| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
Street Address / PHONE NUMBER AVAILABLE / EMAIL AVAILABLEPROFESSIONAL PROFILEAn Enterprise Solution Security and Cloud Architect professional experienced in designing networks, endpoints, vulnerability management, data analysis, consulting on security architecture and controls, security governance, and incident monitoring and response. Exhibits strong technical and project management skills, relationship building and teamwork capabilities, along with excellent verbal and written communication skills. Dedicated technical designer with advanced abilities in enterprise and solution architecture. Well-versed in Agile and scrum methodologies. Strong organizer with a disciplined, thorough, and hardworking approach. Results-driven Enterprise Architect knowledgeable about legacy modernization, platform design and application development. Good strategic and tactical planning, project management and team leadership skills. Ready to bring 30 years of related experience to a challenging new role. My background includes alternative Analysts, network discovery, computer forensics, data mining, warehousing, and analytics. Proficient in cloud security and hybrid environments. Quality-driven and hardworking with excellent communication and project management skills. Innovative Solution Architect with in-depth understanding of software deployment and system design illustrated over 25 years of experience in similar roles.EDUCATION, CERTIFICATIONS and CLEARANCESBS, Information Technology - University of Maryland Global Campus (not finished)Microsoft Azure Security AZ-500, Azure Architect AZ-303, AZ-304, AZ-305SF-85 Public Trust- SF8-86 expired 2020ITIL 3 Foundation Certification, 1/2005DHS Clearances: DHS HQ OCIO, TSA, Federal Air MarshallsEXPERTISEApplications, Network Security Architecture Systems implementationTechnical Solution architect design and implementationActive Directory GPO\Conditional forwarderAzure Architecture and designLanding ZoneAutomation patch managementAzure\AWS Network security systemsNetwork Security SystemInternal\External DNS implementationCloud Governance and PolicyData encryption SecurityBusiness AnalysisBusiness process improvementDisaster Recovery\COOPAPI IntegrationRequirements AnalysisSubject matter expertiseLife Cycle Software EngineeringPerformance TuningNetwork Architecture ImplementationCisco Router expertiseBusiness and Proposal developmentTeam building, development and TrainingCustomer relationship managementContinual improvement with technical products reviewNetwork and Application AutomationIP address structureFirewall management toolsNetwork Performance AnalysisPROFESSIONAL EXPERIENCE SUMMARY09/22 to 4/24Simple Technology, Washington DCSr. Azure Cloud Virtualization Architect for Department of DO Treasury11/21 to 9/22Simple Technology, Washington DCSr, Azure/AWS Cloud Virtualization Architect for Homeland Security HQ3/20 to 10/21CACI International, Washington DCSr. Technical Solution Alternate Information System Security Officer (AISSO) for Homeland Security HQ St. Elizabeth Campus03/19 to 3/20Dev Technology Reston VASr. Technical Virtualization Solution Architect for Homeland Security TSA Federal Air Marshall10/18 to 3/19CACI International, Washington DCSr. Technical Cloud Virtualization Solution Architect Homeland Security HQ2/16 to 10/18CSRA\ Insignia Mclean VASr. Technical Security Lead for Department of Veteran Affairs1/07 to 1/16Interaptech LLC, Centreville MDSr. Technical Solution Architect for Department of Homeland Security HQPROFESSIONAL EXPERIENCESimple Technology Incorporate, Washington DC 11/21 CurrentAzure Cloud Security Engineer Customer: Dept of Treasury, Dept of Homeland SecurityStrategized with the client on what the roadmap is or needs to be, in order to make the correct recommendations to create a requirement matrix.Design, architect, and maintain enterprise-level cloud solutions based on IaaS, PaaS and SaaS capabilities using the best practices for cloud computing, reusability and cost optimizing techniques.Deploy, provision, and manage multiple Azure infrastructure components, including but not limited to virtual networks and subnets, virtual machines, web applications, databases, containers, functions, storage, Azure AD, RBAC, Key Vault, VDI, policies, alerts, logging, and monitoringImplemented DevOps for DO Treasury TEAPS Azure environmentImplemented Privileged Identity Management (PIM)Implemented Microsoft Landing Zone for the testing of the Treasury (ECM) environmentImplemented the resource policy security for the windows virtual machinesImplemented the Nessus forwarder, Trillix agents, Azure Sentinel, Azure Firewall, Cloud Defender for Windows 2016\2019\2022Monitor Azure cloud-based systems for availability, performance, reliability, and security using tools like Azure Monitor, Azure