Services
Executive level infrastructure & technology point consulting for small to mid market companies.
BIO
I have held the top level network architecture position for a large fortune 500 and have been responsible for global architecture, deployment, implementation, documentation and information security. I have also had direct consulting relationships with 2 fortune 500 companies. In my current role as Vice President of Infrastructure & Information Security for a Philadelphia based billion dollar financial institution, I have implemented a high availability, fault tolerant network and drastically limited exposure to both insider and external threats using a 1-on-1 security training approach coupled with cutting-edge solutions tailored for small and mid-market enterprises.
Why Me?
- I have learned from experience that strategic IT solutions are developed through the creation of a technology road map that is based on your business needs. The creation of this road-map includes an assessment of the risks your company faces and the costs associated with each of these risks. A technology road map is critical to the success of any business. All decisions made must fit into this road map and the map must be intimately aligned with the needs of your business.
- Rare breed with feet firmly planted in both business and technology.
- Seamless career transitions across multiple lines of business including technology, accounts receivable, business outsourcing, information security, freelance consulting and banking sectors.
- Industry recognized expert and have written articles that have appeared on CIO.com, networkworld.com and baselinemag.com to name a few. I have been invited by Ziff Davis Enterprises to present at their virtual conferences. Networkworld.com recently interviewed me on the use of an emerging security technology which will run on September 22nd. All of these can be viewed by navigating to my main web site www.mattroedell.com
- Any solution presented by my team will have an associated ROI
- I teach my teams how to create metrics for just about everything...even when you may think it is not possible to measure
- With the help of my subordinates, business leaders become our strongest advocates and ultimately will define my success in your organization
Executive Skills
-
Received 2 industry awards for most improved information security posture and excellence in network security
-
Researched, quoted, negotiated, proposed, sold to the BOD and ultimately implemented a comprehensive information security program from scratch including end user awareness training, IDS/IPS, SIEM, SNORT, Internet web filtering, sensitive information packet filtering, port security, antivirus, patch management, penetration scanning, inventory, and secure remote connectivity while simultaneously being a catalyst for a positive shift in the cultural perceptions surrounding information security in a financial institution.
-
Researched, quoted, negotiated, proposed, sold to the BOD and ultimately implemented a complete redesign of the data center which included a green initiative with the implementation of virtualization technologies and high capacity SANs. Rebuilt a high availability Cisco infrastructure with redundant Internet connectivity. In addition to these accomplishments I also negotiated with Sungard to lease rack space and implemented a high availability "hot" data center which connected to our main office via metro Ethernet.
-
Drafted policies to address all areas of IT and information security including; acceptable use, email, encryption, Internet and password usage policies. Each of these policies were presented to HR and the BOD for approval. Drafted additional policies to address asset management, data archiving, vendor access, LAN/WAN, penetration testing, backup rotation & retention, DMZ and wireless access.
-
Implemented control mechanisms to enforce policy and alert when deviations have occurred
-
Performed business wide comprehensive risk assessment
-
Responsible for meeting with auditors and providing documentation satisfying FFEIC, GLBA, NCUA and PCI compliance.
-
Scheduled, coordinated, planned, participated in and supervised disaster recovery testing
-
Scheduled, coordinated, planned, participated in Business Continuity planning
-
Responsible for penetration testing and remote social engineering engagements as well as interpreting results and creating a plan of action to remedy deficiencies
-
Reorganized contract management and consolidation contracts into coterminous agreements
-
Responsible for IT budget and project priorities
-
President of the Philadelphia CUISPA (Credit Union Information Security Professional Association) chapter
-
Established backup tape life-cycle and selected vendor to provide off site tape storage
-
Regularly meet with Senior Management to understand their lines of business and ensure their needs are met both efficiently and with security in mind
-
Successfully achieved and implemented succession planning
Diagrams of Interest
My Security Diagram Managed Service Diagram
Technical Skills
Cisco routing & switching products - Cisco PIX products - Cisco Wireless products - VMWare - Telco - T1, DS3, muxing, frame relay, metro Ethernet, DSL - Barracuda - spam firewalls - Intrusion packet filtering - RSA -ACS - Penetration testing - Vulnerability assessment & remediation - TriGeo SIEM/SNORT/IPS - Websense -Internet filtering - FiberChannel SAN/NAS - OpenView - SolarWinds - WSUS - EtherReal - ACS - high availability infrastructure and data center architecture
Education
Widener University 1994 Graduate Bachelors
CCNA July 19, 2000
CCNP March 26, 2001
CVOICE May 10, 2001
CCIE written June 12, 2005
Employment History
Vice President Infrastructure & Information Security May 2006 – present
(Confidential) Trevose, PA
Resolved the information security and IT challenges faced by the credit union. Worked with the business side of the house to fully integrate security into business functionality. Established, developed and ultimately maintained open channels of communication with all departments and managers. Developed and rolled out a comprehensive end user security education program. Developed and rolled out IT and information security policies. Developed and rolled out change management committee and processes. Contract negotiations with Sungard to bring up a hot site at their facility. Coordinated disaster recovery. Business continuity planning. Architected and implemented an all Cisco high availability WAN/LAN infrastructure with redundant core and automated DSL backup through an IPSEC tunnel using EIGRP for automated fail-over. Installed TriGeo IDS solution with automated notification system. Resolved power balancing issues in the data center. Performed a risk analysis with an action plan to mitigate risks. Coordinated vendor management. Contracted vendors to perform penetration testing. Contracted vendors to perform server patch management. Coordinated new branch installation. Resolved issues identified in penetration testing. Coordinated roll-out of Helpstar ticketing system. Coordinated server consolidation and roll-out of server virtualization. Architected and coordinated installation of fiber channel SAN with backup to disk then tape. Enabled access switch port security. Coordinated backup tape encryption and contracted Iron Mountain for off site tape storage. Created documentation for all of the above. Achieved a perfect score form the State Department of Banking on the 2007 audit.
