Charles N Wyble ===== Senior (**Staff level**) **System Engineer/SRE/Architect** with extensive Linux/Windows/Networking/Cyber security background and experience [ [Github Profile](https://github.com/reachableceo) ] . [ [Linkedin Profile](https://www.linkedin.com/in/charles-wyble-412007337) ] . [ reachableceo@reachableceo.com ] . [ 818 280 7059 ] . [ Austin TX / Raleigh NC / Remote ] ## Highlights from my 22 year IT career - Developed and implemented a process to switch thousands of desktops providing digital signage functionality from Fedora to Debian in a completely automated fashion using a custom initrd. - Developed and implemented an internal private cloud orchestration and provisioning system for a hardware development engineering team that handled the entire provisioning lifecycle for physical and virtual systems. - Developed and implemented standardized language and procedures and incident investigation automation for a large technical support organization with high turnover. - Developed and implemented an automated order status and payment handling interactive voice response application using Angel.ccm with a backend web service returning Voice XML. This allows call center personnel to focus on revenue generating opportunities instead of administrative matters. - Provided technician support to a team of electrical engineers building the power system for the radar of FrankenSAM in Ukraine. Handled high / low voltage wiring and plumbing and documentation of those systems. - Provided root cause analysis , mitigation and remediation of security breaches by advanced persistent threat actors at high value targets. - Project managed a successful brand new data center build from bare dirt to serving content in 86 days. Oversaw 8 billion dollars of capital deployment. - Led and consulted tier 1 payment compliance industry (PCI) implementations for some of the worlds largest brands (including at a payment processor). - Rolled out centralized Active Directory authentication, deployed Dell OpenManage, and upgraded network equipment. - Deployed password vault, Active Directory PKI, and implemented a ground-up network redesign. - Designed VmWare NSX network. \pagebreak ## Employment History **CDK Global | Senior System Engineer | July 2024 - October 2024** - Security Compliance : worked with risk management/audit to remediate insecure configurations - Created Alma9 Packer image from scratch **Apple Computer | Senior System Administrator | March 2024 - July 2024** - Day to day server operations scheduling downtime etc **SHEIN | Staff Site Reliability Engineer | December 2022 - August 2023** - Streamlined engineer onboarding by documenting and overhauling the process, consolidating disparate guides into a comprehensive modular set of documents. - Established a taxonomy for team documentation in the wiki, implementing Confluence best practices for a proper knowledge base. - Served as the SRE Liaison for cybersecurity functions, ensuring compliance with data locality/partition requirements and pending federal data privacy legislation. - Focused on fostering a culture of automation and skill development within the SRE team, emphasizing code review, infrastructure as code, versioning, testing, and effective ticket management. - Contributed to Linux server administration both internally and externally, aiding colleagues with scripting/automation and assisting in the migration from AWS to Azure with zero customer-facing system impact. Additionally, provided day-to-day support for AWS and Azure activities and troubleshooting. **3M | Senior Site Reliability Engineer | March 2020 - November 2022** - Supported Vendavo on RedHat Linux, managed releases, and provided day-to-day developer support. - Created a homegrown YAML configuration management system, utilizing bash scripting and YAML templates with a CSV-based key/value store to efficiently manage and regenerate environment-specific variables for a line-of-business application across multiple development, testing, staging, and production environments. \pagebreak **TippingPoint | Staff System Architect | March 2012 - June 2019** - Conducted code and design reviews for internal/external team projects and actively participated in broad enterprise collaboration, focusing on large-scale fleet management. - Managed user account administration, manual/semi-automated server provisioning, trouble tickets, security vulnerability remediation, and system/network auditing. - Led various projects, including migrating fleet systems from Centos 6 to Centos 7, implementing LXC/ LXD container versions for increased system utilization, and creating an on-premise deployment system (GUMPS) for automated provisioning. - Deployed network monitoring systems (Zenoss, observium/librenms), utilized librenms as a Conflguration Management Database (CMDB), and implemented a fleet orchestration system (Rundeck). - Executed extensive vulnerability remediation, OS/application/kernel patching, NIC customization/ optimization, and data migrations while developing and maintaining custom scripts for tasks such as LDAP management and SSL scenarios. Automated processes like re-imaging and ensured continuous distribution of a 40GB dataset of packet captures across a global fleet. **HostGator.com | Automation and Escalation Engineer | March 2011 - May 2012** - Provided senior-level Linux and web application support globally. - Developed standardized reply language and scripts, reducing errors in Level I Linux administrator department. **RippleTV | System Engineer | October 2008 - January 2010** - Provided system engineering