Cam Ratchford

+ Systems Administrator - Cybera Inc.
+ Freelance Web Developer
I like building web apps, eating pizza, and automating things.

"He's Pretty Cool"
- My Friends, hopefully

About

By Day

I have a full-time job securing Cybera's network and OpenStack infrastructure.

By Night

I develop webapps with Flask, GM tabletop RPG campaigns, and prepare lavish feasts for my many distinguished house-guests

Experience

Cybera

Apr. 2021 – Present

Systems Administrator

Calgary, AB

On the Cyber Security team, I use Terraform, Ansible, OpenStack, and shell scripts to design and deploy digital security infrastructure and applications. Working at Cybera, I have become accustomed to practicing Agile, Infrastructure as Code, and DevOps methodologies to accelerate and organize day-to-day operations.

  • Designed, planned, and deployed an Intrusion-Detection-as-a-Service (IDSaaS) platform, with the goal of providing out members with a means to better secure their organization’s network from threats.
  • Sought out, tested, and piloted new software and tools to strengthen the security posture of Cybera’s and our members.

Computer Modelling Group

Jul. 2019 – Apr. 2021

Systems Analyst

Calgary, AB

As Technical Support Analyst, I took care of a multi-domain/multi-forest AD environment, managing ~100 servers in 6 different countries. Of those servers, I was responsible for the vSphere clusters, building access system, and print management servers. In addition, I administered VOIP lines in FreePBX, manage software and OS deployments with WDS, AIK, and SCCM, administered the O365 environment (licensing, Teams, SharePoint Online, Power Platform), Active Directory (Users, Computers, Groups, GPO), and our 2FA server (using MultiOTP). What I enjoyed most was creating automation tools and scripts with PowerShell and Python.

  • Worked with the senior VMware administrator to deploy, integrate and smoke-test CMG’s new Hyper-Converged VMware environment.
  • Proposed, planned, and developed Disaster Recovery documentation for critical infrastructure, including:
    • Building Access System
    • Building Access System
    • Printer management system

Devon Energy

Aug. 2017 – July 2019

Application Support Analyst

Calgary, AB

In my role at Devon, I was responsible for administering Jackfish Lodge’s Building Access System including a network of 2,000+ IoT devices. As the application support analyst for Visionline (as well as tier-1 -> tier-4), my area of expertise included IoT, Windows Server 2012r2 Administration, small electronics repair, and desktop support.

  • Collaborated with the safety and training administrator to develop interactive training content for facility site operators. This provided the operators with procedure references that were more maintainable and substantially less dull than the stack of binders that it replaced.
  • Collaborated with the safety and training administrator to develop interactive training content for facility site operators. This provided the operators with procedure references that were more maintainable and substantially less dull than the stack of binders that it replaced.

Enbridge

Dec. 2015 – Aug. 2017

End User Support Analyst

Calgary, AB

As a member of the EDS team, I was responsible for imaging and deploying computers, configuring VOIP phones in CUCM, troubleshooting hardware and software issues, documenting and updating tickets in ServiceNow, and writing scripts in PowerShell. After taking the position of team lead, my responsibilities were to lead projects, manage escalations, manage the ticket queue, train new-hires, and ensure that SLAs were met. Normal duties included IMAC, BES12 and Mobile Iron device management, OS deployment, AV repair, and executive support.

  • Supported 1300+ users, 400+ applications, at an average of 120 tickets per month
  • Provided training, escalation support, and guidance to the team of 7 Desktop Support Analysts
  • Planned, delegated workloads, and oversaw the execution of 3 office relocations, a printer fleet refresh, and the onboarding of new users following Enbridge’s acquisition of Spectra Energy.

