SUMMARY

• Seasoned IT Security Leader with 15+ years of industry experience in all facets of infrastructure technology. I am trained in; Cloud, Network, Data and Web Application Security, Pivotal Cloud Foundry, Kubernetes, Akamai, Docker, Windows, Active Directory, Linux, Solaris, AIX, P series, Z OS, Systems Security, Exchange Server, NetApp, Hitachi, EMC, PURE Storage, VMware ESX(i), NSX, Hyper - V, Xen, CloudStack, OpenStack and other Cloud Solutions. I have 15 years of enterprise level engineering, product development, architecture, and large scale datacenter experience. This vast array of consulting projects has been a profound synergistic influence on my technical career.
• I have 15 years of enterprise level Software and Infrastructure engineering, product development, architecture, and large scale datacenter experience. This vast array of consulting projects has been a profound synergistic influence on my technical career. In addition to my technical background, I am highly customer focused with over 15 years of highly visible customer facing projects. Having interfaced with every level of technical and executive management, I am extremely comfortable discussing high level strategy and implementations, in laymen’s terms when necessary. The ability to show the "value add" of products at a technical, financial and holistic level allows me influence direction.
• Implemented a Secure Delivery Pipeline for Container based Software Delivery.
• Implemented a SDL for Gated, Secure and Resilient Release.
• Designed, Deployed and Managed Private Cloud (IAAS and PAAS), Web Service for Pure Storage.
• Designed and Implemented Global Enterprise PAAS, IAAS, SAAS, and SOA Solution for Johnson Controls
• Designed and Implemented Security Solutions for Google. (NDA)
• Designed and Implemented AV Security for Google. (NDA)
• Multi-Forest AD / Email Consolidation for NYSE, Archipelago Holdings (ArcEx) & Pacific Stock Exchange.
• IBM ITCS 104 Security Transition, Implementation and Documentation.
• Customer Agreements, SLA & OLA Review and Refinement.
• Liaison between developers and secured environments, allowing continued effective work process to occur in a secure environment.
• Created Design, Best Practice documents readable by technical and non-technical staff.
• Provided Technical Integration, Migration, Capacity and Performance Planning Strategy for large scale projects.

PROFESSIONAL EXPERIENCE

Confidential, San Francisco, CA

MTS Security Architect

Responsibilities:

• Site Reliability, Architectural Governance, Risk and Compliance Alignment of all new Feature Development Projects.
• Site Security, Application Security, Site reliability, Site, Network, and Infrastructure Architecture.
• Product Technical Intake: LOE, Sizing, Design Review, Artifact Validation, Scoping.
• Project Release Security Validation and hand off to SRE team.
• Security Council Member and Liaison.
• InfoSec Team Champion and Liaison.
• GDPR Team Champion.
• Data Discovery Champion.
• Application Security.
• Vendor and Data Security Reviews
• Mobile Application Architecture Changes.
• Marketing Ops Liaison

Cloud Architect Demo Lab

Confidential, Mountain View, CA

Responsibilities:

• Single handedly built from Scratch a Secured Public Facing Private Cloud to host a WebService on UCS, Nexus, PAN, Juniper, VMware, F5 LTM, and Quali CloudShell Stack. (demolab.purestorage.com)
• Designed, Deployed, and Maintained the PureTech DemoLab Cloud “DemoLab.purestorage.com” a web service for demoing high performance solutions on Pure Storage. Including. Also used for Training Delivery, ISV Lab and Customer Virtual POC’s.
• Architected, and maintained CSG LAB, Customer Solutions Group Solutions Lab.
• Architected Automation Workflow for Systems and Applications Deployment of on demand infrastructure.
• Managed developer code review, delivery, and contributed to rollout to production cloud.
• Designed enhancements and new feature development for cloud automation portal and training modules.
• Created Bulk UPN based User Creation Script in PowerShell.
• Linux Systems Deployment Administration
• Significant Deployment Automation WorkFlow Design.
• Deployed User Self Service Registration and Password Reset Tool.
• Designed and Deployed Mulit Vendor N-Tier Architecture
• Designed Deployed and Managed:
• Highly Available Active Directory supporting 1000’s of users
• Resilient High Performance VMware Hypervisor Clusters, FC and ISCSI
• Palo Alto FW;s for Micro Segmentation and VPN Clients Access of 1000’s of concurrent users.
• F5 LTM / GTM Load Balancer Clusters for Layer 7, Layer 3 LB and URL/ URI Parsing.
• Split Horizon DNS Design, Internal and External DNS with MS DNS and 3Rd Party. (AWS Route53 in process. )
• Internal and External Monitoring Solution with Nagios, AccelOps and multiple Third-party Solutions for Low Cost SMS and Email Based Alerting.
• Automated Workflow and Provisioning Service
• Container Based Isolated Application Environments
• RDP / SSH to HTML Proxy
• Critical Services, DNS, DHCP, PXE.
• Arista, Cisco, Juniper, PAN, Networking Equipment and Config.
• Automated Backups for Network Switches.

