Michael T. Mikelas
1000 Greenhill Road
Pittsburgh, PA 15209-1335
412.897.5037
mmikelas@gmail.com
IT Leadership: Accomplished IT professional with well over a decade of industry experience in
progressively responsible and challenging roles. Highly accomplished project leader with repeated
success leading both technological and organizational change including full life-cycle technology
solutions, enterprise level infrastructure upgrades, and organizational transitions. Technically
sophisticated IT leader with a well-earned reputation for strong decision-making, effective
troubleshooting, and administration of mission critical systems. Innovative technology professional
with a proven ability to control costs, foster continuous improvement, and add value. Proven ability to
both lead and develop followers while building and managing synergistic relationships with internal
and external stakeholders.
CAREER PROGRESSION
Axiall, a Westlake Company (Formerly Axiall Corporation) – Pittsburgh, PA
2014 - Present
IS Security Architect
Position is responsible for the strategic architecture and implementation of security
information systems and design to enable Axiall Corporation business to operate in a safe and
secure environment. Functional duties include: establishing and implementing an information
security framework and technical architecture for all Axiall locations; designing, developing
and implementing information security products; gaining organizational commitment for all
systems plans; leading efforts in evaluating and selecting all security technologies required to
complete the systems plans; providing information security expertise and consulting to
Network, Systems, Application and Process Control Network teams; interpreting laws &
regulations and establishing security technologies that meet industry best practices and align
with ISO and NIST Security standards while providing technical leadership across the Axiall IS
organization.
Overview of recent accomplishments:
• Contributed to the evaluation of Managed Security Service Providers (MSSP) resulting in
the selection and implementation of Dell SecureWorks as the vendor of choice for Axiall
•
Provided a working architectural design for the delivery and collection of logging data for
the MSSP
• Evaluated multiple Network Access Control (NAC) solutions, recommending ForeScout as
the most appropriate fit for Axiall’s unique set of requirements
• Evaluated a variety of endpoint defense vendors, and working with the infrastructure
team, selected Intel Security/McAfee as an initial solution to replace Microsoft System
Center Endpoint Protection (SCEP)
• Evaluated multiple multi-factor authentication and SSO solutions, ultimately
recommending SecureAuth as a best-fit option for Axiall
•
•
Provided a review and recommendations on improving the operational health and efficacy
of the organization’s Palo Alto Networks NGFW environment
Provided a review and recommendations on improving the organization’s Cisco
AnyConnect VPN and Cisco Cloud Web Security environments
• Evaluated various “next-gen” endpoint defense solutions, ultimately recommending
Cylance as the best fit for Axiall. Completed a thorough POC effort with the vendor to
demonstrate value to the Axiall infrastructure team. Currently deploying the solution into
the Production environment.
• Continue to review, evaluate, and introduce Security related vendors and solutions in an
effort to both streamline and improve the organization’s overall Security maturity level
and posture
Highmark Inc. – Pittsburgh, PA
2009 - 2014
Senior Architect
Productive member of a lean group responsible for supporting a complex, rapidly growing,
network infrastructure, in a highly regulated industry that is required to comply with strict
audit and security mandates. Responsibilities include installation, configuration and
management of a variety of Cisco platforms including firewalls, routers, switches, wireless,
and management products. Have served as the project leader, technical subject matter
expert or key contributing member to a wide variety of initiatives including, but not limited to:
the establishment and emergence of the Allegheny Health Network; the sale and
disengagement of the Medicare business to Novitas Solutions Inc.; connectivity solutions for
teleworkers, satellite offices and business partners; annual disaster recovery drills; and much
more.
Overview of recent accomplishments:
• Led the integration of Highmark’s former subsidiary, EBDS, into the business and
technology environments of the parent company, including the transition of business
processes and technology infrastructure, throughout the first year of employment.
• Leading the network effort to disengage and transition the Medicare business to its new
owner Novitas Solutions, Inc.
• Coordinated and led an effort to stabilize and refresh the organization’s NICE call recording
solution resulting in improved reliability and performance.
•
Played a key role in the RFI/RFP effort to refresh the organizations IVR/CTI solution.
• Led the implementation of the Avaya Secure Access Link (SAL) implementation enabling
secure vendor support of the organization’s Avaya voice environment.
• Transitioned a significant number of smaller satellite offices away from traditional leased
line connectivity solutions to broadband-based VPN solutions resulting in significant cost
savings and increased productivity.
• Participated in the organization’s annual disaster recovery drills.
• Support organizational and business partner required remote access solutions through
Cisco ASA firewalls and AnyConnect SSL VPN solutions.
• Coordinated and prepared the virtual server infrastructure for the Avaya Modular
Messaging implementation.
• Contributed to a proof-of-concept implementation of a carrier based SIP voice solution
using ACME Packets session border controllers.
