Cyber Security Cloud Operations

MARK MUNRO

*******@**.*** 226-***-**** Guelph ON https://www.linkedin.com/in/dmarkmunro/

Summary

Key leader of multiple IT projects with demonstrated leadership skills driving policy decision making, project implementation and emphasis in future business growth, developing a technology roadmap, driving ISO and SOC2 certification initiatives. Proven ability to resolve issues though methodical troubleshooting skills and strong problem-solving skills.

Work Experience

SpinMaster Games Toronto, Canada

ITS Manager Cloud (contract)

01/2025 - 04/2025

• Strategic planning initiatives: Automation, infrastructure enhancement and infrastructure security and management. Achieved with implementing CSAT, Sectigo automated SSL management, updating or decommissioning resources and servers that can’t be secured by Defender. 90% complete.

• Managed cloud team with objective to evaluate, identify and correct key security and budget costing overruns in AWS and Azure. Performed Azure and AWS audit, identifying unused cloud recourses reducing monthly spend ($37,000).

• Reviewed candidate profiles, interviewed selected clients resulting with hiring resulting in a successful onboarding.

• Implemented Sectigo SSL renewal and installation automation eliminating service disruptions from expired SSL certificates.

• Automation plans and improvements involved global collaboration with Melisa and Doug (USA), PawPatrol (USA), digital games (Sweden).

• Implemented Cyber Security Assessment Tool (CSAT) for on prem assets improving Spinmaster’s threat intelligence and security visibility.

• Fixed configuration issues breaking https:www.pawpatrol.com that previously went un-resolved for more than 8 months. Spinmaster’ web team was unable to identify and fix the AWS configuration breaking the webstore. Using analytical skills, root cause analysis, discussions with development teams, a solution using custom scripting was implemented.

• Resolved DNS and SSL security deficiencies with

htttps://www.swimways.com, https://www.spinmasterstudios.com with trickle down effects across SpinMaster’s entire cloud operations.

• Enhanced security on DNS servers and updated systems aligning with security objectives for 2025.

• Lead project to consolidate domains (1389 total) reducing costs by 20% while automating renewals and billing.

• Demonstrated communication skills with vendors, cross functional teams and child companies resulting in 27 outstanding technical issues being resolved.

Cybersecurity Consultant Toronto,

Canada

Cloud cybersecurity consultant

05/2024 - 10/2024

• Managed public cloud operations team with implementing Innovative solutions, IaaS, PaaS, SaaS using cloud engineering best practices.

• Chief architect for company's IT systems and IT infrastructure.

• Premise SIEM expert. cloud security. SOC 2, ISO 27001, GDPR compliant, Rapid7, CrowdStrike and Cloud security tools. CSSP certified.

• Conducted real-time threat screening and hardened systems depending on assessed threat level.

• Consulted on governing IT documents, policies and procedures including the business continuity and disaster recovery plan.

• Assessed physical security and cloud security and presented a comprehensive action plan to address findings.

• Implemented emergency response plan, previously nonexistent.

• Evaluate security deficiencies and network protocols. RBRO Solutions Markham, Canada

Cloud Operations Manager

05/2020 - 04/2024

• Managed cloud operations demonstrating operational expertise with implementing innovative solutions, IaaS, PaaS, SaaS pushing forward the company’s digital transformation and strategic direction.

• Created cloud-based infrastructure and architecture for company’s principal SaaS offering. Leveraged technical knowledge of Azure and AWS to deliver a secure solution that satisfied defined security operations with a 99.97% uptime.

• Generated monthly, quarterly and yearly reports used in budgeting meetings and yearly budget preparation.

• SIEM management and implementation improving security, intrusion detection and attack posture visibility by 100%

• Implemented security technologies Rapid7, CrowdStrike and Microsoft Defender, NewRelic, Applications Manager, Azure Monitor and Azure Firewall using artificial intelligence.

• Conducted real-time threat screening and hardened systems depending on assessed threat level.

• Architected company cloud-based infrastructure and security and maintained and monitored cloud and on premises network security though hardening and monitoring of Network infrastructure and Network architecture and applying Information Security Management best practices.

