I am an IT systems architect with 15 years experience building highly secure data processing environments for the United States intelligence community. Now, I am looking to apply my expertise here in Singapore either as a full time employee or a consultant. I am particularly adept in short to medium term engagements, taking projects from hazy requirements to the first dozen users.
- Highly secure system architecture design of data processing environments compliant with NIST 800-53/ICD 500 series.
- Extraction, Transformation, and Load (ETL) of heterogeneous structured and unstructured data sets.
- Full stack design and development of data analysis tools.
- scripting - *nix shell, Python, Perl, a little PowerShell
- system administration - linux (Red Hat and Cent O/S) and Windows (2008R2, 2012)
- network administration - DHCP, DNS, debugging
- software development - PERL, Python, Java
- tools - git, Puppet, Kickstart
- Amazon Web Services
- Led engineering teams in full stack design and implementation of
- ETL (extract, transform, load) of very large datasets with stringent security requirements.
- Complex web-based analysis tools.
- Secure, private clouds.
- Security lead for intelligence community's deployment of IBM's Watson.
- Guest lecturer at George Mason University graduate program in big data and information security.
- Deployed internationally for consultations on technical and analytical subjects.
Principal Consultant for Solint, LLC May 2017 – Present
- Delivered an integrated information security solution prototype for the US intelligence community’s Silicon Valley Innovation Outpost.
- Managed four separate vendor's engineering team's installation, integration and test.
- Secured information assets in AWS Workspaces, Workdocs, Workmail, and EC2 instances by implementing AWS Cloudtrail, CloudWatch, IAM using AWS CloudFormation, CLI, and AWS console.
- Simplified accounting and isolated data assets for concurrent product evaluations by designing a virtual prototyping lab in AWS.
- Hosted red and blue team security evaluation including penetration testing, product demonstrations, and security architecture review.
Senior Systems Architect for ISE Data Systems April 2013 - June 2015
- Led team developing and deploying a very high priority data integration and analysis project which surpassed time, budget, and capability expectations of Secretary of DHS, Director of CIA, and National Security Council.
- Enabled zero-eyes data analysis by designing an entirely autonomous data processing system with extensive log, audit, and non-repudiation features using Splunk, digitally signed git, and advanced encryption tools.
- Saved cost and simplified architecture by using all open source tools including Kickstart, Puppet, git, KVM, Pentaho, Cent O/S.
- Built Angular.js single-page app to bridge interagency network gap described as a “game changer” for the entire department well beyond this project.
Information Security Consultant for ISE Data Systems July 2014 - June 2015
- Successfully guided IBM Watson through customer authority to operate (ATO) process.
- Led security team development of system security plan (SSP) including triage of NIST 800-53 SCTM.
Systems Architect for L-3 Communications October 2006 - March 2013
- Architected secure cloud environment for big data ETL and analysis.
- Managed a team of SMEs to deploy secure Linux and Windows environments, multiple database architectures (Oracle, MySQL), and role based encryption.
- Developed Linux lockdown tools for certification and accreditation (C&A) requirements.
- Designed/developed extensive monitoring and auditing system involving Nagios plugins, syslog, syslog-ng, Widows event log, and COTS and GOTS auditing tools. Wrote Java-based web-reporting result integration tool.
- Evaluated commercial hardware and software, authored whitepapers, and briefed results.
- Developed unmatched expertise in specific COTS encryption, key management, and key provisioning product.
- Developed automated account provisioning, in Linux, samba, and Active Directory in BASH, then PERL, then Python, and regrettably, some in Powershell.
- Used VMWare’s vSphere to create, manage, and debug VMs.
- PKI, LDAP and SSL/TLS maintenance on RedHat's JBoss and Apache products.
- Lead team to design and build complex, secure cloud storage including COTS encryption on StorNext File Systems (SNFS), network file system (NFS), Samba/CIFS shares, and SAN LUNs.
- Composed, implemented, and tested networks including subnet, DNS, and hardware and software firewalls.
- Debugged h/w and s/w in very complex network architectures involving NAT/PAT schemes implemented over vLANs using tools like pcap, nmap, telnet, ping, and lsof.
- Provided direct analytical support to mission operations.
- Performed “big” data ETL and analysis using Pentaho, ECL (LexisNexis’s HPCC), Netezza, and Oracle.
- Developed framework in VB and Microsoft Access for data triage, rapid prototyping, data quality metrics, and report generation, significantly reducing modeling time.
Intelligence Analyst for CACI November 2005 – October 2006
- Developed Excel/GOTs-based search solution of financial data.
- Designed and implemented a standardized system for managing large catalog of image files.
- Authored weekly threat report that launched several follow-up investigations.
Systems Engineer for Lockheed Martin July 2004 - October 2005
- Analyzed system testing needs to provide solutions that saved time and money.
- Authored over 26 Statements of Work for thousands of hours and very large amounts of money.
- Interviewed and briefed senior customer PMs weekly on complex technical solutions.
Internal R&D Project Manager for Lockheed Martin July 2003 - July 2004
- Presented solutions to CIO of DHS and other government customers
- Developed and tested innovative software intrusion detection systems
- Managed $50K annual budget and supervised 4 employees
Georgia Institute of Technology Graduated: August 2002
Bachelor’s of Science in Industrial and Systems Engineering 3.9 / 4.0
Bachelor’s of Science in Computer Science 3.8 / 4.0
Certificate in Spanish – Business and Technology Focus
3.62 / 4.00 overall GPA – Highest Honor (GT’s Summa cum Laude equivalent)
Cloudera Certified Hadoop Systems Administrator 2012