Architectural Design Technical Specialist
Resume:
John Brockmeyer
President and Chief Architect at JBPE Consulting, Inc.
****.**********@****.*** +1-720-***-**** (W) +1-303-***-**** (F) Summary
• Licensed Professional Electrical Engineer (since 1987)
• MCTS (Microsoft Certified Technical Specialist)
• Former Member of the Microsoft Business Application Platform Advisors
• Former Member of the Microsoft BizTalk and SQL Server V-TSP (Virtual Technical Specialist) Teams
• Enterprise, System, and Solution Architect, having performed dozens of Architectural Design Reviews and Architectural Design Sessions including many on behalf of Microsoft Professional Services
• Experienced Architecting and Deploying Cloud, On-Prem, and Hybrid Systems (Azure/AWS, Hyper-V, VMware ESXi/Workstation/Player, etc.)
• Experienced in Architecting and Deploying High-Security, Standards-compliant systems (HIPAA, S/Ox, PCI, Fedwire/FIPS, ISA 99, ISO 27001/SOC 2, etc.)
• Experienced Architecting and Deploying SWIFT, FIX, EDI (Healthcare and NACHA/Payments), HL7/FHIR (Batch or MLLP)
• Architected and Deployed Platforms and Applications for Manufacturing (Telemetry and Control), Parking Management (Telemetry and Control)
• Experienced in DevOps/DevSecOps, Agile (Scrum, Extreme, Kanban, etc.) Methodologies
• B.S. Electrical Engineering, B.S. Computer Science, M.B.A. Production and Operations Management I am an Enterprise, Solution, and System architect and developer and have worked with Microsoft as well as Unix, IBM, and Oracle technologies designing and building out enterprise-class high-performance, Transactional (Guaranteed) and Best-Effort Delivery, high-availability (including DR) mission-critical heterogeneous systems. These systems usually have very high-security requirements for networking, data (in motion and at rest), access, and SoD (Segregation of Duties). I have extensive experience designing and building systems for Financial Services, Manufacturing, and Healthcare. This includes on-premise, cloud, and hybrid architecture, hardware (physical and virtual), and application development. I have performed many Architectural Design Reviews (existing Architecture and Applications) and Architectural Design Sessions (prospective Architecture and Applications). These included determining requirements (business and technical), analysis of existing Enterprise Architecture, and production of a gap analysis for required changes with respect to security, functionality, and deployment lifecycle (e.g., CI/CD) with implementation models for each. The created report(s) also detailed BPMs (Business Process Models) for critical business processes and how the Enterprise and/or Solution Architecture is to be structured to implement them. Many of these were done on behalf of Microsoft Professional Services. My specialty is architecting, building, modifying, and/or cloud-migrating existing systems for maximum availability, performance, security, and agility including Site-level High Availability (DR) with fully scripted and optionally automatic DR failover. For IaaS and On-Prem environments, I frequently optimize the platform components (not just applications, but the platform itself at the hardware, storage, network O/S, and software levels) to significantly improve the utilization of existing capital assets as well as boost their availability and reliability. The systems I design and build are heterogeneous, often incorporating and interfacing with numerous technologies (Microsoft, various Linux, IBM mainframes, and WebSphere MQ components). I am published at MSDN, certified to deliver Microsoft Official Curriculum training, and have designed and built systems across a wide range of industries including Financial Services (Money-center Banks, Hedge Funds, NYSE Trading Partners), Healthcare, Broadcasting, Manufacturing and Process Control, Automated Parking Management and many others. In most of the systems I architect/build security is of paramount concern, and I have extensive experience using advanced security technologies. I frequently consult for MCS (Microsoft Consulting Services) and Microsoft Premier Support worldwide, including ADS (Architectural Design Session), ADR (Architectural Design Review), POC (Proof-of-Concept), and "Bake-off" competitive assessment assignments. My work generally involves both platform and application implementation and/or mitigation depending on the customer's needs.
