Direct backup to the Director of Management Information Systems (MIS) for all City-wide data and voice information system operations while being directly held responsible for the continuous operational stability, efficiency, and security of the City’s enterprise-wide information systems. Supervisor: MIS Director, Marjorie B. Gaskin.
Unified Security and Network Administrator professional experience and duties as they pertain to the 10 domains of knowledge of the CISSP CBK. Please also consider the Comptia Security+ and Microsoft Certified System Administrator (MCSA) certification as additional information assurance experience.
Access Control – Administration of an enterprise Microsoft domain-based network environment with an IBM Power 8 Midrange computer by managing an active directory and AS400 object-oriented environment consisting of users, groups, and organizational units to enforce via group policies (GPO) access controls to limit access to sensitive information at the domain level of the network through the concept of least privilege.Duration: twelve plus years of experience.
Telecommunications and Network Security – The City’s enterprise network operates and is managed through the Network Administrator within an air-gap defense network environment provided by a managed Internet Service Provider (ISP).Therein, the Network Administrator coordinates with the network operations center of the managed ISP provider to collaborate and mitigate known threats to the City’s via QRADAR (SIEM tool) and monitor WAN/LAN bandwidth metrics via other WAN applications such as eHealth.The Network Administrator also monitors and manages the municipal owned gateway firewalls, routers, and switches used over the managed ISP throughout 7 sites total which are provided WAN connectivity within a state-wide air-gap defense network provided by the managed ISP provider.TCP/IP is the primary data and voice communications protocol used throughout the City’s network as managed by the Network Administrator and additional measures such as employing the use of self-signed certificates for network devices to communicate via encrypted channels such as HTTPS and/or SSL is employed.In addition, site to site VPN’s are managed between the routers of the managed ISP provider and the routers of the City’s enterprise network via the Network Administrator to encrypt traffic end to end.
Telecommunications and Network Security (continued) – All external mobile device and computer connections can only access the City’s enterprise network through the use of the aforementioned site to site VPN or client to LAN VPN’s through a Cisco VPN client or Juniper SSL VPN to encrypt TCP/IP traffic end to end between the remote node and the City’s enterprise network for all TCP/IP data communications. The Network Administrator has also configured layer 2 and layer 3 TCP/IP measures to help prevent MAC Flooding, VLAN Hopping for VOIP and NAT/PAT to help prevent network foot printing. Duration:ten plus years of experience.
Information Security Governance and Risk Management – The Network Administrator has documented, trained users, and helped to implement a City-wide PCI-DSS policy for PCI-DSS compliance impacting all e-commerce transactions. The Network Administrator has also helped to document, update, and implement an Internet Access Telecommunications policy, an E-mail Usage and Retention policy, and a City-wide business continuity and disaster recovery policy with procedures and user training.The Network Administrator helps to ensure operational PCI-DSS compliance and works with the Finance Department to recertify via SAQ and quarterly technological tests for PCI-DSS compliance on an annualized basis.Duration:ten plus years of experience.
Business Continuity and Disaster Recovery Planning – The Network Administrator setup a disaster recovery solution known as NOMAX for the IBM Power 8 Midrange Computer which helps meets the requirements of the enterprise-wide business continuity and disaster recovery plan as well as helped to ensure the reliable processes of backing up critical systems such as Microsoft domain controllers, applications servers, and data storage devices via the traditional “grandfather” system of tape backups as a complimentary and redundant method to the NOMAX disaster recovery solution to help ensure the continuity of municipal operations and/or to help recover in the event of a human-factor, technological, and/or natural disaster.Duration: eight plus years of experience.
Physical (Environmental) Security – The Network Administrator monitors and manages Facility Commander which is a server, database, hardware, and software/application based physical building security solution for City Hall.The Facility Commander unified command and control physical access control security solution employs PTZ, Infrared, and motion cameras for digital video surveillance and recording as well as integrated access control features such as single and dual factor authentication via an employee photo identification badge and RFID chip to access sensitive areas along with biometric and keypad options for dual factor authentication to access highly sensitive locations.Electronic door strikes and electronic magnetic locks are deployed with RFID readers to enforce access control with the support of video surveillance within a unified solution managed by the Network Administrator.Duration:6 plus years of experience.
Network Management & Network Security Experience
Connectivity & Hardware: Layer 4 Firewalls, Layer 4/3 Routers, Layer 3/2 Switches, IBM (iSeries) Power System, IBM Blade Center, DNS Servers, DHCP Servers, Web Servers, Ethernet, Fast Ethernet, Gigabyte Ethernet, single and multimode fiber, WAN, LAN, TCP/IP, and RAID systems.
Router and Switch Technologies: Frame-relay, PPP, Access Control List (ACL), Network Address Translation (NAT), Port Address Translation (PAT), RIPng, RIP, RIPv2, OSPF, EIGRP SNMP, SNMPv3, SMTP, ARP, TCP, UDP, Static Routing, Stub Routing, VLAN Trunking, VLAN, VTP, STP, Etherchannel, and Portfast.
Peripheral Technologies: IPS/IDS, Firewall, VPN, Tunneling,VoIP, IP Phone, Catalyst, QoS, PoE, CME, CUE, Port Security, MAC Address Filtering.
Network & Digital Forensic Technologies: Niksun, Juniper Security Threat Manager SIEM, IBM QRADAR SIEM, Wireshark, Solarwinds, Sonicwall, PUTTY, Gargoyle, Maltego, WinHex, FTK Tools, DD, Encase, & Cisco CLI & SDM.
Desktop Technologies: Windows OS 10, 7, 5250 emulation, and Server 2012, 2008, 2003 - Microsoft AD, Lotus Notes 9, Microsoft Office & Visio, Polycom VOIP.