Curriculum Vitae

This is an attempt to track (mostly for my benefit) all the technologies I used and everything else I've been doing in Computer Science since, as an early geek in the mid-1980s, I started frobbing my first 8-bit home computer.
For a more concise resume please see my LinkedIn page.
I have also an academic profile on ResearchGate, but I don't use it very often.


Skills

Programming

Bash shell scripting, Python.
Other programming languages that I used in the past: Java J2SE with libraries AWT and Swing, Perl, PowerShell, PHP, C, C++, JavaScript, VisualBasic, AmigaBasic, Commodore BASIC.

Operating systems

RHEL / CentOS / CERN Scientific Linux, Fedora Linux, Debian / Ubuntu Linux.
MS Windows 10.
Other operating systems that I administered or used in the past: various UNIXes (Solaris, HP-UX, DEC OSF/1), FreeBSD, Workbench (AmigaOS) 1.3, MS-DOS, MS Windows 3.x, 95, 98, ME, NT, 2000, XP, 7, 8, Server 2003, Server 2008.

Virtualization

VMware, KVM (libvirt), VirtualBox, Vagrant.

Databases

MySQL, MariaDB, Percona XtraDB Cluster (Galera).

Middleware

Apache, Nginx, Tomcat.

Revision control

Atlassian Stash / Bitbucket, GitLab, Git, Subversion, CVS.

Continuous integration and release automation

Atlassian Bamboo, Jenkins, Rundeck, Ansible, Puppet.

Log aggregation and monitoring

ELK stack, Munin.

Collaborative tools

Atlassian Confluence, Atlassian Jira.

Languages

Italian mother tongue.
Fluent in English and French.
Basic knowledge of Portuguese.


Professional experience


May - October 2019: Senior Linux Engineer at Prime International Group (Geneva, Switzerland).

Contractor for the DGNSI - État de Vaud.

Managed the whole Linux IT infrastructure (thousands of RHEL 5 / 6 / 7 / 8 servers with OpenLDAP centralized authentication) for all IT services of the canton of Vaud.
Technologies used:
- Configuration management and server provisioning: Red Hat Satellite 6, VMware, Puppet Enterprise, Git, GitLab, BlueCat Address Manager.
- Monitoring: IBM Tivoli Netcool/OMNIbus.


September 2016 - February 2019: Senior Consultant at blue-infinity (Geneva, Switzerland).

Contractor for Nestlé and Philip Morris International.

Provided DevOps release operations on the complex e-commerce architecture of Nespresso, running on RHEL 6 and 7 servers. Ensured L3 support.
Technologies used:
- Middleware: Apache, Tomcat, Nginx, HAProxy EE.
- Release automation and configuration management: Git, Bitbucket, Puppet, Jenkins, Rundeck.
- Change and incident management: Jira, HP Service Manager.
- Other software: Grafana, LDAP, Oracle databases (via Oracle SQL Developer).

Managed the e-commerce platform of IQOS (split in several national markets), running on RHEL 6 and 7 servers.
Technologies used:
- Servers: Amazon Web Services EC2 and RDS instances.
- Configuration management: Puppet, Ansible.
- E-commerce frontends: CS-Cart, Apache and Nginx webserver / webproxy.
- Mailservers: Postfix + ISPConfig + RainLoop webmail.
- Databases: MySQL, MariaDB.
- Monitoring: Datadog.

Administered and configured ELK stacks (Elasticsearch, Logstash, Kibana, Filebeats, Curator).

Installed and administered Atlassian stacks (Confluence, Jira, Stash/Bitbucket, Bamboo).

Performed audits of configuration and schemas of several heavily-used MySQL and MariaDB e-commerce database backends, using Percona Tools and MySQL utilities.


February 2015 - August 2016: Systems Engineer at Clever Net Systems (Geneva, Switzerland).

Provided Linux consulting for clients in Switzerland and abroad: International Organizations (WHO), public sector (Swiss Federal Supreme Court, Department of Education of the Canton of Geneva, Université de Genève), luxury industries (Audemars Piguet), banks, and other private companies.

Linux system administration and projects:
- Administered RHEL / CentOS 6 and 7, Fedora 21-23.
- Installed LAMP stack and various other software and tools.
- Developed a project for transforming Ubuntu workstations into Wi-Fi Access Points (via hostapd + dnsmasq + Python/GTK scripting). This software was later deployed in all primary schools of the Canton of Geneva.
- Deployed Munin monitoring infrastructures and wrote customized plugins.
- Installed and migrated WordPress and Drupal sites.
- Installed and administered an ownCloud server.
- Installed and configured an ELK stack (ElasticSearch, Logstash, Kibana). Audited existing ElasticSearch installations.
- Developed Bash scripts.

