Resume of James Tay Teck Han

James Tay Teck Han
Apt 1704, 100 Graydon Hall Drive
Toronto, ON, M3A 3A8
Canada

Particulars

Handphone	: (416) 898-7999
Email	: james@2longbeans.net
Nationality	: Singaporean
Permanent Resident	: Canada
Date of Birth	: 21st Sept 1972
Marital Status	: Married

Academic Achievements

GCE "O" Levels, Raffles Institution. 1988.
Computer Systems Engineering, Rensselaer Polytechnic Institute (completed 1.5 years). 1991.
International Advanced Diploma in Computer Studies, NCC Education. Awarded in 2006
BSc Computing, University of Portsmouth, UK. Awarded in 2008.

Summary Of Skills

Worked with PC/Unix hardware (Sun, x86, x86_64) since 1990, particularly Solaris, Linux and FreeBSD systems.
Administered Solaris, Linux and FreeBSD servers in multiuser and Internet/Intranet environments since 1995.
Wrote numerous utilities and software packages in C, with Solaris, Linux and FreeBSD being the target platforms. Wrote numerous scripts in bourne shell and perl. Wrote web applications running on Apache with HTML, CGI, PHP and MySQL.
Managed and administered TCP/IP networks involving managed switches and Linux/Cisco routers, running from 10Base2, Cat3/5/6, RG6 and Fiber infrastructure
Wrote scripts and applications which use the protocols ICMP, TCP, UDP, IP, ARP, PPP, and various tunnels.

Unix Systems Expertise

Administered Solaris 10 servers since 2005, Solaris 9 since 2002 and Solaris 8 since 2000.
Familiar with network protocols and applications involving TCP/IP, NFS, Samba, SNMP, SMTP, POP, IMAP, Telnet, rlogin, SSH, FTP, NTP, RPC, HTTP, X11, DNS, LDAP, Bootp, DHCP and OSPF.
Administered DNS servers based on bind 9.x. Configured bind as primary, slave or caching server for forward, reverse, A, MX, PTR and CNAME operation. Familiar with classless reverse delegation.
Familiar with building and administering Apache 1.3.x and 2.x for CGI, SSL, virtual hosting, custom logging and performance tuning. Used .htaccess with Apache to enforce security by IP address, userid/password or LDAP.
Familiar with building and administering Squid 2.x for both port 8080 and transparent proxying. Worked with tuning cache parameters, ACLs and LDAP authentication.
Administered NFS for hundreds of clients or exports per server, covering sercurity and performance issues. Familiar with booting diskless NFS clients.
Administered storage on DiskSuite/ZFS on Solaris, LVM on Linux and vinum/geom on FreeBSD. Familiar with volume management like creating, removing, on-line growing, moving and snapshots.
Familiar with Linux firewall operation using iptables to implement Masquerading/NAT'ing, transparent HTTP proxying, access control, packet limiting, TCPMSS clamping and network testing.
Familiar with Linux traffic shaping using tc to implement QoS using HTB, SFQ and iptables fwmark.
Administered user accounts, group, facl permissions, on unix servers including customization of login session management, auditing and authorization. Performed security checks and system backups for unix servers.
Familiar with compiling and installing custom modular Linux 2.4.x and 2.6.x kernels, including platform optimizations, SCSI, IDE, SATA, network drivers, framebuffer, framegrabbers, filesystems, USB and networking.
Familiar with unix systems programming especially in areas like signal handling, file and file system IO, file descriptor multiplexing, timers, process control, posix threads, system authentication and the dynamic linker.
Familiar with unix network programming especially in areas like TCP/UDP sockets, raw packet capture (using libpcap), packet injection (using libnet).
Familiar with the Torque resource manager and the Maui scheduler for Linux HPC clusters.
Familiar with deployment of Infiniband infrastructure on Linux clusters and the OFED software stack.
Familiar with deploying and administering the Andrew File System (AFS), including user account management, ACLs, volume management, replication and backup/restore.

