Novacoast

Novacoast helps organizations find, create & implement solutions for a powerful security posture through advisory, engineering, development & managed services.

Security Engineer5/2016 - Current

Consultant for various companies ranging from 200 - 300,000 endpoints for both private and public sectors providing architecture and or operational support for enterprise endpoints using multiple vendor products with a specialty on Broadcom products, Data Center Security (DCS), Symantec Endpoint Protection (SEP) Symantec Endpoint Security Complete (SESC) and Symantec Data Loss Prevention (DLP). Microsoft Defender 365 and SentinalOne.

One of the main objectives for many of these clients was on policy tuning of various security applications to provide actionable events to their Security Operation Centers (SOC), while doing this type of work we also found many security vulnerabilities and worked woith various operational teams to resolve these vulnerabilities which then reduced event count.

Migrated customers from one vendor product to another by working with both vendors to find the best solution for the migration depending on the size of the environment, this would usually entail scoping, pilot and final group(s) after each phase we would do a configuration and health check and modify as needed with the final group(s) deployed we would work with the SOC to create procedures on actionable incoming events, we would also assist them in integrating the endpoint security application into the SEIM.

Provide Incident Response (IR) for clients both onsite and remotely, this is always a team effort and would work with various team members to find root cause and then determine solution. Depending on root cause the solution could be as simple as updating endpoint protection software to complete rebuild of desktops and servers.

Delta Airlines

Delta Air Lines, Inc. is a major American airline, with its headquarters and largest hub at Hartsfield–Jackson Atlanta International Airport.

Senior Security Engineer Symantec Endpoint Protection5/2015 - 4/2016

Managed SEP environment for Delta Airlines (65000 +\- clients Server and Desktop) Work with various teams within Delta Airlines to upgrade and tune the SEP solution to 12.1 RU6. This process consisted of testing with all the business units for compatibility with the new version of SEP, if issues were found we worked through all issues. Worked with developers to have Delta Airlines applications submitted to Symantec to be whitelisted to avoid any issues during deployment. One of the other requirements that was requested was to integrate SEP with active directory for SEP administrator authentication. We worked on getting the number of systems being out of date reduced by over 85% by using a windows PowerShell script I wrote to copy definitions to the out of date clients. Working with the VDI team to implement best practices for VDI systems, by using the virtual image exception tool along with tuning the scan settings. Verified all systems from active directory have SEP installed by using a PowerShell script to compare AD to the SEP database.
Created SEP groups to manage policies for specific types of servers or servers requiring special handling, this applied to AD, SQL, Exchange and Delta developed applications by following Microsoft’s best practices along with specifying scheduled scans and special exceptions for Delta applications. Managed bandwidth using the Apache mod to limit bandwidth for locations with limited bandwidth. Along with using Apache to help manage bandwidth we also implemented SEP GUPS in low bandwidth locations to distribute definitions. Installed Symantec IT Analytics to be able to create consolidated reports from all SEP sites. This is also shared with other teams to allow them to create reports with specific information they need. Upgraded and tuned Symantec Protection Engine 7.5 for scanning of the NetApp file servers, created PowerShell script to poll the event logs and consolidate into a single report from all protection engines. Created custom Host Integrity policies to manage clients by checking for specific criteria on client then setting a registry key, copying a file to the client. Reduced license renewal cost by 18% Provided training to field operations and support desk on SEP client troubleshooting steps to allow them to resolve issues quickly without escalation.

COX Automotive

One of the world’s largest providers of products and services that span the automotive ecosystem.

Senior Symantec Endpoint Protection Engineer3/2012 - 4/2015

Managed SEP environment for COX Automotive (7500 +\- clients Server and Desktop) This position required resolving multiple issues from clients not communicating with the SEP servers to finding clients without SEP installed by using active directory and running SQL queries to the SEP DB. Modified firewalls to allow new applications to only communicate on required ports to lower the exposure risk at COX Automotive. Built client installation packages for the various teams (Desktop, Servers and Virtual). Work with the virtual team to tag all VDI clients to eliminate duplicate clients in the DB. Performed multiple upgrades and build out of new SEP POC for SEP 12RU5 and Data Center Security version 6.0. Provided training to desktop support teams on SEP client troubleshooting steps to allow them to resolve issues quickly without escalation. Did POC for System Center Endpoint Protection (SCEP) during the upgrade of the SCCM of the new SCCM 2012 solution for servers and workstations. Upgraded the Microsoft BitLocker and Monitoring (MBAM) to version 2.5 which to resolve a bug from version 1, and allowed us to force encryption after X number of days by using a GPO.

