Rumen Telbizov
Senior Site Reliability Engineer
a: Burnaby, British Columbia, Canada
e: telbizov@gmail.com
w:
i: http://linkedin.com/in/rumentelbizov

Technical Skills

OS
FreeBSD; Linux: Debian/Ubuntu, Gentoo, RedHat/CentOS
Networking
TCP/IP, IP Routing, BGP, RIP, Firewalls (ipfw, ipf, iptables, pf), NAT, CARP, Load balancing, Traffic shaping, Cisco, Juniper/JunOS, HP Procurve, VLANs, STP, HTTP, SSL, SSH, DNS, RADIUS, SMTP, POP3, IMAP, FTP, TFTP, SIP, IAX2, DHCP, NFS, SMB, SNMP, IPMI
Daemons
Apache (mod_perl, mod_ssl, mod_proxy, mod_security), Nginx, MySQL, proftpd, OpenSSH, Qmail, vpopmail, Courier IMAP, Dovecot, Exim, Asterisk PBX, HAproxy, djbdns, BIND, IceCast MP3 Streaming Server, Cacti, RRDTool, Nagios, Trac, OpenVPN, Wireguard, Heartbeat, LVS, Puppet, Ansible
Programming
Python + Django, C, C++, Perl/mod_perl, bash, HTML5, CSS3, JavaScript, jQuery, NodeJS, Meteor, Underscore.js, Handlebars.js, Bootstrap, less. Forked, threaded, iterative highly efficient daemons. Sockets programming (blocking, non-blocking, libevent, gevent). Application debugging and troubleshooting on code and system level: strace, ltrace, truss, lsof, tcpdump, netstat
Databases
MySQL (replication, optimization, galera cluster), sqlite, MongoDB, MongoEngine
Storage
ZFS (FreeBSD and Linux/ZoL), NetApp, iSCSI (istgt), DRBD, MooseFS

