SUMMARY:

• I am an experienced Network Architect and Security Engineer with more than 15 years of proven experience within the field of networking and information security. My goal is to continue to provide an outstanding level of service and further my career within the realm of Information Assurance and Network Security.
• My passed experience includes supporting and implementing network makeovers for major government clients to assisting in the reverse engineering of advanced undocumented communication protocols for a company within the hotel access control industry. I would like to be able to bring my knowledge and experience to a company that will value my input both as an employee and as a leader while at the same time progressing and advancing within my career.
• 15 years experience in design, implementation and support for LAN/WAN. Broad industry experience includes purchasing, planning and cost control. Broad knowledge of Cisco, Juniper, Extreme Networks, and F5. Advanced knowledge on Routing/Switching protocols. Fluent operation skills on Enterprise Security protocol/policy. Demonstrated ability to work independently and as part of a team. Excellent communication and trouble - shooting skills. Capable of learning and mastering new technology quickly.

PROFESSIONAL EXPERIENCE:

Confidential

Solution Architect \ SME

Responsibilities:

• Confidential SME resource during a DMZ re-design effort. This position is dedicated to working directly with DoS Perimeter Security Division and other DoS application owners during a perimeter security re-design. Evaluate the current design, provide overall feedback on the design and its ability to meet the requirements set forth by DoS. Determine the appropriate deployment options based upon the given requirements. Ensure that this solution encompasses an F5 ADC communication component. Work with internal application owners, DoS PSD team, and external stake holders to design and develop new DoS communications that traverse these new appliances.

Confidential

Solution Architect

Responsibilities:

• Currently I am an inside Accenture field sales engineer\team lead representing an Confidential cloud & AWS vertical solution to other Accenture projects and potential partners. I am assisting with the development of the vertical, structure, capabilities, RFQ evaluations, proposal development, and laying the ground work for future Confidential cloud solution offerings such as managed cloud environments
• Private cloud conversion solutions, and Federal sector application porting to AWS, Azure, OpenStack, and the related development work to support a cloud development project. I have a small team of three cloud engineers. We are solely focused on developing new Accenture Cloud related offerings and selling those solutions both internally and externally to potential customers within the federal market.

Confidential

Lead Network Architect \ Infrastructure Manager

Responsibilities:

• Functioned as the Infrastructure Manager & Team lead for the technical architect group (7 individuals) working on the TSA - TIM Project. I supported the internal application development teams and various COTS product developers as well as interfacing, leading, and designing all TSA TIM communications involving several government agencies to replace the TSA Badging systems for TWIC, Surface, AIR, and Hazardous materials. Responsible for leading the overall TSA TIM Network communications, cloud design, and deployment from the ground up. Communicated our project needs to Data Center resources for equipment provisioning. Planned, scheduled, Installed, and configured F5 appliances within the Data Center. Consulted with various Oracle application leads to design and configure all F5’s for project use including LTM, GTM, and developing custom iRules for the TIM project. Lead for a group of 7 Oracle and Networking related infrastructure team members responsible for providing virtualization, data migration, cloud design and integration, network analysis, project presentations and operational support functions for the TSA TIM Project. Installed and assisted in the networking connectivity and planning for Oracle Exadata storage clusters.
• Designed and lead the effort to implement a new DHS DMZ virtualized architecture that would support the TSA cloud deployment. Designed and architected the Eucalyptus cloud deployment for the entire project. Completed all required TSA TIM Network design documentation and participated in follow on security designs. Presented materials to the client and Leadership regarding technical designs, project scopes, and additional work. Lead the effort to migrate from Data Center provided XaaS services while designing and implementing internal TSA Cloud solutions that provided Accenture with additional revenue opportunities. Designed and implemented a Virtual Private Cloud solution using Eucalyptus. Leading the design effort to stand up and deploy AWS failover solutions for the TIM application as well as other consolidated applications. Architected an AWS Oracle Exadata failover solution for the TSA-TIM VDC in a coordinated effort with DHS Engineering.

