Work Experience 2015
June – Present AllClear ID Austin,
TX Vice President of Information Security and Technology
Services
·
Departments
include InfoSec, IT, TechOps and DevOps, BackOffice, Help Desk, and Facilities.
Team is responsible for all facets of company operations, data center,
automation, continuous integration and deployment, public cloud, and all
corporate and production infrastructure, facilities, and environments. ·
Responsible
for the overall InfoSec, IT, BackOffice, TechOps and DevOps, and Facilities
budgets (Capex and Opex). ·
Led
and completed ISO 27001 certification within a year. Project includes establishing process and
procedure for all aspects of the company (HR, Legal, Customer Services, Due
Diligence Process, etc.), defining security zones for multiple facilities,
implementing company-wide appropriate security controls and policies, as well
as introduced Security Awareness and HIPAA awareness training programs. ·
Responsible
for managing the team for completing HIPAA HITRUST certification within a
year. Project includes self-assessment
and certification completion of the following categories based on the HITRUST
framework: Incident Management, Business
Continuity & Disaster Recovery, Data Protection & Privacy, Network
Protection, Transmission Protection, Password Management, Audit Logging &
Monitoring, Access Control, Configuration Management, Vulnerability Management,
Wireless Security, Mobile Device Security, Endpoint Protection, and Portable
Media Security. ·
Responsible
for managing the team for all infrastructure and operational management of the
production SaaS environment, as well all internal environments (Dev, QA, UAT). ·
Led
the effort to migrate a hosted phone system into a cloud solution for the Call
Center Operations. This includes
requirement gathering, vendor selection, workflow
evaluation/documentation/implementation, and cut over of the phone system. ·
Led
the effort of developing the overall Business Continuity Program. The program resilience strategies focus on
customer facing operations and access to client facing infrastructure and
support services. The approach follows
the Business Continuity Institute best practice guidelines and aligns to
ISO22301 guidance including the Plan-Do-Check-Adjust approach. The program also includes Business Continuity
Plan for each of the department, Business Impact Analysis, time to restoration,
as well as alternate services to minimize impact. ·
In
charge of large construction for facilities and call centers expansion. Project
includes design (security and capacity), budgeting, cost analysis, buildout,
and completing the move of multiple departments within multiple buildings in
downtown Austin. ·
Led
the effort of migrating the entire Customer Services department to Virtual
Desktop Infrastructure (VDI) with Proxy to improve security posture of the
company. ·
In
charge of BackOffice team. Responsibilities
include collaborating with Marketing, Sales, Operations, and Customer Services
for all Salesforce projects including opportunity and lead management and
automation, Salesforce security design and implementation (Salesforce Shield,
encryption at rest), mass email notification (Pardot and Exact Target), and
Salesforce support ticketing management module. ·
Leading
the effort to PCI certification. Project
includes building risk management model as well as completing PCI
self-assessment. ·
In
charge of vendor management, as well as negotiating high dollar contracts to
ensure efficient use of financial resources. ·
Heavily
involved in the acquisition process and responsible for managing the due
diligence process, gap/risk/cost analysis, and merging technology into existing
process/operations/infrastructure. ·
Led
the effort to overhaul the entire corporate network within the company. This includes security and zone design and
definition, defensive in depth design, vendor selection, cost analysis, documentation/implementation,
testing, and currently in the process of completing the corporate network
cutover. ·
Managing
teams via ITIL, Kanban, and Gazelles (Rockefeller Habits) process to improve
efficiency of the team. ·
Collaborating
with Product and Engineering to manage production releases to completion. ·
Introduced
and led the effort of penetration testing for application, internal/external
networks, and public cloud, as well as completing remediation plans.
·
On
call 24x7.
