You are on page 1of 4

Brian McGrogan

brian@encinc.com
352-515-7168

Summary
* Senior software and systems engineer with over 25-years working experience engineering production and development UNIX, Linux and Windows environments
and application software.
* Project specialties include distributed systems integration, automation solutions, high availability, scalability enhancements, clustering, performance tuning,
stress/load testing, system metrics, security enhancements and software development in Borne, Korn, C/C++ (Unix, Win32 API), Perl, PHP and Java.
* Built and part-owned a several thousand customer Internet service provider.
* Presented numerous research papers detailing the methods to efficiently solve complex systems engineering issues.
* Architect of solutions that are used throughout the world today.
* Worked in large production environments supporting tens of millions of customers, thousands of servers and petabytes of databases.

* Authored thousands of applications and scripts for over a hundred clients using many different technologies.

Specialties
Operating Systems: Linux, SunOS, Solaris, HP-UX, BSD/OS, FreeBSD, OpenBSD, NetBSD, SCO OpenServer, NCR SVR4, Tandem NonStop-UX, Irix,
Compaq Tru64, DEC Ultrix, Cisco IOS, Mac OSX, IOS, Android
Hardware: Sun Hardware, HP Hardware, EMC Symmetrix, Clarion, HP, CommVault, Symbios, Hitachi Data Systems, Sun StorEdge,
Arduino Uno / Mega microcontroller, Raspberry Pi
Languages: Perl, ANSI C/C++, PHP, Network programming in Perl and C, shell script (bash, csh, ksh), ANSI SQL, Java, Javascript, Objective C++
Frameworks: Zend, CodeIgniter, Laravel, Smarty, Bootstrap
Security: Grsecurity, iptables, Checkpoint Firewall-1, ipfw, ngrep, tcpdump, Wireshark (Ethereal), ClamAV, GnuPG (PGP), Mcrypt, Stunnel, TrueCrypt, cfs,
Netfilter, Kismet, Snort, Sourcefire Defence Center, Tripwire, ntop, nmap, dsniff, hping3, nessus, Netcat, OpenVPN, tor, tails, AppArmor,
Kali (BackTrack) Linux Distro, Metasploit, OpenVAS, Ettercap, AirCrack, John the Ripper, ophcrack, NBTScan, hondeyd, OllyDbg, IDA Pro,
GDB, Scapy, openssh (putty), OpenSSL (TLS 1, TLS 1.2), sysinternals (ps explorer, tcpview, autoruns, pstools), Squid proxy

Experience
Software Engineer / Founder of ENCINC ( Spring Hill, FL [onsite])

01/1995 Present

Software and hardware engineering projects that are owned and operated internally and sold to customers as a service. The following systems are designed,
deployed and actively sold to customers:
* a payroll, billing and CRM system written in PHP in 2001 and sold as a software-as-a-service hosted to businesses on a per user basis between $5 and $100 per
user depending on functionality.
* an RFID keyless door entry system using Raspberry Pi, Python, PHP, C, Nginx that is sold to hotels and 24 hour fitness centers on a per door basis and installed
on site. The benefits of this system is its remote access API, easy to use web control interface, unlimited keyfobs, easy integration into point-of-sale systems, and
inexpensive cost of $1000 per unit and $200 per door.
* a custom developed LED display system that can be scaled up to hundreds of feet wide in dimension to jumbotron sizes developed using Raspberry Pi and
custom software and hardware written in C, Python, PHP and Nginx and controlled remotely via a Wifi interface. The benefits of this system is unlimited scalability
of pixel dimension, easy to use web interface controlled remotely for controlling content, automated lumen control with photo sensors to adjust lumen count for
night and day visibility, and inexpensive design.
* a custom written CRM system that is used a e-commerce platform which integrates email, phone, transaction processing through 20+ payment gateways,
campaigns of different types (email, sms, phone calls with menu driven interfaces, press-1 campaigns). It was written in 2004 in PHP and uses Asterisk for phone
calls and OSDial as a predictive dialer functionality. It has been used to manage call centers with hundreds of telephone agents handling calls.
* a custom written adserver platform used for traffic management and ad

Software Engineer at Kablelink (Tampa, FL [onsite])

12/2013 12/2015 (2 years)

PHP development of payroll and billing system as well as automation tools to remotely capture data and report back to the billing system.