Confidential

Lead Network Engineer

Responsibilities:

• Sr. Network Engineer for PD Altess supporting the U.S. Army, Radford Arsenal, and the GFEBS enclave. Responsible for all networking related tasks for the GFEBS project. Configure, update, and maintain Cisco 7206 routers, two Nexus 7K with ASA, 8 Cisco 3750 switch stacks, 8 Juniper ISG1000\2000 Netscreen Firewalls, 4 Big IP F5 load balancers, and a Juniper VPN Appliance. Perform change requests regarding firewall policies for both ASA and Juniper. Adding and configuring F5 virtuals and pools for load balancing within LTM. Configured and worked with GFEBS application engineers and Primary DC location to implement
• GTM solution for GFEBS production environment failover. Writing and developing iRules for customer application needs as well as utilizing iRules for assistance in troubleshooting purposes. Adding and configuring route changes. Assigning IP’s and creating network architectures that accommodate both current and future expansion needs within the GFEBS enclave. Redesigned and configured GFEB’s DMZ to facilitate external partner communications into the GFEB’s Enclave. Responsible for the configuration and maintenance of Retina servers on a periodic basis. Basic port configuration and changes for Brocade SAN fabric switches. Periodic configuration and maintenance of Extreme Networks row switches outside of the GFEBS enclave. Provide second level tier 2 support for SAN infrastructure.

Confidential

Sr. Systems Engineer

Responsibilities:

• Sr. Systems Engineer focused on Network Operations (NetOps), Storage systems, Database, and IA support for the Army classified and unclassified enterprise networks, the Secret Internet Protocol Router Network (SIPRNET), and the Unclassified but Sensitive Internet Protocol Router Network (NIPRNET). Worked to implement the requirement of the Army Chief Information Officer (CIO)/G-5 Enterprise Information Technology vision that calls for consolidation of IT services (application, web, storage, email, asynchronous collaboration) above the installation level into Enterprise Data Centers for the DOD and the
• Confidential as well to ensure the confidentiality, integrity, and availability of all systems during and after implementation. Currently provide NetOps IA engineering, Tier 3 support, and integration support to resolve and mitigate unforeseen technical issues during component change and implementation. Analyze proposed NetOps configuration changes outlined in configuration change packages or other configuration management-related requests and requirements. Participate in a NetOps advisory capacity, supporting Technical Review Boards, Configuration Control Boards, and Change Advisory Board activities. Support NetOps emergency CCPs. Perform system administration, CM, security assessment, testing, and troubleshooting. Provide and update NetOps IA systems Functional Implementation when required in order to meet necessary deadlines and budgetary requirements.

Confidential

Advanced R&D \ Communications Reverse Engineer

Responsibilities:

• Provided research and development services for a new hotel electronic access control provider. Led the engineering and development team in reverse engineering and re-implementing communication protocols for compatibility. Assessed the security and updated system requirements as necessary to meet the demands of the applications being developed. Led the application design to facilitate an AWS deployment strategy. Designed and built the AWS infrastructure to support customer deployments and scale based upon provided resource metrics. Built a private cloud using Eucalyptus to facilitate infrastructure and pre-deployment change testing before pushing to AWS.
• Trained others in binary conversions and process stalking techniques for various applications including IDA-PRO and Process Stalker. Researched and re-implemented proprietary undocumented RS232 and RS485 communication protocols. Provided top level of analysis for interpreted assembly and assisted in the reconstructing of functions and additional application calls based upon the output. Maintained all company records for black box and clean room reverse engineering within the R&D department. Completed QA for system builds and created all test cases for the overall system and scope during the engineering process.

