Joe Armah
Matthews, NC ***05
Cell Phone: 704-***-****
Email: ******@*****.***
LinkedIn Profile: www.linkedin.com/in/joearmah
Career Objective
A progressively challenging position in Information Security Architecture, Engineering and Modeling in a Corporate Environment
Manager, Information Security Technical
Capital One
June 2013 - present
Amazon Web Services Cloud Security Operations
Corporate Information Security - Domain Boundary Compliance lead
Enterprise Compliance Policy management and maintenance using Skybox compliance
tool
Adhoc scripting for process automation
Cloud Policy Enforcement using Dome9
Snr Consultant
Deloitte and Touché
Cyber Threat Intelligence
550 Tryon St, Charlotte NC 28202
May 2011 – June 2013
Large Financial Organization –Domain Boundary Compliance
Determine Domain Boundary Exceptions in the firewall rule base.
Coordinate with key stakeholders to remediate violations.
Compliance verification of related enterprise system connectivity and data flow
Large Federal Organization – PCI Compliance
Developed System Level Data Flow diagrams as well as Enclave architecture diagrams and assisted the organization in their efforts to meet requirements necessary to be PCI compliant.
Global Mining Company - Security Program
Configured and hardened several Global Firewalls in an effort to secure the organizations network. Provided DMZ design services as part of a larger security program implemented by Deloitte.
Large State Environmental Quality Organization (Cyber Threat Assessment)
Provided DMZ architecture, design and risk assessment services, as well as cyber threat analysis to the organization.
Provided IDS/IPS design and security assessment services
Large Hospital System (WiFi Assessment and Social Engineering)
Provided DMZ architecture, design and risk assessment services, as well as cyber threat analysis to the organization.
Snr Systems Architect
Wells Fargo Bank
Network Performance Engineering - NPE
1525 WT Harris BLVD, Charlotte NC 2007
February 2010 – April 2011
NetQoS Architecture, Design and Implementation.
HPNA Automation and Systems Integration, Capacity Planning, Business Continuity planning and Process development.
CIO - Virtual-Link.com LLC
Sept 2009 – February 2010
Providing Network Modeling, Performance Engineering and Architecture consulting services for small, medium and large scale organizations.
Negotiate reseller agreements with vendors and provide support services on their behalf.
VOIP – Asterisk setup and management services
Network Engineer / Lead Network Modeler
Wachovia / Wells Fargo Bank - Consultant
Network Performance Engineering - NPE
1525 WT Harris BLVD, Charlotte NC May 2007 – July 2009
Lead Network Modeling Architect for the redesign and consolidation of Wells Fargo’s Juniper Backbone as a result of it’s recent acquisition of Wachovia Bank.
Perform Enterprise Modeling, MPLS Traffic Engineering and Survivability analysis using OPNet SPGuru Network Planner.
Developed network Business Continuity Modeling methodology
Model Wachovia’s Enterprise Network, perform Failure Impact Analysis, Disaster Recovery and Network Audit
Designed and Implemented Enterprise Netflow collection architecture for traffic analysis using netflow tools e.g. NetFlowTracker, Netscout, Flow-tools and CFLOWD (Open Source)
Consult with vendors to secure tools necessary to provide holistic data from network performance analysis in the Enterprise.
Developing methodology for obtaining critical information from Network Core devices for Network Architecture to make critical design decisions.
Create a sustainable process for defining capacity metrics using existing Network tools.
Network Forecasting and Capacity planning
Risk Management – Configuration Audit
Use OPNET NetDoctor for network pre-deployment change validation
Use OPSWARE for configuration Management.
Ad hoc Scripting – Vbscript, Python, Perl
Develop Reference Architecture documents.
Sr Network Security Engineer
BTS Partners Inc.
(Consultant: Wachovia Bank)
1525 WT Harris BLVD, Charlotte NC June 2003 – May 2007.
Lead Engineer designing, certifying and deploying Intrusion Detection systems within Wachovia’s network. The IDS device s deployed included ISS Proventia G1200/G400 series sensors, Nokia380 and Netrangers. BGP and OSPF troubleshooting.
Performed IDS product certification and testing to ensure optimal configuration and coverage in order to prevent network intrusion. Configured SPAN/VACL on catalyst switches to forward traffic to sensors
Performed Network Audits to secure vulnerabilities in the bank’s network (Security Posture Analysis).
Co-ordinated with Corporate Information Security group to provide firewall protection on new and existing network implementations. Provided Engineering support for the Bank’s Business Partners and maintained Network Security, Integrity and Confidentiality; using corporate information security best practice model.
Authored and published deployment guide to sustain IDS infrastructure design.
Sr Network Engineer
BTS Partners Inc.
