Web infrastructure architect, Sr web operations, Sr Bluecoat SME
Resume:
Jeffrey Ehrenkrantz
Mullica Hill, NJ 08062
Phone: 856-***-****
E-Mail:ac3fx5@r.postjobfree.com
E-Mail preferred contact.
Bluecoat Proxy (SG) Subject Matter Expert, Infrastructure Engineer, Web tier Integrator and Administrator
Current Engagement
Morgan Stanley Oct. 2011 – Nov. 2017
1 New York Plaza
NEW YORK, NEW YORK 10004
Contractor to Technology & Information Risk
Bluecoat SME.
I have completed a sixth and final year of an engagement as a contracting resource for or Morgan Stanley in New York City. I was a Level 3, primary Subject Matter Expert (SME) responsible for the global Bluecoat (SG) proxy plant deployed as content filtering forward proxies. In addition to FTP, SOCKS proxies for daily settlements. Maintaing systems that managed internal as well as external security threats.
My role with the web-security-operations team included but is not limited to mentoring juniors. Maintaining the proxies responsible for security monitoring systems controlling both data exfiltration and user access t limiting exposure to malicious sites.
As a senior SME resource for maintaining the enterprise deployment and control infrastructure of the Bluecoat proxies known as BCManager and BCCMD. These are legacy products that I have extensively extended via shell scripts.
During the past six years, I have been involved in the integration of various security products to detect and manage malware scanning solutions such as TrustWave’s ICAP scanner product, known as M86 with the Bluecoat SG proxies.
Integration of LDAP/Kerberos services, via BCAAA deployed on both virtual and stand alone hardware (Windows.)
During this time, I have been also both a level three resource and liaison for the Security team’s integration with both F5 load balancing (LTM) and the DNS geotagged service (GTM) fronting the proxy services.
I have planed and implemented FIrewalled DMZ’s as well as host based access controls. i.e. firewalls via various host controls.
Professional Summary
Before the Morgan Stanley engagement, my experience includes initial conceptual deliverables extending through to hands on deliveries of infrastructure architectures for both server and applications.
Amazon cloud services including but not limited to EC2, S3, RDS.
Projects utilizing tiger teams with GMAC Residential Mortgage through larger teams at Comcast.
Spanning the enterprise ecosystem, solutions provided have encompassed using current technologies, TCP, SSH, SSL, SNMP, including SSL implementations.
Tools utilized but limited to UNIX cli commands, scripting, tcpdump and wireshark. Additional UNIX style tools on Windows via Cygwin and many of the widows dll ports.
Created shared key infrastructures to remove security weaknesses in the application and user spaces.
Analyzed and recommended hardening process for applications and servers.
Delivered new and re-architectured, infrastructure solutions utilizing Weblogic/Oracle environments.
Firsthand experience with Sarbanes Oxley, PCI, PPI and CPNI requirements.
Six years of Financial Web and Web Security leadership. Senior team member and mentor.
Over 17 years of experience working in the ISP arena as both Unix and Windows SA.
Team Lead of 12 WebLogic specialists for Comcast Cable, supporting the High-speed data and VOIP products.
Hands on experience WebLogic 6.x through 10.2x
I have architected and deployed through my team Active Directory integration in WebLogic servers for both console and program access.
Web Infrastructure Architect and senior member of the Web operations team for GMAC Mortgage and Interface to the development teams.
I have been responsible for the promotion of geographically diverse Load balancing solutions. (GLSB on Foundries.) These efforts are current for Comcast and ground breaking at GMACR.
Responsibilities included conceptual designs, with hands on implementation of High Availability, redundant and resilient services as the primary focus of my work.
I have been responsible for bringing H.A. into Apache 2, Iplanet 6, Tomcat, WebLogic and Business Objects Multi-tier environments.
I have been responsible for both the design and implementation of internally produced and commercial monitoring solutions such as HPOV. SiteScope and Appmanger 6
Projects have included Enterprise Job Scheduling roll out using BMC’s Control-M
I have championed, built build environments and deployed a secure set of Apache and OpenSSL environments on RHE5,6x and Solaris 10 Sparc for use as Comcast standard deployment web servers.
Software:
Sun Certified Solaris systems administrator. Solaris 8. Sun OS 5.x and Solaris 10, Sun RAID Manager, Jumpstart, X-Windows/ Open Windows, Common Desktop Environment), Netscape Enterprise Server 4.1, IIS, LDAP, Netscape Communicator 4.x, Apache1 &2, SSH1/SSH2, WebLogic, Tomcat, Sun One Web Server 6x, Iplanet, Business Objects 6.x, Sun Cluster Server, Veritas Volume Manager, Solstice DiskSuite Legato Networker, BIND, Linux 7, OpenBSD, FreeBSD, NT4, Win2K, MQSeries messaging on Solaris.
