Information Security Officer
Resume:
James Taylor
**** ***** ** ** * Puyallup, WA **375 706-***-**** *****.*******@*******.***
Senior Security Architect
Provide technical expertise and leadership in the planning, engineering, design, implementation, integration and support of Enterprise Content Management system infrastructures and technologies. This includes the systems operational procedures and processes.
•Partner with the Capacity Management, Engineering Production Management, AD and the Business to ensure business and customer expectations are maintained and exceeded.
•Participate in or lead the evaluation and recommendation of new products and technologies, maintains knowledge of emerging technologies for application to the enterprise.
•Provide a leading role in the identification and resolution of complex Enterprise Content Management system issues (Tier 3/4 support) utilizing product knowledge and structured trouble-shooting tools and techniques. Support Disaster Recovery implementation and testing as required.
Areas of Expertise
Enterprise Services Management
LAN/WAN Administration and Security
AWS Implementation and Design
Information Assurance Management
Policy Development
Risk Assessment
Security Architecture
Azure Cloud Principal Architect
Responsible Leadership
AWS Solutions Architect
Cyber Security Officer
IaaS, PaaS, SaaS Design/Implementation
DoDTop Secret Security Clearance (TS/SCI) (expires March2018)
Specialties
Management: Security Architecture, Enterprise Security, Information Security Policies, Security Audits, Information Security Programs, Certification and Accreditation, Enterprise Architecture, IT Operations, Technology Leadership, IT Service Management (ITSM/ITIL), Information Security Risk, Risk Management, Compliance & Auditing, Incident Response, Business Continuity Planning, Disaster Recovery, IT Strategy, Project Management, Governance, DIACAP, Systems Engineering, Cloud Services, Risk Management Framework (RMF), Software Development Lifecycle (SDLC), ISO 27000/27001/270002, PCI Data Security Standards (PCI), Vendor Management, Financial Planning and Analysis.
Software: Microsoft Server 2012, 2008 and 2003, Exchange 2010,2007 and 2003, SQL 2005, SharePoint MOSS 2007, SharePoint Designer, Cisco IOS, VMware ESX 3.5-5.5, eEye Retina, Microsoft Windows 7, Vista, and Windows XP, Microsoft Office 2010 and2007, Windows Server Update Services (WSUS), Windows Systems Center (SCCM) Windows Deployment Services (WDS) Development: SQL, HTML, JAVA, WordPress
Professional Experience
Cloud Technology Partners (CTP)
Senior Security Architect (2018-Present)
Analyze and design security solutions for applications and infrastructure, and provide expertise and consulting to clients;
Identify and document information security risks and propose mitigating controls; Will be responsible for understanding complex business IT needs, requirements, and projects scopes, with a focus on information security requirements; Research, design, and develop new information security controls for clients; Assess current IT environments and make recommendations to increase security; Assist clients in troubleshooting and resolving information security issues; Author project and support documentation and diagrams; and Implement security solutions.
Enhances security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
Determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
Plans security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.
Implements security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation.
Verifies security systems by developing and implementing test scripts.
Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
Upgrades security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.
Prepares system security reports by collecting, analyzing, and summarizing data and trends.
Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
Enhances department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments.
Key Highlights
● James collaborated with Vishal Ghelani – the principal application assessment and migration architect for the project on how best to proceed with emerging technologies and with the refactor, rehost, rebuild, replace, retire effort the client was working on.
● On the Allergan project, James architected the majority of the Azure Cloud Security infrastructure for the client which has to meet many Compliance standards and along with regulations.
● James is a phenomenal Security SME and team member. His sense of humor, work ethic, technical prowess and customer focus were key elements to the success of the TCH project. His ability to build rapport with the technical teams was critical to gaining acceptance and developing openness within TCH.
● James' technical knowledge of Azure, Cloud and enterprise Security were all key areas of strength. In addition, James has a rigid can-do attitude which gave me confidence that if he didn't know something, he could get smart about it quickly to meet project or client needs. These skills will serve him well as his career evolves.
