Experienced DevSecOps Lead and Mentor
+44 77 34 90 16 61
myforest.com, github, LinkedIn, facebook
Able to learn quickly by thinking laterally and reading extensively
Looks to the future, builds on the past
Training and energy enable creative solutions to complex problems
Able to communicate effectively at all levels of an organisation
Capable of experimentation but retains sight of objective
I lead the implementation of Inrupt's corporate and SaaS offerings. I ensure our systems are available, robust, secure and performant.
We're using a mix of technologies and I work with the teams to select, validate and deploy them so they operate well at scale. We have global operations and I work across timezones and data centers.
A critical part of my leadership continues to be authenticity. I develop our backend applications so have my hands on Linux, Kubernetes, Docker, Java, Python, Terraform and GitHub all the time.
I drive technical solutions in a diverse and disparate team of 20 people.
We run ten internal and external business applications for IBM and so have demanding requirements for availability, accuracy, functionality and integrity.
I've helped the team grow from a patchwork of platforms to a robust multi-zone Kubernetes cluster. I encourage diversity in our solutions, but where we have a strong platform we come together to use it and that allows us to focus on things that make a real difference.
I've instigated and enhanced our logging and monitoring to give us a comprehensive view of our systems behaviour and to give us sensible alerting to things that matter. We're very concious of alert fatigue and so we have a number of robustness solutions in place both within the design of our systems and the handling of interruptions. As Lead SRE it's been very rewarding to see the team take these on-board and extend them in new ways to help us do even better.
A critical part of my leadership is authenticity. I develop three of the applications so have my hands on Linux, Kubernetes, Docker, TypeScript, Python and GitHub all the time. This gives me concrete experience to determine if SonarQube, Travis, LogDNA, Sysdig, OpenAPI, npm, VS Code and a raft of other tools are actually useful. I am not an arm-waving architect basing ideas on a conference I just attended. I do incorporate new ideas and encourage the team to experiment. We normally do this in production which shows the new shiny thing is robust and can be observed sensibly. It also demonstrates that our production systems can handle trouble on a regular basis which helps us succeed when unusual trouble arrives.
Mentoring the team is very rewarding and it's great to see their increased courage as the problems they tackle get harder. The ethos in the team allows us to fail and we support this with things like "Learning reviews" (a.k.a. blameless RCAs).
I drive technical solutions in a diverse and disparate team of 20 people.
Our work has resulted in the retention of millions of dollars of customer contracts. We also won the "Innovation in XaaS Product Management" TSIA award and I won an "Outstanding Technical Achievement Award".
We have created machine learning to generate actionable insights into IBM's customers. We carefully gather data from a number of sources and bring it together to create models specific to different areas of our business. We then deliver these as calls-to-action for our customer success team or as email nurture campaigns.
Since founding this project in early 2019, I have been guiding team members as they contribute according to their strengths. I have helped them learn new skills to join their work up with others for relevant results.
I built a Kubernetes cluster, monitoring and logging as well as extra orchestration in Airflow, notably to give us SLAs for jobs (which increases signal to noise ratio). These approaches give us considerable robustness and have allowed us to deliver on our SLAs despite a swathe of exciting issues. This tooling has proved to be so effective that the other part of the business I work with has adopted these tools for ten other applications.
To increase our productivity I also developed an API where internal applications can access our business data in a secure and resilient way without needing to hook into the complexities of our underlying data store. This API has 99.95% uptime by using a multi-zone cluster, rolling deploys and robust handling of pod and cluster interruptions. As this is a best-effort API I can't justify spending more to get better which is something you have to accept as an SRE.
I've enjoyed helping people come together and being able to guide them both from a technical and business perspective. My comfort with the technical landscape allows me to embolden our team to try experiments and approaches that are unusual or unexpected. They don't always work out, but when they do it helps us all provide better insights into our customers.
Handling orders from third-party marketplaces for IBM products, ensuring the product was billed and deployed.
We ran our system in Dallas, London and Sydney for robustness and created a global rolling deploy. All systems were as-a-service so we had no servers to care and feed for.
Fast, effective development using TypeScript and Mongo.
Taking a team on their Docker-in-production journey.
We implemented infrastructure-as-code and gitops to provide a hands-free rolling deploy with gating tests at a time when this wasn't done in IBM.
Helping other teams bring their cloud offerings to market using my experience with TM1 on Cloud.
This included moving to automated deployments aswell as helping with audits and compliance.
Operating the TM1 on Cloud offering which of course includes monitoring, troubleshooting and adapting to customer requirements.
Interviewing and on-boarding new devops.
Directing product development for future TM1 releases to improve the cloud offering's maintainability and margin.
Enhancing the offering, for example investigating more sophisticated monitoring tooling.
Implemented TM1 on Cloud in two months.
Using my experience with TM1 and system administration, I architected the solution and adapted it as we rapidly prototyped and learned about the behaviours of the system.
Weekly product releases to demonstrate the changing offering. Worked with the six product development teams to describe our offering and garner feedback on improvements which I then went on to implement. Carried out similar work with experts who had implemented TM1 on customer site.