I have designed, built, and maintained complex cloud-only and cloud/on-premise hybrid systems both with and without an integration engine as a managed gateway, and can design/migrate systems into a "cloud-ready" configuration if full or partial cloud use is a future rather than current consideration. This includes Azure iPaaS architecture, deployment, development, and operations. Endorsements
Thank you! We couldn’t have gone live with [our system] without you. Truly appreciate your leadership and contributions.
Thank you for all the hard work and dedication you brought to our team! [We were] able to pick up a lot of new things with the knowledge you shared.
It was great to have the privilege of working with you. I learned so much and am grateful. Thanks for helping us navigate uncharted waters.
Thank you for your experience, hard work, and [the] dedication you brought to the team! Your ambition and strong principles are unparalleled.
We will miss your knowledge and positive vibes around here! Experience
President and Chief Architect at JBPE Consulting, Inc. September 1989 - Present (36 years)
I have executed many projects as an Architect (Enterprise, Solution, and System), often also including development, datacenter build-out, cloud deployment (cloud-only, hybrid, and on-premise-only) CI/CD, etc. I specialize in integration projects but as shown in my resume my experience is not limited to that specialty. Most of my systems require high-availability, high-reliability, and high-security both internally (local networks and VPN's) and across the internet. It is also commonly necessary to augment and/or redesign the Enterprise's support architecture to support their requirements. Architectural Consultant at Neudesic, LLC
November 2006 - March 2013 (6 years 5 months)
Architect, size, and implement systems including Production and DR platforms as well as pre-Production and support systems. Designed and built many large systems worldwide, including securities trading, financial services and banking, healthcare, manufacturing, e-Government, and corporate integration. Senior Consultant at MidTech Partners
June 2005 - October 2006 (1 year 5 months)
BizTalk system designer and application developer. Projects
Aerospace Company – Integration Platform and Application Development (Dallas, TX) August 2024 – December 2024
This is an enhancement to the previously built system (see below) to add high-availability across multiple datacenters, security updates, and other modifications. Insurance and Investment Company – SWIFT Financial Network Integration Platform andApplication Architecture Including Implementation (NYC), Integration with Mendix-based Trade Management Application
May 2022 – July 2024
Designed and implemented a high-availability SWIFT interface and messaging system to process a medium- sized load of high-value trade and settlement messages. The project included the creation of five environments (DEV, SIT, UAT, PROD, and DR), with all but the DEV environment connected to SWIFT for test or production as appropriate. The architecture required integration of on-premise systems (including SWIFT Hardware and Applications) with an AWS-based Mendix presentation layer shared model platform
(PaaS) over highly secured mTLS network connections across the public Internet (secured by whitelisting, mTLS, etc.). Note that the processed messages required guaranteed once-and-only-once delivery and frequently involved operations with 7-plus figure valuations. The Mendix side of the interface required the development of microflows to process messages (non-distributed) transactionally for multiple Mendix applications, and an mTLS component (by Mendix support) as it was not previously available in the marketplace. The microflows leveraged their built-in transactionality coupled with a transactional, database- driven queue as the messaging layer (this was necessary because AWS SQS is not transactional) controlled by variables in an ApplicationSettings entity to allow the Mendix side of the interface to be started and stopped as desired. This project also required compliance with numerous standards including annual audits and recertification of both the platform and applications, strict SoD and asset management, network access restrictions, transaction data retention (7 years), and operational/management intelligence. Aerospace Company – Integration Platform and Application Development (Dallas, TX) February 2020 – April 2022
Created an on-premise EDI-based BizTalk system to integrate two third-party, cloud-based services to perform transactional (Guaranteed Delivery) Purchase Order origination and fulfillment. The data streams included EDI data files (text) and PDF purchase order images (binary). The Purchase Orders contained Export Control information resulting in very high-security requirements for all processing. This is a hybrid system project that included both the platform and the integration applications and interface to third-party cloud services as well as Project Planning and Management. International Insurance Company – Integration Platform and Data Security Health Check (Breda, Netherlands)
May 2019
Performed a system-wide Health Check, including validating data security at rest, when accessed, and when transmitted within the platform. Generated a comprehensive report including identification of vulnerabilities
(security, high availability, backup and recovery, reliability/transactional interfaces, etc.) and remediation recommendations. This work was done onsite and included recommendation implementation training of company personnel.
