SUMMARY:

• Over 29 years of IT experience (Architecture/Design, LAN, WAN, WLAN, IP Telephony, Security and Management/Technical Project Management) Security Compliance Delivery PCI QSA (Payment Card Industry Qualified Security Assessor) PCI PCIP (Payment Card Industry Professional) PCI: GAP Analysis, ROCs, SAQs, AOCs Physical and logical security assessments Risk Assessments NX - OS, Nexus Architecture, Nexus 7K, 5K and 2K experience with configuration and implementation Management Experience overseeing and organizing small (3-5) to medium groups (9-12) of technical experts in a variety of settings and roles:
• This includes the hiring (using a bidding system) and management of multiple vendors on projects ranging from $100K up to $1.2 million.
• Project Managements skills: Project Plan Creation, Capital Expenses, Timelines and Inventory tracking Kali Linux; SNORT, Air SNORT, and Metasploit, among others BackTrack 5.0 R2 (VM Virtual Box implementation), Metasploit v2.2 Vegas, Cain & Abel v4.9.6, GFI LANgaurd NSS, Paros v3.1 and Linux Linux Attack Server - HTO, Sun J2RE, Sam Spade v1.14 (Passive Recon), Nessus Network analysis using OpNet AppResponse Xpert (Riverbed) and Wireshark Security Experience with: Radius, Tacacs+, VPN Configurations, Confidential Secure Confidential Multi-Protocol Experience: TCP/IP, RIP and RIP2 and RIPng, OSPF, EIGRP, IBGP, EBGP and 802.11a, b, g and n - Confidential WCS Controllers and autonomous APs Clustering/stacking technologies with Confidential and Confidential Switches and Routers Experience with the following wireless tools: Air Magnet Site SurveyorPro v3 and Yellow Jacket WLAN Tools Network Management/Analysis Tools: Confidential OpenView v.4 and v.11, Tivoli’s NetView for Unix 6.0, Agilent Technologies:
• SolarWinds Network Engineering Packages/tools, Network Management Installation/configuration (Fault, Performance and Availability), Security and Compliance (Logging and Event Management, plus Firewall Security Manager); WireScope 350, ScopeData Pro and Fiber SmartProbes, Fluke 686 Enterprise LANMeter, Confidential CWSI, WMNS (Wireless Management)
• Symbol AirBeam Wireless Network Management Station Experience with Multi-State and International Implementations/Roll-outs “Proof of Concept” lab experience: building, testing and documenting current and cutting-edge designs Multi-vendor Management on large, complex projects IPv4 and v6 background Other route/switch/firewall vendor experience: Confidential, Juniper, 3Com, SonicWall and Fortinet

PROFESSIONAL EXPERIENCE:

Confidential

Senior Global Compliance and Risk Services Security Consultant, Boulder, CO

Responsibilities:

• Performed (physical, logical and social) using industry standard tools (FTK, Kali, Nexpose, AppSpider,
• NMAP/ZenMap, WireShark, BackBox and Metasploit, among others).
• Network remediation's and re-architectures based on compliancy/security gaps Risk Assessments: NIST, OCTAVE and ISO 27001 PCI Scope Analysis and Reduction

Confidential

Senior Global GRC Architect, Boulder, CO

Responsibilities:

• PCI DSS Compliancy and Network Standardization Project (including appropriate LAN/WAN/MAN additions/implementations)
• Property Specific Technical Project Management Gather and document site data prior to standardization (GAP Analysis) - this includes architectural evaluation Present findings and create Network Remediation Plan Travel to site and implement Remediation Plan Project Close-out meetings and Site Summary documentation (including pre and post network diagrams - Visio)
• On-Site Implementation includes, but is not limited to:
• Network segmentation via VLANs per the FS Standard, HTTPS, SSH, RSTP, SNMP, Syslog, NTP, Logging Project specific upgrades prior to security/UTM Implementation: This includes, but is not limited to: Router, switch, VoIP and Wireless upgrades and installs - device evaluation and hardening Tokenization/encryption solutions, evaluations and implementations based on PCI DSS Standards Fiber and copper work for dual-homing and multi-pathing (for redundancy) Improving or adding IEEE Standards related to routing or switching (in some cases, i.e., Confidential, proprietary configurations for STP, VTP and EIGRP).
• IOS Upgrades and tuning Internal routing migrated from the Core to UTMs Re-segmentation/IPv4 Addressing where current VLAN segmentation is non-standard
• Installation and configuration of 3rd party coordination for managing hospitality applications and ISP connectivity: Opera, OpenTable, Micros POS (wired and wireless), Trend Micro Anti Virus, Ving Encoders, Delphi, WinVoice, MSI (WinPMS) and CCTV for example
• Completed Sites/Projects: On-Site (World-wide Surveys, re-architectures and Implementations)
• Four Seasons, Hampshire, UK Four Seasons, Parklane, UK Four Seasons, Nevis, West Indies Four Seasons, Chiang Mai, Thailand Four Seasons, Chiang Rai, Thailand Four Seasons, Bangkok, Thailand Four Season, Jakarta, Indonesia Four Seasons, LangKawi, Malaysia Four Seasons, Scottsdale, AZ Preparing for Budapest, Hungary Alexandria, Egypt Sharm El Sheikh, Egypt Beirut, Lebanon
• Currently working with Regency Hotels and the Confidential (PCI Compliance: Site Surveys, GAP Analysis and Remediation/Architecture):
• Lego Land California and Florida Lego Discover Centers Sea Life Aquariums Madame Tussauds Wax Museums - Hollywood, CA, Times Square, NY, and Kansas City, MO Sites in Australia and South Korea
• Site Surveys, PCI Related Re-Architectures and Fire Wall Implementations:
• Internal POC Lab Design, Configuration and Management Sonic Firewall Configurations and traffic monitoring (using PRTG and NetFlow))/filtering/analysis for Law Offices in Washington, DC

Senior Network Architect

Confidential, Phoenix, AZ

Responsibilities:

• Data Center upgrades and migrations in Arizona and North Carolina North Carolina Data Center covers more than 500,000 sq ft Install and support over 4,500 nodes on the Confidential Network Configuration and Implementation of the entire Main Frame Architecture in North Carolina (GSO/IPC2) Layer 2 and 3 skills OSPF and RIPv2 (For Main Frame Connectivity) Switching
• Technologies/Configurations Configuration and Implementation of Confidential Nexus devices (7ks, 5ks and 2ks) Implementation and Configuration of Confidential OTV Confidential WAE WAN Accelerators Orphan-Port Suspend POC with Nexus 5Ks running v5 Data Center Migration Support for 3 Major Move Groups Between PHX and NC Nexus 5K NX-OS Upgrades from v4.0 to 5.0 OTV, vPC's and POs

Senior Network Security Engineer/Architect

Confidential, Boulder, CO

Responsibilities:

• Currently evaluating and redesigning network infrastructure Performing network upgrades, implementations and migrations
• Reviewing POCs for up-and-coming WAN Optimization Project Responsible for maintaining and stream-lining configurations on the following platforms:
• Confidential ProCurves: 5406zls, among others Fortigate Firewalls: 620Bs Aruba Controllers and APs: 3600s/AP-105s, RAP-5-WNs, OS 6.1.3.0 TippingPoint IPSs Juniper SA4500s SolarWinds Enterprise Addition for Network Monitoring

Consulting Senior Network Engineer/Senior Technical Project Manager

Confidential, Westminster/Boulder, CO

Responsibilities:

• Main priorities: Re-design/re-build Ball Campus and Data Center Networks (using Confidential Nexus 7K, 5K and 2K's - this includes Confidential latest/greatest Switches, Routers and APs (3750x, 2960s, Data and Power Stack Technologies/configurations) Re-design/rebuild all North American, Asian and European Food and Beverage Warehouses and Plants Engineer, track and manage the above using WBSs, Project Plans, Newly created design doc's/Visio drawings Additional Tasks:
• Upgrade current Confidential Install/configure Gigamon Devices for OpNet (Riverbed) and CA Wily monitoring from Data Center Core Document current environment Create new standards for Core,
• Distribution and Access Layers Create and configure Switch Port Security Policies for all plants and warehouses Clean-up/standardize and VTP Domains and VLANs Remove/re-write ACLs as needed Manually deploy OpNet (Riverbed) monitoring agents on new Windows 7 hosts as needed for application trouble-shooting

Consulting Senior Network Architect/Senior Technical Project Manager

Confidential, Denver, CO

Responsibilities:

• Responsibilities are broad and wide, including, but not limited to the following: Network architecture and planning Technical Project Management -
• Project Plans, WBS's, scheduling and coordination tasks New Technology Research: highly mobile, collaborative technologies/environments
• Cloud and Virtualization Technologies Security and security Assessments Executive Presentations Project reviews Engineering: Voice, WAN, LAN, MAN, WLAN and Security

