Bringing Clarity to the Complexities of Cyber Security.

Hello and Welcome to Clarify Cyber!
My name is Jason Duff and I am a Cyber Security Practitioner and Technology Generalist. I discovered my passion for technology in 1992 at the ripe age of 12 when my family got our first PC (an IBM PS2). I knew very little about computers other than what I was exposed to at school but quickly figured out how to operate and manipulate things to my will.
During my High School years, I began to learn more about computers and networking by assisting staff with diagnosing issues with the school systems. By a sheer stroke of luck, I was able to get my hands on a number of surplus computers that were donated to The American Legion that I was a member of (Post 222). I re-built and fixed them and set them up for veterans interested in learning more about technology. I also provided education and support to those that took interest, giving me some customer service experience. Fortunately, there were a few remaining machines that I was able to take home for my first lab. I immediately went to my local library and began reading about all subjects technology. Eventually, I had exhausted the resources available at the library and began buying books about networking, computing, programming and all manner of technologies. I spent all of my free time outside of my studies, job and volunteering building and breaking my lab repeatedly.
In 1999, I had amassed a considerable body of knowledge and experience in the lab, so I began searching for jobs. Unfortunately, I had no tangible experience outside my lab, so actually landing a position proved quite difficult. At this point, I had met a gentleman by the name of Eddy Monroe that was a newer member of the American Legion and worked in the Information Systems department at a local hospital. I asked if he had any volunteer or internship positions available and he gladly obliged. I spent a little over a year imaging workstations, installing software, configuring network gear, managing backup/restore operations and providing help desk services.
After my time at the hospital, I continued to pursue my passion for technology but was still unable to find a job in the field. I continued to hone my skills in my lab and offered friends and family technical assistance. Additionally, I was able to get a few small consulting engagements for local small business designing web sites and deploying new technologies. I continued to read, experiment and learn and even earned a few certifications.
It was not until 2004 that I managed to land a full-time job as a support technician with a small MSP called Intermakers. I quickly rose through the ranks, earning the most senior position in the company. In 2007, I set out on my own and started my an MSP called 954 Network and the rest is history:
SKILLSETS:
Network Security | Enterprise Architecture | Effective Communication |
Cloud Security | Project Management | Complex Problem Solving |
Internet Security | Vulnerability Management | Highly Organized |
Endpoint Security | Cloud Computing | Team Oriented |
Identity Security | Penetration Testing | Mission Focused |
Data Security | Linux/Windows Server/Desktop | Transparency |
PROFESSIONAL EXPERIENCE:
JABIL CIRCUIT, INC. | Cloud Security Architect | St. Petersburg, FL.
August 2023 – Current
- Identify and document gaps in current cloud security posture.
- Develop a three-year roadmap intended to advance the maturity of the cloud security program.
- Evaluate cloud security solutions and vendors for proof of concept and request for proposal.
- Implement proactive technical guardrails to mitigate risk and close gaps.
- Tune cloud security posture management solution to align with adopted frameworks/standards.
- Drive remediation of findings to bring production cloud environments into compliance with defined standards.
- Update and align cloud security standard with latest CIS benchmarks and well architected frameworks.
- Develop and implement cloud security charge back model to recover associated service/technology costs.
- Provide security consultancy during an AWS Experience Based Acceleration (EBA) to modernize container technology deployment and management.
- Provide security consultancy for endpoint/server, messaging/collaboration, cloud and network security requirements during a recent divestiture.
- Assist the threat intelligence group in maturing their incident response capabilities in AWS.
- Interview potential candidates to fill architectural roles within the information security team.
DANAHER CORPORATION | Network Security Architect | Washington, DC.
September 2021 – August 2023
- Design and implement zero trust network architecture leveraging Illumio.
- Develop comprehensive architectural artifacts, including as-built and future-state materials.
- Develop comprehensive documentation to support the operation of deployed solutions.
- Develop training materials to support deployed solutions and architectures.
- Develop complex network security policies and standards.
- Evaluate vendors and new technologies for current and future information security consideration.
- Evaluate and select partners to provide support of technology solutions and services.
- Build comprehensive operating models to support the daily operation of services.
- Develop and present project charters for upcoming projects.
- Update stakeholders of current project status.
- Manage projects and resources across a highly diverse and complex enterprise landscape consisting of multiple operating companies with varying levels of technology maturity.
- Collaborate with operating company leaders to understand security needs and design/build/deploy solutions.
- Effectively communicate technical designs to stakeholders for buy in.
- Interview potential candidates to fill roles within the information security team.
- Oversee the Network Security work stream of a transformational, multi-year cyber security initiative to mature capabilities and protect confidentiality, integrity and availability of data.
JABIL CIRCUIT, INC. | Network Security Architect | St. Petersburg, FL.
March 2017 – September 2021
- Design reference architectures for implementation on the global network.
- Lead the implementation of new network security reference architectures.
- Lead security efforts and assist Global Network Operations in designing and implementing SDWAN architecture.
- Remediate firewall compliance drift/issues across 120+ sites/firewalls globally.
- Assist in leading security in cloud first initiatives.
- Build and maintain firewall policies utilizing Palo Alto Networks Panorama.
- Maintain Zscaler policies and infrastructure.
- Assist the threat team with incident response and SOC activities.
- Respond to incidents applicable to products that I deploy/support.
- Respond to critical issues impacting production at global facilities.
- Assist with root cause analysis/postmortem efforts when applicable.
- Participate in audits and finding remediation efforts.
- Effectively communicate technical designs to leadership for buy in.
- Maintain relationships with security vendors across the enterprise.
- Evaluate new vendors for potential integration into the security landscape.
