About Me
I’m a seasoned IT professional with over a decade of experience in network security, systems administration, and infrastructure engineering—supporting enterprise environments across manufacturing facilities in the U.S. and Mexico.
Currently serving as a Network Security Engineer at Consolidated Precision Products, I design, manage, and lead network and systems infrastructure projects across 16+ sites, my accomplishments including:
I’m passionate about improving systems, securing environments, and mentoring the next generation of IT professionals. I’m currently exploring advanced roles where I can apply my experience to help organizations scale securely and efficiently.
Outside of my professional life, I can be found in the outdoor settings rappelling down waterfalls with my teams, and scaling steep rocky desert mountains with my friends.
Skills
Networking & Infrastructure
TCP/IP, DNS, DHCP, VLANs, ACLs, 802.1X, AAA, RSTP, LACP, VSF, SCADA Networks, LAN/WAN, VPN
Security & Compliance
Carbon Black, Nessus, Rapid7, SIEMs, NDAA-83, CTPAT, Microsoft Defender, Application Control, Azure vNet, Fortigate firewalls, Pfsense Firewalls
Systems & Virtualization
Windows Server, Active Directory, Microsoft Entra, Azure, VMware, Veeam, MDT, WDS, PowerShell
Cloud & Identity
Microsoft Azure, Azure AD, Office 365, Duo MFA, Entra, Confluence, Atlassian Stack
Monitoring & Tools
SolarWinds NPM/NCM/NTA, Grafana, Prometheus, Kafka, iostat, sar, top, Netbox
Scripting & Automation
PowerShell, Bash, Custom Imaging Scripts, Automation via MDT/WDS, Ansible, Python, Git, Perforce
Certifications
- Cisco Certified Network Associate (CCNA)
- CompTIA Security+
- CompTIA Network+
- Microsoft Azure Fundamentals (AZ-900)
- Microsoft Security Fundamentals (SC-900)
- Fortinet Network Security Expert Level 3 (FNSE3)
Experience
Consolidated Precision Products
Network Security Engineer (2023-Present)
• Assisted facility leadership team with passing federal audit with Custom Border Patrols for Customs-Trade Partnership Against Terrorism (CTPAT) certification by serving as IT spokesperson, providing evidence, policies, and procedures.
• Led the implementation of 802.1X on wired network and wireless network to move toward passwordless authentication, reduce attack vectors, address technical shortcomings with previous authentication method, reduce network overheard, and minimize password-related tickets.
• Led the implementation of AAA on network switches across the entire corporate infrastructure to enable security logging, create accountability, to grant RBAC to local IT teams, and reduce IT overhead.
• Deployed and configured Solarwinds NPM/NCM/NTA modules to create tailored network monitoring of the internal network infrastructure to improve response time to network outage and degraded system performance.
• Lead initiatives in network automation/orchestration, zero-touch provisioning, and network standards for company network infrastructure using Ansible, Python, ZTP, Jinja2.
• Configured, maintained, and troubleshoot stateless and stateful firewalls (ACL/Pfsense), and receive/fulfill blacklist/whitelist application/port requests from IT team members for 6+ facilities in Southern California region.
• Improve network backbone throughput, capacity, and uptime through 10G fiber uplink overhaul, implementation of VSF, RSTP, DHCP snooping, and LACP.
• Through collaborative efforts with automation team, planned, configured, and deployed SCADA network for the rollout of PLCs, industrial IoTs and data collectors for 4+ Californian facilities.
• Worked closely with security team, infrastructure team, and stakeholders to address critical/high-priority vulnerabilities found through Nessus/Rapid7.
• Collaborated with security team and upper management to author/coauthor company-wide security policies and procedures to satisfy regulations and compliance.
System Administrator (2013-2023)
• Manage relationships with vendors, contractors, and service providers, negotiating contracts and service agreements to optimize costs and performance.
• Led and deployed lite-touch imaging service using Powershell, WDS, and MDT to California region to automate hardware imaging process down to 10 minutes lead-time at minimal cost.
• Led and managed $150k-$300k network and servers infrastructure overhaul projects at each of the 6+ Californian and Mexican facilities through planning, budgeting, configuring, installation, and migration.
• Rescued business operations from $14M+ loss in productivity triggered by a singular computer security lockout on legacy SCADA hardware due to operator error.
• Improved quality of wireless coverage and refreshed wireless network infrastructure at 6+ locations through heatmapping, planning, budgeting, and deployment of Meraki wireless access points across 6+ facilities in California, Minnesota, Ohio, and Ensenada, Mexico.
• Deployed and administered 3-2-1 policies and Veeam backup solution at 6+ sites with automated workstation agent deployment, and was responsible for monitoring alerts and testing backup integrity on a weekly and monthly basis.
• Provided on-site and remote Level 1-3 support across USA and Mexico, serving 500+ users and 500+ endpoints at 16+ facilities.
• Deployed a centralized documentation system to house technical notes and source of truth, reducing siloed tribal knowledge, establish information integrity and availability, and to foster collaboration between regional IT teams.
• Worked with local facility management team to gather evidence, procedures, and policies to provide to federal government agencies for audits.
• Developed custom Powershell scripts to automate repetitive mundane tasks, such as unattended application installs, to free up time, manpower, and resources to focus on more impactful tasks and projects,
• Manage/Configure/Troubleshoot Microsoft O365/Entra/Azure technical issues.
IT Technical Specialist (2012-2013)
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.
Virtual Machines
Level 3 Technical Support Contractor
• Handled 20+ abuse reports on daily, such as verifying the legitimacy of incoming abuse reports, confirming reports, closing down accounts, shutting down malicious services, and warning customers, depending on severity of abuse and violation.
• Monitored and stablized server performance using provided tools such as Nixstats, iostats, sar, top, etc.
Siam Dish Thai Cusine
Restaurant Supervisor
• Overhauled business website to help improve user experience, and to ensure modern devices are supported.
• Worked with vendor to roll out Adelo POS system to upgrade the business payment handling/processing.
• Performed internal system audit to help drive the business toward being PCI-DSS compliance.
• Processed transactions and generated daily reports to analyze profit/loss and sales to understand the business health and find improvements on how to improve sales.
• Provided employee training for the POS system and how to manage the website.
• Worked with vendors to restock supplies and to service restaurant equipments.