Dentistry for Children

Largest Orthodontics and Pediatric dentistry provider in the southeast.

Windows Network Engineer2/2012 - 3/2012

Systems administrator for server environments consisting of Windows 2003 and 2008. This entailed setting up new servers and consolidating existing servers from remote offices and data centers into one central location by either moving servers or building a VMware server and migrating servers. Worked with remote offices to correct or change connectivity issue to the main data center, also assisted with application issues running on the servers. Worked with outside vendors to setup and install new imaging and X-ray software for office conversions.

Citrix Systems Inc.

Leading provider of software for server and desktop virtualization and networking solutions.

Technical Support Engineer8/2011 - 2/2012

Provide all levels of support for Citrix Products with an emphasis on Citrix Access Gateway (CAG) and Web Interface (WI). As these two products are the connecting point into most Citrix products our team has a working knowledge of all Citrix products. This position requires a high level of knowledge in networking devices (switches, firewalls load balancers) and also the Windows operating systems with Active Directory (AD) as many of the Citrix products rely on AD to provide access to the networked resources. In assisting customers that required secure access for external users we also needed a firm understanding of SSL certificates. Our testing of the customer’s environment is not considered fully tested until we are able to launch an application or desktop from Citrix XenApp or XenDesktop. In order to achieve this we also have a very detailed knowledge of these products that allow us to setup a new application or troubleshoot existing applications.

Managed Business Systems Contract with HP

Provided Disaster Recovery to SMB by offering shared server recovery in offsite location, or portable containers configured and shipped to specified location.

Data Center Engineer – Business Continuity and Recover (BCRS)1/2011 - 7/2011

Work with BRCS clients in getting their disaster recovery plan implemented for their rehearsal. This would involve building their Windows 2003 & 2008 servers physical or virtual (VMware) and assisted with connecting to the Cisco Network equipment per their specifications in the BCRS environment. During their rehearsal time assist them with getting BCRS servers loaded with their OS image(s), application(s), and assisting them with using other HP equipment such as tape libraries, KVM’s, desktops or printers. Assist with getting client’s backups running using Data Protector, Symantec Netback or Backup Exec.

CDI Contract with IBM

Outsourced virtual desktops from server access to fully managed and hosted virtual desktops.

VMware & Windows System Administrator7/2010 - 8/2010

Windows server 20003, 2008 and VMware ESX 4 administration providing support for external clients that use IBM/Desktone for virtual desktops running Windows XP &Windows 7 for their end users. The scope of this assignment was providing one stop support for all issues related to Windows Servers and Desktops, VMware and Storage. Supported building new VM’s (virtual Machines) which including hardening the VM and OS. Assisted clients with AD (Active Directory) and disk space management needs on the SAN.

QUALITY TECHNOLOGY SERVICES

Full service technology infrastructure company providing Managed Services, Datacenter Services, Media Services and Professional Services to businesses.

Senior Technologies Specialist Network Operations Center9/2008 - 8/2009

Supervised and trained new NOC personnel on internal procedures and security regulations, along with our ticketing system (Remedy). Mentored junior staff with root cause analysis and what steps need to be taken to resolve that issue while the clients are on phone. Along with supervising and training also provided third level technical support to hosted and fully managed co-location customers. Primary responsibilities pertained to Cisco switches, routers and Windows servers (2000, 2003 and 2008) with secondary responsibilities being Unix / Linux support. Support for all systems dealt with issues ranging from disk space and CPU utilization to issues on their SQL, IIS and Apache applications. This involved transferring files from remote sites to local servers by FTP and Web interface. Work with the customer and Microsoft or other software vendor to resolve the issues, if unable to resolve the issue within a given time frame I would at that point engage one of the on call groups to get involved with the issue, at that time the NOC would become a liaison between the customer, software vendor and supporting group(s) until the issue was resolved to the customers satisfaction.

Built the NOC's major incident intranet site to streamline the process of working major incidents. This site was built to allow different people to walk through a major incident with a check list and links to applications needed to perform their assigned duties. This application also created an after action report with a detailed timeline with issue, cause, resolution along with customers affected, internal resources contacted and their roles during the major incident. This website cut the after action report generation time from roughly 2 days down to 10 minutes after the incident.

• Contributed significant cost savings by maximizing usage of existing equipment and resources to facilitate on-time, under-budget project delivery for customers.
• Built the NOC's major incident Intranet site, providing comprehensive protocols, checklists, and links to applications and related resources critical to troubleshooting and resolving system issues.

