Duncan Sharp 4412 SW Wildwood PL | Seattle, WA 98136
Cell: (408) 712-5292
Email: duncan@drsharp.net
Accomplished technical architect with 20+ years of diverse experience in IT. As a enterprise security architect, define and design data protection into the infrastructure, applications in alignment with data risk, regulatory requirements, and business objectives. With 10 years of HIPAA, and 5 years of PCI experience, have proven ability to advise business owners and incorporate controls in business objectives.
TVI Inc. dba Savers (2014 – 2019)
Security Architect: Develop strategic architecture for Information security across enterprise. Work with business and IT groups on appropriate frame work (CIS) for embedding security throughout enterprise. Ensure PCI controls are effective, and work with QSA on yearly audit. Work across teams to ensure business goals are achieved. Work with partner company security leaders to share threat intelligence and grow our security awareness. Work with teams to formalize incident response work-flow. Architect/implement enterprise log/SIEM (SplunkES) infrastructure. Deliver Splunk training across IT teams. Work with operations and applications to integrate logging to Splunk, develop dashboards/alerts.
Provide escalation point for security incidents. Either detected AV alerts, or reports to help desk; provide timely and appropriate next steps for remediation. Advise management as to threat being contained or additional steps required. Use Open Source tools (Kali) for forensics, and public threat intelligence sources.
Design/build/deploy/support Enterprise Splunk with Enterprise Security and VMware features. Work with systems team to deploy UFs to 3000+ end points. Develop dashboards, alerts as needed to support operations. Create custom Addons for unsupported 3rd party products. Grow daily collection to 150GB/day. Collect POS security/application logs across stores; analyze for errors, generate alerts. Create dashboards showing store revenue in real-time.
Senior Network Architect: Provide leadership to team of network engineers. Mentor and provide direction for team members. Refining the strategic infrastructure for the enterprise data and voice networks. Triage security tools, and update (FireEye, Rapid7) to ensure effectiveness. Work across teams to ensure business goals are achieved. Take on projects in mid-flight and ensure they are successfully completed. Support PCI yearly audit.
Blue Shield of California (BSCA) (2003 – 2014)
Senior Security Architect, IT Enterprise Architecture: HIPAA security architect for IT and business units. Define and communicate security policy to non-technical business unit members, and IT team members. Solution architect for core membership/claims system. Refine and evangelize security as part of the SDLC. Define processes for security requirements collection. Review PENtest findings, assess risk, and assist owners of audit findings, and work in partnership to re-mediate findings. Define new UNIX hardening standards. Research/pilot/design solutions for DDOS, user activity monitoring, malware detection, WAF, and DB monitoring. Approve network firewall changes. Mentor security engineers. Evaluate policy exception requests.
Senior Architect, IT Infrastructure & Operations: Leadership in security, infrastructure design and deployment of new business systems. Re-design network infrastructure for 5 campuses. Designed networking infrastructure and security controls for VOIP deployments. Define WAN encryption guidelines for enterprise, AD and LDAP architecture integration. Evaluated software security architecture, and define compensating controls. Architect-ed network segmentation for users, servers, non-production and DMZs. Designed secure 3rd party portals.
Senior Manager, IT Security: Group charged with securing systems and networks of BSCA. Staff managed firewalls, NIDS, HIDS, Internet email gateways (Anti-virus, anti-spam), and secure email gateway. Integrated security events (logs) into COTS Security Event Management (SIEM) system. Defined minimum security requirements for new business applications. Deploy email encryption, anti-SPAM, IDS, firewalls, SSL/VPN, and log servers. Reported directly to Chief Security Officer.
Training Consultant: Presented security seminars. Trained system administrators basics of networking, and firewall operations, securing/hardening Solaris. presented classification of hacking attacks, in depth review of current system attacks. Presented security seminar to USC Academic Information Systems department, reviewed firewall and network architecture. Recommendations on security best practices, VPN and IDS technology.
Principal Network Engineer: Lead team of level 2 back line engineers for west coast operations. Interfaced directly with management, customer account managers and customers. Troubleshoot and support numerous network devices, CISCO and Ascend. Managed firewalls, identify/mitigate security breaches, and perform security reviews. Installed router/switch software upgrades for all devices. Wrote Perl based system to extract CISCO configurations via SNMP, and then present via CGI web interface. Implemented AAA with CISCOsecure, RANCID, and Cflowd, FlowScan, Perl scripts for NetFlow analysis. Supported MRTG network utilization. Part of 24hour on call rotation.
Director eBusiness Architecture: Defined standards for building eBusiness infrastructures. Developed cost model for standard designs. Worked with staff engineers to evaluate new vendor technologies. Functioned as senior escalation point for server related problems. Designed technology demonstration lab. Delivered Check Point FW-1 consulting services.