Database administration:
- Deployed and administered Percona XtraDB Clusters (Galera) with S9S ClusterControl on HAProxy load balancing.
- Deployed and administered MySQL servers on master-slave replication.
- Audited existing MySQL installations.

Other duties and accomplishments:
- Administered the company website on WordPress.
- Administered the company issue tracking system on Atlassian Jira.
- Developed PowerShell scripts for use as Nagios plugins.
- Performed system and network audits for clients.
- Provided research and evaluations of technologies for the selection of the appropriate IT solutions.
- Provided Linux training (in preparation to Linux certification) to clients.
- Wrote several technical articles for the company blog.


January - December 2014: Professor at Webster University (Geneva, Switzerland).

Taught Computer Science courses:
- Database Concepts (Relational Databases, ER modeling and diagrams, Relational algebra, SQL, MySQL, MS Visio).
- Database Applications (guiding students in implementing a database project).
- Telecommunications (TCP/IP, Wired and wireless networking, LAN/WAN, Network security, PSTN and cellular phone networks).


August 2010 - September 2012: Systems and Networks Administrator at International School of Geneva (Geneva, Switzerland).

Managed the whole IT infrastructure and services of the school, spread on four campuses in the Geneva/Vaud cantons and counting 5000 users.

System administration:
- Installed, configured, and administered Linux Debian 5 and 6 with Apache webserver, Squid HTTP transparent proxy + Squirm URL filtering + SARG reporting tool, Exim4 SMTP, DHCP, MySQL. Developed Bash shell scripts.
- Installed, configured, and administered MS Windows Server 2003 and 2008 R2 with Active Directory and DNS. Developed PowerShell scripts.
- Administered QNAP TS-459U+ NAS and HP ProLiant NAS.
- Provided administration, backup, restore, and cloning of virtual machines via VMware ESXi, VMware vCenter, VMware vSphere, Veeam Backup, Veeam Monitor.
- Organized backups via CA ArcServe (on tape and NAS) and Arcplace Asigra Cloud Backup / DS Client (on cloud).
- Monitored systems, network connectivity, and services via Paessler PRTG Network Monitor, OCS Inventory, Trend Micro OfficeScan antivirus. Managed handling of SMS alerts, provided troubleshooting, and resolved incidents.
- Assembled and managed IBM System x336 / x3550 / x3650 servers hardware, with configuration of RAID 5 on BIOS.
- Provided installation on rack, cabling, and management of miscellaneous hardware (servers, network appliances, UPS, KVM switches) in four server rooms.
- Created and administered several GoogleApps domains with up to 4000 accounts, via control panels (Google Cpanel, Promevo gPanel) and scripting. Developed scripts (PowerShell + google-apps-manager API, Python + Google Code Labs API) for bulk operations involving hundreds of users e.g. account creation, password setting, document ownership change. Administered Google cloud applications (Mail, Groups, Calendar, Docs/Drive, Sites). Managed mail delivery and antispam filtering via Google Mail Security (Postini).
- Managed the e-learning tools Rosetta Stone and Moodle.
- Provided 1st and 2nd level technical support (via Salesforce ticketing system) and user training.
- Redacted technical documentation and detailed user guides.

Network administration:
- Administered Ruckus ZoneDirector 3000 WLAN controller with ZoneFlex antennas.
- Configured Cisco ASA 5520.
- Configured 3Com 4800G switches.
- Configured cloud-based domain filtering via OpenDNS.

IT project management:
- Managed main printing and photocopying facilities provided via a network of 60 Ricoh/Nashuatec multi-function printers. Administered Docupro print servers and managed the user accounting system (which was based on Inepro smartcards). Provided troubleshooting, helpdesk, and user support.
- Managed a client-server system of multimedia information screens. Organized training sessions for admins.
- Managed a system of cash registers with a centralized TCPOS database for the school cafeterias.
- Managed the outsourcing for administration and upgrade of a Moodle 2 platform.


June - July 2010: System Administrator at Cavoon (Geneva, Switzerland).

Administered Linux Debian and FreeBSD with Apache webserver, Samba, Exim4 SMTP.

Developed and maintained small Perl applications and Bash shell scripts.

Provided on-site technical support to customers.


January 2008 - March 2009: Network Security Specialist at Sardegna IT (Cagliari, Italy).

As a member of the SOC and NOC teams, provided support for all e-government projects of Regione Sardegna.

