JOB OBJECTIVE

A challenging position involving the design, integration, security and operations of IT architectures and management systems.

SUMMARY OF QUALIFICATIONS:

Twenty years of experience with service provider and federal government IT design, operations and standardization. Accomplishments in all aspects of technology including radical changes to critical infrastructures of the Internet and mobile telecommunications networks. Proficient in multiple programming languages, databases, operating systems, network carrier services, hardware platforms, management systems, and security methodologies.

SECURITY CLEARANCE:

PROFESSIONAL EXPERIENCE:

Consultant / Sr. IA Engineer

Confidential

• Worked under the DISA Field Security Office to develop and maintain DoD 8500.1 security guidelines and standards published on the IASE web site for DoD organizations.
• Designed the security architecture for encryption of data at rest and in transit at the White House Communications Agency.
• Provided subject matter expertise for DoD 8500.2 and NIST 800-53 controls and validation. Adjudicated STIG findings, modified and maintained published DoD standards accordingly using the DISA VMS and DPMS systems.
• Worked with vendors including Oracle Corporation, VMware, Enterprise DB, and SAP to interpret national security policy for the establishment of new DIACAP assessment guidance, standards, and procedures.

Sr. Security Architect

Confidential

• Worked under the Program Management Office to design, implement and manage security services directly with a 65M client.
• Designed a Sourcefire IPS and SIEM solution to integrate with existing managed Enterasys and Cisco platforms. Developed capacity management and intrusion policy processes using NetScout, Defense Center, EMS, syslog and ArcSight to analyze and maintain streamlined managed security service with the global customer support organization.
• Directed CSO lab testing, analysis and certification. Coordinated and lead actual maintenance activities. Participated in regular engineering review and change control while managing vulnerabilities, service implementation, and data center consolidation. Provided tier V support for Cisco ASA, multi-vendor IPS, and BlueCoat Proxy platforms.
• Developed configuration management and analysis software for a 20,000 user network. Audited the network, developed and maintained system security plans based on NIST 800-53, ITILv3, SAS70, and DIACAP.
• Analyzed external penetration testing results and defined requirements with the client.

Sr. Security Developer

Confidential

• Developed and implemented vulnerability scanning software for DISA, DIACAP and the US Department of Defense.
• Worked closely with the Agency CTO to develop and automate vulnerability management. Worked in Perl to code hundreds of scanning methods for DISA STIG policy checking.
• Developed CloudStack and Joomla integrated Citrix XenServer and Linux KVM virtual systems.
• Provided risk management training based on SANS guidelines and DoD policies to establish and develop per system security documentation including access controls, contingencies, etc.

Consultant/Sr. Network Engineer

Confidential

• Worked with FEMA and the Small Business Administration at the Office of Disaster Assistance to maintain and improve the data communications supporting field agents and disaster relief.
• Identified risk and worked with the data center contractor to remediate architectural flaws in Qualys vulnerability scanning and Trustwave SIEM.
• Worked with protocol analyzers to resolve problems with tcp/ip mainframe gateway connectivity involving Juniper IPSec, IP WAN routing, Clustered Checkpoint firewalls, and Unisys Web Transaction Server for ClearPath OS Comm Trace.
• Assisted in the planning under OMB Memorandum M-08-05 for the establishment of DHS NCSD compliant Redundant Trusted Internet Connections, disaster recovery functions, FIPS 140-2 compliance, and Interconnection Agreements.
• Managed data center contractor 0AM P for Cisco WAN, ASA firewalls, and F5 load balancers.