Technologies Used: VMware; vSphere 5.5, vCenter 6.0, vCSA 5.5&6.0, Cisco UCS, Cisco Nexus 5K, Cisco ACE, Palo Alto Networks FW, Pure Storage, Windows 2K12, Arista, Cisco MDS. Quali Systems, ELK, Docker.

Cloud and Storage Services SDDC Architect

Confidential, San Francisco, CA

Principal Duties and Responsibilities:

• SDDC - Software Defined Datacenter POC and Vendor Selection of Next Gen SDN Vendors micro-segmentation Solutions: NSX, Midokura, Open V-switch, ACI, etc.
• SDS Software Defined Storage POC and Vendor Selection of Next Gen All Flash Storage Technology.
• Delivered VMware vDS Design for vSwitch Migration and ISCSI Storage Adoption.
• Delivered SDDC Design, Deployment and Strategic Principles
• Delivered SDN Guiding Principles
• Delivered Storage Domain Guiding Principles
• Solutions Design for Holistic Storage Solutions and DC Remediation.
• Evangelized new technology trends and directions with data from Gartner Network.
• Delivered North / South Bound API Requirements, Principles and vendor evaluation Checklist
• Developed enterprise architectures and end-to-end business solutions in the areas of Monitoring, Network, Telecom, Security, Storage, Data Center, Virtual and Physical Computing Resources, Enterprise Identity Systems, Mobile & Desktop Endpoint Computing, Messaging & Collaboration and Windows / *nix platforms. unified and complimented IT core services in order to provide engineering end users with a high level of service and value; simplicity, scalability and cost effectiveness.
• Developed and implement the strategy for aligning data center services and processes with business goals, regulatory requirements, technology roadmaps, and industry best practices for all central IT controlled environments.
• Managed business relationships with key stakeholders (product, business and IT), understanding their business problems, business risk appetite and guide them on IT strategy and direction.
• Performed infrastructure security system research, planning and design.
• Develop engineered solutions including design(s), specifications, documents, diagrams and configurations applicable to data center services.
• Provide expertise, input and troubleshooting support as the most senior level of technical escalation for IT infrastructure engineering.
• Reverse Engineered Login VSI Install Scripts to enable Manual Install, (GPO, User and Scurity Groups in SOX Controlled PROD AD Infrastructure)
• Virtualization: Guided the Engineering teams in developing virtualization services including, but not limited to, VSI,VDI, Private Cloud capabilities and virtualized data management services.
• Standards: Established, fully document and evangelize domain standards, best practices and architecture patterns.
• Reference Architecture: Developed service reference architectures and artifacts which ensure and enforce architectural consistency across solutions implementation.
• Leadership: Evangelized services throughout the business. Revised the data center services strategy based on emerging trends.
• Designed, Coded (Ruby, TMOS CLI) Deployed F5 LTM Load Balancer Automation for Micro Services Deployment and Operation.
• Leveraged Existing AMQ Service and Puppet Infrastructure to Automation Provisioning.
• Conducted Design Reviews for net services, sequence diagrams for new features and functions of cloud platform and applications.
• Created Cabinet Design for at Scale Datacenter Build Out, 10 - 100 Racks per DC for 10 DC Deployment.
• Designed Rack Design to Accommodate Services such as Hadoop, Mult-iMaster DB Replication, Mobile Clients over XMPP, and Enterprise accounts
• Coordinated with HP Manufacturing to build and deploy racks to Global
• Implemented SAML Based Authentication with Layer 7.
• Acted as Tier 3 Support for DevOps Team.
• POD Architecture redesign.
• Services Architecture Evaluations.
• Designed 2nd generation Private Cloud Infrastructure to server 35 million SAAS customers via mobile and Web Services for PALM / WebOs.
• Designed Modular ”Plug and Play” Cabinet / Rack Design for 10 Datacenters globally for Rapid Drop Ship Deployment.
• Design and implementation of webOS Cloud Infrastructure and Services (IaaS, PaaS, and SaaS)
• Conducted Design Review of Sequence Diagrams New Services and Pod Deployments.
• Developed high-quality, production ready code that can be used by millions of users of our cloud platform.
• Resolved complex technical issues and drive innovation through our products.
• Lead by example and build consensus across technology and products.
• Architected highly trafficked and highly scalable web applications.
• Designed Systems, Puppet, Networking, Virtualization at Cloud Scale.
• Designed complex ecommerce applications
• Built highly scalable SOA systems.
• DevOps Tier 3 Support Rotation.