Operating Systems and Hardware

Started with administering SunOS 4.1.x on Sun IPC, IPX, Sparc 2 and Sparc 10. Subsequently, I've used and deployed Sun hardware as follows :

Sparc and x86 : Solaris 7, 8, 9 and 10
Workstations : Ultra 1, Ultra 2, Ultra 5, Ultra 60, Blade 100, Blade 1000
Thin Clients : Sunray 1, Sunray 150, Sunray 1g
Entry Level Servers : X1, T1, V100, V120, V210, V240, V280R, V880, T1000
Mid-range Servers : Sunfire 6800, Sunfire 6900
Storage : S1, A1000, T3, 3510, 3511, 6140

Used and administered Linux servers running RedHat, Fedora, Debian, Gentoo, Suse on i386, x86_64, PowerPC, Sparc and Alpha platforms.
Used and administered servers running FreeBSD 5.x/6.x/7.x on Ultra Sparc II, x86 and amd64 hardware. Also used some OpenBSD and NetBSD on various short term projects.
Used, developed and administered on IRIX 6.x for 2 years on SGI Indy, O2 and Octane.
Famliar with Mac OSX and Windows 3.1/95/98/ME/NT/2000/XP/Vista, and Windows Server 2003/2008.
Familiar with Compaq Tru64 running on Alpha servers, specifically the ES40 and DS10 platforms.

Network Equipment

Router configuration for ethernet or serial interfaces for Cisco 17xx, 25xx, 26xx, 36xx to 76xx series routers running IOS 11.x or 12.x. Performed IOS backups, upgrades, restoration and password recovery.
Implemented security policies on Cisco routers for various interfaces via access-list, policy based routing and NAT'ing. Configured DHCP services and traffic shaping.
Configured authentication on routers and switches to perform lookups against a radius server.
Deployed static routing and OSPF among several routers (Cisco, Foundry, Extreme and Linux using Quagga).
Administered managed/unmanaged switches, hubs and media converters from Cisco (29xx, 35xx, Catalyst 5xxx), Extreme (Summit and BlackDiamond series), Foundry (FastIron and BigIron series), Allied Telesyn, 3Com, HP, SMC, NetGear.
Managed cable modem networks involving hundreds of cable modems and several Cisco UBR routers. The equipment was deployed in a hotel to provide Internet access to rooms.
Used SNMP together with RRDTool to graph bandwidth utilization for routers and switched ports. All office network equipment is monitored this way. Also familiar with using snmp traps for various event notification.
Familiar with crimping and punch down of Cat5/Cat6 and RG6 cables. I make my own cables, all cut to length and neatly cable tied.
Familiar with VLAN trunking between switches and routers using 802.1Q. Familiar with Link aggregation using 802.3ad on Switches, Linux and Solaris.
Designed and deployed CDROM / USB thumbdrive based Linux routers as appliances for inter-VLAN routing, packet filtering, bandwidth management and transparent proxy.
Familiar with BGP configuration on border routers, on both cisco and unix boxes running zebra/quagga.
Setup a Wavecom GSM modem on a linux box to be an SMS gateway to notify engineering staff in event of various network or server failures.
Configured Cyclades TS3000 RS-232 terminal servers for console access to Sun, Cisco and x86 servers. Soldered my own DB9 console cables whenever I couldn't find one.

Expertise in C

All my code is built using gcc, gdb, flex, bison and Sun Studio Compilers. Familiar with lexical analysers (lex/flex) and parser generators (yacc/bison).
Wrote code using TCP, UDP and unix sockets as well as pipes, including code using the packet capture library (libpcap) and injection (libnet).
Familiar with signal handling using signal() or sigaction(), plus signal mask management in both single threaded and Posix Threaded code.
Familiar with MPI calls for building distributed applications running within a Linux cluster.
Used dlopen(), dlsym() and dlclose() to perform dynamic code loading and unloading during program runtime.
Familiar with using Video4Linux to perform frame capture off Bttv chipsets, and saving to JPEGs (via libjpeg).
Familiar with controlling audio device on Solaris for manipulation of channel gain, balance and sample rates.

Web Technologies

Familiar with developing CGIs which run under Apache, as well as MySQL 3.x/4.x/5.x client API.
Familiar with developing PHP apps utilizing MySQL databases, LDAP, encryption and cookies.
Familiar with using Javascript and AJAX to create more interactive web interfaces.

Expertise in Java

Built code using javac and jdb using JDKs 1.0, 1.1, 1.2, 1.3 on Linux, Solaris and Windows.
Wrote server and applet package to implement Telnet with RSA encrypted links between 2 points.
Wrote a database interfacing gateway which connects TCP sockets to various types of backend databases via JDBC.
Wrote a Billing Application which incorporated its own builtin debugger (using Reflection). The billing application supports real time ammendments to the bill plan.

