Infrastructure: Azure (IOT, Service Fabric, networking, Web API), AWS (K8s, Route53, Cloud Formation, CloudFront), Docker Containers, Service Bus, AD / ADFS, NetApp (7Mode and CDOT), EMC (VMax, Isilon, Vplex, XtremIO, VNX), Vmware ESX, Pure Storage, Brocade, Cisco Nexus
OS: Windows and Linux (RedHat)
Development Environments: Visual Studio (Community 2015), Visual Studio Code, VSTS, GIT and Eclipse
Programming Languages: C#, Object Oriented Perl, Python, Golang, Ruby, Powershell, Bash
Databases: Relational and non-relational such as Mongo DB, Microsoft SQL (Always On), Cassandra, Hadoop (Impala), Cosmo DB, HANA SAP, RedShift
Software Tools: Office, Visio, R, sciKit, Containerizing technologies such as Docker
Public Cloud: AWS / Azure, ARM Template, Internet Of Things (Message Brokerage), Cloud Formation, Load Balancers, Firewall, DNS, Auto Scaling, Availability Zones. and Content Delivery Networks.
Protocols: Fibre Channel, iSCSI, TCP/IP, CIFS 2.x and 3.x, NFS v3 and v4, LDAP
Configuration Management: Chef, Puppet, Ansible
SSO: Azure B2B, Kerberos, AD Federated Services
Continuous Integration / Continuous Development: Jenkins, unit testing
Programming Skills: Unit Testing, Code management, OOP, XAML, data binding, generics, serialization / deserialization, multi-threaded programming, data triggers, event triggers, RESTful API, XML, JSON, XPath, WPF, MVVM, MVC
Machine Learning Algorithms: K Nearest Neighbor, Decision Trees, Linear Regression, Logistic Regression
Deloitte & Touche (11/16 - present)
Private / Public Cloud Solution Architect
Designed an Azure based infrastructure for a Managing Director. The business requirements included an SSO SAML authentication for internal and external clients utilizing Azure AD B2B. Designed front end load balancing web farm and protected backend data sources by splitting it out to a different subnet and creating Network Security Groups. Drafted detailed topology diagram that showed Azure Site Recovery mechanism for BCP plans and documented the firewall rules that needed to allow Azure Site Recovery through to the Internet connections. Worked closely with various individuals across multiple disciplines to get a coherent architecture. Suggested solutions on supported an LDAP lookup of AD users via Restful API calls. Assisted the SQL team on the design of the SQL Always On cluster in Azure with a File Share Witness, and a Backup Strategy.
Exposure to Route53 using Ruby or Golang to manipulate and manage CD CI pipelines for DNS records.
To reach tiering rating of 2 or higher, I wrote BCP automation c# code integrated with on prem Microsoft Azure Service Fabric. The code was designed to test availability of SQL database by means of a SQL Always On Listener. If the database became unavailable, the code would retry several times based on the configuration, then would proceed to failover the database and setup surviving nodes as primary and synchronized secondary.
Automate Azure Infrastructure buildout via .NET native Azure Management libraries to standup cloud infrastructure rapidly.
Designed a geo replicated Redis cache cluster where the end client had a need to replicate the database cross region. There was a business requirement to have an active / active configuration. We utilized Global Traffic Managers and Local Traffic Managers.
Utilize Azure objects such as SQL database with Geo-Replication, Key Vault for data at rest encryption, Blob storage for SQL File Share Witness, NAS based services for both SMB and NFS based storage, Service Fabric, Docker Containers, and Cosmo DB.
Architected a Mongo DB Infrastructure with data partitioning, routing, backup / restore and BCP in mind.
Managed developers and UI designers to create a web portal to gather infrastructure business requirements. The web portal dynamically changed based on FSS of the Tax Channel and would tailor business requirement gathering to the specific FSS to capture nuances that are different per FSS.
Wrote a WPF XAML based UI front end to create a configuration file for the SQL automation code. It uses data binding and is based on an MVVM model to abstract the underlying data object from the UI component manipulation.
Research in containerization models for managing platform microservices in a service fabric environment for resiliency, controlled change management, rollback of services if the change is not deemed fit for the environment.
Designed a resilient File Services offering to provide High Availability and replication.
Diagram application data flows to have Architecture Reviews and submittal for infrastructure procurement so that firewall rules, infrastructure, and data storage all meet business requirements.
Architecture and Design of Multi-Cloud solutions specifically with Azure and hybrid on premises integration with Azure services
Work closely with multiple disciplines and departments such as Software Architects, Delivery Managers, Software Developers to manage full Application Lifecycle Management (ALM), clearly define business requirements and architecting infrastructure to meet those requirements including security and compliance controls.
Implement process, procedures, tools, automation into the environment such continuous integration and continuous delivery to ensure rapid deployment, quality assurance, telemetries for monitoring and managing the environments to meet specific SLAs and KPIs. Includes creating creative solutions around automation, centralized security methodologies, investigating single points of failure, engineering solutions to mature the environment.
