curriculum vitae 


JOSÉ JULIO HERNÁNDEZ FERNÁNDEZ

Phone: +34 669 376 126
Email: jjhf@jjhf.com
LinkedIn: http://tinyurl.com/linkedin-jjhf
SUMMARY

Telecommunication Engineer

  • 10 years experience in auditing, consulting and deployment of infrastructure, systems, communications and security projects, as well as managed services support.
  • Experience in personnel management on complex technological environments, supporting mission critical business logics.
  • Excellent customer and results focus, proactivity and initiative, leadership and teamwork.

  • PROFESSIONAL EXPERIENCE
    2010 -
    present

    Fujitsu Technology Solutions.

    Project 'NIX' (7th lot of corporate network of the Government of Andalusia [RCJA]) - June 2011/present

    Project: Management the interconnection nodes of the corporate network of the Government of Andalusia.
    Position: Project director and coordinator of custom management center.
    Project description: NIX is the communication channel for publications and online services provided to citizens by the Government of Andalusia, as well as navigation and demand for Internet services by internal clients thereof.
    It consists of two independent data center redundant nodes, each composed of two lines of firewalls and other infrastructure (switching and routing, IDS / IPS, application antivirus, balancers, proxies, DNS, RADIUS, LDAP, NTP, VPN platforms, etc.) of services, in a robust design based on redundancy and high availability for the customers and mission critical applications they support.
    The initial sizing allowed the safe management of 2 Gbps traffic per node, being scalable as a function of evolution of the demand by the client.

    Roles played over the design and deployment phases:

  • Definition of services. Participation in deployment and monitoring functional tests.
  • Migrating from previous infrastructure and start up of new services, monitoring strict compliance with the planning agreed with the client.
  • Roles played at the production stage:

  • Management team of administrators, tracking especially the incident and provision processes, subject to stringent service level agreements.
  • Coordination, assignment of tasks and objectives, and monitoring activities of problem solving and continuous improvement of services.
  • Coordination of response to security incidents in collaboration with Andalusia-CERT.
  • Definition of standards and guidelines for the administration of the different platforms, as well as operational processes described by ITIL and ISO 20000 and 27001.
  • Development of capacity plans, contrasting simulations with real data, and definition of growth strategies for systems and services.
  • Control of the economic management of the project. Evaluation of staff performance.
  • Representation of the project before the client in several controlling committees.
  • Andalusian Regional Ministry for Equality and Social Welfare - October 2010/March 2012

    Project: Support to the operation of the systems of the Ministry.
    Position: Project manager.

  • Coordination, assignment of tasks and objectives, and performance evaluation of computer systems and database administrators.
  • Daily support of critical infrastructure of the client: servers, services and databases, storage systems, communications, perimeter security, antivirus, backups, etc.
  • Management of incidents and problems, evaluating with the client sizing and adaptation of systems to the needs of the service.
  • 24x7 monitoring regime of managed systems. Guard service coordination for intervention in case of incidents on mission critical systems.
  • Coordination of relations and joint projects between the technical team and other departments of computer services (development and operation), as well as quality office and other services of the Ministry.
  • Participation in the preparation of the Adjustment Plan of the Ministry systems to National Security Framework.
  • 2007 -
    2010

    Tragsatec (Tragsa Holding).

    Telecommunication Engineer of the Planning and water management Unit

    Support the operation of the Andalusian Water Agency computer department.

    Roles palyed:

    Technical advisor in communications and IT security - May 2009/October 2010

  • Needs analysis, negotiating with operators and internal customers, and deployment of communication solutions at industrial environments (hydroelectric centrals) and water issues specific information systems (SAIH, SAICA, ROEA, water diversion control systems, etc.).
  • IT consulting in the deployment and operation of perimeter security systems, as well as corporate projects of the Government of Andalusia.
  • Management of Agency's communications with the corporate network of Andalusia, the National Intranet (SARA network, under the Ministry of the Presidency of Spain) and various telecommunications operators.
  • Management and investigation of security incidents.
  • Responsible for operating and systems - June 2007/April 2009

  • Reporting directly to the head of computer department, design and start up from scratch the structures and functions of the department (operating and systems areas).
  • Coordination, assignment of tasks and objectives, and performance evaluation of computer system administrators and staff of operations.
  • Control and monitoring of billing of technical assistance and providers.
  • Deployment of corporate voice and data services at the headquarters of the Agency. Requirements capture, solution definition and implementation of ad hoc projects for sites with specific needs and user mobility.
  • Definition and implementation of policies, regulations and security procedures, for workstations, network services (perimeter security, file servers, domain, databases, application, documentar management...) and the customer service center, under the approach of ITIL best practices.
  • Design of network architectures and technical requirements definition of infrastructure.
  • Analysis and selection of tools (mostly open code software) and applications needed to deliver and monitor services.
  • Definition of procedures and internal rules for the adaptation of the Agency to the Data Protection Act.
  • Coordination of actions and service needs with the heads of department at provincial sites.
  • 2006 -
    2007

    Steria

    Senior project manager at Public sector Area

    Responsible for technical assistance for system administration, leading the customer relationship, managing team performance, and controlling the budget and project invoicing.

