PROFESSIONAL SUMMARY:

Forward - thinking, innovative infrastructure and security architect. Passionate team champion with over 20 years’ experience designing strategic plans, building tactical action plans, and aligning business requirements with technology capabilities. 18 years implementing bare-metal, traditional virtualization and private cloud architectures with a security and compliance focus. 12 years primary ownership of business critical on-prem and cloud based infrastructure, managing RTO/RPO while fostering team health and growth.

CORE SKILLS:

• Team Development
• Strategic Planning & Forecasting
• Communication and soft skills Mentoring
• Program, Product and Project Management
• Trust builder
• Architecture Standardization Development
• Conflict Management Mentoring
• Organizational Change Management
• Accountability up/down leadership chain
• Lifecycle Management
• Translate business requirements into elegant, scalable platforms
• Setting and Championing Team Direction and Charter

TECHNICAL SKILLS:

AWS: TG/DX/LZ/CloudFormation/IAM/BGP/Security Groups/EC2/Lambda/RDS/CloudTrail/VPN/more.

Azure: VMScaleSet/VDI/VMware/CDN/ExpressRoute/VPN/VWAN/Front Door

Audit/Compliance: PCI/SOC2/FedRAMP/HIPAA/HITrust/GDPR

DCI: OTV/VXLAN/GRE/L2TPV3/VPLS

Cisco: IOS/FX-OS/NX-OS/IOS-XE/ASA/ISR

Unix/Linux: RedHat 1-14/CentOS 4-7/Solaris 2.6/HPUX 11

IAM: PKI/ADFS/Radius/802.1X/AWS IAM/ForgeRock

Security: Defense in Depth/OWASP/STIG/Incident Response

VPN: IPSec/OpenVPN/DMVPN/Anyconnect

Route/Switch: BGP/OSPF/VPC/VDC/IPV*/

Traditional Virtualization: VSphere/OpenStack/KVM

Container / automation: Docker/Swarm/Ansible

CAREER OVERVIEW:

Senior Cloud Architect

Confidential, Jacksonville, Fl

Responsibilities:

• Principal Solution Architect for onboarding 46 business units into AWS, Azure, GCP and Oracle.
• Design and implement secure, scalable core and edge network using next generation Cisco products such as Tetration, Cisco Firepower, Nexus 9K and others.
• Environment built with data stewardship, federal, state and contractual compliance as the main tenets.
• Assist with business application process creation/adjustment for on-boarding on-prem, CSP only and hybrid architectures.
• Design and implement IP schema, BGP/IGP, physical carrier transport using VPN backup to AWS, Azure, GCP and more.

Chief Technology Officer

Confidential, Paso Robles, CA

Responsibilities:

• Migrate legacy Java 3-tier application architecture from bare metal to traditional virtualization platform.
• Lift and shift same architecture from traditional virtualization to AWS EC2.
• Managed development team’s rewrite in Angular using Lambda & RDS.
• Develop application test criteria and customer trials.
• Built and maintain complete IT services suite leveraging a hybrid-cloud approach.
• Work with executive leadership on acquiring angel investment, monetization strategy, and strategic partnerships.
• Process development for sales, customer and technical support.
• Design and implement open source telephony and presence environment.
• Red team application and infrastructure testing for on-prem and CSP hosted environments.
• Design and implement infrastructure and application monitoring/alerting.

CEO / Principle Architect

Confidential, Paso Robles, CA

Responsibilities:

• Build and design SMB hybrid cloud environments with a focus on cost savings.
• Build and design campus networks, remote access VPNs, voice/presence, web caching/content filtering and storage networks leveraging open source technologies.
• Project based and MSP Contract negotiating.

Engagement Manager

Confidential, Irvine, Ca

Responsibilities:

• Coordinate professional services scoping and contract management.
• Manage internal process on LOE/SOW/scope creation for vendor management.
• Manage 90 day services pipeline. SOW, 3rd party sub-SOW creation and review.
• Manage client escalations on steady state projects alongside PMO.

Sr. Program Manager & Solutions Architect

Confidential, San Jose, CA

Responsibilities:

• Manage delivery teams for platform & product delivery on 204 Carnival ships.
• Recover and manage Carnival relations in distress over failed and/or delayed execution.
• Manage 10 dependent vendor relationships within the Trident program.
• Manage ship side Openstack delivery and maintenance.
• Manage Docker Swarm implementation and maintenance.
• Build, manage, and maintain NGINX API gateway infrastructure.
• Manage instrumentation delivery for applications and infrastructure.
• Managed IDM/IAM team, delivery and operations (Forgerock OpenAM).
• Manage Carnival infrastructure change process for shipside integration.

