Jeffery Walker
Email: ********.******@*****.*** PH: 646-***-****
Professional Summary
An Innovative solutions-driven leader of technology operations with over 14 years of extensive experience. Expertise in Cloud technologies, IT Security, IT management, implementing, and supporting, products such as Cisco, VMware, Citrix, Linux, Windows, Exchange, and Blackberry Enterprise Servers. Utilize a resourceful, proactive approach with the ability to analize options and lead projects through to completion. Outstanding interpersonal communication skills, which ensure clients/vendors, receive excellent customer service.
Education
Monroe College New York, N.Y 1997-2000
Bachelor’s Degree in Information Technology Graduated Dean’s List: GPA 3.6 completed in 2000
Certifications
•Microsoft Certified Service Engineer (MCSE).
•A+ Certification, Network+ Certification, Server+ Certification.
•Cisco Certified Network Associate (CCNA).
•Certified Information Systems Security Professional (CISSP).
Technical Skills
Security (12 Years): Designed/Managed IT polices, including access management, IDS/IPS infrastructure, Checkpoint Smart Center, Checkpoint firewalls, Cisco ASA, Cisco Secure Access Control System for user identification, performed SAS70, Type II reviews and SOX/HIPAA, and Pentesting/Forensic with9 applications: Metasploit, Core Impact, and Encase.
Endpoint Security (14 Years): Symantec, Sophos, Kaspersky, and McAfee.
Microsoft (14 Years): Windows Server 2003-2012 R2, and Exchange 2003-2010, with 10 years configuring and supporting Active Directory, Exchange, SQL, Clusters, DNS, DHCP, WINS and VPN. Manage over 2000 Windows Servers.
Cisco (6 Years): ASA, ACS, Routers 2800, 1600 Series, 3600 Series, 7600 Series), Cisco Switches (1900, 2900, 3500 Series with 6 years configuring and supporting routers and switches with VLAN, VPN, NAT and BGP.
Linux/Cloud (6 Years): AWS and Rackspace Hosting management, Red Hat, CentOS Servers with 6 years configuring and supporting Apache1.3-2.x, MySQL, SVN, Tomcat 5/6, IP Tables, and Asterisk VoIP/OpenSIP providing cloud base phone systems.
VMware (6 Years): ESXi and ESX Ver. 2, 3, 4, and 5, with 3 years configuring and supporting VMware ESXi Server more than 100 ESXi Servers and around 6000 VM machines.
Citrix 12 Years): Implementation supported 25 Citrix XenApp 6 and Xen Desktop 5 and 6, consisting of 1000+ published VMs.
SAN/NAS (12 Years): EMC VNX, Dell Equallogic, HP StorageWorks P2000, P4300, P4500 and HP StorageWorks SAN director B-series, with 6 years configuring and supporting StorageWorks.
Monitoring (14 Years): Splunk, Alertlogic, MonitorIT, PGRT Monitoring, Alienvault, Nagios, Kaseya, Symantec, Spiceworks, and ArcSight SIEM/Cyber-Ark and Cyber-Ark PSM.
CRM (14 Years): Salesforce, DynamicCRM, TigerCRM, Remedy, AutoTask and SugarCRM.
SIP (6 Years): Implement and support Cisco Unified Communications, SIP trunk and PRI configurations Trading Systems (6 Years): Thomson Reuters, Advent, Moxy, and Bloomberg.
Leadership (12 Years): Team building, Relationship management, Vendor & Consulting management.
Programming Lanauge (7 Years): Python, Bash, Powershel and Perl.
Professional Experience
CapGemini/Morgan Stanley New York, NY 7/2015 – Present
SecArch Security Manager
Morgan Stanley is a leading global financial services firm providing a wide range of investment banking, securities, investment management and wealth management services. The Firm's employees serve clients worldwide including corporations, governments and individuals from more than 1,200 offices in 43 countries.
Responsible for managing IT Risk and Controls for Corporate & Investment Bank.
Responsibilities:
•Manage and monitor the IT Risk and Control posture for the business, providing management with transparency over what the risks are and how they can be remediated.
•Coordinate all relevant IT Risk and Control activities (e.g., assessment, control testing, monitoring, reporting and remediation activities). Act as a subject matter expert in relation to IT Risk, Control and Security.
•Develop and maintain strong business and technology relationships, becoming a trusted partner, as well as building relationships with Corporate functions such as Audit, Corporate IT Risk and Global Technology Infrastructure.
•Participate in or lead programs to improve or remediate the control environment.
•Interpret regulatory requirements and Corporate policies, communicate these clearly alongside current status, and provide oversight of compliance as required. Respond to regulatory enquiries and exams.
•Build a culture focused on the pro-active awareness and improvement of the risk environment.
