Summary
Overview
Work History
Education
Skills
Certification
Affiliations
Timeline
Cloud Security Alliance
Hi, I’m

Kristian Gonzalez

Cloud Director
Austin,Texas

Summary

PRACTICE LEAD - CLOUD DIRECTOR PROFESSIONAL

PROFESSIONAL SERVICES I CLOUD ENGINEERING | SMB I HEALTHCARE | ENTERPRISE | CLOUD SECURITY | COMPLIANCE | SYSTEMS ENGINEERING | CONSULTING

Accomplished, hands-on technology director with over 23 years of IT datacenter, infrastructure engineering, cloud security, software engineering and professional services experience with leading and innovating in software-defined IT data centers. Specialize in cloud datacenter design, security, architecture and development of application-centric and IaaS solutions with cloud computing platforms. Consistent top performer with demonstrated success in improving service and product experiences, driving business results, and developing high performance teams

Overview

23
years of professional experience

Work History

Bedroc – IT Consulting, Staffing and Professional Services

Cloud Practice Lead (Director Level)
07.2021 - Current

Job overview

  • Currently a professional services consulting lead on cloud deployments who owns P&L, strategy, practice metrics, lab engineering and directly manages a cloud services practice for Bedroc, Inc., a small boutique Tennessee-based VAR and IT Staffing company.
  • Led completion of functional cloud architecture designs, cloud builds, and delivery of automation or IaC (infrastructure-as-Code) and built a repository of GH templates with Azure DevOps pipelines leveraging Jenkins release management, with source code stored in Github private repositories.
  • Successfully designed, architected and implemented multiple client Dev, Prod and QA environments with Amazon services across private/public subnets to create POV architectures.
  • Led customer SCRUM teams for development and launch of migration and modernized SQL databases on EC2 with Amazon RDS alternatives.
  • Provided business and enterprise architecture leadership for 5 enterprise cloud projects on multi-month engagements.
  • Leveraged automation to develop PandaDoc SOWs while capturing and validating the customer’s vision on milestone-based outcomes
  • Deployed technical architectures and managed virtually design practitioners and practice engineering professionals while training them and Bedroc customers on AWS and Azure Cloud platforms
  • Developed Initiatives for cloud compliance program to certify for SOC II, PCI-DSS, NIST 800-53
  • Automated compliance certification for AWS Config, Azure Policy Cloud and web infrastructure remediation

IoT Home Lab, LLC, Phoenix

Founder, Principal Consultant/Architect
03.2018 - Current

Job overview

  • Cloud Implementation & Security Consulting Services
  • Provided technology strategy and execution leveraging Azure IoT Hub and Azure FaaS Services for customers in knowledge domains within public/private & hybrid loud categories: IoT technologies/wireless protocols, Cybersecurity vulnerability & endpoint management, securing cloud edge VPCs/DevOps/microservices, serverless, Big Data analytics, and regional (storage) data
  • Implementation and Design of SSH Bastion services/Just-in-time VMs for Clients on Azure
  • Design and implementation of large federal client’s AWS core security architecture with AWS infrastructure including Security Hub, AWS Bastion hosts leveraging Security Hub, AWS Config policies/rules, and Cognito user pools with IAM
  • Ensured system was thoroughly pen-tested before turning over to Cloud/Ops
  • Completed 3 long-term client projects with AWS IoT Device Core and IoT Device Defender with GreenGrass Edge deployment for a major Northwest HVAC mfr/devops team, MSP security team & GSK (Glaxo SK)
  • Designed security scans to target SaaS platforms such as Atlassian JIRA/ServiceNow utilizing Nessus, AlienVault OSSIM
  • Utilized scans and detected significant JavaScript & SQL injection vulnerabilities
  • Implemented NESSUS, OpenVAS, Ettercap, SNORT (IDS), and Infection Monkey to pen-test client envts
  • Implemented/Configured AWS security infrastructure for authentication & cloud IDM (Yubico/Okta-based) container platforms
  • Identified vulnerabilities while leading client cloud security assessments – reported recommended CIS-based corrective measures and ensured the adequacy of existing information security controls.