Education

Fanshawe College

July 2012

Diploma - Computer Systems Technology

London, ON

Skills

Digtial Security

  • Zeek
  • Rumble
  • MISP
  • Nesus
  • FortiSIEM

Windows Server Administration

  • Active Directory / GPO Management
  • Windows Deployment Services / DISM Image Creation and Provisioning
  • DNS / DHCP Management
  • System Center Configuration Manager / Microsoft Endpoint Administration
  • Office 365 Administration

Linux Server Administration

  • Systemd
  • Kickstart
  • iptables
  • syslog
  • openssl
  • open-ssh

Programming / Scripting

  • Python
  • Go
  • C#
  • PowerShell
  • Bash

Web Developement - Frontend

  • HTML
  • CSS
  • Responsive Design
  • Flexbox / Grid
  • JavaScript
  • Vue.js

Web Developement - Backend

  • Flask
  • REST APIs
  • Nginx
  • Redis
  • mySQL
  • Postgres

Infrastructure as Code

  • Terraform
  • Ansible
  • Cloud-Init
  • Packer

Virtualization / Containers

  • VMware vSphere
  • VMware ESXi
  • LXC / LXD
  • Docker
  • Docker Compose

Projects

Delivery Driver Balance Sheet

A Flask App that allows drivers to input their cash / card transactions. It calculates the correct fees, tax, and cash balance for driver / restaurant bills.

  • Dynamic and Validated Forms (Flask-WTF)
  • Email Notifications (Flask-Mail)
  • Database Migrations (SQL-Alchemy / Alembic)
  • Threaded sub-processes (Thread module / Gunicorn)
  • CSRF / JWT token security (Flask-WTF / Flask-JWT)
  • Multi-user RBAC authentication (Flask-Login / Flask-Principal)
  • Dynamically Generated Excel Reports (Pandas)

Tenant Management Application for Landlord

A Flask App that allows landlords to manage tenants, properties, rent payments, and pull reports.

  • Used Driver Balance Sheet as a template
  • Dynamic and Validated Forms (Flask-WTF)
  • Email Notifications (Flask-Mail)
  • Database Migrations (SQL-Alchemy / Alembic)
  • Threaded sub-processes (Thread module / Gunicorn)
  • CSRF / JWT token security (Flask-WTF / Flask-JWT)
  • Multi-user RBAC authentication (Flask-Login / Flask-Principal)
  • Dynamically Generated Excel Reports (Pandas)

Certbot Docker Container

A docker image I hacked together to use the Dynu.com API for LetsEncrypt DNS-01 challenges, since Certbot does not maintain any compatibility with Dynu :(

  • Docker Container Executes Certbot with Manual Auth / Manual Cleanup scripts option
  • Domain enumeration, TXT record creation, TXT record deletion via Dynu API
  • Email Notifications Via SendGrip API

Homelab

My home network, SAN, and vSphere cluster setup. It runs ratchfordconsulting.com and all the sub-domains.

  • 2 compute nodes running VMware ESXi, joined in vSphere cluster
  • 1 storage node running TrueNas, with 3TB of fast block storage (iSCSI) and 8TB of conventional network storage(NFS, CIFS)
  • Aruba s2400 switch providing 1g links as well as 10gbit SAN links and a 10gbit uplink to the Mikrotik router
  • 5 VLANs, segregated networks with restricted firewall rules. A separate IoT network for segregation of spooky smart-home devices
  • A mix of Docker / LXD Containers hosted from a couple VMs:
    • Nginx, reverse-proxying the applications so that they can have SSL/HTTPS.
    • Gitlab, for my various code-rich endeavors.
    • Apache Guacamole, for RDP/VNC/SSH access via HTTP.
    • Home Media Server, for serving media, at home.
    • On-prem version of Atlassian Confluence. Used to organize ideas, research and planning.
    • Netbox, a CMDB / IPAM for keeping track of what's running and where using which resources.
    • rclone, to backup data from clients/servers to NAS and NAS to cloud.

Hobbies

Cooking

Using cooking as my main method of procrastination, I cook often, test my own recipes and try perfecting the same dish repeatedly until my girlfriend gets upset. I hope to create a food/recipe blog soon, detailing my culinary exploits.

DnD / Tabletop RPGs

I write my own campaigns and perform my role as 'Dungeon Master' for a group of friends. It requires a lot of organization, a bit of creativity, and could be made much easier if I was ever prepared for my sessions.

Outdoorsy Things

  • Camping
  • X-Country Skiing
  • Golf
  • Fishing
  • Hiking