Consultant/Network Manager

Confidential

• Provided consulting services in support of data and call center management for the US Department of Education's Federal Student Aid systems. Projects included IPv6 architecture transition, TICAP establishment, FIPs compliance, capacity planning, configuration management, and disaster recovery planning.
• Developed a multi-phased IPv6 transition plan and architecture which leveraged application security requirements and minimized residual risk to business needs based on a strategic hardware migration from Cisco ACE to F5 LTM and integrating Tivoli Access Manager with F5 ASM/APM on the extranet DMZ. Worked with executive management and the change control board to develop end to end testing based on CMDB and HP Loadrunner for 48 public systems delivering over 68 billion in aid annually including FAFSA.
• Audited Cisco ASA/FWSM firewalls, firewall policy, and capabilities for level 2 compliance with FIPS 140-2 based on the FISCAM.
• Implemented standard operating procedures for the data center operator to support customer access provisioning on F5 and Cisco platforms and for disaster recovery under NIST SP 800-53 guidelines.
• Reviewed contract deliverables for the data center contractor and refined project requirements and SLAs for capacity planning, performance testing, incident management, and NIST SP 800-128 configuration management.
• Worked with Verizon to identify the call center contractor's capacity issues, train supervisors, and comply with capacity and disaster recovery requirements.

Consultant/Owner

Confidential

• Provided subcontract consulting services directly supporting the Fannie Mae EOC and CMMI compliance for proposals to the US Pentagon.
• Developed, maintained and implemented integrations for OAM P with IBM Tivoli/Netcool Omnibus, Mttrapd/Syslog Probes, Webtop, Precision, Impact, TBSM, SSM, ITM, Reporter and Flex-lm License Server as well as HP BAC, InfoVista, Tripwire, and Guardium, using Solaris and Linux platform operating systems and Oracle databases.
• Developed software and scripts using Java, Perl, C, and Unix which interfaced Oracle databases and software API including Infovista and Tivoli Netcool/Proviso for the purposes of performance analysis, migrations and integration, and provisioning.
• Implemented problem management process improvements through Remedy automation and escalation refinement.
• Standardized emergency response for business operations by developing software to streamline problem resolution and sanity checks.
• Developed and maintained technical documentation including development and operational guides.
• Developed process improvements for CMMI Level 2 measurement analysis and configuration management.

Senior Network Engineer NMS

Confidential

• Provided design and transition support of services including network management integration, platform modeling, and architecture change.
• Worked with IETF and Cisco Systems to assist in IOS Beta testing of carrier sensitive call signalling. Utilized Enum e.164 and DNS in a inter-protocol and multi-vendor environment to debug routing for various soft switched platforms. Calls were trunked off network and between VoIP gateways using Sip Express Router, H.323 and Unified messaging integrated Cisco Call Manager, and FDM facilities.
• Designed and implemented ICANN top level DNS platforms for anycast and unicast service on IPv4 and IPv6. Derived performance requirements based on denial of service mitigation objectives and empirical evidence. Built, conducted and automated testing of unicast DNS utilizing F5 and Cisco load balancers. Won a Telcordia blue ribbon for the network area of the 2006 ICANN dot net proposal.
• Performed product evaluation, selection, and implementation for network management integration within an FCAPS framework to provide monitoring and reporting with Infovista, eHealth, Netcool and HP Openview. These processes included requirements gathering, systems architecture design, requirements development, and implementation planning. Evaluated products and enhancements specifically including Infovista Servers, VistaMart Inventory, VistaMart Database, Reporting Portal, VistaCockpit, Netcool Reporter and Precision, et al.
• Planned, designed and executed the migration of the North American LNP network which included the design and implementation of new physical LAN, MAN, and WAN and included the launch of top level DNS and Internet facing networks.
• Developed J2EE compliant applications with the Arbor Networks Peakflow API and Apache/Tomcat utilizing Axis for XML/SOAP and JDBC.
• Provided advanced critical support and mentoring to the NOC while developing and establishing procedures for external customers including application integrated global telecommunications carriers.
• Worked with Cisco MDS 9000 and EMS mass storage systems, Zope/Python based content management systems, and Bugzilla defect tracking systems. Worked with CVS, Sharepoint, and Fisheye revision control systems. Performed database development and administration on PostgreSQL, MySQL and Oracle on Windows, Linux, AIX, and Solaris operating systems.
• Developed and implemented software to measure the performance of business services based on the ITIL model using Java, C , Perl, and numerous APIs including Arbor, Netcool, OpenView, eHealth, and SNMP.
• Implemented global GPRS/GGSN signaling architecture for the GSMA.
• Developed hybrid core monitoring solution and JDBC API including distributed monitoring probes and performance analysis charts for complex network topologies and distributed critical application architectures including IP Anycast.
• Implemented Tekelec gateways on Linux using ss7 A links over euro E1 for GSM MAP application and inter-carrier call routing.
• Worked with ARIN and RIPE to identify unique global routing needs as required for inter-site and inter-carrier global communication privately and over the Internet.
• Developed and conducted application platform modeling including TCP/IP protocol analysis and statistical reports for Telcordia. The platform included F5, Cisco, and Juniper load balancers, routers, and switches. The performance measurement system included Oracle databases, snmp agents and customized polling software, and perl scripts for report performance metrics.
• Completed feasibility and planning with vendors for the integration of dark fiber SDH services with data centers, Internet exchanges and legacy TDM network services.
• Lead and participated in hands on efforts to implement service at over 30 global points of presence including BGP routers, vpn tunnels, load balancers, Unix, mass storage, and firewalls to support GSM, SS7, SIP and other application platform networks.