Databases:
Oracle 8i.9i and 10g from the Systems Administrators and application integration perspective. LDAP MySql
Services, protocols:
DNS, NFS, NIS, TCP/IP, UDP, SMTP, HTTP, FTP, Telnet, SSH, rlogin, rsh, Ipchains/ Iptables as production firewalls. Checkpoint, Cisco Pix. Load Balancing configuration and management.
Platforms:
UltraSPARC and Sun SPARC (Enterprise 10000 (E10k), 4500, 2, 5, 250, 450, R420 220) 480,490,240 T2000 4100 and IBM compatible PCs. HP D and L class servers.
Storage:
Symmetric’s EMC4, Sun A5200,Sun A/D1000
Previous Engagments
Comcast Cable Co. Sep. 2010 – Oct. 2011
Mt Laurel, New Jersey
Senior Engineer. (E4)
Responsibilities as listed in previous contractor role.
Keystone Computer Associates, Inc. Jan. 2010 – Sep. 2010
Fort Washington, Pa.
Contract to: Comcast Cable Co.
Mt Laurel, New Jersey
Senior Web Engineer
Participating as a member of the overnight Tier 1 team.
First responders to enterprise wide issues of high-income revenue applications.
Skills used on a day to day basis:
Networking troubleshooting
Weblogic deployments
Apache deployments
Iplanet and Apache management.
Incident response and coordination
Comcast Cable Co. Feb. 2007 – Aug 2009
Mt Laurel, New Jersey
Team Lead BSS Provisioning Support.
Lead for a 13 member team consisting of Full-time employees and consultants.
Comcast Cable Co. Jun. 2006 – Feb. 2007
Mt Laurel, New Jersey
Senior Application Engineer.
Providing mentoring as well as technical leadership to the BSS support team.
Participates in cross Business discussion, planing, and execution of projects.
Provides deep level support to own in addition to other teams within Comcast, not limited to OS, DNS, Web Applications, network analysis relating to application data flows.
Provides 24/7 support of the core product as well as ancillary applications in multiple geographic locations.
Provide for new security resolution processes and remediation.
Architected with team implementation of Active Directory integration.
Conceived, and directed team implementation of an Engineering support portal to allow for efficient management and monitoring of remote systems.
Provide leadership in all matters pertaining to Web tier architectures and applications.
Provide support and insight for Web Services for the current implementation of SOA.
Within the WebLogic application space support for JMS, EJB, and JMX.
Support an extensive LDAP infrastructure as used by WebLogic, and various clients such as JExplorer.
Actively participating and architecting migrations from wls8 to wls9.1,9.2 and WLS 10.
TekSystems Consulting. Mar. 2006 – Jun. 2006
Client McGraw Hill, NYC.
Sr. Application Architect.
Providing design for multi node Weblogic clustering solutions of the McGraw Hill Higher Education platform. Comprising of Ntier Weblogic application environments.
Designed and installed an Enterprise monitoring solution using a java based multi functional application. Which provided for user experience as well as system metrics both at the OS and Application level.
GMAC Mortgage Residential Apr. 2003 – Feb. 2006
Horsham, PA
Web Infrastructure Architect.
Web Infrastructure Architecture & Primary Support to the Web operations team.
Design using requirements derived from application documents and user interviews.
High Availability from hardware design such as multiple server interfaces through networking gear, utilizing load balancers and content switches. Leveraging Multi-tier architecture.
Design with a high degree of security as an underlying consideration utilizing SecurID as a two-factor authentication method for Internet designs.
Designed and implemented a signature tool and process in order to provide for Sarbanes Oxley auditing, allowing successful 404 sign off.
Current environments are Apache 2, Sun web server 6.x, Tomcat 4-5.5, WebLogic 6.1-8.1
Participate in server builds of Sun servers as web reverse proxy servers.
Responsible for the installation of all software to support the web tier.
Design and operational responsibilities on the Server Iron load balancers interacting with the web tier.
Secondary responsibilities including Windows 2000- 2003 servers used as Java and Web platforms.
Totality Corp. Oct. 2002 – Feb. 2003
New York, New York
Client Engineer & Senior UNIX System Engineer.
Administrate and configuration of IBM MQSeries messaging on Solaris
Administrate Netegrity Siteminder. Configured as iPlanet plugin with Oracle 8 backend.
Administrate and configuration of BEA,Weblogic 6 applications server.
SunCluster environment for fail over of critical systems.
Installed and managed Iplanet 4.1 Sp9 Web Servers.
Creation and maintenance of operational and monitoring scripts.
Responsible for interface with client’s requirements and operational center.
Veritas and ODS files systems on EMC SAN environment.
Powerpath on Sun with Brocade Fabric switches for EMC SAN
Zone Telecom Inc. Dec. 2001 – Aug. 2002
Cherry Hill, New Jersey
Senior UNIX System Engineer.
Team lead. Managed remote system administrators located in New York city, LA, California.
