Systems Administration & Security Portfolio
Infrastructure & Security Operations
Systems Administrator with 3+ years managing Windows/Linux servers, network infrastructure, and security tools across 30+ client environments. Zero ransomware incidents across 100+ managed endpoints. CMMC Registered Practitioner with hands-on implementation experience.
Real Security Incident Response - Called When Others Failed
Critical Security Incident Resolution
The Pattern: Nearly every client came to us already compromised, already breached, or one click away from disaster. Other providers had failed. We got the calls when businesses faced imminent shutdown from security failures.
Critical Incident #1: Copyright Violation Crisis
- The Crisis: ISP threatening service termination for repeated copyright violations
- Discovery: Neighbor using client's unsecured WiFi for BitTorrent piracy downloads
- NIST Mapping: SC-7 (Boundary Protection) - No network segmentation or guest isolation
- Solution: WatchGuard firewall, separate Guest VLAN, bandwidth controls, network isolation
- Result: Business saved from internet service termination, no further violations
Critical Incident #2: Active Compromise - Mouse Moving by Itself
- The Crisis: Business owner's computer actively controlled by unknown attacker
- Discovery: 30 employees sharing 2 RDP accounts, password on sticky note on wall
- NIST Mapping: AC-2 (Account Management), IA-5 (Authenticator Management)
- Solution: Complete infrastructure rebuild, individual accounts, MFA, network segmentation
- Result: Zero ransomware losses for all fully managed clients post-implementation
Critical Incident #3: Accounting Firm Total Compromise
- The Crisis: Previous provider removed firewall, extensive malware across network
- Discovery: No antivirus, no patching, financial data completely exposed
- NIST Mapping: SI-2 (Flaw Remediation), CM-6 (Configuration Settings)
- Solution: Network firewall, RMM deployment, SOC integration, automated patching
- Result: Clean network, maintained compliance, zero incidents since
The Zero Ransomware Breaches Achievement:
- 100% of new clients came to us already compromised or vulnerable
- Fixed copyright violations, active compromises, and malware infestations
- Implemented comprehensive security controls that prevented all future incidents
- Zero successful attacks across 30+ production environments after implementation
- Implemented security controls aligned with FTC Safeguards Rule for CPA clients and state bar requirements for legal clients
Crisis Technologies: WatchGuard/SonicWall firewalls, Datto RMM, SOC monitoring, VMware security, Office 365 security, MFA implementation, network segmentation
Federal Cloud Resume Challenge
Production serverless resume website on AWS demonstrating security best practices and NIST 800-53 control mapping documentation.
Security Implementation:
- IAM least privilege - Lambda role scoped to specific DynamoDB table and actions
- HTTPS enforcement via CloudFront with TLS termination
- S3 Origin Access Control - no direct bucket access
- DynamoDB encryption at rest
Architecture:
- S3 + CloudFront CDN + API Gateway + Lambda + DynamoDB
- Custom domain with ACM certificate management
- Atomic visitor counter with race condition prevention
- NIST 800-53 control foundations documented
Technologies: AWS S3, CloudFront, Lambda, API Gateway, DynamoDB, IAM, ACM, Python
Launch School Backend Engineering
Completed 9 rigorous backend engineering courses with Launch School's mastery-based methodology, requiring 80%+ scores to advance between courses. Provides strong programming foundation supporting security automation and cloud development.
Programming & Security Foundations:
- Systematic problem-solving methodologies applicable to security challenges
- Object-oriented programming principles for security tool development
- Network programming foundations supporting security automation
Database & Backend Security:
- SQL and database security principles
- Secure application development practices
- Server-side architecture with security considerations
Technical Foundation for Security Engineering:
- Strong programming foundation enabling security automation scripting
- Systematic debugging approach applicable to security incident investigation
- Version control and collaboration skills for security team environments
Technologies: Ruby, Python, PostgreSQL, Git, Shell Scripting, HTTP Protocol, Object-Oriented Programming
Vanderbilt Hospital Enterprise Deployment
Managed enterprise-scale technology deployment demonstrating technical leadership and project management capabilities in healthcare environment with strict HIPAA compliance requirements.
Leadership Responsibilities:
- Led 11-person technical team through complex deployment project
- Coordinated with clinical staff and hospital administration
- Ensured HIPAA compliance throughout deployment process
- Mentored junior technicians and managed daily team activities
- Delivered project on time and within budget constraints
Project Outcomes:
- Successfully deployed 5,000+ systems across hospital facilities
- Delivered on time and on budget
- Met all compliance and regulatory requirements
- Positive feedback from clinical and administrative stakeholders
Environment: Windows enterprise systems, Healthcare IT infrastructure, HIPAA compliance protocols
Technical Competencies
MSP Operations
- Managed services business operations
- Client relationship management
- Service delivery excellence
- Technical project management
- Vendor relationship coordination
Infrastructure Management
- Windows/Linux/macOS environments
- Network design and security
- Virtualization and storage
- Backup and disaster recovery
- HIPAA compliance implementation
Cloud Security
- AWS services and serverless patterns
- IAM least privilege and encryption
- NIST 800-53 control mapping
- Security and compliance automation
- Federal cloud readiness
Software Engineering
- Ruby and Python programming
- Database design and optimization
- System design principles
- Test-driven development
- Version control and collaboration