Enterprise Architect at Nominet
Jan 2020 - Present
Infrastructure Solutions Architect at Nominet
Jan 2019 - Dec 2019
Senior DNS & Network Engineer at Nominet
Jan 2015 - Dec 2018
Nominet Career Summary
I joined Nominet as a senior technical member of the team that operates the nameservers for the uk ccTLD along with a number of other gTLDs (such as bbc, & bentley) that Nominet provide the registry services and DNS for. My first accomplishment was to lead the network elements of the redesign of the nameserver infrastructure that underpins the DNS for .uk and other TLDs that Nominet run. I made the case for switching to an anycast based design, and was instrumental in the execution of migrating to the new infrastructure seamlessly.
During my time at Nominet, I've also planned and executed the DNS and DNSSEC elements of seamlessly transitioning TLDs from other providers into Nominet, without unsigning the zone(s), and without impact to the wider internet. There are numerous considerations when undertaking such work, from IANA technical requirments such as predicted response sizes, through to requiring a detailed understanding of how DNS and DNSSEC work, and the implications of resolvers around the world caching results.
I led the design of the resolver infrastructure underpinning the UK Public Sector DNS Service.
I've continued throughout, to work closely with the Infrastructure Operations and DevOps teams, who look after the registry systems such as whois, EPP, etc, as well as the infrastructure that underpins it.
More recently, I've defined the high level vision for Nominet's technology transformation programme, that aims to both replace aging hardware, as well as modernise the design of the infrastructure to support more modern, efficient ways of operating, and deliver on the various requirements of stakeholders such as accreditors, auditors and regulator.
This programme also provides a perfect opportunity for the review, or creation of the various standards and policies that underpin the consistency required for operations and future design in such a complex environment.
I am comfortable conveying complex technical design and challenges to audiences of all levels, be it induction for new engineers, through to exec or board level conversation.
My major accomplishments so far include:
- Leading the network re-design of the nameserver infrastructure, adding anycast, and migrating to the new nameservers with zero outage or downtime.
- Leading the design of the UK Public Sector DNS Service.
- Define the initial vision for technology transformation.
Principal Network Engineer at Symantec Corporation
May 2011 - Dec 2014
I'm part of a team that is primarily responsible for keeping the lights on within the global networks encompassing AS21345, 26282 & 7583, as well as their connectivity to transit providers and peers alike.
We also acted as Network Lead on projects, consulting with them to ensure best practice is employed whilst delivering solutions that are fit for purpose.
Major accomplishments include the design and implementation of a global load balancing platform, including the seamless migration from a previous vendor's hardware with zero downtime.
Earlier Career at Symantec, formerly MessageLabs
January 2000 - May 2011
Leading up to my appointment as Principal Network Engineer, I was a Senior Service Platform Engineer. When a new project is initiated to provide anything from new functionality, through to complete SaaS product lines, Service Platform engage with other key stakeholders to help question and refine requirements, and ensure the solution is fit for purpose. They then work with other areas of Infrastructure to produce the hardware, network, and traffic flow design, and work with project managers and supply chain to acquire quotes and secure space, network and power availability in our datacentres.
The role was also heavily involved in research of new hardware, my most recent evaluation and proof of concept resulting in investment in F5 hardware for local and global traffic management. I am generally seen as the "buck stops here" person for internal F5 escalation, prior to problems being escalated to F5 Support.
I started at MessageLabs, as it was then, in 2000 as a Senior Engineer when they grew out of Star Internet. This was in the early days of the company, and so Senior Engineer pretty much meant everything from research and design of new equipment, through implementation to support and customer provisioning. I was involved with the continuing design and support of the mail scanning architecture, as well as the mechanisms that ensured anti-virus signature updates got out to them, and statistical data collected from them. The equipment was housed in a number of datacentres around the world to ensure resilience.
As the company grew, I moved into a newly created team that more specifically looked after this infrastructure, its design, build, installation, and hand over to the operational support teams.
The role of Senior Infrastructure Engineer involved me in the design and implementation of new architecture, the research of new hardware and potentially its implementation, network design, support and monitoring, and the production of tools and utilities to aid the support teams in de-skilling tasks to enable them to become more efficient. In this role, I produced tools that included scanning our customer base for open relay, checking our mail infrastructure for latency and SLA compliance and a configuration generator that produces switch, router and load balancer configurations to minimise human error when configuring equipment. This role quickly evolved as the company grew, and a new team was created, dedicated to the production of these tools and utilities, and the growing need for monitoring tools.
In that role, as Engineering Developer, I was primarily involved in the production and support of these support tools. Mainly written in perl, they are either command line based, or perl CGI.