Neil H. Watson
- Consultant, architect and leader.
- Senior (SAGE Level IV) UNIX/Linux system administrator with over 20 years of experience in manufacturing, service hosting, software development, telecommunication, and high finance.
- Designs and builds forward thinking solutions that are scalable, durable, and easy to maintain.
- Recognized expert in configuration management and contributor to the open source and commercial product CFEngine (member of the CFEngine Community Advisory Board)
Sr. Linux Consultant AMD June 2012 - Present
- Designed a CFEngine solution for over 10,000 hosts.
- Migrated from CFEngine 2 to Cfegnine 3.
- Support host provisioning using Satellite, Kickstart, and CFEngine.
- Working with: Perl, VMware, RHEL, Redmine, Git
Sr. Partner, Architecture and Infrastructure. Evolve Thinking July 2012 - Present
- Company co-founder.
- Support client AWS EC2 and RDS (MySQL) instances including patching, upgrading, and resizing.
- Creator of Delta Hardening, EFL, and Delta Reporting open source products.
- Consult and train as subject matter expert on CFEngine.
- Recently working with: Debian, RHEL, Systemd, Serverspec, Mojolicious, Perl, KVM, Postgresql, IPV6
UNIX/Linux Consultant Self Employed July 2005 - Present
- Linux and UNIX infrastructure design and management.
- Advanced provisioning and automation using Satellite, Kickstart, and CFEngine.
- Security strategy, hardening, and remediation.
- Recently Working with: Debian, RHEL, KVM, Perl, Subversion, Git.
CFEngine Implementation Specialist CFEngine Contract, June 2011 - April 2012
- Hand picked by senior CFEngine management to provide professional services to their largest customer, one of world’s largest financial institutions.
- Designed infrastructure and CFEngine policy to scale to 30,000 hosts in a mixed Linux, Solaris, and AIX environment.
- Designed automated CFEngine policy QA testing procedures.
- Wrote CFEngine 3 training documentation.
- Used CFEngine Nova to replace legacy infrastructures including Cobbler, Opsware, and Tripwire.
System Administrator Symcor Contract, May 2009 - May 2011
- 2000+ Red Hat, Suse, Fedora, AIX and Solaris servers.
- Evaluate and beta test Red Hat Enterprise Virtualization.
- Affected change in Red Hat’s RHEV while working closely with Red Hat management and engineering teams.
- Designed and deployed automated configuration management service, using CFEngine 3, to satisfy security auditor reporting needs. This solution scaled beyond reporting to solve issues impacting production and regular maintenance activities.
- Clustered production high volume statement printing service. Worked closely with vendors and business sponsors throughout the life of the project.
- Deployed auditor approved enterprise password repository.
- Mentor junior team members.
- Worked With: Cisco UCS, TSM, Kickstart, Subversion (SVN), NFS, Samba,
- Red Hat Satellite, RHEL, iSCSI, multipathd, Solaris 10, AIX, SLES,
- RHEV, Make, Heartbeat 2, LVM, LDAP, Infoprint, E-DMZ, Iozone, Iperf.
UNIX Systems Specialist eHealth Ontario Contract, July 2008 - October 2008
- 1000+ Solaris and Linux servers.
- UNIX and Linux subject matter expert.
- Built prototype high volume cluster applications serving critical medical information.
- Hardening hosts to government and security industry best practices.
- Planned and executed Solaris patching.
- Collaborated with DBA and support teams to provide the best possible services and solutions.
- Repaired and upgraded SUN and HP chassis.
- Worked with: Solaris zones, Jumpstart, Patch Check Advanced, Websphere, Oracle RAC.
System Administrator and Security Specialist IBM, Managed Security Services Contract, October 2007 - July 2008
- Managed encrypted e-mail services for North American telco carriers in a 24/7, highly available environment.
- Executed security audits.
- Executed operating system and application hardening.
- Planned and executed service maintenance windows.
- Mentored junior team members.
- Worked with: IBM chassis, Postfix, Sendmail, Tomcat, Jboss, Pound, LDAP, Oracle, Nagios, OpenNMS, VMware ESX, Red Hat, RHEL 4.
System Administrator Dundee Securities January 2006 - October 2007
- 400+ physical and VMware ESX virtual servers in a mixed Red Hat Linux and Windows.
- Lead Linux Administrator.
- Lead Technical Architect.
- Managed and expanded one of the largest VMware ESX installations in Canada.
- Reduced support requests to senior staff by implementing monitoring and configuration management services.
- Reduced security compliance resources by implementing a configuration management service.
- Planned and moved the entire Linux environment, with zero downtime, during a 44 million dollar data centre move.
- Improved service performance and reliability through investigation and root cause analysis.
- Improved database reliability by building a cluster.
- Created a disaster recovery plan for the entire Linux environment.
- Consulted on disaster recovery plan for the entire IT infrastructure.
- Improved inter department co-operation by initiating consulting and collaboration meetings.
