Proactive and forward-thinking Director of IT Infrastructure with 20+ years of experience providing support and leadership while managing the inter-relationship between various departments within highly complex organizational structures. Superior record of optimizing small to large scale mission critical projects on time while exceeding quality assurance expectations. Recognized as a trusted, logistical resource with a history of making key decisions regarding projects, teams, and application support functions. Experienced in the strategic detail planning, execution, and leadership of enterprise-wide technology initiatives supporting business goals, delivering continuous improvement, and enhancing productivity. Passion for sharing knowledge and experience with team members, other teams, and customers.
Core Competencies/Areas of Expertise
OpenBSD | Red Hat | Amazon Linux | CentOS | Ubuntu | MacOS | Windows | AWS CloudTrail : Lambda : EC2 : VPC | Splunk | Ansible | VMware | OpenStack | KVM/Xen/QEMU | Perl | Python | PHP | Bash Shell | Landscape | JAMF | OpenBSD pf | iptables | Palo Alto Networks | IPv6 | Wireshark | tcpdump | IPsec VPN | OpenVPN | SSH | HAProxy Atlassian Tools | Systems Administration | Systems and Network Monitoring | DevOps | Network Engineering | Process Improvement | Project Management | Training
Signature Contributions
- Implemented IT automation using Ansible to reduce the time and complexity of administrative tasks from week-long projects to under an hour. Additionally using Ansible makes tasks consistent and repeatable.
- Launched Okta SSO using LDAP backend to simplify user experience logging into company’s applications; initiative also reduce on-boarding and off-boarding complexity and time from 2 hours to 30 minutes.
- Built LDAP server using Fedora Directory Services (389ds) with multi-master replication and high availability using HAProxy. Connected apps Bugzilla, Atlassian Stack (JIRA, Confluence, Bamboo, and Fisheye), and Redmine. Initiative allowed employees to use the same username and password to log into most of the internal applications, which reduced the number of usernames and passwords to retain by 80%.
- Wrote Python-based Google Management script that allowed administrators to manage G Suite accounts and groups from the command line. Initiative significantly reduced time to make changes from minutes to seconds.
Career Experience
Copper River Cyber Solutions (FDA Contractor) - Principal Engineer
North Bethesda, MD (December 2019 - Present)
Manage FDA’s Cyber Security Platform consisting of Splunk running on Linux providing DevOps support the platform.
- Manage large scale Splunk infrastructure including multiple index and search head clusters.
- Implemented using PIV certificates for SSH authentication which reduced the number of times passwords needed to be entered by systems administrators.
- Updated and maintained GitLab to store configurations, scripts, and playbooks.
- Wrote scripts and Ansible playbooks to automate many previously manual administrative tasks.
- Built and maintained Oracle Linux Manager servers to manage the Splunk infrastructure
Message Systems d.b.a. SparkPost - Director of IT/Infrastructure
Columbia, MD (March 2012 - October 2019)
Managed all aspects of the IT Infrastructure and IT Security. Managed the IT team, developing junior systems administrators’ careers and fostered the career of the IT Lead, ultimately promoting him to IT Manager. Coordinated with managers of other departments to ensure IT was providing excellent customer service for the needs of the company. Partnered with Site Reliability Engineering team to ensure Corporate IT was aligned with production systems.
- Directed IT staff supporting 200 office and remote users in the US, Canada, UK, Singapore, and China.
- Reduced costs by regularly reviewing IT purchases made by other departments and consolidating licenses.
- Implemented and managed infrastructure services: Okta SSO, Fedora LDAP (389ds), Bind/Unbound DNS, DHCP, OSPF, SSH, NTP, Firewalls (Palo Alto/iptables/OpenBSD pf), Brocade Switches (Stacking, VLAN, Port Aggregation), OpenVPN, JIRA, Confluence, Fisheye, Bamboo, Redmine, Subversion, Mercurial, Github, 1password, LastPass, Slack, Google G Suite, Canonical Landscape, internal self-signed Certificate Authority.
- Instituted DUO Multi-Factor Authentication for Okta, 1password, OpenVPN, Slack, Google G Suite, and AWS.
- Recognized for Migrating on-premises data center into AWS -- business operations no longer depended on power and HVAC in offices, reducing power/HVAC downtime from monthly to zero. Converted several dozen OpenBSD, Linux, and Windows physical and virtual systems (OpenStack, VMware ESXi, Xen, KVM) to EC2 instances.
- Successfully aided in passing SOC2 assessment and Capital One Security Audit by completing IT and Security evidence requests. Participated in on-site security reviews by CoalFire (SOC2) and Capital One.
- Managed Penetration Test (by Rapid7) of Corporate IT and Production networks.
- Completed Full SIG Questionnaire gathering information from all facets of the company.
- Wrote perl-based LDAP management script to ease LDAP account management, and PHP-based LDAP account management page to allow users to upload and manage their SSH public keys stored in LDAP. Script also provided details about the user’s LDAP account and memberships.
- Migrated email/calendar services from RackSpace-hosted Exchange to Google G Suite.