    Andalusian Regional Ministry of Innovation, Science and Enterprise - January 2006/May 2007

  • Working closely with the head of computer department, management of a team of 15 people with a presence both at the Central Services of the Department and at provincial offices.
  • Daily support of critical infrastructure of the customer, servers and services, storage, communications, perimeter security, antivirus, backup, etc.
  • 24x7 monitoring regime of managed systems. Guard service coordination for intervention in case of incidents on mission critical systems.
  • Management of incidents and problems, evaluating with the client sizing and adaptation of systems to the needs of the service.
  • Direct relationship with suppliers to facilitate the definition of improvement projects and troubleshooting for infrastructure and services.
  • Definition of procedures and internal rules for the adaptation of the Ministry to the Data Protection Act.
  • Coordination with the Agencies and public enterprises dependent on the Ministry on the deployments of systems and corporate applications, as well as the use of centralized resources (applications or data center infrastructure).
  • 2004 -
    2005

    SGI Soluciones Globales Internet (GMV Holding).

    Technician of the Secure network infrastructure Area

    Participation in network infrastructure projects, distributed architectures, perimeter security, VPN, networking, storage, etc., performing all steps of the life cycle of a project: presales, deployment, training and service management.

    Most significant projects:

    Andalusian Regional Ministry of Innovation, Science and Enterprise - November 2004/December 2005

  • Start up of the Interconnection, Security and Access Node (NISA), single point of access to Internet for the corporate telecommunications network of the Government of Andalusia.
  • Migration of perimeter security systems: configuration of a CheckPoint firewalls cluster on Crossbeam X80 platform, as well as secure external access via VPN.
  • Management solution in its first stage of production, covering all services: two lines of firewalls, internal and external DNS, reverse proxies, internal redirectors, cache proxies, etc.
  • EGMASA - Andalusian Regional Ministry of Environment - August/November 2004

  • Update of perimeter security systems: installation of a CheckPoint FW-1 NG AI cluster at headquarters, and 9 CheckPoint VPN-Edge firewalls at various locations, establishing secure communications between them by site2site VPNs.
  • Migration of Windows 2000 Server to 2003 Server. Upgrading domain controllers and Active Directory, as well as services and applications (IIS, ISA Server, Citrix, etc.). Migrating email servers from Exchange 2000 to Exchange 2003.
  • Installation of the new infrastructure platforms over HP ProLiant ML / DL Series with SAN Storage HP StorageWorks Enterprise Virtual Array.
  • Central Bank of Spain - April/May 2004

  • Update of perimeter security systems (detection and intrusion prevention systems), server hardening, deployment of application and navigation antivirus, and deployment and tuning of cache systems optimized for video streaming. Classified information.
  • Most significant clients: Central Bank of Spain, Government of Andalusia, BT, etc.

    2002 -
    2004

    G2 Security G2 Seguridad en redes e Internet (Novasoft Holding).

    IT security advisor

  • Responsible for managed security service "ALPHASEC".
  • Technical presales and secure infrastructure architect.
  • Performing penetration tests and security audits, LOPD and LSSICE (Spanish laws on privacy and security) audits, reporting status and action plans.
  • Installation, configuration and management of several network security devices (firewalls, IDSs, content control, corporate antivirus, etc.). Servers hardening (Windows/Linux).
  • Most significant clients: Government of Andalusia, Unicaja (Andalusian bank), Tourist Board Costa del Sol, Turismo Andaluz S.A. (Andalusian public enterprise), Málaga Province Government, etc.

