Datacenter and ‘Cloud’
- Ansible, Bash, Packer, and Terraform.
Public Clouds (AWS, Digital Ocean, GCP), Private Clouds (vSphere, KVM, Hyper-V, and “Bare Metal”), Containerization.
Physical Datacenter (DCIM, IPAM, Copper + Fiber testing and termination, Rack and Patching design and implementation. )
- Corporate SSO/ SAML, 2FA, Device Trust enforcement, Microsoft AD / AD CS, SSSD, Kerberos, RADIUS, AWS IAM, and Public/ Private Key Authentication.
Logging and Monitoring
- Centralized Logging via Elasticsearch (ELK), Infrastructure monitoring (Prometheus/ Grafana, SNMP and Nagios).
- Cloud: AWS VPN/ Transit Gateway, VPC Peering, ELB/ALB, Private BGP, Security and Network Groups.
- Platforms: Arista EOS, Cisco IOS, *BSD (PF and Firewall Distros), FRR (Quagga), IPTables/ Netfilter, Ruckus, UniFi, Vyatta.
- Routing: BGP & OSPF
- Security: 802.1x Port and Wireless Authentication
- VPN: IPSec and Wireguard, Legacy: (OpenVPN, L2TP, PPTP, Etc.)
- Conference Room Design and Implimentation, Event Web Broadcasting and Recording, Podcasting Production, Distributed Audio, and Metric Dashboard Design and Centralized Control.
- SEC/ FINRA Compliance and Technological Controls, SOC 1&2, Interfacing With External Auditors and Regulatory Staff.
Endpoint Protection, Hardening, and Device Management
Host Based Intrusion Prevention and Anti-Virus (OSS and Commercial), Endpoint Hardening (NIST), and Centralized Compliance Auditing.
Deployment and Managment of MDM Platforms (Airwatch / Workspace One UEM, Meraki), Apple DEP and VPP, and Device Trust Enforcement for SAML Login (Okta + WS1).
End User Support
- 12+ Years of Hands on Experience.
- Prior experience boostrapping MSP.
- Establishment of Physical Inventory systems and SOPs.
- Mentoring and management of help desk staff.
- Centralized Card-Based Door Control.
- Video Security.
- Badge-Release Secure Printing.