Experience:

06/2000 - Now: TerraLuna LLC, Santa Clara, CA
http://t7a.org

MANAGING PARTNER:

TerraLuna, founded by my wife and I, is an incubator and consulting firm. In addition to my UNIX infrastructure consulting and our work with member businesses, since 2001 we've been experimenting with the use of decision markets within organizations; I am currently developing the third generation of (GPL) code for our exchange. See http://trac-hacks.org/wiki/MarketPlugin for the previous version.

Establish data center and CNC machine shop; lease industrial park units, prepare space, determine power and cooling loads, design and install electrical, UPS, and racks. Design, procure, install, and manage network and server infrastructure. IT infrastructure is clustered Xen, Linux, AFS, Kerberos, LDAP, and a few Windows workstations for CAD/CAM/CAE.

Advise and assist incubator members in the planning and execution of their businesses: includes financial plans and analysis, marketing, organization and staffing, aerospace, mechanical, electrical, and electronic engineering, and IT support.

Incubator members include Masten Space Systems, developer of a suborbital launch platform now undergoing flight testing in Mojave (http://www.masten-space.com); CD International Technology, described below; and BoJo Inc., a mechanical engineering and production firm specializing in EDM machining, laser cutting and engraving, and injection molding.

12/2004 - Now: CD International Technology, Inc, Santa Clara, CA
http://cdint.com

VICE PRESIDENT, ENGINEERING:

CD International, founded in 1993 by my wife's family, is an international engineering and manufacturing firm, with a staff of 15 and manufacturing facilities in China. CDINT builds equipment for non-destructive testing, industrial robotics and automation, and high-voltage, high-frequency cables and connectors. Customers include leading firms in the aerospace, nuclear, and petroleum industries, as well as major universities and national research labs.

Improve quality control of manufacturing processes and procedures; grow cable and connector business from a sideline into the primary source of revenue for the company. Develop high-voltage test equipment and procedures in order to track down and eliminate the major causes of in-field cable failures, reducing field returns from 10% to near zero. Develop code for creation and maintenance of bilingual cable assembly and testing procedures, provide on-site training of manufacturing staff in China.

Perform financial analysis, create and tune forecasts of order flow and financial position. Develop a model of the relationship between the company's revenue and exchange-traded oil service industry indexes, demonstrating hedge strategies. Determine measures to be taken to move company into the black; build consensus for executing same.

Improve marketing and web presence; create and manage Google ad campaigns and Froogle feed. Develop and launch a catalog server, based on a heavily-modified version of osCommerce -- revenues doubled in the weeks following launch of this server. Develop python code to populate and manage the 4,000 products, 14,000 images, and 16,000 category tree nodes in the catalog (http://cdint.com/catalog).

Design electromechanical components using 3D modeling and simulation in SolidWorks. Bring connector designs in-house in order to overcome supply chain problems. Second-source component manufacturing from multiple machine shops, both domestic and overseas, in order to lower costs and ensure future supplies.

Plan for new 20,000 square foot manufacturing plant in China, currently under construction; specify interior floor plan, electrical, server and network infrastructure.

08/2004 - 11/2006: (Contracted to) Morgan Stanley, New York, NY (telecommute)

SECURITY INFRASTRUCTURE CONSULTANT: Assigned to systems and data security group in Brooklyn, telecommuting from California. Architect and guide permanent staff in replacement of firm's outbound modem pools at locations worldwide. Develop log collectors and analysis tools for perimeter PIX firewalls and Kerberos servers. Conduct forensic security investigations, including preparation of legal evidence. Work with UNIX engineering to improve automation of server deployments and upgrades; develop new releases of isconf for use in the firm. AFS, Kerberos, LDAP, Solaris, Linux, isconf, Cisco PIX, Forensics, RFC 2217.

03/2004 - 8/2004: Tellme Networks, Mountain View, CA

TOOLSMITH: Hold 1:1 sessions with 19 members of network operations team to triage tool development priorities and discover actual needs. Develop purchasing tools and procedures to track the several $MM of data center assets in-flight at any given time in this fast-growing environment. Work with comptroller and finance staff in pursuit of corporate asset tracking for Sarbanes-Oxley compliance. Develop tools to support data center moves, monitoring and traffic analysis. Initiate, install, and advocate use of wiki for operations documentation, integrate wiki with bug tracking system, integrate bug-tracking system with purchasing tools. Solaris, Linux, Perl, Python, Purchasing, Sarbanes-Oxley, logistics system analysis/modeling.

