From: route@monster.com
Sent: Friday, May 06, 2016 1:48 PM
To: hg@apeironinc.com
Subject: Please review this candidate for: Cloud
This resume has been forwarded to
you at the request of Monster User xapeix03
|
|||||||
|
|||||||
|
|
|
||||||
|
||||||
|
Carlos Aguirre ________________________________________ Southern California hunter@ucla.edu
Information Technology: CIO / CSO / CISO / VP / Director Level Executive
Profile * Empowering multi-faceted leader with more than
20 years of increasing experience in executing secure, and challenging vision
based high-tech transformations and next-generation integration solutions to
achieve superior business results in differing industries. * Decisive expert in technical project management
and hands-on execution of technology and security blueprints; skilled in
examining requirements, determining cost benefit, and delivering on-time,
on-budget multi-million dollar projects from vision through implementation. * Trusted leader and change agent who excels in
all facets of IT by using hands-on experience and insightful charismatic soft
skills to forge relationships, win consensus and communicate effectively
upward to executive management, laterally to division leaders and downward to
workforce.
Leadership Qualification Highlights * Leadership Excellence, Diplomacy &
Communication* Strategic Planning, Roadmap & Business Case Development * Stakeholder Management & Business Acumen* IT
Governance, Risk Management & Compliance GRC * Team Development, Empowerment & Mentoring*
Disaster Recovery DR, Business Continuity Planning * Project Management & Program Management*
Budgeting, Procurement, RFPs & Vendor Management * Financial Planning, Negotiations, Contracts
Agreements* Metrics, KPI, Process Improvement, ITIL & COBIT Technical
& Security Areas of Expertise * Security Architecture & Vulnerability
Management * SOX, PCI, HIPAA, NIST, CFPB, SAE16, ISO 27001 * Enterprise Logging, SIEM, SANS Top 20, OWASP *
Cryptography, Encryption of Intellectual Property IP * Threat Analytics, Threat Intelligence, Wireless
Security* Security Program, Framework, Management & Audit * Data Loss Prevention DLP Data Exfiltration
Prevention* Identity Access Management, IAM, Incident Response * Next-Generation Firewalls NGFW & Email
Security* Next-Generation Intrusion Prevention/Detection NGIPS IDS/IPS * Network Access Control NAC, VPN & LAN/WAN*
Cloud Security, Virtualization, SAN, VoIP, Penetration Testing * Azure, Amazon AWS, IaaS,
Infrastructure-as-a-Service * Secure Software Development Life Cycle, S SDLC,
API * Enterprise IT Infrastructure Architecture &
Data Center* Mobile Device Management, Malware Protection, Single Sign-on SSO
Education Master of Business Administration (MBA, APU) *
Bachelor of Arts (BA, UCLA) * IT Management Certificate * CISSP (in
progress)
Professional Leadership Experience & Accomplishments Sr.