expertise for customer-facing advertising platform (AdSpot) and internal fleet management tool (CPanel). - Utilized Nginx, Mongrel, Thin, Rails, Merb, Rack, MySQL, memcached, and F5 LTM. **Walt Disney Internet Group | Site Reliability Engineer | August 2006 - September 2007** - Engaged in dynamic work environment focusing on popular web/ecommerce sites, including disneyworld.com and disneyland.com. - Provided design, architecture, and day-to-day administration for Disney park property sites generating $2 billion annually. - Provided system engineering and PCI compliance expertise for Disneyland.com, Disneyworld.com, DisneyCruiseLines.com, and 23 related properties. - Utilized Jboss instances on RHEL3/4 for business logic and employed Windows 2003 with Tomcat/IIS for frontend application serving. - Automated routine system administration tasks through the creation of batch and VBScript programs for Windows administration. - Led an Active Directory project for WDIG, designing and implementing a nationwide, highly available system across 3 data centers. - Managed the migration from Windows NT to Windows 2003 Active Directory domain controllers, including experience with Windows 2008, Centrify, and Samba/Winbind/LDAP/Kerberos. \pagebreak **Electronic Clearing House | Senior System Administrator | April 2005 - July 2006** - Linux systems engineer in a 24x7 transaction processing/ecommerce/flnancial services environment, collaborating with network administration and infrastructure design teams. - Ensured continuous uptime for high-impact environments, including a 1TB MySQL database, 300TB Oracle database, 1.5TB Oracle Data Warehouse, and a 4,000-store LAMP-based ecommerce system (MerchantAmerica.com). - Successfully deployed an enterprise-wide Linux backup system, featuring encrypted backups stored on a central server with ISCSI attached network storage, utilizing GNUPG and tar over SSH. Regular backups and restores were tested weekly. - Led the deployment of Oracle database infrastructure, implementing two Oracle RAC clusters with Dell 6850 servers, Qual Dual Core Xeon processors, and 32GB of RAM each. The clusters ran on RedHat Enterprise Linux 4.0 64bit edition, serving Data Warehouse, Transaction Processing Software, and Credit Card Clearing applications. **GSI Commerce | System Administrator | March 2002 - February 2005** - Contributed to disaster recovery from an Informix Database failure. - Streamlined FTP server conflguration and deployed open-source remote control software. - Upgraded network infrastructure from hubs to managed switches. **ReachableCEO Enterprises | Freelancer | January 2001 - December 2024** - Deployed,configured,supported Cloudron and Coolify PAAS and a full IT/SRE/Devops and engineering software stack for a stealth aerospace startup. - Provided technician support to a team of electrical engineers building the power system for the radar of FrakenSAM in Ukraine. Handled high / low voltage wiring and plumbing and documentation of those systems. - Provided root cause analysis and remediation for a security breach at a defense contractor. - Developed a rapidly field deployable mesh networking system for a variety of use cases. - Developed a secure global video conferencing system using only 3mbps for a major defense contractor. - Advised on backend infrastructure for broadcasting news and information via radio and internet into hostile powers. \pagebreak ## Skills |Skill|Experience|Skill Details| |---|---|---| |**Linux**|22 years|RHEL,Debian,Ubuntu,kickstart,PXE, LDAP,SSSD,RPM/Deb package creation, quotas,extended permissions, clustering,NFS,Samba| |**Unix**|5 years|HPUX/Solaris| |**Windows**|22 years|Server (2008 2016),Windows client automated deployment (7,8,10,11),Active Directory,Group Policy,WSUS,Certificate Services,AD DNS,AD DHCP,complex multiple forest and domain setups | |**Free/Libre/Open Source software**|22 years|Apache,Postfix,Qmail,Dovecot,Courier IMAP,Nginx,Matamo,Discourse,Wordpress, Mautic,Dolibarr,Revive Ad Server,Firefly,Cloudron,Coolify,Gitea, HomeAssistant, Jenkins,Rundeck,N8N, LetsEncrypt,ACME,cfssl| |**Databases**|22 years| MySQL,PostgreSQL, Dbeaver,PHPMyAdmin,PostGIS| |**Cyber Security**|22 years|PCI Compliance (tier 1 implementations),OpenVAS<,Lynis,security hardening,audits,breach response and mitigation, patch and vulnerability management. AppArmor, SeLinux, Centrify, Tripwire, Integrit, OSSEC | |**Virtualization**|22 years|VmWare,Parallels,HyperV,KVM,Xen| |**Networking**|22 years|Linux Virtual Server(LVS),HAProxy,Ubiquiti Unifi,Opnsense,Pfsense,DNS,DHCP,IPAM,PXE,IPS,IDS,GRE,IPSEC.Wireguard,OpenVPN,Nebula,Tailscale,RADIUS. Mostly layer2 data center/campus/access some WAN,firewall,layer3 | |**Monitoring**|22 years|Uptime Kuma,Librenms,Zabbix,Zenoss,Nagios,Elasticsearch,Logstash,Kibana(ELK)| |**Storage**|22 years|Netapp,EMC,EqualLogic,3par,MSA,TrueNAS/ZFS,iscsi,S3,Azure Storage| |**Cloud**|5 years|AWS,Azure,Kubernetes,Helm,Docker| |**Containerization**|15 years|LXC,Docker,OpenVZ| |**Configuration management/InfrastructureAsCode(IAC)**|22 years|FetchApply,Terraform/OpenTOfU,Ansible,AWX,Hashicorp Packer/Vault| |**Ticket / incident / project management**| 22 years| Jira,ServiceNow,Redmine,RT| |**Git**|15 years|Branching,merging,multiple teams,external vendors,submodules | |**SRE**|5 years| Grafana,Prometheus,Signoz,Wazuh| |**LLM**|2 years|OpenWebUI,QA/validation,RAG,data cleaning/prep| |**Programming**|5 years|J2ME,PHP,Ruby,TCL/TK,Java,C,C++| |**Automation**|22 years|Bash,YAML,TOML,PowerShell,Perl| |**Embedded development**|5 years|Raspberry pi,arduino,seeduino,Lego Mindstorms|