•Tool used for assessment and complince review is Archer
Fascet LLC New York, NY 3/2014 – 7/2015
Chief Information Security Officer/ Network Architecture
Fascet is a financial Private Cloud and Trading floor application provider, which serves primarily hedge funds.
Managed: 5 Direct Report, 15 indirect report.
Reporting to the President/Partner as the Lead for information security strategy and penetration risk management for the infrastructure. Implemented/Maintained physical and virtual infrastructure including monitoring for events and outages. Oversaw all IT functions including data center management, vendor relationships, technical support, application development, financial monitoring, Security, and disaster recovery planning. Managed operating budget and direct activities installing. Cloud (Public & Private), SaaS, PaaS, IaaS: 24x7x365 operations, high-volume transactions, 3 data centers. Built out production Data Center, migrate/replicated 109 virtual Servers from Rackspace, saving the corporation $25,734 per month, a five year saving of $1,544,040.
Day to Day Responsibility:
•Create security policies base on SOX, PCI and ISO, implement and support RSA Secure ID for multi-factor authentication, risk management audits, and also implemented cloudFlare to prevent DOS attack at ISP level.
•Metic management reporting, and reviews for assesses, architectial control, and IT risk management.
•Worked with the Vulnerability / Configuration Compliance Management and Continuous Monitoring Programs including code analysis testing and reviews, penetration testing, data loss prevention, file integrity monitoring, intrusion prevention, and web application firewalls.
•Proficient in Web Application security testing and tools.
•Network access prevention, encryption, access control, web proxies, DNS, mobility, remote access, Endpoint protection, password policy and management.
•Designed/Management IT polices, including access management, IDS/IPS, and Cisco Secure Access Control System for user Identification.
•Patch management with Windows Update Server, and Puppet for Linux.
•Penetration and risk assessment test, including assessing equipment, software, eDiscovery, Malware Analysis, Data Forensics, Risk Mitigation, Threat management, Incident Management, and processes of our entire IT system.
•Implementation of Websense, Symantec Endpoint, Syslog’s using Loggly, configure managed and support 82 site to site VPNs, between 82 vendors ensure that there security policies are in compliance with our procedures.
•Build out DR data plan with multiple replication points, and secure communication between Prod and DR.
•Data Lost Prevention (DLP)Manage and maintain our Private Cloud (VMware vSphere 5.5, VCenter 5.5, CITRIX, SRM, and DAS/SAN), Windows Servers, and VDP with I have replaced with Veeam.
•Automation with Scripting Powershell, VBS, Perl and Bash.
•Linux Systems Administration, Automation, & Monitoring.
•Hardware: Palo Alto, Cisco ASA 5525X, Cisco SG 300, Dell DX Object Storage Platform, Dell EqualLogic PS6210X, Brocade, and Elfiq LB2500E Load Balancers.
•Pentesting/Forensic applications: Metasploit, Core Impact and Encase.
•Monitoring: ArcSight SIEM/Cyber-Ark, Cyber-Ark PSM, Splunk, Alertlogic, MonitorIT, PGRT Monitoring, Alienvault, and Spiceworks.
•Trading Systems: Thomson Reuters, Advent, Moxy, and Bloomberg.
•Perimeter Security (VPN, Firewalls, anti-spam, Data leakage), Core Security (Kerberos, Radius, RSA, Encryption), End Point Security (Anti-virus, Device lockdown), Identity Management (LDAP, AD, and Sun Identity Management.
•Support BigDog: Hierarchical Authentication, Siteminder, Lastpass .
TMG-emedia, Inc. New York, NY 1/2014 – 3/2014
Director, Enterprise Systems (Consulting)
tmg-emedia is a leading provider of Technology and Strategy Consulting services to major corporations, institutions, and not-for-profit organizations.
Managed: 5 Direct Report
Acting CTO for Vance Publishing Corporation, Manage and mentor a team of 1 IT Director, 2 Network Administrators, and 2 Software Engineers, reported directly to President and CFO of Vance Publishing Corporation.
•Created and managed a budget of 900K.
•Supported 3 offices, with a total of 213 end-users, created and enforced IT and Security policies.
•Preformed Infrastructure change and updates.
•Developed and maintained procedures for all team/shift responsibilities.
•Proposed infrastructure with a 5 year savings of $425,868, and a ROI of 318%.
GFI Capital New York, NY 2/2013 – 1/2014
IT Director/Infrastructure Engineer
GFI Capital is a financial services company.
Managed: 4 Direct Report.
Managing 1 System Admin, and 3 desktop engineers, reported directly to CTO, and other business heads in the organization, for various infrastructure technology needed.