Consulting Senior Network Engineer/Project Lead

Confidential, Boulder, CO

Responsibilities:

• Receive Service Center Requests (Peregrine v5.1.3) and open the appropriate SC Changes
• Contact and coordinate changes with customers and FIS Network Engineers
• Assign Network Support Engineers to each project while tracking processes from onset to completion
• Services include Card Credit (debit and ATM), Game Cash and Check - for financial institutions (Banks, Credit Unions and Casinos) and eBanking.
• All projects include, to one degree or another, routing, switching, LAN and WAN technologies.
• Managed several “Special Projects” at a time - these include, but are not limited to:
• Installation and configuration of F5 load balancers One-off implementations/installs VPN Configurations for new client connection into Fidelity Network, This included Casino ATM Infrastructure upgrades and additions (this includes VoIP implementations, equipment refreshes,
• and infrastructure re-designs (i.e., adding load balancers, ect.).
• VoIP/IP Telephony projects included QOS configurations on gateway routers and LAN Switches,
• Handset configuration and installations.
• Re-work legacy processes, procedures and work flow:
• Evaluate and re-work legacy work processes
• Map-out processes and procedures, reworking them into Service Center Requests and Changes
• Make recommendations to the Service Center Tools Team for improved work flow and input:
• This includes circuit and equipment procurement procedures, the incorporation of external
• documents into tabs and Service Center drop-downs.
• Functioned as a dedicated Technical Consultant/Lead Engineer for the Vista OS and Lab Project (Phase 1):
• Interviewed and hired the Anaheim Technical Team
• Managed the creation of the Disney Enterprise Vista Image
• Managed all Vista OS and Tier 1 Application Testing
• Tracked and managed all tasks related to the discovery and collection of OS, Hardware, Application and Infrastructure data in four regions: New York, Orlando, Anaheim and Burbank/Glendale
• Created and tracked all efforts with an MS Project 2007 WBS (Work Breakdown Structure)
• Worked with Microsoft and Anaheim’s Technical team to create and build-out test lasts in multiple regions for local BU Application testing against the newly created Disney Enterprise Vista Image
• Developed Vista deployment and “next step” strategy documents from data collection/discovery and lessons learned
• Managed and tracked the project budget
• Presented all findings and progress to Confidential and Disney Executives in Orlando, FL and Anaheim, CA
• Completed the project on time and under budget - gaining $15k for future development

Senior Projects Engineer (Consultant)

Confidential, Charleston, SC

Responsibilities:

• Coordinated hand-off from sales to Engineering: this included technical reviews of BOM
• Reviewed and approved Client hardware and software (platforms, OS Versions, etc.) deliverables prior to solution implementation
• Scheduled and ran Kick-off meetings with Confidential Engineers and Client Staff
• Coordinated the work of multiple Confidential Engineers to insure timely and successful project implementations
• Supervised inventory, staging and testing of pre-production equipment
• Worked with Engineers on-site during physical installation and configuration of new equipment
• Handled the escalation process with Confidential TAC to resolve hardware and software issues
• Worked with Confidential Engineers to resolve configuration issues
• Reviewed and approved all technical documentation provided to Clients via Confidential Engineering Staff
• All projects were either completed on time or ahead of schedule

Senior Network Engineer

Confidential, Orlando, FL

Responsibilities:

• Upgrade the 2924XL with a Confidential 2950 for the data segment and a 2nd 2950 for the voice segment
• Install new Confidential 3800 Series router with HWIC SFP and integrated SFPs at SmartCity Facility (for uplinks to distribution routers, i.e. core)
• Deploy VPN tunnel for encryption of voice traffic between serials router and Titan Router
• Deploy QOS (LLQ with WFQ) for voice traffic
• Swing T1 between Titan Row location and Celebration 200 (where the serials router terminates the Titan Row T1) to new serials Router.
• Swing SmartCity’s PBX onto the new 3800 at the same time the Titan Row PBX is moved to the new data network
• Readdress all workstations and Printers at Titan for the new data segment (172.16.0.0 to 10.x.x.x)

Confidential

Orlando High Availability Network Architecture

Responsibilities:

