SUMMARY:

A sagacious, results driven IT professional of 17 years’ experience with numerous noteworthy successes in directing and completing a broad range of infrastructure & security related project initiatives while partaking in the planning, implementation, and management to better align with business requirements. Exceeds in delivering cost effective under or on - budget solutions while actively participating in the full lifecycle of projects and operations (Planning Design, Implementation Development, Management, & Maintenance). Extensive experience in hands-on guidance and management of teams to overhaul existing or implement a new infrastructure & information security operational programs that align industry standards with the company’s mission. Demonstrates exuberant skills to interface with company executives to identify their objectives and translating them into a technical vision and strategy while also pinpointing & communicating any potential risk to minimize any business impact.

• Implemented and overhauled Information Security Services Programs for multiple companies with the in corporation of SIEM, Cyber Intelligence Threat Hunting, Risk GAP Assessments, Vulnerability Management, and End-User Security Awareness Training
• Designed numerous scaleable physical & virtual datacenters and infrastructure buildouts (Active Directory, Exchange, Lync, System Center, Websense, Vmware, Network Services & Security Monitoring
• Designed a highly available & scalable virtual datacenters with redundant hardware fabric & data storage and automated site failovers. This new design enabled the business to reduce its RPO’s & RTO’s by 83.33% as well lower the capex budget cost by utilizing certified preowned warrantied hardware
• Incorporated multi-factor authentication services to the environment to better secure company data and network access
• Worked with companies in numerous successful PCI audits resulting in the achievement of RoC’s (Report on Compliance)
• Lead highly available datacenter virtualization & consolidation migration projects on a global scale converting thousands of physical servers to virtual servers via Hyper-V & VMware solutions at numerous global locations including Amer, APAC,EMEA,& Latin America
• Established a global active directory and exchange messaging platform
• Engaged with several companies to evaluate their compliance programs and implement necessary changes (PCI, FISMA, HIPPA,SOX, COBIT)
• Preformed large scale worldwide laser like focus asset penetration testing as an unbiased external resource for companies
• Lead Migrations for On-Premise Exchange 2003/2007/2010/2013 to the Microsoft Office 365 cloud platform and Google Apps using both Quest Migration tools and BinaryTree Migration Tools and custom scripts
• Designed, Managed and tested business continuity & disaster recovery solutions for large corporate enterprises as well as small and medium businesses for technical & non-technical aspects
• Acted as virtual CIO to multiple clients(SMEB) architecting solutions, managing budgets to maintaining IT Operations, facilitating expansion, and acquiring resources, software licensing, hardware purchasing
• Managed teams to provide and drive successful customer service and project results for the IT Department
• Provided extensive Project Management skills for the completion of highly visible Infrastructure & Information Security related projects
• Successfully created reduction in Total Cost of Ownership by applying open source solution software and Linux servers where applicable
• Implemented IDS & IPS for an Enterprise Network strategically placing firewalls in various locations on the network to present East-West & North-South network traffic

AREAS OF EXPERTISE:

• Team & Project Leadership, Coaching & Professional Development
• Virtualization & Cloud Technologies
• Infrastructure, Security, & Solutions Architecture Design
• Microsoft OS & Application Stack
• Vendor & Contract Negotiation & Management
• IT Governance
• Infrastructure & Security Documentation
• Regulatory Compliance
• Data Integrity
• Business Continuality / Disaster Recovery
• Effective Communication
• Risk Management
• Policy Planning & Implementation

TECHNICAL SKILLS:

Micorosft Windows: Clients 95/98/2000/XP/Vista/7/10 Windows Server 2000/2003/2008/2012/2016 Meraki Firewalls, Switches, APs Alienvault USM Arcsight Splunk OpenVas OSSEC Nessus Palo Alto Firewalls Cisco IOS, Firewalls, Routers, Switches, APs Brocade Vyatta/Vyos Apple Mac OS X Sonicwall Sophos Symantec Backup Exec McAfee Kaseya AWS Azure Rackspace RDP Terminal Services Hyper-V Barracuda Firewall Exchange Active Directory Novell Groupwise Fortinet TMG WSUS System Center ISA SMS Citrix Backtrack Kali Linux Remedy Wordpress Joomla Websense OpenDNS IIS Apache Raid UTM BES InfoBlox LanDesk Altiris TCP/IP NTP SMTP SNMP DNS DHCP WINS Samba Telnet SSH FireEye IDS NMap VLans SQL FTP VPN Radius Web servers Sharepoint ISCSI VMWare Microsoft Servers Blackboard Moodle CMS Tripwire Acronis SNORT Visual Studio EPIC Wireshark Adobe Avaya Blue Coat Proxy File Server Domain Controller RSA LDAP NetBackup Tivoli Identity Management Lync Powershell Visual Basic Bash Shell Script Python Commvault Qualys Metasploit Ironport MDM Airwatch MobileIron BinaryTree Tools ADMT Quest Migrator Office365 SIEM Change Auditor Stealth Intercepts ADFS PCI HIPPA FISMA IPA IPS