IT Strategy & Governance. Conceptualize, form and gather consensus for the Information Management department’s strategic plans and goals to complement overall mission and objectives. Design IT roadmaps and tactical project portfolios that optimize technology architecture, data management and company resources to maximize the positive impact of changes on core business units and the organization
Day to Day Responsibility:
•Report directly to CTO, and other executives, and Managed 1 System Admin and 3 Desktop Engineers.
•Managed a Budget of 2 Million.
•Monitored documentation for complianc processes and protocols for applications development, support and integration, in complance with SOX, and complete risk assessments testes.
•Rework Damage Recovery plans, from five days recovery to an instant failover, using VMware Vmotion.
•Metic management reporting, and reviews for assesses, architectial control, and IT risk management.
•Implement and support SolarWinds SIEM : Log & Event Manager.
•Built workflows and procedures for the team based on ITIL, SOX, and PCI.
•Penetration and risk assessment test, including assessing equipment, software, cyber, eDiscovery, Malware Analysis, Data Forensics, Risk Mitigation, and Threat management.
•Designed/Management IT polices, including access management, IDS/IPS infrastructure, Websense, and Cisco Secure Access Control System for user identification.
•Pentesting/Forensic applications: Metasploit, Core Impact and Encase.
•Penetration testing utilizing Acunetix, Nessus, and Wireshark.
•Implementing and troubleshooting of security protocols (RADIUS, LDAP, and 802.1x).
•Implemented and supported SAAS (Software as a service) for Hedge Fund corporations.
•Monitored SLAs with IT vendors and contractors, and ensure compliance from all involved.
•Implemented Spice Works ticketing/monitoring system in the first month (saving the corporation $22,000).
•Implemented GFI first VMware ESXi Servers, taking the company form 19 Servers to 7.
•Implemented and Managing Active Directory FSMO Roles.
•Implementation and support of Windows Server 2003/2008/2012 R2
•Worked with Cisco ASA 5510 -5585, Cisco Catalyst 2960- 3560, Palo Alto, and Checkpoint firewalls.
•Automation with Scripting Powershell, VBS, Perl and Bash
Technology System Integrator New York, NY 12/2009 – 02/2013
Director of Technical Services/Security Advisor
TSI is an MSP that serves hedge funds, healthcare, and SMBs.
Report directly to President/Partner, and to client’s Executive
Managed: 10 Direct Report, 63 consultant report.
Day to Day Responsibility:
•Providing solutions and implement security system for clients, resolving compliance issues.
•IT and security policies risk assessment in compliance with SOX, and PCI for TSI and its client.
•Implementation and support of Windows 2003/2008, Linux and VMware Servers.
•Implementation and administration of Exchange 2003-2010 with High Availability for Disaster Recovery and Production, include DNS, DHCP, IIS and WINS.
•Create and managed GPO, Implementation and migration of Exchange and Active Directory to virtual environments, such as VMware and Citrix.
•Administration of Microsoft SharePoint, Microsoft Dynamics and Microsoft SQL.
•Updating Servers with latest service packs and hot fixes, distribute packages via Kaseya server across all the desktops and Servers.
•Review and remediate software distribution failures and to eliminate the problems that cause those failures.
•Implemented, and support cluster and San storage for VM and Microsoft SQL redundancy.
•Implement, update and support for Blackberry Enterprise, Implemented, and Support Adobe Creative Suites.
•Implement and support SolarWinds SIEM : Log & Event Manager.
•Windows Update Server, Kaseya Patch Management Software, and Puppet for Linux.
•AWS and Rackspace Hosting management.
•Managed and support EMC Source One, EMC Networker, and EMC Data Domain.
•ESXi and ESX Ver. 2, 3, and 4, with 3 years configuring and supporting 100 VMware ESXi Servers/6000 VMs.
•Implemented and supported 25 Citrix Xen server 6 and Xen Desktop 5 and 6, consisting of 1000 VMs.
•Automation with Scripting Powershell, VBS, and Bash.
•Pentesting/Forensic applications: Metasploit, Core Impact and Encase.
Day to Day Security Responsibility:
•Perform installs, migration, configure, and troubleshooting firewalls with inline/passive IPS/IDS sensors.
•Create, improve and perform threat and vulnerability management processes
•Perform and managed penetration testing/ethical hacking on hardened systems for assurance.
•Perform assessments against infrastructure and application design to ensure compliance with security standards.
•Implement new threat and vulnerability management technologies.
•Provide recommendations for improving configuration standards, based on personal expertise and outside sources.
•Perform Incident management and serve as a subject matter expert for sophisticated attack.
•Provide Security intelligence, define applicability to current environment, identification of mitigating controls.
•Analize TSI, and TSI client’s network for security threats and vulnerability.
•Perform Q/A testing on new network security technologies and appliances.
•Develop business processes and improvement procedures for the Managed Device Team.
