Ongoing vulnerability scanning, detection, assessment, ticketing and remediation of production infrastructure. Yearly PCI and FEDramp audits. Heavy use of Qualys tools, Burp suite, python, AWS infrastructure. Skills: Qualys · Amazon Web Services (AWS) · Incident Response · Digital Forensics · Governance, Risk Management, and Compliance (GRC) · Linux · Burp Suite · Vulnerability Management · Vulnerability Scanning · Vulnerability Assessment · Python (Programming Language)

Responsible for ensuring AWS cloud security, host and container patching, and code scanning on clusters spanning three continents. Protection of financial services data. ISO27001 audit principal. Penetration testing, vulnerability analysis, and remediation. Implemented Lacework cloud security platform. Veracode scanning and working with developers to ensure secure coding practices. Used Kubescape open source tool for NSA and CISA security hardening tests.

DevSecOps on AWS microservice architecture. Jenkins, Docker, Kubernetes, GitHub, Datadog. Rolled out Snowflake DB / Snowalert SIEM implementation. Created Grafana and Metabasedashboards to monitor security incidents and posture. Ongoing pentest remediation and tracking. PCI, SOC1 and SOC2 audits with ZenGRC integrated with Jira. Burpsuite Professional verification and remediation of OWASP vulnerabilities. Worked with groups across the company (network, developers, IT, GRC, Infrastructure, QA ) to track and improve our security posture. Implemented Hunters AI to use machine learning to detect covert attacks, data exfiltration, and incidents. Used AWS security tools ( GuardDuty, CloudWatch, Inspector, Security Hub, IAM, Config, KMS ) extensively in accordance with best practices.

Oversee engineering for managed security solutions provider startup currently stealth mode.

Manage the production support team, and all aspects of our production stack. Support weekly releases Keep uptime at a maximum Update/upgrade software tools Heavy use of Splunk

Build and support all levels of Gap Inc. server and network production infrastructure. VMware vSphere administration. Appliance VM deployment. Chef automation for server builds, configuration, and deployments. Security Pod member (tokenization, multi factor authentication, vulnerability remediation) SAN migrations (NetApp, Isilon) Security update implementation and verification. On call 24x7 handling 3rd level support.

Overall responsibility for uptime of the production operations stack. 24x7 oncall. CentOS and redhat enterprise Linux on Supermicro and HP Blade servers with an Oracle back end. F5 load balancers. Cisco ASA firewalls. Ongoing security audits for PCI compliance (nessus scans, vulnerability remediation, OS hardening, threat monitoring) Hitachi SAN. Monitoring via Nagios and cacti graphs. Lots of scripting (perl and bash) and tool creation of custom alerts. Code deployments, network and stack troubleshooting, log archiving, backups, email routing (postfix). Apache webservers. Jira troubletickets.

Operational ownership of the largest Akamai server network (30,000 highly modified kernel Ubuntu Linux servers worldwide). 24x7 oncall. Remedy ticketing system, perforce revision control, firewall access control lists. Liaison with developer and service performance groups for tri-monthly software and security patch rollouts. Continuous improvement and updates to network monitoring and alerting.

24x7 Production support of the Small Business Systems servers and infrastructure (FreeBSD on HP). On-call rotation. New server farm deployment. NetApp filers. Day to day monitoring (Nagios) and troubleshooting of UNIX system/applications, networking architecture, SQL, and web-apache based applications. Detection and mitigation of DDOS attacks against the SBS servers. Apache, DNS, routers, switches, load balancers, Vips, Akamai. Scripting in shell and Perl. Developing monitoring infrastructure for applications. Developing capacity planning and benchmarking infrastructure Performance Tuning (UNIX, Networking, Web). Dealt with with Security and abuse related issues. Project management and tracking.

Wells Fargo online banking and brokerage site production support(24x7). iPlanet web servers, WebLogic application servers and ATG Dynamo application servers on SUN hardware, Oracle databases running on SUN E3500's, and F5 BIG-IP load balancer support. Solaris8 and 10 environment on sparc with some SCO and redhat Linux on Dell servers. SSL certificate management on the web and application servers. SANS security training, server hardening, application code security reviews, vulnerability scanning, forensics. Unix shell and perl scripting. Remedy problem and change management system utilization. Oncall response to HP OpenView alarms, Topaz customer simulation tests, and in-house developed monitoring systems alarms. Wily Introscope use. Documentation of trouble-shooting procedures, and close interaction with support partners for OS and hardware maintenance. Team lead on multiple projects. Implemented Powerbroker privilege management into environment. Raptor Firewall deployment. Stonebeat deployment. Cyclades terminal server and Avocent KVM over IP deployment. Implementation of java graphing tool into environment. Iplanet Application Server 6.5 implementation (KAS, NAS, SunOne AS). Iplanet Web Sever implementation. Tripwire deployment. Netegrity SiteMinder. BMC Remedy. BMC Patrol. Veritas Netbackup Datacenter. Sanctum AppScan. Vmware. Silk Performer. TestTrack Pro. Jabber deployment. @Stake WebProxy for code reviews. Server builds, OS installs, hardening, monitoring, application support, and all system administration duties. Project management, tech. spec. new projects, created project timelines, managed resources, troubleshooting and support of the entire project lifecycle.

Administration of critical financial transaction servers and database machines. Extensive use of the Veritas suite of products (Cluster Server, Volume Manager, NetBackup, File System). Implementation and administration of Sun prototype SAN. Heavy perl scripting. 24/7 oncall status. BEA Weblogic administration. Resonate load balancing. System patches, security patches. OS upgrades. Sybase database queries and reporting.

Senior UNIX system administration (Solaris(Sparc and X86), redhat Linux, FreeBSD) for production website www.myprimetime.com. System and network architecture planning, load balancing(Alteon). Cisco router and switch configuration. Firewall configuration and security auditing. Experience with video compression, broadband networks, and Real Server configuration. BEA WebLogic Administration. Akamai configuration and integration of media content. System Performance Tuning. Veritas Netbackup installation and configuration of backup schedule, rotation and off-site storage. Created standardization process for new machine configuration and security hardening. Migration of standard UFS filesystems to Veritas Volume Manager RAID. Shell scripting server health checks and nightly hot backups of boot disks. DNS Bind system upgrades and redundancy planning. Ongoing upgrades of system OS levels, system patches, security patches, machine PROMs and software version upgrades.

Senior UNIX/NT system administration (Solaris, Solaris X86, Linux, NT4.0) for production website www.nextcard.com. Delved heavily into the NT realm, as well as created migration plan from NT to Solaris (Sun and X86 on Dell servers). Load Balancing (software). Installation of EMC SAN. Server room design and build-out. Server spec. layout. RAID(hardware). Veritas NetBackup. Veritas Volume Manager. Veritas File System. Off-site backup tape rotation to 3rd party storage co. Network monitoring. Security auditing.

Senior UNIX system administration (Solaris) for production website www.previewtravel.com. All servers in-house in server rooms I helped build out and design. All UNIX sysadmin duties. Worked with StoryServer, and Oracle DB. Upgraded DB machines from Sun 4000's to Sun 6500. Upgraded Sparc Storage Arrays to A5000 arrays. Worked extensively with Veritas products. Researched load balancers. Installed and maintained Firewall (SUN SPF1000).

Motorized infantry crewman on TOW missile launching vehicle.