Results-oriented Cybersecurity leader with **+ years of IT leadership in network design, security architecture, and risk management. Proven track record of leading high-performing teams to mitigate cyber threats, implement secure network solutions, and ensure data protection. Expertise and familiarity with NIST 800-xx, SOC2, ISO27000 Security Frameworks and OWASP fundamentals and a passion for staying ahead of emerging cybersecurity threats. Areas of expertise include:

LAN/WAN/Datacenter/Cloud Cybersecurity/IT Hardening Customer Management

Risk Management Project Management IT Management

Budget Management Vendor Management Team Development

Selected Accomplishments

Developed multi-year strategic plans for projects, personnel, implementation projects and best practices policies for support and maintenance.

Architected a redundant MPLS/DMVPN hybrid Private Cloud Data/Voice network for over 40 branches, reducing WAN utilization and generating a $960K annual cost reduction

Implemented SLA KPI service metric capabilities, procedures, and reporting for MSP, LAN/WAN and Datacenter/ Private Cloud Services. ( Availability, Latency, Packet loss, Response time)

Directed Network designs minimizing recurring expenses in staffing and telecom costs.

Designed/Implemented entire Secure Out-of-Band Management and MPLS backbone Architecture for the DoD.

Professional History

Architect / Team Lead Sea Range Data Systems, Pt. Mugu (DoD) June 2021-August 28, 2023

TS/SCI : Top Secret Clearance Department of the Navy

Acting Branch Head / DoD, Cybersecurity Workforce -Responsible for Network direction & design, Strategic Planning, Risk Management, and mitigation. Agile Mindset, Responsible for re-designing secure networks, redesign Backbone campus, segmentation of Tenant networks, and resiliency of converged Voice/Data/ Video/ Multicast networks. Implemented and Managed DevSecOps enclave environment. Implemented Out-of-band management and enhanced network monitoring for secure recovery, reduced mean-time-to-repair, and enhanced capabilities for auditing and tracking.

Enhancements: Designed CAMPUS LAN, WAN, DevSecOps, SPT, EVPN, BGP, OSPF, VRF, QoS, MPLS, STIG, IAAS, PAAS, STIG, NESSUS, Virtualization, SLA management, Fault tolerances and Hardening.

-Proactively mitigating network risks and drove improvement to enhance network resiliency and availability.

Responsible for the design, adoption, and implementation of secure technology solutions capable of transporting high available secure live data with tenant isolation, QoS over private cloud, and independent private enclaves.

Led and Engineered various technology projects and efforts to design and build out scalable solutions to solve DoD problems and technical challenges

Led, Designed, and orchestrated, the entire Private Cloud Infrastructure to accommodate multiple private and secure Tenant enclaves generating over $1.2M in cost savings. .

Successfully led the management, vendor engagements, and implementation of underutilized Enterprise Infrastructure support agreements, encompassing various contracts beyond GEMSS and Cisco culminating in substantial cost savings exceeding $680k in Capex and recurring expense.

Managed leadership expectations as Team Primary for project and team deliverables.

Managed stakeholder and team communications, and drove effective system of project status tracking through Agile process.

Created Risk Quads Management: Updates for Progress, Schedule, Budget, Timeline.

oOutcome: visibility, leadership confidence and team tempo project delivery Timelines, as well as a working environment where the team can be focused, efficient, and creative.

Proactively identified and implemented quality and change control procedures to ensure that all executions are completed and validated.

Projects produced according to established hardened security standards and delivered on time.

Infrastructure Operations Manager, Cognizant Technology Solutions, Inc Feb 2021-June 2021

Provided technical leadership for the delivery team. Responsible for L3 incident resolution- and problem management. Private cloud management to ASA firewalls, Meraki SD-WAN and Cisco VRF Design, support and administration. Improved effectiveness in terms of change management procedures, health checks and change management. Contributed towards Technology Transformation and drive automation initiatives understand, and articulate complex problems related to the specific technology. Interface with community network to retain technology competitiveness. Work with the client team to address escalations and own the resolution during the critical incident scenario Plan and implemented major change requests and engineering tasks

Principal Network System Analyst, IT Services Dept, County of Ventura, April 2018-July2019

Information Technology Advisor/Architect. Lead

Designed and led the network security architecture domains by aligning business requirements and IT strategies, detecting critical deficiencies, and implementing technical solutions for continuous improvement.

