I am an experienced Suffolk (UK) based IT Professional, with significant experience in deploying, managing and operating at planetary scale.
Although my primary focus has traditionally been operations and security, my roles have always included some software development responsibilities (ultimately leading to more of a DevOps approach, and a significant amount of rapid prototyping).
At heart I'm a problem solver and am able to move quickly in order to meet requirements, so have found myself well suited for projects which need a fast and flexible response.
In my current role, I manage a global Content Delivery Network (CDN) with nodes in locations ranging from Miami to Timor Leste and as a result have an extremely strong understanding of the challenges and technologies involved in content and service delivery within carrier grade networks.
I also pursue a range of technical activities and hobbies in my free time:
I developed Intelligent DNS Routing Software which now routes traffic for one of the biggest social networks on the planet (amongst others). I've also created CDN Switcher technology more akin to Amazon's Route53.
I discovered and responsibly disclosed a security flaw in a number of implementations of the cryptographic portion of the HomePlugAV specification. I've also conducted similar investigative work in relation to other products (such as the BitFi Cryptocurrency Hardware Wallet). As a result, my work is occasionally quoted as a reference in talks at conferences such as DefCon, whilst some of my earlier work appears to get used in case studies at various universities around the world.
I've maintained a public documentation archive (at https://www.bentasker.co.uk/documentation) for over 10 years, creating a range of technical docs relating not only to software, but also to subjects such as vehicle mechanics.
- 10 GCSEs Graded B-C
- 5 AS Levels Graded B-D
- 4 A2 Levels Graded C-D
- iTQ (User) Diploma (Level 3)
- Advanced Level Apprenticeship for IT Users
- iTQ (Level 3)
- Health and Safety NCFE (Level 2)
- PC Repair Diploma (Level 2)
- Functional Skills English Reading (Level 2)
- Functional Skills English Writing (Level 2)
- Functional Skills English Speaking (Level 2)
- English Law NCFE (Level 3)
- WSET Intermediate (Level 2)
- National Certificate for Personal License Holders (Level 2)
- Certificate in Retail Operations (Level 2)
- Retail Operations NVQ (Level 2)
Employment Related Courses
During the course of employment, I've completed the courses listed below in addition to mandatory training (such as Fire Safety).
- Emergency First Aid
- Portable Appliance Testing
- Protecting Information Level 1
- APM Introductory Certificate
- ITIL V3
- Project Management
- Information Gathering
- Local Security Officer
- Fraud Awareness
- Decision Making Models
- Validation, Verification and Testing
- JAVA 2
- Encryption Technologies
- Processor System Administrator
- Computer Network Defence
- Diagnosing & Troubleshooting
- ECDL Unit E
- ECDL Modules 1 - 7
- UNIX Use and Administration
- Electronic Defence Writing
I continually work to develop new skills, whilst keeping existing skills current. Some of my current skill set is listed below
- Software Development including testing
- System Design and Architecture
- API Design
- System Integration
- HTTP Adaptive Streaming (HLS & DASH)
- Reverse Engineering
- Penetration Testing
- Linux Server Administration (primarily CentOS and Debian)
- Appliance/Infrastructure Security
- DNS Request Routing
- AWS (primarily EC2 and R53)
Software Development Languages
I've developed software in a range of languages, some of which are listed below. I have sufficient familiarity with a range of other languages to be able to call upon when needed.
- Python (2 & 3)
- BASH Shell Scripting
My Online Portfolio contains examples of past Software Development activities and also of past Website development activities. Some examples of my code (and contributions to other projects) can be seen on GitHub.
I take great pride in my problem solving abilities, especially when translating requirements or documentation into programmatic code. As an example, when Joomla! 3.0 was nearing final release, I used the list of backwards compatibility issues to create an extension compatibility checker - allowing extension developers to quickly identify which areas of their extensions were likely to require a rewrite.
I've worked with a number of API's, ranging from enhancement of "Account Expiration & Control (AEC)" to the creation of an API for my PHPChangedBinaries project, which included a cryptographic authentication mechanism.