Freelance Consultant December 2005 – May 2006
WAN2Go.com
Owner & operator of my own consulting business.
Senior Engineer LAN/WAN / Firewall May 2001 – November 2005
NCO GROUP – Horsham, PA
Routinely interact with fortune 500 clients from the presales engineering call to post production support. Have designed, implemented, troubleshot and documented end to end connectivity for over 50 fortune 500/100 clients. Planned and relocated an entire data center/network hub with only 4 hours of down time. This involved splitting the standby-redundant core and relocating it to a new facility as well as coordinating a private sonnet ring migration. Created and implemented procedures outlining T3TA disaster recovery plan to Sungard. Currently manage a hub and spoke EIGRP network composed of 7200VXRs, 3600s, 2800s, 2600s, 3725s, PIX firewalls, VPN concentrator, 6500s, 4500 POE, 3700 POE, hub and spoke, partial mesh, point to point, channelized T1’s & frame, DS3s with centralized PRI and BRI backup for 180 remote locations, 125 site to site VPNs and 75 client connections. Extensive experience with designing and implementing DMZ and secured architecture for host systems. Extensive experience with VPNs – site to site – client VPN – firewall to firewall – router to router. Provide direction to junior engineers as well as encourage growth and learning opportunities. Setup vendor access using client VPN software and restricted groups in ACS permitting access to only the required systems. Designed and implemented multiple 800+ seat call centers. Frequent interaction with TELCOs on circuit orders, discos and turn ups of fractional Ts, frame relay and DS3s. Strong working knowledge of MUXing as we do our own MUXing to allow for the frequency of circuit changes. Manage between 20 – 30 projects/issues on a regular basis. Frequent interaction with VPs, SVPs and executives. Creation of purchase orders along with business justifications. Perform fault isolation on a regular basis on the internal network as well end to end when client networks are involved.
TAC Customer Service Engineer January 2000 – May 2001
Verizon Network Integration – Fraser, PA
Manage client's global networks. Expert in WAN Frame Relay. Support networks with wide array of protocols and design. Configuration management/troubleshooting. ISDN backup / testing. NAT configuration. Frame relay configuration. VLAN setup. Interpret TELCO testing results and take appropriate course of action. Familiar with Nortel. Strong communication and documentation skills. Diagnose hardware issues and order replacements. Familiar with set up multiple vendor CSU's. Expert level troubleshooting and fault isolation ability. Utilize Netcool, Remedy, Visio, Openview, Reflections.
Network Operations Center Engineer September 1999 - January 2000
NETWORK PERFORMANCE SERVICES - Norristown, PA
Monitor the health of WANs/LANs . Utilize the following software, tools and operating systems: Nethealth, Open View's Network Node Manager, Netscape, Trackwise, Front Page, Office 2000, UNIX Solaris 2.6, Windows 95/98, Telnet, FTP, Visio, NT Server/Workstation, Norton, McAfee, Hyperterminal, Interpretation of reports to assess health of WANs/LANs, Contact customers with recommendations that will improve their network health. Assisted in web page development, database management. Trouble shoot frame relay and circuitry problems. Contact TELCO to initiate testing for circuit problems. Familiar with CISCO and Bay router commands. Perform full daily systems backups. Provide 24 hour telephone support for end users and their data centers.
Senior Restaurant Manager January 1990 – July 1999
RED LOBSTER - Philadelphia, PA
Orchestrated sales growth in the Philadelphia and New Jersey area from $17.5M to $18.7M, managing in 4 restaurants. Supervised, trained and motivated teams of 4 and 5 managers as well as 110 employees. Recommended and implemented new procedures that led to a cost of sales reduction from 39.1% to 30.0%. Resolved major operation and staffing issues.