Ben Larabie
Senior Site Reliability Engineer
67 Merner Ave, Ottawa,ON
Summary
A multidisciplinary technology specialist with a history of successfully delivering mission critical IT Solutions for Canadians within the Government of Canada. Able to effectively distill and communicate complex scenarios and solutions to both a technical and non-technical audience. Now looking for opportunities to promote modern development practices using the latest technologies in the private sector.
Overview
17
17
years of professional experience
2
2
years of post-secondary education
Work History
Senior Site Reliability Engineer - GC Notify
Canadian Digital Service [CDS], ESDC
03.2023 - Current
- Overhauled Terragrunt infrastructure as code, as it would no longer build new environments. Resolved multiple looping dependencies and automated environment build steps that were previously click-ops to ensure that GC Notify infrastructure could be deployed to new environments.
- Championed migration from Kustomize to Helm/Helmfile to provide better lifecycle management of workloads and support tools deployed to AWS Elastic Kubernetes Service
- Implemented secrets management solution for both infrastructure and Kubernetes workloads to ensure a single source of truth for environment secrets, and to increase ability to automate deployments.
- Implemented Kubernetes auto-scaling through Karpenter, designed performance tests, and tuned Kubernetes workloads, which increased performance 5 times, while also reducing compute costs.
- Automated upgrade of PostgreSQL from 11 to 15 in all environments using blue/green RDS deployment mechanism, resulting in 4 major version upgrades with no downtime.
- Conducted root-cause analyses after major incidents to identify areas for process improvement or technical enhancement opportunities.
- Mentored junior engineers and developers, sharing knowledge of best practices for site reliability engineering methodologies.
Senior Site Reliability Engineer
Digital Technology Solutions (DTS), ESDC
7 2021 - 03.2023
- Designed and implemented the Regulated Hosting Platform (RHP) - a cloud native enterprise hosting solution based on Kubernetes, complying with ITSG-22 and ITSG-33 requirements for up to Protected B, Medium Integrity, Medium Availability workloads. This is the target hosting platform for the Client Data stream of Benefit Delivery Modernization.
- Established the development technologies, infrastructure stack, security, and testing policies for the Client Data stream of Benefit Delivery Modernization
- Represented the Benefit Delivery Modernization Digital Channel at the Enterprise Architecture Review Board, providing insight and guidance into cloud native architectures while also addressing concerns with these new architecture designs.
- Lead the Security Assessment and Authorization process for Service Canada Labs, a Benefit Delivery Modernization product. Worked with IT Security assessors and practitioners to document and provide evidence for the Security Traceability Matrix
- Lead the working group that established the process to leverage the existing GC Key single-sign-on solution within the Regulated Hosting Platform cloud environment.
- Presented the benefits of going cloud native, as well as a roadmap on how to move to the cloud to the Senior Leaders Forum (Directors and above)
- Authored briefing notes to the Chief Information Officer outlining the state of Covid19 related cloud services within ESDC
Site Reliability Engineer
Digital Technology Solutions (DTS), ESDC
04.2018 - 07.2021
- Developed a DevOps maturity assessment matrix and evaluated delivery teams under the Old Age Security Service Improvement Strategy imitative. Created an action plan for these teams to gain short term wins that would free up cycles to address more difficult issues for the long term.
- Wrote a series of blog posts with a target audience of management and above to explain how cloud native and DevOps differ from traditional Government IT practices. These posts provided a balanced review of the benefits as well as potential pitfalls based on my extensive experience working in both environments.
- Built and deployed the Azure Application Service infrastructure used to host the Covid19 Benefits Finder, which Canadians could use to determine which benefits they were eligable for.
- Implemented the Human Resources Manager (HRM). The HRM was an open source product (Odoo) deployed to a purpose built Kubernetes infrastructure that provided a secure location for managers who could not access the ESDC network to store contact information for their employees.
- Promoted TBS' Open First policy by implementing a cloud native monitoring solution built on open source components (Graylog, Grafana, and ElasticSearch).