Log Analytics, App Insights and Microsoft Defender for CloudEstablish a continuous improvement plan for Cloud Operations, including technology reviews, root cause analysis, action reports analysis, and cloud portfolio review to ensure adequate infrastructure.Developed comprehensive documentation for solution design specifications, ensuring clear communication between stakeholders at all stages of project lifecycle.Provide guidance to Engineers on multiple Azure Technologies including Networking, Compute, Data &AI, DevOps, Identity, Storage, App Services, Security, etc.Provided the cyber security control framework and regulatory requirements. This included NIST 800-53, 800-61, 800-145Ensure that the cloud design is adhering to required standards, backup, restore, high availability and DR requirements and organization-based compliance needsImplemented multi-factor authentication (MFA) for PIV card using Azure Active Directory (AAD)Implemented Azure firewall service which included the rules, restrictions, polices and logs.Design and implemented the Cisco Service Routers (CSR's) configuration, BGP, HA and syslogs.Design CIDR blocks, VNET, Routing Tables, and Conditional AccessLed technical design and execution of on-premises infrastructure, server workloads, data, and application migrations to cloud IaaS and PaaS platforms.Designed and implemented azure solutions, covering various services such as Azure Active Directory, Azure Virtual Machines, Azure Storage, Azure SQL, and cloud networking, with a focus on security and scalabilityCACI International, Washington DC 20003 03/2020 10/2021Sr. Technical Solution Architect\AISSO Customer: DHS HQ, St. Elizabeth CampusElizabeth Campus security workflow for three enclavesWorking on resource domain security boundaries and the connection to the campusWorking on the Nessus Security Center scans on three enclavesWorking on the Windows 2012\2016\2019 virtual machines configuration for Continuous Diagnostics & Mitigation (CDM)Working on the ArcSight configuration with Windows connectors for logsWorking on the security operation center (SOC) correlation feeds from the ArcSight solutionWorking on the Voice over IP (VOIP) appliance solution for accreditationWorking on the physical security network (PSN) environment for accreditationWorking on jump server access to the campus and isolation environmentWorking on the two-factor authentication of the PIV cards from a resource domainWorking on the backup schedule and retention of data stored on the VXRAIL SANWorking on Role Base Access Control (RBAC) for access to internal documentsWorking on security technical implementation guide (STIG) for Windows and Red Hat 6/7Working on Security Assessment Report (SAR)Working on Plan of Actions & Milestones (POA&M)Working on strategic planning for the consolidation of systems to one VMware virtual environment as a serviceWorking on XACTS 360 to update boundary description, common controls, and security plansWorking on enterprise architecture for the current services and Office 0365 cloud OneDriveWorking on the Azure Security Center and its capabilities to replace the Tenable Security Centers roleWorking on virtual sandbox applications testing in Azure for legacy and customized applicationsWorking on Viper phone testing to comply with FIPS 140-2 requirements.Improved system efficiency by designing and implementing scalable technical solutions to meet business requirements.Developed customized software applications for clients, resulting in increased customer satisfaction and retention.Analyzed Windows server business to identify spending trends, whitespace and growth opportunities, compliance issues and assisted account teams in target account development.Managed multiple projects concurrently, consistently delivering results within specified deadlines without compromising quality standards.Established best practices for code quality and architectural design patterns, promoting consistency across development teams.Dev Technology, Reston VA 03/19 03/20Sr. Technical Virtualization Solution Architect Customer: TSA Federal Air MarshallCollaborated Worked on and implementing the new Federal Air Marshall virtual network using VMware 6.7Implemented the STIGS level iii hardening standards for the new Federal Air Marshall network.Implemented the firewall ports and the source and destination of the virtual servers.Implemented the ESXI 6.7 hosts hardening guidelines based on the Nessus scans.Implemented the ESXI 6.7 firmware updates on each of the high availability hosts.Created and Implemented the Windows 2012 R2 virtual machine snapshots in production and staging environment.Implemented the Windows 2012 R2 templates for production and staging environment.Implemented the virtual machine priority bootup sequence for key applications in production and staging environment.Implemented