IBM Global Services, Technology Consulting Services

Senior Technical Architect
10.2019 - 07.2021

Job overview

  • Performed as a pre-sales and delivery consultant engaged on production level cloud-security projects for TCIS (Technology Consulting and Implementation Services) for Fortune 500 companies, i.e. Deluxe Corporation, Walter Kluwer, ViewPointe, Delta Airlines, Barclays Bank, Kaiser Permanente, Anthem Health, etc.
  • Resolved and remediated multiple clients' design-level security (assessed vulnerabilities) related issues related to operational components for Cloud WAN and and SSH-VM systems deployed on Azure and AWS.
  • Designed and implemented system security and data assurance using ISO, NIST 800-53 and PCI-DSS with CIS templates.
  • Leveraged IBM Kubernetes (Managed Cloud) and AWS Cloud IaaS to build test and proof-of-value environments which increased confidence rate to over 85% with customer IT / engineer teams and executives
  • Designed and implemented AWS SSO to work with MFA-2FA leveraging Ping Federate and PingIdentity
  • Set up PingFederate was set up as an OIDC provider to access Cognito user pools to simplify IAM deployments.
  • Led the functional design and buildout of Terraform IaC (infrastructure as code) repository in a DevOps pipeline leveraging Jenkins release mgmt., with source code stored privately in IBM Github repositories.
  • Designed enterprise DevOps architecture and implemented Dev, Prod and QA VPCs with Kinesis for Streaming log files in AWS without disrupting production traffic while segmenting private subnets from public gateways and subnets.
  • Led 3 global SCRUM teams for the development of next-gen multicloud service architecture.
  • Provided landing zone design patterns using JSON, powershell and Terraform-related code along with reference architectures developed in Draw.io/LucidChart and visio to validate designs.
  • Improved business productivity for clients by a measured NPS of 65% by re-engineering and designing infrastructures.
  • Defined enterprise public cloud processes and best practices and tailored enterprise processes for applications using Azure and AWS.

TB Consulting, LLC

Senior Cloud Consultant /Architect
04.2017 - 03.2018

Job overview

  • Managed mid-services market customers and deployments on presales calls, RFPs and deployments.
  • Functional principal cloud technologist, cloud practice lead and strategist that aligned end user business requirements with people, technology and process – high performance client service outcomes based on ITIL / Agile process delivery.
  • Architected and conceived first DEVOPS Service Methodology, based on AWS/CodePipeline, Jenkins, Ansible & documented delivery methodology and process.
  • Championed first Business Optimization Assessment, created sales training, post sales-delivery process, runbooks & delivery for ITIL-based cloud services and focused interactions with end-user customers.
  • Created and led meetings as driver for ARB (Architecture Review Board) for business & executive teams to meet SLAs and new business services targets for clients' documented needs.

AT&T App Hosting Services (AT&T Integrated Cloud)

Lead Technical Architect
12.2008 - 12.2016

Job overview

  • Principal strategist that aligned client business requirements and infrastructure needs with cloud solution, process delivery, and improvement through adoption on Lean Six Sigma principles and ITIL methodology
  • Designed infrastructure for a more efficient cloud infrastructure that reduced costs and increased ROI by 85%
  • Slashed costs and enhanced service levels via automation, using Agile Scrum methodologies and Ansible and Python scripting
  • Conducted continual knowledge sharing, and Wiki-based test plans
  • Delivered exclusive customer service through responsive communication, problem assessment, prompt corrective actions, and comprehensive follow-up
  • Established significant operational efficiencies for several client-based projects, some several months long, and including key upgrades for STaaS, SaaS and IaaS delivery offerings
  • Reduced application storage downtime and an increased service level agreement availability
  • Trusted SME/advisor & mentor to division Architects, Managers & Interns and provided in-depth tools training.
  • Presented roadmap and technology infrastructure to AT&T executives, internal engineering customers, demonstrating deep familiarity with Cloud APIs, platform infrastructure (PaaS), and IaaS security and integration capabilities with storage, compute and databases deployed on AT&T hosted datacenters.

DELL-EMC, Cisco Systems, Inc

Advisory Technology Consultant
06.2007 - 08.2008

Job overview

  • Assisted EMC with expanding managed storage services, workforce, and security transformation initiatives for Cisco IT, engineering and TAC group divisions.
  • Increased selling and product visibility of EMC product portfolio within Cisco Systems Global IT, Engineering and Technology groups with Rainfinity, Centerra, Symmetrix and Recoverpoint appliances.
  • Served as one of Cisco's key advisory consultants. Led deep proof-of-concept and helped architect on IT projects, ensured compliance with EMC SLAs/contracts, and set organizational standards for engineering groups to use and follow.
  • Built standardized EMC PoC (Proof-of-Concept) models to establish Cloud IT model and Cisco Storage projects.
  • Advanced pre-sales technical consultant that launched multi-organization storage projects for Cisco Systems.
  • Focused on successful client training of EMC Software & Hardware/Storage Management offerings.

