Michael E. C. Gauthier

NOTE: This resume is not current.

Address:
5639 Begonia Dr.
San Jose, CA 95124

Cel: (408)489-7680
Email: michael.gauthier@a-and-m.net


Highlights:

• In-depth understanding of the Internet Protocol Suite (TCP/IP) and related applications
• Capable of quickly mastering difficult computer/network concepts
• Ten years experience performing routine/security administration of Linux and various Unix OSes, Windows NT, and Windows 2000/2003/XP on classified and unclassified DoD networks
• Strong experience with firewall and DMZ design and administration -- Sidewinder, Netfilter, PIX, FWSM, private VLANs, etc.
• Secure network design and implementation
• Experienced Cisco administrator - Cisco layer-2 and layer-3 (routing, VLANS, VPNs, routing protocols, etc.)
• SMTP administration - postfix, MS Exchange, sendmail
• DNS administration - bind 8, bind 9, MS DNS
• Comfortable working with several programming/scripting languages (Perl, Python, PHP, HTML, shell scripting) -- used for both system administration functions and basic web application development
• Experienced hardware maintainer - can build, upgrade, and troubleshoot PC hardware based computers

Professional Experience:

• Senior Network Engineer, mBlox Inc. - (Global Network Team Lead) - Lead network engineer for the production, support, and lab networks worldwide. Responsible for managing the workflow of a four man team, establishing and implementing the global network roadmap, and maintaining the networks in general. Integral member of the global planning, reporting, and security teams. Cisco ASA, PIX, Catalyst, Routers, IPSEC, etc.
• Senior Technology Engineer, ICE Consulting, Inc. - General systems and network engineer for numerous San Francisco Bay area clients of ICE Consulting. Duties including general Windows and Linux system administration, network consulting, perimeter security, and break-fix troubleshooting. Cisco routers, switches, PIX, Netscreen, Nagios, Postfix, Qmail, Exchange, Samba, etc.
• Senior Network Administrator, Arrowpoint Corporation at Naval Sea Systems Command, Pacific Detachment (NSLC Pac) - responsible for the administration and perimeter security of a dynamic production and development network including a small SIPRNet enclave; PIX firewall administrator, Cisco routers, switches, VLANS; network vulnerability assessment
• Designed a four security enclave network infrastructure including multiple DMZs, NAT policy, secure enclave bridge network, proxy server, split DNS, VLAN design, and network hardware procurement


• Senior System Engineer, Science Applications International Corporation at HQ United States Forces Japan (USFJ)- responsible for the security and administration of several classified and unclassified, U.S. and bilateral networks/systems (SIPRNet, NIPRNet, Global Command and Control System - Solaris-based, etc.); firewall administrator (Sidewinder v5, v6, v6.1, netfilter, ipfilter); Windows 2000/2003/XP security and administration; UNIX/Linux security and administration; network vulnerability assessment (Internet Scanner, nmap, Nessus, eTrust Policy Compliance, etc.); Apache and IIS web server, squid proxy server administrator; system design, implementation, and documentation; Windows 2000/2003/XP domain patch management (UpdateExpert, MS Software Update server, HFNetChk); incident response, administrator trainer
• Planned and implemented the re-homeing of HQ USFJ from shared internet connectiviy to its own IP address space; included domain registration, DNS configuration for new domain, firewall and perimeter design and configuration (split DNS, service network, IDS), deployment of a caching proxy server and SMTP gateway
  
• Designed and deployed a secure Apache front-end proxy server for the HQ USFJ Outlook Web Access server obfuscating the backend - increased defense of automated attacks and nullified numerous vulnerabilities in Microsoft's web server
• Self-published a short informal document describing how to implement this front-end proxy solution - http://3cx.org/item/38 and http://3cx.org/item/46
  
• Deployed Multi-Router Traffic Grapher (MRTG) and other similar bandwidth utilization software packages (using SNMP and gateway sniffing)
• Experience identifying and eradicating viruses/worms on an infected network - successfully killed the Welchia worm in 90 minutes using only tcpdump, the Windows CLI, SysInternals' pstools, and regedit.
  