- Promoted agility and resisted vendor lock in by establishing a policy requiring all infrastructure code to be developed using Terraform instead of cloud service provider specific templates (ARM Templates or CloudFormation Templates).
- Created and deployed the first cloud spoke to connect to the ESDC Cloud Operation's hub. Provided feedback to the Cloud Operations team to better improve the onboarding process as well as ensuring that DevOps practices could be leveraged to their full extent within this model.
Technical Advisor
Corporate Payment Management Systems, ESDC
08.2015 - 04.2018
- Successfully implemented the Corporate Payment Management System (CPMS) Solution, a new payment service to calculate the payments for Canada Pensions Plan (CPP).
- Designed, developed, and implemented the Integration Broker, an Extract, Transform, and Load batch processor. The Integration Broker was used to transform data from the new CPMS solution into the legacy formats used by external parties such as the Department of Justice and Canada Revenue Agency.
- Designed, developed, and implemented the CPP Tax Slip processor which created both T4a and RL-2 tax slips based on the payment information from CPMS.
- Developed the CPMS Web Service built on Java/Hibernate according to business and process requirements
- Wrote, analyzed, and tuned SQL queries to the CPMS Oracle database.
- Organized and assigned work items to the CPMS middleware team using Microsoft Team Foundation Server.
Senior Developer
Enterprise Cyber Authentication Solution (ECAS), ESDC
04.2008 - 04.2013
- Successfully migrated My Service Canada Account (MSCA) from the e-Pass single sign on system to the new Access Key system.
- Lead the implementation of the new Access Key Security Assertion Markup Language (SAML) solution by deploying and configuring CA Federation Manager for both development and production environments.
- Participated actively in the inter-departmental working group for the Cyber Authentication Tactical Solution (CATS) 2.0.
- Identified a security flaw in CATS 2.0 where the Personal Anonymous Identifier token was not encrypted before it was sent to Identity Providers across the internet.
- Replaced CA Federation Manager with a SAML solution built off of open source libraries that better adhered to the requirements of CATS 2.0
- Developed and implemented a traffic management system to allow MSCA to remain available during usage spikes.
LAN Administrator
Innovation and Information Technology (IITB), ESDC
01.2007 - 04.2008
- Developed automation scripts to automate the installation of development tools such as Visual Studio, Oracle Toad, and Eclipse onto employee's workstations.
- Acted as the Local Registration Authority for onboarding employees to the corporate VPN.
- Performed hardware repairs on both laptops and desktops.
- Maintained the progress reports and organized the rollout of new workstations from the Request for Volume Discount (RVD) procurement process.
Education
2 Year Diploma - Computer Systems Technician
Algonquin College
Ottawa 09.2005 - 09.2007
Skills
Cloud Architecture Design
Cloud-Based Software Deployment
Identity Management Systems
Language Agnostic Programming
Network security
Technical Analysis
Process Analysis
Technical Writing
Critical Thinking
Interpersonal Communication
Technology Highlights
- Containerization (Docker/Podman/Containerd)
- Azure Cloud
- Amazon Web Services
- Kubernetes
- Helm/Helmfile
- Terraform/Terragrunt
- Java/C#/Go
- Unix/Linux/Windows
Timeline
Senior Site Reliability Engineer - GC Notify
Canadian Digital Service [CDS], ESDC
03.2023 - Current
Site Reliability Engineer
Digital Technology Solutions (DTS), ESDC
04.2018 - 07.2021
Technical Advisor
Corporate Payment Management Systems, ESDC
08.2015 - 04.2018
Senior Developer
Enterprise Cyber Authentication Solution (ECAS), ESDC
04.2008 - 04.2013
LAN Administrator
Innovation and Information Technology (IITB), ESDC
01.2007 - 04.2008
2 Year Diploma - Computer Systems Technician
Algonquin College
09.2005 - 09.2007
Senior Site Reliability Engineer
Digital Technology Solutions (DTS), ESDC
7 2021 - 03.2023