2013
March – 2015 June Kinnser Austin,
TX Sr. Director of Development Operations
·
Introduced
the notion of cloud technology into the company, and built proof of concept
disaster recovery environment by utilizing Amazon EC2 (VMs, LB, EBS, VPC, ASG, etc.). ·
Introduced
SSAE 16 (SOC 1) to the company and completed the SSAE 16 type 1 process to meet
information security and HIPAA and HITECH requirements. Project includes the creation of all process and
security documents, control objectives, assertions, and supporting artifacts by
working with Product, Development, QA, DevOps/IT/Security, Support, HR, Legal, and
other departments. ·
Develop
new cloud backup strategy for different environments (Amazon Storage Gateway
and Barracuda appliance/cloud). ·
Led
the effort to overhaul the phone system for the entire company. This includes
requirement gathering, vendor selection, workflow evaluation/documentation/implementation,
testing, and complete replacement of the phone system (Mitel à Cisco). ·
Heavily
involved in the release cycle and responsible for deploying and managing
releases of the Kinnser SaaS application. ·
Heavily
involved in the acquisition process and responsible for managing the due
diligence process, gap/risk/cost analysis, data center migration, and merging
technology into existing process/operations/infrastructure. ·
Led
the effort to overhaul all firewalls within the company. This includes requirement gathering, vendor
selection, rules evaluation/documentation/implementation, testing, and complete
replacement of firewall appliances for the HQ office, as well as the production
environment. ·
Managing
teams via Agile/scrum process, and eventually switch to Kanban/ScrumBan to
improve efficiency of the team. ·
Improved
application uptime from 99% to 99.95%.
Highest uptime for the application is 100%. ·
Working
with Product and Engineering to manage releases to completion. ·
Introduced
multiple application monitoring practices to enhance monitoring
capabilities. ·
Introduced
high availability architecture for multiple modules of the Kinnser SaaS application. ·
Responsible
for managing the DevOPs and internal IT group.
Teams are responsible for all facets of security and production
operations (VMWare Cluster, SQL Server Cluster with multiple terabyte of data
and hundreds of thousands of transactions per second, CFMX, and etc), internal
systems (staging/develop/release candidate environments, phone system, AD, etc.),
and help desk. ·
Led
the effort of setting up a sandbox environment for penetration testing. As well as managing penetration testing
project to completion and completing remediation plans. ·
Led
the effort of building a database replication strategy for the OLTP database. ·
Leading
the effort of building OLAP and staging databases for production
infrastructure. Project includes data
transformation from OLTP to staging (ETL), staging to cube/OLAP (more ETL
packages), and BI tools to retrieve information/reports from the OLAP database.
·
Responsible
for managing the production SaaS applications, as well all internal
environments (develop, staging, release candidate, etc.). ·
Responsible
for setting processes and procedures for release management of different
internal environments, as well as setting internal SLAs for each of the
environments with various departments within the company. ·
Responsible
for migrating Kinnser’s corporate site back into the data center
infrastructure. ·
Responsible
for managing vendors including pricing negotiation and vendor relationship
management. ·
Responsible
for the overall Information Technology, Information Security, and Development
Operations’ budget.
·
On
call 24x7. 2011
– 2013 Affiniscape (now
YourMembership.com) Austin, TX Vice President of Site Operations
·
Responsible
for managing the Production Operations group and Internal Operations
group. Team is responsible for all
facets of production operations (.Net application servers, CFMX, Dell servers
and network hardware, and Microsoft SQL server database servers) and all
internal systems (Exchange server, domain controller, Avaya phone system, etc.). ·
Responsible
for managing multiple data centers (Data Foundry and Outernet). ·
Responsible
for managing the production SaaS applications within multiple data centers, as
well as the build server, internal IT, and QA environment. Managing the system
administrators, helpdesk specialists, and release engineer within the
production team. ·
Led
the effort for converting release process from Waterfall to Agile (scrum, sprint
planning, daily standup, story sizing, retrospective meeting, etc.) for
product, development, QA, and production groups. ·
Led
the effort for operationalize deployment process. ·
Led
the effort for Microsoft Partner certification process. ·
Responsible
for migrating physical hardware into VMWare (VSphere 5 with ESXi). ·
Managing
upgrades from Windows 2003 to Windows 2008 (IIS 6 à IIS 7) for
web/application servers utilizing VMWare to minimize scheduled downtime. ·
Oversees
the F5 3600 load balancer redesign/upgrade project. ·
Managing
the upgrades from SQL server 2005 to SQL server 2008 for one of the Affiniscape
SaaS application. ·
Working
with PM to manage releases to completion. ·
Responsible
for managing all IT operations including pricing negotiation and vendor
relationship management. ·
Responsible
for managing internal IT to provide services for the entire company. ·
Overhaul
the phone system within the company. ·
Develop
new backup strategy for production and internal operations. ·
Led
the effort for designing new virtual call center solution and phone reporting
solution. ·
Led
the effort for ongoing email migration from hosted solution to the cloud. ·
Responsible
for the overall IT budget. This includes
budget for all upgrades (SW and HW) in production environment, upgrade/redesign
of the HQ internal IT environment and etc.