Sr. Program/Project Manager

Confidential, Gardena, CA

Responsibilities:

• Manage multi-discipline post sales engineering teams
• Vendor management
• Outsourced engineering management
• SOW review & negotiation
• Resource scheduling
• Project plan creation
• Timeline management
• Billing & Invoicing
• Pre-Sales

Sr. Solutions Architect & Post Sales Engineering Manager

Confidential, Gardena, CA

Responsibilities:

• Technical Project Management
• Manage Cisco Post Sales Practice
• Vendor management architectures design & implement
• Custom architectures design & implement
• Physical to virtual migrations
• VMware SRM 5.x
• Nexus, 7K, 5K, 2K & 1KV
• Pre-Sales
• Mentoring and for hard and soft skills

Solutions Architect / Service Development

Confidential, Austin, Texas

Responsibilities:

• Security services development
• Professional Services Delivery lead
• Vblock implementation / integration / delivery
• Cisco Nexus 5548/7010
• Cisco 1000V
• Cisco MDS
• Cisco UCS
• VMware 4.x/5.x
• Confidential Storage (VNX/Vmax)
• Design review vBlock implementation
• Network design & implementation
• Process improvement

Senior Network Architect/Engineer

Confidential, Seaside, CA

Responsibilities:

• Architect Two Factor remote access VPN (Cisco ASA)
• L1-L7 network design & OPS
• Mitigated DoD identified threats (IAVAs)
• Network troubleshooting and triage

Senior Architect/Network Engineer

Confidential, Santa Clara, CA

Responsibilities:

• L1/L2/L3 network design & OPS
• System and storage troubleshooting
• Operationalize datacenter
• Mentoring and for hard and soft skills
• Policies and standards:
• Change Control
• Network Device Naming
• Network Device bring up procedure
• Triage
• Design documentation
• NXOS
• PVC
• VTP
• VDC
• Solarwinds Configuration management
• Nagios and MRTG
• Operations, RCA and triage
• Capacity planning
• Implement isolated environments for R&D teams
• Mitigate and isolate network outages caused by Dev engineers
• Mentoring and for hard and soft skills
• Lab safety tours and instruction
• Platform instrumentation

IT Security Specialist/Network Security Architect

Confidential, Paso Robles, CA

Responsibilities:

• Security posture assessment
• Vulnerability mitigation
• Mentoring and for hard and soft skills
• Vendor Management
• SSL VPN (Cisco ASA)
• SOHO infrastructure design
• Firewall and router network segmentation
• Wireless infrastructure design, maintenance and troubleshooting
• Captive Portal
• Content filtering
• Security policy and procedure authoring management approval evangelism
• PMO implementation
• Design documentation

Owner/Principal

Confidential, Seattle, WA

Responsibilities:

• Project/Program management
• Hardware/OS design for infantry wearable, network enabled device
• Open source infrastructure

System Security Professional / Network Architect/Engineer

Confidential, Seattle, WA

Responsibilities:

• Vulnerability assessment (Red Team)
• Vulnerability mitigation
• Process improvement to include security standards earlier in process
• GLBA and SOX compliance
• Internal & Federal audit
• Translate process and technology risk into business risk
• Security standards authoring
• Vendor management
• Multi-vendor VPN
• Traffic flow validation for least privilege
• Developed and presented various security modules
• Mentoring and for hard and soft skills
• Application acceleration on Juniper DX and F5 platforms
• Test methodology/process for new features and software
• Business partner connectivity solutions
• Lab environment for Network Engineering team

Senior Network Architect

Confidential, Seattle, WA

Responsibilities:

• Project/Program management
• Vendor Management
• GRE/IPsec DCI
• WAN migration for DC/remote sites to IPSec/GRE
• OSPF traffic shaping on IPSec/GRE
• Companywide Network Ops
• Data/Voice circuits & DSU/CSU devices
• DCI, OSPF & IPSec/GRE
• DR scenario and options for IPsec VPN infrastructure.
• Mentoring and for hard and soft skills
• Supporting documentation for the IPsec VPN infrastructure.

Sr. Support Engineer / Security Tech Lead

Confidential, Scotts Valley, CA

Responsibilities:

• Security Incident response for visible customers
• Design validation
• Designed Firewall, DMZ, VPN, security solutions and network architectures using the following products
• IOS IPSec
• IOS SPA
• IOS IDS
• IOS firewall
• Pix firewall
• Pix IPSec
• Pix AAA
• Pix Private Link
• Cisco Secure Intrusion Detection hardware & software on Intel, Sparc & HPUX
• Centri Firewall
• Escalation for junior engineers
• Customer environment recreations
• Worked with development on bugs fixes
• Documentation development for TAC and AMs
• Mentoring on technical and soft skills.
• Research of new VPN technologies