Work Experience

Principal Infrastructure Engineer
February 2021 - Present
Menlo Security, Inc., Vancouver, BC
Internet Security Company
  • Part of the newly-formed Infrastructure Research and Development team
Senior Site Reliability Engineer
June 2013 - January 2021
OpenDNS - Cisco/Umbrella, Vancouver, BC
Internet Security Company
  • Started as a Senior Unix Systems Administrator, part of the original OpenDNS operations team, and soon after that moved on to be one of the first core members of the newly-formed Site Reliability Engineering (SRE) team under the larger Infrastructure team. Later became Technical Lead of the Systems and Performance Engineering sub-team of DNS SRE Engineering
  • Owned the entire resolvers' fleet end-to-end: OS Automation, Security patching, Incident Management, Hardware Troubleshooting and Optimization
  • Implemented a hybrid on-prem + AWS solution using 500 hardware resolvers in 35 Data Centres around the world + EC2 instances with Direct AWS connect serving 10 Million Queries Per second
  • High availability and low latency with BGP Anycast
  • Implemented an alternative to the aging Puppet-based OS configuration management with Ansible which got adopted by multiple external teams
  • Implemented key technical requirements of SOC2 compliance: disk encryption with unattended disk unlocking, dual-factor SSH authentication
  • Designed and implemented a FreeBSD-based redundant pairs of stateful PF Firewalls protecting a key DataCentre with thousands of machines behind. Converted from default-allow to default-deny ruleset by identifying hundreds of historical data flows and writing the appropriate ruleset
Senior Unix Systems Administrator
May 2010 - May 2013
The Electric Mail Company, Burnaby, BC
Hosted email, archiving and email security
  • Large scale server environment with more than 500 physical servers and 400 OpenVZ VEs in 5 colo facilities, hosting over 12 million mailboxes and serving over 1Gbit/s customer traffic
  • Administrated a mix of CentOS 5.x, Gentoo 32/64bit, FreeBSD 8.x and legacy OpenBSD systems as well as OpenVZ instances
  • Designed, documented and supervised the addition of two new colo facilities in Phoenix and Chandler, Arizona, US. Built redundant pairs or FreeBSD routers in each data center running 10GbE network, BGP, binat and pf firewall. Implemented successful failover between the two DataCenters and between ISPs
  • Implemented redundant, instant-failover, VPN tunnels between five data centers running on top of dedicated MPLS circuits and the Internet using OpenVPN. Cut downtime related to inter-colo connectivity blips to virtually zero - a significant improvement over previous IPSec based solution
  • Rebuilt and migrated all routers to FreeBSD and successfully replicated functionality from OpenBSD like: pf firewall, carp failover, etc. Removed router-related downtime due to improved stability and eliminated previous double kernel panics across the redundant pairs
  • Designed, documented and supervised the addition of a new colo facility in Data Electronics/Telecity in Dublin, Ireland. This included power, rack space, network and cabling, servers configuration and purchasing, routing and redundancy
  • Applied and received a /22 Provider Independent IP address space from RIPE for the new Dublin colo. Implemented a redundant FreeBSD-based pair of routers running OpenBGPd between two ISPs - Level3 and Cogent. Introduced source routing and traffic separation between the different subnets for better utilization of available bandwidth
  • Developed automated FreeBSD installer based on PXE boot, NFS and bash script. Host for binary packages, cvsup server providing fast updates of base OS sources
  • Developed automated Gentoo installer based on PXE boot, NFS, bash script and puppet
  • Designed custom SuperMicro-based server configurations tailored specifically for the needs of the main application they were meant to run. Achieved high cost-efficiency due to the lack of big vendor brand name overhead. Incorporated SSD into certain server configurations resulting in double and triple performance boost over previous setups. Assembled individual hardware components, stress tested complete server configurations, eliminated bottlenecks and performed hardware troubleshooting
  • Participated into the migration and merger of Electric Mail with FuseMail and the following technical re-engineering challenges
  • Implemented ZFS-based backup solutions over NFS and iSCSI providing cheap redundant storage of over 200 TB
  • Added cacti/rrdtool based graphing and monitoring of Linux and NetApp systems which helped us identify bottlenecks and improve reliability
  • Provided Tier 2 support to the company's Help Desk
Systems Operations Engineer
September 2008 - October 2009
Electronic Arts (Canada) Inc, Burnaby, BC
Global Interactive Entertainment
  • Core member of the EA Sports Online Operations Team responsible for EASports.com and EASportsWorld.com
  • Participated in the full life cycle of PlayStation3 and XBOX360 based console games that used online features provided by our group including FIFA, Madden, Tiger Woods PGA, NBA, NHL, NCAA, etc.
  • Provided systems administration, monitoring, maintenance, deployments, troubleshooting and continuous integration services to the web, engine and game teams involved in the project
  • Built and maintained the production environment as well as multiple development, test and certification environments
  • Maintenance, troubleshooting and optimization of applications running on Red Hat Enterprise Servers, JBoss, PHP/Symfony, Memcached, Oracle, HAproxy
  • Designed and developed a custom system, based on RRDtool, for analysis and graphical representation of the load and utilization of the backend infrastructure and the REST interface it provides to users
  • Software Engineer II title with systems administration and support functions
Senior Linux Systems and Network Administrator
November 2006 - July 2008
ICDSoft Ltd, Sofia, BG
Shared Web Hosting
  • Administrated large scale (more than 400) Linux and Unix servers (RedHat, Debian, FreeBSD) and Cisco switches
  • Hardware management, assembly, debugging, stress testing, server monitoring, troubleshooting and high level technical support
  • Network administration: VLAN, FreeBSD based firewalling with pf and ipfw, RIP, Linux iptables, etc.
  • Implemented the office open-source PBX based on Asterisk
  • Resolved customer incidents and security issues
Chief Technical Officer
May 2003 - October 2006
E-Card Ltd, Sofia, BG
Applications Service Provider
  • Started as a Unix Systems Administrator and shortly after added software development duties (Perl, mod_perl, C). Later officially acquired the title CTO (Chief Technical Officer) of the company
  • Analyzed all technical aspects of the projects, architected and implemented solutions
  • Programmed high-performance server applications of heavily loaded web sites in Perl (mod_perl), C and MySQL
  • Successfully built and ran high-profile websites like: Big Brother, Star Academy, Who Wants to Be A Millionaire, MVBox, flashassistant.net, IQ test of the nation
  • Redesigned the existing online payment system of the company and applied a new security model. Chose the technology, implemented the system, optimized it and performed a thorough security analysis
  • Developed premium-rate SMS based applications and video streaming solutions
  • Used internet telephony based on Asterisk (IAX2 protocol) and implemented a custom VoIP softphone
  • Created, administrated and maintained the server and office network including BGP, firewall, load balancing, etc.
  • Worked with short deadlines and always met expectations. The job was a mixture of programming and systems/network administration with emphasis on programming
Linux Systems and Network Administrator
July 2001 - January 2003
EuroIntegra Ltd, Sofia, BG
Internet Service Provider
  • Administrated Cisco routers and Linux/FreeBSD servers. Configured and tuned network services for the company and external clients
  • Built local networks and installed structured cabling. Gained experience with ISDN lines, telephone exchanges, Zyxel DSL routers, DOCSIS cable modems and networks, Network Access Servers. Supported clients over the telephone and on-site. Created applications for automation of the administrative tasks

Education

Degree
Master
September 2006 - unfinished
Major
Distributed Systems and Mobile Technologies
University
Sofia University St. Kl. Ohridski
Degree
Bachelor
October 1998 - June 2005
Major
Computer Science
University
University of National and World Economy in Sofia

Personal Information

  • Fluent in English, native in Bulgarian, beginner in French and Russian
  • Strong team player and fast learner
  • Dedicated and responsible with attention to detail
  • References available upon request