Senior Linux & Infrastructure Engineer · Ireland · Remote

I fix, migrate, and stabilize
Linux infrastructure.

Debian, KVM/libvirt, VPN/PKI, Apache/Nginx, Asterisk VoIP — production-grade, hands-on. Especially useful when things are complex, partially broken, or business-critical.

Core stack: Debian · KVM/libvirt · VMware ESXi · iptables/nftables · OpenVPN/WireGuard/IPsec
Apache/Nginx · Asterisk PBX · Cisco/MikroTik · Active Directory · Ansible · Squid

Get in touch Problems I solve

01 — About

Who I am / background

Senior Linux & Infrastructure Engineer with 20+ years of hands-on production experience. I work across the full infrastructure stack — from hypervisors and storage to network security, VPN/PKI, VoIP platforms, and automation pipelines.

I am most useful in situations where infrastructure is already complex, partially broken, poorly documented, or business-critical. My approach is practical: minimal-risk changes, clear root-cause analysis, and systems that remain maintainable after delivery.

Background spans finance, government, retail, and IT services — from single-site SMBs to multi-branch enterprise networks across hundreds of locations. Currently based in Ireland, working as Senior Infrastructure Engineer. Available for additional remote engagements across EU, UK, and worldwide.

20+

Years in production infrastructure

Finance · Gov · IT

Sectors with enterprise experience

Remote-ready

Ireland · EU · Worldwide

Linux + Windows

Hybrid environment expertise

02 — Problems I Solve

Typical engagements / what clients need

🔧

Broken or unstable Linux server

Service outages, failed updates, broken boot, misconfigured daemons, disk/LVM issues. I diagnose, recover, and document the root cause.

🖥️

KVM / VMware infrastructure

VM provisioning, migration between hosts, storage expansion, snapshot management, cloud-init templates, and DR setup on KVM/libvirt or VMware ESXi.

🔒

VPN, PKI & secure access

Site-to-site and remote access VPN (OpenVPN, WireGuard, IPsec). Internal CA, certificate chain setup, renewal automation, and broken PKI recovery.

🌐

Apache / Nginx & reverse proxy

SSL/TLS configuration, Let's Encrypt, custom CA, vhost setup, reverse proxy chains, performance tuning, and migration from Apache to Nginx or vice versa.

🔀

Firewall, network segmentation

iptables/nftables rule audit and rebuild, MikroTik and Cisco policy review, VLAN design, Squid proxy deployment and ACL-based content control.

📞

VoIP & Asterisk PBX

Asterisk installation and dialplan design, SIP trunk configuration, call quality issues, FreeSWITCH/Kamailio deployment, CDR setup, and Cisco UCM integration.

🪟

Windows / Linux hybrid environments

Active Directory, GPO, RDS/Terminal Services in hybrid setups. Domain-joined Linux machines, cross-platform authentication, and mixed OS automation.

⚙️

Automation & infrastructure as code

Ansible playbooks for repeatable provisioning, Bash/PowerShell scripting, YAML-based inventory, Telegram bots for NOC alerting, and backup pipeline automation.

03 — Skills

Technical stack / core competencies

Virtualisation

KVM / QEMU / libvirt
VMware ESXi / vSphere
Windows Server Hyper-V
LVM storage / iSCSI
cloud-init / preseed
VM lifecycle, migration, snapshots, DR

Networking & Firewalls

Cisco IOS / Catalyst
MikroTik RouterOS
iptables / nftables
VLAN / trunking / routing
OpenVPN / WireGuard / IPsec
DNS / DHCP / NAT / BGP basics

Linux Systems

Debian 11/12 (primary)
CentOS · Oracle Linux · Ubuntu
systemd · services · cron
Apache2 / Nginx
Squid proxy (ACL, SSL bump)
Bash scripting · log analysis

Windows Server

Active Directory / GPO / PKI
Windows Server 2003–2022
RDS / Terminal Services
PowerShell / Posh-SSH
Windows Admin Center
Hyper-V administration

VoIP & Telephony

Asterisk PBX (dialplan, SIP trunks)
FreeSWITCH / Kamailio
SIP · RTP · SDP protocols
Cisco UCM
NAT traversal / codec tuning
Call recording / CDR / QoS

