Alex Padilla Email and Phone Number

As a seasoned leader, I guided the Agency's transformation from a FISMA High Risk to a Managed Risk through strategic technology deployments. I steered the launch of Oversight.gov, directing the intricate ATO/FedRAMP certification process showcasing executive finesse.As Contract Officer (COR), I orchestrated seamless operations for critical IT and agency contracts, navigating complexities like Hosting Operations, Office 365 GCC G5, Audit, Verizon, GSA Networx, EIS, etc. Leading Office 365 (GCC G5) implementation.In a sweeping IT transformation, I re-engineered the network, Active Directory, Wi-Fi, and storage, introducing an Azure Cloud environment and meticulously migrating the Agency from Windows 2008 to Windows 2019. I orchestrated a paradigm shift to a fully managed environment, centralizing account management, patch distribution, and log management. My adept handling of diverse mandates, including OBM A-123, M-23-16, M-23-13, M-21-31, DHS 18-01, and 18-02, demonstrated my ability to navigate multifaceted challenges at executive and tactical levels.Directing the critical Case Management System migration from the FBI to the Agency, showcasing expertise in complex contract processes. I assisted the Office of Legal Counsel in intricate FOIA investigations, discovery, and litigations.As the driving force behind the IG Criminal Investigation Academy, I modernize the technologies supporting the training of federal agents. I also integrated the Agency with DHS EINSTEIN, CDM, CLAW, DNS PS, VDP and NCATS.As CISO, I assessed and issued ATOs on various FedRAMP systems, including CIGIE Cloud, Zoom for Government, and GovDelivery, establishing expertise in ensuring cybersecurity resilience.In directing the IT establishment of the Pandemic Response Committee, I demonstrated strategic planning acumen, from domain registration to infrastructure setup, website development, security measures, and federal mandate compliance. Senior leader but also hands-on expert.

• Manage Agency-wide technology infrastructure operations. Lead the Security, Helpdesk, IT Projects, IT Q&A, and IT COR areas (2014-2016) providing executive leadership to meet the Agency's mission.• Direct the Agency's technology operations of 2 redundant data centers (DC and CO) and infrastructure operations across 44 regional and field offices in the US and Puerto Rico.• Architect and direct the operations of the Agency's secure WAN communications including upgrades, wireless, wired, and maintenances.• Manage a diverse team of Federal (GS-14, GS-15) and Contractor staff with 4 direct reports and approximately 15 total Division staff.• Plan, direct and coordinate the successful completion of the following Agency strategic projects: DLP Prevention, IE8 to IE11 Agency Upgrade, PIV Dual Factor Authentication (LAN & VPN), Wi-Fi Services, Agency Intranet/Portal, AutoAudit for Windows, FISMA, Virtualization to VMware and Hyper-V, Good Mobile Upgrade (Boxtone & G3), Lync 2013, CISCO UCS Implementation, Corporate VoIP, NARA Compliance Planning, DHS Pen-Test Program, MAR Audit, Corporate switch refresh, and IT Service Catalog Formalization.• Coordinate and manage all Security activities (2014-2016): Policy development and maintenance, Information security, COOP, Risk Management Plan, Cybersecurity controls, Incident Response Plan, Disaster Recovery Plan, and Business Continuity planning and testing. Manage the implementation of security controls to meet FISMA and FISP requirements.• Manage vendors; perform complex product comparison analysis, resolve difficult IT risks/problems, handle negotiations, develop RFP, PWS, and other complex documentation to contract external services, evaluate and approve contractual deliverables from contractors, chair Technical Evaluation Panels, assist the Agency with GAO issues as technical SME and support executives in the organization in the decision-making process of Agency critical activities and projects of outstanding impact.

