SUMMARY:

• Highly results - focused, with over 20 years of success in designing, implementing and supporting complex network infrastructures, and leading strategic initiatives in systems consolidation, redevelopment, upgrades, and migrations to cloud-based environments
• Adept in applying wide-ranging talents in computer technology and staff leadership to effectively manage holistic organizational change, mitigate risk, innovate solutions, and provide project deliverables on-time and within budget
• Innovative problem-solver who seizes opportunities, drives positive change, builds consensus, improves productivity and customer satisfaction, significantly reduces operating costs, and executes Information Technology initiatives that improve revenue and profit
• Rare mix of hands-on technical skills, business management, strategic leadership, financial expertise and sales and marketing talent

SKILLS:

• System Design/Infrastructure Architecting
• All versions of Windows to Server 2012R2/Windows 10
• Virtualization (VMware, Hyper - V, VDI)
• Exchange Server administration to 2013
• Active Directory (AD) & Group Policy Objects (GPO)
• Office 365 Implementation
• Network Routers, Switches, Firewalls, SANs
• Data Security/Disaster Recovery/Business Continuity
• Vendor Selection & Management/SLA's/QoS
• Cloud migration/utilization (Azure, AWS)
• Regulatory Compliance (PCI, SOX)
• Bring Your Own Device (BYOD)/SSO/DFA
• Service Management/ITIL
• Project Leading

TECHNICAL SKILLS:

Operating Systems: Windows Server 2012R2 / 2012 / 2008R2 / 2008 / 2003; Windows 10 / 8.1 / 8 / 7 / XP; OS-X; OS-X Server; Linux (RHEL, CentOS, Ubuntu, Mint, Fedora); OS400; Cisco IOS; Juniper JunOS

Virtualization: VMware vSphere ESXi Server 5.x, HA, DRS, vCenter Operations Manager, vCenter Site Recovery Manager, PowerCLI, Workstation, Fusion, View; Microsoft Hyper-V, VDI; Citrix XenServer 6 / 5

Web/Cloud Productivity: IaaS, PaaS, SaaS; Microsoft Azure; Amazon Web Services (AWS) EC2/S3; Social Media (Facebook, Twitter, Pinterest, Google+); Google Apps; Microsoft Office 365; Dropbox; Okta SSO; HTML, CSS, CMS (Joomla, Drupal, Moodle); IIS

IT Service Management Applications: Cherwell Service Manager (CSM) - based on the ITIL model, provides management of Incident, Problem, Change, Configuration, Release & Deployment, Knowledge, Service Level, Service Catalog, Service Portfolio, Request Fulfilment, Event Management, Assets and Reporting

Enterprise Architecture Frameworks: Familiar with Zachman, TOGAF and Gartner

Enterprise Applications: Microsoft Exchange Server 2013/2010/2007/2003 , OWA, SQL-Server 2008/2005, Azure SharePoint, Office SharePoint Server 2007; eCommerce (Magento, X-Cart, Volusion); ERP (Microsoft Dynamics, ECi M1, Odoo/OpenERP); CRM (Microsoft Dynamics

Routers/Switches/VoIP: Cisco 2911, 3550, 3750X, 4500, 6500, UCM, MCS-7828; Juniper J2350, EX4200; Dell PowerConnect 5524; HP ProCurve 8212, 2910; ShoreTel

Storage Area Network (SAN): EMC VNX; HP/Lefthand; Fujitsu; Dell/EqualLogic; Enhance UltraStor iSCSI

Networking: VLAN, VPN, DHCP, DNS, SNMP, SMTP, LDAP, SSH, RDP, Telnet, Terminal Server, Wi-Fi, TCP/IP, IPv4, IPv6

Network Management: Active Directory (AD), Group Policy Objects (GPO), Azure AD (AAD), AD Federation (ADFS), Powershell, BASH, sed, PERL, Puppet, Microsoft Server Management Suite (SMS) Enterprise 2012 / 2008 (SCCM/SCOM/SCVMM), Dell/Kace KBOX 1000 and 2000 series, HP IMC, SolarWinds, WhatsUp Gold, Paessler PRTG, Ganglia Performance Manager, Spiceworks, Microsoft Windows Deployment Services (WDS), WSUS, Cisco Wireless LAN Controller, Nagios, Splunk, Wireshark