·
Heavily
involved in the release cycle for all sprints and responsible for pushing and
managing the architecture release of the Affiniscape SaaS application web
sites. ·
Helped
design and centralize data from various applications (SFDC, Zoho, ForceFinder,
Affiniscape, etc.) into a single CRM solution (Microsoft CRM). ·
Designed
and implemented the hand off and escalation processes between Professional
Services, Technical Support, and Account Management teams. ·
Responsible
for managing the Technical Support group (level 1, level 2, and level 3). Team is responsible for providing all support
(application workflow, accounting, design, membership, reports, etc.) for all
association employees/volunteers/executive directors/etc.
·
On
call 24x7. 2009
– 2011 Conformity Austin, TX Sr. Director of Production Operations
·
Responsible
for creating, configuring, maintaining, and supporting the production
environment within the Amazon Web Services (EC2, EBS, VPC, S3, etc.)
environment. ·
Responsible
for the configuration and management of the Tomcat and MySQL within the
application and database instances within the Amazon Elastic Compute Cloud
(Amazon EC2)/ Amazon Elastic Block storage (Amazon EBS) environment. ·
Responsible
for design/implementation of the MySQL replication environment. ·
Utilizing
the Amazon Simple Storage Service (Amazon S3) for staging and backup of the
application code. ·
Formalizing
production deployment procedures. ·
Responsible
for managing all user accounts within the Google app (start page, email, Google
doc and spreadsheet, etc.). ·
Responsible
for the deployment and integration of Google app, internal AD, and Outlook. ·
Responsible
for leading and completing the exercise of Salesforce AppExchange
certification. ·
Responsible
for introducing the SAS 70 audit process. ·
Working
with PM and leading the effort of requirement design for the support feature of
the Conformity Application utilizing Salesforce case management APIs. ·
Working
with PM and leading the effort of requirement design (installation, configuration,
attribute mappings, etc.) for Microsoft AD Connector for the Conformity
Application. ·
Working
with PM to manage releases to completion. ·
Design
the Support escalation process (tier 1, 2, and etc) for existing staff and
future planning. ·
Responsible
for the introduction and implementation of the new hire/termination process. ·
Responsible
for the introduction and implementation of password/anti-virus policy
management within the company. ·
Responsible
for the installation and configuration of the Microsoft domain for the company.
·
Responsible
for the introduction and implementation of the Information Security policy and
procedure within the company.
2008
- 2009 QuickArrow (now NetSuite) Austin, TX Sr. Director of Site Operations and Technical Support ·
Responsible
for leading the security team to get SAS 70 type 2 certification in 2005, 2006,
2007, and 2008 with no exceptions. ·
Responsible
for achieving uptime 99.9% for the last 5 years. ·
Responsible
for managing the Site Operations and Internal Operations group. Site Operations
job description/responsibility remains the same as previously stated. ·
Responsible
for managing the Technical Support group.
Team is responsible for support all internal/external questions which
are technical in nature (plugin installation, web services troubleshooting,
performance problem, javascript issues, definition of fields within reports, etc.).
·
Maintain
the escalation process between Support, Technical Support, and other groups
within the organization.
2004
- 2008 QuickArrow (now NetSuite) Austin, TX Director of Site Operations ·
Responsible
for managing the Site Operations and Internal Operations group. Team is
responsible for all facets of customer facing site operations (software,
hardware, network, and DB), all internal DB design/maintaining, and all
internal systems (domain controller, email system, etc.). ·
Oversees
the network redesign/upgrade project (firewall (CISCO PIX), GB switches, and
network topology). ·
Introduced
the ISS/IPS notion to the company.
Oversees the budget, design, and installation/implementation of the
IPS/IDS (NFR – now CheckPoint) devices. ·
Responsible
for leading the security team to get SAS 70 type 2 certification in 2005, 2006,
and 2007 with 0 high/medium severity issues and minimum recommendations for the
year of 2005, 2006, and 2007 from the auditors (E&Y). ·
Responsible
for maintenance of the production web site. Managing the system administrators
and DBAs within the production team. ·
Introduced
the concept of Business Continuity Plan and develop the Disaster Recovery plan
for HQ and the data center. ·
Responsible
for the overall budget of all IT/production.
