A Cautionary Tale about Employment at Spiration Inc.
- Spiration Incorporated (aka Olympus Respiratory America) is a medical device manufacturer located in Redmond, WA -
Home JD Autopsy FAQ

As we all know, job descriptions can be a bit cryptic at best. So, let's take a closer look at Spiration's latest Network/Systems Engineer job post on Craigslist.org. Since this position would cover one of the roles I performed for Spiration I feel I can clarify a few details and add a bit of context. After all, the whole point of this site is to educate potential candidates like you about the pitfalls of working at/for Spiration. What could be a better place to start than an autopsy of one of their job postings.

Link to original ad on Craigslist: http://seattle.craigslist.org/est/sad/5394343471.html

Link to PDF copy of the ad: Spiration_Job_AD_on_CL.pdf

Original ad text in blue, translation/comments in red.

NETWORK/SYSTEMS ENGINEER - EASTSIDE MEDICAL DEVICE COMPANY! (Redmond)

Spiration, Inc. d/b/a Olympus Respiratory America, is a medical device company focused on developing advanced treatment options for patients suffering from acute and chronic lung conditions, including emphysema and air leaks resulting from damaged lung tissue. We are continuing to build a dedicated team of professionals who are motivated by this opportunity to make a significant contribution to the health and well-being of others.

I agree with everything in their opening statement. Especially that second sentence. They really are looking for someone who is "motivated by this opportunity to make a significant contribution to the health and well-being of others", and not compensation or career growth.

The Systems/Network engineer is responsible for Spiration's corporate computer systems and network infrastructure, maintenance and monitoring. The Engineer works as a member of the IT team, and will provide backup support to other members within the IT department including the helpdesk function.

Translation: You will be the person who has to handle everything related to technology at the company, with the exception of some in-house developed legacy applications. You should expect to have to sacrifice your evenings and weekends because you will be the only one that has a clue how things work. You will be expected to do the jobs of the other IT team members when they are out, sick, or if their position has been eliminated to cut expenses.

Note: The Help Desk position will be the first to be cut. Despite being required to do so as part of the agreement I had with management, they failed to ever hire a Help Desk tech during my time there. They only did so after I resigned so that the remaining team member had some assistance. After you prove you can do the job the Help Desk position will most likely be eliminated altogether and you will be performing that function on top of all your other work. For reference, 50% of my in office time (~20 hrs/wk) was wasted with level 1 tech support (which will do nothing for your resume btw). You'll be making up these 20 hours outside of normal business hours in an effort to keep up, and that is assuming that you will not be taking on the director level tasks that I performed. You can add on another 20 hours per week if they do. Say goodbye to any family or personal life you may have.

PRIMARY RESPONSIBILITIES:

  • Manages the corporate network and systems including Cisco/HP switches with multiple VLANs configured in a collapsed stacked core link aggregated to a stacked access layer, Cisco ASA, Cisco WAC/LAP solutions, Symantec Backup Exec, MS AD, Print and File services, Licensing, Symantec anti-virus, etc.

  • Is the subject expert for Windows client and servers as used in a corporate setting including Win Server 2012, ADS, CA, Hyper-V, Radius via NPS, GPO, IIS, LYNC, MS Exchange 2010, DNS, DHCP, WDS. Office 365 - using DirSync integration - and WSUS etc.

I'll group the first two list items together since they have inter-twined the network, systems, services, and enterprise applications rather than breaking them out into distinct groups. Some are also duplicate or related items anyways. Btw, isn't it reassuring when the person you will be working for cannot even effectively describe the infrastructure you will be expected to support.

So, yes, you will be expected to support the network infrastructure I engineered and implemented. It is indeed a collapsed core design, but I doubt they even know what that actually means (ask them to explain it to you, that should be entertaining).

So, what you really have is a pair of Cisco 3850x layer 2/3 switches with the integrated WLAN controller (WLC). These are stacked via StackWise for HA (network and WLC). Btw, the WAPs are connected directly to the core switches (standard CAPWAP deal).

Client access layer is handled by 5 Cisco 2960x switches. These switches are stacked with FlexStack, not for HA, but for ease of management and to keep all local VOIP traffic on the stack and not flowing through the core (other than the VoIP session initiation traffic to the CM server that is). There are two 4Gbps Etherchannel uplinks from the core stack to the client access stack, this is overkill, but provides a minimum of 4Gbps in a failover condition (e.g. switch failure).