Administered network and security appliances:
- ArcSight Logger L7100s v3.0.
- Clavister Security Gateway 4410 firewall.
- Juniper NetScreen 204, ISG 1000, ISG 2000 firewalls.
- Cisco Catalyst 2950 and 3750G switches (IOS v12).

Managed a basic Certification Authority via OpenSSL for internal use.


September 2006 - August 2007: Java Developer at CERN (Geneva, Switzerland).

Created a GUI in Java6/Swing for the control system of CERN particle accelerators, using the Eclipse IDE. Gathered and analyzed project requirements, created specifications for the features requested by LHC operators, continuously integrated the GUI with the core component, and redacted the software documentation.

Improved access to the Atlassian Jira bugtracker system by independently conceiving, developing, and documenting an email plugin in Java. This software was later released under a free license and maintained by CERN.

Administered the Atlassian Jira bugtracker system and the Atlassian Confluence wiki for the CERN Accelerator and Beams Controls group. Converted the wiki from PmWiki to Confluence.

Completed the CERN Guide training course.


April - June 2006: Scientific collaborator at Università di Cagliari (Cagliari, Italy).

Independently created a graphical interface in Python/Tkinter for the EDG software, in the framework of the EGEE-II grid computing project led by INFN.


February - May 2003: Professor at American University of Paris (Paris, France).

Taught an Applied Computing course (VisualBasic, MS Word, MS Excel).


October 2002 - September 2005: Doctoral student at INRIA (Paris, France).

Analyzed the possible security attacks against the routing layer in MANETs (ad hoc wireless networks), investigated weaknesses in the OLSR protocol, and proposed new security algorithms.


March - July 2002: Trainee at Ecole Polytechnique (Paris, France).

Analyzed the X.509 Digital Certificates security infrastructure in the Netscape/Mozilla browsers. Developed an implementation of the Feige-Fiat-Shamir zero-knowledge proof of identity protocol in C language.


October 2001 - February 2002: Teaching assistant at Ecole Ingénieurs 2000 (Paris, France).

Supervised students in the development of their end-of-year projects in C and Java programming.


May - September 2001: Trainee at CERN (Geneva, Switzerland).

Independently conceived, designed, developed, and documented a suite of highly reliable programs in Java/Swing for the control, audit, and alarms management of a laboratory of automatic microscopes. Redacted technical documentation for suite users, administrators, and developers.


Education


2005: Doctorate in Computer Science - with highest honors (Diplôme de Docteur en Informatique, Télécommunications et Electronique - mention Très Honorable).
Thesis: "Security Schemes for the OLSR Protocol for Ad Hoc Networks".
Université Pierre et Marie Curie (Paris 6), now Sorbonne Université.


2002: Master of Science in Computer Science, with major in Networking - with honors (DEA Informatique Fondamentale et Applications, filière réseaux - mention Bien).
2001: Postgraduate Degree in Computer Science - with honors (Maîtrise Informatique - mention Assez Bien).
2000: Bachelor of Science in Computer Science - with honors (Licence Informatique - mention Assez Bien).
1998: ERASMUS grant (12 months).
Université de Marne-la-Vallée, now Université Paris-Est Marne-la-Vallée.


Studies in Physics and Computer Science.
Università di Cagliari.


Certifications


September 2020: CEH (EC-Council Certified Ethical Hacker), v10.
License number: ECC5618302479


February 2016: RHCSA (Red Hat Certified System Administrator), RHEL 7.
License number: 150-215-309


September 2014: LPIC-2 (Linux Professional Institute Certification level 2).


April 2013: SUSE CLP (Certified Linux Professional), SLES 12.
License number: 10230801


March 2013: LPIC-1 (Linux Professional Institute Certification level 1).


November 2009: CCNA (Cisco Certified Network Administrator).
License number: 401064168561HQCJ


Publications

ORCID ID: 0000-0003-4489-1047.
This list is also available in BibTeX format.

