Lorenzo P. Farris, Ph.D.
lorenzo@lorenzofarris.net Bellevue, WA, USA
Keywords
|
Generalist, IaaS, Cloud Computing, MOM, SOA, EAI, Network Security, System Administration
|
Skills
|
- Windows and UNIX System Administration
- IaaS
- EC2
- Microsoft Azure
- Programming in Powershell, C#, Ruby, Java, Perl, C, shell scripts
|
|
-
Ph.D. in Nuclear Physics, Rutgers University, 1993.
-
B.A. cum laude in Physics, Harvard University, 1984.
|
Projects
|
-
Migration of services from physical servers to IaaS
- Architecture of services for scaling and fault tolerance
- Architecture for integration of corporate subsidiaries
-
B2B RosettaNet gateway architecture
-
AS2 gateway architecture
-
Tibco based Java Messaging Service (JMS) infrastructure supporting over 200 IT applications
-
Cisco internal IT X.509 certificate authority
-
JMS load-distribution using LDAP
|
Work Experience
Sr Service Engineer Microsoft Redmond, WA Sept 2014 to July 2020
|
- Migrated highly customized TFS2013 instance, used for security case management, to Azure DevOps Services
- Migrated store of very sensitive and confidential security data (12 TB) from bare metal system in secured network to Azure Blob Storage
- 2FA, network access controls, just-in-time audited, time-boxed authorization.
- Developed backup system using Azure Functions.
- Migrated PGP KeyServer to Azure
- Rebuilt on Azure IaaS (on Linux), with real-time synchronization between redundant systems behind a load balancer, geographically redundant.
- Management and Support of secure interconnect system between corporate network, and production systems
- Automated whitelisting of authorized hosts in production network.
- Configured monitoring, collection of metrics, alerts, and synthetic transactions.
- Developed Onboarding and Troubleshooting Guides, trained Tier 1 support, and provided Tier 2 support
- Primary System Engineer for Governance, Risk, and Compliance platform (RSA Archer) for productions systems.
- Tier 3 support
- Migration of platform to secure network and domain, and then to Azure IaaS
- Primary System Engineer for internal identity management service
- System analysis to identify performance issues · Automated processes for collecting and reporting on system usage
|
Systems Engineer
Amazon.com
Seattle, WA
May 2012 to Sept 2014
|
- EC2 Server Provisioning team, documenting processes, identifying and driving opportunities to increase automation, and reduce operational overhead.
- Working in the EC2 Operations Engineering team, I provided on-call support to address operational issues from specific customer issues to large scale events, troubleshooting software, system and network issues.
- Developed and maintain the playbook used by the Developer Support organization to support customers experiencing EC2 issues.
|
IT Architect
Cisco Systems
San Jose, CA
2006 to 2012
|
- Domain Architect: I reviewed cross enterprise B2B projects to assure compliance with enterprise B2B standards and assist teams in achieving that compliance.
- Enterprise Architecture: I guided project teams through Cisco's Architecture Governance Process, reviewing project architectures, and assuring that projects comply with relevant architectural standards.
- Supply Chain B2B Architect: I worked with Cisco's Supply Chain IT organization to develop integration with external supply chain partners.
-
Acquisition Integration Architect:
I consulted with functional teams within Cisco and the corresponding IT
and business teams in Cisco's subsidiaries to choose an architecture
and implementation plan for the technical aspects of integrating with
Cisco's business processes. The long term deliverable was a scalable,
repeatable architecture for integrating subsidiaries and trading
partners.
-
B2B Gateway Architect:
I was responsible for the architecture of RosettaNet, AS2, and EDI
gateways, as well as other business-to-business automated interactions.
I advised the business on the most effective technical approaches to
satisfy business requirements. I provided the technical requirements and
integration architecture for several outsourced and internally hosted
gateways, and integration with back-end systems. I advised cross-functional teams on their options for meeting their B2B
requirements, including dimensions such as cost and consistency with
Cisco's existing architecture. I consulted on EAI projects that were
evaluating state of the art technologies, and I provided the technical
requirements that Cisco has for B2B architecture, and I co-developed proof-of-concept architectures.
|
IT Engineer
Cisco Systems
San Jose, CA
2000 to 2006
|
-
Technical Lead for fault-tolerant Java Messaging Service Infrastructure.
I led the gathering of requirements from IT stakeholders; drove the
vendor selection process, including evaluation of proof-of-concept
projects; designed, built, documented, and supported the
infrastructure; and developed tools in Java, C, and Perl to monitor and
administer the messaging server. I developed training materials and
other documentation for support staff and clients. I assisted client IT
teams in making effective use of the messaging infrastructure on a
technical level. I was called upon to resolve issues in critical
production applications when the normal channels of support could not
address them. This infrastructure is used by over 200 IT applications,
most of which are customer facing, and is used to transport over 1TB of
data per quarter. I also designed the next two generations of architecture for
Cisco's JMS infrastructure for greater scalability.
-
Technical Lead for Cisco's Integration Infrastructure, including Tibco business
process automation tools (BusinessWorks), and adapters for packaged
applications. I assisted client teams in designing their applications
to make the most effective possible use of the products in Cisco's
environment, assisted in troubleshooting issues, and drove resolution
of product issues with the vendor.
-
For both the above technical lead roles, I defined and implemented processes for client engagement and security approvals.
-
Liaison between the IT application infrastructure team and the Information Security team.
-
Security Subject Matter Expert for IT application infrastructure team.
-
Technical Lead for securing inter-application, cross firewall network transport.
-
Technical Lead in vendor selection for Web Services Management products.
-
Technical Lead in vendor selection for Web Services Security products.
-
Designed and implemented a Certificate Authority for internal application.
|
Systems Engineer
PDC Solutions
Livermore, CA
1995 to 1999
|
-
Design, installation, and configuration of encrypted virtual private networks.
-
Installation, configuration, testing, and maintenance of Internet Firewalls
-
Network security audits.
-
System administration, network security, and network backup consulting.
-
Provide training in network backups and network security.
-
UNIX Network Backup solutions.
|
Postdoctoral Fellow
Lawrence Livermore
National Laboratory,
Livermore, CA
1993 to 1995
|
-
System administration for network of Sun and Solbourne systems.
-
Software development for analysis of large experimental data sets (programmed in C and Fortran).
-
Research in experimental nuclear physics in an international collaboration.
-
Presentation of research results at international conferences, and publication of research results in refereed journals.
|
Graduate Assistant
Rutgers University,
New Brunswick, NJ
1987 to 1993
|
-
Research in
experimental nuclear physics, including experiments at international
laboratories, and analysis and interpretation of collected data.
-
Presentation of research results at international physics conferences.
-
Software development for modeling and analysis of physical processes.
|
Assistant Physicist
Pitney-Bowes, Inc.,
Stamford, CT
1984 to 1987
|
-
Design of experiments to characterize prototype ink-jet printhead devices.
-
Analysis and interpretation of experimental data.
-
Demonstrations and maintenance of prototype devices.
-
Development of relational database for tracking experimental data.
|
|
|
|
|
|