Software Engineer / Founder at Spring Hill Gym, LLC (Spring Hill, FL [remote])

12/2013 6/2014 (6 months)

Software and hardware engineering of a RFID door entry system running embedded Linux on a Raspberry Pi device. Technologies include Raspberry Pi, Python,
C/C++, MySQL, Nginx and PHP.

Software Engineer at State Farm Insurance (Bloomington, IL [onsite])

04/2012 12/2013 (1 year, 6 months)

Perl, Java development projects involving 43,000 Cisco routers and switches at 18,000 agent locations. Technologies include HP-UX 11, Linux, HP OpenView,
eHealth, Nagios, Oracle, PL/SQL, MS SQL Server, Apache Tomcat/JBOSS, IBM DB2, AAA / Radius Management, Cisco VOIP, Radius, Cisco router automation
interfaces, Cisco router backup software automation interfaces. Used perl with libevent to make several internal monitoring applications more scalable. Worked
with team to setup Splunk cluster to log various perl and syslog messages from different machines to central splunk server. Setup custom iptables whitelist rules on
each internal machine. Wrote scripts to pull data from Sourcefire Defence Center to log to splunk for easy searching for events by IP or application. Added
features/fixed many perl scripts on requests from users and during upgrades. Upgraded from HP-UX to Linux across the environment of hundreds of servers and
aided in script migration effecting hundreds of scripts and libraries.

Software Engineer at SoundMessaging, Inc. (St. Petersburg, FL [remote])

04/2012 8/2012 (4 months)

PHP / Apache / MySQL / Linux (LAMP) development utilizing FreeSwitch PBX, Jquery, Zend framework, Ajax, Smarty. Used Amazon AWS cloud servers with
custom AMI's (linux builds) to auto-scale in a client/server way to be able to handle millions of outbound phone calls per day. Configured host based firewall filters

to whitelist ssh, and syslog and snort with custom IDS rules to log to central Zabbix monitoring host.

Software Architect at Savvis, Inc. (St. Louis, MO [remote/onsite])

08/2011 08/2012 (1 year)

Data Center Migration and Disaster Recovery planning and implementation engagements involving Bank of America, IRS and Amgen. Technologies include
Oracle, Webshere, Weblogic 10, JMS, Jrockit, VPDC, MS SQL Server, Java, Apache. Provided on-site pre-sales Software Architecture support, scripting, and
documentation to assist during migrations with new clients.

Software Engineer at Bersin, Inc. (Oakland, CA [onsite])

05/2011 11/2011 (6 months)

ASP.NET and C# development under Windows. Integrated shopping cart into site, added document search infrastructure, setup network monitoring with Zabbix.
Setup ssh whitelisting on cloud boxes, Sourcefire with IDS rules and tcpdump to log unusual traffic a secure internal machine. Used Amazon AWS, and Rackspace
Cloud and maximumasp.net for hosting. Added scripts to Zabbix to add IVR functionality to make outbound phone calls when events would happen and prompt
users through a phone system menu prompt to acknowledge the alarms.

Software Engineer at I-Group, Inc. (Tampa, FL [remote])

07/2007 08/2010 (3 years, 1 month)

PHP / Apache / MySQL / Linux (LAMP) development of insurance industry CRM using Jquery, Ajax, Smarty, CodeIgniter framework and Asterisk. Setup iptables
firewall with ssh whitelisting, snort with custom rules, syslog and tcpdump to log unusual traffic to a different machine.

Technical Lead Programmer / Systems Engineer at Yahoo! (Sunnyvale, CA [remote])

04/2010 11/2010 (7 months)

Design and Implement web based financial forecasting application which is used internally by management to project how much money and headcount to budget
based on how much money and headcount they have already allocated. It is written in PHP and PL/SQL under Red Hat Enterprise Linux, uses Oracle 10g, uses
stored procedures, uses Javascript and Ajax functions. It is secure against XSS (Cross Site Scripting), XSRF (Cross Site Request Forgery) and SQL Injection.
Responsible for business functional requirements, algorithms development and system design specification documentation for projects.
Technologies include: Subversion for revision control, Bugzilla for bug tracking.