The HP 2920 switches are only used in the server cabinets (reused some existing switches to reduce cost, added a couple more matching units). These were to be stacked by now, the modules were on the shelf waiting for installation during the next MW when I resigned. But, I am betting that the modules are still sitting there. Waiting. The network upgrade was done in phases; this was one of the last pieces of the puzzle…. Since I do not know the exact state things are in, I'll just end the topic discussion here.

Cisco ASA. Kind of an understatement. Reality,… two Cisco ASA 5515 devices configured as an active/standby failover pair. Each with their own 4Gbps Etherchannel uplink to the core, and failover, state links between the units. This was just a temporary config though. The end goal was to switch to active/active using virtual contexts once the 2nd 50Mbps ISP connection was in place. Load balancing and failover was the plan. This should already be in place by now, who knows if it is,… Either way, much better than the POS WatchGuard they had in place when I started.

Multiple VLANS. Yes there are. Was a flat network to begin with. I implemented VLANS to segment everything and to allow for QOS/COS in support of the Cisco VOIP phone system (which is another item I engineered for them).

ADS, apparently Active Directory Services was so important they mentioned it twice in their JD. I cleaned up most of the AD issues as I was preparing for DirSync integration with Azure for use with O365. There were over a hundred defunct accounts, mostly still enabled, with password that don't expire… ya, they had awesome security before I joined the company. One guy actually had the password "Password" for almost 7 years,… ya, as I said, awesome. I cleaned up most of this and took care of the password complexity and expiration issues. User accounts are grouped by business unit now (part of the DirSync config (OU Filtering implemented for sync)). I also went through the data and ensured that the pertinent details for every user was populated. I have been out of there for almost 8 months, so I have no idea what state it is in today.

CA, RADIUS, NPS - I implemented all of these as part of the auth mechanism for the wireless network. I will not provide details here as they have no idea how it all works (way over their heads) and I am not going to provide them with any free knowledge. If you are a qualified SE, you already know how all these pieces fit together anyways. Btw, there are GPOs related to this as well. The enterprise wireless network has seamless integration with the enterprise wired network. It is worth noting that their original wireless network in the corporate office required that you VPN into the corporate network to access anything, and the throughput was so bad (they had consumer grade hardware connected to the ISP connection through a hub and an old, inadequate fw). You could not even stream Pandora on their original wireless network never mind actually getting any work done. Also worth noting that I rolled out the new enterprise-level integrated/seamless wireless network automatically, and without any issues. On Friday they had a crappy and basically useless wireless network, on Monday they received the config and certificates via a GPO update and had an enterprise-level integrated wireless network that was capable of handling any workload (you could even stream HD video if the need should arise (training videos)). I did not even receive a thank you or any recognition for this work.

MS Exchange 2010. This is a fun one. They owned Exchange 2010 for several years prior to my arrival. None of my predecessors could migrate the environment, in fact they failed on several occasions, one of which ended up corrupting the database files and they had to engage Microsoft to get things running again. I successfully migrated the environment when everybody else had failed. I'll admit that there were a lot of issues to work through (e.g. cleaning up all the AD artifacts leftover from the prior failed attempts (using ADSI edit)), nonetheless I took care of it. Once again, no recognition from management. Btw, 2010 was just a first step, I budgeted for 2013 in the 2015FY and the upgrade should have been completed by now, apparently it has not. Moving to 2013 allows for better integration with Lync 2013 and other components that make up a proper unified communications and collaboration solution. But you probably already know that,…

Lync 2013 - Spiration had no concept of UCC when I joined. I started the company down a path that would have integration between all major enterprise apps and the phone system (for RCC initially). I engineered and implemented Lync 2013 standard with integration to Exchange for presence and more. I engineered a Cisco BE6kHD based VOIP phone system with integration to Lync as a primary requirement. I also engineered and implemented Office 365 with local client installs of the Office suite. SharePoint server was planned for late 2015 (to replace a legacy intranet site - SharePoint should be in place by now). So, Lync is the glue that ties the UCC system together, and there should now be full integration between the intranet site (SharePoint), the Office installation including Outlook, and the phone system. This should provide presence, call presence, click to dial/answer, and much more. Having SharePoint in place will also keep you from dealing with the daily calls regarding someone locking a file that someone else needs to edit,… not to mention proper versioning and such. Not that I am a huge fan of SharePoint, but anything is better than that horrible legacy Intranet/network-file-share system they used to have.