Review infrastructure and data analysis for application PII compliance which includes communication encryption via TLS/SSL, various data at rest encryption technologies, and field level encryption within JSON structure. Also reviewed long term retention policies.
Architected process and procedure to perform key management for encryption and decryption programming to secure PII data. The key architectural components were utilizing Secure Server and Azure Key Vault. The process also included an ITIL RACI model to define roles and responsibilities to ensure there were correct separation of duties and a clear strategy behind managing key based data encryption.
Create work flows to introduce structure into business processes such as the beginning of a project initiatives, gathering business requirements, engaging in a POC, architecting a design, cost estimation, BCP planning / gap analysis, architectural reviews with architecture review boards, to engaging PMOs with a project.
Conducted review of BCP procedures and drove project to meet business requirements such as reviewing database snapshot frequency, data replication (SAN based vs application based), DNS failover, application level consistency which included message bus state. Meet with architecture review boards to certify BCP plans for applications to ensure applications can meet the business' expected RPO / RTO.
Troubleshoot WAN network bandwidth issues with application level replication such as MongoDB, Hadoop, and SQL Always On.
Review architecture for firm wide based applications which included technologies such as Hadoop, Orleans, and various Azure / AWS offerings to ensure production readiness.
Automation of Mongo infrastructure instances via Ops Manager based API by creating objects that describe the environment, then serializing the object into a JSON string to upload to Ops Manager.
Vdx (September 2016 - October)
Private / Public Cloud Engineer
Review global DR strategy with cloud providers related to network connectivity and design a blue print that could be used for global deployment.
Automate subscription to subscription VPN tunnel for access to Vnets in cross public cloud data center
Suggest simplifying design to encompass business requirements for IT Management network, production, and development. I also suggested that to further sandbox the development network, network security ACLS can be used to block or allow traffic for application isolation.
Iqor (May 2016 - August 2016)
Senior Infrastructure Engineer
Audit environment to pinpoint weaknesses and help build future strategy plans
Discussed strategy around infrastructure such as utilize StorSimple devices to move older data to Azure cloud infrastructure.
Developed a custom application to gather information and report on the weaknesses of the environment.
Technologies used are RESTFul Api calls to gather data from the physical infrastructure, and processed the data via serialization / deserialization of data. Built reports utilization an MVVM model in .NET, and used data binding with WPF forms to dynamically build reports. Used data triggers to change UI elements dynamically in WPF form based on values changing in the underlying collection of objects. Used Xpath and XmlDocument to read and process data to generate the needed reporting.
Mentat Advisors (March 2016 - May 2016)
Public Cloud Architect
Automation of custom VM builds
Automation of VM data to Azure blob storage
Custom ARM Templates in JSON format to describe entire infrastructure and build within minutes in the Azure
Utilized Internet Of Things to be a message broker for an application farm to route messages based on rule sets to the backend Microsoft SQL database.
Utilize Power Shell and C# to serialize and manipulate JSON objects to automate repetitive tasks in the environment. Used dynamic property type to deserialize JSON into a dynamic object. Utilize Azure's native ARM templating and AWS' Cloud Formation to stand up infrastructure dynamically.
Vicom (February 2015 - February 2016)
Technical Project manager for a large fibre channel switch refresh from lower density switches to larger density switches. Involved in the planning and execution of the project.
Participated in Pre and Post sales of equipment as well as Professional Services and wrote LOUs and SOWs.
Engaged in various clients to facilitate public cloud deployment utilizing AWS / Azure.
Designed a greenfield NetApp CDOT environment for a global client.
Automated NetApp CIFS share ACL migration.
Conducted a POC with various clients utilizing EMC XtremIO, Pure Storage, and VPlex virtualization.
Managed a migration from stand alone storage arrays to a VPlex environment.
Used c# and WPF for forms to display current environment, and to push out automation of new NetApp share ACLS. Utilized native NetApp DLLs within the project to pull current NetApp share ACL information and to push new ACLS to the new environment.
Utilized AWS Cloud formation, Azure ARM templates, Auto scaling, Hadoop, NoSql and Internet Of Things.
ADP (September 2014 - February 2015)
Research small office solutions for the branches which required researching IOPs, capacity consumption and growth.
Engineered solutions to fit the needs of the remote branches that would be cost effective yet maintain the resilience and SLAs of the business
Managed a large project to virtualize storage on HDS systems that required reporting, moving arrays behind the HDS which included VMax and IBM XIV. Coordinating with the various businesses and application owners for downtime and re-presented the storage from directly attached hosts to the HDS array and back out to the end client.
Amgen (August 2014 - September 2014)
Technical Project Manager
Manage a move of NetApp equipment from their main datacenter to their CoLo.
Documented cabling loops and shelves, ensured replication was properly taking place.
Guidance and documentation of the physical move of the equipment and turning up of the equipment.
Bank of America (April 2012 – July 2014)
Main tech lead to design and sustain a Platform As A Service for the bank's internal cloud offering.