CTO / Founder at Autopost, Inc. (Tampa, FL) [remote]


(4 years)

12/2004 12/2008

* Web application written in Perl and PHP which allowed people to pay for automated postings on several different web sites: craigslist.org, dice.com,
roommates.com.
* Wrote and supported a scalable system using over a dozen servers using a combination of proxy hosts running squid proxy and also software that automatically
changes IP addresses on DSL and PCMCIA/USB cellular Internet devices to maintain a large pool of unique IP addresses.
* Wrote tools and algorithms to automatically decode CAPTCHA images and voice files from the sites we were posting ads to.
* Wrote tools and algorithms to evade correlation algorithms from craigslist which allowed us to be able to reliably post over 100,000 ads per day on these sites for
our customers during the time we were in business.

Systems Engineer / Programmer at Verizon Data Services (Tampa, FL [onsite]) 08/2007 05/2009 (1 year 9 months)
* Perl, PHP, Bourne Script development and systems engineering on Solaris and Linux network supporting millions of customers on their POTS network.
* Responsible for Tier-3 support of a production Solaris and Linux environment consisting of over 150 servers on a team of 6 systems administrators
* Technologies include: E10K, F25K servers, EMC Symmetrix and HDS storage, Perl & Bourne / Korn shell scripting, Veritas Volume Manager, Vertias Cluster
Server, Apache, Sun ONE Java application servers, Oracle 10g databases

Lead Programmer / Systems Engineer at Yahoo! (Sunnyvale, CA) [onsite/contract]

10/2006 04/2007 (7 months)

Design and Implement web based financial forecasting application which is used internally by management to project how much money and headcount to budget
based on how much money and headcount they have already allocated. It is written in PHP and PL/SQL under Red Hat Enterprise Linux, uses Oracle 10g, uses
stored procedures, uses Javascript and Ajax functions. It is secure against XSS (Cross Site Scripting), XSRF (Cross Site Request Forgery) and SQL Injection.
Responsible for business functional requirements, algorithms development and system design specification documentation for projects.
Technologies include: Subversion for revision control, Bugzilla for bug tracking

Systems Programmer at Full Spectrum (Clearwater, FL) [onsite/contract]

02/2006 10/2006 (9 months)

Responsible for software development of a voice telephony server written in C/C++ and Perl utilizing Dialogic T-1 cards and Oracle 9i databases on RedHat Linux.
The changes that I was able to deliver increased their profit by over $10K per day during the time I was working there.

Senior Unix Systems Engineer at AT&T (Tampa, FL) [onsite/contract]

02/2005 09/2006 (1 year 8 months)

* Responsible for Tier-3 support of a large Solaris, HP-UX and Linux environment consisting of over 300 servers in four sites for an Interactive Voice Response
(IVR) platform, utilizing dialogic DM-3 T-1 cards on a team of over 10 systems administrators.
* Develop scripts in Borne, Korn, Perl, PHP and C to automate tasks, generate reports, throttle load across servers, fail-over traffic to other sites, DNS automation,
LDAP authentication, task management web interface for our team, modifications to existing
code, Openview/ITO and BMC Patrol alarm scripts.
* Wrote documentation for implementation procedures for disk mirroring with Veritas, disk array maintenance on EMC Symmetrix, StorEdge and Hitachi, NetApp
filers, IBM Blade servers, Jumpstart, Kickstart, NetBackup setup, Brocade Silkworm fibre channel switches
setup and maintenance and other systems administration related tasks.

Software Engineer at Railway Media, Inc. (Miami, FL) [remote/fulltime]

02/2004 02/2006 (2 years)

* Designed and implemented a hand held video player which is rented to riders at Amtrack train stations.
* Responsible for lead development of frame buffer GUI-based application written in C/C++ running on ARM Linux.

CTO / Founder at Medical Dictation, Inc. (Brooksville, FL) [onsite/fulltime

01/2002 11/2004 (2 years 11 months)

* Design and implement efficient telephone voice dictation system. The server application is written in C/C++ and runs on RedHat Linux using Dialogic T-1 cards.
* Design and implement audio player application to download and control audio playback using a USB foot pedal written in C/C++ and Win32 API and USB

drivers.
* Design and implement a Windows based hand held voice dictation solution written in C/C++ using Win32 API.
* Design and implement secure web based payroll, billing, contact management, document management system written in PHP, Perl and C with Apache / Oracle.
* Wrote scripts to detect downtime on network interfaces and to automatically switch the internal network to use different network interfaces, also to switch DNS to
different IP addresses when our site went down to allow for site fault-tolerance.
* Setup Linux ipchains firewall with syslog and snort with custom rules to log to a different machine. Setup custom monitoring script to notify via pager when
major events occurred.