• Contributed in the implementation of Microsoft Office Communicator for organizational
unified communications including conferencing, desktop sharing, instant messaging, and
call control.
•
Aid in supporting Cisco Wireless solutions, 802.1X authentication efforts, IOS code
upgrades, infrastructure deployment, day-to-day troubleshooting, maintenance, and more.
Employee Benefit Data Services, a Highmark Company – Pittsburgh, PA
2008 – 2009
IT Operations Manager
IT Team Lead / Network Administrator
Managed a team responsible for the supervision, design, implementation, support, and
training of the voice, network, and data systems for this Highmark subsidiary. A technology
infrastructure comprised of Cisco based networking solutions; HP blade, SAN, and backup
solutions; Avaya VoIP telephony; Microsoft Windows as well as VAX and Alpha/Itanium based
VMS servers. Responsibilities included key roles in a variety of high profile, business critical,
time-sensitive projects. Many required focused interaction with the parent company,
Highmark.
Nominated for an ISG Team Excellence Award by Highmark in 2008
Overview of accomplishments:
• Migrated company’s flat, 3COM, broadcast-based network over to a properly segmented
and managed Cisco network dramatically improving performance and manageability
• Replaced an aged WatchGuard firewall and VPN solution with a properly secured,
maintained, and managed Cisco ASA5520 device cluster supporting both VPN and IPS
traffic inspection
• Introduced the company’s first DMZ network segment eliminating direct access to LAN
servers directly from the Internet
• Implemented a Cisco ACS 3113 appliance cluster for proper access restriction and logging
for VPN authentication and access to the both the core and access switches throughout the
network
• Upgraded several Windows 2000 domain controller servers, to Windows 2003 then
upgraded domain functional level to native 2003 format
• Replaced a mis-configured and ineffective Computer Associates antivirus solution with a
mutli-tiered, managed, Trend Micro solution
• Deployed GuardianEdge hard drive encryption across all laptops throughout the
organization
• Implemented IPSwitch What’s Up Gold for monitoring of the IT infrastructure
• Worked with SecureState to help perform and analyze a penetration test of the EBDS IT
environment
• Transitioned numerous stand-alone, tower based servers to HP Blade servers
• Implemented an HP EVA 4400 SAN for improved disk based storage performance and
redundancy
• Transitioned the company from using more than a dozen stand-alone tape drive units and
numerous copies of Symantec Backup Exec to a centralized HP Data Protector solution
utilizing disk to disk to tape rotations via a HP Virtual Tape Library and Autoloader
• Implemented company’s first VMWare ESX Server cluster, subsequently virtualizing the
majority of the company’s servers
• Implemented WebSense Internet Content Filtering to manage Internet usage throughout
the organization
• Deployed the company’s first Blackberry Enterprise Server while working with Highmark to
ensure device policies remained aligned with those of the parent company
• Worked directly with Highmark to transition the EBDS InterTel voice solution to an Avaya
VoIP solution, including call recording, in only four months with zero post-implementation
issues
• Implemented Microsoft WSUS server to ensure proper, timely patching of all Windows
systems throughout the organization
• Implemented Altiris Client Management, Patch Management, and Service Desk solutions
• Transitioned existing Exchange 2003 environment to Exchange 2007
• Transitioned and standardized all Microsoft Office installations throughout the organization
to Microsoft Office Enterprise 2007
• Coordinated a transition from the Genifax fax server solution to a solution provided by
Highmark
• Help coordinate and complete a software licensing “true-up” resulting in an Enterprise
Agreement with Microsoft and better accounting of EBDS software across the organization
• Implemented a Barracuda Anti-Spam filtering solution via an multi-appliance cluster
• Worked directly with Highmark to transition EBDS into the Highmark’s MPLS networking
solution
• Coordinated and performed the relocation of the entire EBDS IT Infrastructure out to the
Highmark managed Data Center located at Bretz Drive
• Worked with Highmark to prepare for, and activate, a viable DR scenario at the
Harmarville location during the G20 Summit event held in Pittsburgh
Tube City IMS Corporation – Glassport, PA
2004 – 2008
Manager of Information Technology
Managed a team responsible for design, implementation, support, training, and management
of a global wide-area network. A rapidly growing network included thirty-two (32) servers
(Windows/Sun Solaris) and 600 workstations (Windows 2000 Pro/XP Pro) located across two
data centers and seventy (70) sites throughout the US and abroad. Duties required heavy
involvement in projects related to both business continuity/DR and Sarbanes-Oxley regulatory
compliance.