WDS: Windows Deployment Services. When I joined they were handling imaging via a legacy cloning application and external USB hard drives. It was inefficient, slow, and made tracking of images a pain. Standard issue of what image is on which hard drive and who has / where is that drive. Sigh. Anyways, I implemented WDS to allow for imaging via the network (F12/PXE), and to have a centralized repository of all images. Windows OEM OS images were available, in addition to the standardized thick-images for client and server hardware. This was only the first step though. For the Windows 10 client deployment, my plan was to automate everything in post imaging steps rather than use thick images. This was also dependent on the role out of Office 365 being complete (so there were no legacy office versions to worry about (software licensing and versioning was a mess when I joined the company - was cleaning all of it up - but Office was the worst).

Symantec anti-virus (Endpoint Protection), Symantec Backup Exec (2014), File and Print Services, DNS, DHCP, IIS, GPO, Hyper-V, WSUS, etc. SEP and BEX were up to date and functioning fine when I left the company, hopefully that is still the case. Full data backup takes way too long (in my opinion anyways), but this is due to the poorly implemented legacy SAN which holds all files, and the legacy file server (VM on Hyper-V), and the poorly implemented Hyper solution. Just prior to my departure, I had installed a new, physical file and print server to replace VM and SAN solution. I also installed a couple Hyper-V servers. My intent was to decom the existing legacy Hyper-V environment and the legacy SAN, so I could upgrade and rebuild it correctly. To do this I needed to migrate everything off of it, I left the company before beginning this work, but the hardware was ready (was just doing a burn in at the time). I won't bother discussing the full details of the legacy iSCSI SAN implementation, just know that the uplink to the main server backbone was only 1Gbps with only a manual failover process, the SAN itself was only low-to-mid range model with lackluster performance and only a set of 1Gbps ports for connectivity. The numerous bottle-necks is the cause of the general slowness that affect file access, database access, and numerous applications. By now, the switches in all cabinets should be stacked and configured to provide the best performance and redundancy that best suits the servers/gear housed in each cabinet. The entire server backbone should now be up to 8Gbps (4Gbps in failover). I won't detail out the entire plan since I believe they have not been able to accomplish this upgrade, and I am not going to give them any pointers. I will say that phase two was to add another shelf capable of supporting the 10G modules and decommission the legacy shelfs, add the 10G modules to the SAN shelfs and cabinet switches, and go from there… The GPOs were a disaster when I started. Conflicting policies, legacy policies, everything shoved into one or two policies. Nightmare. Cleaned up about 80% of that. DNS, DHCP, Etc., it works. WSUS was configured correctly and working when I left.

  • Manages Cisco Unified Communications IP solutions.

You get to support the excellent Cisco VOIP phone system I engineered for them, and not the crappy obsolete PB that was there before. Since I engineered the network correctly, and with the VOIP system in mind, you should have very few to zero issues with this system. I was not there to oversee the implementation project, so who knows if it was completed to my spec, and done correctly. If completed correctly, and to spec, you should have a robust, scalable, highly-available system that is integrated to Lync 2013 for RCC, Exchange for delivery/management of voicemail, and much more.

  • Responsible for company's ISP circuits and circuit migrations.

Since they explicitly call out migrations, I am betting that no one has been able to migrate the company to the new Metro-E circuit in my absence. Originally, they were locked into a contract for a 4.5Mbps Flex circuit form XO (1 T1 Pri for voice, and 2 T1s for data). This circuit was not sufficient to support the company's bandwidth needs and growth rate, it was hindering productivity for numerous business groups. Since they were locked into a current contract for the 4.5Mb flex, I brought in a 50Mbps (50Mbps/25Mbps) FIOS circuit and routed all client traffic through it for Internet access. Enterprise systems were still routed through the 4.5 Flex circuit to take advantage of the better business-class SLA. That was phase one, and the end user experience improvement was dramatic to say the least. Phase two was to bring in a 50Mbps symmetrical Metro-E connection, this was installed about a week before I left the company 8 months ago, it sounds like they have been unable to migrate to it. Which is interesting since the contract on that legacy 4.5 Flex runs out in the first half of 2016. At the completion of phase two, there should be two circuits, the 50Mbps Metro-E, and the 50Mbps FIOS. The ASA pair was to be configured in an Active/Active HA config that would handle load-balancing as well as failover (A/A implemented by way of virtual context config on the ASAs). All of this work should have been complete in summer 2015, sounds like that is not the case. Oh well,… maybe if they ever get a qualified, skilled employee again they will not screw them over. Although, the management at Spiration has no love for IT, so they probably will.