Key Accomplishments:• Manage the IT Department, determine strategic IT investments and priorities, provide strong and visionary leadership for Dean’s global technology initiatives and operations including: IT Security and Compliance, IT Budgeting and Procurement, IT Solutions, IT Operations , and IT Service Management. Work with other senior leaders and staff to build a shared strategic vision and ensure that planned IT services support Dean’s long term strategic goals.• Design and plan a high available (99.999%) cloud based Disaster Recovery infrastructure to meet corporate RTO and RPO, using IaaS and observing SEC, CFTC, security regulatory and business requirements. The vendors’ evaluation included: Rackspace, Joyent, Datapipe, Microsoft Azure, Phoenix Nap, Virtacore and iCore, with automatic failover (VMware SRM) between 2 datacenters.• Implement ITIL and PMP best practices in the organization to document and retain technical knowledge, standardize IT operations and control assets: hardware, software, licenses and projects. • Successfully manage the corporate email to Cloud (Google Apps for Business) migration. The evaluation of vendors included Office 365, Google Apps, Rackspace Email and Intermedia.• Handle all CISO related duties: Information security, regulatory compliance, risk management, cyber security, incident response, disaster recovery, and business continuity. Plan and conduct the following annual security audits: Books and Records, Electronic Communication and Data Retention (Legal Hold). Implement findings remediation plans.• Support hands-on administration of technologies in the organization: ISP HA (Fortinet FortiGate 110C and SSL based VPN); Virtualization (VMware 5.1); Networking (HP Procurves 4108); Backups (PresSTORE for Windows and Linux). Storage (NetApp 2040); Email (Google Apps for Business and Zimbra); laptop provisioning (Acronis SnapDeploy/Windows and DeployStudio-Monkey/Mac; DB (MySQL 5 and MS SQL Server 2008).

• Govern and streamline the IT and banking operations of 7 countries in Latin America and the Latin America Software Services hub in Guatemala (20 staff). Serve as central point of coordination and direction.• Assist by providing expertise in areas of global impact for the organization such as Global AD Implementation, Networking, Global Email Infrastructure, IT Metrics and Global Information Security.• Coordinate with countries’ CEOs, CFOs and COOs maintaining and enhancing the regional technology strategy and regional project portfolio aligning plans with global initiatives and strategic goals. • Partner with each one of the regional countries in the planning and execution process of technology projects such as: Enterprise OCR and Scanning, Money Laundry Prevention, Business Intelligence, Financial Compliance, Software Development, FlexCube, SIEM and others.• Found and act as CEO for the FINCA Information Technology Hub – Latin America, launching the regional Datacenter, building a team to support its financial, legal, HR, Technology Operations and DR and BPC plans for each one of the countries in the region.• Assist, represent and negotiate in behalf of the organization with corporate investors, foundations, donors, clients and Information Technology vendors around the world.

• Support CSO related activities, analyze security practices and build the National Geographic – Global Media INFOSEC Policy as well supplemental policies (Acceptable Use, Remote Access, etc). Define and guide the implementation of management, administrative and security controls in the organization.• Define templates, methods and procedures to maintain documentation of: operations and resources, change control of hosting resources and project management. Actively lead the process towards a successful implementation.• Analyze, architect and interact with key stakeholders, team members and actively participate creating & implementing the 5 year road map for the National Geographic’s hosting operations minimizing costs, ensuring high availability and enhancing overall productivity.• Represent and act in behalf of the National Geographic Society as IT/security subject matter expert with vendors (Price Waterhouse Coopers, Akamai, Neovera, Checkpoint, Palo Alto Networks), with negotiations, service providers and internally with other departments of the organization.• Engage as technical team lead in all hosting operations matters: networking using Cisco, Juniper and Foundry; MySQL, Oracle and Postgresql databases; RedHat and CentOS OSs; Isilon & NetApp storage, Open LDAP, F5, VMWare, Tomcat and Squid, guiding the team to higher operational standards.

Key Accomplishments:• Architect and deploy a new Datacenter for the organization using Cisco & BGP high-availability technologies, multiple rings of security using Cisco, Checkpoint Blade R75, McAfee Intrushield to host Windows, Linux and third-party platforms.• Develop plans, manage clients, developers, engineers and executives to successfully complete the consolidation of over 200 externally hosted information systems into the new datacenter.• Plan and deploy security controls to meet/exceed FISMA and PCI compliance requirements to host US federal organizations: USAID, Department of Education, NIH, NHLBI, SAMHSA and others. Actively interact with external and internal CIO and CISO departments and individuals to satisfy yearly certification and accreditation requirements.• Enhance the datacenter and provide technical leadership and mentoring for hosting engineers to provide 24x7 technical support for technologies such as: Google Search, Blackboard, SharePoint, Microsoft GP, Microsoft E-Commerce, Microsoft Active Directory, SurfControl, Lyris, WebTrends Analytics, Helix Video Streaming, Microsoft Exchange, Qmail, .NET/DNN/PHP hosting technologies, VMWare & Virtualization, Drupal, Joomla, Microsoft SQL and MySQL. Provide leadership and coaching for engineers implementing remote access services such as VPN with Checkpoint, Microsoft RDP, SSH, WebDAV and security controls/procedures such as least-privilege, need-to-know, chain of custody, data classification, evidence protection, penetration testing, backup drills and incident response.• Plan and develop over 200 Standard Operating Procedures to normalize hosting operations, implement the Datacenter Policies and Contract Proposal documentation. Implement a documentation library to handle over 750 hosted projects, hundreds of servers and licensing information.• Partner with several project managers and program directors to develop solutions for projects of national and international impact.