Senior Network and Systems Architect: Lead team of startup to bring Internet infrastructure online. Completed projects which had been started but not finished. Coordinated effort to bring developers, QA, and support staff into defined process for code releases. Initiated scheduled backups, system change control, system and application event monitoring. Implemented Check Point FW-1, load balancing, NAS, NIS, HPOV, BMC Patrol. Configured redundant T1 data lines for ISP uplink.
Senior Network Administrator: Network architect for corporate networks. Designed and installed ATM WAN, firewalls, SNMP agents. Defined naming standards. Configured DNS, DHCP, NTP, NFS, NIS servers. Implement and support infrastructure monitoring using HP OpenView, 3COM Transend, 3COM LanSentry (Rmon), and MRTG. Configured CISCO routers. Infrastructure consisted of 10 & 100 Ethernet, 100FX, FDDI, T1, DS3. Managed vendor contracts.
Senior Technical Staff: Technical lead for system administrators managing HP-UX and SUN Solaris systems. Supported Livingston Portmaster dialin networking hardware, managed CISCO routers, and Token Ring gateway. Install/configure NFS, DNS, WWW, NIS. Provided system level support of application for a insurance system. Installation, performance tuning of Sybase DB.
Hughes Aircraft Corporation (HAC) (1988 – 1995)
Computer Specialist, HAC Internet Department: Team lead Internet support staff. Defined roles, project schedules, and budgets for team. Guided team in defining its mission, and structure. Lead deployment of DNS, NTP, and SMTP gateways. Member of company wide team to define and implement network naming standards. Implemented tools to maintain security of Internet connected hosts. Provided UNIX and VMS systems administration of infrastructure systems; Internet bastion hosts, SMTP Email gateways, NTP servers, DNS, and News. Supported employee online directory services. Support/install/configured IBM gateways, CISCO routers, and CERN httpd.
Computer Specialist, HAC Corporate Computing: Administrator for large VAX cluster supporting the engineering and business needs of RSG. Performed capacity management, tuning, crash analysis, network, and gateway management. Support for Oracle, Email, and VTX. Oracle DB installation and performance tuning. Implemented procedures, standards, and system/operational guidelines. Defined VAX production system environment. Configured TCP/IP for UNIX connectivity.
Languages : Perl, FORTRAN (66,77), C/C++, ASSEMBLER, PL/1, BASIC ,LISP, RPG, COBOL
Utilities : DCL, MAILbus, DATARIEVE, ALLin1, SPSSX, TDMS, SAS/GRAPH, VAXset, JCL, TSO, Oracle, expect, sh, bash, csh, ksh, ntp, httpd, DNS, sendmail, VxFS, VxVM, LVM, rdutil, NET-SNMP, Sniffer Pro, HP OpenView, BMC Patrol, fwtk, snort, OpenSSH, Xfig, VISIO
Network Technologies
WAN : GPON, SONET, OC3, DS3, T3, T1, 56kb, ISDN, aDSL, ATM, Frame relay, X.25, BiSYNC, SDLC, SNA.
LAN : 802.11ac, Ethernet, ThickNet, ThinNet, FDDI, Token Ring(802.5), VRRP, HSRP, FEC, VLAN ( ISL, 802.1q), TACACS+, MLS, SLCR, RPR, QOS, DSCP/TOS
Potocols : BGP, OSPF, EIGRP, IGRP, RIP, AppleTalk, IPX, DECnet
CISCO : 430, 877, 891, 1417, 1500, 25XX, AGS, 28XX, 29XX, 3745, 3845, 4700, 7200, 4006, 5500, 6500, 7500, PIX/FWSM/ASA, 11503
Juniper : SRX-1400, SRX550, EX4200, QFX5100, ISG-1000/2000
IMPERVA : WAF and DB firewalls
FireEye : Malware, 0-day firewall
HP : Tipping Point IPS (660N, 5200NX, 7100NX)
Proofpoint : Anti-spam, secure email, TAP/TARP
Rapid7 : Nexpose
Gigamon : GigaVue-HC2 /w bypass module
Operating Systems
Linux : Kali, RedHat, CentOS, Fedora, Oacle Enterprise Linux
Solaris : Solaris 2.5 to 10, SUNos 4.1.3
Microsoft : Windows NT/95/w2k/7/10, w2k, w2k8, w2012
IBM : Various mainframes (DOS, MVS, VM)
BS Computer Science and Mathematics, University of Illinois, incomplete as of 1981
CCNA, CCNP, CQS expired 2006
Professional and Customer References by Request
Professional Affiliations: ACM