(Consultant: Wachovia Bank)
301 Tryon St., Charlotte NC August 2001 - June 2003
Network Design Engineering Support for Capital Investment Banking. Primarily involved in the migration of the Bank’s Legacy Metropolitan and Wide Area network to a newly developed Backbone Network.
Part of the Implementation team, configuring and installing Cisco Catalyst 6509 switches and maintaining GSR routers throughout the network. Extranet clients include Reuters, Capital One, Bloomberg, Charles Schwab, Wells Fargo and Bank of New York securities services.
Design and build Secure Server Farms to cater for the bank’s extranet clients.
Configure and maintain routers and switches including Virtual IPs on Foundry Switches and in the E-commerce Channel.
Cater for clients using Wachovia’s Echannels/DMZ environment.
Remediate Network Audits to secure vulnerabilities in the Wachovia bank’s network (Security Posture Analysis).
Co-ordinate with corporate information security group to provide firewall protection on new and existing network implementations, using Checkpoint firewall software.
Provide Engineering support for the Bank’s Business Partners and maintain Network Security, Integrity and Confidentiality using corporate information security best practice model.
MRTG,Cisco Works, WhatsUP Gold.
Systems Analyst/Sr Network Design Engineer
Butler Technology Solutions
Ste 530, 5511 Capital Center Dr
Raleigh NC. May 2000 – August 2001
Network Design and Implementation. Current projects include providing requirement specification and process documentation for Local area Network, re-engineering and design of client’s switched network. Training Network personnel in network protocols including Multicasting. Also perform network assessments on client Local and Wide Area Networks and implement design proposals based on client requirement specifications.
Systems Analyst/Sr Network Engineer IV
MCIWorldCom
4408 Silicon Drive. Durham NC. March 1997 – May 2000
Network Modeling, Network Traffic Optimization, Monitor test and evaluate MCI USPS MNS Wide Area Network components and devices, Configure and maintain Cisco routers (7500, 4000, 1600 and 2500 series) including Catalyst 1900 and 5000 series switches. Configure and maintain Bay routers (BCN, BLN and ANS series) and troubleshoot and resolve WAN/LAN related problems escalated from 1st level engineers. Validate router configurations before NOC acceptance. Proactive Network monitoring and problem resolution. Voice over IP network testing. Write scripts to optimize configuration and aid management functions.
Projects:
VSAT (Satellite) backup project for 31000 sites. Senior NOC Engineer for this project.
Configuration management for USPS WAN.
Voice over IP Network test lab
Service Level Agreement’s between the USPS MNS NOC and 3rd Party Organizations.
Wireless LAN project management for USPS. Create and maintain scripts to obtain remote wireless LAN device statistics and information for troubleshooting by the NOC and 2nd Level engineers.
Wireless LAN project target – 80,000 devices for United States Postal Service.
VSAT (Satellite) backup project for 31000 sites
MNS2000 – New Technology Enhancement and planning
ISDN backup for USPS WAN
Manage USPS MNS NOC LAB.
Other:
PASSED CCIE WRITTEN
Computer Systems Analyst
IMI Systems Inc, Raleigh NC 1997 (Consultant: MCI WorldCom)
Client/Location: 4408 Silicon Drive. Durham NC.-1997.
Network Modeling, Network Traffic Optimization, Monitor test and evaluate MCI USPS MNS Wide Area Network components and devices, Configure and maintain Cisco routers (7500, 4000, 1600 and 2500 series) including Catalyst 1900 and 5000 series switches. Configure and maintain Bay routers (BCN, BLN and ANS series) and troubleshoot and resolve WAN/LAN related problems escalated from 1st level engineers. Validate router configurations before NOC acceptance. Proactive Network monitoring and problem resolution. Provided support on UNIX, Linux and Solaris operating systems for network performance tuning engineering team.
Projects:
ISDN backup for USPS WAN
VSAT project for 31000 sites
Configuration management
Service Level Agreement’s between the USPS MNS NOC, Network Design group and Implementation group.
Network Management Tools: TeMIP, NEAT, Cisco View, Site Manager (BAY Networks), Netscout Probe, Sniffers, TREND.
Client Protocols: OSPF, BGP-4, DECnet, IPX, NetBios, ISDN, X.25, TCP/IP, VoIP, Frame Relay, HDLC/
LAN Network Topology: Ethernet, Token Ring.
Systems Analyst/Network Consultant Level II
Bell Canada (Bell Global Network Operations), Toronto 1996 – 1997.
