SUMMARY

• Cloud Security Architect with 18+ years of Linux/Windows and Security Solution Design Experience
• Engaged in Cyber Security, Architecture, and Engineering - focused on Service Design and Delivery
• Experience managing people, teams, products, and large projects
• Experience working in regulated environments: Title 21 CFR Part 11, GMP, SB-1386, HIPAA, PCI-DSS
• Experience working with compliance frameworks NIST SP 800-53, NIST Cyber Security Framework

TECHNICAL SKILLS

• Red Hat Enterprise Linux, CentOS, Fedora, Debian, Ubuntu,
• OS X, Windows 2003/2008R2/2012R2, ESXi
• CyberArk Product Suite: EPV, CPM, PSM, Privilege Threat Analytics Tenable Security Center: Nessus, Log Correlation Engine,
• Passive Vulnerability Scanner, BMC Discovery, CSAM VMWare vCloud, Amazon EC2, Google Cloud Platform VMWare, vSphere, ESXi, vROPS, RHEV, KVM, Xen,
• HP OneView, openDCIM, vSphere High Availability (HA),
• Active Directory, OpenLDAP/DNS/Kerberos, Open Directory Kickstart, Puppet, Ansible, Cobbler, Satellite, Vagrant, Docker,
• BMC BladeLogic Server Automation (BSA)
• Nagios, Cacti, Zabbix, SNMP
• Apache, Nginx, php, php-fpm, Ruby on Rails
• MariaDB, MySQL, PostgreSQL, Informix
• Ruby, Python, PHP, Perl, SQL, Bash, Fish, zsh, LTeX, C++, rpmbuild Hewlett Packard, Dell, MacBook Pro Veritas NetBackup, tar|gz

PROFESSIONAL EXPERIENCE

Lead Cloud Security Architect

Confidential, San Antonio, TX

Responsibilities:

• Primary technical lead Security for Architecture team focused on Security Service Design and Service Deliv­ery through technical leadership and project management on major project initiatives
• Lead Service Design / Service Delivery Project efforts for Cyber Security Tools such as CyberArk product suite (Enterprise Password Vault, Central Password Manager, Privilege Session Manager, and Privilege Threat Analytics), Tenable / Nessus Security Center, BMC Discovery and BladeLogic Server Automation
• Manage, plan large projects for full project life cycle, establish plans of action and milestones (POA&M), keep deadlines to support and maintain the transition from the current architectural state forward
• Contribute to formalization of architectural framework standards for cloud hosting environment IaaS, PaaS, and SaaS through the release of new products and enterprise applications
• Evaluate, select, design, test, and implement new system architectures and present research results, product updates, and security issues, train operations staff
• Manage Product Hardware and OS stack for specific applications, participate in the design, alpha and beta testing, and implementation of new system architectures
• Manage implementation and upgrade projects; conduct research, define plans of action, test, document, identify subsequent issues, conduct root cause analysis, troubleshoot issues in pre-production environments
• Analyze security posture, work with Cyber Security and Applications teams to conduct preliminary investi­gation, and establish security baseline, risk mitigation, and risk management strategies
• Design Secure Red Hat Linux (5, 6, and 7) baselines templates for consumption on the VMware vCloud cloud platform for IaaS, PaaS, SaaS environments

Senior Systems Administrator

Responsibilities:

• Managed a team of 8 by providing leadership through coaching, decision making, delegation and project planning, team motivation and conflict resolution
• Maintained and managed Linux, OS X, and Windows servers for test, development, and production
• Implemented transformation across data center infrastructure through appropriate execution of IT migra­tion from physical hardware to a virtualized environment
• Aligned systems hosting strategies with client mission requirements through construction of Linux infras­tructure systems: DNS/LDAP/DHCP web and database servers
• Deployed and maintained servers configurations with Puppet and Kickstart
• Measured and monitored servers with SNMP, Nagios, RRDTool, and Cacti
• Deployed servers (rack & stack, cabling, imaging, and VM deployment)
• Managed projects and developed and deployed custom web application for clients
• Configured, deployed, and maintained ESX for development, test, and production environments
• Supported HPC infrastructure (48 blades) job scheduling software, and parallel file system
• Developed and deployed multiple E-commerce sites and Search Engine Marketing campaigns
• Proactively managed Firewalls and network security, applied patches, and maintained backups
• Conducted technical research and analysis for product features and technical requirements
• Wrote technical documentation and functional specifications for product development
• Wrote product installation guides, quick start guides, documentation, and manuals for software
• Provided Tier 3 support and training for telemedicine video and DICOM medical imaging servers
• Supported hardware, software, and networks for internal and external businesses and residences

Systems Administrator

Confidential, San Diego CA

Responsibilities:

• Supported hardware, software, and networks for businesses and residential clients
• Deployed and supported various web applications in PHP 5, Ruby on Rails, and MySQL
• Administered email, web, and database servers
• Supported Win 2003, OS X Server, and Linux Clients and Servers in business environments
• Supported Active Directory and Open Directory environments

Computer Resource Specialist

Confidential, San Diego, CA

Responsibilities:

• Administrated Active Directory Organizational Unit Windows 2003 and Red Hat Linux servers
• Supported Win 2003, OS X Server, and Linux clients and servers in business environments
• Supported and oversaw multi-site research project involving live video and medical imaging
• Deployed and maintained video communication software on servers and clients
• Created and deployed security policies and design modifications
• Developed Perl application to process DICOM medical images
• Coded, tested, debugged, and documented complex medical imaging system in VMware virtual lab.
• Planned supported research center computers to ensure functionality and fiscal prudence
• Planned, deployed, and managed research center web applications on Linux servers
• Maintained security compliance with SB 1386, HIPAA, and facilitated JCAHO accreditation

Network Security Specialist

Confidential, CA

Responsibilities:

• Supported the IT operations for the Armed Forces Radio and Television Service at the DoD Media Center
• Facilitated network migration from MILNET to NIPRNet for 500 nodes
• Lead Training and Deployment for DoD PKI and Common Access Card readers
• Managed backups and maintained 80 servers (Windows, UNIX, Linux, OS X servers)
• Assisted with system upgrades and patches on servers and workstations
• Analyzed and resolved computer and data storage problems
• Removed spyware and Viruses from government computers to ensure optimal performance
• Wrote and updated scripts, training manuals, and documentation as needed