Senior Unix Systems Engineer at AT&T (St. Louis, MO) [onsite/contract]

02/2002 05/2002 (4 months)

Responsible for Perl script development for for a large network with over 600 production Solaris, HP-UX and RedHat Linux servers supporting 10 million
subscribers. Wrote scripts to extract data data from thousands of machines and deliver reports and statistics to management on performance issues with various
applications running on the network including Email, Usenet, PPP Authentication, etc.

Senior Systems Engineer at NJ Department of Labor (Trenton, NJ) [onsite/contract]

04/2001 10/2001 (7 months)

* Solaris and HP-UX administration of an Enterprise environment providing interstate tax transaction processing for employees and outside partners. This is a
database migration project from IBM MVS mainframes to distributed systems. Provide production Unix support for infrastructure servers. Provide support for
logical volume management software (Disksuite 4.1, VxVM, HP LVM) accessing StorEdge 5200
disk arrays and StorEdge T3 and EMC Symmetrix 3930-36 disk array.
* Configure, maintain, performance monitor/tune, troubleshoot, document Ultra 5's, UE450, E3500, E6500 and E10K servers in various hardware configurations.
* Designed and implemented a suite of scripts to thoroughly test and report on the integrity of a new Unix network migration project. Constructive and scheduled
destructive custom tests provided centralized, 24-hour differential reporting on the independent states of print, mail, DNS, LDAP, NIS, and NFS services.
* Design and implement two UE6500 servers and two Sun StorEdge T3 Fibre-Channel disk arrays running Oracle RAC, VCS, and VxVM.
* Redesign network backup strategy using Legato NetWorker (Solstice Backup) over a dedicated 100Mbit network with a UE450 server with one ATL P1000 DLT
tape changer using EMC TimeFinder.
* Develop tools written in Perl and Java for management of Netscape Directory Server (LDAP) instance which was used for company wide e-mail
* Develop web-database applications in Perl, PHP and Java Servlets to allow automation of unemployment benefits claims, on iPlanet (SunONE) 4.1 SP7 and
Apache.
* Develop scripts to interface with Legato NetWorker
* Developed software in C to load test and report on the configuration and performance of each Veritas cluster node to eliminate NFS and Oracle bottlenecks.
* Developed secure web application in Java to manage email access using Sun One/iPlanet Directory Server (LDAP) on IBM WebSphere for 7,000 employees.

Senior Unix Infrastructure Architect at Telcordia Technologies (Piscataway, NJ)

05/2000 04/2001 (1 year)

* Solaris and HP-UX architecture and administration of an Enterprise platform written in C++ and Java that provides carrier grade VOIP to allow cable modem
providers to sell local telephone service.
* Architect, document, prototype, performance monitor/tune the hardware and software for a voice-over-IP network capable of handling 400,000 subscriber lines
with 20% utilization (80,000 64Kbps PCM audio telephone conversations at the same time)
* Configure, maintain, performance monitor/tune, troubleshoot, document (6) Ultra 5 servers; (16) Sun Ultra E440R servers; E6500, HP 800 K Class and T Class
running HP-UX 11
* Designed and implemented a suite of tools written in C to thoroughly test and report on the performance of new multi-channel failover ethernet cards from Zynx. I
was able to isolate specific Cisco IOS and Zynx driver tunables that would impact the performance of these cards failover ability. I presented a paper on the best
practice Cisco router and Zynx driver configuration to maximize throughput and high availability when using these cards. We used (2) Cisco 6509 Series routers in a
HSRP configuration during these tests
* Presented a paper outlining current infrastructure computer security models, detailing weaknesses that were unknown prior to my report. These weaknesses could
be used by unknown attackers on the cable modem network to gain unauthorized usage of telephone service, and cause denial of service against other cable modem
subscribers on the network.
* Document and performance test failover requirements such that critical software components may be taken out of service, without any loss of service.
* Presented a paper outlining current software component failover methodology, detailing specific weaknesses that existed with these methods. I detailed specific
methods for software component failover which were more robust and efficient than current practice.
* Lead implementation teams in constructing network components at customer sites.