Foreign Languages: Spanish, Latin, French, Italian

Programming Languages: C++, Java, Powershell, PHP, VBScript, MySQL, Shell Scripting

PROFESSIONAL EXPERIENCE:

Confidiential

Manager, Infrastructure & Security / ISO - Information Security Officer

Responsibilities:

• Architected an enterprise wide infrastructure & information security program and strategy that ensured the integrity, reliability confidentiality and availability of all Information Technology systems & services
• Provided hands-on oversight of the planning, design, implementation, and management of servers, security systems (SIEM), anti-virus & anti-malware applications, vulnerability management, patch management, network security including routers, switches, firewalls, & intrusion detection/prevention system (IDS/IPS)
• Defined and implemented processes, procedures & changes related to network security, data encryption, desktop and server baselining, user provisioning (on-boarding/off boarding) processes
• Conducted regular infrastructure, information security, and PCI gap analyses which include a review of administrative, physical and technical safeguards of company data
• Orchestrated and planned the IT infrastructure & security portion of the organization’s disaster recovery and business continuity plans for technology systems and acted as a conduit for the layout & completion of the business aspect
• Created, documented and enforced policies and procedures in order to comply with ISO & PCI level 1 merchant regulations & standards
• Provided hands-on leadership in the completion of all annual company compliance assessments audit preparation tasks (PCI, Independent Financial IT Audit, Pre-IPO Sox Readiness Assessments)
• Achieved a successful Level One PCI merchant annual RoC (Report on Compliance)
• Assisted in the management and negotiation of contract agreements with vendors and contractors to secure infrastructure & security specific products and services
• Managed all IT infrastructure & security vendor relationships to ensure a positive partnership & the complete fulfillment of the agreed contracts and SLA requirements with regular multiple vendor status meetings weekly
• Established Inter-departmental communication between different silos of the business to provide a clear application of Information Security Policies & Risk Management prior to any project implementations or operational changes (Legal, HR, Executives, Operations Departments)
• Implemented a company security awareness training program for the advocacy of Information Security best practices for the business, end users and also to change the company to a supportive & favorable mindset on cybersecurity
• Documented systems and cross-trained IT staff to eliminate points of failure in knowledge for the continuality of business in the absence of key IT stake holders
• Implemented a new and complete robust multifaceted SIEM (Security Information & Event Management) system to replace the former aging application which was lacking numerous features and ease of management while remaining cost contentious and delivering under budget
• Interfaced with other IT management team members on the development of operations, governance and future roadmaps for the organization
• Managed and reviewed $3 million in IT budget spend while reducing cost and working with the accounting team to reassign charges to the appropriate cost centers
• Designed & performed a massive IT architectural shift to complete server & datacenter virtualization using blade systems to consolidate hardware and cut datacenter cost on power & cooling
• Engineered a cost effective storage solution for hosting virtualization that provided local & regional site level datacenter failover storage redundancy
• Introduced the company to cloud platform (Azure & AWS) for redundant hosting of some critical applications
• Created the IT framework on standardizing processes and classification of data
• Completed the elimination of on premise exchange and migration to the highly available Microsoft Office 365 platform
• Built out a global active directory infrastructure for the business and migrated all the accounts from multiple active directory structures to one centralized environment with the appropriate delegated access to each IT representatives for each global region
• Established the company’s first change control management processes and CAB (change advisory board) to prevent unauthorized business impacting system changes
• Managed IT staff and provided professional guidance
• Developed scripts for the automation of repetitive administrative task (Powershell, Bash Shell)
• Implemented a mobile device management solutions to protect the company’s data from a mobile platform