Network Security/Data Protection: Firewalls (Cisco ASA, SonicWALL NSA); Secure Web Gateways (Cisco Ironport, M86 Security, BlueCoat, McAfee); Web Application Firewall/Intrusion Detection (Trustwave, Snort); End Point Security (Kaspersky, Bitdefender Symantec, SpamTitan); Data Archiving and Protection (EMC Data Domain, EMC Avamar, Microsoft Data Protection Manager, Dell AppAssure, Symantec Backup Exec, Symantec Enterprise Vault); Mobile Data Management (Mobile Iron, Blackberry Enterprise Server 5, Good for Enterprise); Penetration Testing (Kali Linux, Nmap, SQLMap, Metasploit, w3af, Nessus, Burpsuite, Cain & Abel, John the Ripper, BeEF, Dradis)

Desktop Applications: Microsoft Office to 2013 (Word, Excel, PowerPoint, Outlook, OneNote, Publisher, Project, Visio); Adobe Creative Suite (Acrobat, Dreamweaver, Illustrator, InDesign, Lightroom, Photoshop, Premiere); Apple iWork

Server Hardware: Towers and Blades in the following product lines - Dell PowerEdge, HP ProLiant, Cisco UCS, Apple Xserve

PROFESSIONAL EXPERIENCE:

Confidential, Woodland Hills, CA

Consultant Systems Architect

Responsibilities:

• Developing and implementing a high-level plan for reengineering the Enterprise’s IT infrastructure and business operations to allow for developing & delivering SaaS/Web Services applications to their client base, including: implementing a blended Zachman/TOGAF EA framework for re-architecting the Enterprise creating the strategic technology roadmap and prioritizing workloads building a PMO and DevOps facility using a Bimodal IT model transitioning from a Waterfall SDLC utilizing C++, Visual C++, HTML, CSS, and AJAX for legacy applications, to an AGILE development methodology utilizing Java, JavaScript, Python, SQL, RESTful Web Services and JSON creating high-level business cases, assessing risks, developing cost models and performing ROI analysis designing systems as “Build for Fail”, eliminating single points of failure and being resilient to the “Chaos Monkey” creating a Software
• Defined Data Center by deploying OpenStack on VMware ESXi 5.5 for hybrid cloud, running P2V on existing Windows 2008/2012 and Linux servers, and deploying Puppet and Powershell for system automation migrating functions to Azure IaaS and PaaS Cloud (Exchange, SharePoint, OneDrive, DevOps) deploying & configuring Office 365, Lync 2013, AAD, ADDS, ADFS, DirSync, SSO and DFA deploying Splunk Enterprise SIEM, Jira and Git code management, Jenkins build automation, RabbitMQ messaging, JBoss middleware, Apache web server, and Snort intrusion detection conducting an extensive data security and vulnerability assessment, including penetration testing, social engineering and ethical hacking, and applying the SANS Institute’s 20 Critical Controls for security management to harden the Enterprise constructing a Disaster Recovery/Business Continuity plan to meet RTO/RPO objectives
• Additional deliverables included: creating a methodology for evaluating, selecting and managing vendor relationships selecting 3rd-party Consultancies to assist in project implementations creating project charters as well as procedures for executing future parts of architecture standing up an ITIL-compliant Enterprise Service Management application leveraging Social Media for Talent Acquisition creating Run Books as needed and the Policies & Procedures Manual creating Business Process Templates manual
• Client details and some project specifics are covered in part by a Non-Disclosure Agreement and UK Official Secrets Act

Infrastructure Architect

Confidential, Amarillo, TX

Responsibilities:

• Reviewing Confidential ’s current infrastructure, then in close consultation with the CIO, PMO, DevOps and IT Support teams utilizing a Gartner-esque EA framework in designing, developing and documenting an infrastructure architecture that facilitated creating an outsourced service vendor environment to take over the IT operations of Confidential ’s 12 co-op member companies
• The primary project considerations were migrating existing site-based operations to the Cloud and creating new operational capabilities, including: creating a DevOps facility on Microsoft Azure supporting development utilizing .NET, Visual Studio, C#, SQL Server, ASP, IIS and SOAP XML Web Services for creating Line Of Business (LOB) applications deploying Leankit as the DevOps project management tool deploying Microsoft Project as the PMO project management tool deploying Office 365 for desktop productivity migrating on-prem Exchange 2010 to off-prem Exchange 2013 implementing Okta as a Single Sign-On (SSO) and Dual Factor Authentication (DFA) solution utilizing Azure SharePoint for redeveloping the corporate website, and providing centralized web-based document & workflow management deploying Lync 2013 for internal communications and BlueJeans for cloud-based corporate videoconferencing
• Non-cloud related projects included: conducting an extensive data security and vulnerability assessment, including penetration testing, social engineering and ethical hacking, and applying the SANS Institute’s 20 Critical Controls for security management to harden the Enterprise constructing a Disaster Recovery/Business Continuity plan to meet RTO/RPO objectives, and introducing the concept of the “Chaos Monkey” for continuous failover testing deploying VMware Site Recovery Manager for failover protection to a remote data facility, utilizing 2x100Mb leased fiber lines replacing EMC Avamar with EMC Data Domain for data backup and archiving designing the new architecture to support an ITIL-compliant Enterprise Service Management platform and ERP and HRIS applications (creating VLANs, enabling QoS and Jumbo frames, upgrading EMC VNX SAN to increase iops, etc) deploying SolarWinds Enterprise Network Monitoring & Management toolset entirely reengineering the AD Schema and GPO’s for proper management and enhanced security developing Powershell scripts to automate system management deploying a POC VMware View VDI solution implementing a comprehensive BYOD policy creating policy documents/Best Practices for planning for PCI and SOX compliance
• The MDF consists of Dell SonicWALL firewall, Cisco 2911 routers, HP ProCurve switches, Dell PowerEdge and HP ProLiant servers as hosts for VMware ESXi 5.5 with HA, DRS, and vCenter Operations Manager hosting Windows Server 2008R2 & 2012R2 VM’s managed by SCCM and SCOM, with a 2x10Gb fiber backbone to the IDF’s and HP ProCurve 802.11n WAP’s
• Creating support and maintenance documentation for implemented infrastructure technologies as well as procedures for executing future parts of architecture, then developing training material and performing knowledge transfer to Confidential personnel

IT Architect/Consultant

Confidential, Beverly Hills, CA/Las Vegas, NV

Responsibilities:

• Architecting and implementing a data center specifically to provide Mining as a Service (MaaS) for the cryptocurrency industry, involving sourcing custom-built hardware and software, selecting appropriate hosting facilities, negotiating ISP connections, managing the data center build-out and advising on marketing and brand management.
• Work covered by Non-Disclosure Agreement
• Providing consulting services to high net worth individuals on cryptocurrency investments including coin mining, currency trading and accepting cryptocurrencies for goods and services. Work covered by Non-Disclosure Agreement

IT Architect

Confidential, Oxnard, CA

Responsibilities:

• Providing thought leadership, developing and implementing innovative strategic IT initiatives employing leading edge technologies which increase efficiency of operation, reduce costs and drive revenue growth, such as eCommerce, ERP, CRM, Cloud Computing and system virtualization and automation
• Remediating the misconfiguration by a prior vendor of the company's entire infrastructure (router, switches, physical & virtual servers, physical & virtual storage, virtualization platform, GPO, AD, etc), resulting in a better than 25% increase in system up-time
• Re-architecting the IT infrastructure for better load balancing, fault tolerance, performance and continuous data protection, and readying for progressive transfer of system functions to the cloud (evaluated Amazon EC2/S3, Rackspace and Microsoft Azure)
• Utilizing SANS Institute Best Practices for Enterprise-wide security, including configuration of firewall, router, switches and web access, penetration testing, end point security, physical and data access controls, and training staff to defend against social engineering
• Developing policies & procedures manual based on industry best practices, constructing a Disaster Recovery/Business Continuity plan to meet RTO/RPO objectives, and creating the Disaster Recovery manual
• Reevaluating existing and negotiating new vendor relationships with a focus on cost reduction and quality improvement
• Designing an E-Commerce architecture which integrated with the existing ERP system (M1 from ECi), with a view to ultimately replacing M1 with an entirely cloud-based solution based on OpenERP
• Enhancing the company’s Social Media presence (Facebook, Google+, Twitter, Pinterest) in concert with the Director of Marketing
• Deploying/configuring Windows and Linux servers on VMware ESXi, including DNS, DHCP, patching, Active Directory, GPO’s
• Products managed include: VMware ESXi 4.1/5.1, Windows 7/8, Windows Server 2008R2/2012, Exchange 2007/2010/Outlook Web Access (OWA), SCCM, SCOM, Ubuntu Linux, Cisco 2911 router/3750X switches/R200 UCS servers/UCM VoIP, Microsoft Office 2010/2013, Dell AppAssure, NagiosXI, Spiceworks, Kaspersky Endpoint Protection, SpamTitan, Adobe Creative Suite, Enhance UltraStor SAN, Dropbox, Skype

Consultant Infrastructure Architect

Confidential, Culver City, CA

Responsibilities:

• Designing, building and configuring VMware vSphere ESXi 4.1 infrastructure that enabled this independent offshoot of an existing New York-based company to provide Enterprise-class web hosting services for their c1500 clients
• Installing, configuring and supporting eight physical servers hosting c40 virtual Windows 2008R2/2012 and CentOS, Fedora and Ubuntu Linux servers for production, development and test environments; implementing Ganglia Performance Manager, Exchange Server 2010; configuring and supporting Dell EqualLogic iSCSI SAN, PowerConnect switches and PowerEdge servers, Juniper J2350 router and EX4200 switches, then piloting migration of DevOps to AWS and deploying Puppet, Jenkins, Git, Apache, Tomcat and Snort, with development being in Java, JavaScript, Ruby, SQL and SOAP XML Web Services
• Engineering fault-tolerance, failover protection and redundancy to protect Confidential 's AGILE development environment
• Utilizing SANS Institute Best Practices for Enterprise-wide security
• Successfully transferring over 2TB of client data and resources from parent company Educational Technologies in New York to Confidential 's datacenter in Los Angeles without significant service interruption

Consultant - Technology/Business Development

Confidential, Toms River, NJ

Responsibilities:

• Increasing revenues 225% year-on-year by leveraging social networking; decreasing costs by 25% through changing webhosts
• Implementing hosted media server to enable collaborative workflow management
• Decreasing website project delivery time by an average of 40% by utilizing Dreamweaver templates
• Providing technical support for all applications
• Video editing in Adobe Premiere and Apple Final Cut, website development in Adobe Dreamweaver and publication design in Adobe Illustrator and InDesign for Confidential clients

SENIOR SYSTEMS ENGINEER

Confidential, Sherman Oaks, CA

Responsibilities:

• Leading a team of five IT staff in a NOC delivering technical services to over 1,000 end users
• Reevaluating existing and negotiating new vendor relationships with a focus on cost reduction and quality improvement
• Generating 800% ROI by deploying the following Dell/Kace technologies: managed helpdesk and trouble ticketing, remote desktop management, remote deployment of apps and patches, centralized management and remote deployment of desktop images, automatic system inventory management, and network performance management
• Utilizing SANS Institute Best Practices for Enterprise-wide security with a particular focus on managing the ramifications of BYOD, constructing a Disaster Recovery/Business Continuity plan to meet RTO/RPO objectives, and creating policy documents/Best Practices for PCI compliance
• Upgrading from VMWare ESX Server 3.5 to vSphere ESXi 4.0, hosting 40+ virtual Windows 2008 servers including multiple Domain Managers, File/Print, clustered Exchange Server 2007, SQL Server 2005, SCCM, SCOM, Symantec Backup Exec/Enterprise Vault, Blackbaud SIS, Raiser’s Edge, Financial Edge
• Deploying a new 25TB Fujitsu SAN to replace an obsolete 8TB HP/Lefthand SAN resulting in 30% reduction in maintenance & operation costs
• Deploying IP-video security monitoring, web-based emergency notification system, streaming video servers to deliver educational content to the desktop, and 3-D video projection in Science labs for augmented reality
• Increasing Wi-Fi capacity by factor of three and bandwidth by factor of eight by upgrading from 802.11g to Cisco Aironet 802.11n equipment, allowing for doubling the number of laptops available for use by students and faculty
• Completely redesigning the school's web presence, including increasing usability by reducing the average number of steps/clicks required to access a desired data point by over 50%, and adding social media functions
• Migrating from 4.5Mb SDSL T1 copper to 20Mb fibre optic internet service, then utilizing the enhanced bandwidth to implement data backup to AWS cloud for enhanced disaster recovery

SENIOR SYSTEMS ENGINEER

Confidential, San Francisco, CA

Responsibilities:

• Responsible for managing the delivery of technical services to over 300 end-users
• Developing and implementing a cohesive Technology Plan
• Reevaluating existing and negotiating new vendor relationships with a focus on cost reduction and quality improvement
• Reengineering the entire voice & data infrastructure, including increasing internet bandwidth by a factor of 10, reducing costs by 85% and reducing telecom costs by 75% by switching carriers and implementing VoIP PBX; increasing student access to laptops by 200%; and increasing internal network bandwidth by a factor of 10 by implementing Gigabit Ethernet and 802.11n WiFi
• Increasing server density 4-fold by utilizing Hyper-V; managing Windows Server 2003/2008 including AD, GPO, File & Print; administering Exchange Server 2003/2007; mass-deploying standard desktop images utilizing Microsoft WDS
• Managing the voice & data elements of moving the entire administrative staff into a new building, including designing wiring layouts and installing new Netgear ProSafe switchgear, without experiencing significant service interruption or downtime
• Innovating new Web-based products and lines of service to generate additional revenues by utilizing LAMP (Linux, Apache, MySQL, PHP), Drupal, X-Cart, Adobe Dreamweaver and Flash, JavaScript, HTML and CSS
• Reengineering the business processes and deploying Adobe InDesign, Photoshop and Acrobat on Mac OS-X, and Microsoft Small Business Server 2003 for file, print and email, resulting in significant increases in operational efficiency
• Managing and facilitating the operational success of a staff of 15 in a heterogeneous Mac, PC and Linux environment
• Providing technical support to over 200 end users and managing 45 staff across 3 offices and the US NOC, and indirectly managing project teams totaling hundreds of IT specialists placed at Fortune 2000 clients which required extensive travel, managing projects in person in Australia, South Africa, Europe and Canada
• Reducing IT costs by 26% and generating 320% ROI by replacing a legacy AS/400 system with Intel Xeon-based HP ProLiant server cluster running Windows Server 2000 / 2003, Exchange Server 2000/2003 and replacing Siebel CRM with Salesforce.com SaaS CRM

DIRECTOR - CLIENT ENGAGEMENTS

Confidential, Glendale, CA

Responsibilities:

• Securing projects with Global 2000 companies to deliver teams of IT specialists with rare or specialized skills sourced from outside the USA; developing global resource pipelines to enable solutions delivery; creating market awareness in cold territories for the company’s specialized practices focusing on ERP, EAI and BI/DW skills
• Creating and managing a “green field” start-up offshoot of an existing IT Staffing Consultancy; aggressively building market share throughout Europe in emerging technologies associated with the Microsoft product range; developing the complete operational and IT infrastructure, including order management, billing, integration, customer service, direct sales, and pre/post sales support