    EDUCATION
    Telecommunication Engineer. University of Seville (Spain).
    ADDITIONAL TRAINING
  • Seminar on ISO 27001 (8 hours) (March 2012)
  • Seminar on ISO 20000 (16 hours) (March 2012)
  • ITIL v3 Foudations certified (October 2010)
  • Seminar on Wimax (16 hours) (October 2009)
  • Seminar on UMTS - Universal Mobile Telecommunications System (16 hours) (September 2009)
  • Course "Developing secure applications of e-government" (22 hours) (November 2008)
  • Course "Introduction for quality management systems: ISO 9001" (50 hours) (November 2007)
  • Course "Basic French" (80 hours) (April/July 2007)
  • Course "Applications of the Jakarta project" (25 hours) (July 2007)
  • Oracle University - DB102 Oracle Database 10g: Administration Workshop II (30 hours) (March 2007)
  • Oracle University - DB101 Oracle Database 10g: Administration Workshop I (30 hours) (March 2007)
  • Course "Management of R & D" (50 hours) (June/July 2006)
  • Course "Laws of new technologies" (50 hours) (February/March 2006)
  • CISA - Certified Information System Auditor (July 2005).
  • Check Point Security Administrator - Administration of CheckPoint VPN/Firewall-1 NG (25 hours) (November 2004)
  • Crossbeam Certified Engineer - Crossbeam Systems: XOS advanced training (20 hours) (November 2004)
  • TECHNICAL SKILLS
    Logical security:
  • Firewalls: Palo Alto Netwoks, CheckPoint VPN-1/Firewall-1 (NG AI/VSX, over Crossbeam XOS/COS / Nokia IPSO / SecurePlatform / W2K Server), Fortigate, StoneGate, NetScreen (Juniper), WatchGuard, eTrust, Linux (Netfilter/iptables + fwbuilder).
  • High availability/load balancing: Radware (+GLB), Nortel Alteon, F5 BIG-IP, HA, LVS.
  • VPN: Fortinet SSL, CheckPoint (VPN-1 SecuRemote/SecureClient, VPN Edge), StoneGate (VPN Client), NetScreen (SafeNet Soft Remote), WatchGuard (RUVPN), PPTP/L2TP, IPsec (openSwan, strongSwan).
  • Detection and intrusion prevention: Palo Alto Netwoks, Tipping Point, ISS Proventia+SiteProtector, ISS Real Secure Network Sensor + WorkGroup Manager, Snort, Stonegate.
  • Application firewalls: Radware AppWall, Palo Alto Netwoks, Sanctum AppShield, SurfinGate, SecureIIS.
  • Content control: Blue Coat, Dansguardian, Websense, Surf Control (Web Filter, eMail Filter).
  • Antivirus (corporate/gateway/mail): Trend Micro (Client/Server Suite, IWSS Internet Web Security Scanner, ScanMail for Microsoft Exchange), McAfee, Panda, eTrust, Aladdin eSafe, RAV for Qmail.
  • Authentication: LDAP, Active Directory, RADIUS, Cisco ACS, Vasco DigiPASS, ActivCard, SafeSign.
  • PKI: OpenSSL, X.509, OpenCA, W2K Certificate Server, PGP, GPG.
  • Vulnerability scanners: Nessus, nmap, Nikto, eEye Retina, ISS Internet+Database Scanner.
  • Sniffers: Wireshark (ethereal), eEye Iris, WildPackets EtherPeek, etc.
  • Integrity check: Tripwire, Aide, OSSEC.
  • Integral security management platform OSSIM and integration with related tools (Nessus, Snort, Nagios, Osiris, OSSEC, arpwatch, P0f, Pads, Ntop, etc.).
  • Security audits. Ethical hacking - penetration tests.
  • Data Protection Act (LOPD) and LSSICE audits. Development and implementation of adaptation plans.
  • Servers, services and networking:
  • Networking: Cisco (Catalyst [29xx, 37xx, 65xx y 76xx], Aironet), HP (ProCurve series), 3Com, etc.
  • Dynamic routing protocols: e/i-BGP, OSPF.
  • Bandwidth management: Allot, Packeteer PacketShaper.
  • O.S. administration: Linux (Red Hat, Debian/Ubuntu), MS Windows 200x Server.
  • Web and application servers: Apache, Tomcat, extensions (PHP, FrontPage), ASP interpreter, IIS, ColdFusion.
  • Databases: Oracle (9i/10g), MySQL, MS SQL Server, PostgreSQL.
  • Networking basic services: DNS (bind, Infoblox), DHCP, SAMBA, LDAP, etc.
  • Mail: Microsoft Exchange Server 2000/2003, SquirrelMail, sendmail, qmail, postfix, etc.
  • Proxies and caches: Blue Coat (810/9000, y antiguos Cacheflow), Squid, MS ISA Server.
  • Virtualization: PAN (BladeFrame), Xen (XenServer, XenApp), VMware Server, RHVM.
  • Backup: Symantec Backup Exec, HP Data Protector, IBM Tivoli, BrightStor ARCserve, Arkeia Network Backup.
  • Hardware: Fujitsu BladeFrame virtualization platform; blade servers from Fujitsu, HP, IBM; servers from HP (ML/DL series), IBM (xSeries), Bull (Novascale), etc.
  • Storage: Fujitsu Eternus, EMC CLARiiON, SGI InfiniteStorage, HP StorageWorks EVA.
  • Monitoring and network management: Nagios (+NagVis+NagiosQL), Cacti(+Nectar), SolarWinds Orion, smokeping, MRTG, ntop, What's up, sondas de QoS.
  • LANGUAGES
    Spanish: native.
    English: very good reading and writing, conversational proficiency.
    REFERENCES
    References upon personal request.
    Last update: June 2012

    spanish version