Healthcare Provider – Integration Platform and Application Upgrade (Louisville, KY), Including HL7 and SWIFT Financial Network Integration
February 2019 – April 2022
Performed an Architectural Design Review (ADR) to assess the currently deployed integration applications and infrastructure connecting partner systems and provider’s offices with their ERP (SAP) system for EDI invoice and payment processing as well as many other purposes. Performed an Architectural Design Session (ADS) to plan an upgrade and restructuring of the existing infrastructure to facilitate seamless deployment of applications; improving security for both in-flight and at- rest data, significantly increase utilization of the licensed server capacity, incorporate structured rule-based exception handling, enhance operations with automatic notifications and escalation as well as creating an operations knowledge base, and greatly increase the availability of the overall system. I implemented the recommendations of the ADR and ADS in a multi-environment SDLC, creating high- availability, high-security, high-security platforms with CI/CD. Ski Resort Company – System Integration and Platform Migration (Broomfield, CO) May 2018 – January 2019
Audit and migrate 13 existing BizTalk 2010 applications to BizTalk 2016, including reorganizing them into a best practices configuration for MSI-based deployment, BizTalk Resource management, consistent solution and project organization, and use of BizTalk features (SSO, XREF, WCF adapters, etc.). I also built a new application integrating an existing SuccessFactors HR cloud-based system with external vendors (background check providers, etc.).
Worldwide Construction Company – SAP to Ariba Integration August 2017 – February 2018
Architected and deployed solution for integration of Ariba (which uses a legacy DTD-based, queue interface) with the Enterprise SAP systems. The integration required high-security due to use with government projects
(e.g., requiring FIPS-compliance) and Transactional (Guaranteed) as well as Best-Effort Delivery. This project was done as a short-term solution while SAP completed its Ariba XI/PI adapter (following their purchase of Ariba) but remained in use for several years. Logistics Company – EDI processing and Exception Management (Chicago, IL) July 2017 – April 2018
Refactor EDI-based processing from legacy BizTalk 2010 system to BizTalk 2013R2. It also included a business-rules-based exception management facility that provided structured handling of both messaging and workflow (Orchestration) exceptions. The exception handling is “look-aside”, that is, it has no impact on the performance of the EDI business processes nor does it require any changes to their implementation. Implementation included both application development and platform (architecture) remediation for performance, availability, and reliability. Taught several classes on various key topics, including the use of Business Rules in EDI processing, Business Process Instrumentation, etc. Middle Eastern Money Center Bank – Core Banking Replacement POC (Kuwait City, Kuwait), Including PCI and PII Management and SWIFT Financial Network Integration January-March 2017, May 2017 to June 2017
RFP response and system design (January-March), and implementation (May-June) of a high-performance Proof of Concept core banking replacement system including platform build-out and application support. This system included components for transaction processing, real-time caching, error and exception management and was required to pass a rigorous set of functional, performance, and security tests. Middle Eastern Government – ESB Design and Initial Environment Build (Riyadh, KSA) April 2017
Design an ESB for the Ministry of Communications (working through their contractor at the request of Microsoft) including both platform and applications with a logical model and core services. Implemented the Development environment (single server Hyper-V VM) incorporating all elements of the logical model. Middle Eastern Money Center Bank - HIS Upgrade (Kuwait City, Kuwait) June 2016 to July 2016, October/November 2016
Upgrade an existing HIS 2000 system to HIS 2013, with the conversion of approximately 200 existing Transaction Integrator TLB's to DLL's (this was mostly scripted, however, there were many TLB’s with improper/too-long naming that required manual conversion). The upgrade included the creation of multiple pre-Production environments each integrated with different IBM mainframe LPAR's. NYSE Trading Partner - Real-time Trade Database Upgrade, Optimization and Monitoring
(New York, NY), Including SWIFT Financial Network Integration October 2015 to May 2016
Optimize an existing SQL Server replicated environment (which I originally designed and that was implemented by the customer) to correct cluster configuration issues, restructure the databases for performance, correct a sliding data window partitioning scheme issue, and tune critical application queries to reduce the data batch processing interval from 50 minutes to approximately 5 minutes. No new hardware was required - the SQL Server instance and databases (as well as Windows) were tuned to make full use of the existing hardware.
