Resume

CURRICULUM VITAE

Lastname Lodder
Firstname Remko
City Barendrecht
Date of Birth 16 October 1983
Place of Birth Rotterdam
Nationality Dutch
Maritial State Married
Gender Male
Experience 16 years


About me

I am an experienced Senior Networking and Security expert, actively working in the field since 2001. During my time in the field I worked in various positions, from operational team member, to teamlead to technical projectleader. As Senior Networking and Security expert, I mentor people by providing them technical assistance, helping with various problems and coaching people in performing better and more considered.

I am broadly certified in the Networking and Security Region with various Juniper, Cisco, Checkpoint and CISSP certifications on the list. Next to that I am an experienced systems administrator, where I managed Solaris, redhat, and FreeBSD systems over the years. I am able to setup machines, administer them, setting up configuration management like puppet, writing scripts to make systems perform better or report certain required information.

While I prefer working in the Networking and Security regions, I do enjoy working with Operating Systems as well, making me an allround expert in my area of expertise. I feel that this experience greatly aids in being an expert and makes me stand out in comparison to others who are mainly focussed on one area of expertise.

I am a real teamplayer, able to lead the team, but also able to follow actively supporting positive attitude and technically improving a team.

I am a flexible person, not hanging to a 9-5 job, but instead working where needed.

Outside of my working experience I am a team member of the FreeBSD project, where I have active commit bits for the doc/ src/ repositories as well as the current FreeBSD Security Team Secretary. In my many years of experience I feel best in the Security Team, where I triage incoming items, write advisories, proofread advisories, and various other tasks that are delated to the Secretary. I am also known for leading the effort in translating the handbook to the Dutch language. I still try to keep this up to date as much as time permits. For the FreeBSD project I also wrote an article in BSD Magazine in 2008, scheduled another one but this one was never published. I Also wrote an article about migrating FreeBSD based firewalls to OpenBSD for my employer (Snow B.V) which was published in Linux Magazine in 2014. I helped review several technical books about FreeBSD, working together with Michael Lucas amongst others.

In my free time I first of all enjoy being with both my sons and my wife. I cuddle around with our 2 cats when they wish to cuddle, or take a walk with our dog. Whenever I am “free”, I also enjoy keeping my knowledge about OS’ up to date, reading various books ranging from fantasy to technical computerbooks, playing my guitar, socializing with friends and family and torching the Big Green Egg.

School Education

Direction Graduated? Package Institute
HAVO Yes Dutch, English, German, Economics 1 and 2, History, Math A1 and A2, Management and Organisation, Geography Johannes Calvijn, Rotterdam
MBO No Technical Computer Science ROC Zadkine, Rotterdam (Hofplein)

Courses through my employers

Year What Company
2001 Email and DNS Tunix
Webservers and Webtechnology Tunix
TCP/IP Tunix
Windows NT 4.0 Administring Compu’Train
Networking Essentials Compu’Train
NLUVG1 (Unix for users 1) Global Knowledge
2002 Firewalls, Perimeter protection and VPN’s The SANS Institute
Cisco Secure IDS Global Knowledge
Shell Programming for System Administrators SUN Educational Services
Sun Solaris Administration 1 Global Knowledge
ITIL Foundations PinkRoccade Educational Services
2003 Hacker Techniques, Exploits and Incident Handling (GCIH) The SANS Institute
2004 Netscreen course (Specially desgined for Employer) Juniper Networks
2005 ISS RealSecure IDS Internet Security Systems (ISS)
2014 CCNP Route Cisco
2014 JunOS Space Juniper Networks
2016 Palo Alto UTD Palo Alto Networks

Publications

Year Where Topic Link
2008 BSDMagazine Installing FreeBSD 7.1 with enhanced security (Jails) Download
2014 Linux Magazine [NL] Free of Open? http://www.linuxmag.nl
http://www.unix.nl/artikelen/free-of-open [full article]

Certifications

Year What
2006 GSEC (GIAC/SANS)
2007 LPI 101 (Linux Professionals Institute)
2007 LPI 102 (Linux Professionals Institute)
2007 ITIL Foundations
2008 Checkpoint Certified Security Administrator (CCSA)
2008 Berkeley Software Distribution Associate (BSDA)
2008 Checkpoint Certified Security Expert+ (CCSE+)
2008 Juniper Networks Certified Internet Associate (JNCIA-FWV)
2009 Juniper Networks Certificate Internet Specialist (JNCIS-FWV)
2010 Certified Information Systems Security Professional (CISSP)
2012 LPI 201 (Linux Professionals Institute)
2012 LPI 202 (Linux Professionals Institute)
2013 Certified Information Systems Security Professional (CISSP) (Extended)
2013 CCNA (Cisco Certified Networking Associate)
2015 CCNP (Cisco Certified Networking Professional)
2016 Certified Information Systems Security Professional (CISSP) (Extended)
2016 JNCIA-Junos (Juniper Networks Certified Associate)

