About

Experience

Datacenter and ‘Cloud’

Automation

• Ansible, Bash, Packer, and Terraform.

Datacenter

• Public Clouds (AWS, Digital Ocean, GCP), Private Clouds (vSphere, KVM, Hyper-V, and “Bare Metal”), Containerization.

• Physical Datacenter (DCIM, IPAM, Copper + Fiber testing and termination, Rack and Patching design and implementation. )

Identity

• Corporate SSO/ SAML, 2FA, Device Trust enforcement, Microsoft AD / AD CS, SSSD, Kerberos, RADIUS, AWS IAM, and Public/ Private Key Authentication.

Logging and Monitoring

• Centralized Logging via Elasticsearch (ELK), Infrastructure monitoring (Prometheus/ Grafana, SNMP and Nagios).

Network

• Cloud: AWS VPN/ Transit Gateway, VPC Peering, ELB/ALB, Private BGP, Security and Network Groups.
• Platforms: Arista EOS, Cisco IOS, *BSD (PF and Firewall Distros), FRR (Quagga), IPTables/ Netfilter, Ruckus, UniFi, Vyatta.
• Routing: BGP & OSPF
• Security: 802.1x Port and Wireless Authentication
• VPN: IPSec and Wireguard, Legacy: (OpenVPN, L2TP, PPTP, Etc.)

IT Related

Audio Visual

• Conference Room Design and Implimentation, Event Web Broadcasting and Recording, Podcasting Production, Distributed Audio, and Metric Dashboard Design and Centralized Control.

Audit

• SEC/ FINRA Compliance and Technological Controls, SOC 1&2, Interfacing With External Auditors and Regulatory Staff.

Endpoint Protection, Hardening, and Device Management

• Host Based Intrusion Prevention and Anti-Virus (OSS and Commercial), Endpoint Hardening (NIST), and Centralized Compliance Auditing.

• Deployment and Managment of MDM Platforms (Airwatch / Workspace One UEM, Meraki), Apple DEP and VPP, and Device Trust Enforcement for SAML Login (Okta + WS1).

End User Support

• 12+ Years of Hands on Experience.
• Prior experience boostrapping MSP.
• Establishment of Physical Inventory systems and SOPs.
• Mentoring and management of help desk staff.

Physical Security

• Centralized Card-Based Door Control.
• Video Security.
• Badge-Release Secure Printing.