Overview of accomplishments:
• For nearly the first year of employment, worked as both the IT Manager and Systems
Administrator
• Implemented DHCP throughout the enterprise eliminating time consuming, tedious
administration of machines with static IP addressing
• Implemented a multi-layered, centrally managed enterprise antivirus solution from
Symantec eliminating the near weekly virus outbreaks within the organization
• Implemented Symantec’s Ghost system imaging solution which reduced the time required
to rollout or update workstations from days to mere hours
• Implemented and managed a Blackberry Enterprise Messaging Server for 250 handheld
devices
• Rebuilt and secured the organization’s Lotus Domino implementation including a complete
systems migration from version 5.x to version 6.5.3 – both server and client
•
Played role in negotiating a new voice and data services contract with Qwest
Communications, replacing AT&T, resulting in tremendous cost savings
• Over a six month period, worked with Qwest engineers to migrate all existing voice and
data circuits at all locations over to Qwest including the migration of many frame circuits
to Private Routed Network (PRN) circuits for reduced cost and better performance
• Replaced the company’s aged Cisco equipment with Adtran resulting in an annual cost
savings of more than $20K in maintenance/support charges
• Implemented new PBX systems at the corporate headquarters and several other remote
locations
• Implemented VoIP networking between several of the new PBX systems between locations
• Quickly learned and rebuilt the organizations Nokia IP350 Checkpoint firewall configuration
bringing the device current in terms of OS and software versions
• Worked with US Steel to re-design and re-implement a site to site VPN connection to
provide secure data transmission between the corporate data center and a US Steel site in
Kosice Slovakia, completed a similar connectivity solution with AK Steel
• Implemented client to site VPN solution as an alternative to a costly, administratively
heavy Citrix implementation
•
Eliminated the use of costly and insecure dialup RAS access to the data center at several
remote site through VPN solutions
• Migrated the organization from Lotus Domino 6.5.3 to Microsoft Exchange 2003 over a
single weekend with zero post implementation issues
• Completed a complete domain migration (both servers and workstations) over the same
weekend
• Replaced Gateway with Dell as the vendor of choice for IT equipment resulting in
considerable cost savings and improved support and system reliability
• Retired, replaced, and/or consolidated multiple servers running legacy hardware or found
to be inadequately sized for their function
• Deployed NAS devices for dedicated file sharing at several remote sites significantly
reducing WAN traffic improving overall network performance
• Worked with ADP to upgrade the organization’s payroll implementation – initial
implementation was severely dated and no longer supported by ADP
• Over a six month period standardized all client systems and eliminated all legacy Windows
OS installations. 130 machines replaced, all systems standardized on Windows 2000
Pro/XP Pro, and all systems running Office 2003 Pro
• Deployed CIS ScaleCOM software a multiple sites to serve as a software interface between
weigh scales and the company’s ERP system
• Implemented a centrally managed keycard entry system at multiple sites with Sonitrol
• Worked with the Director of MIS to eliminate the organization’s long history of dependence
on third-party outsourcing – the cancellation of two long standing contracts saved the
company over a million dollars annually
• Have compiled detailed documentation of the WAN including numerous Visio diagrams
• Implemented a Biscom Enterprise Fax Server solution first under Lotus Domino then
migrated the deployment to support Microsoft Exchange
• Standardized and upgraded all Windows data center servers to Microsoft Windows 2003
Server
• Implemented in-house network monitoring using Woodstone’s ServersAlive product
providing real-time alerting and notifications to MIS staff
• Updated the data center network backbone to dedicated, managed gigabit switches
• Reviewed then updated all power protection and backup needs within the data center – all
equipment now protected with networked UPS devices for monitoring and reporting
• Designed, coordinated, and implemented LANs at several new sites
• Have designed and proposed a WAN infrastructure overhaul – moving remote sites away
from traditional leased line circuits to cost-effective site to site VPN deployments where
favorable.
• Replaced the company’s Checkpoint firewall with a SonicWall for significant cost savings in
annual maintenance as well as to lay the ground work for the proposed WAN changes
• Enabled Sonicwall's Unified Threat Management (UTM) systems on the firewall providing
Gateway Antivirus, AntiSpyware, and Intrusion Prevention at the gateway further
strengthening network security
• Deployed a SonicWall CF3200 Internet Content filtering device to ensure productive use of
the Internet for business purpose.
• Following merger, job responsibilities significantly increased as the number of remote
locations instantly rose from 22 to 68 and the company gained a second data center –
network continues to grow and expand internationally
• Worked to unify the WAN infrastructures of both companies – heavily leveraged the
Internet to accomplish this goal by deploying hardware site-to-site VPN connectivity
• Leveraged an Internet-based WAN infrastructure significantly reducing costs and further
bolstering network security by leveraging Soncwall's UTM systems on the hardware at
each remote location
• Further expanded the use of VPN technologies through the deployment of SSL based
hardware VPN solutions.
