TECHNICAL SKILLS:

Operating Systems: All Microsoft Windows Server OS s, Novell NetWare 3.11 to 5.1, Linux, FreeBSDSolaris, HP - UX, VMWare.

Applications: Active Directory, WINS, DNS, DHCP, Citrix, MS Exchange, Lotus Notes, MS SQL, MySQL, Oracle, SAP, Citrix, MS Office, ATG, Omniture, Kana, VSphere, Akamai, IIS, Apache, SNORT, Tipping Point, ArcSight ESM, RSA enVision, CA ELM, NAGIOS, Entuity EYE, Wireshark, Qualys, Nessus, Nmap, Kerberos, SSH, MS SharePoint.

Hardware: Cisco routers and switches, Cisco ASA, Cisco IDS, Cisco Call Manager, Cisco WCS/WLCJuniper M Series and SRX, F5 Networks Big-IP, Stratacom, Extreme, Foundry, Nortel, Avaya, EMCNetApp, Compellent. CheckPoint NG and Connectra.

Protocols: TCP/IP, Spanning-Tree, Ethernet, Fibre-Channel, iSCSI, IPSec, 3DES, AES, SSL/TLS, DNS/BIND, NIS, Frame-Relay, BGP, OSPF, EIGRP, RIP, IGMP, HSRP, VRRP, PIM, ISDN, VoIP, VoFR, SNA, DLSw+, SSH, 802.11, LWAPP, LDAP, MPLS, QoS, DiffServ, 802.1x, EAP, x.509 s, RSA Keys, PKI, PGP, RADIUS, TACACS, DS and OC based circuits, metro Ethernet.

Languages: Pascal, Fortran, Perl, PHP, SQL, Shell scripting, IBM Assembler, SAS

PROFESSIONAL EXPERIENCE:

Confidential

Security Incident Manager

Responsibilities:

• Created and maintained detailed project plan.
• Provide project status at status meetings.
• Lead team in day-to-day activities.
• Provide hands-on configuration for Windows, UNIX, IDS/IPS and SIEM devices.
• Create policy and procedure documentation for client review and approval.

Confidential, West Bridgewater, MA

Director, Networks and Technologies

Responsibilities:

• Recommend, plan, and implement technical solutions for SAP implementation based on data flow, redundancy and security requirements. Define and implement security roles.
• Implement Security Program procedures and policies and all related technology including; Cisco ASA firewalls, remote access and LAN-to-LAN VPN’s, Cisco and SNORT IPS, ArcSight Logger and ESM, Cisco ACS for access control, Qualys and Nessus vulnerability assessment, Microsoft ISA server.
• Implement ITIL-based processes including; Service Request, Incident, Problem and Change management.
• Plan and implement complete LAN replacement and redesign. Install and configure all switches and routers. Project was completed on time and under budget.
• Perform PCI and 201 CMR 17.00 gap analyses and implement solutions and controls.
• Replace current ATM WAN with an MPLS solution. Responsible for install and testing of all circuits. Configure all BGP, EIGRP, and OSPF routing.
• Configure and maintain port security for call center and conference room ports.
• Implement Nagios network monitoring solution and provide metrics for proactive monitoring including; availability, CPU, memory, bandwidth, storage availability, etc.
• Configure QoS on WAN circuits using CBWFQ.
• Plan and implement complete warehouse build out including VLANs, wireless, and firewalls. Responsible for installing and configuring all hardware.
• Key member of E-com team that successfully launched two brands. Manage Akamai configurations and hosting relationship.
• Contribute to the implementation of a call center with over 70 customer service agents. Integrate an outsourced sales agent solution.
• Responsible for approximately 50+ Microsoft Windows servers, SharePoint MOSS, VMWare ESX v4 Servers, RHE Linux servers, 50+ Cisco routers and switches, Citrix application and desktop delivery, MS SQL 2008 Server, Compellent and IBM storage, Tivoli Storage Manager, Cisco ASA firewalls, Avaya PBX, MPLS WAN, Cisco Wireless, Tandberg Audio/Visual equipment, Intrusion detection systems including Cisco, SNORT and Tipping Point, ArcSight log management, and support of over 500 users.