  • Writes, edits, and maintains all written IT Infrastructure controls and procedures in accordance to Olympus and Spiration SOPs.

Translation: When you ultimately leave the company, after they screw you over, they want to ensure you have left detailed documentation so they can hire someone else to support the work you have done for them. Also, they get to hire a less experienced tech since you have taken care of the hard work, and therefore save money.

  • Backup to other members of the IT department.

Hmm, they keep mentioning this item. I'm sure that is a good sign,...

  • Administration of Android/iOS/Windows MDM controlled smart phones and tablet devices.

Nothing really to see here. They probably still use the cloud-based Zenprise app to handle MDM. After the upgrade to Exchange 2013, and after all laptop/tablet devices were upgraded to Windows 10 Enterprise (for DirectAccess compatibility), I was planning on deploying Windows 10 Phone devices with auto-vpn. Seamless integration and access to corporate resources was the main goal. Added benefit of managing everything in-house without the need for the cloud-based zenprise service.

  • Support some internal Web apps and SQL server instances.

All legacy stuff for the most part. A couple SQL servers, and a SQL Express 2014 instance on the admin server. Had to jump through the standard hoops to get WSUS, Symantec, and other admin tools to use SQL Express 2014 (was not officially supported at the time). There is an asset database on the admin server, probably out of date now. I put together a PS script to query AD for the computer list and then query hardware and software for all the client and server hardware. Was working on a web front end for it prior to exiting the company, but I was mostly interested in the data for planning/tracking, so the nice presentation front end was a secondary concern and I just never had the free cycles to finish coding it.

  • Stays current on latest technologies and trends and determine applicability to Spiration. Makes recommendation on implementation of new technologies.

Translation, they screwed over the person directing IT for the company and he left, they now want you to handle that so they can continue to take the credit for it.

  • Other duties as required.

This is one you should be concerned about. Spiration is about randomization. You will be dumbfounded by some of the items they will ask IT to take care of.

Here are a few gems from my personal experience:

  • 1). Research, order, and coordinate the installation of new seat cushions for the conference room chairs.

  • 2). Engineer a sound-proofing solution for the CEO's office so employees cannot hear him yelling.

  • 3). Take on the role of an interior designer and choose new colors, trim, and furniture for the conference rooms. After all, everyone knows that IT professionals make great interior designers. (sarcasm)

MINIMUM QUALIFICATIONS:

Education

  • Bachelors degree in MIS/IT technology or equivalent strongly preferred.

  • MS certifications a plus.

Experience

  • Minimum of 6 years IT experience in a corporate environment. Experience in a regulated environment optimal.

If you can support what I engineered and implemented with only 6 years of prior experience, you should not waste your time working at a dead-end job at this company. Seriously. Do yourself a favor and go apply at Microsoft, or Amazon, or just about anywhere else.

Skills, Abilities, and Knowledge

  • Advanced Cisco/HP Switching IOS, Windows client and server grade solutions, MS Exchange 2010/Outlook, IIS, SQL Server.

Translation: No one else has a clue how to support any of these items, so you will need to be an expert with all the answers.

  • Strong knowledge of IP Telephony corporate solutions.

Lucky for you, I engineered an amazing network and VOIP phone system, so you should only need to maintain it. Assuming the phone system was installed as engineered.

  • Experience with Symantec Backup Exec backup or comparable configurations, ASA firewalls and modern internet and server security practices.

Translation: Again, no one else has a clue how to support any of these items, so you will need to be an expert with all the answers.

  • High level of proficiency in Microsoft Word, Outlook, Excel and PowerPoint required. Visio skills desirable.

