Technology Stack Experience
Tiers (usage-based — what’s central to MY practice, NOT a mastery/complexity rating):
- ⭐ Core (central to how I work; I reach for it regularly, in production)
- ● Proficient (used to deliver real work; independent) · ◐ Familiar (projects / homelab / exposure)
- ○ Learning. This rates centrality, not expertise — “Terraform is core to my work” is a fact, not a boast.
⭐ Core strengths: Ansible · Terraform · Linux · HashiCorp Vault · Docker · VMware · Git · Bash · sovereign / secure & air-gapped infrastructure
Automation & Infrastructure as Code (signature area)#
- ⭐ Core: Ansible · Terraform · Vault (internal PKI/CA, ACME, secrets, HSM integration) · Git (GitLab/GitHub/Gitea/Bitbucket)
- ● Proficient: Packer · Rundeck · Semaphore (automation delivery) · PXE/Kickstart · Chef (dated — Surrey)
- ◐ Familiar: CI/CD (GitLab pipelines) · Molecule · Consul (light/dated)
Containers & Orchestration#
- ⭐ Core: Docker
- ● Proficient: Docker Swarm · Traefik
- ◐ Familiar: Podman · OpenShift (exposure)
- ○ Learning: Kubernetes (active priority)
Cloud & Virtualisation#
- ⭐ Core: VMware (vCloud Director, vSphere, ESXi) · Private / Sovereign cloud
- ● Proficient: Proxmox
- ◐ Familiar: KVM · Oracle Cloud Infrastructure (OCI) · AWS
Operating Systems#
- ⭐ Core: Linux — RHEL, Debian, Ubuntu, CentOS, SUSE (primary, ~20 years)
- ● Proficient: Windows Server (& Desktop) · macOS
Security & Compliance#
- Frameworks & standards: FitSM (Foundation; Process Owner – Change Mgmt) · ISO27001 · NIS2 · ITIL · Cyber Essentials
- ⭐ Core: OS hardening · PKI / certificates (Vault internal CA, ACME, HSM integration) · classification-aware & air-gapped deployment
- (Vault open-source: Core. Vault Enterprise features: less familiar.)
- ● Proficient: SIEM (Wazuh, Graylog, OpenSearch/Elasticsearch) · firewalls (iptables, firewalld, UFW) · penetration-test remediation · DevSecOps · Zero Trust
- ◐ Familiar: OPNsense · pfSense
Monitoring & Observability#
- ● Proficient: Zabbix · OpsView (Nagios) · Graylog · Uptime Kuma
- ◐ Familiar: Prometheus · Grafana
Networking#
- ● Proficient: Ubiquiti UniFi (multi-site live deployments) · HAProxy · KeepAliveD · DNS (BIND/
named, FreeIPA) · structured cabling, rack/patch - ◐ Familiar: HP ProCurve / Aruba (dated) · Mikrotik · OPNsense / pfSense · Netbird (mesh) · AdGuard Home
Storage & Backup#
- ● Proficient: Quantum StorNext (~1 PB migration — Surrey) · MinIO (S3) · SAN administration
- ◐ Familiar: Dell EMC · Dell FluidFS · OnStor (all dated — Surrey/RHUL)
Databases (operational, not DBA-level)#
- ◐ Familiar: PostgreSQL · MongoDB · MariaDB (Galera, MaxScale) · MySQL
Identity & Directory#
- ● Proficient: LDAP / Active Directory · FreeIPA · Samba
- ◐ Familiar: Kanidm (SSO) · Kerberos · Open Directory
Web, Mail & Services#
- ● Proficient: Apache · nginx
- ◐ Familiar: Traefik (see Containers) · Postfix · Dovecot · Sendmail · Nextcloud · Immich
Asset & Service Management#
- ● Proficient: NetBox · Device42 (CMDB) · Ivanti Service Manager · Confluence / Jira
- ◐ Familiar: osTicket · GLPI · InfoBlox
Languages & Scripting#
- ⭐ Core: Bash
- ● Proficient: Python
- ◐ Familiar: PowerShell · Batch · Make
Practices & Methodologies#
- ⭐ Core: Infrastructure as Code · immutable infrastructure (“flock of sheep, not pets”)
- ● Proficient: DevSecOps · Agile / Scrum · ITIL & FitSM change/incident management
- ◐ Familiar: CI/CD · TDD
- ○ Learning: GitOps