- HomePlugAV Crypto Bypass Vulnerability
- The Curious Case of Bitfi and Secret Persistence
- Cynet 360 Uses Insecure Control Channels
- A Developer's Guide to Storage and Manipulation of Passwords
- Managing Change in an IT Environment
- Is Homogeneity in a Network Environment Safe?
- Writing (and backdooring) a ChaCha20 based CSPRNG
- Learning Python Networking (Reviewer)
Operations Architect Conversant Networks Ltd
Conversant is a Content Delivery Network (CDN) provider, with a customer base primarily located in South East Asia.
I was promoted to Operations Architect in March 2018. This is a senior position reporting to, and regularly working with the CEO and other senior stakeholders within an extremely fast paced environment.
The role has a broad scope of responsibility, involving overseeing architectural aspects of the network’s growth, as well as
- Identifying and resolve potential issues in already deployed software
- Help drive product direction and priorities
- Perform acceptance testing on the various engineering team’s output (ranging from Ansible playbook submissions to entirely new software stacks, products and appliance types)
- Run beta tests of new features with selected customers
- Schedule and plan rollout of major releases
- Act as Subject Matter Expert (SME) for the DNS Routing System and CDN Technical authority
- Work with partners & suppliers to improve network peering relationships
- Act as escalation point for the operational support team
In particular, I’ve worked with engineering to design, develop and deploy
- Next generation Command & Control Infrastructure
- Distributed File Storage appliances
- Next Generation Delivery Infrastructure
- HTTP/2, SNI and TLS 1.3 Support
- An “Infrastructure as Code” approach to managing the network as a whole
When requests for particularly specialised work are received, they’re passed to me to gauge viability when measured against a variety of both business and technical concerns. Depending on the result of that assessment, I may also be responsible for rapidly prototyping the requested functionality.
Such requests have ranged from developing specialised mid-tier solutions to requests for extremely complex media protection mechanisms, using various languages including BASH, C, LUA, PHP & Python.
I was tasked with rapidly prototyping and building a solution in order to serve video traffic for a well known social network. Ultimately, the result of this work was that we were able to outperform the incumbent (and industry leader) in multiple important countries.
Operations & Platform Engineer Swiftserve / Conversant Networks Ltd
As well as providing Operational support for the company’s federated Content Distribution Network (CDN), this role involved developing and maintaining new features and complimentary systems in order to meet both internal operational and customer requirements. The latter required a lot of rapid prototyping, with subsequent productisation of successful implementations.
Implementations included a DNS routing system, distributed Real Time Media Protocol (RTMP) stack customised to meet requirements common in the Asian markets, and support for a number of custom authentication and tokenisation requirements for HTTP delivery within the Chinese market. Many prospective customers had an existing supplier, so the requirements had to be adhered to exactly (with little room for negotiation) to ensure we could provide a directly compatible offering.
Projects were often started (and had to be completed) with very little advance notice, with the approach used tending more towards agile than waterfall. Jenkins (and later, Gitlab's Continuous Integration/CI functionaliy) was used in order to automate testing in most cases, with deployments being managed via Puppet (and, later, Ansible).
Sole Trader BenTasker.co.uk
Although customer satisfaction was obviously my primary concern, my aim in operating as a sole trader was always to allow me to develop/maintain skills which might otherwise be neglected in my employed role (also ensuring that conflicts of interest were avoided).
As a result, the type of work I completed as a Sole Trader was very varied, however, below are examples of some of the work I completed
- Security audits/Penetration Testing
- Bespoke software development
- Server administration and maintenance
- Creating various RESTful APIs
- System/Software specific training
- Performance optimisation of Joomla! sites
- Post-compromise analysis
In August 2018 I wound down my Sole Trade operations in order to free up more time to spend with family.
NOC Specialist Velocix / Alcatel-Lucent / Nokia
I was promoted into a role specialising in Operational Security and am expected to ensure that both infrastructure and operational procedures reflect the highest possible level of security and professionality.