Presentations

Year What Link
2008 Dutch FreeBSD Presentation: From Projectleader to Developer Link [EN]
2009 Dutch FreeBSD Presentation: Welcome, FreeBSD 8! Link [EN]

Working experience

From-Till Employer Role Experience
oct2017-now Snow B.V Linux Administrator at Gemeente Woerden

Maintenance of the Linux servers, enhancing the puppet environment, implementation of git and gitlab, automatic deployment of puppet changes, various other enhancements

sept2016-oct2017 Snow B.V. Networking / Security / Linux Administrator at Snow B.V

Responsible for various updates/upgrades/troubleshooting on the infrastructure. Upgrade of the switching environment (Juniper based), research and implementation of rspamd as external MX gateways

apr2016-sept2016 Snow B.V. Network Administrator_/_Wintershall Noordzee B.V.

Responsible for the Network within Wintershall Noordzee B.V. (Netherlands)

may2014-apr2016 Snow B.V. Senior Network and Security Engineer at Ziggo
/
Teamlead Connectivity

At Ziggo I am involved in the Connectivity team, where I do most large projects by either being the one responsible for implementation and testing, or the one that needs to do the troubleshooting around the project so that every device works the way it should. I give training to my colleague’s, I write presentations about my experience and I write extensive documentation as aftercare for the network management team. I am also involved in projects where I can share my other knowledge around Unix and Applications (like Opsview) to parties that need help troubleshooting.I am also trying to improve processes like ITIL – Changemanagement. I feel connected with that so that we properly document what we are going to do, to a certain cost of registration. I try to find the right balance and created multiple change templates that are in use today in the team to quickly request changes.

With the Juniper SRX devices we made various big firewalls with virtual routers, importing instances, setup_ vpn’s, imported them in Space and resolve issues that occured because of that. Troubleshooting and many more things.

In 2015 I took up the job to also lead the team, which means I am the first point of contact for management, planning and the team members.

At the end of 2015 I switched teams and became the lead network engineer for the group I worked for. Designing a new internal firewall strategy after a company merger, and relocating management networks. I was also able to help and assist with the F5’s and some Unix things.