● Wrote Doppler Article titled How to Align Your Alerting Strategy to Meet Business SLAs located here: https://www.cloudtp.com/doppler/how-to-align-your-alerting-strategy-to-meet-business-slas/
● Previewed in the Fall Quarterly Doppler titled What does Alerting Strategy look like in the Cloud located here: https://view.joomag.com/the-doppler-quarterly-fall-2019/0511669001575907172?short
● Attained AZ-900 Certification
Affirma
Senior Cloud Architect (2017-2018)
Maintaining and updating reference architectures for IaaS & PaaS deployments. Building repeatable templates that can be utilized by Business Unit technology teams to simplify their adoption of cloud platforms. Working alongside Business Unit technology teams to help them understand and implement the best cloud platform components for their specific requirements including designing scalable technical solutions. Assist in shaping corporate polices, processes and initiatives that will improve the way business units make use of cloud platforms. Maintain and monitor all network, security and computer systems to meet the organization's current and future requirements Responsible for management, maintenance and architecture of storage, virtualized environment, servers, network devices, and productivity tools Monitor systems and identify performance issues proactively Work within strict time frames and elevate incidents within defined timeframes Test all changes to networks, hardware, software, and hosted applications Monitors service delivery compliance to budget, quality standards and customer and business stakeholder requirements Cater to doing infrastructure coordination related to design and setup activities at different stages of a project work with various vendors and service providers to ensure productive environment Resolve issues and prepare status reviews and reports Professionally represent the infrastructure team as a technical consultant on projects. Maintain the necessary project plans and documentation of all system builds and modifications Interact and coordinate with vendors, suppliers, distributors and contract consultants Maintain a good working knowledge of current infrastructure and future trends Maintained working relationships with all service providers and vendor to ensure that services received meet expected requirements of contract
Kyocera Document Solutions Northwest
Director of Information Technology (2016- 2018)
Responsible for the overall planning, organizing, and execution of all IT functions at the location. This includes directing all IT operations to meet customer requirements as well as the support and maintenance of existing applications and development of new technical solutions.
Leads the develop and implementation of all IT initiatives that enable the Company to compete more vigorously and more
profitably in a constantly changing and demanding marketplace. Translates the company vision into IT systems and procedures,
articulating this critical link to the company stakeholders including the Executive Team, IT staff and employees. Responsible for the management, motivativation, and develop all staff within the IT group. Ensures the organizational structure is appropriate for supporting Kyocera's current and future business needs to itself and all its clients.
Key voice among the Operating Team, driving cross-functional collaboration through the IT team. Participate actively with the Operating Team to ensure our systems environment addresses the needs of the business.
Leads and coordinates development of the infrastructure to ensure key business strategies and processes are supported by systems that enable growth and flexibility. Develop plans and budgets considering internal work needs and operating units’ approved projects. Oversee analysis and evaluation of staffing requirements to fulfill business requirements including directing the evaluation of make vs. buy decisions as they relate to outsourcing vs. in-house provisioning and identifying and developing strategic partnerships with key IT suppliers, licenses and contracts, vendors and consultant organizations. Translate business needs into system solutions making maximum use of available tools while ensuring longer term supportability of the architecture.
GCSIT Solutions- Seattle, WA
Senior Enterprise Engineer (2014-2016)
Provide technical expertise and leadership in the planning, engineering, design, implementation, integration and support of Enterprise Content Management system infrastructures and technologies. This includes the systems operational procedures and processes.
Partner with the Capacity Management, Engineering Production Management, AD and the Business to ensure business and customer expectations are maintained and exceeded.
Participate in or lead the evaluation and recommendation of new products and technologies, maintains knowledge of emerging technologies for application to the enterprise.
Provide a leading role in the identification and resolution of complex Enterprise Content Management system issues (Tier 3 support) utilizing product knowledge and structured trouble-shooting tools and techniques. Support Disaster Recovery implementation and testing as required.