Expertise in MySQL

Administered MySQL databases with tables exceeding 2GB each. Used ISAM and InnoDB backends. Did performance tuning by adjusting MySQLd's memory parameters.
Enforced user and host based authentication using MySQL's builtin security system.
Wrote scripts to automate backup and/or transfer of data among MySQL servers.
Wrote Java applications which use a MySQL database via JDBC drivers and well as C applications which use API supplied with MySQL.
Familiar with SQL statements using SELECT, UPDATE, INSERT, DELETE, CREATE, DROP and ALTER.

Other Software and Hardware Skills

Familiar with StarOffice, Microsoft Word, Excel and PowerPoint, Adobe Photoshop and Gimp.
Familiar with assembling PCs from off the shelf components. Familiar with 3Ware, Adaptec SCSI controllers, harddisks, USB and Firewire.
Familiar with assembling AMD duron/athlon/opteron, Intel Pentium 2/3/4, Xeon and Celeron CPUs and the various motherboards and chipsets.

Professional Experience

May 2009 - Dec 2010
Supervisor, High Performance Computing and Storage
Cancer Institute of New Jersey, USA

The Cancer Institute of New Jersey (CINJ) is a comprehensive cancer treatment center, and is part of the University of Medicine and Dentistry New Jersey (UMDNJ). I work for the Cancer Informatics Core (CIC) department, and our department is primarily research focused, but is also responsible for maintaining servers for both clinical and research computing. My role is to keep services running in CINJ, as well as provide HPC support for linux clusters, large filesystems and scientific apps. As a health care provider, CINJ is subject to HIPAA regulations, and my role is to deploy appropriate encryption and protection across all IT assets.

Deployed a 60-node Linux Cluster. The cluster consists of Harpertown and Nehalem compute nodes. The nodes are interconnected with Gigabit Ethernet and Infiniband. The compute nodes all PXE boot off a custom assembled Linux distro (hard disks for scratch only).
Configured and maintained the Torque/Maui job scheduler which routes various user jobs onto compute nodes which have been designated for various scientific projects.
Maintained scientific software and compilers (Intel) for the cluster. Provided MPICH2, MVAPICH2, OpenMPI and OpenMP environment for parallel apps.
Setup Nagios which monitors 30+ services, as well as 50+ servers and network equipment. Some monitoring tasks are customized using NRPE and service specific checking logic.
Wrote a log anomaly detection tool which monitors multiple syslog feeds in real time. It uses a modified Smith-Waterman alignment algorithm to remove known repeating messages.
Migrated servers running Oncology clinical trials from old sparc hardware to new Opteron servers. The new hardware setup incorporates virtualization as well as filesystem replication to a DR site.
Built new web-based purchasing and IT asset inventory software to replace the old system based on proprietary software and obsolete hardware. The new software is modular and based on open source solutions.
Centralized and automated disk to disk backups on all our servers. The centralized backup is based on ZFS and automatically writes to a StorageTek SL500 tape library weekly. This involved writing a tool which writes/reads across multiple tapes.
Developed web applications for department's purchasing and inventory tracking. Wrote other web applications for various inter-institute file sharing needs.
Gave 2 presentations at the 2009 NJEdge Conference. The first covered Compilers and code optimization. The second covered the IBM iDataPlex which is the 60-node Linux cluster I administer.

Aug 2001 - May 2009
Systems Manager
BioInformatics Institute
www.bii.a-star.edu.sg

Apr 2001 - Aug 2001
Systems Administrator
Institute of Molecular and Cell Biology

The BioInformatics Institute (BII) is a newly formed division of the Agency for Science, Technology and Research (A*STAR). When I joined BII, we started with a 512k leased line and 2 linux servers. Subsequently within a year of BII's creation, the infrastructure has grown to numerous sun/linux servers forming the corporate IT backbone for email, web and various office services. On the acedemic side, BII provides sun/linux clusters for 32/64 bit scientific computing and sunray terminals for staff, students and guests. Today (6 years later), I am in charge of systems and network security for the institute, as well as provisioning IT infrastructure to support the scientists. The equipment I managed and maintained (at various points in my career) includes 5 E1 leased lines, about 2 Linux clusters, 20 Sun corporate servers, 10 Linux servers/routers, 4 cisco routers and 10 distribution switches which form the infrastructure for a total of 140+ staff and students. Their storage ranges from SATA/IDE/SCSI disks to SAN disk trays connected via FC switches. Finally, I train engineers to run corporate servers and networks, as well as supervise them on the constant evaluation, development and deployment of new software and hardware solutions to enhance the IT environment in the institute.