Oversaw and facilitated the evaluation, selection and design of network security technology complying with industry best practices.

Led information security teams and cross-functional teams to develop strategies and plans to enforce security requirements and address identified risks.

Produced KPI metrics, managed performance, growth, projected system utilization, system refresh cycles, and proactive capacity planning.

Network and Security Consultant, G. Nasser & Associates, Inc. April 2007-March 2018

Information Technology Advisor/Architect. Lead, Designed, Project Managed, and Implemented network infrastructures for private and public corporations as well as International VOIP Call Centers. Involved in leading conceptual discussions bridging business need to technology capabilities and Service Level Expectations (SLA’s). Maintain client’s business objectives on current technology trends and market hype.

Led, and migrated legacy PBX’s to VoIP with multi-office MPLS and VPNs for public media, Call Centers, and Non-profit agencies. Architected back office domestic Public/Private cloud solutions, media broadcast solutions for 40+ locations. Architected and implemented Wide Area Network Security solutions for several private, non-profit and network broadcast syndicated talk, news, music programming, and streaming communications clientele.

(Primary Clients served - Salem Media Group (SALM) & Mexican American Opportunity foundation (MAOF) )

Designed, Configured, and operated datacenter Cisco Nexus & Catalyst switches, Cisco ASR/ISR, Meraki wireless, ASA/Fortinet firewalls, SSL-TLS/VPN-GRE/DMVPN/IPSec VPNs, QoS, Network management, and branch office architecture.

Implemented and maintained a High Available WAN through a redundant DMVPN-GRE network.

Responsible for High Availability (HA) administration of firewalls & firewall policies.

Designed, implemented, and operated LAN/ WAN /DMVPN Solutions.

Network Management implementations with alerts, notifications, and baseline reports with Service Level metrics.

Network Consultant, Xtreme Data Systems 2005-2007

Designed and implemented all network infrastructures. Responsible for Datacenter Network Design, Infrastructure availability, and system performance. Senior Technologist for Network Operations for several clients in Ventura and LA County. Acting Director for IT staff and implemented multipoint VPNs, multi-VLAN network infrastructures, and security. Managed Staff of 5 System Administrators, created Internal SLA with customers and Helpdesk workflow processes.

Senior Network Engineering Manager, Yahoo! 2002-2004

Directed a staff of network engineers responsible for network architecture and support management as well as internal projects to improve network performance and ensure the continuous availability of all data network services. Reviewed network designs and projects to ensure consistency with roadmaps and SLAs; interfaced with internal customers to develop network solution requirements during the scope/definition phase of individual projects. Managed a $3.8M capital and a $800k expense budget.

Implemented and maintained a highly available WAN through a redundant VPN-GRE network.

Coordinated with project teams to set network engineering deliverables and expectations and sequence network engineering components.

Directed a staff of network engineers responsible for network architecture and support management as well as internal projects to improve network performance and ensure the continuous availability of all data network services.

Developed multi-year strategic plans for personnel, budgets, and implementation projects and created best practices policies for support and maintenance.

Negotiated and procured cabling and telecom contracts with vendors.

Reviewed and approved network change management proposals and schedules for submission to the Change Management board.

Network Engineering Manager, Move.com/Homestore.com 2000-2002

Supervised a staff of 9 network engineers responsible for providing complex, high performance network designs and second-level design validations involving multiple interconnected VPNs, WANs, and VLANs with multi-protocol, multiple security levels, load balancing, caching, storage, and disaster recovery. Managed a $11M capital and a $2M expense budget.

Created the scope of work and managed vendor and contractor relationships for outsourced projects.

