With two decades of experience in all areas of information technology, from network engineer to Director of Infrastructure, John has demonstrated a passion for excellence, adaptability, and a talent for clear communication. His focus on security includes a GSEC certification.
Core Technical Competencies
OS / Windows Server: NT4, 2000, 2003, 2008, 2012, 2016, Linux: RedHat, CentOS, Ubuntu, FreeBSD, Solaris 2.5.1–10, VMware ESX, Cisco: CatOS, IOS, ASA, Mac OS X, iOS
Security / GIAC Security Essentials (GSEC) Certified, Cisco ASA and IDS/IPS, Raptor/Symantec Enterprise Firewall, Juniper firewalls, Cisco VPN (AnyConnect client and site-to-site), Cisco Access Control Server, Rapid7 Nexpose and Metasploit, Windows Certificate Authority, Kaspersky
Microsoft / Windows (NT4, 2000, 2003, 2008, 2012, 2016, XP, 7, 10), Active Directory, Group Policy, DNS, SMS/SCCM, Lync/Skype, Office 365
Network / Cisco, EIGRP, LAN, WAN, free space optical, LAN wireless, switching, routing (static/dynamic/policy based), VPN, GRE, QoS, Nexus
Mail / Exchange, Sendmail, Postfix, SpamAssassin, Postini, Google Apps / G Suite, Office 365
Web / Apache, IIS, PHP, Perl, mySQL, WordPress, Drupal
Storage / NetApp, Equallogic, Nimble, Sun, Samba, DLT, LTO, iSCSI, Fibre Channel
Wireless / Cisco LWAPP Controllers and WAPs
Phone / Cisco CallManager, Cisco Unity, unified messaging, ThinkingPhones
Languages / Perl, bash/sh/csh/ksh scripting, PowerShell, expect, PHP, Objective-C
DNS / ISC BIND, Windows Active Directory
Mobile / iOS Development, Objective-C, Xcode
Virtualization / VMware Certified Professional, ESX, ESXi, vCenter, Veeam
Director of Infrastructure and Security
Ipswitch – Madison, WI / December 2014 – present
- Lead a multi site cross-functional team supporting IT Infrastructure, including helpdesk operations, network, security, Active Directory, and central applications
- Recommend and implement security best practices to continually improve security posture
- Built a vulnerability scanning and remediation process, based on Rapid7’s Nexpose vulnerability scanning suite. Weekly vulnerability scans with ongoing remediations. Monthly reporting to security council and management
- Introduced internal network segmentation and firewalling, restricting unmanaged internal test machines away from production systems
- Designed, and built an offline root certification authority infrastructure, with automatic deployment of user identity certificates via group policy
- Designed, built, and deployed a certificate-based two-factor authentication (2FA) system utilizing existing firewall and Windows AD/Group Policy infrastructure
- Built a centralized syslog server, gathering critical logs from all security devices
Ipswitch – Madison, WI / January 2012 – December 2014
- Senior technologist within Ipswitch IT, analyzing business requirements and evaluating technologies to best meet the needs of the organization
- Mentored, educated, and developed junior staff
- Deployed Veeam backups across all production VMware clusters
- Implemented replication for critical virtualized servers at primary colo, replicating daily images back to VMware infrastructure in Lexington headquarters
Senior Network Administrator
Ipswitch – Madison, WI / March 2010 – January 2012
- Supported all local IT needs for Madison Ipswitch office
- Acted as technical lead for network, security, and VMware for all Ipswitch sites
- In 2010, integrated acquired company’s existing infrastructure into Ipswitch
- Led technical team to move headquarters to new site with minimal downtime for servers and systems on which all users globally depend
Eragen Biosciences – Madison, WI / October 2009 – March 2010
- Managed all IT infrastructure for privately held biotech firm
- Ensured proper access control to meet applicable FDA standards
- Managed and assisted helpdesk staff in providing end user support
Senior Technical Specialist
Emerson Network Power – Madison, WI / May 1995 – September 2009
- Developed, implemented, and maintained infrastructure for growing telecommunications engineering and manufacturing firm. Network, servers, security, and Active Directory as primary responsibilities.
- Implemented site-to-site T1 with VPN failover between US and UK sites, upgraded UK router/switch infrastructure and integrated with EIGRP.
- Initiated plans to better integrate our legacy UNIX engineering systems with our growing Windows network; project and user files became equally accessible from either platform.
- Implemented free space optical gigabit network link between buildings with Cisco 802.11 backup radio link, providing maximum performance to users at minimal cost on Madison campus.
- After company acquisition, led project to integrate legacy Active Directory domain and Exchange infrastructure into larger corporate forest.
- Implemented Microsoft Exchange 5.5 in 1999. Migrated to Exchange 2003 and integrated into parent company Exchange org in 2006.
- Designed and implemented secure wireless infrastructure in three sites and two countries based on Cisco LWAPP technology, integrating into Active Directory using Cisco ACS.
- Initiated project to build VMware infrastructure for engineering servers and to migrate from standalone Windows servers.
Computer Systems Lab, University of Wisconsin–Madison, Madison, WI / Nov 1993 – Aug 1995
Education & Training
B.S. in Computer Science, University of Wisconsin–Madison, May 1995
GIAC Security Essentials, June 2016
Nexpose Certified Administrator, July 2016
WhatsUp Gold, October 2012
VMware Certified Professional, August 2007
Microsoft Windows Server 2003 Active Directory Infrastructure, July 2006
Cisco Networkers 2005, 2006
System and Network Security Conferences (SANS) 1997, 1998
References available upon request.