09/2003 - 10/2003: (Contracted to) Zope Corporation, Fredericksburg, VA

CONSULTING INFRASTRUCTURE ARCHITECT: Architect fully automated administration infrastructure for 150-node server farm, use it to assist with rapid deployment of a new 20-node Linux cluster for a high-profile media client, train and advise local staff in the tools and techniques used. Entire sequence took only two weeks. ssh, isconf, Linux, CVS, Zope, Perl, Python.

03/2003 - 9/2003: (Contracted to) Visa International/Inovant, Foster City, CA

CONSULTING INFRASTRUCTURE ARCHITECT: Advise Sun Professional Services members on AIX/Tivoli capabilities, for rearchitecture of Visa's global data centers. AIX, HACMP, LPAR, FlashCopy, Tivoli.

09/2002 - 11/2002: (Confidential client, details available on request), New York, NY

RECOVERY CONSULTANT (WTC RECOVERY FOLLOW-ON):

The recovery from the World Trade Center went well for this organization; they didn't drop a byte. But their disaster recovery site was co-located with another, resident organization. This sharing of the same data center and network led to confusion. The impact of the recovery on legacy systems at the recovery site was not well understood. The IT chain of command became fragmented, and the hybrid post-recovery infrastructure began experiencing repeated hours-long outages without clear cause or accountability. During the investigation, it also became clear that the recovery site's 1-megawatt backup power plant had been neglected for a decade; no generator had ever been installed; the battery cases in the UPS room had blistered and split due to age and plate growth.

Conduct technical and personnel audit of infrastructure, including UNIX, Windows, mainframe, voice, power, fire, and radio communications. Interview dozens of staff members from line level to CEO. Provide purchasing, staffing, and retention recommendations. Lead expedited technical fixes for critical issues. Lead effort to reverse-engineer host roles and application dependencies, consolidate servers, and plan for future disaster recovery.

Plan and manage emergency rework of data center primary and backup power systems, executing all power rework in one 40-hour weekend with a team of 15 sysadmins and 60 electricians. Power systems rework included shutdown of entire building, complete replacement of battery plant, refurbishment of UPS, installation of generator and automatic transfer switch. (The upgraded plant allowed this site to withstand the 2003 Northeast grid blackout.)

06/2001 - 07/2002: (Contracted to) InterTrade Systems Corp., Campbell, CA

CONSULTING INFRASTRUCTURE ARCHITECT: Production EDI data center buildout including multiple AIX/HACMP clusters. Audit legacy systems and integrate selected portions into new environment. Plan rollout technology and timelines, implement automated administration infrastructure based on isconf framework, including backport to AIX. Fully automate repeatable installation of HACMP, TSM (Tivoli Storage Manager) backup system, db2 database servers, and SonicMQ. Integrate db2 to TSM for online backups. Set up monitoring. Assist engineers in integration and debug of large in-house Java EDI application.

Using IBM-recommended manual build procedures, it can take 40-80 hours to build a single HACMP cluster by hand. Using automated administration techniques we were able to instead build and configure the same clusters in under two hours each, unattended, starting from bare hardware. This allowed us to rebuild them dozens of times, testing to destruction and making changes as we went.

In addition to the clusters, we also fully automated build, patch maintenance, and application installation on all other hosts in the infrastructure, saving months of rework time during rollout.

01/2002 - 01/2002: (Contracted to) Caterpillar Financial Services, Inc., Nashville, TN

DISASTER RECOVERY ARCHITECT: Disaster recovery and business continuity planning for the IT department of this heavy equipment manufacturer's financial subsidiary. Audit legacy, manually-maintained systems. Working with both management chain and line level, launch automated systems administration tools, techniques, and culture within the organization, to enable better awareness, detection, and recovery from security and other defects and vulnerabilities. Address individual concerns, help advocates understand and work with normal resistance to change. Automated Systems Administration, isconf, CVS, Solaris, HP/UX.

