Creative, polished, self - motivated next generation technical architect and entrepreneur possessing over seventeen consecutive years of e-commerce, entertainment, financial, healthcare and presales industry experience.
Security Engineering: Over seventeen years of enterprise Cisco and Juniper security, ASA5500-X, PIX, FWSM, Palo Alto PA-5000-7000 NGFW, Juniper SSG/SRX, F5 BIGIP Viprion ADC, MAG SSL/VPN, v-SRX Firefly Perimeter, Net Screen 5000, ISG1000, Source Fire IDS/IPS, Checkpoint 61000 Chassis, Bluecoat Proxy SG, Netskope CASB, RSA, OKTA, PING, and Microsoft Secure-ID MFA. Palo Alto TRAPS, Symantec SEP/HIPS, McAfee EPO, MBAM Endpoint. Expertise in Tripwire, Splunk SIEM, Kali Linux, Meta Sploit, N-map, Wireshark, TCP Dump, Fire walk and many other forensics and offensive security toolsets.
Operating Systems: Over twenty years of Enterprise Linux, Microsoft WS, Cisco IOS, Jun-OS, Screen-OS, UNIX, SLES, VMWare ESXi 5-6.5, Citrix XEN, Red Hat, Solaris 5.6-5.12, OSX Server 10.7-11, Debian Linux. Proficient on Open BSD 2-4.5, FreeBSD9-11, Trusted Solaris, AIX/HPUX and OpenVMS.
Virtualization: Over twelve years on vSphere 4-6.5 in 2000+ VM clusters, Red hat Linux KVM, Citrix Xen App, Xen Desktop, QEMU, 3TERA AppLogic Private Cloud, ESXi4-6 in HA DRS EVC configuration, VCSA 5.5-6.5, Citrix Xen-Server, Solaris 11 Zones, Docker Containers, VMWare Fusion 5.0-7.0/OSX and extensive Microsoft Hyper-V.
Systems Engineering: Over ten years with Cisco UCS/Nexus 5108, B200/B230 M3/M4 Blades, Cisco C-series. FEX/FI 2208XP/6200 Fabric Interconnects. HP DL 360/380/560/580 , C7000 Chassis, Sun Enterprise Servers T5120/T5220/ T5420/T2000/T1000, M5000, 220R/280R/480R, Confidential / HP x86 Enterprise Servers HP DL360/380G7, Confidential 1955 Blade Servers, 1900/2900/6800 Series, Confidential R600/700/800 series systems.
Enterprise Storage: Over fifteen years of NetApp FAS 3250/6200/6240/8020/8040 (FC/NFS/iSCSI/DAT) Snap mirrors, flex clones. EMC Clarion CX/VNX/VNX2e, Power-Path/MPIO over Fiber-Channel, iSCSI/NFS/CIFS, Pure Storage PA and M Series, McData/Brocade DCX SAN Directors/Brocade Silkworm FC-Switches, Cisco MDS9222i, Nexus 5000 Unified Fabric Switching.
Enterprise Routing: Fifteen plus years with Cisco ASR, ISR, CRS, 7200 Series, Nexus 7010/5548UP/2K, Nexus 9K/ACI, CSR-V, Riverbed 6050/7050/Interceptors, Brocade MLX4e, Juniper M20-M120/MX/T Class, ASR9K, Protocols IP/VRF, BGP4/MBGP, E/IBGP, VPNv4, MPLS-TE / L2TPv3, OSPF, EIGRP, RIP2, VRRP/HSRP, HDLC, PPP, CGNAT, X.25, etc.
Enterprise Switching: Over fifteen years with Cisco 6500-9500 Catalyst series and Juniper EX Series, Nexus Datacenter 7K, 6K, 5K, 2K, Brocade MLX 8,8e Series. Server Iron ADX-450, F5 BIG-IP 3600 6900 Viprion LTM GTM, Cisco 3750, 2948G 3548XL, Foundry Big Iron 4000 Extreme Black Diamond (10808), Protocols LACP, VTP/802.1q, STP, MSTP, PVSTP, RSTP, MPLS, VPLS, QOS, VXLAN, Cisco ACI, VMWare NSX Distributed switch and controllers.
Open Source Applications: Apache 1.2-2.4, Tomcat5.5, JBoss, Cacti, Nagios/Net saint MRTG/PRTG, Custom plug-in development for Splunk, Nagios, Open-Filer, Beowulf Cluster, glister, MySQL-HA, DRBD, CF Engine, Puppet Enterprise, ISC BIND, Postfix, Send mail, q-Mail, Samba, CVS, Subversion, GIT, NFSv3/4, Sun JAVA Directory, OpenLDAP 2/3, Caudium, Zeus Webserver, Sun Java web server, mem-cache, s-tunnel/r-sync, Splunk SIEM Development. Docker containers, EC2, S3, RDS
Commercial Applications: AWS EC2 and S3, Netskope CASB, VMWare Air watch, Splunk Enterprise SIEM, VMWare vSphere 6.5, AWS Cloud Infrastructure, Citrix XenApp, Xen Desktop, Citrix VDI, MSSQL Database HA-Clusters. Oracle 11, 10g RAC OCFS, GFS, ASM, Orion Solar winds, MS Active Directory, Azure AD, Exchange 2003-2013, VERITAS VFS, VCS, VxVM, IBM Web sphere, Sun Cluster Server, Sybase ASE, Vormetric, TSM, Marimba, Sun Java Enterprise Suite, Mercury Site-Scope, App Dynamics, and many others.