Confidential

Lead International Information Security Trainer

Responsibilities:

• Provided technical leadership to the international group for the non-combatant information security program. Mentored and trained others in information security in addition to providing for other technical groups. Lead the efforts for international information security s for newly constructed data centers and network operation centers for military contractors in Kuwait, Iraq, Afghanistan, and other Middle Eastern countries. Responsible for advising incident response measures and implementing Information Assurance policies to insure backup and database integrity. Implemented SAN infrastructures using Hitachi and EMC Administration of SAN infrastructures including EMC Symmetrix 8730/DMX, HDS Thunder Models - 9570 and 9585, AMS 1000, HDS Lightning series 9960, 9970, 9980, USP Series Models USP100 USP 600 and USP1100 DISK Arrays, and Hitachi DS4300, DS4500, and DS4800. Trained and assisted with installs for conflict areas around the world and maintained security infrastructure, including IPS (Tipping Point - TSE, Cisco IPS modules, ISS nodes, and RelayGhost), IDS (Snort, AIDE, Foundstone, and Prelude) trained on effective log management, and security assessment for intrusion detection systems.
• Trained others to assess threats, risks, and vulnerabilities from emerging security issues. Published Security Updates newsletter for technical groups and end users. Drafted enterprise security standards and guidelines for system configurations and end user . Trained users on how to manage the process and respond appropriately to computer security incidents. Performed and created procedures for system security audits, penetration-tests, and vulnerability assessments. Developed guides to assist in to develop scripts to maintain and backup key security systems. Conducted and support for international Data
• Center networks involving CheckPoint, Cisco Pix520, ASA 5500, Juniper Netscreen 5GT firewalls, Cisco 2900/3550/3560/3750/4000/4500 series switches, Cisco 2500/2600/3600/1700/1800/2800/3700/3800 series routers, and Windows/Unix systems. Provided onsite in problem resolutions for network problems on Layer 2 related to STP/VTP and Layer 3 related IP planning and routing protocols. Provided assistance in managing CheckPoint and Cisco firewalls, network monitoring and server monitoring both onsite and off. Ensured network, system and data availability and integrity through preventative maintenance and upgrades. Developed and maintained accurate network documentation Visio diagrams to provide management with proper understanding of organization need. Provided technical support to both in-house staff and international end users for all network services.

Confidential

Information Security Analyst - Technical

Responsibilities:

• Recommended preventive, mitigating, and compensating controls to ensure the appropriate level of protection and adherence to the goals of the overall information security strategy. Assisted in the development of access-controls, separation of duties, and roles. Conducted technical risk evaluation of hardware, software, and installed systems and networks. Assisted with testing of installed systems to ensure protection strategies are properly implemented and working as intended. Maintained infrastructure security with IPS tools (FrameWatcher, Framelogger, McAfee Intrushield, and Extreme Networks Network Intrusion agent watcher), also kept the network up to date and protected by maintaining the GSU campus network with Intrusion detection systems (ISS threat watcher - RealSecure, McAfee packet alarm, IPSTAT, and Snort) Assisted in incident response and recommend corrective actions. Communicated with personnel about potential threats to the work environment. Participated in forensic recovery and analysis. Participated in development and maintenance of global information security policy. Supported the Web and Client base Infrastructure for online class room Software Applications, and participated within the
• WEBCT\Vista System Development Life Cycles (SDLC). Analyzed, recorded, and monitored the status of IV&V and Accessibility, Functional and Regression testing requirements, defects; tracked corrective actions; performed Regression testing; traced Accessibility and Functional test cases to requirements; reported and prepared detailed test summary reports and audits; reviewed results of automated test results to ensure that all requirements were thoroughly evaluated and met client and user expectations for (GSU). Managed Veritas LVM, VCS(SFHA) backups for hi-availability SAN networks. Used Netbackup 5.x and 6.x to maintain regular backups and contingency policies. Implemented and managed Linux LVS for load balancing in 32 node HA linux cluster. Installed, implemented, and managed IBM Tivoli TSOM (Netcool\NeuSecure) for rules based event correlation, statistical threat analysis, susceptibility correlation, and vulnerability correlation. Installed, configured and updated all McAfee related security appliances and software including McAfee Intrushield, EPO, VSE, and HIPS. Tested various hardware and software platforms at the client site to ensure system and application functionality. Tested web-based and client-server applications; SQL\ MySQL\ Pylons, infrastructure (Cisco 4200, Extreme Networks BD L3 Switches), COTS, GOTS, and custom applications, end-to-end, emergency upgrades, custom development, back end, maintenance; single and distributed systems. Interacted with upper and middle management to establish and recommend IV&V policies and processes. Participated and attended Requirement Reviews, TRB's, and TRR's.