Carolina-based Logistics Company - Windows and SQL Server Optimization
(Charlotte, NC/Atlanta, GA/Chicago, IL/Boston, MA) May 2015 to October 2015
Mitigate performance and availability issues with numerous SQL Server systems, including migration to Windows Server 2012 and SQL Server 2014. Included datacenter configuration, server provisioning (for the new blade servers and chassis), and cooling (conditioning) issue mitigation in several cities. Retail Pharmacy Company - BizTalk 2013R2 Upgrade and Optimization (Harrisburg, PA) March 2015 – April 2015
Migrate a previously existing BizTalk system to BizTalk 2013R2, including new server builds, SQL Server deployment and optimization, and application performance optimization. NYC-area Money-Center Bank – BizTalk/SharePoint and SQL Server System Center Operations Monitoring and Mitigation (New York, NY), Including SWIFT Financial Network Integration October 2014 to March 2015
Installed and configured System Center (Operations Manager component) to monitor a mission-critical, high- availability (HA/DR) BizTalk/SharePoint system as well as associated SQL Server partner systems. This included monitoring of networking, hardware, platform software (BizTalk, SharePoint, and SQL Server), Identity and Identification (A/D and DNS) as well as published and consumed services. Once monitoring was configured, numerous mitigations were required to align the various systems with established best practices and to eliminate various system faults (e.g., A/D replication issues, failing scheduled tasks, Windows Server and platform configuration issues, Application faults/Error and Exception management, etc.).
NYC-area Money-Center Bank – BizTalk/SharePoint and SQL Server System Center Operations Monitoring and Mitigation (New York, NY), Including SWIFT Financial Network and Mainframe (via MQ) Integration
April 2013 to October 2014
Designed and built a high-performance, highly available BizTalk/SharePoint/SQL Server/System Center platform, including a complete set of SDLC (Software Deployment Life Cycle) environments in a highly virtualized (VMware) environment. This system performs the company's payment processing for the US and much of its international operations, integrating with SWIFTNet, internal GL, and other critical systems. Cable News Broadcast Network - Azure Cloud Migration (Cloud-only and Hybrid) – Cloud Architect
(New York, NY)
April 2013 to July 2013
Built the original migration of this network from pure on-premise systems to a combination Azure-based hybrid and cloud-only systems (the internally facing systems were built as hybrids where security and data were retained on-premise, the external-facing systems were cloud-only). The cloud-only system included a content management tool (Ektron) and was provisioned with a full set of SDLC (Software Deployment Life Cycle) environments.
Training Company - High-Availability, High-Performance System Center (Operations Manager) System
(Phoenix, AZ)
November 2012 to March 2013
Design and build a highly available, high-performance SCOM (System Center Operations Manager) configuration including independent multiple notification paths (in case of network, phone, or other outages). This installation was particularly interesting as it was required to span multiple (city) sites with different domains, some with sufficient trusts but others without. The configuration also featured a full SharePoint/SQL Server Reporting Services integration. Secure Funds Transfer Company – Architect Kiosk-based POS-Payment System (Dallas, TX) January 2013 to March 2013
Designed and built the first version of a store and forward POS (Point of Sale) payment system accepting utility and other cash payments in an unreliable network environment (Central and South America). This was a tiered system consisting of in-mall kiosks, a regional “roll-up” system, and a central payment processor. A payment receipt was forwarded to the counterparty at the regional and central locations, which were configured in a high-availability load-balanced failover pairing. The system was rigorously tested, using Microsoft network degradation tools, to demonstrate guaranteed delivery of all transactions in situations where network connectivity was poor (high packet loss) or down (store and forward). Once the initial system/pattern was completed the customer assumed the responsibility for replicating and deploying it using internal staff; full documentation and build-out artifacts were provided so the initial system could be recreated as needed.