Lead IT Infrastructure Architect - IT Lead

Responsibilities:

• Designed a Bleeding Edge SOA Solution for: On Premises, Public Cloud, Private Cloud and Hybrid Cloud, leveraging these technologies. (PAAS, IAAS, SAAS, Azure, and Rack Space Hosted Infrastructure) EMC, Cisco, VMware, TFS Lab Manager, TFS 2010, Hyper-V, Win7, ASP.NET, Forefront Identity Management, FIM, Forefront Security Manager, Forefront threat Management, Active Directory, SAML, Claims Based Security, Federated Security, MS SQL Server 2008 R2, SSIS, SSRS, SSAS, Windows 2008 R2, SharePoint, NLB, F5, DNS, SSL, PKI, SCVMM, SCOM, SCCM.
• Designed and Deployed Web Services Scale Secured Infrastructure for N-Tier Application Stack and to Support Hybrid Cloud Capability. Utilizing Azure Service Bus, VMware,
• Conduct Code Reviews, WorkFlow Analysis, Strategy Sessions, and Business Analysis for Executive Staff.
• Lead 5 teams of Engineers as Lead Infrastructure Architect, focusing on Customer Acceptance and Customer Requirements Champion.
• Built and Maintained, Isolated Private Cloud Infrastructure for DevOps Team and Internal Dev Build,Test and QA Teams, aligning with core Software Design Methods, TDD, CI and CD Pattern and Practices.
• The Project is Under NDA: Project is a Global Building Management System for Governments, Health Care, K-12 Education, Colleges, Manufacturing and Corporations of all Sizes, there’s more than meets the eye.

IT Infrastructure Architect, Product Development

Responsibilities:

• This position is complicated due to its dynamic nature. In this role I wear many hats; One in Datacenter Management: Maintaining systems uptime, technical (re)-architecture to (re)-create customer scenarios, or to maintain IBM security compliance. Another hat I wear is that of Level 3 Support for our Product Test and Support, which entails working to test and recreate customer issues, finding bugs and or defects, identifying the Confidential in the product source code. The other hat is that of an Application Architect in which I maintain, implement and test applications for compatibility, development and support. The other hat is that of a Network Engineer, in which I Install, configure, maintain and troubleshoot network devices and issues. Another is that of an IT Architect whereby I am responsible for inter systems communications, ongoing utilization and consolidation efforts. Virtualization Cloud Management, Storage Administration, Best Practices and Documentation. In addition I am consulted as an advisor for many other IT projects within IBM.
• TADDM is a CMDB used to discover and collect every device in a corporate infrastructure: Desktops, Printers, Servers, Applications, Network Devices, Virtual Machines, Storage, SAN, etc, and the configurations of such devices and applications. It collects the data and tracks changes over time. This is done for ITIL Compliance and Change Management Auditing, and or for use with Disaster Recovery, Federation, Security, Consolidation, and Utilization.
• For such a product to be tested we must have a lab configured to replicate every possible Corporate Configuration, this is what I was responsible for. My Infrastructure consists of but not limited to the Following:
• Network Gear Supported: Cisco, Juniper, HP, Nokia, Pix, Catalyst, Nortel, NetApp, Extreme, Lantronix, F5 - BigIP, Alteon, Ace, Virtual Switches., Firewalls: PIX, Firewall One, Checkpoint,
• Services: DNS, LDAP, AD, Storage, File Servers, KMS, Proxy, Activation, Licensing, Security.
• Applications: IBM Tivoli TADDM (Tivoli Application Dependency and Discovery Manager), CMDB (Configuration Management Database). ITM (IBM Tivoli Monitoring) BEA - Weblogic 6.x -> 10.x, IBM - Websphere AS 5.x -> 7.x, Jboss, Oracle 10g DB, AS, DB2 8.x - 9.x, Postgres, CiscoWorks 4.x –> 2000, Apache, IIS, Iplanet, VMware ESX 3.0 -> 4.0, VMware Virtual Server 1.x - 3.x, Exchange Server 2003, 2007, Active Directory, LDAP, DNS, DDNS, AD iDNS, TPM, Virtual Center, Backup Exec., Director, HMC, Galapagos, Scope.
• OS: Linux(RHES 3 – 5), AIX, HPUX, OpenVMS, Solaris, Windows NT, 2K, 2K3, 2k8 Datacenter, Vista, Longhorn, Server 2008, VMware ESXv3 -> v4, MS Virtual Server, Mac Xstar, AIX, P series, System P, HMC, KVM, Xen,
• Architect and Design of Lab Migration to IBM Network Project (Full Assimilation)
• L3 Support for IBM Tivoli TADDM (Tivoli Application Dependency and Discovery Manager) – CMDB (Configuration Management Database)
• Test and Development Support for IBM Tivoli TADDM – CMDB
• Systems Administration for 100+ Physical Devices and 80+ Virtual Hosts
• VMware ESX Server Architecture and Administration.
• Active Directory Multi-Forest Consolidation and Domain Migration to Single Domain.
• Multi-Site Geographically Dispersed Active Directory and Exchange Migration.
• Exchange Server Mail Consolidations, Replication and Applications Support.