Confidential

Infrastructure & Security Architect / Associate Director

Responsibilities:

• Assisted in the management of both the company’s public and private cloud infrastructure (AWS, Azure, Vmware Cloud)
• Built out and designed the Active Directory & ADFS infrastructure for the new office 365 cloud migration providing non fault tolerant high availability
• Managed infrastructure security services engineers
• Interfaced with team members from Operations, Security, & Architecture on road mapping and IT governance
• Performed architecture changes and new systems implementation based on IT road map requirements
• Created automation scripts for the Operations engineers
• Served as final escalation point for design and office 365 issues.
• Performed risk & threat assessments of the organizations infrastructure network, systems, and security domains
• Remediated and investigated security events of servers
• Ensured network and systems are Sox compliant and prepared for yearly audits
• Assisted in the management of the company’s SIEMs (Splunk, ChangeAuditor, RSA Envision)
• Managed and audited network devices, Firewalls and server systems (Bluecoat, PaloAlto, Cisco, Server 2008-2012)
• Set policies based on risk assessments and company business requirements
• Managed and forecasted multiple project budgets to ensure no over spend or waste
• Designed and tested disaster recovery & business continuity solutions for company infrastructure systems

Confidential

Enterprise Security Architect

Responsibilities:

• Work with all key stakeholders including AD Infrastructure, Access Entitlement Management & IT Security Governance
• Serve as final escalation point for AD Migration issues.
• Develop and improve the RBAC model
• Develop relationship with key stakeholders to implement additional granulation of role permissions
• Work with Security Governance to update and develop the existing Super User recertification process to include changes implemented as a result of AD RBAC work.
• Improved existing processes through solutions to recurring problems and enhancements to existing solutions or documentation
• Assisted in performing security vulnerability audits and reporting that information to upper management and key stakeholders
• Managed and monitored SIEM systems for events and directed junior engineers on incident response
• Wrote custom scripts for reporting on systems for auditing, performance, and system changes
• Supervised junior staff in direction of completing required task related to daily functions and project goals
• Assisted in managing information security projects and initiatives
• Performed systems and network devices audits for compliance (Servers, Firewalls, Routers, Appliances)

Confidential 

Enterprise Architect / Associate Director

• Worked with both business and technology leaderships to develop IT Roadmaps and overall IT Infrastructure and Security strategy along with risk assessments for the company
• Assisted management of Private cloud
• Managed and mentored junior engineering staff in both daily functions and delivery of Corporate IT strategy solutions
• Worked with the Identity & Access management Security teams on implementation of new auditing system - Dell Quest Tools
• Assisted in the design of the new active-active datacenter and created policies and procedures for migration to the new data center.
• Assessed current business continuity practices for possible improvements
• Performed risk assessments on current applications and their business continuity status
• Assisted in the design of the new active directory migration project.

Confidential

Senior Consultant

Responsibilities:

• Design cloud based business solutions with AWS, AZURE, and Rackspace
• Created Custom PowerShell scripts for automation and completing specific task to assist in migration efforts
• Performed Active Directory & Exchange Migrations to office365 and On-Premise using BinaryTree Tools

Confidential

Senior Systems Engineer / Security Consultant

Responsibilities:

• Performed network scans for vulnerability and system configuration
• Managed clients Log management & intelligence correlation using Alienvault USM
• Created documentation for clients network, servers, and security architecture and security incident procedures
• Assisted in creation of security incident mitigation and response strategies for client companies
• Created custom powershell scripts to automate task and administer server system changes
• Managed day to day of client End Point Protection and antivirus/malware suites & SIEM systems - Splunk, Alien Vault
• Configured and managed Email Security Gateways (Cisco Ironport, McAfee Ironmail, ProofPoint)
• Performed Systems Hardening and baseline system accepted standards - Group Policy GPOs
• Executed perimeter and internal network and systems vulnerability assessments - Nessus, OpenVas, Metasploit, NMAP, Tenable, Qualys, Backtrack Kali
• Assisted in the completion of compliance standards for customers (PCI, HIPPA, SOX)
• Monitored client systems, networks, security with Alienvault, SCOM, Nagios, Solarwinds
• Performed client Active Directory Migrations, domain consolidation using ADMT, BinaryTree & Quest Tools
• Designing High Availability datacenter solutions for customers
• Migrated Datacenters to both full and hybrid cloud solutions as well as on-prem colocations
• Created and tested business continuality & disaster recovery plans for clients
• Building out IT infrastructure environments from the ground up using physical and virtual datacenters - VMWare ESXi / Hyper-V
• Lead projects through the complete life-cycle stages - proposal, design, implementation, pilot testing, go live production, post operations and maintenance and client training and turnover.
• Datacenter Migration to the cloud and colocation - AWS, AZURE
• Managed client firewalls, switches, routers - Sonicwall, Cisco, Brocade Vyatta
• Deployed Open Source operating systems and tool solutions (Linux) to customers when appropriate
• Performed Information security system audits
• Assisted in answering RFP’s and Created Statements of Work for clients and assisted in the presales and post sales process