03/2000 - 1/2001: (Contracted to) marchFIRST (formerly USWeb)

Silicon Valley E-Commerce Practice, Cupertino, CA

INTERNET INFRASTRUCTURE ARCHITECT: Project recovery, completion and launch of Internet news and entertainment portal for world's largest Spanish language media company. Security-related work included access control of both internal and external parties, across 4 major and many subsidiary security domains. The public site was well-publicized throughout Latin America and saw an average of 1 new user registered every 3 seconds, with an associated high frequency of break-in attempts, none successful. Internal staff included over 220 engineering, development, QA and editorial members at multiple companies in both the US and Mexico, as well as investors -- these all needed to be constrained. Test, debug, and direct resolution of over 150 defects in Javascript, Perl, C, and C++ code. ssh, VPN, firewall, BroadVision, SiteRock, AboveNet, Perl, C, C++, SQL, Javascript, Oracle, Accuweather, Google, CMS, High-Availability NFS, Interwoven Teamsite, Teamtrack.

See Also:

• http://www.esmas.com

06/1999 - 2/2000: (Contracted to) Netscape Communications Corporation

Corporate Information Systems, Mountain View, CA

Sun/Netscape Alliance

ACTING IS DIRECTOR: Bridge 1-month gap after resignation of staff IS director, reporting to V.P. of AOL Internal Computing. Retain existing IS staff, initiate internal transfers to address staffing problems, upgrade of overseas equipment, buyback/swap of legacy equipment, new corporate data center backup solution, counsel staff in need, communications w/ AOL IS for integration and security of Netscape and AOL internal infrastructures.

JOINT VENTURE INFRASTRUCTURE AND SECURITY ARCHITECT: Enterprise architecture for iPlanet development organization. The iPlanet effort was a joint venture between 2500 developers and other staff within the Netscape and Sun organizations. The heterogeneous networks and systems of the two companies needed to be joined to enable cooperation, but it was mandatory that non-iPlanet intellectual property on both companies' networks and servers remain protected. The AOL network needed to be protected from both Netscape and Sun. This required a third-party DMZ network between the two companies, jointly administered, with back-to-back firewalls and co-located proxy and other servers. I worked with the staff of both companies in the capacity of technical design and project management for this infrastructure. This included network connectivity between companies, firewall rule negotiation, encryption and digital signature techniques, placement and role of servers and labs, LDAP directory data management and project planning, and addressing issues related to scalability and legal requirements for iPlanet. ssh, PKI, PGP, SSL, VPN, Perl, LDAP, slapd, CVS, LUDE, DNS, NIS, Solaris, CGI.

07/1998 - 02/2002: (Contracted to) NASA Ames Research Center

Advanced Supercomputing Facility, Moffett Field, CA
http://science.nas.nasa.gov

DISTRIBUTED ENTERPRISE SYSTEMS ARCHITECT: Consulting affiliation with NASA's premier aerodynamics supercomputing center. Security-related work includes design for access control, management, and monitoring of multi-user, multi-host, multi-site distributed computing systems and networks. NASA's visibility invites attacks on a very frequent basis; this requires a defense-in-depth approach, with not only firewall and bastion host techniques, but individual host hardening, monitoring, and self-healing measures. ssh, Nessus, Perl, cfengine, Condor, Globus, CVS, Linux, DNS, IRIX, SGI, HIPPI, Cray, Macintosh, Appletalk, Solaris, SunOS, HP/UX.

01/1998 - 07/1998: (Contracted to) Cisco Systems

Enterprise Management Development Group, San Jose, CA

CONSULTING MEMBER OF TECHNICAL STAFF: Initial design of a DNS/DHCP infrastructure for Cisco's intranet. Architecture and initial coding of Web/CLI/Batch DNS management tool with Oracle backend. DNS server infrastructure planning, including split horizon DNS architecture for better security, conversion of data from Cisco's legacy DNS toolset. Upgrades of development and web application distribution infrastructures, synchronization of code trees on multiple redundant web servers, started use of CVS version control and regression test suites in development group, Perl class library cleanup. Also at own initiative, sparked negotiations between Cisco and Internet Software Consortium for funding of much-needed new features in BIND and DHCP, such as DHCP/DDNS integration and IXFR. Perl, CVS, DNS, DDNS, BIND, HTTP, CGI, HTML, RCS, Web Application Development, Version Control, Change Control, Oracle, SQL, Solaris.