KEAN UNNERSTALL CONSULTING

Independent technology consulting company.

Technology Consultant / Business Principal7/2004 - 8/2008

Provide administrative, technical and project management for multiple clients ranging from small data centers to enterprise class data centers 1000+ servers. Provided design, implementation and support of Windows 2000, 2003, 2008 and UNIX servers in both stand alone and VM (Virtual Machine) systems. This included installing the OS, writing scripts, applications, configuration settings (DNS, WINS, DHCP and SNMP) and software as well as hardening, security patch management and encryption either manually and through scripts to ensure all servers stayed in compliance with company and government regulations.
Managed the migration or move of small data centers (5-20 servers). This would entail getting the data circuit(s), shutting down servers and peripheral equipment then work with moving company to pack and ship servers to new location. Install and bring servers and network online and verify that all systems are working in the data center and then also verify that desktops have access to all needed systems and outside access.
Managed user desktops and Microsoft exchange E-Mail accounts with AD (Active Directory) and login scripts, wrote scripts to manage servers and users during office moves or migrations of servers. This included adding or modifying user information about their location or OU, also used ScriptLogic to move data files on servers during migrations. Designed and implemented PHP based applications (PHP, MYSql, HTML and JavaScript) for IT departments for various inventory, process management, files upload by web interface and FTP access and user questionnaire projects. Managed and implemented a Cognos 8 Financial Application including IIS, Microsoft SQL and Cognos application servers on VMware, setup various web based clients for senior staff and executives. This included modifying HTML code to comply with company practices and also allow users to navigate site per accounting department’s guidelines.
Working with outside clients resolved internet issues with IIS including reviewing logs and configuring settings for IIS. Work with various outside vendors to integrate their equipment or service into the current infrastructure and provide detailed documentation on the configuration of the servers and applications installed. This ranged from adding a phone line to the phone system to adding a DS circuit and installing the d-mark equipment.

• Constructed multiple PHP-based websites, implementing HTML, PHP, MySQL, and JavaScript for file upload and download through web interfaces and direct FTP, also for form processing before submitting to server.
• Ensured all servers remained in compliance with company and government regulations through effective management of security systems and patches.

BANK OF AMERICA

One of the largest financial services companies and banks in the U.S., with $113B+ in revenues (2008).

Senior Systems Administrator Atlanta Data Center12/1997 - 7/2004

Managed the Atlanta data center for the Global Corporate Investment Bank division. This included 65+ Windows NT, 2000 & 2003 and 450 UNIX (Solaris) servers. This included the VERITAS Net Backup 4.5 and 5.0 solution for the Atlanta Data Center for 4+ terabytes of data on Intel and UNIX platforms. Implement new policies and procedures guide to insure adequate data protection for 75 remote sites. Part of team to provide operational support for the Windows NT, 2000 & 2003 Advanced Server environment for 1000+ geographically dispersed servers for Global Corporate Investment Banking division.

• Enhanced utilization of storage space 25%, reduced environmental cost 15%, and provided remote disaster recovery space for remote locations by spearheading the $1M design/upgrade of a managed data facility.
• Cut desktop support costs 10% division-wide by implementing a homogenous desktop for supported groups in addition to provision of third-level support to clients in finance/investment banking sub-groups.
• Rectified inadequacies in existing data protection measures impacting 75 remote sites by implementing a new policies and procedures guide.
• Increased response time in resolving system problems by creating a method of instant notification, via pager, of issues requiring immediate attention.
• Strengthened integrity of Atlanta’s backup systems with installation of a Veritas NetBackup platform, which allowed for single-system tape management and improved monitoring of the backup process as a whole.

CENTERS FOR DISEASE CONTROL AND PREVENTION

Agency of the U.S. Department of Health and Human Services focused on protecting public health and safety.

Data Center Support (Contract)9/1996 - 12/1997

Played key role in the installation, configuration and maintenance of the network architecture for the CDC’s data center. Helped assemble the network’s physical components (routers, switches, hubs, servers, Ethernet) and workstation structure to serve 700 clients, and then set about the task of installing and configuring software.

• Expedited O/S conversion (Windows 3.x to 95), enabling network connectivity, streamlining communications and exchange of information, improving productivity, and providing access to common applications.
• Authored a procedural manual for installation of Windows 95 with ghost software, which enabled a 25% faster deployment across the organization.