Hollywood, Florida, United States
With over two decades of experience, I am an outcome-driven technical leader who has consistently delivered results to both customers and internal teams across various organizations. My leadership is backed by a solid track record of success in the IT industry. As a seasoned IT veteran, I bring a harmonious blend of deep technical acumen, astute business knowledge, and a proven capacity to design, architect, implement, and secure large-scale complex enterprise solutions. My expertise lies in driving projects to fruition with a keen eye for detail and a commitment to excellence.
Spearheaded the architecture of a industry pioneering automated Federal Private 5G solution, focusing on securing the 5G core, RAN, microservices, and management systems across Azure, on-premises, and edge platforms. • Directed the design, governance, and strategic evolution of the PKI solution for the Federal Private 5G initiative. • Collaborated with internal engineering leads and external partners to ensure the seamless integration and operation of security systems, advocating for security prioritization in product development. • Engineered a cutting-edge, large-scale PKI and cryptographic architecture, incorporating a cloud-based Certificate Authority in Azure and integrating Keyfactor for certificate lifecycle management. • Instituted certificate authority hierarchies, trust boundaries, and template governance, enhancing security across all domains. • Drove IAM strategies for SSO, MFA, and privileged access, utilizing Azure AD (Entra ID), PingFederate, and CyberArk. • Established as the go-to expert for certificate services, fostering cross-functional collaboration with Infrastructure, Security, and Cloud Engineering teams. • Orchestrated secure communication protocols for on-premises equipment interfacing with Azure-hosted systems, leveraging Azure Express Route, VPN, mTLS, SSH, Netconf, and gRPC tunnels. • Implemented robust secrets and key management protocols using Azure Key Vault, AWS KMS, Cloud HSM, and Hashicorp Vault. • Conducted comprehensive security assessments, identifying vulnerabilities and formulating robust remediation plans through threat modeling and assessment frameworks. • Authored and upheld enterprise-wide PKI policies and technical standards, ensuring operational security and compliance tailored for Federal and DoD clients. • Developed and enforced security policies and procedures in alignment with industry standards and federal regulations.
Senior Manager of 5G Wireless Network Security Engineering Team, which guides the implementation and operations of network security devices and controls across the Dish nationwide environment. My organization supports the buildout of Dish Network's 5G Wireless Infrastructure and is accountable for network security engineering and security mitigations of Dish's 5G Core, IMS Core, RAN and Transport Networks. My team also supports Network Security Designs, which include security controls for multi-VRF layer 2/3 network design, security of GPS timing, secure network routing, zero-touch provisioning of devices, capacity engineering, Public Key Infrastructure (PKI) and secure connectivity to Internet and third parties. • Provided technical expertise and leadership to a skilled team of network security engineers, architects and vendor resource engineers, who were accountable for the AWS cloud hybrid enterprise network security, processes, and regulatory services implementation at large-scale. • Develop, socialize, implement, and support a multi-year technical roadmap of security products and architectural approaches to secure Dish's complex 5G AWS cloud hybrid network deployment model. • Develop trusted relationships with key technology and functional leaders, stakeholders, as well as expert solution development partners. • Work closely with engineering and development leaders across the organization and external partners on the successful implementation of security products and systems, while driving them to prioritize operational security into their products and services. • Lead, develop and maintain technology policies, processes, procedures, and key metrics related to all on-premises and AWS cloud infrastructure. • Diligent leader for team growth and development, through active external recruiting and the on-going mentoring, performance management and development of internal talent
• Perform as senior technical advisor and lead on the definition of both software and network security architectural features relevant to a fully cloud-native, highly virtualized 5G network deployment. • Applied knowledge and understanding of various cyber security domains to strategize, design and communicate an innovative and complete security program for the entire 5G enterprise network. • Perform full end-to-end network threat model analysis with specific gap analysis across the entire wireless network ecosystem. • Lead architect and engineer for the design and deployment of a highly complex hybrid network public key infrastructure (PKI). • Applied knowledge and understanding of 3GPP, ETSI, ITU-T, TMF, IEEE and GSMA specifications and standards to 4G and 5G E2E architecture design. • Perform full E2E Wireless network threat model with specific gap analysis across the Wireless 5G ecosystem including the RAN, 5G Core, BSS and OSS systems. • Responsible for complex design creation of all E2E Wireless 5G network security focus areas including; DDoS mitigation, firewalls, PKI, data security, IAM/PAM, RAN, VPN, NAT, TLS/IPsec, DNS, Endpoint, Application and Platform security. • Define technical requirements for RFI/RFP Wireless vendor engagements, including POC use case definitions and contract SOW creation and negotiations. • Lead IoT device security and hardening, including, IoT device secure boot, network threat modeling, NB-IoT core security, Root of Trust, device penetration testing and DMP (Device Management Platform) • Develop High-Level and Low-Level architectural requirements and design documentation, including executive reviews, whitepapers and press releases.
• Principal Systems Architect who provided architectural direction for complex projects across multiple technical areas and business segments. • Principal design authority across multiple IT systems including network security and complex architectural designs of network and application systems. • Provided expert level architectural support for complex system integrations of the AT&T and DirecTV networks, systems, applications and security products. • Solution designs included Risk assessment procedures, policy formation, role-based authorization methodologies, virtualization technologies and security vulnerabilities. • Designed new public key infrastructures (PKIs), including use of certification authorities digital signatures from both third-party, and private CAs for Mobile VPN clients. • Lead architect for design efforts on IDS/IPS Security threat implementations from FireEye Network Security solutions and Splunk. • Responsibilities for development and maintenance of enterprise-level architectural design and project cost estimations of system.
• Lead architect and engineer for the design and deployment of a Oracle/Siebel global clinical trials management system. • Designed and supported technical security policies, procedures and guidelines for multiple platforms and systems. • Developed trusted relationships with key technology and functional leaders, stakeholders, as well as expert solution development partners. • Designed enterprise security solutions and enhancements to existing security solutions to improve overall security posture.
• Senior IT Manager who carried an architectural level understanding of the enterprise retailer and internal call-center environments and in this capacity, performed as an expert on Dish Network enterprise systems functionality and security. • Provided teams with a combination of technical leadership, training, and mentoring for crucial systems hands-on operational support. • Management of Enterprise Operations team whose primary responsibility included the deployment, and configuration management of solutions used for monitoring and automation. • Closely interfacing with IT leadership and executives to drive the review, design, and implementation of system customizations and architectural enhancements.