Senior Unix Systems Engineer / Administrator at Net2Phone (Hackensack, NJ) 08/1999 12/2000 (1 year 5 months)
* Solaris administration of an Enterprise environment providing support for production and development telco (Voice-over-IP) infrastructure processes supporting
three million customers.
* Provide support for logical volume management software (Veritas Volume Manager 2.6 and Solstice Disksuite) accessing Enterprise storage systems from Sun
Microsystems (StorEdge A2000 disk array)
* Configure, maintain, troubleshoot and document high availability clustering software (Veritas FirstWatch or Veritas Cluster Server on Solaris, and
MC/ServiceGuard on HP-UX) on dozens of mission-critical and development servers.
* Configure, maintain, performance monitor/tune, troubleshoot, document Sun Ultra 2, UE450, Ultra 250, UE3000, UE4500, UE6500, SparcStation 1, 5, 10, 20
servers and workstations.
* Implemented mail server farm composed of two Sun UE450 servers, two Network Appliance F740 Filers with 200GB mirrored storage.
* Implemented web server farm composed of four Foundry ServerIron web/ssl load balancing layer-4 switches at two sides with each pair in a primary/standby
configuration.
* Implemented Unified Messaging System network (voice mail services over the Net2Phone client) composed of two load balancing Foundry BigIron 4000 gigabitswitch routers balancing/trunking connections between one Foundry ServerIron layer-4 switch connected to each router.
* Redesign network backup strategy using a UE450 acting as a Veritas NetBackup server with one ATL 7100 DLT tape changers with 68 slots each upgradeable to
150 slots and three DLT 7000 drives internally upgradeable to six. This reduced database backup time from 20 hours down to 5 hours and eliminated the need for
changing DLT tapes by NOC staff.
* Design and implement migration from one UE3000 mission-critical database server two UE6500 servers and two Sun StorEdge 5200 Fibre-Channel disk arrays
running Oracle 8 and VCS.
* Configure Cisco PIX firewall, syslog and snort on internal web servers and rule sets managed centrally to log server. Also setup tcpdump to log unusual packets to
a central server. Setup tripwire to log file modifications across the environment.
* Hired junior systems administrators and acted as a mentor and technical lead on projects.

Senior Unix Systems Administrator / Engineer at AT&T (Somerset, NJ)

08/1998 04/1999 (9 months)

* Manage over 100 production servers running Solaris, HP-UX, SGI Irix, SunOS 4, NCR SVR4 and RedHat Linux used in telco infrastructure processes.
* Managed Veritas Volume Manager and HP-UX LVM storage arrays from Sun Microsystems (SSA A200, StorEdge A5000 disk array), HP, and Symbios.
* Design, deploy and support Veritas Cluster Server (VCS) and MC/ServiceGuard. Servers ranged from Sun Ultra E5000 to E10K and from HP K570 to HP T600.
* Internet services (DNS, NFS, FTP, SMTP, NIS/NIS+, WWW (Netscape Enterprise Server 3.5)) Oracle 7.2.2.3 and 7.4.3; Migration from Sybase ASE 11 to Oracle
7.4.3; Installation and configuration of Tuxedo; Tuning of Cisco IOS configurations; Internet Firewalls (Checkpoint Firewall-1); Comvault backup systems.
* Develop Perl and shell (korn, bourne) scripts and web applications to automate tasks and simplify administration.
* Wrote system in perl that automated the process of collecting inventory on thousands of machines on our network by logging into the machine using Net::Telnet
and running various diagnostic commands, and then centrally storing this on a web server, and then further tools to analyze differences between revisions in time.
This saved thousands of hours of time, because this was being done prior using Excel spreadsheets and copy/paste command output by manually by hand.

