Experience

CERN (Authentication and Authorization Team) - Geneva • 🇨🇭

Fellow • Feb, 2016 — Jan, 2020

Responsible for migrating to an open source alternative the existing IAM infrastructure based on Microsoft techologies. The new service aims to secure 10.000+ apps via SAML (Security Assertion Markup Language) and OpenID Connect hosted inside and outside CERN. In addition to this, I actively worked on adding continuous integration and continuous delivery for several projects (user portals, APIs and middleware adapters). Additionally, I developed an OIDC protected RESTful API using Flask to facilitate the integration of our systems with the new Single Sign-On service. This Flask application runs on a container on Openshift and its deployed via Gitlab CI/CD pipelines.

CERN (Cloud Infrastructure Team) - Geneva • 🇨🇭

Project Associate • Feb, 2014 — Jan, 2016

Responsible for the CERN Cloud Infrastructure's deployment of Rundeck, a workflow orchestration tool. I achieved a fully puppetized, resilient, distributed, and highly available service. I adapted Rundeck to the peculiarities of the existing CERN Infrastructure, Single Sign-On integration, retrieve nodes definition from PuppetDB, and developed a puppet module with support for teigi secrets. My duties also required functional analysis in order to identify and implement workflows to automate routine operational procedures. In addition to this, I was the main developer for a set of Python libraries and scripts to interact with other services deployed at CERN such as Active Directory and FIM, Service-Now, OpenStack, Foreman and Rundeck itself. This project is a collaborative effort and everyone can contribute and participate from CERN Gitlab repository. Currently, this piece of sotfware is still being used by the CERN Cloud Team.

Inter-American Development Bank - Washington DC • 🇺🇸

IT Consultant • Jun, 2013 — Dec, 2013

Based in Washington DC (USA), I was responsible for the installation, deployment, and configuration of AppSense (now https://ivanti.com), a Management Platform tool for Microsoft Windows. The aim of the project was to distribute, install and configure a list of approved software on all centrally managed computers in the company. AppSense followed a client-server architecture. Windows Server 2008 and a mixed environment of Windows 7, Windows 8 and Windows 8.1 on the client side. The total number of users at the end of the deployment was 5000 (all the employees of the Inter-American Development Bank headquarters)

ICEX (Spanish Institute for Foreign Trade) - Madrid • 🇪🇸

IT Manager • Sep, 2011 — Oct, 2012

During my time working as an IT Manager for the Spanish Institute for Foreign Trade, I was responsible for all the IT matters affecting the offices under my supervision (Portugal, Greece and Equatorial Guinea). I provided IT support for more than 50 users in total. Responsibilities also included frequent business trips to each office. In addition to this, I was also required to write technical documentation for our end users. Apart from day-to-day user support, I also installed, maintained, upgraded, and managed servers based on Windows Server 2003 RC2 and GNU/Linux Debian Squeeze together with managing back-up policies and tape systems (based on Symantec technologies)

Education

Master’s in Information Systems

University Rey Juan Carlos, Madrid • 2018

Bachelor's in Software Engineering

University of Oviedo, Asturias • 2015

Graded with honors on the project “Integrating OpenStack with an Active Directory”

Awarded with a scholarship to study one semester at Canisius College, NY, USA. Part of the Dean’s Honor Mention award for excellence grades.

Technical Computer Engineering Degree

University of Oviedo, Asturias • 2010

Graded with honors on the project “Changeability evaluator of bi-dimensional figures”

Projects

Main collaborator • 2010 — Present

Personal Blog

Skills

Computer skills

  • Knowledge of Unix/Linux Systems administration and Windows Operating Systems
    • Advanced RHEL/CentOS knowledge
    • Arch User Repository package maintainer
  • Advanced coding Python, Bash, Puppet and Java
  • Active Github member. Both project maintainer and contributor
    • Find some of my projects here, https://github.com/danifr
    • Member of Voxpupuli (https://voxpupuli.org). Invited to join after contributing to several community maintained Puppet modules
  • Familiar with the Agile principles and DevOps. JIRA advanced user
  • Experience managing OpenStack, Apache, Nginx, HAProxy, MySQL, InfluxDB, Grafana, FreeIPA
  • Day to day usage of Docker, Kubernetes, Gitlab CI and Openshift

Conferences, Courses & Published Papers

CERN’s Identity and Access Management, A journey to Open Source

CHEP • 2019

Co-authored with the members of the CERN Authentication and Authorization Team

CERN School of Computing

SCK • CEN - Mol, Belgium • 2016

https://indico.cern.ch/event/502875/other-view?view=indico-weeks-view

Automating operational procedures with Rundeck

HEPiX at DESY Zeuthen, Germany • 2016

https://indico.cern.ch/event/466991/contributions/1143619/

Scaling the CERN OpenStack Cloud

CHEP • 2015

Co-authored with the members of the CERN Cloud Infrastructure Team. Paper presiented at the 21st International Conference on Computing in High Energy and Nuclear Physics. Available here, http://iopscience.iop.org/article/10.1088/1742-6596/664/2/022003/pdf