Consultant/Owner

Confidential

• Procured 100k in funding to establish this regional full service Internet Service Provider and provide private consulting on a part time and evening basis.
• Managed customer service and technical operations to support over 1000 customers.
• Managed all operations within an annual budget and payroll which grew to 250k annually.
• Successfully sold the company to a competitor
• Managed private consulting and part time projects with a technical staff at US Dept of HHS to operate the department's Internet systems and networks on Cisco and Sun Solaris.

Voice and Video Systems Engineer

Confidential

• Completed extensive VoIP training and tested soft switch platforms.
• Evaluated class 5 SS7 soft switch technologies for carrier VoIP solutions from various manufacturers. Characterized interoperability, advanced functionality, and global scalability using IETF and ITU models.
• Developed and executed test plans based upon the NANP, ETSI, and ANSI standards.

Internetworking Expert

Confidential

• Represented Cisco Systems to provide professional services at Cable and Wireless
• Provided design, testing, and implementation services following the acquisition of InternetMCI.
• Developed Netcool Omnibus Rules to monitor the quality of call processing and authorization.
• Planned, developed, and implemented the next generation N3 SS7 offload architecture to support 5 million subscribers in 23 US cities.

Consultant/Contractor

Confidential

• Provided services to Sprint Nextel Corporation to right size the AOL and Earthlink Dialup networks.
• Worked with the Packet Engineering team to develop software in Procomm Aspect to streamline and automate network planning procedures.
• Quantified raw ISDN network performance data, analyzed circuit and call rotary configurations, and automated service orders on the Sprint mainframe system.

Communications Engineer III

Confidential

• Provided planning, development and implementation services for the US Dept of HHS Internet Program.
• Installed Marconi Fore ATM switches and Cisco routers to provide inter-agency multimedia communications and Internet services.
• Maintained and upgraded Sun Solaris and SGI servers, mass storage systems and web software.
• Developed, tested and implemented LDAP based SMTP system.
• Implemented Tripwire and SATAN security monitoring tools and revision control systems.

Internet Engineer

Confidential

• Assisted in all technical aspects supporting the operations of this regional ISP.
• Trained and hired personnel to establish a NOC 7 technical staff supporting 1300 network customers and over 5000 network nodes.
• Developed and implemented a completely home grown SNMP/RDMS system and NOC Tools.
• Provided advanced technical support and trained implementation engineers to work issues including FIREWALL, SMTP, LAN, CPE. and WAN communications.
• Installed over 30 IP firewalls for WAN customers within the U.S. Armed Services, and intelligence agencies of the U.S. federal government.

Consultant/Contractor

Confidential

• Worked at AT T formerly SBC and Ameritech to provide support for service and trouble dispatch systems and call centers.
• Worked with end users to resolve issues concerning Oracle / IP Integrated MVS systems.
• Developed and maintained HLLAPI, perl, awk, SQL, and JCL scripts.

Staff

Confidential

Provided technical support to an Officer of the United States Congress

Developed distributed Borland dBase application integration.

Maintained and ehhanced a 200 node Novell IPX LAN with TCP/IP and SNA access.

Intern

Confidential

Worked on the staff of Hon. John D. Rockefeller, IV and provided database and LAN application support.

Supported Borland dBase and Novell LAN.