Aaron C. de Bruyn

Systems Engineer, Developer, Consultant

I solve problems using Linux, Windows, Python, Django, Node.js, TCP/IP, Docker, Kubernetes, virtualization, automation, and engineering practices

Work Experiences

CTRL ALT IT

Winlock, WA
Systems Engineer
March 2018 - Present

Launched a business to support a number of clients, with a focus on medical and small business. Designed and released a packaged solution that addresses HIPAA-compliance issues that can scale from small practices to large enterprises. Provided a stable network environment, reduced infrastructure costs, implemented measures to protect patient data, provided disaster recovery services, monitoring, alerting, user support, data analytics, software development, team management, training, and budgeting.

Worked with Linux, FreeBSD, Windows, Asterisk, Eaglesoft, Dentrix, ELK stack (Elasticsearch, Logstash, Kibana), Saltstack, Python, Django, and Kubernetes.

Signal IDS

Winlock, WA
Security Engineer
June 2018 - May 2021

Designed and built intfrastructure to support a cloud-based managed intrusion detection service as well as providing support to customers and sales teams for auditing and compliance reporting using FreeBSD, Docker, Kubernetes, Suricata, Python, Django, Elasticsearch, Logstash, Salt.

MSP DNA

Winlock, WA
Developer
2015 - December 2019

Developed a variety of products designed to enable managed service providers to remotely support and manage their client networks. Technologies primarily consisted of Django, Node JS, Visual Basic, and C# along with tools like Redis, Postgres, Elasticsearch, HAProxy, Docker and Vagrant.

Roka Security

Herndon, VA
Developer / Systems Engineer
January 2017 - May 2018

Worked remotely as a Developer on a secure communications application using several technologies including Django, Salt, MySQL, Apache, Vagrant, Node.js, Mongo, and Redis. After project completion I transferred to the commercial services security division to work as a systems engineer managing and supporting the intrusion detection ecosystem involving technologies like Elasticsearch, Django, Salt, Node.js, MySQL, Nginx, MongoDB, Snort, and Bro until a corporate restructuring shut down the commercial intrustion detection services division.

Utilize I.T., Inc.

Longview, WA
Systems Engineer
2007 - January 2017

Working as a systems engineer for a family-owned business serving a wide variety of clients that need network design, management, and support without the cost of employing a full-time team of staff.

My primary clients include:

  • A large network of approximately 27 sites connected via VPN links over public internet connections. Their primary dental applications are Windows-based, however the routers and firewalls are FreeBSD-based, and each site has at least one Linux server to provide virtualization of their Windows infrastructure. Additionally there are a few dozen servers that provide intra-office messaging, e-mail, management, monitoring, alerting, spam filtering, and off-site backups.
  • A large manufacturing facility where I assisted in maintaining the production network computers, thin-clients, printers, PLCs, and Linux servers. I also deployed a Linux-based VoIP and Fax server using Asterisk to help replace parts of their ancient analog phone system that was costing thousands of dollars in contracting fees every month. Phones were replaced as analog pairs degraded or were cut during various construction / demolition projects.
  • Three government agencies in one building, each with their own unique requirements and an extremely limited budgets. I designed and implemented several low-cost solutions including replacing 4 old virus-infested public access computers running Windows 2000 in their library with 12 thin clients in a Linux Terminal Services Project environment for several thousand dollars less than the comparable Windows solution. For over 3 years, my monthly maintenance in their Library consisted of asking if there were any problems, being told "no, things are running perfectly", and then returning to my office with an upgrade to a newer release every 6-8 months.
  • A multi-site government network with 4 locations that required network connectivity to their vehicles. I replaced a cellular routing appliance in each vehicle that did not perform to vendor-advertised standards with embedded Linux routers that communicated securely back to a central office so ambulances could access patient data and call information while en-route to 911 calls. I also managed their virtual server farm, storage network, and their fiber backbone.

Ubertragen

North Bonneville, WA
Co-owner
2005 - 2010

Ran a small web hosting provider involving a handful of Linux servers. Hosted sites for clients, friends, and family. The project was an experiment to test the security and automation capabilities of Linux in a production environment.

Skamania County EMS

Stevenson, WA
EMT-B
2001 - 2007

I volunteered from January 2001 until February of 2005, at which time I was hired on part-time. In September 2005 I was brought on full-time. While on-duty, I responded to 911 requests for assistance aboard an ALS ambulance and/or technical rescue vehicle. Duties included providing patient care, teamwork, critical thinking, disaster planning, problem solving, and rapidly changing environments and command structures on emergency incidents. I also helped maintain IT systems for the service.

Independent Contractor

Columbia River Gorge
Technician
1989 - 2007

Provided support on an on-call basis to numerous companies and individuals in the Columbia River Gorge area, providing phone, e-mail, and on-site support for a variety of Windows and Linux networks.

Gorge Networks, Inc.

Hood River, OR
Developer
9/1998 - 4/2003

I designed and developed web-based applications for customers and for internal use. I designed and maintained the company intranet, including business applications for tracking telephone circuit repair, installation of new services, and interfaces for support personnel to monitor various network device logs relating to customer accounts.

I was regularly tasked with installing and configuring new hosting servers and co-location machines in addition to new employee workstations. I was on-call 24/7 to support critical infrastructure that kept an average of 1,000 users online at any one time.