01/1994 - 1/1998: Chase Manhattan Bank/Chemical Bank

Global Capital Markets Trading Division, New York, NY

VICE PRESIDENT, CORE INFRASTRUCTURE ENGINEERING: Assemble and (hands-on) lead team of systems engineers responsible for design, specification, and security of Chase Bank's global trading systems infrastructure; approximately 15,000 heterogeneous trader, backoffice, and application developer seats on floors in New York, London, Hong Kong, Tokyo, Singapore, Sydney, Paris, Milan, Moscow, and elsewhere. Overseas travel. Major refit of legacy floors, design and construction of new floors. Intentionally stay involved with line-level technical issues, remain in pager rotation and at keyboard. isconf, NIS, NIS+, DNS, NFS, HTTP, Web, HTML, TCP/IP, RCS, SCCS, Version Control, Change Control, CVS, C, C++, X-Window, Motif, SQL, Ethernet, Perl, SUP, AIX, RS/6000, HACMP, High-Availability NFS, SunOS, Sparc, Solaris, Ultra, Motif, OpenLook, xdm, NTP, SeOS, BoKS, Lotus Notes.

CHASE/CHEMICAL MERGER PROJECT ARCHITECT: Convene and lead ad-hoc team of systems administrators and engineers in specification, design and implementation of merger of Chase/Chemical Derivatives Trading systems. Provide complete backward compatibility in filesystem namespace and execution environment for legacy applications of both banks, for minimal impact to traders.

Launched this project on my own initiative, because nobody else was doing it and it had to get done before merger day 1. We created a fully heterogeneous infrastructure of SunOS/AIX machines sharing common filesystems, directory services, user namespace, security, installation and upgrade methodologies and software, and application management, building on isconf framework.

SENIOR SYSTEMS ARCHITECT: Design, specify, and implement worldwide mission-critical trading infrastructure for Chemical Derivatives Trading group; approximately 700 trader, backoffice, and application developer seats on floors in New York, London, Hong Kong, Tokyo, Singapore, and Sydney.

Established first secure firewall between Internet and Chemical's internal network. Developed early version of isconf utilities for automatic installation and maintenance of O/S patch levels and application versions from central location, in order to provide uniform execution environment for applications on desktops worldwide. Set up the first Intranet web server inside Chemical Bank North America. Trading workstations based on RS/6000's running AIX.

03/1993 - 11/1993: (Contracted to) UNIX System Laboratories, Summit, NJ

CONSULTING MEMBER OF TECHNICAL STAFF: Plan and lead Production Usability and Application Compatibility test efforts for SVR4.2v2, the last release of AT&T UNIX; became foundation for Novell's UnixWare 1.1 product. Develop regression test status tracking system in Informix 4GL/SQL. Debug UNIX internals. Interview new hires. Ensure resolution of defects in kernel, filesystem, device drivers, and GUI. Provide graphics development design input for next release. Provide frequent assistance to USL system and network administration group. Port and support various user and administrator tools. Network and System Administration, Quality Process, i386, Ethernet, TCP/IP, SMTP, NFS, vxfs, C, ksh, X-Windows/Motif, SQL, Relational DBMS, Datakit, STAR/CMTS, troff, SCCS.

05/1992 - 02/1993: (Contracted to) IBM Enterprise Systems, Kingston, NY

OSF/UNIX SYSTEMS ENGINEER: Stress test and administration of kernel and user side of AIX/ESA operating system, an OSF-based Unix for IBM's mainframe family. Interactive Reliability and Virtual Memory Manager (VMM) system test and debug in a mainframe lab environment. LAN topology planning, troubleshooting and load analysis. On project through end of Release 1 and all of Release 2 cycle. Contract Account Manager, Parallel processing, Unix Internals, Network Administration, AIX, IBM 9021/3090, RS/6000, PS/2, Ethernet, Token Ring, X-Windows/Motif, TCP/IP, NFS, C, bsh, csh, ksh, crash, dbx, SCCS, VM, CMS, LaTeX, porting, ISO 9000 Quality Process.

08/1989 - 05/1992: , Tallahassee and Melbourne areas, FL

UNIX/DOS INDEPENDENT SYSTEMS CONSULTANT: Provide contracted development, training, and on-call support services to organizations in Northern and Central Florida. Applications include production control, order entry, medical billing systems, paralegal services, order fulfillment, non-profit management. Services include platform migration, remote site support, training of system administrators, telecommunication facilities planning, vendor relations. Organizations include Capitol Computer Consultants Inc., Skandia Industries, MedRehab Inc., Florida Wildlife Federation, and Mid-East Manufacturing. IBM RT, UNIX, AIX, Xenix, BSD, DOS, C, RM-COBOL, dBase/Foxpro, relational DBMS, bsh, ksh, awk, SCCS, adb, crash, performance tuning, UUCP, TCP/IP, SLIP, NFS, Ethernet, routers, brouters, bridges, gateways, dialup access, miscellaneous and sundry DOS LAN products, PC/XT/80x86 hardware systems and peripherals.