ESXI 6.7 host templates for capacity increase when additional hardware is purchased.Worked on updating the virtual windows template with the current Microsoft patches.Worked on high availability (HA), Vmotion, DRS\SDRS, vCSA, PSCWorked on the VMware ESXI network port groups design and virtual Vlan architecture.Implemented an isolation zone for the virtual environment via port groups and vSphere firewall.Implemented a certificate solution for the DHS CA 4 certificates for the FAM's new virtual environment.Created a isolation network for the AJOC and CSOC data centers.Deployed a Hybrid End Point Protection (ENS) solution for the newly delegated FAM's network.Documented and updated the ATO documentation for the new MSNS network.Worked with the ICCB documentation for the acceptance of the new environment.Worked on the mitigation of the security scans of the ESXI 6.7 and validating the finding with screenshots.Worked on IDRAC remote access to the ESXI 6.7 host for troubleshooting.Improved solution efficiency by designing and implementing scalable architectures for enterprise clients.Reduced system downtime through proactive monitoring, maintenance, and optimization of IT infrastructure.Enhanced customer satisfaction by collaborating closely with stakeholders to define business requirements and translate them into technical solutions.Maximized system performance by conducting thorough testing and troubleshooting to identify areas for improvement.Accelerated project delivery with effective management of cross-functional teams, adhering to agile methodologies and best practices.Spearheaded the migration of legacy systems to modernized architecture, reducing operational expenses while increasing overall functionality.Championed innovation by staying abreast of emerging technologies and incorporating relevant advancements into architectural designs.Developed comprehensive documentation for solution design specifications, ensuring clear communication between stakeholders at all stages of project lifecycle.Facilitated seamless communication between technical teams and non-technical stakeholders by effectively translating complex concepts into understandable terms for all parties involved in projects.Mitigated risks associated with solution implementations by conducting thorough assessments of potential vulnerabilities prior to deployment.CACI International, Washington DC 20003 10/2018 03/2019Sr. Technical Solution Architect Customer: DHS HQEstablished the cloud virtualization strategy to get the DHS core data centers to the Azure and AWSWorked on the storage capacity specification to maintain the virtual hybrid environment on premise and in the cloud.Worked on the cloud security policies and governance.Worked on the Software Defined Network (SDN) strategy for the Hybrid cloud solution.Worked on application compatibility with software defined network.Delivered the CAPEX and OPEX model for cloud solutioning.Worked on validation of system architectural blueprints and designs for quality, performance, security, redundancy, and integration.Worked on application compatibility with software defined network.Worked on a DHS roadmap for the migration to Azure, AWS, and GPS cloud.Worked on a support desk model strategy using service now to handle the automation on the request for cloud services.Worked on a tagging strategy to ensure that the clients do not have over charges for cloud services.Worked with vendors on products and capabilities to match the lines of business of the department.Worked on the CDM delivery to the DC1 data center.Worked on the DHS OneNet network automation and virtualization design for the cloud.Worked on the Splunk and Continues Monitor solution for an enterprise security operation center (SOC) consolidation.Worked on the Azure virtual Network (VTAP) to integrate with the Splunk solution.Access and communicate the impacts, trade-offs, risks, costs, and benefits of moving to the cloud providers.(AWS, Azure, Google)Liaise with technology infrastructure and operations as part of enterprise architecture and data flows.Provided technical IT input requirements for RFP/RFI/RFQWorked on technical roadmaps, system architectures and enterprise designs across components.Work with vendors on new engineering products for potential network improvement for customers.CSRA\Insignia, Washington DC 20003 02/2016 03/2018Sr. Security Lead Customer: Department Veteran AffairsWorked In the Enterprise & Engineering Services (OIT)Worked on Enterprise Architecture modeling for all VA applications and services.Worked with Office of Information Security (OIS) for cloud migration to Azure and AWSWorked on cloud security policies and governance for ITOPS efforts.Worked on Risk Vision migration strategy.Evaluated the Security Information Event management (SIEM) solution for cloud applications.Evaluated the Joint