Managed local administrators within the Unix environment, network operations as well as close cooperation and support of the NT and Database teams.
Managed contractor administrators in both Los Angeles and Cherry Hill utilized for staff augmentation and specific projects.
Trained and directed junior administrators.
Concurrently maintained over 25 UltraSPARC, and 6 Linux servers as Development, QA, and Production platforms.
Developed, deployed and maintained Bea. WebLogic 6 on 14 HP L1000 and L2000 and Sun Enterprise platforms in Development, QA, Staging and Prod environments, located locally in Cherry Hill and remotely in NYC, NY and LA, CA.
Deployed and maintained Iplanet NES4.1 web servers in a multi tier environments, both as content and proxy servers (provisioned on Solaris 5.8) with a Bea backend.
Deployed and maintained Apache as a web server for static content, provisioned on Solaris 5.8
Deployed and maintained Iplanet Directory (LDAP) server for user authentication on Solaris 5.8 platform.
Participated in the 24/7 maintenance and performance monitoring of all production servers.
Deployed and maintained Cisco 2600, 3640, Dual 7505 in HSRP, 6509 routers. Cisco Local Director 416 in a hot standby configuration.
Maintained Checkpoint firewalls on both NT and Solaris platforms.
Developed and deployed critical system configuration collection and display system. Installed performance monitoring software on Sun hosts
Developed backup strategy for remote systems using private nets and Legato Networker.
Veritas on Sun. Deployed and managed on A5200 arrays for Database Volume support.
Participated in the deployment and monitoring of critical systems using SiteScope.
Interworld Corporation May 2000 – Nov. 2001
New York, New York
Senior UNIX System Engineer.
Team lead and managed remote system administrators located in New York City and San Francisco offices.
Managed local administrators within the Unix group, network operations as well as close cooperation and support of the NT and Database teams.
Trained and directed junior administrators from within the NT team onto the Unix team.
Concurrently maintained over 80 UltraSPARC, OpenBSD, and Linux servers as development, QA, and production platforms.
Created a multi segment Jumpstart environment to centralize software installs.
Created management scripts for developers, QA, and others to better utilize the processing and storage capacity of existing systems. Thus removing the need to purchase additional servers during periods of high demand.
Provided Sun Cluster administration for 2 sets of clusters running OPS in a development and benchmarking environment.
Installed and configured Veritas Volume manager for development storage on Sun A5000 arrays.
Installed and maintained RM6 on several Sun A1000, D1000,
Maintained BoxHill Turbo 5200 arrays supporting a large NFS user base.
Installed and configured Apache 1.3 and 2.0 Web Servers, in support of the Internal needs and to provide knowledge base information for the Help Desk personnel.
Installed and configured Sun JASS procedures to harden Solaris operating systems utilized on the Unix production servers.
Documented internal server configurations in support of system maintenance and minor system failure repair.
Created automation scripts to perform file system cleanup and monitoring with notifications auto-generated to appropriate department heads.
Provided users with access to the UNIX servers using the Network Information Service (NIS), NFS and Samba
Whyy TV12 Oct. 1979 – Sep. 1998
Philadelphia, PA
Senior Engineering Technician.
TV12 is a PBS affiliate in Philadelphia.
During my 18 years with TV12, I wore many hats.
High Power Transmitter Technician of the TV VHF and the affiliate FM transmitters.
Maintained and repaired all forms of Video recorders, cameras, and Audio gear.
I was on occasion, a Technical Director, Director, Audio Lead and member of various editing projects.
Certifications and Education:
Sun Certified Systems Administrator Solaris 8.
BEA - Oracle:
Advanced BEA WebLogic Application Server v8.
AquaLogic BPM
ALSB 2.5
AmberPoint ( An SOA Governance tool )
Comcast internal training:
Basic Java
Perl
Training with Business Objects:
Business Objects administration 6.x
Training with JLicense:
Apache
Tomcat
Training with IBM:
IBM MQSeries messaging for Solaris
Training with Sun Microsystems: MySql administration:
ES-420 The Sun Fire[tm] Workgroup/Enterprise Server Administration
ES-421 The Sun Fire[tm] 15K Server Administration
ES-400a Sun Enterprise 10000 Server Administration
ES-245 Shell Programming for System Administrators
SA-389 TCP/IP Network Administration
ES-333 Sun Cluster 3.0 Administration
ES-220 Disk Management with Disksuite
ES-310 Volume Manager Administration
SA-288 Solaris 8 System Administration II
Netscape Application Server “NAS Bootcamp”
Allaire:
HTML “Fast Track to HTML”
Coldfusion 4 “Fast Track to ColdFusion”
Non IT related.
Single engine land Flight instructor.
First Class Radio Telephone License.
Advanced Amateur Radio License Wa2LWC.
Certified Renovator
Certified Lead Dust Sampling Technician
References upon request
Contact this candidate