Designed and implemented the initial BII infrastructure to bring basic functionality to the corporate office. This includes dhcp, web, qmail, imap, pop, webmail, ftp, samba, proxy, firewalling, switching and routing. Modem dialups were implemented in case of leased line failures.
Implemented linux and sun servers in the BII machine room. Configured Cisco 3640 and Foundry BigIron/FastIron routers and switches. Corporate services such as dns, web and email were run on a group suns which operated off an NFS server such that any machine could take over services in event of a system failure.
Participated in the setup and assisted in the running of a 60+ node alpha cluster before handing off the system to a sister Institute. The cluster was used to run high-throughput blast on fugu sequences. It had 2 ES40 headnodes (running memory channel) and 2TB of SAN storage. Compute node interconnects were fastethernet.
Designed and expanded the BII network to include a new branch office situated on the other side of the National University of Singapore (NUS) campus. This new branch office was designed to house servers for scientific computing as well as finance, HR, trainees, masters students and scientific staff.
Deployed an IP GRE tunnel between the 2 offices using linux routers. Our traffic between these 2 location would be connected by the NUS campus intranet backbone. This tunnel carried a mixture of intranet and internet traffic to and from both BII offices.
Designed and deployed sunrays for student and staff. The sunray servers were sun 280R boxes protected by IP Filter. Home and application storage resided on an NFS server and users were authenticated over NIS.
Supervised trainee projects. BII trainees were presented a broad range of projects (each 5 months) including networking, programming, systems designed, etc. A supervisor would take charge of one or more projects and have one or more trainee working on each. My projects included Honeynets, VPN gateways, the Andrew File System (AFS), enhancing the Linux CDROM router, using LDAP for Universal Authentication and Large Campus IT Infrastructure Provisioning.
Designed a linux router on cdrom package. The distribution on this custom burnt bootable CDRW would allow a diskless x86 machine to perform the role of router, 802.1q router, firewall, dhcp server, proxy server, IP GRE tunnel and other misc tasks. BII branch offices were at one point connected 2 such linux routers.
Designed and deployed a compact linux video security system. Using video4linux APIs I wrote a motion detection program which would save images to jpeg. The code features noise calibration and motion sensitivity areas, both configurable by overlaying XPM images over the captured image.
Deployed a cluster of 4 SunFire 880 servers. The headnode comprises of an 8 cpu server, the 3 compute servers have 4 cpus each. Each server has 6 internal FC-AL disks. The interconnect is via gigabit ethernet and the headnode has dedicated fastethernet to compute nodes. Storage is provided by a SAN consisting of 2x FC switches connecting 4x Sun T3 disk arrays, bringing a total of 5TB after RAID5.
Wrote a linux based bandwidth monitoring and clamping tool to restrict bandwidth utilization of individual nodes at the IP packet level. This is used to ensure that each user gets equal use of our corporate Internet connection.
Wrote software capable of implementing a Layer 7 firewall on Solaris, Linux and FreeBSD. The Layer 7 logic is implemented as C code compiled as a shared object, dynamically loaded (or unloaded) during runtime.
Deployed 802.11b infrastructure consisting of access points, DHCP, packet filtering, IPSEC and bandwidth limiting for BII offices.
Deployed WAN links for providing network connectivity to off-site scientific clusters. Implemented Integrated Routing and Bridging to save on IP addresses.
Designed and deployed standby servers for use in an emergency. Also implemented automated DLT tape backup system for weekly archival of the Institute's campus filesystem.
Wrote a network anomaly tracker. This software is fed a stream of duplicated packets. Each packet is matched against a self-evolving host profile to detect deviations in the host's behavior. Packets which miss the known host profile are considered anomalous and the host is then flagged.
Designed and deployed the Andrew File System (AFS) in BII (May 2007). All user home directories were migrated from NFS to AFS. Corporate servers are presently being migrated onto AFS one by one.