Los Angeles Express Park – Platform Architect (Phoenix, AZ/Los Angeles, CA/Tarrytown, NY) March 2012 to November 2012
From the City:
Downtown Los Angeles will assume center stage as the Department of Transportation begins revamping the City’s parking operations to realize its goals of increasing the availability of public parking spaces and decreasing traffic congestion and pollution.
A 4.5-square-mile area in Downtown will support LA Express Park™, a one-year pilot program that will infuse technology and demand-based pricing into an innovative parking management strategy. Created with
$15 million in grants from the U.S. Department of Transportation and $3.5 million in City funds, the project will test ways technology can help the City realize its goals to increase the availability of limited parking spaces, reduce traffic congestion and air pollution, and encourage the use of alternative modes of transportation.
The platform I developed for this project was optionally single or multi-tenant, that is, it could be deployed on-premise for a single organization (city) or in the cloud for multiple organizations. It included CI/CD capability and multi-version management (required in the multi-tenant environment). As payment and other sensitive information was stored in the system, it had high security requirements including PCI compliance. The identity and authorization model was complex as it needed to accommodate enterprise as well as isolated deployments.
Retail Pharmacy Company - BizTalk Performance and Optimization (Harrisburg, PA) February 2012
Optimize an existing BizTalk installation for performance and availability, correcting issues limiting its capacity to dispatch prescription and other alerts on behalf of the company's IBM mainframe to IVR, SMS, and e-mail customers. This included both platform and application optimization, and training to ensure continued successful maintenance and operation.
Major Aircraft Manufacturer - Federated Enterprise Service Bus - System Architect
(Belleview, WA/Phoenix, AZ/St. Louis, MO)
July 2010 to January 2012
Design and build a highly available, federated core business integration system using BizTalk, SharePoint, SQL Server and System Center. The build included all stages of a five-environment SDLC (Software Deployment Lifecycle) which were configured for seamless deployment of BizTalk and SharePoint applications (so that no application configuration changes are required during deployment). The Production environment was federated between two cities with "cross" HA/DR (the DR for each city was in the other city’s datacenter). The system was built "cloud-ready", that is, the identity and identification infrastructure was isolated from the corporate domain to allow quick and secure federation to the cloud. It was also designed for the easy addition of federations in other countries to facilitate local integration where possible, with the original core systems acting as backups. The project included the migration of approximately 60 legacy BizTalk applications to the new architecture. Middle Eastern Money Center Bank - Core Banking System Integration Architect
(Kuwait City, Kuwait), Including PCI and PII Management and SWIFT Financial Network Integration October 2009 to June 2010
Build a new core banking integration system, replacing an existing system I previously mitigated (see below). This new system was fully optimized for performance and availability (we were limited in the mitigations that could be performed on the original system). The project included the migration of all of the existing applications to a new hosting model as well as refactored for the updated architecture. I built and deployed a full set of SDLC (Software Deployment Life Cycle) environments for this project. Affiliated University System - Architect for BizTalk-based SAP Student Information System Integration
(Harrisburg, PA)
July 2009 to October 2009
This group of affiliated universities needed integration of their on-site systems with a central (common) SAP SIS (Student Information System). This was accomplished using a BizTalk system at each site (central and numerous universities) in an ESB configuration so that student information updates broadcast by the SIS are picked up by all subscribing systems which then transform and use the information as appropriate. The project required that I design and build the BizTalk platforms, deliver the MOC BizTalk Developer and Operations training for both central site and local site personnel as well as develop the interface to SAP (using PI/RCP) at the central site and the initial receiving integrations at each university site. Major Gold Mining Company – Remote Network Analysis, Modernization, and Optimization July 2009
Analyzed, reconfigured and optimized the corporate global network to eliminate connectivity and reliability issues and moved it to a high-availability configuration for remote locations (e.g., Hope Bay, Alaska). Major Gold Mining Company – Equipment Telemetry and Control June 2009 to July 2009
Built and deployed a platform to capture equipment real-time telemetry for several mines, moving it to Teradata where it was then used to create performance dashboards with KPIs and ranged compliance alarms. This was an ultra-high-availability system as the mine operated 24/7/365 with no planned maintenance windows.
