SUMMARY:

• Over 30 years experience in the computer field. Primary areas of expertise include cybersecurity, information security & assurance, Linux/Unix system administration & automation, troubleshooting & problem resolution, system integration, engineering and analysis, datacenter operations & systems management, and training.
• I have a talent for being able to fight fires, i.e., to go where something is broken, analyze the problem, and get it fixed, with both short - term, Band-Aid, “make it work now” fixes, and long-term, strategic, “let’s address the root cause of the problem” fixes.
• I have substantial experience in a variety of *NIX operating systems, including extensive shell scripting experience for task automation and data manipulation. I have exceptional organizational and communications skills, and an extraordinary capability to quickly learn.
• This, coupled with my broad technical-level management experience in security, operations, system integration, and network design & management, has made me one of the best technical managers you’ll find in this field.

TECHNICAL SKILLS:

Environments/OS: Linux (various, primarily Redhat/CentOS), VMWare, AWS, FortiOS, Panorama, Cisco IOS, Solaris (2.3 - 10.0), OpenBSD, FreeBSD, Windows Oss, Mac OS X

Programming Languages: Extensive UNIX Shell scripting (bash), (Limited) Perl, (Limited) SQL

Software/Systems: SIEM, Nessus, OpenVAS, Snort, OSSEC, Metasploit, Tripwire, Splunk, Sophos, Certified BMC Bladelogic, Tectia Secure Shell, CyberArk, Apache, PKI, Open source/bundled security tools (Ethereal/Wireshark, Nmap, tcpdump, etc.)

Databases & Search Engines: ElasticSearch, Oracle, MySQL, Postgres

Hardware: Firewalls/UTMs, Low-profile ARM devices, Hubs, Bridges, Routers (Fortinet, Cisco, Palo Alto), SAN/NAS, HA RAID, CD/MO Jukeboxes & Software, Intel (servers, workstations, desktops, laptops),Mac

PROFESSIONAL EXPERIENCE:

Confidential 

Director of Network & Security Operations

Responsibilities:

• I currently serve as the director of both the Security Operations Centers and the Network Operations Centers, with responsibility over SOC and NOC operations in Vienna, Virginia; Cary, North Carolina; and Chennai, India. My responsibilities include leadership, oversight, and management of a team of approximately 25 personnel to support all of the managed security services provided by Confidential .
• Prior to the merger of Savanture into BlueAlly, I served as the Director of Operations for both Savanture and its parent company Secure IQ; this includes responsibility for all aspects of international operations for both companies.  While at Savanture I’ve grown from performing contract work for Savanture, designing and implementing their Linux-based back-end data aggregator of the managed security services monitoring system and Security Information and Event Management system, to leading the Security Operations Centers in both the United States and India as part of the executive team.
• My responsibilities included leadership, oversight and management of approximately 14 personnel to support all of Savanture’s and Secure IQ’s operations to include: 24-hour operations of both SOCs and the security analysts that staff them, Professional Services, Engineering, Device Management, Sales Engineering, and Provisioning. 
• I have led our team as they expanded our US-based infrastructure by adding a third datacenter for infrastructure needs as the company’s customer base has grown.  We successfully obtained ISO/IEC 27001 certification for overseas operations and development, and are in the process of obtaining the same for US operations. We are also pursuing both a SOC2 compliance report and FEDRAMP compliance assessment, along with assuring that our Infrastructure as a Service (IaaS) providers are either compliant or pursuing compliance.  My team has been able to successfully reduce operating costs through creative and innovative consolidation and distribution of processing assets among our IaaS providers.
• I successfully led the team through the RFP response to a major U.S. financial regulatory body, resulting in a win for Savanture as the sole recommended provider for the cybersecurity and compliance consulting categories. This recommendation, while not obligatory for the financial organizations, is the primary recommendation mechanism from the regulatory body to its member organizations across the entire United States in order to comply with mandatory and enforceable security requirements.
• Our SOC teams process nearly a billion distinct customer network and host events on a daily basis, maintaining efficiency and efficacy through work-flow processes that have been implemented since the beginning of my tenure in this role.  Our fledgling Professional Services has grown to over $200k annual revenue since its creation a year ago, and continues to expand. 

Confidential, Alexandria, Virginia

Security Engineer/Administrator

• Assigned to the Administrative Office of the U.S. Courts, Hosting Branch. Working autonomously on the Security Team, I was primarily responsible for enterprise security applications and solutions. I dealt mainly with the architectural, implementation, and technical aspect of datacenter security solutions, including proof-of-concept tests & demonstrations, application testing on several operating systems and platforms, implementation & integration into the enterprise of a variety of software and hardware solutions, and risk & vulnerability assessments. I also have worked closely with those responsible for continuity of operations and disaster recovery, assisting where needed in contingency planning.
• As a newly created group within the Hosting Branch, the Security Team began a number of innovations to enhance the security of the enterprise. Among the applications that we implemented are Tectia Secure Shell software and Cyber-Ark Secure Password Vault application.
• The former provided a centrally-managed solution for secure encrypted network traffic for connection to remote servers and the mainframes; the latter provided a much-needed solution to store and manage passwords for privileged users on systems across the datacenter.
• As a BMC-certified Bladelogic Professional, during the implementation stage for BMC’s Bladelogic Server Automation application I had the responsibility for design, testing, and implementation of the security aspects of this effort, to include adherence to adopted standards from the Center for Internet Security (CIS) and file integrity management, using the vendor-provided tools with extensive modification of the Bladelogic scripts to fit our environment.
• The BMC product, in concert with the other applications already implemented and being planned, offered a well-managed suite of tools to provide for a much higher level of security within the Hosting Branch and Judiciary Data Center.
• In addition to the enterprise security applications above, I had a general responsibility, when requested for consultation, for research, testing, and verification of security issues with production Linux systems.

