BRETT E. JOHNSON

This is a quick index of this resume.

• Qualifications
• Primary Education
• Professional Experience
• Computer Experience

Networking and Security professional experienced with analyzing, designing, implementing, securing, and trouble shooting systems (Business/Technical Analyst with Project Management). Focused on system stability with elegant and long running designs. Proficient in Linux and multi-platform environments.

• University of North Texas (Denton, Texas). Fall 1993-Fall 1996.
  • BA: Radio/Television/Film (RTVF, Art/Communications).
  • MINOR: Computer Science (CSCI).
  • GPA: 3.78 out of 4.00 (graduated Cum Laude).

K90, Inc. (Dallas, Texas)

March 2000 to Present. SENIOR NETWORK ADMINISTRATOR.

Designed and implemented the ISP side. This included installing Open Source mail, web, DNS, and FTP. Designed a large template based bash shell scripting system to help keep management simplified and centralized. Continuing management of ISP side.

Manage networks of K90 clients (firewall, security, remote access, VPN). Periodic end user support for K90 clients. Periodic Lotus Notes programming (in LotusScript).

Current project includes upgrade path of ISP to virtual servers for security and ease of management.

Developing and continually enhancing a Linux based firewall based on Open Source / GPL'd software.

Features include:
• QoS bandwidth management and connection balancing
• OpenVPN (also encrypted tunnels using SSH)
• self monitoring and repair (using mon to automatically fix predictable problems and warn of others)
• auto upgrade package retrieval and install (my over sized shell script that fetches through an encrypted tunnel)
• internal SMTP relay out (using qmail, handy for small offices to not rely on their ISP)
• internal DNS (handy for small offices to not rely on their ISP)
• internal DHCP server (with Dynamic DNS update)
• internal NTP (Network Time Protocol)
• HTTPS web reporting from MRTG (various system stats, interface traffic, and firewall drop log)
• firewall high availability (heartbeat and a hot stand-by)
• server clustering and high availability behind the firewall (using Linux Virtual Server, LVS)
• active Network Intrusion Detection blocking (using Snort and a light weight program I wrote)
• simple porn site filtering (using Snort and that light weight program I wrote)

This firewall can also be configured as a network bridge with basic firewalling and QoS. This is essentially an invisible firewall capable of being inserted into network setups where topology changes would be difficult or inappropriate.

Advanced level network design, implementation, integration, clustering, load balancing, back up, and security at K90 and for our clients. Software experience includes: Linux Firewall (iptables), Linux High Availability (HA) and Load Balancing (LB) Clusters, Linux Network Bandwidth Management (Quality of Service, QoS), Linux OS Hardening, Linux Self Monitoring and Recovery (using mon), Linux Virtual Private Networking (VPN using OpenVPN, also encryption tunnels using SSH), Linux Intrusion Detection System (IDS, Snort), BIND 9.x (DNS), qMail SMTP, Apache Web Services, SILC Server (fully encrypted Instant Messaging), Network Time Protocol (NTP), Andrew File System (AFS), SAMBA File System (SMB), Network Monitoring (Nagios), Network Reporting (MRTG), file system Logical Volume Manager (LVM), Network Backup, osCommerce E-Commerce Package server side, and Lotus Notes server side. Also responsible for software development and new software research, evaluation, and testing.

Shady Grove Church (Grand Prairie, Texas)

January 1998 to December 2005. RECORDING ENGINEER (Volunteer Staff).
Recording Services to Multi-Channel Direct to Disk or Live Mix to Tape and CD. Secondary responsibilities include Setup and Tear Down of Sound Stages. Designed a method to cleanly encode audio sermons for modem based bit rates.

Check Point Software Technologies, Inc. (Grand Prairie, Texas)

November 1998 to March 2000. SENIOR TECHNICAL ADVISOR.
As a support specialist, I would typically take 8-12 trouble shooting calls per day for diversified network setups. I had very high first pass resolution statistics on problems that I knew how to fix or figure out, giving three major benefits: (1) the client could continue with business because the problem was solved, (2) I could continue with my next assignment because there was no need for follow up, and (3) my peers didn’t have to waste their time and efforts doing something I already knew how to do. This position also required clear oral and written communications skills.

Check Point FireWall-1. Certified Check Point Security Administrator and Security Engineer (CCSA, CCSE). Responsible for Support and Trouble Shooting, including Lab Setup and Documentation. Trouble Shooting includes General Setup, SecuRemote, VPN & Encryption, Identification of Routing Issues, Network Address Translation (NAT), Authentication, and Security Servers (Content Vectoring Protocol, CVP, and URI Filtering Protocol, UFP).

Meta IP Certified (Check Point Infrastructure Engineer, CCIE). Responsible for Meta IP Support and Trouble Shooting, including Advanced DNS and Advanced DHCP Lab Benching on UNIX and Windows NT. Secondary Responsibilities include RADIUS Support and Sendmail Support. Peripheral Responsibilities include Beta/Stress Testing Meta IP Pre- Releases, Writing HowTo Documentation, Working with Courseware on Training Manual Revisions, Working with the Testing Center on Test Question Creation/Revision, Assisting and Training other Advisors.

Additional. FloodGate-1 Certified (Check Point Network Traffic Management, CNTM). Cisco Router CCNP training.

On Video, Inc. (Carrollton, Texas)

September 1997 to November 1998. INTERNET ADMINISTRATOR.
Primarily responsible for administering UNIX and Windows NT 4.0 Servers: Webmaster, Postmaster, Real Video Server Administrator, DNS Administrator, and Computer Upgrade/Repair. Secondary responsibilities: Tape Duplication & Standards Conversion from a variety of formats, Engineering, Editing, Technical Production, CDROM Mastering/Replication, and Computer/Multi-Media work.

Marcus Media/Marcus Cable (Denton, Texas)

February 1997 to September 1997. PRODUCTION ASSISTANT/DIRECTOR.
Responsible for programming shift on Public Access Channel, Directing/Assisting Public Access Shows videoed in studio, Control Room Engineer, Computer Maintenance & Upgrades, and generating Proposals & Requirements for Commercial Spot Digital Insertion System.

COMPUTER EXPERIENCE:

Typing Speed: 50 Words per Minute

Primary Operating Systems Experience:

• Debian Linux: Sarge and Etch (Kernel 2.4.x, 2.6.x).
• MS DOS/Windows 95, 98, NT 4.0, 2000, XP.

Application Network Experience:

TCP/IP, Meta IP, Check Point FireWall-1, Linux Firewall, Linux High Availability (HA), Linux Load Balancing (LB), Linux Clustering, BIND Domain Name Services (DNS), Dynamic Host Configuration Protocol (DHCP), qmail & vpopmail, Apache Web Server, Apache SSL Web Server, Secure Shell (SSH), Samba FS, Andrew File System (AFS), Network Monitoring and Reporting (Nagios, MRTG).

Programming Language Experience:

ANSI C, C++, Shell Script, Hyper-Text Markup Language (HTML).

Application Program Experience:

LightWave 3D, Video Toaster 4.1, Desktop Publishing, Spread Sheet, Data Base, Paint Programs, Graphics Manipulation, Audio Sampling/Editing, Video Capturing, Video Processing, Non-Linear Video Editing.