jan2014-may2014 Snow B.V. Senior Network and Security Engineer I was asked to do a firewall migration of the company’s main firewall. Migrating from one platform to another. I assisted the infrastructure team with designing a new virtualization network, with various and ranging requirements._I wrote an article for the Linux Magazine and I was able to do large contributions towards the FreeBSD Project.
nov2010-dec2013 Snow B.V. Senior Network Engineer / Technical Projectleader at Ziggo At Ziggo I am working as a Technical Projectleader, where I am responsible for a group of people within a project. The project has the goal to migrate all legacy networks to a standarised and uniform network. The network is intended to make management possible without affecting the production side of the network. I am responsible for leading my team of people, planning them, making migration decisions (with the designer of the infra), delivering the project to the operations group. We take care of Firewalls, routers, switches and Console servers. The team currently consists of 4 people, where I am directly managed by the Projectmanager.It is also my job to write the technical documentation needed to do the migration, I am part of the main migration team where we give help and support to the other parties that are connected to our management network.Periodically I support the projectmanager with various tasks, including taking over when he is free or otherwise busy. At those moments I am the main responsible for the project and first point of contact for the project.
2004-present JR-Hosting Co-Founder and Co-owner at JR-Hosting Together with a friend of mine we host a little Hosting company on our colocation machine. Hosting a wide range of people, from photographers to infrastructure experts (damage experts) and from music bands to schools. I am responsible for the well-being of the machine and various technical solutions that build our infrastructure. We use Webmin and Virtualmin for our hosting platform, and FreeBSD as main operating system.
nov2009-oct2010 Snow B.V. Senior Network Engineer, Security Engineer at Getronics Datacenters Member of the network infrastructure team. Handling a multitude of clients, amongst them large government agencies, various public resources etc. Here I took care of a large customer, made improvement changes throughout the infrastructure, upgraded various devices, did massive troubleshooting for some clients.Writing Technical Design’s for a large project which involves the migration of one of the Dutch airline companies to a new location and datacenter. Our manager made me Technical Lead, right next to the Technical Consultant. For this we use various firewall blades (FWSM), ACE and VRF’s which run through multiple devices. Secondary project to help migrate outstations to the new environment, for this I needed to write Technical Design’s.For another client, I am responsible for making sure that multiple regions are able to maintain the client, which involves creating standarized drawings, standarized documentation, connecting the management environments etc. I also do advanced troubleshooting on the firewalls and proxies (Bluecoat) of the client.Helped troubleshooting the environment of an health insurance company, where performance issues had been found. I assisted and supported various troubleshooting periods, worked along with Juniper to get to a resolution of the problem etc.
jan2009-oct2009 Snow B.V. Senior Network Engineer, Security Engineer at Getronics Datacenters From KPN a project was initiated to physically move the datacenters. I was hired by Getronics to make that happen for the government group I worked for. I was the main responsible for this project. With a collegue we did an inventory, cleanup, buildup, administrative tasks, executing the migrations, moving hardware, arranging documentations, communicating with the customers etc. We scored 100% on this move.After that project I am now doing various projects to assist with the customer and implement new features as they desire.
jun2008 – dec2008 Snow B.V. Senior Network Engineer, Security Engineer at KPN At KPN I am doing a large project to migrate the central facilities of a dutch government department. The central facilities included migrating a standalone Juniper firewall to a redundant Fortigate cluster, and migrating a loaded Checkpoint environment to a new Juniper (SSG series) platform. The migrations itself went smoothly given the base that had been used it was a big success! I also helped out the operational team managing all devices by setting up a new monitoring system (NMIS) and using Rancid for various important devices to keep a version track of all configurations. On the social plate I am guiding my collegue’s and training them where needed on area’s that I could help with.
feb2008 – jun2008 Snow B.V. FreeBSD liason In February, I started helping Ed Schouten with his study, Ed is a student temporary working at Snow B.V, writing an MultiProcessorSafe (MPSAFE) TTY layer for FreeBSD. I act as a liason between FreeBSD and Ed to make sure he can graduate. We both traveled to Canada to let Ed give a presentation for the FreeBSD development team. Ed finally graduated with a 9!
okt2006 – may2008 Snow B.V. Unix Engineer, Network Engineer, Security Engineer at Financial Institute At the “Financial Institute” I was a member of the Security / Unix and Networking Team. It was my responsability to maintain various access routers and switches, core routers and switches, as well as key Unix systems and the Firewalls throughout Europe. I was also part of a team that is going to consolidate services and networks from Europe towards one central data Centre (Design phase). I was providing Network architecture, Firewall architecture and where possible Unix server Architecture. From June 2007 till Oct 2007 I trained a new team member with our main area’s of attention: Cisco, Checkpoint and Unix.Starting from late 2007, I was also participating within a consolidation project (Architecture and technical implementation of the design), where I lead the implementations that needs to be done on the networking/unix/checkpoint side. I was responsible for implementing the entire Firewalling infrastructure (multiple clusters, internal security, exteriour security and vpn (remote users, remote site to site) security), both architectural as technical implementation and setup. Together with a Snow Collegue I was also building up the regular network within the new datacenter, implementing a common ground for the routers and switches, implementing tftp services, building up new management hosts with new monitoring tools; all as standarized and flexible as possible. Both my Collegue and I were also very active with communication migrations for the connected countries (we move them from the previous WAN/MPLS provider to the new provider).
2001-sept 2006 ING Bank Operational Firewall Administrator / Security Administrator System administration multiple Sun machines including: Email: Sendmail, DNS: BIND, Checkpoint Management stations and various other tasksSystem administration multiple GUI Applications: Netscape Proxy/Mail Server, Checkpoint, Provider-1, Nokia Horizon Manager, Netscreen Manager, Siteprotector (ISS), HSESystem administration multiple IPSO (3.7, 3.8) machines:Checkpoint FirewallsSystem administration multiple BSD/I , FreeBSD machines: Tunix FirewallsSystem administration multiple ISS RealSecure machines: IDS Server Sensors (Mostly Windows based) IDS Network Sensors (both External as Internal) (based on Windows, Proventia A-series, and G-series appliances)System administration multiple Cisco devices: SCA’s, Appcelera’s, CSS, HSE, Routers, SwitchesReading and acting on multiple security mailinglists/groupsProcessing Security Events (alerting from the IDS machines)Keeping the security filtering up to date for processing and alerting (Perl based)
Functional Security management Maintaining contacts with external branches all over the worldParticipating in projects taking place all over the world (physical location: NL). Here I need to deliver the concept, implementation options and guiding the technical implementor.Reviewing and maintaining security policies, reviews and important security documentation.
Temporary teamcoordinator I replaced the teamcoordinator multiple times when he was not available for work