Legacy Viewer (JLV) data services for migration to the cloud through the Business Partner ExtranetWorked on the Enterprise Cloud Services (ECS) discovery for the consolidation of circuit through AT&T, Verizon, and Century LinkWorked on the circuit size inventory for all VHA, VBA, and VSIN regions.Developed Concept of Operations (CONOPS) for Multi-Protocol Layer Switching (MPLS) to transition from a hierarchical networkWorked on Concept of Operations for LAN services on Microsoft Active Directory, SCCM, ExchangeDeveloped strategic plan for Managed Trusted Internet Protocol Services (MTIPS) implementation to support the Trusted Internet Connection Access Point (TICAP)Worked on Trusted Internet Connection (TIC) 2.0 and 3.0 draft requirements from Department of Homeland Security to enhance the VA network architecture.Worked on Analysis of Alternatives (AoA) document for the Enterprise Infrastructure Solution (EIS)Security Enterprise Architect lead which includes data modeling the VA networkEvaluator of the Equinix cloud broker services for migration to AWS and AzureInteraptech LLC, Centreville MD 21617 01/2007 02/2016Sr. Technical Solution Architect Customer: Homeland Security HQDesign, Implement and manage the enterprise VDI solution for sandboxing remote users that do not have a government computer.This solution allowed for special projects to move forward and continue to allow the security controls to enforce data access.Technical lead for integration of cloud solutions using on premise domain controller's authentication.Information System Security Officer (ISSO) for the original enterprise virtual environmentTechnical lead for creating a technology road map to match the lines of business for DHS HQ executives and chief technology officer (CTO)Technical lead for virtualization platform VMware vSphere 6 and ESXi 5.5 and 6Technical lead for enterprise resource domain which supports 350,000 users to critical architecture to run the department.Technical lead to the technical project and program managers which consists of business analysts of the enterprise services.Technical lead to the DHS HQ Deputy CIO for all collaboration with software and hardware vendorsTechnical lead for the government and vendors to ensure that the solution will work in the DHS environment.Technical lead for all cross-domain authentication between new and legacy applicationsTechnical lead for active directory two factor authentication using certificates.Technical lead for active directory group policy modeling to ensure that changes do not impede the end user's devices and servers.Technical lead for active directory sites and services to ensure authentication is handled by the correct domain controllers.Technical lead for SCCM 2012 r2 deployment and data center placementTechnical architect for resource domain delegation and component integration for attribute base access control (ABAC)Technical lead for the Microsoft environment with ADLDS, FIM's, MIM's, ADFS 2.0 and 3.0Worked on the hybrid cloud solution migration to Azure and Office 0365Worked with the infrastructure as a service (IAAS), Workplace as a service (WPAAS), Email as a Service (EAAS), and Skype for Business service provider teams to ensure that the correct configuration is being used.Technical lead for the redesign of the active directory DNS structure to support the enterprise resource forest.Worked with the security teams on evaluating products to support the enterprise mission.Technical lead for enterprise VDI solution in the data centersTechnical architect for the coast guard StElizabeth campus VDI and cisco VOIP solutionTechnical lead for exchange 2010 and 2013 integration with the cisco VOIP solutionTechnical lead on enterprise strategies for the cloud computing directiveTechnical project manager for teleworked using the Citrix virtual environment.Technical lead for security hardening guidelines for servers, appliances, and end devicesTechnical lead of the NetScaler design for high availability (HA) in dual data centersTechnical on writing system design documentation and functional requirement documentsTechnical lead on technical Worked group (TWG) to validate all review plans.Technical lead in developing best practice procedures based on industry standards.Technical lead on Cop/DR for data centers enterprise servicesDeveloped and architected four (4) IA SharePoint portals for dissemination of guidelines, process, role-based security awareness, and policies to appropriate personnel based on the need-to-know to comply with FISMA requirements.Developed project C&A templates (SSP, ST&E, SAR, RA, FIPS 199, PTA, and PIA) and documented the C&A process.Technical lead for NSA blue and red team security vulnerabilities assessmentsTechnical lead for identity management project for the implementation of PIV cards.military treatment facilities worldwide |