This includes budget for all upgrades (SW and HW) in production
environment, upgrade/redesign of the Quality Assurance environment, upgrades
for the internal operation team, etc.
Working with the CFO on all aspects of the budget. ·
Responsible
for systems auditing including patch regression testing, configuration and
change management, systems security auditing and testing. ·
Tactical
and strategic management of web site software and hardware administration,
maintenance, content, and architecture changes. ·
Worked
directly with development, QA, PM, and sales on change management processes to
mitigate risk mitigate risks to web site uptime and revenue. ·
Heavily
involved in the release cycle for all major, minor, and slipstream releases
(product management, development, QA, production) and responsible for pushing
and managing the architecture release of the QuickArrow web site. ·
Responsible
for managing all business operations including accounting and vendor
relationship management. Responsible for
all pricing negotiation between QuickArrow and 3rd party vendors. ·
Received
Employee of the Quarter Award.
·
On
call 24x7.
2003
- 2004 QuickArrow (now NetSuite) Austin, TX Customer Support Manager/Site Operations Manager
·
Responsible
for managing the customer support group. Team is
responsible for troubleshooting all customer problems and answering all
incoming calls. ·
Developed
the escalation procedure between the Site Operations team and the Customer
Support team. ·
Defined/structured
level 1, level 2, and level 3 within the Support organization. ·
Responsible
for managing all web servers and database machines within the production and QA environment. Responsible for managing all other machines within the production environment. ·
Responsible
for managing all machines within the HQ. This includes domain controller (Microsoft
Windows 2003 AD), mail server (exchange 5.5à exchange
2000 à
exchange 2003), file system, etc. ·
Developed/automated
the deployment process for the QuickArrow web site for production and QA
environment. ·
Responsible
for leading the security team to get SAS 70 type 1 certification in 2004 from
the auditors (E&Y). ·
Oversees
the architectural design of the web site infrastructure, including multi-tier
design of the web site (Microsoft IIS 5.0, CFMX + Jrun (business logic), Java
components, DB design layer, and load-balancing design (sticky round robin,
Virtual IP address, DNS)) ·
Developed
the definition for different release vehicles (major, minor, and maintenance)
and developed the process for each type of release. Designed the check and balance system within
the release management team and integrated the “sign-off” process into the
standard release process. ·
Introduced
the concept of OLTP, OLAP, and data migration to the company. Heavily involved in the design/implementation
of the next generation QuickArrow application. ·
Responsible
of all upgrades for all QuickArrow licensed customers. ·
Responsible
of all deployments for all releases to production environment from QA to
staging to production.
·
On
call 24x7.
2001-
2003 Works (now Bank of America) Austin, TX Web Operations Manager
·
Responsible
for managing the Production Operations group. Team is
responsible for all facets of customer facing web site operations (software,
hardware, network, and DB), all internal DB design/maintaining, and internal
accounting systems. ·
Responsible
for maintenance of the production web site. Uptime statistics: 99.9998%. ·
Responsible
for leading the security team to get SAS 70 type 1 certification in 2002 with 0
high severity issues and minimum recommendations for the year 2001 from the
auditors (E&Y). ·
Responsible
for leading the security team to get SAS 70 type 2 certification in 2002 with 0
high/medium severity issues and no recommendations for the year of 2002 from
the auditors (E&Y). ·
Responsible
for managing the security audit projects from E&Y and ISS (internal scan,
release process, penetration test, etc.). ·
Oversees
the architectural design of the web site infrastructure, including multi-tier
design of the web site (Linux Apache render layer, Resin servlet engine
(business logic), Java components, DB design layer, load-balancing design
(sticky round robin, Virtual IP address, DNS), and database cluster technology
(log shipping, EMC SAN device with SQL 2000 cluster). ·
Responsible
for the designing and implementing the BCP/DR procedures and environment and
making sure the failover process takes less than 24 hours from 1 data center to
the next. ·
Responsible
for managing the projects and the design of the connections to multiple credit card
processors (TSYS and FDR) and managed relationship between credit card
processors, banks, and Works.