Provided Network Layer 3 capabilities for collaboration with Amazon Web Services (AWS) VPC
Supervised, planned, administered, managed, operated, integrated, secured, and troubleshot Enterprise Systems, Local and Wide Area Networks and other required systems
Key Area of focus VMware:
ESXi Host installation and upgrades
vCenter Server (Both Windows and Appliance) installation and upgrades
Update Manager both installation and upgrades
Virtual networking in VMware
Port groups configuration
Load balancing
Configuration of vMotion
Configuration of storage multi-pathing (iSCSI or NFS)
Datastore creation
Enable iSCSI and configure discover/targets
Creation of virtual machines, templates, and cloning of virtual machines
Troubleshooting of the VMware compute, storage and networking using ESXTop metrics
US Army – Joint Base Elmendorf-Richardson, AK
Information Systems Technician (2010—2014)
Plans, manages, and administers enterprise services, computer networks, and associated information technology resources in support of a corporate headquarters and 12 regional offices employing over 3,500 users. Establishes, coordinates, and directs information assurance operations and security projects. Advises executive management on computer information systems policy, technical, and
information assurance (IA) matters. Accountable for enterprise servers and networking equipment valued at $10 million. Leads a staff of five system administrators and six technical support technicians.
Key Contributions:
Spearheaded effort to deploy Windows 7 on 2,848 computers, across three distinct domains, spanning 13 remote locations in Afghanistan. Many configurations required custom images on Windows Deployment Services (WDS), supporting a broad spectrum of client requirements to meet increasing interoperability demands. Project met all milestones, objectives, and closed on schedule.
Planned, supervised a Continuity of Operations and Disaster Recovery (COOP/DR) hot site project, insuring seamless operational availability in the event of a disaster. Project incorporated VMware and NetApp technologies to reduce footprint, improved resource efficiency/TCO, while supporting decentralized archiving, Snap Mirror data replication, and snapshot recovery objectives.
As the organization’s Information Assurance Manager (IAM), applied knowledge gained through formal education and operational experience to bolster the organization’s IA posture. Created an incident response plan, conducted scheduled/on demand qualitative risk assessments, and implemented eEye Retina/QTIP vulnerability scanning procedures. IA incidents decreased by 78%.
Designed, deployed, and maintained two mid-sized Microsoft Office SharePoint 2007 farms; providing fully redundant, network load-balanced, collaboration portals averaging over 19,400 page requests per day.
Drafted and led campaign to enact an organizational-wide Information Systems Security Policy (ISSP). The ISSP details and directs how Department of Defense (DoD) IA objectives apply to organic enclaves for all users and administrators.
Excelled as project lead to migrate and virtualize 30 enterprise servers utilizing VMware and NetApp solutions. Project maintained original schedule/scope/cost; saved $120,000 in lifecycle burden, while reducing the power consumption by 60%.
Analyzed/overhauled organizational IT life-cycle requirements within a newly constrained IT budget of $3.6M. Oversaw the purchase/configuration management of enterprise servers, client workstations, and LAN/WAN hardware. Initiative permitted 100% equipment replacement over a 3-year span, while meeting technology refresh objectives.
Instituted an organizational IT Knowledge Academy aimed at providing training to system and network administrators. Developed and taught an advanced networking course, which enabled five administrators to attain their CCNA Certification. Appropriated and coordinated a variety of resources which supported a tactical fiber optic repair course-offering. This just-in-time course trained and certified 30 infrastructure management personnel, yielded Fiber Optic Association (FOA) certifications for all attending.
Mentored systems administrators through the planning/development/administration of a mobile enterprise services solution that enhanced the organization’s operational readiness during four (4) distinct, month-long, offsite training events. During each training event, the team successfully deployed/installed/administered enterprise services while providing a 99.95% service availability rate.