- Migrated phone system from on-premises Asterisk to Ring Central in the cloud.
- Responsible for documenting IT/IT Security processes and policies for audits and assessments.
- Hired late in the move process; still successfully managed two office moves in the first 6 months.
CyberPoint - Principal Systems Integration Specialist/IT Team Lead
Baltimore, MD (June 2010 - March 2012)
Collaborated with Director of Technology to support both Corporate and customer IT systems and network infrastructure. Managed the IT staff, providing guidance on how to grow their careers by learning higher level technologies and supporting 100 users across three offices on two continents.
- Maintained multiple Dell M1000 chassis systems running ESX and vCenter with EqualLogic and EMC SANs for corporate infrastructure, customer infrastructure, and developer environments.
- Partnered with development and testing teams to plan environments that promote development/testing and protected corporate networks from any performance/security concerns.
- Designed and implemented complex ESX environments consisting of Windows, Linux, and OpenBSD virtual machines with a variety of network configurations including VPNs and VLANs.
- Engineered VMware templates to quickly deploy developer environments.
- Deployed vCenter Resource Pools allowing developers to provision VMs without impacting production.
- Worked with EqualLogic, Microsoft, and VMware to find bug in Exchange in our environment.
- Managed multiple Cisco ASA 5xxx firewalls employing both multiple site-to-site and road warrior VPNs.
SPARTA/Cobham - Principal Systems Engineer
Columbia, MD (May 2009 - May 2010)
Responsible for integrating SPARTA software and products with customer systems. Managed relationships between customers and SPARTA contracting. Expanded contracts by increasing number of development projects for customers.
- Composed Perl/Bash scripts and small C programs integrating our software with Linux customer systems.
- Supported and assisted in managing the Operational Support Branch for the National Security Sector.
- Introduced Brown Bag Lunches to promote knowledge sharing in our branch.
- Oversaw developers and QA staff on a project adding features to software for a customer contract.
- Revived a losing contract and savaged the relationship by communicating with the customer, generating more business, and restoring trust and reliability.
RABA/SRA - Manager, IT Services
Columbia, MD (April 2007 - May 2009)
Initially hired as RABA Corporate IT Manager, first duties were to integrate RABA services into SRA ITS services following acquisition of RABA by SRA. After receiving Security Clearance, managed secure spaces where customer work was done in RABA’s offices. Managed RABA’s IT staff, providing mentorship to junior team members. Responsible for passing customer accreditation of secure spaces. Directed several customer audits of secure spaces in RABA offices.
- Planned and scripted RABA/SRA integration steps to synchronize user passwords. Initiative saved days of manual work allowing RABA users to log into both RABA and SRA systems with the same password.
- Consolidated/retired RABA corporate services in lieu of those provided by SRA ITS.
- Installed and managed Cisco ASA security appliances on customer networks.
- Implemented Subversion/Trac for source code version tracking on customer networks.
- Managed multiple corporate and customer VLANs with integrated Windows and Linux systems.
- Deployed VMware Server/ESXi providing environments with multiple OSes for developers and testers.
Epok, Inc - IT Manager
Bethesda, MD (September 2003 - April 2007)
Responsible for managing IT systems for growing software company. Provided training for IT staff to grow careers. Implemented IT best practices to environment to ensure secure, reliable IT services at low cost by leveraging Open Source technologies where appropriate.
- Managed office move for 50 users and 80 servers. Planned server room construction with proper cooling and power. Move had no downtime during business hours.
- Migrated Linux firewalls to OpenBSD pf/CARP for redundancy, eliminating downtime.
- Migrated from Courier IMAP to Exchange 2003.
- Configured web, Jabber, Samba, Unix logins to use Active Directory for authenticating, reducing the number of usernames and passwords employees had to remember.
- Provided end-user documentation for IT systems.
- Managed 20+ Red Hat servers running VMware Server providing 4 dev/test environments per server.
Education
University of Maryland, University College (December 2009)
Computer Information Technology
- Completed B.S. degree using UMUC Prior Learning Program
Certifications
Cisco Certified Network Associate 2.0 (July 2001)
Training
Palo Alto Networks Firewall 9.0 Essentials: Configuration and Management [EDU-210] (October 2019)
Organizations
OpenBSD Project Developer (September 2007 - June 2013)
- Built alpha binary packages, maintained several ports, mentored new developers.
OpenBSD Journal Editor (March 2007 - November 2010)
- Edited user submitted content and wrote articles related to OpenBSD.
Capital Area BSD Users Group (CapBUG) Founder (February 2007 - June 2013)
- Held monthly meetings discussing technology related to BSD and Open Source.
Awards
SparkPost: Momentum Award (Q4 2012)
- Received a quarterly Momentum Award for managing two office moves within six months of being hired at SparkPost. Managed all aspects of IT, Security, and connectivity for the moves while assisting with other logistics like furniture, moving companies, and physical security.)
SparkPost: Efforts Recognized (Q2 2015)
- Received recognition from executive team for managing the IT aspects of merging Port 25’s office and personnel into SparkPost’s office following the acquisition of Port 25.