• Managed day-to-day IAM operations and assumed security accountability.

• Establish IAM policies, procedures and standards that met regulatory compliance in US, UK, EU, Canada.

• Incident response management: Created the security guidelines and response plan that successfully dealt with 3 security breaches resulting with 0% data loss and 4 hours downtime before normal operations were resumed. Assumed accountability for operational resilience. Conducted forensic analysis.

• Authored 22 documents: security policies, incident response, user authentication, information and technology governance. Titles include:

Cloud computing due diligence guidelines.

Information Security Incident Management Policy and Procedure.

Security Policies

Root-cause and incident/problem analyst procedures.

Data Governance.

Data Protection Data Breach Policy and procedure.

Information Security Incident Management Policy and Procedure, Data Breach Policy and procedures. (Diagnostic techniques)

Occupational Health and Safety Act and regulations.

• Evaluate vendors, negotiated contracts and authored RFP. Successfully negotiated $70,000 cost savings in Q1 2023 $13,000 Microsoft Azure and Amazon AWS.

• Prepared and managed budgets for operations of the production systems and development systems within 3% of projected costing.

• Managed Azure AD and Active directory between on premise Active Directory and cloud.

• Well versed in Active Directory Design and Engineering. Primary architect for technical solution planning.

• Provided leadership and provided mentorship and guidance to team members, vendors and company staff leveraging interpersonal skills. Team members, when blocked, came to me for advice and guidance. Paired team members as needed or lead the member personally to move projects forward.

• Lead teams in the evaluation of hardware and software products to support the business objectives and technology architecture solutions.

• Lead enterprise level projects, created project plans, documents and proposals and conducted advanced technical and financial analysis in-line with and to support business objectives/planning.

• Maintained a high level of quality assurance through continual testing.

INNOSPHERE Guelph, Canada

DevOps Manager

12/2018 - 12/2019

• Conducted daily SCRUMs with team members, providing guidance and reports to the president and leads the following activities with team members.

• Establishes priorities, provides junior team members with clear goals, and appraises performance.

• Coaches, mentors and develops team members to assist in successfully meeting objectives.

• Leads the team in scoping project timelines and removes blockers / obstacles to ensure projects are completed on time.

• Supports individual growth by encouraging others to learn new skills.

• Determines resource requirements and assign resources, matching staff with appropriate skills to projects.

• Work with team members to deliver the key features, as defined in the R&D Programs.

• AWS, Microsoft Azure and vSphere cloud expert.

• Implemented a $1,610,000 porting of the Advantage core tax software from Azure to AWS for Amazon.

• Software / networking expert with current development technologies such as Git, Azure Git, Microsoft's ADO development pipeline using a mixed Microsoft and Linux architecture.

• Primary deployment technologies in use are Jenkins, Ansible, vSphere, AWS, Microsoft Azure, Octopus.

• Implemented software licensing tool, “SonoType” into the company's development pipeline.

• Played a key role in rolling this software out and supporting adoption of this tool in Bloomberg Tax's development team, both in the US and in Canada.

• Implemented security tools, Carbon Black and Rapid7 bringing AWS's security level in compliance with current industry cloud standards.

• Primary architect for Bloomberg's deployment and technology infrastructure automation reducing time to provision and deploy the company's production environment from 2 weeks to under 1 hour. IGNITE INSURANCE Waterloo, Canada

DevOps Manager-senior IT Architect

09/2017 - 12/2018

• Cloud technology expert in Azure, AWS VmWare and vSphere virtualization technologies.

• Implemented core technology changes resulting in increased productivity, increased development velocity reducing software deployment time by 75% by implementing software / infrastructure automation.

• Leveraged CIDC technologies such as terraform, Jenkins and AWS cloud formation for network provisioning and deployment. Reducing software release times buy 90%.

• Provides Business and technology and strategic guidance and aid in developing scope and projected budget / costing for new IT projects resulting in 2 critically delayed and over budget projects being successfully delivered within the revised project charter.

• Oversaw and implemented complete company intranet project realizing an immediate cost savings of $125,000 and annual operational savings of

$78,000 by leveraging existing, underutilized technologies already in use by the company.