Dec 1999 - Mar 2001
Network Engineer
ViewInternet.com

ViewInternet provides internet access solutions to serviced apartments and hotels by installing diskless thin clients / NCs running Linux in guest rooms and business centers. The solution provided by ViewInternet facilitates surfing on the TV via wireless keyboard as well as laptop connectivity. Usage is billed directly to the guest's bill via the hotel's property management system. I joined the company when it was in its infancy. My role was to design the very first proof of concept for the company's product, as well as deploy the actual solution in the hotel. During my employment, the solution I designed was deployed in Shangrila and Traders (Singapore), Kowloon and Island Shangrila (Hong Kong) and the Beijing Kerri Center Hotel (China).

Designed the Linux distribution for the hotel server. This server will boot up the diskless NCs in the guest rooms via BOOTP. The NC runs a Netscape browser displayed on the room TV. The hotel server will provide web services, DNS, SMTP forwarding and NAT'ing for NC and guest laptop IP traffic. A Pentium II 350Mhz system with 256MB ram, 18G disk and 1 fast ethernet interface ran the entire system for a single hotel.
Wrote the software to detect a guest's laptop's IP settings (eg default gateway) by examining ARP packets. This software provides "Plug and Play" connectivity for guest laptops which may not be set up for DHCP. This daemon runs on the NCs and each supports multiple laptops in the guest room.
Wrote software which forces a billing information webpage on the guest's browser before allowing the guest to surf freely. The guest has to agree to the usage charges before being allowed Internet access.
Wrote a packet capture program which selectively tracks packets going to and from various guests rooms for the purpose of billing guests for usage. Billing is only performed when there is proof of packets delivered to the guest's laptop. Thus billing will cease if the guest unplugs the laptop.
Designed and integrated support for business center PC and meeting rooms in the hotel server. Wrote front and back end software such that business center staff can enable/disable connectivity for guests using the PCs and meeting rooms.
Wrote the billing application which posts charges for usage. This application is able to support almost unlimited flexibility in the bill plan and features live code update without downing the billing software.
Wrote the billing reporting software to generate monthly bills for each hotel and business center. This software displays charge breakdowns and usage trends. MySQL was used to track the transactions for the hotels.
Was responsible for recommending servers and network equipment for deploying hotels for Internet access. This also led to the subsequent maintenence and troubleshooting of the purchased equipment.
Assisted in the setup and manning of a booth at Singapore Expo during a Hospitality exhibition. The booth re-created a mini-hotel environment to demonstrate the ViewInternet product.
Conducted a short training course for company staff to familise them with the features, capabilities and weaknesses of the ViewInternet product as compared to competitors.
Trained engineers who were later assigned to regional offices to support and maintain ViewInternet equipment in hotels. They also provided technical consultation to potential customers.
Worked with motherboard manufacturers to design a new compact and high functionality motherboard for ViewInternet's next generation of NCs. The board would incorporate the low power Geode CPU as well as feature more on-board integrated network interfaces and USB ports.

Feb 1997 - Nov 1997
Temporary Casual Corporate Support Officer
Medical Informatics Program, National University of Singapore

Dec 1997 - Nov 1999
Technical Support Officer
Medical Informatics Program, National University of Singapore

The Medical Informatics Program (MIP) was funded by the National Science and Technology Board (NSTB) and the Ministry of Health to undertake research in the application of informatics technologies in the medical arena. I was to undertake a research project, involving the design, and development of an automated medical search and retrieval engine. I subsequently coded the MediAgent software package which consisted of several components which together provided a fully automated search and retrieval engine including a web frontend for interaction with endusers.

Designed and developed a web crawler. After providing starting URLs, the crawler will recurssively follow links and download webpages.
Designed and developed a modular filtration software which will discard webpages which are non-medically related and not content rich. The filtration engine utilized a medical thesauraus as well as linguistical analysis to determine if a webpage was medically oriented as well as content rich.
Designed and built an indexing software which facilitates quick search and retrieval when end users perform querries.
Assisted a collegue in his VR project. I designed and built a multi-channeled, micro-controller based, A/D converter to interface with PCs over RS-232. The device interfaced a data glove with bend sensors to a PC.
Participated in a medical training website. Wrote a web-based MCQ CGI software where users would answer questions based on a particular article. Candidates answers were stored in a MySQL database.
Submitted a paper on information retrieval that was accepted for aural presentation at the American Medical Informatics Association (AMIA) '98 conference in Florida, USA.
Submitted a paper on distributed computing techniques that was accepted for poster presentation at the American Medical Informatics Association (AMIA) '99 conference in Washington DC, USA.