• Completely documented then refreshed all servers at the second data center
• Worked with IT staff to ensure company software standards were deployed across all
systems in the organization
• Developed and currently deploying a DR/Business Continuity program for all business
critical systems – program utilized CA/XOSoft's replication software and VMWare's ESX
Server product to replicate primary data center servers to the secondary data center then
failover to those servers as needed
• Worked with an independent auditing firm to achieve Sarbanes-Oxley compliance – firm
helped identify areas of non-compliance, assisted in finding solutions, and helped
implement changes required to achieve and maintain SOX requirements
• Deploying Computer Associates email archiving solution along with the Discovery add-on
module for increased Microsoft Exchange efficiency as well as to meet legal and regulatory
compliance requirements
Schroeder Industries LLC – McKees Rocks, PA
2001 – 2004
Network/Systems Administrator
Was responsible for design, implementation, support, and training of a small, global network
comprised of seven (7) servers (Windows NT 4.0/DG-UX) and 130 workstations (Windows 9x,
2000, NT 4.0 and XP Pro) located throughout the domestic United States and the United
Kingdom. Responsibilities included the management of the telecommunications infrastructure
(PBX and Voicemail). Supervised projects to implement network faxing, VPN connectivity, and
bandwidth upgrades for the organization.
Overview of accomplishments:
• Documented entire network including Microsoft Visio diagramming
• Created and continue to maintain detailed network inventory database in Microsoft Access
97
• Designed and implemented a standardized workstation naming scheme
• Standardized and organized NT/Unix account naming conventions and groupings
• Organized the Exchange 5.5 recipients store to include department level groupings and
distribution lists within the Global Address List (GAL)
• Brought all server operating systems to the same operating system patch revision level
resulting in 99.999% uptime
• Standardized client application software used throughout the organization
• Created standardized system build utilizing Norton Ghost imaging software promoting
rapid deployment of new or refreshed PCs
• Implemented desktop faxing utilizing FaxBack’s NetSatisFAXtion product
• Assisted in integrating AdvancedWare’s AWFORMS package with ERP system in order to
eliminate all pre-printed paper forms
• Helped integrate desktop faxing and Exchange email with the company’s ERP system
eliminating a lengthy, cumbersome, manual invoicing process
• Assisted in a project to implement laser check printing for Accounts Payable eliminating
another manual process which utilized expensive, pre-printed checks
• Assisted in the complete redesign of the company’s Intranet to achieve a goal of anytime,
anywhere connectivity to company data
• Implemented a robust, Intranet based Help Desk system at no cost to the company
utilizing a freeware package from Liberum.org
• Implemented and maintain enterprise-wide managed virus protection using McAfee’s
ePolicy Orchestrator
• Worked with Cisco Systems to reconfigure the company’s PIX firewall to provide VPN
connectivity for remote sales personnel
• Customized an installation package of the Cisco Universal VPN Client software to provide
automated VPN software deployment and configuration to authorized remote personnel
• Implemented Internet content filtering using St. Bernard Software’s iPrism device
• Assisted with a 56k to 128K bandwidth upgrade for the dedicated WAN connection
between the McKees Rocks, PA and Cumberland, MD plants
• Implemented shared resource booking through Microsoft Outlook
• Update and create IT related Standard Operating Procedures (SOPs)
• Contributed to the company’s written Disaster Recovery and Business Continuity plans
• Assisted in developing a project to perform a Windows 2000 migration for the entire
company – (project never implemented due to rumors of company buyout)
• Deployed Virtual Network Computing (VNC) software throughout the enterprise to allow IT
to provide remote desktop support anywhere within the organization
International Academy of Design and Technology - Pittsburgh, PA
2000 – 2001
Assistant Network Administrator
Was responsible for troubleshooting, maintenance, user and software management of 1200
user, 400-workstation network comprised of Windows NT, Win95, Novell Netware, and SCO
UNIX.
Overview of accomplishments:
• Assisted in documenting the network
• Wired and rewired new and existing computer labs
• Maintained all wiring closets - activating/deactivating ports, upgrading/replacing
equipment
• Utilized Windows Policy Editor to standardize and restrict PC desktop environments and
available configuration options
• Each quarter, created system image builds for each lab based on course scheduling using
PowerQuest DriveImage software
• Used PowerQuest DriveImage software to deploy system images to each lab prior to the
start of each new quarter
• Created and maintained all student and faculty network accounts
• Monitored network activity for unauthorized peer to peer (P2P) file sharing or gaming
activity
• Regularly scanned all lab hard drives for unauthorized software installations
•
Provided hardware and software support for both students and faculty
• During two week Christmas break of 2000, completely reorganized, upgraded,
standardized and re-deployed all eight school labs
• Tutored students as needed
EDUCATION AND CERTIFICATIONS
Duquesne University
Master’s Degree in Information Technology Leadership
ITIL Certification
IT Service Management Foundation
University of Phoenix
Bachelor of Science in Information Technology
International Academy of Design and Technology
Associate Degree in Specialized Business, Computer Information Management
2001
2007
2008
2012