Close

Antonino Abbate

DevOps and Security Engineer

Download Resume

About Me

I am passionate about Monitoring and Infrastructures, I'm a continuous learner and curious, I like a lot to improve my skills and my knowledge. My specialities: Engineering IT and Network Operations, Monitoring, Security Management, Systems Management, Network Management, Vulnerability Assessments, IT Compliance, Systems Integration, Disaster Recovery, Continuous Integration/Continuous Deployment (CI/CD), Project Management, Engineering Cloud Infrastructures and Services.

Experience

THE I

Founder

The company is specialized in the following areas and activities:

  • Infrastructure engineering
  • Systems integration
  • Monitoring
  • Data centers migration
  • Disaster Recovery
  • Deployments (infrastructures, services, applications, platforms)
  • Information Security
  • Project & Service Management
  • Cost Analysis, Cost Saving and Re-engineering
  • NOC & SOC Engineering
  • Security Assessments
  • Infrastructure Development
  • Vendini

    Operations Engineer

    Everything about Infrastructures, Networks, Systems, Applications, Security, Deployments, Environments, PCI Compliance. Agile Methodologies, Project and Service Management.

    Xaos Systems

    ICT Engineer

    On-site consultant to the following clients:

    • IT Security and Compliance Engineer - Telecom Italia Sparkle

      Risk Assessment, Gap Analisys, Patch Management, Internal Auditing, Hardening, Security Plans and Documentation: all activities performed for a successful Security Audit.

    • Network Engineer - Telecom Italia Sparkle

      Delivered ADSL lines to all DSV Saima Avandero's offices. Configured all Telecom Italia Sparkle management services.

    • Network and Security Engineer - Mibac

      Configuring and managing network devices, L2/L3 troubleshooting, Routing protocols, ACLs, Firewalling.

    • System and Network Security Engineer - Bank of Italy

      Managing Bank of Italy's internet facing Infrastructures, delivering Proxy/Antivirus, Email and Security services.

    • Network Engineer - Wind

      Configuring and managing network devices, L2/L3 troubleshooting, Routing protocols, ACLs.

    • Network Engineer - Italian Prime Minister Council

      Configuring and managing network devices, L2/L3 troubleshooting, Routing protocols, ACLs.

    UIC onlus

    Software Developer, IT Instructor

    I taught ECDL modules to blind and visually impaired students, I've also developed their website in order to meet W3C standards (usability and accessibility), moreover I developed a stand-alone application (for Microsoft Windows) that describes (using automated synthetic speech) HTML pages browsing with Microsoft Internet Explorer.

    Education

    University of Messina

    Sept 2001 - July 2005

    Bachelor of Science in Computer Science

    Principal skills acquired: Information technology basics, mathematical analysis, statistics analysis, Physics and Electronics.

    Projects

    Security Assessments

    As Security Architect I did a high-level security evaluation of current client's infrastructures. I produced a document analisys where I described what are the suggested and mandatory changes to apply. Thanks to this analisys the client had a clear picture of its infrastructure security wise and he is now more proactive to resolve the security issues.

    Technologies: Cisco, Fortinet, Huawei, Barracuda, Netscaler, Sophos, Darktrace

    Privileged Account Manager

    The client needed a solution to manage the accesses to its infrastructure, I've implemented a PAM (Privileged Account Manager) solution that permits to manage the accesses through privilege escalation and sessions auditing. This solution permits to record the sessions producing videos, screenshots and keystrokes logs of all activities done in the session.

    Technologies: MicroFocus NetIQ, Windows Server, Active Directory

    AWS Spending Review

    I analyzed the costs and made save the client 16k$ each month by removing unused services, resizing the EC2 and RDS instances, reserve the instances.

    Technologies: AWS.

    Infrastructure as code deployment

    I've designed and written the infrastructure using Terrafom, I've created scripts to deploy the environments separately

    Technologies: Terraform, AWS (VPC, EC2, RDS, S3, Route53, Systems Manager Parameter Store, IAM, etc..) Linux, Bash, Gitlab.

    Logs Monitoring Infrastructures

    I've designed and implemented the logging infrastructures in order to aggregate, filter and show logs in a single platform that permits us to do fast searches and creating graphs using the collected data.

    Technologies: rSyslog, Logstash-forwarder, Filebeat, ELK stack (Elasticsearch, Logstash, Kibana), Nginx, Redis, Linux, Windows, NxLog, Filebeat, ELK stack, Redis, Nginx, Active Directory, AWS (EC2, ELB).

    Intrusion Detection Systems Infrastructure

    I've designed and implemented the Network Intrusion Detection System (NIDS), Host-based Intrusion Detection System (HIDS) and Security Information and Event Management (SIEM) platform.

    Technologies: Ossec, Snort, Pulled Pork, Barnyard2, mariadb, Nginx, Snorby (a Ruby application by ThreatStack), Linux.

    Network Devices Automated Backups

    We needed an application that automatically stores the configurations of our network devices and that notify us when a change happens, Oxidized granted us to do all of this. For this infrastructure I deployed the application in order to get the configurations from all network devices and to store them to a dedicated Bitbucket repository, if the configuration gets updated it will notify the differences in a dedicated Slack channel.

    Technologies: Oxidized (a Ruby application), mariadb, Bitbucket, Docker, Slack, Linux. Devices: Cisco, Palo Alto, A10 Networks, Arista Networks.

    On-call alerts classification and Reporting

    We needed a application to track of our daily activities and for reporting of all on-call alerts, so we decided to use Etsy Opsweekly. I developed the connector for Bitbucket and contributed to fix the connectors for Jira, Pagerduty and Github. Also, I developed the docker container for this application.

    Technologies: Opsweekly (a PHP application by Etsy), mariadb, Bitbucket, Github, Jira, Pagerduty, Docker, Linux.

    View docker-opsweekly Source

    Post Mortems Tracker

    We needed an application to keep track of post-mortems, Etsy morgue provides what we needed, it also integrates with Jira and keeps track of dates on a Google Calendar. As a side effect of this project I developed a dockerized version of this application.

    Technologies: Morgue (a PHP application by Etsy), mariadb, Google Calendar, Jira, Docker, Linux.

    View docker-morgue Source

    SNMP Monitoring

    We needed to get the metrics from our network devices using SNMP, so the best candidate for this purpose was the SNMP-exporter for Prometheus. While I was working on it, I developed the docker container for SNMP Exporter configuration generator, it generates automatically the configuration for snmp-exporter starting by the MIBs ingested.

    Technologies: Prometheus, SNMP exporter, Grafana, Docker, Linux. Devices: Cisco, Palo Alto, A10 Networks, Arista Networks.

    View docker-secg source

    Monitoring Infrastructure for Credit Card Transactional Infrastructure

    The requisites were to monitor an infrastructure without having access to it (due security restrictions), so the metrics are unidirectionally pushed by the infrastructure to the monitoring application. The data is stored as metrics on a InfluxDB database and displayed with a custom dashboard in Grafana. The monitoring and alerting features are provided by Icinga2 and Pagerduty.

    Technologies: Icinga2, nsca-ng, InfluxDB, Grafana, Docker, Linux, Pagerduty.

    Bank of Italy Data Center Moving

    Moved all production and test infrastructures to a new colo in a different location. Ensure 100% services uptime during this activity.

    Skills

    Get in Touch