Overview

I am an IT systems architect with 15 years experience building highly secure data processing environments for the United States intelligence community. Now, I am looking to apply my expertise here in Singapore either as a full time employee or a consultant. I am particularly adept in short to medium term engagements, taking projects from hazy requirements to the first dozen users.

Skills

  • Highly secure system architecture design of data processing environments compliant with NIST 800-53/ICD 500 series.
  • Extraction, Transformation, and Load (ETL) of heterogeneous structured and unstructured data sets.
  • Full stack design and development of data analysis tools.
  • DEVOPs
    • scripting - *nix shell, Python, Perl, a little PowerShell
    • system administration - linux (Red Hat and Cent O/S) and Windows (2008R2, 2012)
    • network administration - DHCP, DNS, debugging
    • software development - PERL, Python, Java
    • tools - git, Puppet, Kickstart
    • Amazon Web Services

Experience

  • Led engineering teams in full stack design and implementation of
    • ETL (extract, transform, load) of very large datasets with stringent security requirements.
    • Complex web-based analysis tools.
    • Secure, private clouds.
  • Security lead for intelligence community's deployment of IBM's Watson.
  • Guest lecturer at George Mason University graduate program in big data and information security.
  • Deployed internationally for consultations on technical and analytical subjects.

Details

Principal Consultant for Solint, LLC                                   May 2017 – Present

  • Delivered an integrated information security solution prototype for the US intelligence community’s Silicon Valley Innovation Outpost.
  • Managed four separate vendor's engineering team's installation, integration and test.
  • Secured information assets in AWS Workspaces, Workdocs, Workmail, and EC2 instances by implementing AWS Cloudtrail, CloudWatch, IAM using AWS CloudFormation, CLI, and AWS console.
  • Simplified accounting and isolated data assets for concurrent product evaluations by designing a virtual prototyping lab in AWS.
  • Hosted red and blue team security evaluation including penetration testing, product demonstrations, and security architecture review.

Senior Systems Architect for ISE Data Systems                   April 2013 - June 2015

  • Led team developing and deploying a very high priority data integration and analysis project which surpassed time, budget, and capability expectations of Secretary of DHS, Director of CIA, and National Security Council.
  • Enabled zero-eyes data analysis by designing an entirely autonomous data processing system with extensive log, audit, and non-repudiation features using Splunk, digitally signed git, and advanced encryption tools.
  • Saved cost and simplified architecture by using all open source tools including Kickstart, Puppet, git, KVM, Pentaho, Cent O/S.
  • Built Angular.js single-page app to bridge interagency network gap described as a “game changer” for the entire department well beyond this project.

Information Security Consultant for ISE Data Systems        July 2014 - June 2015

  • Successfully guided IBM Watson through customer authority to operate (ATO) process.
  • Led security team development of system security plan (SSP) including triage of NIST 800-53 SCTM.

Systems Architect for L-3 Communications                        October 2006 - March 2013

  • Architected secure cloud environment for big data ETL and analysis.
  • Managed a team of SMEs to deploy secure Linux and Windows environments, multiple database architectures (Oracle, MySQL), and role based encryption.
  • Developed Linux lockdown tools for certification and accreditation (C&A) requirements.
  • Designed/developed extensive monitoring and auditing system involving Nagios plugins, syslog, syslog-ng, Widows event log, and COTS and GOTS auditing tools. Wrote Java-based web-reporting result integration tool.
  • Evaluated commercial hardware and software, authored whitepapers, and briefed results.
  • Developed unmatched expertise in specific COTS encryption, key management, and key provisioning product.
  • Developed automated account provisioning, in Linux, samba, and Active Directory in BASH, then PERL, then Python, and regrettably, some in Powershell.
  • Used VMWare’s vSphere to create, manage, and debug VMs.
  • PKI, LDAP and SSL/TLS maintenance on RedHat's JBoss and Apache products.
  • Lead team to design and build complex, secure cloud storage including COTS encryption on StorNext File Systems (SNFS), network file system (NFS), Samba/CIFS shares, and SAN LUNs.
  • Composed, implemented, and tested networks including subnet, DNS, and hardware and software firewalls.
  • Debugged h/w and s/w in very complex network architectures involving NAT/PAT schemes implemented over vLANs using tools like pcap, nmap, telnet, ping, and lsof.
  • Provided direct analytical support to mission operations.
  • Contributed to Meritorious Unit Citation by designing and deploying MySQL, PHP, HTML, and JavaScript web application used by “many” analysts.
  • Performed “big” data ETL and analysis using Pentaho, ECL (LexisNexis’s HPCC), Netezza, and Oracle.
  • Developed framework in VB and Microsoft Access for data triage, rapid prototyping, data quality metrics, and report generation, significantly reducing modeling time.

Intelligence Analyst for CACI                                             November 2005 – October 2006

  • Developed Excel/GOTs-based search solution of financial data.
  • Designed and implemented a standardized system for managing large catalog of image files.
  • Authored weekly threat report that launched several follow-up investigations.

Systems Engineer for Lockheed Martin                              July 2004 - October 2005

  • Analyzed system testing needs to provide solutions that saved time and money.
  • Authored over 26 Statements of Work for thousands of hours and very large amounts of money.
  • Interviewed and briefed senior customer PMs weekly on complex technical solutions.

Internal R&D Project Manager for Lockheed Martin            July 2003 - July 2004

  • Presented solutions to CIO of DHS and other government customers
  • Developed and tested innovative software intrusion detection systems
  • Managed $50K annual budget and supervised 4 employees

Education

Georgia Institute of Technology Graduated: August 2002

Bachelor’s of Science in Industrial and Systems Engineering 3.9 / 4.0
Bachelor’s of Science in Computer Science   3.8 / 4.0
Certificate in Spanish – Business and Technology Focus
3.62 / 4.00 overall GPA – Highest Honor (GT’s Summa cum Laude equivalent)

Cloudera Certified Hadoop Systems Administrator 2012