12/1986 - 02/1993: United States Air Force

Tactical Air Command, 1st Tactical Fighter Wing, Langley AFB, VA

Air Force Reserve, 919 Special Operations Group , Eglin AFB, FL

STAFF SERGEANT: Administer flightline activities, launch and recovery of McDonnell Douglas F-15C/D Fighter Aircraft, Lockheed AC-130 Gunships. Inspect, diagnose and correct faults in airframe, engine, and flight control systems. Coordinate specialists in repair of aircraft subsystems. Crash recovery, disaster and mobility readiness, fleet data systems training, aerospace structures, avionics, high-performance aerodynamics.

08/1981 - 11/1986: Paradyne Corporation

Logistics Department, Largo, FL

06/1985 - 11/1986: LOGISTICS PLANNER/PROGRAMMER: Software development and test as part of team bringing up IBM 3090-platform national field inventory and personnel tracking system. S/370 and Token-Ring LAN Administrator. System administrator/developer of TI-990/10 materials tracking and demand analysis package. COBOL, FORTRAN, S/34 reporting, EasyTrieve, MRP, logistics system analysis/modeling.

08/1981 - 06/1985: ELECTRONIC TECHNICIAN: Expand and administer TI-990/10 minicomputer system. Develop data communications test equipment and procedures. Troubleshoot and repair data communications and local loop equipment down to discrete component level; modems, multiplexers, other T1, packet-switching and LAN hardware and peripherals. TI-99000 assembly, Z-80 assembly , FORTRAN, bit-slice microprocessors, digital signal processing, embedded systems, test engineering, training and mentoring.

Publications:

Infrastructures.Org

Steve Traugott, Joel Huddleston, Joyce Cao Traugott; Enterprise Infrastructures design and development web site, http://www.infrastructures.org

Why Order Matters: Turing Equivalence in Automated Systems Administration

Steve Traugott, Lance Brown; USENIX LISA Proceedings, November 2002, http://www.infrastructures.org/papers/turing/turing.html

Bootstrapping an Infrastructure: A model for Automated Systems Administration

Steve Traugott, Joel Huddleston; USENIX LISA Proceedings, December 1998, http://www.infrastructures.org/papers/bootstrap/bootstrap.html

AsterAnts : A Concept for Large-Scale Meteoroid Return and Processing Using the International Space Station (NASA Technical Report NAS-99-006)

Al Globus, Bryan Biegel, Steve Traugott; Space Frontier Conference 8, Los Angeles, CA, September 23-26, 1999, http://www.nas.nasa.gov/Research/Reports/Techreports/1999/nas-99-006.html

JavaGenes and Condor : Cycle-Scavenging Genetic Algorithms (NASA Technical report NAS-00-006)

Al Globus, Eric Langhirt, Miron Livny, Ravishankar Ramamurthy, Marvin Solomon, Steve Traugott; Java Grande 2000, sponsored by ACM SIGPLAN, San Francisco, CA, June 3-4, 2000, http://www.nas.nasa.gov/Research/Reports/Techreports/2000/nas-00-006.html

Education:

• 120+ credits toward Bachelor of Science over 10-year period; classes include computer science, calculus, management, accounting, physics, engineering, 1981-91
• 100+ hours toward completion of Private Pilot license
• Associate in Science, Community College of USAF, 1987
• Electronic Technician's Certificate, St. Petersburg Voc. Tech., 1983
• Graduated from high school and entered full-time coursework at St. Petersburg College at age 16

Interests:

• Decision markets
• Organizational behavior and development
• Commercial space development
• Hiking, mountain biking, canoeing, rappelling, mild rock-climbing, cross-country skiing, telemark
• Caving (speleological survey, exploration, safety and rescue training)
• Derivatives markets (equity and commodity options and futures)
• Ham Radio, Technician class (KG6HDQ)
• Don't drink, smoke, etc.
• Don't play golf

View: security
$Id: resume.xml,v 2.32 2007/04/10 05:55:54 stevegt Exp $