• Expert with Git and Bitbucket.

CONESTOGA COLLEGE Kitchener,

Canada

Health Informatics Technology -

Professor

09/2015 - 12/2016

• Planned, initiated and executed the successful implementation of the Hedgehog software client/server suite for the Bachelor of Environmental Public Health (BEPH) program meeting this milestone within specific timeline defined.

• Defined and managed the implementation timeline outlining required capital and human resources with MS Project and successfully utilized resource, risk and mitigation strategies bringing the project back on schedule after being critically delayed.

• Launched the Bachelor of Environmental Public Health (BEPH) degree with a September 1, 2016 deadline and assumed the role of supervisor, mentor and project lead for the creation of a virtual city environment for the training of public health inspectors.

• Engaged in advanced training for the environmental public health software for the Bachelor of Environmental Public Health and Public Safety.

• Translated department requirements into information systems requirements.

• Identified analyzed program technology needs as identified by the program Chairs with clear and concise reports to the key stake holders.

• Worked closely with program Chairs, Managers, faculty and staff from multiple schools and departments such as Bachelor of Applied Health and Information Science, Nursing, Community Services, Health Sciences, assisting leadership, decision support and direction regarding technology needs as it pertains to these areas.

• Special events Coordination: Principal coordinator in the team that organized “Hacking Health Café #3”, hosted at Conestoga College in Agora at the Doon campus on January 27th, 2016. The meet-up drew 135 participants and brought together Bachelor of Applied Health and Information Science, Engineering and top industry speakers in the fields of Health Care, technology and innovation.

• Coordinated with applicable college departments to prepare the facilities for the event, including catering, AV setup, venue booking, arranging speakers, securing funding, managing event budget and delegating key tasks and responsibilities to appropriate persons. SBSIMPSON GROUP INC Burlington,

Canada

IT Manager

09/2014 - 08/2015

• Provided a critical role in establishing and supporting the continuous IT development in eight branches in Ontario and Quebec.

• Assumed direct leadership and management for all of the IT operations.

• Provided service level management (user experience and usability of services), project leadership and corporate representation.

• Managed all corporate IT security and policies and enforced compliance including two data centers located in Burlington and Mississauga.

• Systems administrator for Microsoft Server / MS Exchange server and associated hardware and services for 93 users in nine branches, (head office inclusive) in the province of Ontario and Quebec.

• Managed network, servers, firewalls, DNS, DHCP and physical infrastructure utilizing Puppet and Ansible and VMware.

• Objectives obtained: Assessed corporate network to ascertain strengths and network weaknesses. Identified key areas in need of improvement and created associated project plans addressing the found needs.

• Planned network migration from window's Server 2003r2 to Windows server 2012r2 setting project timelines, objectives and key milestones while maintaining project budget.

• Negotiated project costing with third party IT support for corporate network update.

• Liaised with licensing vendors, negotiated software licensing agreements for corporate server systems bringing total costs down from $43,000 to

$36,000.

• Conducted a corporate wide network assessment requiring collaboration with multiple vendors resulting in doubling bandwidth and increased reliability with a cost reduction of $10,000 per year.

• Drafted and implemented security policies within the corporation and facilitated adoption of said policies.

Skills

• Managing / mentoring IT professionals

• Ability to work independently

• Creating successful and effective IT teams

• Business Strategy planning and implementation

• Ability to interact effectively and build relationships with all internal and external stakeholders and partners

• Policy creation and strategic visionary for data governance security and IT Policies

• IT infrastructure architect with cloud services such as Azure, AWS

• Recruiting and team building

• CCSP

• VPN (Virtual Private Networks)

• Security implementations

• Rapid7

• CrowdStrike

• Sentinel, Defender, CSAT’

• Analyze trends, threat modeling

• SSL automation with Sectigo

• Automation implementation with Ansible / Terraform

• Azure firewall

• Incident response

• IT leadership, professional development, continuous improvement

Education and Training

UNIVERSITY OF GUELPH

Masters of Applied Science in Biomedical Engineering 02/2014 ST. FRANCIS XAVIER UNIVERSITY

Bachelor of Information Systems and Computer Science 07/2003

Contact this candidate