#! James Hebden


I enjoy working remotely, and am a huge proponent of flexible work options. I’m interested in how technology enables us all to live better lives.
I work well in teams, and I value being friendly, polite, patient, and I enjoy sharing knowledge and skills.

My skillset and interests are around web/cloud infrastructure - especially virtualisation, configuration management/automation, and embedded technology (e.g. IoT). I specialise in, and really enjoy working with - Linux, BSD, Open Source (Libre) Software, Security, Monitoring & Automation, Virtualisation, Networking & Web Development, and embedded system development and integration.

I enjoy working in DevOps & Generalist teams, where everyone can get their hands dirty, with emerging technologies and platforms, and finding new and smarter ways to get things done through automation, monitoring/metrics and open communication.

In my spare time, I enjoy hacking, coding, brewing, baking, electronics, woodworking, blacksmithing, gardening, hiking, swimming and surfing (badly).



  • XenServer
  • VMware ESX/vSphere
  • KVM (libvirt, sriov, ovs, etc)
  • Amazon EC2 (and ecosystem)
  • OpenStack Nova/LXD


  • LXD
  • Docker (Swarm, Image builds, Deployment, Performance tuning)
  • Kernel namespaces and capabilities
  • Orchestration/API programming
  • Container security hardening


  • EMC, IBM, NetApp equipment
  • NAS Storage: NFS, CIFS
  • SAN: iSCSI, FC & FcoE
  • Object storage: S3, MogileFS
  • Ceph, Swift, RadosGW


  • x86/x86_64 (IBM, Dell, HP + others)
  • ARM SoCs (Rpi/Broadcom, Odroid, etc)
  • Various other SoCs and routers (Atheros, TI)
  • Basic IBM pSeries/LPARs


  • Application analysis & code auditing
  • Network & system auditing and offensive security testing
  • Vulnerability analysis and flaw handling
  • Security compliance auditing & baseline implementation
  • Malware protection and patch management


  • Cisco (Switches, Routers)
  • IBM/BNT (Switches)
  • IPV4 & IPV6 implementation and management
  • VPN (IPSec, OpenVPN)
  • DNS (Bind, dnsmasq, MS DNS)
  • Firewalling/Proxying (iptables, Squid, PF, ASA, JunOS, pfSense, OpenWRT)
  • 802.11 Wireless (mesh networking, long range links, network design)
  • Linux & BSD policy routing
  • Load balancing (ELB, F5, Haproxy, nginx) and content distribution
  • SDN (Open vSwitch/OVS/OVN, OpenDaylight, Neutron, Neutron L3HA, GRE, VXLAN)


  • Python
  • Ruby
  • Golang
  • PHP
  • JavaScript/Node.js
  • HTML5 / CSS3
  • Old Perl
  • Bash, but only in an emergency
  • C
  • Assembly, mostly for reversing / auditing

Deployment Tooling

  • Vagrant development environments
  • Containerised build environment development
  • Packaging (dpkg, basic rpm, manual) and deployment automation
  • Gulp/Grunt/etc. Developer compilation/minification workflows
  • Snapcraft and Juju Charm development
  • CI tooling (GitLab, Travis, Jenkins, Rspec, PHPUnit)

OS Build/Config Management

  • Ansible, Puppet, Chef
  • MaaS/Juju
  • Kickstart & preseeding/curtin
  • Packer & Vagrant image automation
  • Security hardening
  • Test Kitchen server CI/automation framework
  • ServerSpec server unit testing framework
  • IBM BigFix/IEM
  • Mac OS X NetInstall


  • Buildroot base embedded system development
  • Cross compilation toolchains
  • OpenWRT packaging and image builds

Job History

Red Hat (April 2018-Present)

Senior Developer, Product Security (OpenStack / Software Defined Networking)

  • Vulnerability analysis and classification
  • Cross-team security flaw management
  • Code auditing and application testing
  • Automation of analysis environments (Python, Ansible, Vagrant)
  • CVE / CVSS scoring and content authoring


Cloud Reliability Engineer (October 2016-April 2018)

  • LXD containerisation
  • MaaS, Juju deployment and management
  • OpenStack deployment and management
  • Ceph storage tuning, deployment and maintenance
  • Python, Bash Scripting
  • Python, Golang development
  • Server hardware (IBM, HP, Dell, SuperMicro, Cisco)
  • Networking (IP, GRE, VXLAN, Bonding)
  • Heavy Neutron, Ceph and Keystone experience
  • Observability (Grafana, Prometheus, Graylog, ES, Beats, Nagios)
  • Remote Hardware and deployment diagnosis
  • Databases (ES, MongoDB, PostgreSQL, MySQL)

Fog Creek Software

System Administrator (June 2015-October 2016)

