Clarify Cyber

About

Bringing Clarity to the Complexities of Cyber Security.

Hello and Welcome to Clarify Cyber!

My name is Jason Duff and I am a Cyber Security Practitioner and Technology Generalist. I discovered my passion for technology in 1992 at the ripe age of 12 when my family got our first PC (an IBM PS2). I knew very little about computers other than what I was exposed to at school but quickly figured out how to operate and manipulate things to my will.

During my High School years, I began to learn more about computers and networking by assisting staff with diagnosing issues with the school systems. By a sheer stroke of luck, I was able to get my hands on a number of surplus computers that were donated to The American Legion that I was a member of (Post 222). I re-built and fixed them and set them up for veterans interested in learning more about technology. I also provided education and support to those that took interest, giving me some customer service experience. Fortunately, there were a few remaining machines that I was able to take home for my first lab. I immediately went to my local library and began reading about all subjects technology. Eventually, I had exhausted the resources available at the library and began buying books about networking, computing, programming and all manner of technologies. I spent all of my free time outside of my studies, job and volunteering building and breaking my lab repeatedly.

In 1999, I had amassed a considerable body of knowledge and experience in the lab, so I began searching for jobs. Unfortunately, I had no tangible experience outside my lab, so actually landing a position proved quite difficult. At this point, I had met a gentleman by the name of Eddy Monroe that was a newer member of the American Legion and worked in the Information Systems department at a local hospital. I asked if he had any volunteer or internship positions available and he gladly obliged. I spent a little over a year imaging workstations, installing software, configuring network gear, managing backup/restore operations and providing help desk services.

After my time at the hospital, I continued to pursue my passion for technology but was still unable to find a job in the field. I continued to hone my skills in my lab and offered friends and family technical assistance. Additionally, I was able to get a few small consulting engagements for local small business designing web sites and deploying new technologies. I continued to read, experiment and learn and even earned a few certifications.

It was not until 2004 that I managed to land a full-time job as a support technician with a small MSP called Intermakers. I quickly rose through the ranks, earning the most senior position in the company. In 2007, I set out on my own and started my an MSP called 954 Network and the rest is history:

SKILLSETS:
Network SecurityEnterprise ArchitectureEffective Communication
Cloud SecurityProject ManagementComplex Problem Solving
Internet SecurityVulnerability ManagementHighly Organized
Endpoint SecurityCloud ComputingTeam Oriented
Identity SecurityPenetration TestingMission Focused
Data SecurityLinux/Windows Server/DesktopTransparency
PROFESSIONAL EXPERIENCE:

JABIL CIRCUIT, INC. | Cloud Security Architect | St. Petersburg, FL.
August 2023 – Current

  • Identify and document gaps in current cloud security posture.
  • Develop a three-year roadmap intended to advance the maturity of the cloud security program.
  • Evaluate cloud security solutions and vendors for proof of concept and request for proposal.
  • Implement proactive technical guardrails to mitigate risk and close gaps.
  • Tune cloud security posture management solution to align with adopted frameworks/standards.
  • Drive remediation of findings to bring production cloud environments into compliance with defined standards.
  • Update and align cloud security standard with latest CIS benchmarks and well architected frameworks.
  • Develop and implement cloud security charge back model to recover associated service/technology costs.
  • Provide security consultancy during an AWS Experience Based Acceleration (EBA) to modernize container technology deployment and management.
  • Provide security consultancy for endpoint/server, messaging/collaboration, cloud and network security requirements during a recent divestiture.
  • Assist the threat intelligence group in maturing their incident response capabilities in AWS.
  • Interview potential candidates to fill architectural roles within the information security team.

DANAHER CORPORATION | Network Security Architect | Washington, DC.
September 2021 – August 2023

  • Design and implement zero trust network architecture leveraging Illumio.
  • Develop comprehensive architectural artifacts, including as-built and future-state materials.
  • Develop comprehensive documentation to support the operation of deployed solutions.
  • Develop training materials to support deployed solutions and architectures.
  • Develop complex network security policies and standards.
  • Evaluate vendors and new technologies for current and future information security consideration.
  • Evaluate and select partners to provide support of technology solutions and services.
  • Build comprehensive operating models to support the daily operation of services.
  • Develop and present project charters for upcoming projects.
  • Update stakeholders of current project status.
  • Manage projects and resources across a highly diverse and complex enterprise landscape consisting of multiple operating companies with varying levels of technology maturity.
  • Collaborate with operating company leaders to understand security needs and design/build/deploy solutions.
  • Effectively communicate technical designs to stakeholders for buy in.
  • Interview potential candidates to fill roles within the information security team.
  • Oversee the Network Security work stream of a transformational, multi-year cyber security initiative to mature capabilities and protect confidentiality, integrity and availability of data.

JABIL CIRCUIT, INC. | Network Security Architect | St. Petersburg, FL.
March 2017 – September 2021

  • Design reference architectures for implementation on the global network.
  • Lead the implementation of new network security reference architectures.
  • Lead security efforts and assist Global Network Operations in designing and implementing SDWAN architecture.
  • Remediate firewall compliance drift/issues across 120+ sites/firewalls globally.
  • Assist in leading security in cloud first initiatives.
  • Build and maintain firewall policies utilizing Palo Alto Networks Panorama.
  • Maintain Zscaler policies and infrastructure.
  • Assist the threat team with incident response and SOC activities.
  • Respond to incidents applicable to products that I deploy/support.
  • Respond to critical issues impacting production at global facilities.
  • Assist with root cause analysis/postmortem efforts when applicable.
  • Participate in audits and finding remediation efforts.
  • Effectively communicate technical designs to leadership for buy in.
  • Maintain relationships with security vendors across the enterprise.
  • Evaluate new vendors for potential integration into the security landscape.
  • Review and improve current security policies and procedures.
  • Consult with other towers within the organization to improve security posture.
  • Collaborate with global I.T. to assist with security concerns/improvements.
  • Manage and improve vendor relationships within the organization.
  • Assist in selection and contract negotiations for new vendors and partners.