Confidential, Manassas, Virginia

Senior UNIX System Administrator

• Assigned to the Administrative Office of the U.S. Courts. Along with my team, I was responsible for the day-to-day administration of the back-end systems comprising the web servers for the Administrative Office of the United States Courts, along with the Courts’ list server, the web team’s development servers, and a number of other systems.
• My team built each of these servers on the basis of a new architecture and a new area of responsibility within the office to which we were assigned, to include data migration of all end-customer web sites and data. We designed the dual-server (hot fail-over) architecture for hosted web sites, secured the systems, and documented the processes.
• While not explicitly assigned the responsibility, I strengthened the security of these servers, along with datacenter administrators’ workstations, and made recommendations for security enhancements for other servers not under my responsibility.
• To this end, I provided numerous recommendations based on industry standard practices and due diligence, and implemented a more stringent security policy on these servers and workstations, as well as creating a systematic method of accomplishing this via shell scripts.
• These recommendations were adopted by the data center’s Division Chief for all servers built in the future, and for those existing servers that can be safely modified within the constraints of the end client.

Confidential, Arlington, Virginia

Information Technology Scientist

• Senior security administrator for the 24x7x365 enterprise security operations center of a large national intelligence agency; responsible for operations & maintenance of all back-end components of a two-faceted computer network defense intrusion detection protective strategy. Specific duties included day-to-day O&M of operating systems, database administration, patch maintenance, IDS configuration, DNS, disaster recovery (including a role in design and creation of a full-scale disaster recovery backup operations facility), data storage configuration and management, and design & management of an IDS-specific simulation & test lab. In the role of lead O&M system administrator for a period of numerous system and network upgrades, I was tasked with minimizing the effects on the operations of the center.
• I was able to lend my experience both in engineering and in operations to help bridge the gap between the groups on this project, and work to mitigate risks and problems/issues for smoother transitions and upgrades.
• Lead engineer for a small group of technologists supporting all manner of projects as needed and requested. Supported a Configuration Management project start-up, helping the on-site team re-architect their development environment; installed, configured, and implemented a source code control system & repository; and re-engineered processes to make the configuration management and application deployment more efficient.
• For another project, I provided research support for full-scale datacenter-level disaster recovery for the US Customs Service; guided subcontractors’ reporting on the mainframe and networking aspects of the USCS data center, crafted the final report dealing with the UNIX (including Oracle RDBMS) data storage aspect of the data center.
• Chief Technologist for the Enterprise Information Systems Division. Managed and oversaw the division’s Research & Development program, including technical lead for two of the major projects for the 2000 fiscal year: the building of an R&D proof-of-concept lab, and the research into the legal discovery process as it applies to electronic media. Technical consultant to the division’s Business Development group for several opportunities dealing with electronic document management systems, records management systems, and projects dealing with e-mail and other electronic media during the discovery process of litigation. Technical lead for a high-profile litigation start-up, designing & architecting the data center, and specifying the corresponding equipment. Advised and consulted with senior leadership and program managers on a number of technological business opportunities and potential partnerships, vis-à-vis the existing capabilities within the group and the group’s ability to accomplish a task or take on a project, and what it would take to do it.
• Lead Engineer & Project Manager for the Defense Information Systems Network Global Video Services; a “firefighter” on the engineering team, where we were brought in to mitigate problems instigated by the initial contractor. I helped to re-design network segments on the fly to accommodate changes in overall system architecture, helped in designing a system-wide router security policy, tested and validated dial-in access services, and performed general network & overall system troubleshooting as required.
• Manager of Information Systems, Dept. of Justice/Dept. of Navy A-12 Litigation Support Project. Managed the Information Systems Team, a staff of over 50 data processing & computing professionals, and the accompanying P&L responsibilities. Oversaw activities of Applications Development, Operations, User Support, Data Management, Data Production, Trial Systems and Maintenance groups. Managed various data processing and maintenance subcontracts. Prior to assuming the position of manager, worked as the senior system administrator for the project, responsible for between 6 and 10 system administrators at geographically separate sites. Besides day-to-day O&M of all Solaris systems, primary focus was on data management and image file repositories.

Confidential 

Intelligence Analyst

• I was an advanced Russian linguist and analyst under the USAF Electronic Security Command, 12 years in the field. Prior to retirement, I was assigned to the Air Force Electronic Warfare Center, first as a Unix systems & network administrator, and finally in the training division where I was responsible for language maintenance training, computer (Unix) curriculum and training, research into computer-based training for a variety of disciplines, curriculum development for in-house courses, and classroom instruction.