SUMMARY:

Infrastructure security and automation champion. Strong communication and organizational skills with experience leading and mentoring successful teams. Interested in building secure and reliable infrastructure on - premise or in the cloud.

CORE COMPETENCIES:

• Amazon Web Services (EC2, IAM, RDS, S3, VPC)
• Google Cloud Platform (Compute Engine, IAM, Networking, Storage)
• Microsoft Azure (Networking, Storage, Virtual Machines)
• Configuration Management (Ansible, Puppet, SaltStack)
• Containers (Docker, Kubernetes, LXC, systemd-nspawn)
• Integration and Deployment Pipelines (Gitlab, Jenkins)
• Monitoring (Grafana, Graylog, Nagios, PRTG, Prometheus, Sensu) Networking
• BGP, OSPF
• IPv6
• Link Aggregation (LACP, MLAG, vPC)
• Load Balancing/Global Server Load Balancing
• Virtual Networking (vDS, NSX, VXLAN)
• VRF/IP VPNs
• Bash
• Golang
• Python
• Databases and Keystores (Cassandra, MariaDB/MySQL, PostgreSQL, Redis)
• Linux (Arch, CoreOS, Debian/Ubuntu, Red Hat/CentOS)
• Web Servers and Proxies (Apache, NGINX, HAProxy, Varnish)

PROFESSIONAL EXPERIENCE:

Confidential, Los Angeles, CA

Senior Engineer

Responsibilities:

• Designed, planned and implemented Kubernetes Platform as a Service (PaaS) solutions for key business applications and services.
• Created container-based deployment pipelines.
• Worked with developers and business units to containerize workloads and migrate them into Amazon Web Services.
• Created developer and infrastructure tooling in containers, allowing consistent versions of programming environments and deployment utilities.
• Created Kubernetes-based ingress solution to handle large amounts of SSL/TLS terminations using HAProxy.

Confidential, Carpinteria, CA

Manager , IT Operations

Responsibilities:

• Remotely managed infrastructure team and directed infrastructure development.
• Designed infrastructure solutions for development problems.
• Using Infrastructure as a Code, built cloud-neutral architectures for running, managing and maintaining a Software as a Service (SaaS) product to run anywhere, on anything.
• Implemented extensive deployment pipeline for Continuous Integration/Continuous Delivery.
• Performed cloud usage tracking and billing review.
• Created an autoscaling, auto-healing multi-region architecture for SaaS product to grow, shrink and recover automatically including datastore and application layers.
• Using custom tooling and configuration management, created a way to deliver identical servers and containers for production and development use.
• Created a process for testing and integrating infrastructure code changes using LXC and Jenkins.
• Worked with SOC2 auditors to design and implement security controls for a cloud-hosted SaaS product.
• Developed operational code within SaaS product, including authentication, performance monitoring and testing.

Confidential, Stevens Point, WI

Infrastructure Architect

Responsibilities:

• Designed, planned and implemented service configurations and architectures within a national insurance enterprise.
• Focused on multi-site redundancy for every service delivered.
• Developed tools to ensure continuous integration and availability.
• Managed projects and tasks for infrastructure team.
• Provided visibility into infrastructure projects with capacity reporting and service delivery roadmaps.
• Automated deployments using Salt.
• Built custom call routing application to integrate support numbers and PagerDuty schedules.
• Started and lead DevOps workgroup, focusing on improving automation, deployment, monitoring and testing for application deliveries.
• Architected and lead migration of workloads to a new PCI environment with limited budget and time constraints.
• Created SaltStack deployment framework to facilitate deployment of different code and Apache/Nginx virtual host configurations across different environments and security zones.

Confidential, Burlington, MA

Lead Principal Network Design Engineer

Responsibilities:

• Designed and implemented network configurations and architectures within a global enterprise to satisfy customer, compliance and business requirements.
• Coordinated implementations with multiple business units and teams across the world.
• Remotely lead global team of network engineers.
• Moved project tracker to Agile Kanban boards to provide increased visibility and accountability.
• Key contributor on cloud delivery team, used private and public clouds to deliver the most cost-effective deployment option.
• Part of OpenStack workgroup that planned and designed future OpenStack solutions.
• Mentored network engineers, ensured coverage for projects and managed workforce planning.

Confidential, Stevens Point, WI

Network Engineer

Responsibilities:

• Administered network, virtual and storage infrastructure for medium-sized business and enterprise hosting facility.
• Managed multi-organization WAN and telecommunications network with multiple PRI and SIP trunks for large, multi-state call center.
• Worked under HIPAA and pCi compliance standards.
• Designed and implemented core infrastructure upgrades with Cisco Nexus, Arista, VMware vSphere and iSCSI SANs.
• Managed large Linux server farm using puppet scripts to automate and script release deployments. Worked with developers to automate server and release builds on CentOS 6 and 7 using Foreman, Jenkins and Puppet.
• Instrumental in implementing web-based wikis and configuration management systems.
• Designed WAN network to provide near-instantaneous VPN failover using Cisco's DMVPN. Setup WAN encryption using Cisco GETVPN.
• Deployed ARIN-issued IPv6 block across organization with external access to IPv6 enabled websites.
• Moved from legacy PRIs to SIP trunk solution which provided flexible number routing and significant cost savings.

Confidential, La Crosse, WI

WAN/LAN Administrator / Technical Analyst

Responsibilities:

• Designed and implemented enterprise solutions for a highly diverse network environment.
• Created highly available networks, providing layers of redundancy while keeping overall costs low.
• Managed network security to conform to PCI compliance standards.
• Setup Cisco Access Control System identity management for use with VPN, Network Access Control (NAC), and device management.
• Configured dual Cisco Nexus 7010s for vPC peering, dynamic routing, and QoS.
• Planned and implemented a private IPv4 address block from ARIN using dual ISPs and BGP failover.
• Migrated a large scale (400+) node WAN from frame relay to BGP MPLS, and implemented OSPF internally.
• Deployed Microsoft clustered web, SQL, file, DHCP and print servers.