Confidential

IT Network & Security Analyst

Responsibilities:

• Maintained security of voice and data networks and equipment. Monitored and maintained physical and logical security and access to systems. Responsible for support of existing security policies and procedures, as well as creation and implementation of new security procedures. Risk assessment of partners. Presented options to management for the enhancement of DNS, firewall (Check Point ProV-1, VoiP /w Avaya Module), modernization of firewalls (Check Point ProV-1, HP Netscreener, 3Com HID appliances), and inbound e-mail security and robustness. Assisted with the upkeep of network infrastructure including switches and load balancers. Assisted in migration of VPN concentrators to new project. s include completing TruSecure enterprise, and development of incident handling procedures. Provided Administrative support for MS Exchange Server 5.5, MS IIS Server, and Windows 2000 Advanced Server. Network cabling, testing of subnets, IP addressing, configuring HP printers, hardware testing, and building systems specific to users' needs. Software and hardware upgrades and troubleshooting, including Outlook 2000, Windows 2000, and Microsoft Office Suite. Assisting in monitoring system availability, batch production, system backups, system hardware maintenance
• Active Directory support, and report distribution. Created easy to read and understand documentation on the proper operation and configuration of custom built Windows 2000 Professional / 2000 Advanced Server, and Linux based operating systems. Systems support for IT Resources, System Operations, Dispatch and Maintenance divisions. Responsible for 24 x 7 support of 200 HPUX workstations, in addition to the AIX 4.3.3, Solaris 2.6/2.7/8, and AT&T (NEC) servers locally and in remote locations including Newark, Cleveland, and Atlanta. Implemented cross-platform X-Window support for 50 users on non-unix systems such as MS95, 98, and NT.

Confidential

Security Systems Engineer

• Used previous experience in company to focus on securing information and systems. Trained and mentored employees in many job descriptions regarding security and system basics, best practices, etc. Documented exiting and in-development policies, procedures, and systems. Deployed distributed intrusion detection sensor network to government agencies. Security lead on new product design team. Business continuity consulting for all government contracts. Developed into lead security person at company. Used knowledge of bind, apache, SSH, and security to retrofit existing systems and engineer new, improved security systems. Firewall creation and maintenance using Cisco ACL and Linux iptables. Basic Cisco 2900/5500 switch configuration and maintenance. Participated on Y2k rollover team, and on-call internal CERT team. Trained end-users on system architecture and use. Expanded documentation. Installed desktop software for corporate MAC users. Installed, configured, and implemented network applications for corporate PC users. Installed, configured, and implemented Novell 3.x servers. Installed, configured, and implemented Macintosh servers. Troubleshoot 3270 connectivity on MAC and PC platforms.
• Troubleshoot printing problems on MAC and PC platforms. Provided global support of the ATM wide area network. Duties include awareness of cost containment; client satisfaction, implementation timing, and coordination with various groups in the realm of network performance. Supported 250 engineers working in a heterogeneous environment including primarily Sun Solaris, HP/UX and AIX platforms. Implemented NIS/DNS strategy to stabilize system management of 200+ Sun Workstations with the E450, E4500, and E10k Sun Servers. Migrated 3.5 TB of scattered data to centralized NAS (NetApp/Clarion) storage. Eliminated NFS cross mounting across WAN infrastructure. Implemented Solstice to manage and enhance system integrity and simplify system management. Established best practice solutions for daily operations and future expansion. Designed and executed the transition plans for complete systems migration and upgrades.
• Rolled out several Sun Enterprise systems, SGI Origin 2000's, and multi-node IBM SP RS-6000's for a multi-national geological survey company supporting Fortune 100 oil conglomerates with data stores in the 100+ TB range. Installed Sun E450 with Solaris 8 to replace legacy SGI platform and migrated data and applications from Irix to Solaris. Performed security analysis (scan and penetration testing) for a government client with greater than 250 individual agencies and more that 300,000 potential targets.