• Organize and manage contractors/engineers who have bid and been selected to install and/or re-terminate, relocate and re-patch
• Singlemode and Multimode Fiber, Copper and electrical circuits in the locations being converted to the new backbone
• This also includes: 1) New cabinet installs 2) 19” rack removal 3) Equipment/device relocation 4) Device upgrades
• 5) IP Re-addressing 6) Technology/Protocol Upgrades (Token Ring, IPX and ATM decommissioning)
• 6) VLAN re-assignments, removal and re-addressing 7) Access and Distribution layer changes
• 8) Install and configure redundant and manageable UPS’s at all locations 9) Work with Smart City Telecom
• to either install new Dark Fiber or roll pre-existing ECS Circuits to new DF assignments for divergent pathing
• Preparing each site with the appropriate facility upgrades as preparation for the OHANA conversion,
• this included the main LAN Room and Telephone/PBX Room at each site
• The removal ( Confidential 5500) or reassignment/reconfiguration ( Confidential 6500) of the old Distribution Layer
• Configure and Install Redundant Confidential 3550’s
• Re-patch and swing old Distribution Layer connections to new Access Routers ( Confidential 3550’s)
• Shut down old ECS Core connections
• Bring-up new DF’s to Redundant Distribution Routers
• Create dual trunks from all Access switches ( Confidential 2924’s, 2950’s and 4500’s) to each 3550
• IP Readdressing from 172.16.x.x to 10.x.x.x on management VLANS, switches and UPS’s at each location
• VTP Server re-assignments from old Core switches to a new “local” switch - which included VTP Domain Name and Mode changes
• Coronado Springs Resort, Animal Kingdom Resort, The Yacht and Beach Resorts, The Boardwalk Resort, Fort Wilderness Resort,
• Port Orleans Resort, Old Key West Resort, Caribbean Beach Resort, Wilderness Lodge, The Contemporary Resort,
• Saratoga Springs Resort and Spa, Disney University, The Grand Floridian Resort, Ride and Show Engineering (North Services Area),
• The Polynesian Resort and The All Star Resort
• MGM Studios and Magic Kingdom

Network Support

Confidential

Responsibilities:

• Provide advanced technical support, planning and coordination of Confidential ’s Token Ring, FDDI, and Ethernet LAN/WAN Provide analysis, diagnosis and resolution for complex network issues 
• OptiView, Fluke’s 686 Enterprise LANMeter, CiscoWorks CWSI, Wireless Management Network System, and Symbol’s Air Beam Wireless Management Server)
• Installed, configured and trouble-shot a multitude of Confidential Switches and Routers:
• Routers: 804’s, 2500’s, 2600’s, 4000’s, 7100’s, 7200’s and 7500’s
• Switches: 2924XL’s, 2950’s, 3500XL’s, 4003’s, 4006’s, 5505’s, 5509’s, 6506’s and 6509’s
• 24x7 support for Disney’s wireless network, which is comprised of Symbol’s Spectrum24 components Provided/developed technical documentation for Disney’s Networks Maintain and update support inventory, products and tools Maintained a 24x7 on-call status Helped setup and evaluate Confidential ’s IP Telephony Solution for Disney’s corporate environment Support new installs by turning-up ports on access switches, creating new VLANs and migrating business units to different VLANs Some of the legacy equipment worked with included: CableTron MMAC5’s, MMAC8’s and MMAC Plus’s Special Projects: 1) Implement VLAN Pruning between all Core and Distribution switches throughout the entire network to
• improve STP (Spanning Tree Protocol) convergence time. 2) Replace the FDDI backbone for Disney’s theme park
• ticketing system with Gigabit Ethernet, upgrading all Confidential 4000 routers with 7500’s for improved MAN connectivity.

Consulting Network Engineer

Confidential, Ft.Lauderdale, FL

Responsibilities:

• I was asked to evaluate a medium sized network which transports proprietary parking system data between a NT 4.0 Server running the InteliChip Park Systems application and sixteen cash taking/token producing stations.
• The client has been experiencing slow network performance - in addition to poor network response, several cash stations go off-line during heavy usage on the weekends. Therefore I was tasked to do the following:
• Test network during heavy usage Make recommendations to resolve issues based on findings Perform necessary upgrades/fixes

Senior Network Engineer/Instructor

Confidential, Orlando, FL

Responsibilities:

• My primary objective with Maddox was to train (evenings/weekends) several of their engineers in basic data networking and wireless technologies.
• I designed and taught several courses in the following areas:
• Basic networking principles and practices Basic Symbol AP installation and configuration: Confidential APs: 1131s, 1210s and 1232 Symbol AP: 4131 Site Surveying concepts Installation and use of Air Magnet Site SurveyorPro
• In addition to the training I also provide Maddox with base configurations on a variety of routers, switches, access points and Client bridges.