS network based on the Cisco CMTS'es (from uBR7112 to uBR10K).
Small Active Directory domain deployment and long-term maintenance with the extensive use of the Group Policy.
Development of various monitoring and management web applications using PHP/MySQL. Some low-level network utility programming using the C language.