Education

Thunderbird School of Global Management
Glendale, AZ

MBA from Global Business Management
05.2015

University Overview

University of California, Santa Cruz
Santa Cruz, CA

Certificate Program from Software Engineering Management
05.2003

University Overview

Franciscan University of Steubenville
Steubenville, OH

Bachelor of Science from Marketing
05.1997

University Overview

Skills

  • Business: SalesForce CRM Cloud, Zoho One CRM & Analytics, Microsoft Office 365, Google G Suite
  • Automation: RH Ansible 3x, Puppet 5x, Hashicorp tools: Vagrant, Terraform
  • PaaS: NoSQL Databases, MemCache & MongoDB
  • Languages: SPL, Intermediate Knowledge of Python, JSON, Advanced: Terraform, SQL and JavaScript(NodeJS)
  • AWS Security: Linux Bastion Hosts, AWS Config, Cognito, Trusted Advisor, KMS, GuardDuty, Shield, Macie, SecurityHub,SSO / Directory Service, Splunk Enterprise Security, Splunk Cloud
  • AWS Infrastructure / Core Services: S3/EBS (Storage), VPC Direct Connect, IAM (Identity and Access Management), RDS, DynamoDB (NoSQL), AWS IoT Device Core / Green Grass / IoT Device Defender, Kinesis, EFS/EBS, and AWS ElasticSearch
  • Azure Security: Azure AD B2C-Azure AD, Azure Security Center, Just-in-time VMs, Azure Bastion Hosts, Key Vault, SQL TDE, Azure Azure AD/RBAC, Azure AD Domain Services, Network Security Groups, Application Gateway, Firewall/WAF Management and AZ Monitor
  • Azure: Azure Microservices - Service Fabric, AKS, and Azure Red Hat OpenShift, Azure VM, Azure Vnets, VPC Peering, ExpressRoute, Azure Blob, Azure Migrate, Cosmos, Postgres, SQL Database, Sphere, IoT Edge
  • Security OS / Tools: CentOS 5-7, Linux OS – Kali OS 20171-current, Ubuntu Precise-Pangolin (1204 LTS) to Disco Dingo (1904 LTS), CentOS 5-7 x86 32-64 bit, Katoolin, Wireshark, Metasploit Framework
  • AWS Migrators: Snowball Edge (Petabyte-scale secure appliance migrator), Snowball Appliance (Terabyte secure migrator), Amazon DMS (Database Migration Service), and Azure Site Recovery (ASR)
  • Software: Spunk Enterprise/Phantom, AlienVault OSSIM, Tenable Nessus, OpenVAS, Ettercap, SNORT (IDS)
  • Networking: Cisco, Juniper, Arista, F5 Networks
  • Other: GitHub, Atlassian Jira, UNIX-Mac OSX 10 / Red Hat Enterprise Linux OS v5-8 / Windows 7-10 Professional, Ubuntu 1404LTS, 1604 LTS
  • Compliance: NIST 800-53, ISO 2700, PCI-DSS 30, SOX, SOC II, HI-TRUST and FEDRAMP frameworks
  • Leading virtual engineering, project management and cloud deployment teams

Certification

Aviatrix Certified Engineer Multicloud Network Associate - 2022 AWS Certified Cloud Practitioner - 2021 CCSK 4.0+ (Cloud Security Alliance CSA - 2022 VMWare Certified Associate (VCA) – DataCenter - 2020 ITIL Foundations 4, ITIL v3 Foundations Certified AWS Certified Solutions Architect (CSA) Associate - 2017), AWS Certified Solutions Architect Professional (CSAP) – June 2023) Azure Solutions Architect Expert (Initiated – Expected In 4/2023) Azure Foundations Certified - 2021 AWS Certified Professional - Solutions Architect (Initiated - Expected In 2023)

Affiliations

Affiliations


  • OpenStack Forum / Community
  • Institute of Electrical and Electronics Engineers

Timeline

Cloud Practice Lead (Director Level)
Bedroc – IT Consulting, Staffing and Professional Services
07.2021 - Current
Senior Technical Architect
IBM Global Services, Technology Consulting Services
10.2019 - 07.2021
Founder, Principal Consultant/Architect
IoT Home Lab, LLC, Phoenix
03.2018 - Current
Senior Cloud Consultant /Architect
TB Consulting, LLC
04.2017 - 03.2018
Lead Technical Architect
AT&T App Hosting Services (AT&T Integrated Cloud)
12.2008 - 12.2016
Advisory Technology Consultant
DELL-EMC, Cisco Systems, Inc
06.2007 - 08.2008
Thunderbird School of Global Management
MBA from Global Business Management
University of California, Santa Cruz
Certificate Program from Software Engineering Management
Franciscan University of Steubenville
Bachelor of Science from Marketing

Cloud Security Alliance

Cloud Security Alliance

Participate to drive cloud security standards to address business challenges in order to deliver security innovation at scale. 

Drive Adoption of cloud security tools and best practices designed for high access cloud environments.

Provide Zero-Trust working papers, exam writing guidance, and advisory services in the areas of:

CIS Cloud Benchmarking and Compliance · Security Posture and Threat Management · Azure Cloud Security · Cloud Native Security · Shift Left Security

Focus: Cloud Compliance, Workload Security, Container Security, Kubernetes Security

Similar Profiles

  • Amber Vetter

    Amber VetterAmber Vetter

    Employee Specialist at Aventure Staffing and Professional ServicesEmployee Specialist at Aventure Staffing and Professional Services

    View Profile
  • Leslie De La Paz

    Leslie De La PazLeslie De La Paz

    Repair Station Aircraft Tech II at Aerospace Professional Services| TEL STAFFING & HRRepair Station Aircraft Tech II at Aerospace Professional Services| TEL STAFFING & HR

    View Profile
  • Cymone Watkins

    Cymone WatkinsCymone Watkins

    Claims Rep Trainee at Professional Staffing ServicesClaims Rep Trainee at Professional Staffing Services

    View Profile
Kristian GonzalezCloud Director