Developed/implemented a database maintenance plan blending Microsoft SQL server best business practices with organizational requirements to efficiently manage data and transaction logs, reduce index fragmentation, and ensure data integrity and availability. The maintenance plan proved successful in maintaining the organization’s mission critical database systems.
James Taylor
Page 2
706-***-**** *****.*******@*******.***
US Army – Bagdad, Iraq (2009-2010)
Deputy Director, Enterprise IT Operations
Technical director of operations for an enterprise network and core data center valued over $500 million with over 400 servers, 60,000 workstations, and 100,000 users at 29 sites. Designed and implemented 5 network enclaves and 7 site data centers. Managed 7 major IT projects valued over $3 million all delivered on time and within budget.
•Upgraded the enterprise email system 3 month ahead of schedule with no data loss and no downtime in mail services. Upgrade reduced spam traffic by 30% and improved mail security as recognized by external agency.
•Lead Enterprise Cyber Security Officer for the whole Area of Responsibility of Iraq during War time operations.
•Designed and implemented a Business Continuity Plan & Disaster Recovery Plan reducing recovery time 16 hour.
•Implemented a cross-functional enterprise change management processes that reduced outages from unplanned change and major problems by 300%. Reduced number of emergency changes and unauthorized changes by 10%.
US Army – Fort Lewis, WA
Director of Training Operations(2007—2010)
Led a dynamic, six member team charged with the development and implementation of plans, policies, and training initiatives, in support of four distinct logistical-support departments consisting of 450 personnel. Coordinated with department heads to ensure achievement of organizational training goals, to include personnel readiness requirements and material/facility/equipment needs. Oversaw development of essential operations and conducted qualitative risk analyses to capture/mitigate operational training risks.
Key Contributions:
Planned, resourced, and executed a two-week offsite simulation and training event that integrated 200 personnel from four diverse departments. Event culminated in a comprehensive certification exercise resulting in the successful evaluation and validation of the organization’s ability to effectively perform its required operational readiness plans and procedures.
Planned coordinated Enterprise Level Exchange Migration form Exchange 2003 to Exchange 2007
Following a mandated reorganization, led a successful departmental dissolution involving 35 virtual servers and 28 personnel that resulted in minimal impact to organizational continuity and zero disruption of forecasted mission readiness.
Provide significant technical expertise in the live migration of a large Share Point environment to a fully scalable Share Point web farm.
Planned coordinated and engineered the Fort Lewis Defense Information Systems Agency (DISA) Secure Voice Over IP telephony service.
Military Education
Information Systems Manager Course – Fort Gordon, GA (2008)
Warrant Officer Basic Course– Ft. Gordon, GA (2007)
Warrant Officer Candidate School- Ft. Rucker, AL (2007)
Education and Certifications
Master of Information Technology – Advanced Cyber Security (2020)
Bachelor of Information Technology– Network Security, University of Phoenix (2010)
AWS Certified Solutions Architect – Associate (Certificate AWS-ASA-13527)
CISSP
Comp TIA Security +(#COMP001020070747)
Microsoft Certified Information Technology Professional (MCITP)(#7252311)
Microsoft Certified Information Technology Professional (MCITP) with Exchange 2007 (#7252311)
Cisco Certified Network Associate (CCNA)(#CSCO12186865)
Cisco Certified Network Associate Voice(CCNA voice) (#CSCO12186865) Cisco Certified Data Center Associate (CCDA) (#CSCO12186865) Information Technology Infrastructure Library (ITILv3) (#4532553) Tegile Certified Installation Engineer
SC Series Storage Professional
VMware Certified Professional (#VCP162217)
VSP - BC (Business Continuity 5) VSP - BC (Business Continuity 5.5) VTSP - DV (Desktop Virtualization 5)
VTSP - MO (Management Operations 5) VTSP - SV (Server Virtualization 5)
Unidesk Certified Professional
vRealize - Install, Configure, and Manage
VTSP- NV (Network Virtualization) VTSP- AO (Automations Operations)
Contact this candidate