• Organize and manage the IT team and infrastructure of the Megastar Telecommunications Company in the US headquarters, the Austrian Teleport and Middle East and South Africa NOCs.• Analyze, reorganize and secure entire satellite communications infrastructure. The process includedover 40 large companies in the Middle East and South Africa regions.• Mastering and support the iDirect Platform: hardware, software and communication devices in the Austrian Teleport.• Design and Implement solid and strong security policies for the network and customer protection: protocols analysis, systems protection, operating systems hardening and intrusion detection.• Design and deploy services for Megastar telecommunications and the customers including:Windows Domains / UNIX and Windows / Web sites / Secure sites / WebDAV, UNIX & Windows support.• Organize and perform technical presentations of the iDirect Platform and the company services.• SIP/H323 Voice Communications Platform support and management.• Mastering and Manage turn up of new satellite links for new customers and support advanced custom configuration including routing, security, redundant links and multiple client access points.• Support technical requirements, design and implement custom made solutions for different varieties of customers, needs and networks.

• IT consultant for Windows NT & 2000 Network, Windows Advanced Server, TCP/IP Networking, Internet Services and Network Security.• Complete the company’s IT analysis and current situation. Outline future needs and current challenges to reach the proposed technical goals. Redesign the TCP/IP infrastructure moving it out from third party providers to an in-house management. Outline the TCP/IP policies, servers andfailover procedures.• Analysis of the current security policies (Firewalls, Operating System, Physical, Internet Services and Links with another Partner / Government organizations) and implementations. Outline and define the best security measurements and implementation of it.• Complete the planning and execute the enterprise mail migration from Exchange 5.5 to Exchange 2000 Enterprise.• Outline and implement security policies for secure data exchange of information between Technical Resources International and the National Cancer Institute main backbone, including realm trust relationships, and domains validation.• Reorganize the entire DNS infrastructure for in-house management. Execute the migration of the entire TRI's Network from Windows NT 4.0 to Windows 2000 AS, reducing the impact for all the TRI's operations and users. Upgrade all the critical servers in the main Network Operation Center of the Company.• Plan and deploy the enterprise PC GPO security policy maximizing the security at the users PC against vulnerabilities and risks.• Design and implement the 24/7 Automatic Monitoring System of the company for testing and alerting of the resources in the network.• Implement, test and tune up the Surf Control Email Filtering system for anti-spamming protection, integrating it with Microsoft Exchange Server 2000.• Design and implement the main NOC physical level reorganization by introducing structured techniques.• Successfully deploy internetworking solutions for secure networks interconnection.

• Longboard VoIP SIP Platform analysis, inspection and evaluation.• Hardware testing and Evaluation• SIP Communications Equipment analysis and evaluation.• Advisor on SIP and VoIP Technologies: hardware, software, user-end, corporate-end.

• Responsible for planning, designing and implementing security measures which safeguard access to information technology assets. Work involved creating and implementing a security strategy, identifying security issues, developing security architecture solutions, researching and deployingnew security technologies, developing and documenting security policy, performing security audits as needed, and responding to security incidents.• Responsible for Internet and Intranet security, network related security firewalls, password controls, and security design, developing and implementing a backup and disaster recovery strategy and procedures and acting as the security contact for clients.• System Administrator responsible for setting up, installing, maintaining NT / 2000 / Solaris / Linux servers and workstations, maintenance of the Network Security System and protect and harden all critical servers.• Managing the SIP Platform protocols for Internet conferencing, telephony and presence. Provide support for the events notification and systems status. Administer and support the SIP platform, customer and calls setup, routing, authentication and other feature messages to endpoints withinan IP domain. Monitor and administer the SIP Communications Platform. Administer and maintainthe Longboard LMAP servers, test and complete manual configurations. Install and configure SIP Telephone devices (hardphones and softphones) over regular, NAT and firewall architectures. Evaluate and certify new sip products.• Daily/Weekly backups, hardware/software and file management.