Cédric Adjih, Paul Mühlethaler, and Daniele Raffo, "Detailed specifications of a security architecture for OLSR", Technical Report INRIA RR-5893, HIPERCOM project, INRIA Rocquencourt, April 2006.
[PS]    [PDF]   

Daniele Raffo, "Security Schemes for the OLSR Protocol for Ad Hoc Networks", Ph.D. Thesis, Université Paris 6 -- INRIA Rocquencourt, 15 September 2005.
WorldCat number: 493014627
[PS]    [PDF]    [HTML]    [ODP slides]    [PPT slides]    [bibliography]   

Cédric Adjih, Daniele Raffo, and Paul Mühlethaler, "Attacks Against OLSR: Distributed Key Management for Security" in 2nd OLSR Interop / Workshop, Palaiseau, France, 28-29 July 2005.
[PS]    [PDF]   

Daniele Raffo, Cédric Adjih, Thomas Clausen, and Paul Mühlethaler, "Securing OLSR Using Node Locations" in Proceedings of 2005 European Wireless (EW 2005), Nicosia, Cyprus, 10-13 April 2005.
[PS]    [PDF]    [SXI slides]    [PPT slides]   

Cédric Adjih, Thomas Clausen, Anis Laouiti, Paul Mühlethaler, and Daniele Raffo, "Securing the OLSR Routing Protocol With or Without Compromised Nodes in the Network", Technical Report INRIA RR-5494, HIPERCOM project, INRIA Rocquencourt, February 2005.
[PS]    [PDF]   

Thomas Clausen (ed) and Emmanuel Baccelli (ed), "Securing OLSR Problem Statement", Internet-Draft, draft-clausen-manet-solsr-ps-00.txt, work in progress, IETF MANET Working Group, 14 February 2005. (Listed as contributor)
[TXT]   

Daniele Raffo, Cédric Adjih, Thomas Clausen, and Paul Mühlethaler, "OLSR with GPS Information" in Proceedings of the 2004 Internet Conference (IC 2004), Tsukuba, Japan, 28-29 October 2004.
[PS]    [PDF]   

Daniele Raffo, Cédric Adjih, Thomas Clausen, and Paul Mühlethaler, "An Advanced Signature System for OLSR" in Proceedings of the 2004 ACM Workshop on Security of Ad Hoc and Sensor Networks (SASN '04), Washington DC, USA, 25 October 2004.
[PS]    [PDF]    [SXI slides]    [PPT slides]   

Cédric Adjih, Thomas Clausen, Philippe Jacquet, Anis Laouiti, Paul Mühlethaler, and Daniele Raffo, "Securing the OLSR Protocol" in Proceedings of the 2nd IFIP Annual Mediterranean Ad Hoc Networking Workshop (Med-Hoc-Net 2003), Mahdia, Tunisia, 25-27 June 2003.
[PS]    [PDF]   

Daniele Raffo, "Digital Certificates and the Feige-Fiat-Shamir Zero-Knowledge Protocol", M.Sc. traineeship report, Université Paris-Est Marne-la-Vallée & LIX Ecole Polytechnique, 11 July 2002.
[PS]    [PDF]   


E-books

Daniele Raffo, Linux Quick Reference Guide, e-book, May 2013 (1st edition).
New editions published yearly.
[PDF]

Daniele Raffo (with Robert J. Hansen and Patrick Brunschwig), The Enigmail Handbook v1.0.0, e-book, December 2009.
[PDF]


Peer reviews

Rich Pollei, Debian 7: System Administration Best Practices, Packt, October 2013.

Bruce Schneier, Liars and Outliers: Enabling the Trust that Society Needs to Thrive, Wiley, February 2012.

IEEE/ACM Transactions on Networking, 2011.

Conference proceedings of IEEE Globecom 2005 Wireless Communications, St. Louis MO, USA, 28 November - 2 December 2005.

IEEE Journal on Selected Areas in Communications, Special Issue on Mobile Routers and Network Mobility, September 2005.

Paolo Attivissimo, L'acchiappavirus, Apogeo, November 2004.


Community contributions


May 2018 - present: Founder and administrator of the CERN Alumni Swiss Romandie regional group.


January 2009 - present: Team member of the Enigmail project, an Open Source OpenPGP plugin for Mozilla mailclients.

Author of the first Enigmail Handbook.
Maintained the online documentation for Enigmail.
Provided user support on the forum and on the newsgroup/mailinglist.
Maintained the Enigmail wiki, running on MediaWiki.
Managed and moderated the community forum, running on phpBB.


2004: Contributor to BBClone, an Open Source PHP-based web counter.

Translated software and part of the documentation to Italian.


Events

24-27 July 2018: UXForum, Dublin.
Meetings and discussions with Enigmail users.
Invited and sponsored by Internews.

31 May 2018: Geek Girls Carrots meeting #6, Campus Biotech Innovation Park, Geneva.
Keynote "Public Key Cryptography, OpenPGP, and Enigmail".

14 March 2014: Workshop on Anonymous Communications, Data Security and Protection of Sources for Journalists and NGOs, Club Suisse de la Presse, Geneva.
Talk about Enigmail.





page last changed on 27 November 2020