Day to Day Networking Responsibility:
•Provide high level technical support, including identifying and resolving problems on Cisco supported products for many industry infrastructures. This included external routing and internal/intranet routing for DMZ Servers.
•Implement and support Cisco Call Manager and Cisco Unity Connections over MPLS, with QOS for Video and SIP traffic.
•Review all changes to network configuration for technical accuracy and impact and provide Multi-Protocol Network problem resolutions.
•Routing related tasks included providing Cisco router configuration and change management, providing technical support for Cisco Router configurations and installation for Customer. Configuring IP RIP, EIGRP, OSPF and Configuring routing policy for BGP Configuring bridging technologies i.e. transparent, SR, SRT and DLSW
•Switching related tasks included implementing of Networking Routing and Protocols: (WAN, LAN, MPLS, BGP, OSPF, EIGRP, VPN/Dynamic Multipoint VPN), (NAT, PAT, VRRP, IP-SEC, STP, VLANS, DHCP, configuring ISL trunk on Fast-Ethernet channel between switches, Configuring CGMP, IGMP and PIM.
•Configuring access Servers to perform reverse telnet and configuring AAA, Custom and priority frame relay.
•Migration for Cisco to Juniper firewall, Manage and support Juniper firewall.
•Checkpoint Smart Center, Checkpoint, Juniper firewalls.
•Worked with Cisco ASA 5510 -5585, Cisco Catalyst 6503-6530, Cisco PIX 501-525 series, WatchGuard, Sonicwall, Palo Alto PA-3050\Threat management and F5 BIG-Data 5000 Series.
Day to Day Virtualization Responsibility:
•Implementation of over 17 Citrix Zen/VMware project.
•Configuration and Administration of VMware VCenter/ESXi and ESX Ver. 2, 3, and 4.
•Managed and implement VM Windows Server 2000-2008 and Desktops OSs.
•Installation and administration of VMware / Citrix Xen Servers.
•Configuration and administration of clusters/ EMC San and Data Domain.
•Migration of Virtual Servers from one data center to other data center.
•Physical machine to virtual machine conversion, and managed virtual Servers using VCenter.
Day to Day Linux Responsibility:
Operating systems
•Linux & UNIX (Red Hat/Centos 6+/5+, Suse/OpenSuse 9-11+, Debian/Ubuntu and Gentoo 2007.-10.0, Slackware 12.0, some AIX 5/6, FreeBSD 6/7, OSX 10.5).
•Networking, daemons and utilities, Package and configuration management using rpm, yum, dpkg, File Sharing on Linux/ hosts with SMB/CIFS via Linux/ Servers - Utilizing ZFS and NFS3/4, iSCSI initiator/targets setups on Linux hosts, Version control with Subversion.
•Network security/monitoring tools (iptables firewall, tcpdump, Nagios/Uptime/OpenNMS monitoring, Nessus vulnerability scanning, nmap host discovery, Ossec HIDS, denyhosts).
Team of 10; support 5100 End-user Multiple Environments within the following industries
Type of Client Supported: Investment /Financial Firms, Law Firms, Schools, Graphics and Video Production, Staffing / Recruiting agencies, Restaurant, Limo and Taxi services, Marketing Agencies, Not-for profits, Construction Companies, Spa.
Emerging Health Information Technology (Montefiore Medical Center) Yonkers, NY 3/2003 – 12/2009
Senior Systems Analyst
Lead of project with 20 engineers.
Provided Systems Analyst Support Report, System installation, Troubleshoots, Repair, Upgrading, Create Images, and Setup install and configure Servers (Hospital and Healthcare environment).
Day to Day Responsibility:
•Implementation and support of Microsoft, Novel and Linux Servers.
•Creating standard process for AD group policies, organization groups and sites.
•Backup and Restore of production Servers using Backup Exec backup, End user support, image and repair HP systems.
•Troubleshoot and migrate Novel Servers, Configure Nortel, Cisco firewall and switches.
•HIPPA compliance, and risk management audit of Qnex application.
•2003 Server, NT, Novel Server, Nortel Firewall, and Switches.
•Over 3000 End-user environment
Donovan Griffiths Law Office Bronx, NY 1/2000 – 3/2003
Network Administrator
Provided Systems Analyst Support Report, System installation, Troubleshoots, Repair, Upgrading, Create Images, and Setup install and configure Servers.
Day to Day Responsibility:
•Implementation and support of Microsoft.
•Creating standard process for AD group policies, organization groups and sites.
•Backup and Restore of production Servers using Backup Exec backup.
•Troubleshoot Cisco firewall and switches.
•Secure access to Imanage application, for remote access.
•End user support, image and repair HP systems, Imanage Document system.
•2000 Server, NT, Firewall, and Switches
•Over 20 End-user environment