Translation: This is really a top concern of theirs, after all, you will need to provide excellent end user support once they eliminate the Help Desk position.

  • Service-oriented attitude, flexible and proactive towards changing needs is required. Proven ability approaching, interacting and supporting a diverse workforce including sophisticated and non-sophisticated end users. This position is exceptionally team focused and must actively contribute to a positive and innovative work environment.

Translation: Some of the employees are quite intelligent, while others would lose to a squirrel in a battle of the wits. Either way, you'll need to kiss their ass and provide service with a smile. I wish I was joking. As I mentioned earlier, IT gets no love at Spiration, no recognition, and no respect. You will be expected to kiss everyone's ass, if you don't, you will have no future at the company. Even if they are insane, and have the IQ of a gerbil, you cannot not point out that they are incorrect about something they believe to be true. Many bad experiences in general. Had one user take off, throw away the little rubber nub for the point-stick on their laptop keyboard and then demand a brand new laptop because they 'were assigned defective hardware that keeps her from being able to do her job'. Real example. I denied her request. She runs the issue up the corporate ladder, and I become the difficult person to work with. Btw, same user had issues with every piece of hardware she was ever assigned. I can tell you that it was never the hardware. I can also tell you that that 'defective laptop' had a touchpad in addition to the point-stick, and she was also assigned a USB mouse. But I guess everyone knows that a laptop is trash once that little rubber nub goes missing. (sarcasm)

  • Excellent written and verbal communication skills including superior writing, composition, and English grammar skills required.

Standard detail added to every JD. Nothing special here. Nothing special here. Just be aware that anytime you send out an email with pertinent information, if you make it more than 100 words long, everyone will complain that is too much reading. Twitter generation, what can ya do? Maybe just take a page from Idiocracy and just say "Shit. I know shit's bad right now with all that technologic issue bullshit. ..."

  • A proven record of consistently following through on commitments. Maintains and communicates realistic schedules and meets or beats deadlines.

Pretty standard for all job descriptions. Main thing to note here is that while these qualities are expected of you, there is no recognition or reward if you actually meet or exceed the expectations.

  • Works precisely according to procedures, rules and regulations, has a passion for continuous improvement and quality.

Pretty standard for all job descriptions.

  • Demonstrates the highest ethical standards, actively promotes trust, respect and integrity in all dealings both inside and outside the Company.

Ironically, this item was on the original job description that I saw when I first interviewed at Spiration. Ironic because the management at this company has serious ethical issues. Enter into contracts that they have no intention of honoring, lie to their employees, and taking advantage of people for their own gain. All things I personally experienced during my time there. On more than one occasion I was instructed by my manager to lie to vendors.

Must be a non-smoker, and be able to successfully complete a pre-employment background check and drug test.

PHYSICAL GUIDELINES

This position works indoors in a general office environment. This position requires moderate amounts of lifting (= 50lbs), stretching, bending, standing, and crawling under desks. There is frequent telephone and computer use at a workstation and frequent walking throughout the workday.

Standard requirements, nothing to see here.

SPIRATION offers a terrific benefits package to employees that currently includes: Medical, Dental, Vision, Life, Short and Long Term Disability and AD&D insurance; annual cash bonuses; Flexible Spending Accounts; 401(k) matching; sick, vacation and holiday pay; an educational assistance program; access to the Olympus company store; and free parking.

"Terrific" is relative. Main thing to note is that it does not offset the low base salary. Despite their mention of "professional Compensation", you should expect to be making $10k-15k less a year than you would at Microsoft or other decent company. My base was $12k less than I was making prior to joining Spiration. Of course, I was never in it for the money, it was about advancing my career. In the end they screwed me over. I have nothing to show for all of my dedication, amazing work and accomplishments while at Spiration. I accomplished more in 18 months than my predecessors did over the past decade. My reward was being lied to on an almost daily basis, and having my career path derailed. No benefits package can offset the damage that working at this place can do to your career.

BTW, one thing to know about that annual bonus is that the IT Department rolls up under the finance department, and that affects your bonus. Under my leadership the IT department met 100% of the goals for the fiscal year and would have received 100% of the available bonus, but the Finance department did not do as well on their goals, so the bonuses were cut down.