Projects

From-Till Project Role/Activities
2003-present FreeBSD Maintainer of the Dutch Documentation Project (2003-current),
Member of the FreeBSD Documentation Team (2004-current),
Member of the FreeBSD Security Team / FreeBSD Security Team Secretary (2006-2013, 2014-current),
Member of the FreeBSD Postmaster Team (2017-current),
Member of the FreeBSD Source Committer Team (2007-current),
Former member of the FreeBSD Bugmeister Team (till jun 2012),
Former member of the FreeBSD Ports Security Team (one of the founders of the group),
Starting from Dec 19, 2014 I am acting Liason between the FreeBSD Security Team and the FreeBSD Release Engineering group.
2004-2011 Evilcoder.org Writing my own Administration Toolkits in Perl, I stopped this project to focus more on my work. Writing check_honeynet, a custom tool to check the mirror status for various honeynet mirrors. Honeynet later migrated to a dynamic website which stopped all mirrors and thus the tooling.
2001-2005 DSINet.org Writing Security Articles (Dutch and English)
2001-2004 Mostly-Harmless.nl Guiding newcomers, Projectleader Documentation (contents)

Operating system experiences

Operating System Experience
SUN Solaris mailserver, operational management, scripting, routing, etc.
Linux (Redhat, Ubuntu, Rasbian, Debian, CentOS) Installation, Managing and User experiences (firewalling, software maintenance, hosting, routing, etc.), administration/td>
FreeBSD Installation, Managing and User experiences (firewalling, software maintenance, hosting, routing, custom package building etc.), administration
PFSense Installation, upgrading, managing, user experiences, firewalling, VPN, site to site connections etc.
OpenBSD Installation, Managing and User experiences (firewalling, software maintenance, hosting, routing, etc.)
NetBSD Installation, Managing and User experiences (firewalling, software maintenance, hosting, routing, etc.)
Mac OS X Installation and User experience
Windows Installation and User experience, using office applications (Microsoft based)
Windows 2003 (Adv. Server) Administration, patching, troubleshooting

Software Experience

Application
Apache (Unix & Windows) (incl reverse proxy)
Bluecoat Proxy
Bluecoat AVscanner
Netscape Proxy on Solaris
Netscape Mailserver on Solaris
Iplanet Webserver on Solaris
Nokia IPSO
Juniper ScreenOS (SSG)
Juniper JunOS Security (SRX)
Juniper JunOS Space
Juniper NSM
Avocent / Avocent DSView
F5-Big IP Loadbalancer
Fortigate
ISS Realsecure (incl. Siteprotector Management station)
Gitlab collaboration tooling, administration, setup, hooks, deployment
Puppet, setup, enhancement, deployment, administration
Ticket management systems (BMC, Expertdesk, Tivoli servicedesk, OTRS, IRMa)
Billing software (WHMCS)
Monitoring tools (Bigbrother, NMIS, Nagios, Opsview core and pro)
OSPF (Quagga, OpenOSPF, Cisco, Juniper)
Various Cisco software applications (IOS, CSS, SCA, AppCelera, CatOS, FWSM, ACS, ASA, ACE, management LMS)
VPN: IPSEC/isakmpd and OpenVPN (ssl based)
Smokeping
Mailservers (Qmail, Postfix, Exim, Sendmail)
Mailstorage (Courier-imap, dovecot)
Webmail (Squirrelmail, Roundcube, Open-Xchange)
Hosting management tooling (DirectAdmin, Webmin, Virtualmin)
Databases (MySQL,_ PostgreSQL, SQLite)
DNS Servers (Bind, Unbound)
PHP
OpenSSH
MRTG
tar/gzip/bzip and other standard tool (less, sed, more, grep, etcetera)
Vi/Vim
Mutt
Source code management (CVS, SVN, Mercurial, Git, Perforce)
Source code management software (hgweb, svnweb, gitlab)
Linux firewalling (ipchains, iptables)
BSD firewalling (ipfw, ipf, pf)
Proxies (Squid, Tinyproxy)
IPv6 (Cisco, BSD, Linux)
kernel configuration

And a lot more not mentioned here

Software development

Language Experience
C Basics
Perl Intermediate
PHP Basics
Shell Scripting Intermediate