Consultant, Mountain View CA

Technical Project Management

Responsibilities:

• Internet Acceleration Server (ISA) 2004 Server Global Enterprise Deployment Project
• Identity Management Product Review - MIIS, Identity Minder, Sun One, Oracle Oblix
• Symantec Antivirus 10 Server/Client Global Enterprise Migration Project
• Exchange Server 2003 RPC over HTTP and OWA Deployment.
• Foundation IP Implementation Project.
• Executive Collaboration
• Executive Support Team Escalation Point for Antivirus and ISA Server External Mail flow.
• Application and Systems Support for Hyperion, Extensity, Mercury IT Governance, IIS, and Apache.
• Messaging Systems Support for Exchange Server 2003.
• Database Support for Lotus Notes, Extensity and Hyperion
• Windows Infrastructure Support, Windows 2003, Windows 2000, Windows NT 4.0
• Strategic Assessment and Remediation via working sessions with customers and client.
• Dynamic interaction with customers, clients, executives and technical teams
• 500 + System Move to I-structure, AT&T Data Centers, AZ
• Created, implemented Citrix Printing Solution for PeopleSoft integration
• Utilized knowledge and experience to Integrated imaging solutions to facilitate seamless migration of a Single Datacenter Model to Multiple Datacenter Model.
• Documented Cost Cutting Solutions for future use.
• Technical Collaborations Escalation Point for Non-Technical & Technical Management
• Documented process implementations and improvements based on previous experience.

Confidential

Microsoft Solutions Architect

Responsibilities:

• Supported IBM Software Group SDC West & IBM Research ITG Integrated Technology Delivery.
• Provided interactive customer design, review, proposals and hands on support for lab and production datacenter environments.
• Server consolidation and Virtualization with VMware
• Architected and Implementing Windows 2003 Active Directory Migration Prototype with both AD integrated DDNS and Centralized Unix DNS for 2000+ user site.
• Created Project Plan and Test Plan for AD infrastructure Migration Project for 2000 + user site.
• VMware GSX Server Administration and Consolidation Proof of Concept.
• Writing Security Scripts for Hardening Requirements to adhere to IBM Security Protocol.
• Deployment Automation of Lab and Production Servers
• Support and Optimization of Windows 2003 Server on 64-bit Itanium platform, AKA wintel I64.
• ITCS Security Automation, Hardening, Monitoring, compliance on mixed platform in an enterprise model.
• Executive Development Support for QA and Build environments.
• Supported multi-domain enterprise model: Windows, NT 4.0, 2000, 2003, 2005 beta, XP, Linux ES
• Application Support: Visual Studio .NET, Rational Clearcase,Exceed, VNC, MKS, SAV,TSM
• Terminal Server Implementation and Support.
• Hardware Support: SAN, DASD, SCSI, Itanium 64, Intel, Compaq, Dell, IBM.
• IBM ITCS 104,204,304,314 Security Hardening, Transition, Implementation and Documentation
• Executive Collaborations Escalation Point for Non-Technical & Technical Management
• Storage Infrastructure Migration of 30 terabytes of storage to 4 petabytes of storage for Project Web Fountain: ( The 70th largest cluster in the world, and IBM’s flagship data-mining service offering.
• 25 IBM Blade Chassis Deployments (350 Blades) and Configurations using IBM Director.
• Image deployment of Linux Red hat
• Cluster Management with CMS, Cricket, MRTG, System Imager