In addition to this, I acted as an escalation point for the NOC (as well as the wider operations team) and am also expected to undertake project work in order to maintain and develop tools as part of our Continuous Improvement regime - as part of this I developed a RESTful API linked to a trend-analysis library so that various systems could generate alerts if the traffic profile on any actively monitored CDN had deviated from the usual pattern.
In the past, I have also acted as a Customer Resident Engineer - integrating with a customer’s Operations Team in order to provide on-site support during the transition of their CDN from a Managed Service to an Owner Operated model.
My prescribed role also included
- Network Management
- Incident Response
- Supplier Management
NOC Engineer Velocix
Velocix was a world leading provider of Digital Media Delivery Platforms, building and providing Linux based Content Delivery Networks to Internet Service Providers worldwide.
My role was to provide first and second level support on all Velocix products and services, including monitoring, managing and configuring the worldwide Content Delivery Network. The core role being to ensure that both internal and external customers are provided with maximum service availability
- 24/7 network surveillance, proactively responding to issue that are detected or reported, including analysing all available data and identifying trends
- General System Administration tasks on all elements of the CDN and also of the company network
- Identify areas of concern, whether due to potential service impact or directly affecting customer satisfaction
Whilst maintaining an understanding of the product range and it’s functioning, I also
- Reverse engineered a customer provided flash player to identify the cause of the reported delivery issue, identifying a bug in a 3rd party library they were using.
- Identified (and, where possible, provided patches for) issues within the product
- Managed various internal projects
- Identified and reported security concerns within the product and infrastructure
- Created various VXPL (similar in principle to serverless products such as AWS Lambda) scripts
- Created and extended various HTTP APIs
Linux Specialist & IT Manager Virya Technologies Ltd
My role at Virya primarily involved
- managing customers' servers (primarily Linux based infrastructure but also Windows)
- developing software (primarily web-based applications in PHP, including extensions for the Joomla! CMS)
- Managing the company's Hosting infrastructure (Shared, Virtual and dedicated servers)
- Conducting security audits (including penetration testing)
- providing emergency server support where requested by a customer (including post-compromise forensic analysis)
Being a small business, my responsibilities stretched beyond those within my job description, and additional roles included marketing the business, providing quotes for work and management of the business in the Director's absence.
I initially contracted for this role, becoming a full-time employee in February 2012.
Inventory Clerk Ministry of Defence
I trained as a Processor System Administrator, Local Security Officer and Authorised Demander for the systems utilised by both the unit and it’s dependant squadrons, including personnel deployed on operations and exercises.
The systems I administered consisted of a mix of AIX (hosting Oracle databases, amongst other applications) and Windows (XP, Server 2003 and Server 2000), running various bespoke military applications in addition to a standard range of productivity tools.
John Parfitt – John Parfitt Wedding Photography – Server Support
“Ben at Virya Technologies was recommended to me by a colleague when looking for a provider of system admin for my dedicated server. Ben, Ruth and the team at Virya Technologies have been absolutely brilliant from day one. Patient, understanding and extremely helpful, I have no hesitation in recommending their efficient and knowledgeable service.”
Ipswich and Suffolk Small Business Association – Website development and Hosting support
“Ben has worked in a support/development capacity for the ISSBA website which is Joomla based. He has always been happy to help, has kept me up to date with progress and has endeavoured to find the best solutions to any issues with the site. I would be happy to recommend his services.”
Seatrade Global – Website & Software development and Hosting support
“Ben is an extremely competent and dependable Joomla expert and server security specialist. He has been fundamental to the deliverability, on-going support and maintenance of Seatrade's news sites (amongst other projects).
Ben has always being very personable and uses his extensive knowledge and people skills to ensure that he employs the best solution, whilst ensuring that we understand the rationale to any suggestion, issue or enhancement that he has deployed or recommended to improve the usability and functionality of Seatrade's news sites.”
The following additional details are available upon request;
- Full Education History (including all courses completed)
- Full Employment History