- Mentored junior team members.
- Worked with: HP chassis, CFEngine 2, RHEL, Red Hat Cluster Suite,
- VMware ESX, Tomcat, Apache, NFS, HP Openview NMS and OVO, Perl, Commvault, CVS, Subversion, DB2, HP EVA SAN, Qlogic HBA’s.
System Administrator Voicegenie Technologies October 2000 - January 2006
- 150+ Linux (Red Hat and Debian), Windows and Solaris servers.
- Lead UNIX administrator.
- Honoured as VoiceGenie’s most dedicated engineer at annual team
- building event.
- Continuously did more with less to help this dot-com startup thrive during and after the dot-bomb bubble.
- Provided superior services and support to allow VoiceGenie to have continuous growth for 6 consecutive quarters in the highly competitive voice technology industry.
- Provided 24/7 tier 2 customer service to demanding telecommunication carrier companies world wide.
- Improved the marketing department’s ability to reach potential customers by designing and building email and web services.
- Mentored product architects on Linux kernel building and maintenance.
- Mentored university co-ops on technologies and system administration.
- Increased product and infrastructure performance by deploying version 2.6 of the Linux kernel.
- Introduced intrusion detection, encryption, isolated networks and other security policies and procedures.
- Authored instructional documentation for both employee and customer use.
- Authored IT security policy.
- Performed security testing and forensic investigations.
- Created disaster recovery servers and policies.
- Planned, managed, and executed all hardware and software deployments in a mission critical, high availability environment.
- Designed and built Linux based routers and firewalls.
- Worked with: Sendmail, CISCO 2600, IOS, Nortel Baystack, SCO Openserver and UNIXWARE, Red Hat Advanced Server, Debian Linux, Gentoo Linux, Solaris, MySQL, Oracle, Request Tracker, VMware Workstation and GSX Server, Bind, Snort, Samba, NFS, Perl, PHP, Big Brother, Exchange, Tomcat, VoiceXML, VMware.
System Administrator/CAD Designer F&K Manufacturing June 1994 - September 2000
- Designed and built the company’s first Ethernet network.
- Designed and built the company’s first wireless LAN solution to connect separate plant buildings.
- Created the company’s first EDI data exchange with automotive supply chain customers to allow faster MRP planning.
- Created the company’s first Internet connection using Linux to allow electronic collaboration and data sharing with customers and vendors.
- Team lead, implementation of Syspro Encore Materials Resource Planning system.
- Authored policies and procedures to ensure initial and continuing ISO 9002 compliance.
- Controlled drawings and documents, company wide, according to ISO 9002 standards.
- Participated in customer hosted continuous improvement councils.
- Designed production progressive stamping dies.
- Planned and scheduled the building of new dies to meet the demanding
- deadlines of the automotive industry with budgets in excess of $100,000.
- Worked with: Samba, Iptables, Netware, Windows NT, Red Hat and Caldera Linux, SCO UNIX Openserver, Syspro Encore, AutoCAD, Accpac.
- Electronic Engineering Technician 1994
- Mechanical Engineering Technologist 1993
- Operating systems:
- Red Hat (RH 5 to RHEL 7), Suse (9-10), Debian.
- VMware (ESX, GSX, Workstation), KVM, RHEV, Solaris Zones.
- High Availability:
- Sun Cluster, Red Hat Cluster, Big IP F5, Heartbeat 2.
- HP, IBM, and SUN chassis and blades.
- Perl, Shell, Git, Sed, Awk, Make, Subversion, SQL, HTML, CSS.
- Monitoring Products:
- CFEngine, Openview, Insight Manager, SNMP, Sysstat, Big Brother, OpenNMS.
- Web and Middle Services:
- Mojolicious, Apache, Tomcat, Wordpress, Jboss, Websphere
- Network Services:
- DNS/Bind, NFS, IPV6, TSM, LDAP, SSH, DHCP, TFTP, iSCSI.
- MongoDB, MySQL, PostgreSQL, SQLite, DB2, Oracle.
- Email Services:
- Postfix, Sendmail, SpamAssassin.
- Security Products:
- SELinux, Iptables, Tcpdump, Wireshark, Snort, Ipfilter, SSL.
Open source projects
- Evolve Free Promise Library (EFL):
- A collection of ready to use CFEngine policy. https://github.com/evolvethinking/evolve_cfengine_freelib
- A VIM plug-in for writing CFEngine policy. https://github.com/neilhwatson/vim_cf3
- Delta Reporting:
- A centralized CFEngine reporting application. https://github.com/evolvethinking/delta_reporting
Online Papers and publications
- “Learning CFEngine” by
O’Reilly, Appendix: Editing CFEngine 3 Configurations in
- “CFEngine best
- “Make CFEngine simple using the
Evolve Free Library”
- “Intro to Automating System
Administration with CFEngine 3”
- “Enterprise system administration
using configuration management”
- “Clustering with