Director of IT & Security First
Team Real Estate * 2014-Present Director of a strategic security and IT systems
re-design, handling cybersecurity, compliance, servers, virtualization,
databases, websites, projects, cloud, telecommunications, SAN, ERP, CRM,
LAN/WAN, data center, and VoIP telephony for 2,000 employees, 35 sites and
family of companies. Selected
Key Accomplishments: * Led the implementation of an advanced
next-generation cyberdefense strategy, consisting of a comprehensive,
multi-layered security umbrella, to shield the company against sophisticated
cyberattacks. Results: Enhanced security posture, standardized, centralized
and simplified aging, multi-vendor solutions, met CFPB compliance directives
and reduced potential liability by millions of dollars; established
groundwork for a real-time cyberthreat intelligence analytics platform
capable of gaining actionable information and providing rapid remediation. * Managed a multi-year IT operational
transformation program consisting of infrastructure and enterprise
application implementation projects to drive stability, performance, and
scalability. Results: Rescued a failing IT division, drove productivity
improvements, cut costs by reducing outsourced support by $1 million over 5
years and positioned the technology stance of First Team Companies (title,
escrow, lending and real estate) for rapid sales growth of $8 billion. * Orchestrated key Cloud migrations (Cloud
Security-as-a-Service and Software-as-a-Service) for several lines of mission
critical business application platforms (CRM, email, websites, secure web
gateway, data loss prevention DLP, etc). Results: Increased availability of
infrastructure from less than 90% to 99.99% & launched industry award
winning First Team website (realtrends.com �15). Responsibilities:
* Implement and maintain single sign-on, SSO,
solution to centralize authentication to multiple internal/external
technologies using Cloud based Microsoft Azure Active Directory, IDaaS. * Build data governance program to safeguard
non-public personal information (NPI) and sensitive, private, propriety
files, using data centric audit and protection (DCAP) framework consisting of
user behavior analytics (UBA), access rights management and confidential file
activity monitoring. * Serve as the internal IT security architect to
executive management, business units and stakeholders to advise on security
design that ensures the confidentiality, integrity and availability of
information. * Create, oversee and enforce IT security
policies, procedures, and security awareness program and support external
security audits/risk assessment activities to provide audit
response/guidance. * Identify, investigate and analyze security
incidents, unauthorized access, and instances of non-compliance and remediate
issues. Associate
Director of IT Outlook Amusements
2008-2014 Led the technology vision, design, selection,
deployment and support of new 24x7 e-commerce initiatives including,
security, compliance, websites, infrastructure, applications, cloud,
virtualization, storage, servers, databases, wireless, telecommunications,
ERP, CRM, CMS, projects, application environments, LAN/WAN, help desk and
data centers for an $80 million e-commerce company. Selected
Key Accomplishments: * Championed and led the PCI DSS 1.2 & 2.0
Security Compliance Initiative. Results: Secured infrastructure, lowered
gateway & transactional costs by $1.25 million over 5 years, met
compliance requirements, & reduced potential liability by millions of
dollars. * Led a strong and cohesive high-performance
senior level engineering team through a next-generation �Green IT� top tier data center
migration, which included the implementation of virtualization, converged
networks and SAN solutions. Results: Saved $4 million in equipment, storage,
cooling, power, rack & service expenses over 5 years. * Designed, implemented and maintained a High
Availability (HA) environment to meet strategic roadmap for core enterprise
applications, such as ERP, CRM, CMS and Telecom via in-house and hybrid
Amazon AWS Cloud Infrastructure-as-a-Service IaaS / Microsoft Azure
Platform-as-a-Service PaaS. Results: Successfully launched all platforms and
paved the way for Company �white label platform�, next-generation website(s) and received a Team
Achievement Award. * Orchestrated the migration of the corporate