Programming: Python2/Python3, API development, systems, database, network and cloud automation, enterprise configuration automation, web automation scripting, PowerShell, PHP, Python, Bash, KSH, TCL (F5 I-Rules), HTML5. Proficient in #bash, %PHP%, ruby, python, $Perl, some PL/SQL, light Java, C, C++.
Security Architect Consultant
- Responsible for the design and implementation of advanced malware prevention solutions delivering audit remediation for Confidential ISO compliance and improved security posture within current production datacenters, regional LAN/WAN MPLS environments and a multitude of web-application development environments.
- Spearheaded the design, implementation and policy development for the NetSkope CASB, DLP platform, Azure AD IDaaS, ADFS-SSO and IAM integration for Box, SharePoint, Slack, AWS and Office 365 platforms.
- Developed custom reference designs, specifications and created over fifty net-new Confidential policies to meet or exceed ISO audit requirements for datacenter based advanced malware protection and threat prevention.
- Mentored a team of five mid-level engineers on cloud platform fundamentals, python / puppet configuration automation, integrated security controls and native cloud application platform security design considerations.
Security Architect Consultant
- Responsible for leading the enterprise wide Palo Alto NGFW platform upgrade of over 30 sites to version 7.1. Sites included Major Datacenter Environments at Las Vegas Switch-NAP and regional Hub and Hospital sites.
- Designed anti-phishing and anti-malware strategy and solutions architecture; Partnered with vendors (Proof point, Palo Alto, McAfee) to create custom automated solutions for identifying potential phishing and hijack protection. Included real-time blocking/alerting of malicious e-mail (in-line URL and attachments) resulting in the prevention of over ten active Crypto Wall campaigns saving hundreds of thousands in recovery expenses.
- Designed and implemented secure VPC extending DevOps environments, Express-route connectivity and geo load-balancing which successfully extended development and staging environments securely into Azure, AWS.
- Responsible for driving collaboration initiatives within IT Confidential (governance risk compliance) to define and implement over fifty net-new cloud compliance standards and associated security policies. Developed security policy and frameworks for cloud dev environments, cloud DLP and associated on-prem environments.
- Improved the health system’s protected corporate and clinic patient information by delivering refined security architectures, posture improvements, data encryption policies for cloud and on premise PHI environments.
- Day to day responsibilities included associated project management, vendor relations management, proof of concept demo and engineering, infrastructure automation utilizing puppet enterprise and vRealize Operations.
- Provided consistent security design and operational oversight to various DevOps and NSS network teams.
FTE Senior Solution Architect
- Reported to the VP of the western region and 5+ Senior Account Executives.
- Provided critical and consistent presales architecture and engineering leadership.
- Executive client-facing technical sales engagements on many tier-one manufacturers including Cisco, NetApp, Pure Storage, Palo Alto Networks, F5 Networks, and EMC Storage.
- Sold over 2M+ Cisco Pure product within first year. Responsibilities included full sales-lifecycle support, complete BOM/SOW development and delivery, POCs, demos, white-boarding and closing business from a “technical win” standpoint.
Solution Architect Consultant
- Reported to the Director of Services and supported four senior and six junior Account Executives.
- Provided critical and consistent presales architecture and engineering services. Executive client-facing technical sales engagements on many tier-one manufacturers including Cisco, NetApp, Palo Alto Networks, Brocade, F5 Networks, VMWare, Red Hat and App Dynamics.
- Responsibilities included full sales-lifecycle support, complete BOM/SOW development, delivery, POC / demos, client white-boarding and closing business from a “technical win” standpoint. Closed multiple million dollar sales campaigns and 100K+ Advanced Services Engagements.
FTE Principal Infrastructure Engineer
- Led the SaaS Hosting organization of infrastructure systems architects and engineers on a team of 15, spearheaded multiple datacenter build-outs in support of a disruptive Software-as-a-Service business and developed next-generation IT Management SaaS solutions for national and international enterprises. Designed and deployed major private cloud initiatives globally with key vendors Rack Space and Op Source on both VMWare vCenter, Citrix / 3TERA AppLogic platforms. Primarily supported Confidential Clarity PPM, NimSoft ServicDesk.
- Tier-three development and engineering support of the global production infrastructure consisting of 2000+ VMware ESXi, Red hat Linux KVM Based VMs running full DRS-enabled EVC on Confidential, HP and NetApp FAS Storage. Primary platforms supported: WS and Red Hat RHEL 5/6 web/app/DB servers, MySQL and Oracle databases, as well as Windows 2003/2008 IIS web-app servers and Microsoft SQL Database clusters.
Professional Services Consultant
- The engagement involved providing pre/post-sales engineering architecture consulting expertise to major enterprise.
FTE Principal Network Architect
- Provided design, engineering, POC, development and documentation for the global production and corporate network, Unix/Linux systems, Citrix XenApp virtualized applications and Xen desktop environments. Provided design engineering and operational support for the entire production network and petabytes of NetApp/EMC SAN storage infrastructure for the production digital media vault and digital distribution infrastructure. Supported major datacenter network engineering overhaul and upgrades on WB. Com Online production infrastructure, which consisted of 1000+ Linux and Microsoft systems.
- Provided oversight of engineering project management, architecture design plans, and engineering management of the production infrastructure. Implemented BGP and MPLS with Tier-1 network providers including Savvis, Above Net, and Level-3. Implemented 10 Gigabit peering fabric and VPN/VPLS connectivity to the Burbank Studios via the downtown Los Angeles Core Site datacenters.