Rapidly got up to speed on the SoftLayer API and PowerShell to automate the creation of the cluster and it's customer-specific configuration. At times administering over a hundred servers of various vintages.
Learnt how to negotiate the technical and legal clearance processes in IBM to release software to the novel cloud environment.
Worked extensively with our QC department to verify the offering worked. I was on the hook to determine the cause of problems and determine if they were cloud-related (so I could fix them) or if they were product-related.
Used deep TM1 knowledge to understand how to extract content from one running database and move it to another running database.
Thriving with the tools we all love such as Jenkins, JUnit, Java, Eclipse and of course, agile teams.
World-class, enterprise level solution competently delivering automation, accessibility, globalization, time zones, unicode, multi-threading and graceful error handling.
This involved working with the TM1 team to develop a REST API to describe TM1 objects (and extending the JSON locally where the API fell short). I needed a wide-ranging knowledge of TM1 to include the range of objects it works with to ensure we moved as much of the content as we could.
The technical difficulties of carefully integrating changes into the target system meant that my approach of using test-driven development really paid off. I developed considerable skill in JUnit, for example using parameterized tests generated from permutations, combinations, test files or test case lists.
Optimization project for IBM Cognos Planning 10.1.0. Implemented complex database and runtime changes to massively reduce the resources required to apply access control to cell data (patent). Used my expertise in understanding clusters to improve the robustness and efficiency of work item processing.
These tasks required me to blend my SQL, Visual Basic, system administration and business knowledge skillsets to understand what would be worth changing and then to dive into a ten year old code base and make significant changes. This effort was backed up by extensive testing and data gathering by automating the processing of a vast array of test models to understand how much improvement we were making.
Worked on Eclipse-based UI with advanced features such as intellisense and quick fixes.
Added ability to transfer systems between environments. Export data from DB2, Oracle or SQL Server to disk. This can then be re-imported into any of those platforms. Development was faster as we made extensive re-use of existing COM components from Java via Jawin.
Co-developed an engine to transfer data between systems and optimized this to be 60 times quicker than before. (patent)
Created a system to export consistent sets of data from Contributor to multiple external systems in parallel using copy-on-write. (patent)
Working in a small team defining a new enterprise-friendly architecture for an n-tier web-based system. Major enhancements include:
Enhanced data store architecture to allow cross-instance storage. Migrated to a data store platform agnostic approach that massively sped up the ports to new data stores. Defined, coded and tested a scalable engine for managing large data volumes in big enterprises. Took responsibility for key stages in the data transformation and maintainance in critical sections of the system. (patent)
Training new developers to create higher-quality, more reliable code. Providing direction and components that harmonise exception handling, resource management and debug information.
Developed a system to allow system activities to be scaled-out (and scaled-up as a side-effect). The execution environment picks up atoms of work and executes them whilst providing debug and administration information about the tasks processed. Works in a database-independent way using a central list of jobs and handling the multi-machine access to this list using a platform neutral locking architecture. (patent)
Liaised with remote development teams to port data storage to Oracle 8/9i and IBM DB2. Provided a system architecture, intial examples, documentation and practical advice to assist in the port. Worked directly with client (a global bank) to create and demonstrate the entrerprise features such as failover.
Component Based Rapid Application Development and Training: I was selected to provide training and techinical expertise to our Danish office and so moved to Denmark for nine months.
Developing Company Intranet 1.0 as well as Sales Support including Microsoft TechEd as a vendor on two stands simultaneously.
Working on a live Client-Server Foreign Exchange system in a major bank in the City of London
I've developed enterpise scale systems using Java, Visual Basic and SQL that have been deployed on thousands of customer sites.
Very comfortable in Java and Python. Happy working with Javascript, HTML and CSS. Able to adapt to new things pretty quickly (e.g. PowerShell to drive Windows on TM1 on Cloud)
Comfortable on Windows and Linux.
Used to the normal gamut of LAMP tools such as MySQL, Apache, Tomcat, Python, Nagios, Munin, Ant, Jenkins, Node, ...
Familiar with TM1, DB2, Oracle and SQL Server having developed systems on each.
All the normal stuff: building machines from scratch, setting up networks and interfacing with devices such as CurrentCost
Managed 100+ servers on SoftLayer which of course also involved using their rather good API to drive things.
Over a dozen training badges earned at IBM.
Mathematics BSc Hons - York University - 1991 to 1994: 2:2
5 A-Levels - Kidderminster College - 1989 to 1991: Pure Maths - A, Applied Maths - A, Physics - A, Chemistry - B, General Studies - C
9 GCSEs - Lacon Childe School - 1984 to 1989: Including Maths and English.
US20120226656: Scalable mechanism for resolving cell-level access from sets of dimensional access rules
PCT/US2006/011993: Automatically moving multidimensional data between live datacubes of enterprise software systems
PCT/IB2005/004113: Export queue for an enterprise software system
PCT/US2003/030983: Node-level modification during execution of an enterprise planning model
PCT/US2003/029024: Deploying multiple enterprise planning models across clusters of applications servers
Date of Birth: 1973-02-01
Marital Status: Living with partner (and our two children)
Driving Licence: Clean & Full
Nationality: British
Current Location: York, England
Updated: 2020-11-16