  • Docker (Swarm, Networking, Kernel tuning, API programming/orchestration, Container security)
  • Server platform implementation & Administration (AWS, Bare metal)
  • Server installation/configuration (Puppet, Ansible, Vagrant, Packer, Preseed)
  • Storage (iSCSI, LVM, EBS, MogileFS, S3, Glacier)
  • Security (VPN, PF, pfSense, GPG, SSH, SSL, Hiera EYAML)
  • Networking (pfSense, OpenBSD & FreeBSD PF, Haproxy, Dell OpenConnect, VPC, DNS, DHCP, PXE)
  • Full-Stack Development (Golang, Ruby, Node.js, CSS, HTML5, JavaScript, Powershell, Python)
  • Database Administration (MSSQL, MySQL, RDS, PostgreSQL, Sqlite)
  • Monitoring & Logging (Nagios, AWS Cloudwatch, Loggly, ElasticSearch, Logstash, syslog, journald, Kibana)
  • DVCS hosting & management (Mercurial, Git)

Tectonic Digital & Award Force

DevOps Systems Engineer (May 2014-May 2015)

  • Cloud platform implementation & Administration (AWS)
  • Server installation/configuration (Chef + BerkShelf, AWS OpsWorks)
  • Cloud Networking (ELB, IPv6, VPC, DNS)
  • Full-Stack Development (PHP, Ruby, Perl, CSS, Sass, HTML5, JavaScript)
  • Database Administration (MySQL, RDS)
  • Monitoring (CopperEgg, Sensu, Graphite, LogStash, Syslog)
  • Hosting Stack Development & Deployment (NGINX, Apache, PHP-FPM, HHVM, Git, Capistrano)


Multiple Roles (May 2006-April 2014)

  • Lab Services Client Technical Specialist (9 months)
  • Cloud platform implementation (OpenStack, SmartCloud)
  • Server installation/configuration (Systemx, Power, PureFlex)
  • Network implementation (IBM, Cisco, Firewalls, VPN)
  • Storage installation/configuration (IBM, NetApp)
  • Automated OS Deployment (Windows, Linux, vSphere)
  • Scripting (Ruby, Perl, Bash, VBScript, Powershell)
  • VDI Design & Implementation (Citrix, VMware)
  • Virtualisation (KVM, VMware, PowerVM)
  • Big Data (BigInsights, Hadoop)

Workspace Engineer (2 years)

  • Web and mobile application design and developement (jQuery, MySQL, PHP, AJAX, Cordova, Worklight)
  • Unified Comms and collaboration (Microsoft Lync, Exchange, VMware Zimbra, OSX, Cisco Jabber)
  • Virtualisation and VDI design (XenServer, XenDesktop, XenApp, CloudFront, vSphere, VMware View)
  • Server and Storage hardware (NetApp, IBM xSeries, IBM BladeCentre, Cisco UCS, EMC)
  • Application packaging and virtualisation (App-V, Citrix Streaming, VMware ThinApp)
  • Mobile Device Management (IBM Endpoint Manager, Good, Afaria, MobileIron)
  • Microsoft Infrastructure and user experience design (AD, Group Policy, DFS, etc)
  • Zero-touch OS Deployment (SCCM OSD, MDT 2010 and 2012, OSX SIU)
  • System Management platforms (IBM Endpoint Manager/BigFix, SCCM)
  • VBScript, Perl, Ruby and PowerShell scripting (ADSI, HTA, DOM, SQL)
  • Windows, OSX and Linux deployment, management and virtualisation
  • Networking (Cisco, Citrix NetScaler, F5 Big-IP, Juniper)
  • Infrastructure and solution design

Technical Manager (1 year)

  • Intel server hardware, including IBM BladeCentre, design, implementation and management
  • EMC SAN and storage networking design, implementation and management
  • Right-to-left push initiative design and implementation, including tooling
  • Citrix XenApp & XenDesktop design, implementation and management
  • Windows media services implementation and video broadcasting
  • Automated compliance reporting design and development
  • Design and support documentation authoring and review
  • Microsoft OCS design, implementation and management
  • Infrastructure design, implementation and management
  • Group policy design, implementation and management
  • SCCM/SMS design, implementation and management
  • McAfee design, implementation and management
  • Automated asset management reporting
  • Perl, VBScript and Powershell scripting
  • Incident and problem management
  • Security compliance management
  • Critical situation management
  • AD design and management
  • Exchange management
  • Client consultation
  • Team leadership

Intel Server Support (2.5 years)

  • EMC SAN and storage networking design, implementation and management
  • Citrix XenApp & XenDesktop design, implementation and management
  • Windows media services implementation and video broadcasting
  • IBM bladecentre, design, implementation and management
  • Microsoft OCS design, implementation and management
  • Infrastructure design, implementation and management
  • Group policy design, implementation and management
  • SCCM/SMS design, implementation and management
  • McAfee design, implementation and management
  • Automated reporting design and development
  • VBScript and Powershell scripting
  • Security compliance management
  • Intel server hardware, including
  • AD design and management
  • Exchange management

Deskside Support Specialist (1.8 years)

  • End-user support of PC hardware and peripherals in a professional setting
  • Automation of common fixes and administrative tasks
  • Escalation management and resolution
  • Remote access support
  • Executive support

PC People

Head Technician (June 2003-May 2006)

  • Customer premises support of PC and networking equipment
  • OS installation, driver management and build automation
  • Home and business network design and implementation
  • PC hardware configuration design and implementation
  • Walk-in support of PC and networking equipment