ZSCALER, INC. | Technical Account Manager | San Jose, CA.
October 2016 – March 2017

  • Account Management.
  • Pre-sales architecture reviews, recommendations and consultation.
  • Post-sales architecture, integration and support.
  • Architecture design reviews and best practices recommendations.
  • Troubleshoot complex networking, routing and security issues.
  • Hold regular status update and progress overview presentations.
  • Deliver quarterly business reviews with applicable executives and stakeholders.
  • Guide escalations and follow through on their resolution.
  • Assist with support requests.

WHOA NETWORKS, INC. | Cloud/Network Security and Systems Engineer | Hollywood, FL.
July 2013 – October 2016

  • Assist in designing and building the underlying hardware infrastructure as well as implement a lights-out software defined data center model based on FlexPod Architecture.
  • Support Palo Alto firewalls at 3 datacenter locations for perimeter security and IPS/IDS services.
  • Build and support virtual Palo Alto firewalls deployed in customer tenants and private cloud environments.
  • Assist in building and maintaining the vCloud Director infrastructure providing customer access to resources.
  • Implement complex monitoring and reporting based on ScienceLogic and Kaseya for monitoring and alerting.
  • Configure and maintain Veeam backup infrastructure to facilitate backup of customer data.
  • Maintain the underlying hardware and hypervisors that support customer infrastructure and data.
  • Monitor systems from the Network Operations Center and act upon alerts and tickets generated by the monitoring platform or submitted by customers.
  • Assist in planning and operations for the NOC as well as the roles and responsibilities of the NOC team.
  • Work with sales engineers to build custom cloud solutions for customers.
  • Maintain accurate and complete documentation of the infrastructure as well as customer implementations.
  • Migrate clients seamlessly from other cloud platforms.
  • Provide Linux support for backend infrastructure as well as customer requirements.
  • Provide Windows support for backend infrastructure as well as customer requirements.
  • Build and Maintain a shared Microsoft Exchange 2010 cluster for hosting customer email.
  • Assist in building, maintaining and supporting a Desktop as a Service platform based on Citrix CPSM, XenDesktop and Microsoft Remote Desktop Services.
  • Configure centralized logging based on ELK stack.
  • Migrate customers to and from Office365.

954NETWORK, INC./LEXI-TEK, LLC. | Sr. Systems Engineer and Owner | Fort Lauderdale, FL.
February 2007 – April 2017

  • Manage all field technicians and engineers, schedule work orders and perform dispatch.
  • Design customer solutions to meet the specific needs of their industry and any applicable regulations.
  • Virtualize customer workloads to consolidate server sprawl, increase ROI and decrease CapEx expenditures.
  • Build web hosting and development division through strategic partnerships to expand service offerings.
  • Monitor and maintain web hosting infrastructure and associated services.
  • Provide 24/7 monitoring and support of customer infrastructure and services.
  • Design and build custom Terminal Services based deployments for medical offices.
  • Leverage Kaseya remote management and monitoring in conjunction with Autotask for ticketing.
  • Automate maintenance operations and capture revenue for accurate time tracking and billing.
  • Configure and maintain local and remote backups of customer data and systems.
  • Quote & purchase hardware and software for customers and manage hardware/software inventory/licensing.
  • Perform routine interactive and automated maintenance on all customer workstations and servers.
  • Develop marketing strategy and materials and participate in local Chamber of Commerce networking events.
  • Manage/Oversee all legal, tax, payroll and administrative tasks associated with the operations of a business.
  • Migrate customers to/from Office365
  • Migrate customers to/from Google Apps for Business.

EUROPEAN WAX CENTER | Sr. Network/Systems Engineer | Hallandale Beach, FL.
August 2012 – July 2013

  • Oversee all aspects of Corporate I.T. department to ensure franchisee satisfaction with I.T. Services.
  • Monitor all franchise IT infrastructure and security.
  • Design and build a cloud solution to launch a new interactive web site and reservations platform.
  • Manage and maintain all web servers, database servers, monitoring platforms for the cloud based reservation system.
  • Directly work with designers and developers, providing the resources necessary to meet the goals of I.T. and development related projects (DevOps).
  • Assist in the initial configuration of new franchises as they are built and suggest improvements to the process and vendor interactions/procurements.
  • Make recommendations and configure best practices for franchise template and implementation procedures.
  • Maintain franchise on-site servers/networks/SonicWall firewalls for 300+ franchise locations.

INTERMAKERS, INC. | Sr. Network/Systems Engineer | Plantation, FL.
March 2004 – February 2007

  • Oversee all field technicians/engineers and schedule all jobs.
  • Design small business network solutions for customers and implement/oversee implementation of those solutions.
  • Study and understand new technologies and educate others on my team.
  • Develop and implement operating procedures for all technicians/engineers.
  • Perform field technician duties.
  • Assist in lead generation, sales and marketing efforts.
  • Perform customer service and satisfaction duties.

FAMILIAR TECHNOLOGIES

Palo Alto PanOSTCP/IP & Network ProtocolsPalo Alto Prisma Cloud
Cisco FirepowerFirewall & IPS/IDS SystemsLinux Virtualization (LXD)
Zscaler Internet/Remote AccessVPN and Remote AccessApache/Nginx Web Server
Illumio Core/EndpointIdentity and Access ManagementMySQL/MariaDB
Rapid7 NexposePenetration TestingElastic Stack
CrowdStrike EDRLinux/Windows Server/DesktopSplunk