Provided 2nd level support for Network surveillance team, Network prime for a number of Bell Canada’s outsource clients, Network Prime for Banyan Vines protocol. Manage simultaneous client cases and resolve related problems. Manage Network management cards that aid in the remote management of client Hubs. Configure and maintain Cisco routers (7500, 4500 and 2500 series) including Cisco Catalyst 5000 switches. Write scripts to aid in Network management, Systems Performance Analysis and Design.
Systems Analyst/Network Consultant Level I
Bell Canada (Bell Global Network Operations), Toronto 1995-1996
Provided remote Network management and support for Bell Canada and its outsource clients. First line support for Bell Sygma’s help desk, and front-line support for CA*net (Canada’s Internet Transit Backbone), developed shell scripts for efficient management of managed networks, Systems performance Analysis and Design of Bell Canada’s Wide Area Network.
Network Management Tools: Optivity, Remedy, SunNet Manager, HP Open View.
Protocols: TCP/IP, DECnet, IPX, BGP-4, OSPF, Netbios, LAT, EGP, EIGRP, SNMP, ICMP, SAP.
WAN: HDLC, PPP, LAPB, SDLC, HISSI, Frame Relay, ISDN, X.25.
Systems Consultant/Software Engineer (Contract)
Deloitte & Touché Consulting, West Africa, Ghana. Dec 1994 – Feb. 1995
Liaised with client (Ghana Post and Telecommunications) in developing user requirement specification documents for their Billing and Collection system using FoxPRO 2.6. Developed the Architectural and Detailed design specifications of the above-mentioned multi-user systems and supervised programmers during design implementation phase.
Subcontracts:
(1) Used FoxPRO 2.6 in the development of a Field Operations System and an Export Tracking System.
(2) Developed security control code for a Grants Tracking System.
Systems Analyst/ LAN/WAN Administrator
Ticket Master Canada, Toronto 1992 - 1995
Provided WAN technical support for departments and sub-divisions across Canada and USA. LAN support and Administration was also provided on Novell 4.1, Optical disk and Tape backup of all systems. Converted ticketing system from primary mode to backup mode and ensured Batch programs run on timely basis.
Systems: Micro VAX III, TMOS, and Novell.- Hubs: Synoptics.
Systems Analyst/ LAN/WAN Administrator
Transport Canada, Willowdale, Ontario 1995.
Configured user workstations to establish TCP/IP connectivity and managed Windows NT servers. Monitored WAN across the country using HP OpenView. Provided technical support to users and updated user StreetTalk names and services. Upgraded and maintained Dell and Wang PC’s. Used Network administration tools to troubleshoot and improve overall network performance. Setup and maintained print services.
Network Cards – Pure Data 8023 – 16
Topology – Token Ring, Ethernet, FIDDI.
Systems Analyst/ LAN/WAN Administrator
Public Works & Government Services Canada, Willowdale Ontario 1994
Liaised with Regional Director in the re-segmentation of their 3000 user Banyan Vines Network. Monitored and maintained file servers across Ontario. Monitored WAN across the country using HP Open View. Provided technical support to users and updated user StreetTalk names and services. Upgraded and maintained Dell and Wang PC’s. Used Network administration tools to troubleshoot and improve overall network performance. Setup and maintained print services. Liaised with Architectural and Marine Engineers and maintained consistency with related Databases and applications
Network Cards – Pure Data 8023-16
Topology – Token Ring, Ethernet and FIDDI.
Hub – Gandalf Prism
Education
BSc. Applied Computer Science.
Ryerson University, Toronto, Ontario, June 1995.
Thesis: Portable Generic Multi-user Inventory Control System.
Professional Courses
SANs Network Penetration Testing
SANs WLAN Penetration Testiong
OPNet SP/IT Guru Network Planner
Perl Scripting
Introduction to Cisco Router Configuration (ICRC)
Advanced Cisco Router Configuration (ACRC)
Cisco Internetwork Troubleshooting (CIT)
SNA Configuration for Multiprotocol Administrators (SNAM)
Catalyst 5000 switch configuration
Cisco VoIP (Voice Over IP)
Advanced BGP
Advanced OSPF
Technology Experience
Programming Languages:
Perl Scripting – Network traffic format conversion, Scripts for data manipulation
Python Scripting – SPGuru customization
VBA script – Network traffic format conversion
Expect – Scripts for Network management
Korn Shell, Cshell, Bourne Shell – network Inventory and management scripts to manage 12000 Cisco routers.
IBM 370 Assembler – A variety of data manipulation projects.
ANSI ‘C’ – Developed screen editor and portable inventory control system.
LISP – Developed process scheduler using Depth-First-Search heuristics.
ADA – Implemented various Operating System protocols using ADA’s concurrent-processing capabilities.
Systems Programming: Developed graphics interface to MINIX.
References Available Upon Request.