Have written Perl libraries to orchestrate data replication over long haul networks for disaster recovery and failover, automated virtual server failover which included initiating failover and bringing up services on the failover location, automated server build out and deployment.
Have deep understanding of pinpointing infrastructure bottlenecks and potential latency sources in infrastructure.
Utilize Tortoise SVN for software code repository and revisioning
Technologies used in the environment are the following: Server virtualization (Vmware and Citrix), storage (both block and file based storage - Vmax, Isilon and NetApp), Directory Services (Active Directory, LDAP), databases such as SQL, DNS (zone delegation, forward and reserve lookups), Single Sign On (Kerberos), File based security with NFSv4/3, NTFS, NFS exports, and share level permissions, clustering technology on NAS or Microsoft Cluster, Snapshot technology (copy on first write, or pointer based), data replication technology (SRDF, Snapmirror, SyncIQ), capacity planning, and Disaster Recovery design and implementation.
Likewise Software (October 2011- March 2012)
Director of Product Management
Roles and Responsibility: Manage and provide product vision and roadmap for data governance on various NAS platforms (Netapp / EMC / HP) and its relationship with global account repositories (Active Directory, NIS, LDAP). Market product to OEM partners, potential clients, various trade publications and shows. Gather business requirements and translate them to user stories for developers. Manage overall development cycles of the product.
Work closely with CEO, VP of Sales and Marketing, Director of Business Development, and potential clients to define product roadmaps, futures, priority of the development cycle, and strategic direction to obtain company’s sales objective.
Assisted the company in delivering a data governance application.
1995 - 2015
Bank Of America
New York, NY
Strong verbal, written and presentation skills
Manage global project and utilize remote resources effectively
Problem solving skills
Able to multi task between multiple projects
Automated Infrastructure As A Service and Platform As a Service, and utilize Auto Scaling to dynamically scale in and out vm compute farms via c# code by reading in a base template, processing the template and submitting to Azure for rapid deployment.
Deep interest in machine learning algorithms to do predictive analysis, decision tree analysis, probability analysis. Studying SRSS and R, plus other python libraries such as scikit.
Developed a custom application based on the .NET framework that utilizes custom user controls, WPF forms, data binding, interfaces, various controls such as TreeView and ListBox and uses data triggers, multithreading, and timers. The application was designed to help have better visual view of a physical infrastructure to show latency, misalignment, single path, dead fibre channel zones, performance metrics, etc.
Chief architect for a private cloud infrastructure at Bank Of America. Utilized caching devices to create a CDN for various server build OSes such as RedHat, and Windows. Designed the complex fibre channel zoning and network for a NetApp V-series cluster aggregate that was backended by a EMC Vmax array.
Investigate NoSql / Map Reduce databases vs. RDBS design characteristics for large scale deployment. Understanding of eventually consistency vs. consistency and sharding.
Investigate message brokerage in Internet Of Things to be able to route incoming message based on rule sets to decrease traffic to databases so that RDBS environments can scale properly, also Internet Of Things can merge data from various data sources to show a larger picture of activity.
Independently studying offerings such as OpenStack, Chef, Puppet, Horton Works Hadoop, Cassandra, HBase, Mongo DB, SQL Lite.
Resolved extremely complex Kerberos authentication on a RedHat host using NFS v4.The environment was utilizing Active Directory's extended schema of Microsoft Services For Unix to retain Unix accounts. Pinpointed the problem to the SPN created for the NetApp server that was the root cause of the issue in resolving the NFS Kerberos authentication method.
Researching Active Directory Federated Services which utilizes SSL Certificates for encryption and utilizes Proxy servers to allow traffic in from third party vendor networks without exposing the organizations production AD forest.
Product Management for Likewise Software to build a data governance application.
Developed a rollout migration plan and technically managed various remote resources all over the world to orchestrate the success of the rollout which included managed the physical delivery of a remote tape library to different regions in the US and cross country borders.
Managed physical migration from existing fiber channel switch to denser switch infrastructure. This included mapping of ports to end hosts to notify business units of migration scheduling, opening of change control tickets, physically laying cable in the data center, zoning of hosts, and final check out of the host after moving to new infrastructure.
Automated NetApp builds for deployment and managed global data replication via automation. In my automation script, I took into account the local time and throttled data replication based on specific business hours and calculated based on existing WAN bandwidth.
Managed global NetApp / Isilon / Celerra deployment Latin America, PAC RIM, Europe and Africa for Bank Of America, CSFB, IBM, Vicom, and various other clients.
Los Angeles, CA
ITIL v3 Certified, EMC XtremIO, and EMC VNX
English and Japanese
Jazz guitar Gibson semi-hollow with a vacuum tube hybrid amp - Play in a band that plays standard jazz tunes (All The Things You Are, Autumn Leaves, All Blues) and bossa nova tunes (Girl From Ipanema, Wave, Blue Bossa, How Insensitive)
Classical guitar - Studied pieces by composer such as Tarrega (Caprice Arabe), Villa Lobos (Etude in Em), Sor, Bach (Well Tempered Clavier)
Skimboarding and Tennis