San Francisco-based Investment Bank - Remote Management Agent Integration - System Architect
(San Francisco, CA/New York, NY), Early Implementation of mTLS For Remote Management Terminals
August 2008 to June 2009
Integrate third-party management agents running a legacy, immutable MS-DOS tool with the bank's core systems using BizTalk, SharePoint, and SQL Server. Because the partner systems were in third-party, potentially unsecured offices the security requirements for this system were very high; in addition to an Extranet with rotating certificates partner systems were also issued managed machine certificates for mutual authentication. The identity and identification infrastructure was isolated from the corporate facilities. A complete SDLC (Software Deployment Life Cycle) was included. The integration Production environment is highly available, with the DR facility in midtown Manhattan. Had it been available, this would have been an excellent cloud-hybrid implementation.
Middle Eastern Money Center Bank - Core Banking System Mitigation (Kuwait City, Kuwait), Including PCI and PII Management and SWIFT Financial Network Integration July 2008 to August 2008
Asked by Microsoft PSS (Premier Support Services) to perform on-site mitigation of a failing BizTalk environment. Because the system was in Production only two-hour maintenance windows each evening (2- 4 AM) were available. Once mitigated the system was stabilized and met performance requirements, however, some tasks were not attempted on the live environment and instead deferred to a full rebuild (see above).
NYSE Trading Partner - Real-time Trade Database Design (New York, NY) May 2008 to July 2008
Designed a PDS-replication SQL Server environment to take the real-time SunGard trade feed and distribute it to over 100 internal systems. This included creating target databases with readable field names and descriptions (rather than the somewhat cryptic SunGard field names). Performance, both for source and destination replication, was a critical success factor for the design. The completed platform and database designs were extensively documented (and where appropriate, scripted) for customer implementation.
State of New York Voter Registration System (Albany) –Availability, Stability and Performance Tuning
(Albany, NY/Portland, OR)
March 2008 to May 2008
Correct numerous issues, especially concerning performance, for an already-built BizTalk system. This included re-organizing the databases, tuning SQL Server, BizTalk, and Windows, and recommending/making adjustments to the application code. This project was particularly interesting because of the requirement to process a large number of batches of 14,000 voter registration records. Delays had been introduced into the BizTalk application because the six-server BizTalk system was not able to handle the message load. After optimization, these delays caused application errors and the system had to be temporarily de-optimized (the processing slowed) while the application was corrected. The achieved performance also revealed a BizTalk/SQL Server bug; so many messages were being processed in a transactional batch that the SQL Server variant parameter descriptor table, which had a hard-coded size, was being overrun causing the host- to-SQL connection to be dropped and the host instance to restart. Consequently, BizTalk and SQL were both modified to eliminate this problem. A final constraint was the address validation system, which was running on a desktop PC, was completely overwhelmed by the optimized system and had to be rebuilt with a RAM- drive and multiple servers (for availability).
NYSE Trading Partner - Trade Processing System - System Architect (New York, NY/Metropark, NJ) October 2006 to February 2008
Designed and built a high-performance (3000+ transactions/sec peak load), high availability (including DR) BizTalk/SharePoint/SQL Server system to process FIX trade messages. This system incorporates every bit of my knowledge and experience to accommodate the high burst load of incoming transactions. It also integrates with a second system for trade reconciliation as well as SunGard (for trade reporting) and the corporate WebSphere MQ environment.
NYC-based Money Center Bank - Loan Processing System – Performance and SLA Mitigation (NYC, Garden City)
May 2006 to September 2006
Mitigate performance and availability issues with an existing BizTalk-based Loan Processing system that integrated with the bank's WebSphere MQ environment, Oracle-based CIS (Customer Information System), and other facilities. Achieved the target goal of 50 applications/second (the system was originally processing 5/second when
Contact this candidate