headquarters and 24x7 call center into a new flagship office. Results:
Awarded Employee of the Quarter for maintaining 24x7 operations running with
zero downtime, and helped the company save millions of dollars in out-of-city
tax savings. Responsibilities: * Architect and manage overall network security
framework/portfolio, vulnerability management, governance and compliance with
IT applications, data, VPNs, encryption, two-factor / dual-factor
authentication, and credit card privacy; which includes conducting yearly
security audits. * Design, implement and maintain an
enterprise-wide secure and centralized wireless infrastructure consisting of
Cisco AnyConnect, access points (APs), wireless LAN controller (WLC), Network
Access Control (NAC) and wireless intrusion prevention system (WIPS). * Provide technical reviews, recommendations and
training concerning PCI compliance requirements to application architects and
development teams on secure application level design and development/release
(SDLC / ITIL) best practices. * Create and implement all IT policies, procedures
and Standard Operation Procedures (SOPs), as well as document detailed
technical standards, business processes and data flows. * Develop and coordinate the implementation of
periodic risk assessments that identify vulnerabilities for environment and
recommend the best methodology to mitigate identified vulnerabilities. * Support all SDLC activity/requests (ITIL / ITSM)
release management and change management. * Provide council to C-level leadership on strategic
security and infrastructure roadmaps, presenting business cases with ROI /
TCO and cost-benefit analysis, as well as manage a multi-million dollar
CapEx/OpEx budget. * Oversee the architecture and implementation of a
comprehensive Disaster Recovery (DR) and Business Continuity Plan (BCP) to
ensure a no-fail 24x7 environment with the PMO. Information Technology Project Manager Westfield
2007-2008 Proactively provided Interim Network, Systems
& Security Operations leadership, as well as managed talented
cross-functional teams of senior level engineers, consultants and architects
in all aspects of network security/systems integrations, VMware migrations,
satellite office build-outs, EMC CLARiiON maintenance, and VoIP
deployments/upgrades for 85 MPLS WAN/LAN sites and data centers for the
largest and most prestigious global commercial real estate company in the
world. Selected
Key Accomplishments: * Spearheaded the VMware based Server
Consolidation and Virtualization Project. Results: Eliminated $2.5
million in equipment, licensing and data center related costs. * Led a team of IT professionals with the
migration of Dell, IBM and HP servers, firewalls, network hardware and the JD
Edwards ERP system to a new Tier 3 data center. Results: Westfield�s infrastructure was
migrated to a robust facility and went from 99.9% to 99.999% availability. * Managed the migration of several sites from
Frame Relay to a fully meshed MPLS (AVPN) network. Results: Allowed for 20%
reduction in recurring costs & for the progression of multi-million
dollar savings projects (global VoIP, billing consolidation & global
dialing) to start. Responsibilities: * Provided IT leadership, architectural design,
planning, estimation, implementation and project success for Westfield's
Special Projects Group in their endeavors involving multi-million dollar
projects, state-of-the-art malls and global corporate video conferencing systems. * Advised senior management on strategic systems
conversions and integrations in support of business goals and objectives. * Maintained and supported existing corporate ITIL
and ITSM processes, methodologies and principles on all infrastructure
projects, assignments and activities via SharePoint documentation. * Support the maintenance of servers via System
Center Configuration Manager (SCCM). Information
Technology Manager Arcadian
Health Plan & Management Services (defunct/no longer in operation)
March 2007-December 2007 Orchestrated the day-to-day IT management of the
LAN, WAN, security, servers, firewalls, help desk, data center, HIPAA (Health
Insurance Portability and Accountability Act) compliance, and VoIP phone
systems for a $500 Million a year Medicare Advantage provider with 18
national offices. Information
Technology Manager Bidz.com
2006-2007 Led a multi-disciplinary IT Production Division of