- Review and improve current security policies and procedures.
- Consult with other towers within the organization to improve security posture.
- Collaborate with global I.T. to assist with security concerns/improvements.
- Manage and improve vendor relationships within the organization.
- Assist in selection and contract negotiations for new vendors and partners.
ZSCALER, INC. | Technical Account Manager | San Jose, CA.
October 2016 – March 2017
- Account Management.
- Pre-sales architecture reviews, recommendations and consultation.
- Post-sales architecture, integration and support.
- Architecture design reviews and best practices recommendations.
- Troubleshoot complex networking, routing and security issues.
- Hold regular status update and progress overview presentations.
- Deliver quarterly business reviews with applicable executives and stakeholders.
- Guide escalations and follow through on their resolution.
- Assist with support requests.
WHOA NETWORKS, INC. | Cloud/Network Security and Systems Engineer | Hollywood, FL.
July 2013 – October 2016
- Assist in designing and building the underlying hardware infrastructure as well as implement a lights-out software defined data center model based on FlexPod Architecture.
- Support Palo Alto firewalls at 3 datacenter locations for perimeter security and IPS/IDS services.
- Build and support virtual Palo Alto firewalls deployed in customer tenants and private cloud environments.
- Assist in building and maintaining the vCloud Director infrastructure providing customer access to resources.
- Implement complex monitoring and reporting based on ScienceLogic and Kaseya for monitoring and alerting.
- Configure and maintain Veeam backup infrastructure to facilitate backup of customer data.
- Maintain the underlying hardware and hypervisors that support customer infrastructure and data.
- Monitor systems from the Network Operations Center and act upon alerts and tickets generated by the monitoring platform or submitted by customers.
- Assist in planning and operations for the NOC as well as the roles and responsibilities of the NOC team.
- Work with sales engineers to build custom cloud solutions for customers.
- Maintain accurate and complete documentation of the infrastructure as well as customer implementations.
- Migrate clients seamlessly from other cloud platforms.
- Provide Linux support for backend infrastructure as well as customer requirements.
- Provide Windows support for backend infrastructure as well as customer requirements.
- Build and Maintain a shared Microsoft Exchange 2010 cluster for hosting customer email.
- Assist in building, maintaining and supporting a Desktop as a Service platform based on Citrix CPSM, XenDesktop and Microsoft Remote Desktop Services.
- Configure centralized logging based on ELK stack.
- Migrate customers to and from Office365.
954NETWORK, INC./LEXI-TEK, LLC. | Sr. Systems Engineer and Owner | Fort Lauderdale, FL.
February 2007 – April 2017
- Manage all field technicians and engineers, schedule work orders and perform dispatch.
- Design customer solutions to meet the specific needs of their industry and any applicable regulations.
- Virtualize customer workloads to consolidate server sprawl, increase ROI and decrease CapEx expenditures.
- Build web hosting and development division through strategic partnerships to expand service offerings.
- Monitor and maintain web hosting infrastructure and associated services.
- Provide 24/7 monitoring and support of customer infrastructure and services.
- Design and build custom Terminal Services based deployments for medical offices.
- Leverage Kaseya remote management and monitoring in conjunction with Autotask for ticketing.
- Automate maintenance operations and capture revenue for accurate time tracking and billing.
- Configure and maintain local and remote backups of customer data and systems.
- Quote & purchase hardware and software for customers and manage hardware/software inventory/licensing.
- Perform routine interactive and automated maintenance on all customer workstations and servers.
- Develop marketing strategy and materials and participate in local Chamber of Commerce networking events.
- Manage/Oversee all legal, tax, payroll and administrative tasks associated with the operations of a business.
- Migrate customers to/from Office365
- Migrate customers to/from Google Apps for Business.
EUROPEAN WAX CENTER | Sr. Network/Systems Engineer | Hallandale Beach, FL.
August 2012 – July 2013
- Oversee all aspects of Corporate I.T. department to ensure franchisee satisfaction with I.T. Services.
- Monitor all franchise IT infrastructure and security.
- Design and build a cloud solution to launch a new interactive web site and reservations platform.
- Manage and maintain all web servers, database servers, monitoring platforms for the cloud based reservation system.
- Directly work with designers and developers, providing the resources necessary to meet the goals of I.T. and development related projects (DevOps).
- Assist in the initial configuration of new franchises as they are built and suggest improvements to the process and vendor interactions/procurements.
- Make recommendations and configure best practices for franchise template and implementation procedures.
- Maintain franchise on-site servers/networks/SonicWall firewalls for 300+ franchise locations.
INTERMAKERS, INC. | Sr. Network/Systems Engineer | Plantation, FL.
March 2004 – February 2007
- Oversee all field technicians/engineers and schedule all jobs.
- Design small business network solutions for customers and implement/oversee implementation of those solutions.
- Study and understand new technologies and educate others on my team.
- Develop and implement operating procedures for all technicians/engineers.
- Perform field technician duties.
- Assist in lead generation, sales and marketing efforts.
- Perform customer service and satisfaction duties.
FAMILIAR TECHNOLOGIES
Palo Alto PanOS | TCP/IP & Network Protocols | Palo Alto Prisma Cloud |
Cisco Firepower | Firewall & IPS/IDS Systems | Linux Virtualization (LXD) |
Zscaler Internet/Remote Access | VPN and Remote Access | Apache/Nginx Web Server |
Illumio Core/Endpoint | Identity and Access Management | MySQL/MariaDB |
Rapid7 Nexpose | Penetration Testing | Elastic Stack |
CrowdStrike EDR | Linux/Windows Server/Desktop | Splunk |