  
• Base Network Security Technician, Yokota AB - three years experience managing, maintaining, and auditing a suite of security systems (WinNT and UNIX) designed to defend the Yokota Air Base networks (Sidewinder firewall, Cisco router ACLs, intrusion detection tools)
• Firewall Administrator - managed a huge variety of IP-based traffic (packet filters, proxied, VPN, packet encryption) to and from a Class-B network
• Managed yokota.af.mil domain's Sendmail SMTP gateways (round-robin) and DNS (Bind 4, Bind 8, Bind 9, MS DNS - split DNS)
• Installation team member - installed MAN-sized ATM infrastructure - included Cisco LANE and VLANs
  
• Participated in the DoD security certification and accreditation of dozens of systems

Formal Training and Certification:

• Linux+ Certified (CompTIA) - 2004
• eTrust Policy Compliance and Audit Administration (Computer Associates) - 2004
• Securing Windows 2000 (DISA) - 2003
• SANS/GIAC Track 2: Firewalls, Perimeter Protection and VPNs - 2002
• Cisco Campus ATM Solutions (Cisco Systems) - 2000
• Building Scalable Cisco Networks (Cisco Systems) - 2000
• Designing a Microsoft Windows 2000 Directory Services Infrastructure (Microsoft) - 2000
• Designing a Microsoft Windows 2000 Migration Strategy (Microsoft) - 2000
• Updating Support Skills from MS Windows NT to MS Windows 2000 (Microsoft) - 2000
• Administering Windows NT 4.0 (Microsoft) - 1999
• Windows NT 4.0 Core Technologies (Microsoft) - 1999
• Sidewinder Firewall System Administration (Secure Computing) - 1999
• Intrusion Detection Tools Administration (ARC-Information Assurance Institute) - 1998
• Firewalls and Proxy Services (ARC-Information Assurance Institute) - 1998
• Local Area Network Concepts (ARC-Information Assurance Institute) - 1998
• USAF Communications-Computer Systems Technician Training (5-level) - 1993
• USAF Communications-Computer Systems Technician Technical School (3-level)- 1991

Education:

• (Anticipated Q1 2006) B.S., Information Systems Management, University of Maryland, University College, 2006
• A.A., Computer Studies, University of Maryland, University College, 2001
• A.A.S., Information Systems Technology, Community College of the Air Force, 2001

Employment History:

• Nov 2006 - Preset: Senior Network Engineer - mBlox Inc., Sunnyvale, CA
• Mar 2006 - Nov 2006: Senior Technology Engineer - ICE Consulting, Inc., Sunnyvale, CA
• Oct 2005 - Mar 2006: Senior Network Administrator - Arrowpoint Corporation, Naval Sea Systems Command, Pacfic Detachment, Fairfield, CA
• Oct 2001 - Oct 2005: Senior System Engineer - Science Applications International Corporation, HQ United States Forces Japan, Yokota AB, Japan
• Jul 2001 - Sep 2001: System Administrator/Database Administrator - Theater Battle Management Core Systems, Unit Level  - Science Applications International Corporation, 374th Air Wing, Yokota AB, Japan
• 1998 - Jul 2001: Network Security Technician, NOC - U.S. Air Force, Yokota AB, Japan
• 1996 - 1998: Switching Center LAN Administrator (Win NT) - U.S. Air Force, Yokota AB, Japan
• 1996 - 1998: AUTODIN Switching Systems Administrator - U.S. Air Force, Yokota AB, Japan
• 1995 - 1996: Solaris System / Network Administrator - U.S. Air Force, Osan AB, Republic of Korea
• 1991 - 1995: Mobile - Tactical Communications/PC maintenance - U.S. Air Force, III Corps, Fort Hood, Texas

Miscellaneous:

• Managed two small business domains and two personal domains - including all email services, mailing list services, web services, ftp services, and other miscellaneous services requested by the small business owner
  
• Japanese - ability to speak and comprehend basic Japanese