a sophisticated 24x7, $140 million a year online (.com) auction company in
all aspects of securing, designing, planning, staffing, budgeting, data
center, log correlation, infosec and PCI compliance with pre-IPO Sarbanes
Oxley (SOX) regulatory requirements for its worldwide IT Infrastructure. Systems
Administrator (Programmer Analyst I, II, III)
1997-2006 UCLA Office of Instructional Development & Graduate School of
Education Responsible for the design, deployment,
configuration, security, maintenance and monitoring of the LAN/WAN
infrastructure consisting of firewalls, routers, switches, servers, Active
Directory, Exchange, DNS, DHCP, TCP/IP Windows 2003,VPNs and wireless devices
for cutting edge technology group. Addendum Education, Certifications &
Professional Development * Master of Business Administration, MBA, Azusa
Pacific University, Los Angeles, CA * Bachelor of Arts in History, University of
California Los Angeles, Los Angeles, CA * IT Management Program Certificate, Cal Poly
Pomona Extension, Pomona, CA * Cisco Certified Network Professional, CCNP,
Cisco Certified Network Associate, CCNA Coursework:
CISSP * GIAC Security Essentials Certification
GSEC / SANS Security Boot Camp * Cisco Sourcefire FireSIGHT NGIPS FirePOWER
NGFW * ITIL v3 * Cisco Data Center Unified Computing Design, UCS * Cisco
Security Specialist, CSS * Cisco Voice over IP * VMware * Windows 2008 * SQL
* HP * Oracle * Linux * Wireless * SCRUM * EC2 Amazon Web Services, AWS *
Microsoft Azure Cisco Nexus * Cisco ASA *
Professional Awards & Distinctions Employee of the Quarter, 10, Outlook Amusements *
IT Excellence Service Award, 08, Westfield * Team Achievement Award, 03, 04,
05, 13, UCLA & Outlook
Amusements
Addendum Technical Expertise Security: Cloud Security, Cisco ASA 5516-X, Sourcefire,
FireSIGHT NGIPS FirePOWER NGFW Next-Generation Firewalls, NAT, PAT, Sarbanes
Oxley SOX, HIPAA, PCI DSS 2.0, ISO 27001, Encryption, Antivirus, Group
Policy, SSL, Next-Generation NGIPS, IPS, IDS, Data Loss Prevention, DLP, ISA,
SIEM, DMZ, AAA, VPN, TACACS+, Public Key Infrastructure PKI, Certificate
Authority CA, NAC, RADIUS, ePO, Access List, Anti-Spam, SSL/TLS, IronPort Web
Content Filtering, ADFS, Patch Management, Gramm�Leach�Bliley Act GLBA,
QualysGaurd, Trustwave, EnCase, IDM Identity Management, Proxy, FWSM, ACLs
e-Discovery, EnCase, AES, Multi-factor Authentication, Hash, IPSEC,
Two-Factor, Dual-Factor Authentication, Shavlik, Encryption, Cryptographic
Keys, File Integrity Monitoring, Log Correlation Software, Wireless
Intrusion Prevention WIPS, Lieberman Enterprise Random Password Manager
ERPM, Privileged Identify Management PIM, PGP, Steganography, Penetration
Testing, Pentesting, Malware, Nmap, Nessus, Sniffer, Sonicwall, Web
Application Firewalls, WAF, SSAE 16, CFPB, Single Sign-on SSO, Cisco Access
Control System ACS, MacAfee ePO Antivirus, Symantec, Kaspersky, Mimecast,
Managed Security Service Provider, MSSP, Barracuda, Varonis, Enterprise
Logging, Zscaler, Cisco Web Security, CWS, Data-Centric Audit and
Protection, DCAP, User Behavior Analytics, UBA, Big Data Security
Analytics, Token, Tokenization, MDM, BYOD, Federation, SLDAP, SFTP, Key
Management, Wireless Security, Wireless Intrusion Prevention, WIPS Cloud Google Apps, Azure, Amazon Web Services AWS, EC2
Elastic Compute Cloud, Simple Storage Service S3, Elastic Block Storage EBS,
Route 53, Virtual Private Cloud VPC, AMI Amazon Machine Image, Security Groups,
Availability Zones, vCloud, Software-as-a-Service SaaS, Platform-as-a-Service
PaaS, Orchestration, Automation, Cloud Computing, SalesForce, RackSpace,
Azure Active Directory IDaaS, IaaS, Infrastructure-as-a-Service, Cloud
Security-as-a-Service CSaaS Systems Windows XP, 7, Windows Server 2003, 2008, 2012,
Suse, Unix, Linux, Mac OSX, CentOS, Active Directory, Group Policy Networking Cisco, Juniper, LAN/WAN, MAN, Multiprotocol Label
Switching MPLS, EIGRP, OSPF, BGP, HSRP, VRRP, 10Gbps, SMTP, MIB, Layer3
Switching, VoIP, Frame Relay, Active Directory, VLANs, T1, T3, DS3, PRI, QoS,
SNMP, DNS, DHCP, TCP/IP, URL Redirection, DecaMAN, GigaMAN, 802.11, Cisco
Works, LDAP, Nagios, NetFlow, Openview, WAAS, iLO, DRAC, NFS, Bind, DFS,
BIG-IP F5 Load Balancers (LTM), FTP, IP Filtering, NX-OS, Cisco IOS, Telnet,
Hubs, WAN Acceleration, Spanning Tree protocol STP, VTP, IDF, MDF, NTP,
Virtual Port Channel VPC, OTV, Fabric Path, ISSU |
|
|
||||||||
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|