Direct backup to the Director of Management Information Systems (MIS) for all City-wide data and voice information system operations while being directly held responsible for the continuous operational stability, efficiency, and security of the City’s enterprise-wide information systems.Supervisor: City Manager, Nick Mimms.
Unified Security and Network Administrator professional experience and duties as they pertain to the 10 domains of knowledge of the CISSP CBK. Please also consider the Comptia Security+ and Microsoft Certified System Administrator (MCSA) certification as additional information assurance experience.
Access Control – Administration of an enterprise Microsoft domain-based network environment with an IBM Power 8 Midrange computer by managing an active directory and AS400 object-oriented environment consisting of users, groups, and organizational units to enforce via group policies (GPO) access controls to limit access to sensitive information at the domain level of the network through the concept of least privilege.Duration: twelve plus years of experience.
Telecommunications and Network Security – The City’s enterprise network operates and is managed through the Network Administrator within an air-gap defense network environment provided by a managed Internet Service Provider (ISP).Therein, the Network Administrator coordinates with the network operations center of the managed ISP provider to collaborate and mitigate known threats to the City’s via QRADAR (SIEM tool) and monitor WAN/LAN bandwidth metrics via other WAN applications such as eHealth.The Network Administrator also monitors and manages the municipal owned gateway firewalls, routers, and switches used over the managed ISP throughout 7 sites total which are provided WAN connectivity within a state-wide air-gap defense network provided by the managed ISP provider.TCP/IP is the primary data and voice communications protocol used throughout the City’s network as managed by the Network Administrator and additional measures such as employing the use of self-signed certificates for network devices to communicate via encrypted channels such as HTTPS and/or SSL is employed.In addition, site to site VPN’s are managed between the routers of the managed ISP provider and the routers of the City’s enterprise network via the Network Administrator to encrypt traffic end to end.
Telecommunications and Network Security (continued) – All external mobile device and computer connections can only access the City’s enterprise network through the use of the aforementioned site to site VPN or client to LAN VPN’s through a Cisco VPN client or Juniper SSL VPN to encrypt TCP/IP traffic end to end between the remote node and the City’s enterprise network for all TCP/IP data communications. The Network Administrator has also configured layer 2 and layer 3 TCP/IP measures to help prevent MAC Flooding, VLAN Hopping for VOIP and NAT/PAT to help prevent network foot printing. Duration:ten plus years of experience.
Information Security Governance and Risk Management – The Network Administrator has documented, trained users, and helped to implement a City-wide PCI-DSS policy for PCI-DSS compliance impacting all e-commerce transactions. The Network Administrator has also helped to document, update, and implement an Internet Access Telecommunications policy, an E-mail Usage and Retention policy, and a City-wide business continuity and disaster recovery policy with procedures and user training.The Network Administrator helps to ensure operational PCI-DSS compliance and works with the Finance Department to recertify via SAQ and quarterly technological tests for PCI-DSS compliance on an annualized basis.Duration:ten plus years of experience.
Business Continuity and Disaster Recovery Planning – The Network Administrator setup a disaster recovery solution known as NOMAX for the IBM Power 8 Midrange Computer which helps meets the requirements of the enterprise-wide business continuity and disaster recovery plan as well as helped to ensure the reliable processes of backing up critical systems such as Microsoft domain controllers, applications servers, and data storage devices via the traditional “grandfather” system of tape backups as a complimentary and redundant method to the NOMAX disaster recovery solution to help ensure the continuity of municipal operations and/or to help recover in the event of a human-factor, technological, and/or natural disaster.Duration: eight plus years of experience.
Physical (Environmental) Security – The Network Administrator monitors and manages Facility Commander which is a server, database, hardware, and software/application based physical building security solution for City Hall.The Facility Commander unified command and control physical access control security solution employs PTZ, Infrared, and motion cameras for digital video surveillance and recording as well as integrated access control features such as single and dual factor authentication via an employee photo identification badge and RFID chip to access sensitive areas along with biometric and keypad options for dual factor authentication to access highly sensitive locations.Electronic door strikes and electronic magnetic locks are deployed with RFID readers to enforce access control with the support of video surveillance within a unified solution managed by the Network Administrator.Duration:6 plus years of experience.
Digital Forensic & Network Stack Experience
Connectivity & Hardware: (Layer 4) Sonicwall NSA 3600 & 2400 firewalls, Sonicwall TZ-200 firewalls, (Layer 4,3) Edgemarc 4550, Cisco 3925 and 3825 HSEC, Cisco 2901, 2621XM, and 2621XM HSEC, Cisco 1900, 1800, 1700 series, Cisco 800 and 800W series, Cisco Catalyst Series Switches, Hewlett Packard 5412zl PoE network core layer (3/2 switches), Hewlett Packard 2910al PoE (layer 3/2 switches) , IBM Power 8, IBM Blade Center S, DNS Servers, DHCP Servers, Web Servers, Ethernet, Fast Ethernet, Gigabyte Ethernet, single and multimode fiber, WAN, LAN, TCP/IP, and RAID systems.
Cisco Technologies: Cisco 3900 & 3800 series, Cisco 2900, 2800, & 2600 series, Cisco 1900, 1800, and 1700 series, Cisco 800 and 800W series, Cisco Catalyst 3000, and Cisco Catalyst 3100.
Network Technologies: CDP (disable recommended), Frame-relay, PPP, Access Control List (ACL), Network Address Translation (NAT), Port Address Translation (PAT), RIPng, RIP, RIPv2, OSPF, EIGRP SNMP, SNMPv3, SMTP, ARP, TCP, UDP, Static Routing, Stub Routing, VLAN Trunking, VLAN, VTP, STP, Etherchannel, and Portfast.
Peripheral Technologies: AAA, IPS/IDS, TACACS+, RADIUS, SSH, VACL, PVLAN, Firewall, VPN, Tunneling,VoIP, IP Phone, Catalyst, CUCM, QoS, PoE, CME, CUE, Port Security, MAC Address Filtering.
Digital Forensic Tools: Niksun, Juniper Security Threat Manager SIEM, IBM QRADAR SIEM, Wireshark, Solarwinds, Sonicwall, PUTTY, Gargoyle, Maltego, WinHex, FTK Tools, DD, Encase, & Cisco SDM.
Desktop Technologies: Polycom VOIP, Windows 8, 7, Windows 2012, 2008, 2003 Servers, IBM V7R1M0 Client Access, Microsoft AD, Lotus Notes Domino 9.0, and Microsoft Visio and Microsoft Office.