Confidential, Cambridge, MA

Senior Manager, IT Infrastructure & Security

Responsibilities:

• Implement and configure a Cisco VoIP solution based on Call Manager 6.x.
• Created an IT Metrics Dashboard for availability, resource utilization, support responsiveness, and customer satisfaction and presented to upper management on a quarterly basis.
• Established a monthly operations meeting to track availability and performance metrics of all network, server, and application components to promote proactive system management. Track incidents for follow-up.
• Established a monthly security meeting to ensure proper incident reporting and log review. Produced monthly sign-off sheet for management and audit review.
• Improve remote access request information gathering and approval process using an InfoPath form and SharePoint Form services.
• Project manager and technical lead for server virtualization and tiered-SAN storage projects.
• Plan and assist with complete data center move and redesign. Deal with power and cooling issues and schedule downtime and testing with system owners.
• Key member of ITIL and DR Steering Committees. Process owner Service Request Incident, Problem, and Change Management.
• Responsible for approximately 160 Windows servers, NetBackup, VMWare ESX Servers, 10 HP-UX servers running Oracle applications and databases, MS SharePoint, MS SQL Server, 80+ Cisco routers and switches, EMC and NetApp storage, Cisco ASA and CheckPoint firewalls, Cisco Call Managers and VoIP phones, Nortel option 61C and 11C PBX’s, telecommunications circuits including DS3’s and PRI’s, Cisco Wireless, Polycom Audio/Visual equipment, Intrusion detection systems including Cisco and SNORT, DNS, PKI, and support of over 300 local and remote users.

Confidential

Network & Security Architect

Responsibilities:

• Acted as project manager and technical lead on a number of major network and security initiatives including voice-over-IP, Websense CPM, and Oracle Identity Manager.
• Implement central logging system utilizing Cisco MARS to monitor and correlate all system events.
• Perform ISO 17799 gap analysis and produce remediation plan. Track progress and implement solutions and controls.
• Implement RSA key-based SSH access to all HP-UX systems to replace insecure Telnet and FTP access.

Confidential

Network & Security Architect

Responsibilities:

• Designed network architecture for all manufacturing facilities using a risk-based approach leveraging segmentation.
• Implement intrusion detection and monitor alerts to identify potential security incidents.
• Design and deploy role-based VPN access.
• Deploy network time synchronization to assist in event correlation.

Confidential

Senior Network Engineer

Responsibilities:

• Implement dynamic routing via OSPF to reduce down time.
• Implement network monitoring and alerting.
• Implement dial-on demand WAN redundancy for critical network paths.

Confidential, Cambridge, MA

Senior Network Engineer

Responsibilities:

• Implement multi-interface firewall for customer facing portal infrastructure consisting of a proxy, web, application and database tier. Maintain extremely high availability.
• Plan and participate in data center relocation project.
• Implemented open-source intrusion detection architecture with a process to identify and report on potential incidents.
• Implemented an open-source monitoring system to alert on up/down status of internal infrastructure and applications.
• Wrote scripts to monitor and graph network and application performance statistics for proactive management and troubleshooting.
• Voted top engineer in 2002 based on high output of quality solutions.

Confidential, Cambridge, MA

Manager of Network Engineering

Responsibilities:

• Implement secure remote access for local sales force.
• Redesigned network routing to improve failover and convergence.
• Fixed customer addressing issue that was limiting growth.
• Introduced concept of ‘premium’ DSL service consisting of a static IP and hosted firewalling to increase revenue.

Confidential, Boston, MA

Senior Network Systems Consultant

Responsibilities:

• Provided network design and support for two of the world’s largest networks: Confidential Insurance and Confidential .
• Exposed to numerous environments and technologies which strengthened my overall network and application knowledge.
• Obtained Cisco design and configuration s.

Confidential, Boston, MA

IT Manager/Network Engineer

Responsibilities:

• Redesigned domain configuration to a single collapsed domain and implemented changes with minimal impact to end-users.
• Implemented a remote access solution using a Cisco 5200 and a hunted PRI with RADIUS authentication.
• Redesigned WAN to reduce overall cost of operation and maximize redundancy.
• Upgrade and maintain MS Exchange 5.x implementation.