SUMMARY:

• IT professional with over 20 years of experience and skills in all aspects of information technology including security, systems, network, databases, and development. Skilled in front - end and back-end operations with a focus on reliability, efficiency, integration, and automation.
• Extensive background in implementing and maintaining on-premise and cloud-based solutions. Excellent track record of completing mission-critical projects on schedule and supplying solutions for both infrastructure and operations.
• Intuitive analytical ability to quickly attain solutions to network, system, and application-level issues. Proficient at project management including analysis, design, development, implementation, documentation, and testing. Strong self-starter with the ability to complete tasks within a team or solo.
• Regulatory Audits PCI-DSS, FISMA, NIST, IRS 1075, SOC2, SSAE16/18, HIPAA
• Vulnerability and Compliance Scans QualysGuard, Nessus, Tenable.io
• Penetration and Segmentation Testing
• Intrusion Detection/Prevention Cisco FirePower, IBM SiteProtector, ThreatStack
• Single Sign-on SAML, ADFS, RADIUS, OneLogin, Okta, Keycloak, AzureAD
• Multifactor Authentication RSA Authentication Manager, privacyIDEA, HID ActivID CMS
• Security Information and Event Monitoring (SIEM) QRadar, Splunk, ELK
• File Integrity Monitoring TripWire Enterprise, Cimtrak
• Anti-Virus/Anti-Malware McAfee ePO/ENS, ESET Security, Bitdefender GravityZone
• Endpoint Detection and Response (EDR) VMware CarbonBlack, SentinelOne, CrowdStrike
• System Monitoring SolarWinds Orion, Nagios, NewRelic
• Encryption Thales Vormetric, McAfee WDE/FRP, BitLocker, FileVault, Symantec File Share Encryption
• Access Provisioning ActiveDirectory, PeopleSoft, Authorization Manager
• Password Vaults KeePass, Thycotic Secret Server, Passwordstate, Bitwarden
• Mobile Device Management MobileIron, Citrix XenMobile, VMware AirWatch, Microsoft Intune
• Cloud Security Posture Management (CSPM) Prisma Cloud, Tenable.cs, Falcon Horizon

TECHNICAL SKILLS:

Networking: Firewalls Cisco ASA/FTD, pfSense, SonicWall, iptables, VMware NSX Routers Cisco ASR/ISR, AdTran, MikroTik, Ubiquiti Switches Cisco Catalyst/Nexus, HP ProCurve VPN Cisco AnyConnect, PulseSecure, OpenVPN, Wireguard Wireless Cisco Aironet/Meraki, Ubiquiti UniFi, Arista/Mojo Enterprise Networking VLAN/VXLAN, QoS, Routing, HSRP, MPLS, DMVPN Proxies Cisco WSA, BlueCoat, McAfee Web Gateway, Cisco Umbrella Load Balancers PulseSecure vTM, NGINX, HAProxy WAN Accelerators SilverPeak SD - WAN SilverPeak DDoS Protection/WAF Cloudflare, AWS WAFServers: Blade Hardware Cisco UCS, Dell Bladecenter Hypervisors and Containers VMware, Nutanix, Docker Operating System Administration Windows Server, RHEL, CentOS, Ubuntu Virtual Desktops Citrix XenApp, VMware Horizon, Microsoft RemoteApp/RDSH E - mail Microsoft Exchange, Cisco ESA, Veritas EnterpriseVault, Mimecast, Proofpoint Databases Microsoft MSSQL, MySQL/MariaDB, PostgreSQL Web Servers Microsoft IIS, Apache, Tomcat, NGINX Caching Servers Memcached, Redis Patching Systems Microsoft WSUS, BatchPatchDesktops: Management and Deployment Microsoft WDS, PDQ Inventory/Deploy, NinjaRMM Operating System Administration Windows Desktop, Ubuntu Desktop, macOS Policy Management ActiveDirectory Group PolicySoftware: Productivity Suites Microsoft Office, OpenOffice Collaboration Platforms Microsoft Sharepoint, Atlassian Confluence, Nextcloud Instant Messaging Skype for Business, Openfire, Zulip, Slack, Microsoft Teams CRM Microsoft Dynamics, Salesforce Data Management/Automation Pentaho, Sagent Ticketing Systems Track - It, BMC Remedyforce, Atlassian JIRA, Freshservice ERP Systems Computers Unlimited TIMS, Sage MAS500, PeopleSoft HRMS/Financials SMS Gateways Twilio, Nexmo VoIP/Telephony PBX Systems Cisco Call Manager Express, Mitel MAS/MCD, Avaya Softphone Systems LiveVox, Genesys, Five9, RingCentral SIP/PRI Trunking

Compiled Languages: C/C++, ObjC, C#, Swift, VB.net, Java, ASP.net, Apex

Interpreted Languages: PowerShell, VBScript, Shell Scripting, Node.js, Python, Perl, Go

Web Languages: PHP, Javascript, CSS, HTML, Visualforce, Vue.js

Platforms: Windows, macOS, Android, iOS, Linux

Source Control: Team Foundation Server, Git, SVN, BitBucket

CI/CD: Azure DevOps, CircleCI, TeamCity, Jenkins

PROFESSIONAL EXPERIENCE:

Security Architect

Confidential, Austin, TX

Responsibilities:

• Developed and documented numerous runbooks for the department's incident response program
• Reviewed and created policy documents and governance around Security Architecture, Security Operations, and Application Security
• Worked closely with engineering and DevOps teams to create architecture documentation describing both the cloud infrastructure and component functionality and communication of the company's flagship product
• Researched, designed, and implemented security tools to enhance the company's threat detection and response
• Researched, designed, and implemented software to allow the Security department to shift - left into the application development lifecycle
• Performed detailed security/privacy assessments on potential and existing products and services
• Worked with security researchers and customers to triage and remediate discovered vulnerabilities in the company's flagship product
• Managed and tuned multiple security products from EDR, CSPM, IDS, SAST/DAST, Vulnerability Management, and Orchestration categories
• Performed code analysis and manual code review on Engineering and DevOps deployments followed up by providing findings and remediations to respective groups
• Performed formal threat modeling of individual components of the architecture and application to determine areas of higher risk and need for stricter review
• Routinely responded to and documented security events and incidents that occurred with the environment
• Reviewed configurations and deployments of software and installations from the DevOps and IT Infrastructure teams while also providing recommendations and best practices
• Worked directly alongside Engineering and Product Management teams during design and development of new features to ensure all security and privacy requirements were met

Senior Security Analyst/Architect

Confidential, Houston, TX

Responsibilities:

• Administered a large mixed Windows Server and Linux environment with over 30 locations, 500 servers, and 7500 users on a small team working in conjunction with several other infrastructure departments
• Became proficient at handling security, provisioning, and deployment in a multi - tenant environment with numerous contractual and regulatory requirements
• Spear-headed most cybersecurity projects within the IT Security realm including research, configuration, migration, and deployment of software and appliances
• Acted as supervisor over a team of security analysts providing project management, documentation, policies, and to existing and incoming employees
• Worked closely with other members of operations and infrastructure to determine pain points and areas that could be made more efficient, productive, or inexpensive
• Oversaw change management of network, system, database, and developer requests including firewall, access, vulnerability, and code review with final say on whether changes would proceed
• Developed multiple pieces of custom software and web portals to assist areas of human resources, operations, and infrastructure based around feedback from fellow coworkers and personal insight into day-to-day processes
• Developed patches and enhancements to open and close sourced products utilized by the company to provide needed features, increase compatibility, or fix bugs and security holes
• Developed scripts, patches, plugins, and applications to provide integration between proprietary, opensource, and custom-built software and databases
• Designed, developed, and implemented numerous applications and scripts for automation of provisioning, termination, auditing, and monitoring of all systems and users
• Routinely was able to resolve nearly all system issues and incidents without resorting to third-party support
• Successfully managed multiple projects simultaneously to their completion across cybersecurity, audit, and provisioning areas within expected timeframes and under budget
• Enacted numerous changes to increase the security posture of the company including secure jump hosts, multi-factor login, single-sign-on, vulnerability scan reviews, SIEM, MDM, DLP, and system hardening baseline group policies
• Assisted and was called on specifically during major outages and issues across all departments, due to realized expertise in troubleshooting, becoming a subject matter expert in all enterprise applications and operations
• Researched, deployed, and maintained several products used during the pandemic for remote users including collaboration, instant messaging, web meeting, VPN, and monitoring software
• Acted as lead during all client and regulatory audits providing evidence, updating policies, and participating in interviews
• Dedicated time to continuously review systems security, efficiency, and reliability and to resolve any deficiencies
• Received the Top Gun in 2021, an granted to employees who most greatly assisted in the company s success for the year, by providing numerous inexpensive solutions for VPN, communication, virtual desktops, and monitoring to allow an explosion of remote worker capabilities during the pandemic

Systems/Network Administrator

Confidential, Boise, ID

Responsibilities:

• Administered a Windows Server environment with over 70 locations, 80 servers, and 1200 employees on a small team
• Acted in large part of project management and activities during corporate acquisitions to perform user, server, and data migrations as well as maintain documentation for the entire process
• Spear - headed multiple projects to implement or replace solutions to assist in increasing the efficiency, productivity, reliability, and security of the environment including backup solutions, web proxies, WAN accelerators, and antivirus
• Worked closely with other members of operations and infrastructure to determine pain points and areas that could be made more efficient or inexpensive
• Attained a strong background knowledge of accounts payable and general ledger while developing a custom integration solution between company s ERP systems
• Implemented solutions to reduce overhead costs such as VoIP, virtual desktops, and server virtualization
• Increased collaboration by deploying new communication systems such as Lync/Mitel instant messaging and Sharepoint
• Developed multiple pieces of custom software and web portals to assist all areas of operation based around feedback from fellow coworkers and personal insight into day-to-day operations
• Researched and enacted multiple configuration changes to network, server, and virtual machine components to continuously improve performance, reliability, and security
• Created material for and provided to current and new IT employees

Software Engineer

Confidential, Las Vegas, NV

Responsibilities:

• Spear - headed development of multiple macOS applications including a hard disk recovery and instant message software
• Worked directly with software end users to resolve issues and use their feedback to further improve the products

Software Engineer/Systems Administrator

Confidential, Moscow, ID

Responsibilities:

• Administered Windows 2000 domain with 30 machines and assisted during the migration of NT4 to Windows 2000
• Provided end - user support and on all systems and applications
• Continued development on AutoCAD add-on software for Idaho Transportation Department with a team of software developers