Orchestrated and managed construction and development of 3 Datacenters.

Managed several M&A integrations and evaluations.

Developed an annual operation plan for the network engineering division.

Defined requirements for the design and implementation of high-performance technology and communications solutions and deployed projects on a calculated timeframe to meet short- and long-term organizational objectives.

Managed telecom providers and validated monthly service level agreements.

Contributed in all aspects of project management, from initial feasibility analysis/assessment and conceptual design, through implementation and enhancement.

Principal Network Engineer, Homestore.com/ Realtor.com 1999-2000

Controlled all global network operations, including LAN and WAN networks encompassing data, video, and wireless services. Managed a staff of network engineers during complex rollouts that included equipment specifications, data center requirements, critical path, connectivity fail over testing, and engineering resources. Served as the chief network architect for the Homestore data center and all collocation facilities. Assisted management in contract negotiations, carrier relationships, and SLA contract agreements.

Developed global network architectures involving layer 2 and layer 3 deployments, utilizing scalable IP addressing schema with public and RFC 1918 addressing.

Provided support for all policy, procedure, maintenance, and redundancy issues regarding the company data center.

Designed and implemented a metropolitan area network with integrated VLAN infrastructures at the corporate headquarters.

Forecasted business requirements and developed appropriate network expansion plans.

Managed the network change control process.

Senior Design Engineer, Litton Enterprise Solutions 1999

Solved customer application issues through network capture and analysis and provided direction, standardization, and support to the network engineers.

Designed and implemented LAN/WAN OSPF networks using Frame Relay and Ethernet LANs.

Optimized the WAN with header compression, custom route metrics, and QoS.

Installed and configured Cisco routers.

Managed a large collocation environment with an integrated OSPF/EIGRP supporting multi-protocol networks, including IP, IPX, DLSW, and AppleTalk.

Network Analyst, QAD Inc. 1995-1999

Designed, maintained, and troubleshot a domestic and international frame/relay network in a multi-tier, heterogeneous global IT environment consisting of over 10,000 network devices in 80 countries. Produced network design proposals and engineering briefs for global telecom teams and maintained relationships with vendors, support teams, and service providers. Managed a $1.2M capital and a $330k expense budget.

Configured and managed the migration of all Cisco routers to support OSPF routing from a previous RIP implementation.

Designed a fault tolerant backbone fiber cable plant that was utilized in the corporate offices.

Set up fault tolerant dialup-on-demand ISDN network connections from business-critical locations.

Technical Skills

Hardware:

Cisco9200/9300/4500/6500/6800/9600 Cisco ISR-G1, G2, G3, G4, 8500 Cisco ASA Firewall Cisco ASR Cisco Nexus Meraki Juniper Pulse Secure Riverbed F5 PaloAlto-NG Fortinet-NG

Software:

Linux Cisco Call Manager Splunk SolarWinds NPM/NTA/NCM PRTG OpenDNS Syslog-NG Nmap Snort – IDS/IPS Squid-proxy Microsoft Teams Slack JIRA Visio Cisco ISE Wireshark Python Amazon EC2 Cloud Nessus TFA- LastPass / Google Authenticator AWS VPC/SG/EC2/S3/EBS AWS- Identity Access Management (IAM)

Education

Bachelor of Science, Electrical Engineering, California State University, Long Beach 1992

Certified Local Area Network Specialist, University of California, Santa Barbara 1995

CISSP Candidate in progress

Cybersecurity Workforce Certification-DoD 2022

Juniper Advanced Security Firewall Training 2004

HP Openview Network Node Manager I for Unix Administrators 1998

Cisco Advanced Router Configuration 1998

Cisco Enterprise Catalyst 5000 LAN Switching 1997

Cisco Managing Switched Internetworks 1997

Cisco Router Configuration Training 1996

Project Management / Project Scheduling 1996

Team Leadership and Management Training 1995

Fiber Optic Design, Installation & Maintenance FO-3 Course 1995

Contact this candidate