Automation & IaC

Ansible playbooks / roles
YAML-based source of truth
Bash / PowerShell scripting
Git / version control
Telegram bots (Python)
Infrastructure templating

Monitoring & Services

InfluxDB / Grafana / Ntfy
Zimbra / Exchange mail
YouTrack / NetBox / Jira
Acronis / LVM snapshots
Symantec EndPoint
SOC systems analysis

Security

Firewall audit & hardening
VPN architecture design
TLS / PKI / internal CA
Squid content filtering
InfoSec risk analysis
Fault-tolerance testing

04 — Experience

Work history / roles

07/2022 — Present Senior Infrastructure Engineer IT Services · Ireland · Remote

Remote infrastructure and network support for enterprise clients; monitoring, incident response, and change management
Windows Server 2022 RDS administration: GPO, terminal services, performance tuning
KVM virtualisation: VM provisioning, LVM storage, cloud-init templates, lifecycle and snapshot management
Network configuration and firewall management: MikroTik, iptables/nftables, VLAN segmentation, OpenVPN tunnels
Squid proxy deployment: SSL bump, ACL policies, content filtering
Debian Linux server administration: Apache/Nginx, service migrations (Debian 11→12), log analysis

2019 Team Lead — Infrastructure & InfoSec IT Services / Government · Ukraine

Infrastructure deployment and InfoSec risk analysis for a large-scale government digital system
AD, DNS, DHCP, GPO, RDP, Terminal Services; iptables firewall and VPN tunnel configuration
Threat identification, fault-tolerance testing, and security audits of critical systems
IT asset inventory; project coordination via Jira

2015 Senior System Administrator — Team Lead Retail · Ukraine

Full infrastructure for 250+ user enterprise: AD, DNS, DHCP, GPO, RDP, Terminal Services
Cisco Catalyst switching; Cisco UCM IP telephony; CentOS, Ubuntu, Oracle Linux, Windows Server 2016
iSCSI storage, Oracle Enterprise Manager monitoring, Squid proxy, enterprise backup

2007 – 2014 NOC Administrator — Team Lead Finance / Banking · Ukraine

NOC management: 300+ branches across Ukraine and abroad on Cisco enterprise network
VoIP/Asterisk PBX administration; corporate mail, DNS, AD; secure channel and VPN construction
Payment system integrations; technical support team management; SLA compliance

2002 – 2003 Payment System Administrator Government / Finance · Ukraine

Monitoring, maintenance and support of national payment system hardware and software

05 — Services

What I offer / remote engagements

🔧

Server Recovery & Troubleshooting

Diagnose and fix broken Debian/Linux servers. Service failures, boot issues, disk/LVM problems, failed upgrades, misconfigured daemons. Fast remote triage.

🖥️

Virtualisation Infrastructure

KVM/libvirt and VMware ESXi setup, VM provisioning, storage design, migration, snapshot management, cloud-init templates, DR planning.

🔒

VPN, PKI & Secure Access

Site-to-site and remote access VPN (OpenVPN, WireGuard, IPsec). Internal CA setup, certificate lifecycle, broken PKI recovery, TLS hardening.

🌐

Network & Firewall Admin

iptables/nftables audit and rebuild, MikroTik/Cisco configuration, VLAN design, Squid proxy with SSL bump and ACL, network security hardening.

📞

VoIP & Asterisk PBX

Asterisk installation, dialplan design, SIP trunk setup, call quality diagnosis. FreeSWITCH/Kamailio deployment. Cisco UCM administration.

🪟

Windows / Linux Hybrid

Active Directory, GPO, PKI, RDS in hybrid Linux/Windows environments. PowerShell automation, Windows Admin Center, domain integration.

⚙️

Automation & IaC

Ansible playbooks for repeatable provisioning and config management. Bash/PowerShell scripting, YAML source of truth, Telegram bots for NOC alerting.

📋

Infrastructure Audit

Review of existing server, network, and security setup. Identify risks, single points of failure, policy gaps, and outdated configurations. Written report delivered.

I fix, migrate, and stabilizeLinux infrastructure.