Confidential

Lead Infrastructure & Security Consultant

Responsibilities:

• Acted as lead engineer for all Systems in the datacenter location & migration to new colo facility project - exchange, Active Directory, SCCM, SCOM, SQL Farms, SharePoint, Lync, along with home grown applications
• Facilitated the coordination meetings, creation of project objective task list, of all necessary teams to complete the migration - Networking, Storage, & Virtualization
• Managed Company Security Firewalls and SIEM products
• Performed SIRT duties (Security Incident Response Team)
• Performed Vulnerability assessment & remediation
• Implemented Exchange 2010 & 2013 infrastructure into the current international messaging architecture
• Implemented a multisite Exchange locations with Active/Active & Passive Mailbox DAG clustering for High Availability, Replication, redundancy, Disaster Recovery Failover.
• Upgraded the current Email Messaging Infrastructure from 2003 (remote sites) & 2007 (Dual Corporate Site Locations) to the Microsoft Exchange 2010 & 2013 Email Platform.
• Translated company corporate standards and requirements set by HR & Legal departments into proposed & execution of new Information Security policies and strategy solutions
• Acted as project manager for projects involving Exchange, Active Directory, & Information Security managing over 10 national and international staff resources
• Converted and Supported network physical & virtual servers using Hyper-V & VMWare - Domain Controllers, Lync Servers, ESXi Host, Exchange, TMG
• Use of Technologies - SCOM, SCCM, Exchange, WDS, Lync, Active Directory, SharePoint collaboration, PowerShell, Cisco, BackupExec Commvault Backup Solutions
• Management of Websense, Airwatch, Cisco IronPort Devices, Corporate Antivirus, Threat Management Gateway, Content Filtering
• Interfacing with end clients to resolve escalated issue from Level 1 & 2 to be last point of escalation prior to vendor support
• Assisted in company mergers of IT resources (Active Directory, Exchange) by use of custom scripts
• Consolidated & collapsed multiple active directory domains & forest
• Managed Linux Based webserver farm
• Created a new Information Security Initiative Program to implement tighter security controls & policies
• Established the development environment pre-production to provide proof of concept &Product Testing
• Managed & Coordinated Communications between the End-Users, Sites, Plant Mgrs. and IT Support Staff in
• Implemented RBAC (Role Based Access Control) methodologies to the network infrastructure

Confidential

Lead Enterprise Systems Migration Architect

Responsibilities:

• Migrated over 190k accounts with assistance of custom scripts, the Quest & Microsoft tools in various phases from multi-global sites
• Assisted in the integration of a company merger and to the current active directory and messaging infrastructure
• Assisted in the use of ITIL process methodologies to govern IT services and projects
• Supervised junior administrators on the project
• Implemented script for automation of active directory & exchange administrative task.
• Collaborated with other migration teams and other business groups globally to accomplish a successful migration task
• Provided datacenter support for consolidation/relocation of systems
• Delivered Project management process from objectives to design planning to execution and maintenance
• Management of the Active Directory, BES, Lync OCS, messaging Forefront Protection Exchange 2010
• Planned & Executed pilot migrations to test newly implemented 2010 infrastructure prior to mass migration
• Manage global network of servers hosting exchange 2003 & 2010 and Active directory domain controllers
• Support Blackberry Enterprise Servers, iPhone, Blackberry, & Android phones for messaging integration