Responsible for talking to customers/partners to negotiate allowable
unscheduled down time and all other operation requirements. ·
Heavily
involved in the release cycle for all major, minor, and slipstream releases
(product management, development, QA, production) and responsible for pushing
and managing the architecture release of the Works web site. ·
Led
the effort of capacity analysis. Working
with Quality Assurance and Web Operation team and designed capacity test
plan. ·
Oversee
the design for the Quality Assurance environment to ensure it matched the
production environment. ·
Worked
with QA staff to develop and implemented test plans for pre-release and
production ready code. ·
Oversee
the change management process, administration, and maintenance of two QA
prototypes of the entire website including web rendering, EDI, and database
systems. ·
Responsible
for all Operation budgets. Works with
Controller on all details of the budget.
·
On
call 24x7.
1999-
2001 Works (now Bank of
America) Austin, TX Production Manager/Data Warehouse Manager
·
Responsible
for managing the Production Operations group, Back Office development team, and the Data Warehouse team. Team is responsible for
all facets of customer facing web site operations (software, hardware, and
network) and designing and maintaining of the SalesLogix, Brio, Great Plains,
and the Data Warehouse projects/architecture/environments. ·
Responsible
for leading the design the data-warehouse architecture (data transformation
from OLTP database to OLAP database) and managing projects of converting XML
documents into relational schemas. ·
Responsible
for managing the deployment process of all Works' internal/external web sites
(corporate site, application site, partner relation site, back office site, and
internal sales logix web site), and designed operational procedures for web
site catalog update. ·
Oversee
the architectural design of the web site infrastructure, including multi-tier
design of the web site (business layer versus/data layer versus render layer),
load-balancing design (sticky round robin, Virtual IP address, DNS), and AIX
DB2 and SQL server fail-over strategy. ·
Worked
with PM and internal customers (customer support, accounting, etc.) to analyze
operational impact of business requirements, implement site feature
requirements, and responsible for the generation of the operational
requirements for different groups. ·
Heavily
involved in the release cycle for all major, minor, and slipstream releases
(product management, development, QA, production) and responsible for pushing
and managing the architecture release of the Works web site. ·
Responsible
for managing the technical aspect of the relationship between Works customers/partners
(Granger, Dell, etc.). ·
Received
the Works Annual Founder’s Award.
·
On
call 24x7.
1998
- 1999 Works (now Bank of America) Austin, TX
·
Designed
and developed automatically production deployment programs to deploy VB/Java
MTS COM Components and ASP pages to production environments.
·
Designed
and developed a C++ program to maintain SMTP traffic.
·
Designed
and developed management software solution to administrate and maintain the
production web servers.
·
Responsible
for generating and maintaining builds to QA and production environment.
Responsible for automating build procedures.
·
Responsible
for configuration and installation of production and QA web environments with
Microsoft technology (IIS, COM/DCOM, MTS, LDAP server, message queue, etc.).
·
Troubleshot
NT 4.0 and Y2K issues.
·
Troubleshot
network problems (DHCP Server, Remote Access Server -dialup and PPTP,
local/domain administrator, trust relationship between two domains).
·
Responsible
for designing and developing all client side scripting objects for web pages.
·
Responsible
for leading the effort of documenting and automating test framework/test cases
for the Works web site.
·
On
call 24x7. 1996
- 1998 Smart Technology (now I2
Technology) Austin, TX Senior Quality Assurance engineer/ Developer ·
Designed
and created test environments included hardware, software, and network
configurations. ·
Responsible
for diagnosing problems/issues reported by Technical Support team. ·
Responsible
for generating test framework, capacity (stress/volume) test plan, regression
test plan, and functional test plan against the functional specification for
specific projects. ·
Responsible
for implementing capacity/regression/functional testing scripts via SILK. Coordinate the testing effort with all QA
engineers to ensure the entire test plan is executed correctly. ·
Implemented
dynamic HTML pages using SmartDNA engine, Java COM components, and
Powerbuilder. ·
Responsible
for implementing stored procedures and queries for updating and retrieving
values from Oracle database. ·
Responsible
for implementing business Java component for specific projects.
·
Troubleshot
Microsoft OS configuration problems (NT 4.0, Win95, and Win 98). |