Senior Unix Systems Engineer at Motorola (Arlington Heights, IL)

09/1995 08/1998 (3 years)

* Responsible for domestic and international second and third level Unix support for hundreds of Enterprise servers involved in wireless telco infrastructure.
* Development of applications C and Perl to improve telco infrastructure processes on a network of over 400 HP-UX servers worldwide.
* Development of application to throttle call activity on demand and generate usage graphs of call activity.
* SunOS/Solaris, HP-UX, Tandem (Compaq) NonStop-UX and SGI Irix administration of an Enterprise environment providing support for production telco servers
and workstations. Provide support for logical volume management software (Veritas Volume Manager and HP-UX LVM) accessing Enterprise storage systems from
Sun Microsystems (SSA A200, StorEdge A5000 disk array), Hewlett-Packard (Jamaica disk arrays)
* Configure, maintain, troubleshoot and document high availability clustering software (Veritas FirstWatch or Veritas Cluster Server on Solaris, and
MC/ServiceGuard on HP-UX) on dozens of mission-critical and development servers.
* Configure, maintain, troubleshoot Internet services (DNS, NFS, FTP, SMTP, NIS)
* Configure, maintain, performance monitor/tune, troubleshoot, document (6) Sun Ultra 2 servers; (4) Sun E3000 servers; (300+) Tandem MIPS/R4400 running
NonStop-UX (8) HP 9000/Series 800 K Class K570, K480 servers; (4) HP 9000/Series 800 T Class (T500, T600) servers; (20+) Sun SparcStation 5, 10, 20 servers;
(20+) HP 9000/Series 712 workstations in various hardware configurations.
* Installation and tuning of Informix and Oracle servers
* Designed and developed scripts in Perl and bourne shell that generated graphical charts and graphs detailing the activity of AMA (Automated Message
Accounting) logs coming off of Motorola EMX-2500 CDMA cellular switches.
* Troubleshoot and communicate solutions to customers, generate and administrate trouble tickets.

Senior Systems/Software Engineer at Mobile Internet Services

06/1990 09/1995 (5 years 4 months)

* Designed and implemented applications in C, Perl and Bourne shell to provide for web development, security, kernel modules, and payment processing using
Cybercash and communicate to Oracle databases.
* Unix systems administration and part ownership of a medium sized (several thousand dialup users located in several states) Internet Service Provider (ISP).
Provide production Unix support for several hundred web sites.
* Provide second level Unix support for production and development Sun servers running Solaris 2.x, HP 9000 servers (K570 Series) running HP-UX 9.05 - 10.20,
Intel Pentium servers running Linux 1.x 2.0.35, FreeBSD 2.2.6 and OpenBSD 2.3, IBM AIX. Provide support for Cisco routers (2500, 3600), terminal servers
(Livingston PortMaster III, Bay Network Remote Annex 4000 PRI).
* Configure, maintain, performance monitor/tune, troubleshoot Internet services (DNS, WWW, FTP, SMTP, NFS)
* Full responsibility for host and network security
* Continuous upgrades/patches of software, added many custom cron jobs
* Developed scripts to automate the processes of adding virtual domains and web sites, Internic domain registration, SSL certificates through VeriSign, NIS
password maps, enterprise-wide MD5 integrity checking of binaries.
* Developed C, Perl and shell (korn, bourne) programs to monitor network traffic/usage patterns, display PortMaster usage statistics and usage irregularities in realtime via a web interface. Developed scripts to automate the process of denying simultaneous PortMaster connections by dialup users.
* Designed and developed log file analysis scripts that would provide a rules based method to pinpoint and block or throttle suspicious traffic. These scripts were
used to block spammers in real-time, to throttle network bandwidth in real-time for specific users involved in certain activity, etc.
* Designed and developed systems in Perl and C to simplify remote system administration, user editing and auditing, and accounting.
* Wrote custom sniffer written in C using libpcap (originally without libpcap) called SuperSniffer or ss which had advanced features such as compilation on many
unix platforms, encryption of log files, dumping log files to a remote machine over predefined intervals, automatically decoding telnet, ftp and rlogin/rsh usernames
and passwords to log them efficiently on one line.
* Wrote custom linux kernel modifications to log command line execution to syslog. Added changes to the bash source code to allow for command line execution.
Added custom changes to the linux kernel to lock down the linux kernel by preventing non-root users from executing binaries from untrusted paths.
* Setup tcpdump and custom logging tools to log unusual packets to a central server across the network and then firewall suspicious activity automatically.