Professional Skills

Top Skills

90%

Python & Django

Expert, 15 years
I have designed many internal and several external applications writtein in Python using the Django Framework to enable users to easily access account and customer data, access statistics and reports, and even as a front-end replacement for an old out-of-date proprietary ticketing system.
76%

JavaScript / Node.js

Experienced, 5 years
I have written a suite of internal tools that are used to connect customer systems to reporting back-ends by way of several transport technologies including SSH channels, WebSockets, and JSON APIs.
95%

Linux/FreeBSD

Advanced, 25 years
Designed and built Linux storage and virtualization systems to ensure data integrity, uptime, data security, and ease of management.
85%

Automation

Expert, 15 years
Used automation in various forms to manage several hundred Linux, BSD, and Windows servers across multiple organizations. I started by writing Bash and Python scripts years ago, then used templating and cloning, ran production networks using Puppet, and more recently have settled on Saltstack.
93%

Network and Infrastructure

Advanced, 22 years
Every since I was a kid in the days of dialup bulletin boards I have been involved in networks and infrastructure. Everything from running my own mail server, firewall and IDS to working at in internet provider working with expensive Cisco routers and switches. One project I had fun building was OpenMesher where I automated deployment of a mesh network between corporate offices by generating Debian packages to configure OpenVPN, Quagga, and Shorewall on our edge routers.
50%

Windows Development

Familiar, 25 years
While Windows is my least-favorite platform to work with, I have occasionally worked on projects over the last few decades in Visual Basic and C#. A recent data collection project has me heavily involved in VB.NET and C#.

Other Skills

Python Django Node.js websockets C# Kubernetes VB.NET Linux FreeBSD Windows HAProxy Bash Nginx Apache Elasticsearch Docker Docker Swarm Vagrant pfSense iptables Shorewall KVM/Qemu vSphere VoIP Icinga/Nagios Munin RANCID Smokeping MRTG SNMP Haraka Postfix Dovecot POP3 IMAP SMTP LMTP Puppet Salt Asterisk HTML5 CSS3 Git PHP ejabberd BIND PowerDNS TCP/IP Routing Subnetting VLANs RIP OLSR OSPF Spam filtering ZFS Load Balancing Anycast Failover

Portfolio


OpenMesher

Build dpkg files to automate deploying an OpenVPN mesh with RIP routing to your routers

StatusPage

A simple easy-to-deploy status page for your clients with caching and a user-friendly interface

Haraka

User and frequent contributor to Haraka: An event driven SMTP server in node.js

Game

Something similar to the Land of Devastation BBS door game from the early 90s

About Me

I have a passion for solving problems through software development and automation. This saves time, reduces costs, reduces errors, and frees people up to take on new and interesting challenges.

I specialize in network design, and automation. In my free time, I created a solution called "Practice in a Box" that my employer decided to use and sell to medical companies to meet the needs of their rapid expansion from a handfull of offices to tens of offices across in each of multiple states. The solution employed routing and firewalling, virtualization of the internal servers, on-disk encryption for patient data as well as encrypted off-site backups. A wireless solution was packaged wih the solution as well as switching equipment, file synchronization, cryptolocker prevention and alerting, remote support tools, and even monitoring and alerting for all the equipment, services, and business processes. The initial test build took 30 days to complete. After working diligently to automate the configuration, I was able to reduce the build time to approximately 16 hours.

Most of my activities are largely unsupervised with occasional meetings. I work to understand the vision and mission of my employer and strive to ensure I am constantly working towards those goals.

I am experienced with monitoring ticket queues for engineering issues to detect/fix problems with minimal or no input from management and minimal impact to our clients. I am comfortable with shit work and have worked always-on-call schedules. I have been the point-of-contact for any low-level network issues involving routing, VLANs, VPNs, troubleshooting various protocol issues, and I also manage the company hosting infrastructure.

For my other employer, I work as a developer on a variety of products designed to enable managed service providers to remotely support and manage their client networks. I primarily work with Django and Node.js using various technologies like Redis, Postgres, Elasticsearch, HAProxy, Docker, and Vagrant in Linux and FreeBSD. On the Windows site, I have to write tools in VB.NET with some C#.

My passion for automation and software development comes from working for Gorge Networks. While I was there I became frustrated with their sign-up process. It consisted of gathering customer information over the phone and then emailing it to our billing department. Technicians would sometimes forget a necessary piece of information which would require us to call the customer back. Our billing department would input the information into our billing system, bill the credit card, and then print several copies of a 'new user report' at 5 PM. Users who signed up after 5 PM usually had to wait until the next evening at 5 PM to get started. The 'new user' report would be given to several technicians who would each pick one of several systems on our network (like our mail server, RADIUS server, web hosting server, etc...) and start entering new customer data. The process was fraught with the possibility of errors. Typos could cause significant frustration for a customer.

Customers were told throughout the day to try connecting after 6 PM and to call us back if there were any problems. Unfortunately we stopped answering the phones around 6 PM, and customers were left frustrated and were prone to playing with their settings in an attempt to try to fix the problem. This would usually cause more work for our support staff in the morning.

I spent several months working between phone calls and after-hours to automate the sign-up process, and finally built a set of web forms, and a CD that could be handed out at local stores in our service area that would walk customers or our technicians through gathering all the required information. The data would then be validated by our servers, the customer credit card would be automatically charged, and then the scripts would automate creating accounts in all the various systems and databases. Finally, the CD would automatically configure the customer computer properly and allow them to connect. This would all occur over the span of about 45 seconds.

This new system reduced the number of support calls we received, reduced user frustration, and freed up staff at the end of the day by no longer requiring them to spend time manually entering and verifying account data in multiple disparate systems.

In my spare time I research and develop custom applications for companies, play with new technologies, and I try to better myself and my knowledge of every aspect of IT. When I am not working, I love hanging out with my family, working on my farm, and helping my community.

Get in Touch

I am currently happily employed, doing what I love, but I am always open to interesting projects and new challenges.

Feel free to contact me by e-mail at aaron@heyaaron.com or phone at 360-200-1742