This is a textual representation of my résumé as of January, 2018. It is also available via download in PDF format.




Michael Horwath
2009 29th Ave NW
New Brighton, MN 55112
Cell: 612-229-5878
Email: [email protected]
LinkedIn: Mike Horwath

Profile

  • Almost 25 years of experience successfully leading companies, teams, departments, and projects.
  • Detailed-oriented IT professional with experience as a systems architect, administrator of hundreds of servers, and mid-to-large sized networks, and the teams that manage them.
  • Highly skilled at managing large, complicated projects on a range of platforms.
  • Able to quickly adapt to any IT environment and exercise independent judgement within management guidance and project goals.
  • Excellent written and oral communication skills. Very capable of explaining complex issues in easy-to-understand terms in most cases.
  • DevOps and agile methods used in daily workflows.

Industry Certifications

  • VMware Certified Professional (VCP)
  • VMware Sales Professional (VSP)
  • VMware Technical Sales Professional (VTSP)

Notable Online Achievements

    • Created VMware and VirtualBox images for Amazon Linux to run locally for development. Wrote posts as a guide to anyone else who would like to do the same thing.
    • Wrote a highly linked-to step-by-step guide describing the implementation of Microsoft Exchange Server as a multi-tenant environment.
    • I write technical blog posts! Some examples:
  • Wrote many posts about implementation of Sumo Logic with Fortigate devices on my personal blog and posted on LinkedIn.
  • Ansible usage in my lab and production environments.
  • VMware posts about simplifying mundane activities.

Employment History



Redundant Networking Corporation
Principal, 6/1997 thru present

Duties

I have operated a couple of businesses under this umbrella. Octanews started in 2003 and was eventually shuttered in 2012. Minnesota Tau (mtau) is the current D/B/A operating as a technical engineering consultancy to SMB and Enterprise accounts.

Experience

  • Manage engineering teams on projects from planning to completion.
  • Cloud infrastructure design and architecture, and implementation within AWS (preferred), GCE, and Azure.
  • VMware design and architecture, implementation, maintenance.
  • Network infrastructure design and architecture, implementation via Juniper, Cisco, Fortigate platforms.
  • Automation architecture, implementation, and maintenance via Ansible.
  • General IT consultancy duties.
  • Security focused approach in all levels of planning and implementation.


TEKsystems
Contractor, Security Automation Developer, 10/2017 thru present

Duties

Implement best common practice security controls within AWS for a large agriculture company.

Experience

  • Implement CIS AWS Foundations Benchmark controls across all AWS accounts and business units.
  • Create a framework that operates in a pipeline to create common elements across all accounts.
  • Work as a conduit to other teams to create better security practices.
  • Involved with design/architecture of new centralized logging for VPC Flow Logs and S3 access logs.
  • Code review of Terraform within the cloud platform team repositories including optimization.
  • Mentored developers on the team on Terraform best practices and sharing what I have learned along the way.

Achievements

  • Create new bootstrap for the security team that instantiates a pipeline per account and uses the attached framework to implement security controls and consistency in the business unit accounts.
  • Work with other teams to streamline bootstrap code for new AWS accounts and VPC configuration.
  • Implement AWS GuardDuty across any account tied to the framework via master/member account relationships.
  • Implement centralized logging of VPC Flow Logs, CloudTrail, and S3 access logs to master account.
  • Stand up and configure Palo Alto Networks firewalls in AWS for both ingress and egress in a multi-account configuration using VPC peering and direct-connect.
  • Configure external load balancers on ingress in security account that use the Palo Alto Networks firewalls which then send connections cross-account to auto-scaling group (AWS ASG) built nginx instances that talk to internal ELB/ALB in the target account.
  • Write Terraform modules to create repeatable, consistent infrastructure resources.


RAZR Marketing
Ad hoc consultant 10/2015 – 7/2016
Senior Site Reliability Engineer and Senior Security & Compliance Engineer – 8/2016 – 10/2017

Duties
Originally worked with RAZR Marketing as an ad hoc consultant helping them with their office networking, initial AWS implementation, firewall upgrades, and work on PCI DSS.

Accepted a position in August 2016 and I have worn multiple hats since.

#DevOps: Develop and maintain infrastructure as repeatable routines via Terraform (AWS) and Ansible (instance configuration). Monitor and maintain CI/CD tasks with Jenkins, and the migration away from Bamboo. Engage with development and project management to architect, scale, and improve the security, compliance, and uptime of our production systems.

Security/Compliance: review, implement, and remediate our policies, procedures, systems, and networks. Deep interaction in our PCI/SOC2 compliance certifications as the subject matter expert. Implement HIPAA supported architecture in AWS for a large medical device company solution.

Experience

  • Architect and implement self-hosted Atlassian products (Jira, Confluence, Crucible).
  • Terraform has taken over for approximately 90% of my automation work within AWS.
  • Written many Ansible playbooks to maintain our Linux instances, from patching to compliance.
  • AWS infrastructure design, architecture, and implementation.
  • Some VMware work within legacy data-center installation as production infrastructure moves to AWS.
  • Review and Rewrite sections of our compliance standards and procedures.

Achievements

  • Redesign network infrastructure and architecture to fully comply with PCI DSS and HIPAA.
  • Remove Bamboo from production environment.
  • Migrate legacy Tomcat/Java based applications to AWS in a repeatable fashion.
  • Worked with development and other SRE to implement micro-services architecture for a new class of services offered by RAZR in AWS.
  • Achieve over 99.9% uptime **including planned downtime** for our customer offerings via improved architecture and automation.


SPS Commerce
Principal Systems Engineer from 7/2014 thru 8/2015
Lead Systems Engineer 10/2013 thru 8/2015

Duties
My position was responsible for architecting, building and implementation of technologies to offer a world-class SaaS platform. I collaborated closely with development and other technology staff to develop, migrate, and manage services both in our private data centers and in the Amazon Web Services (AWS) cloud environment. I was also an advocate and agent of change by actively researching and developing strategies, tools, and technologies that can be used within the company.

I served as a mentor, providing training and supplementary support to other technology staff as needed. This required a high degree of self-sufficiency and initiative, excellent communication skills, and an ability to work effectively across departments and with upper management.

Continuation of the projects I had as a consultant.

Continued implementation of LogicMonitor throughout 2014. We really pushed LM datasources to the limit with scripts and SQL queries generating a lot of data for us to graph and alert on.

Experience

  • #DevOps
  • Implementation of Ansible as our go-to automation solution.
  • Continued support of Chef and Puppet for legacy applications.
  • Work on special projects with different operation and development teams.
  • Helped with implementation of ElasticSearch+Logstash+Kibana for centralized logging during 2014. With over 90 applications in SPS we had a lot of logging to deploy. In early 2015 we brought in Sumo Logic as our centralized logging destination. I built out many of the production dashboards for different operations groups and a few scheduled searches for nightly reporting including security and performance reports.

Achievements

  • Brought backups to the forefront as an important service provided internally SPS for the continued operation and recovery in case of disaster.
  • Decommissioned VMware backups in CommVault (wrong solution).
  • Implemented Veeam Backup & Recovery for production and development workloads (right solution).
  • Involved in the implementation of Veeam Backup & Recovery within the corporate ‘office pattern’ used in all offices (new solution).
  • ActiveMQ, to replace Oracle WebLogic queuing infrastructure, was one of the most memorable projects that I worked on during 2014 though in the end it was not chosen.
  • Ansible as the primary automation system for new production and development deployments replacing puppet (local) via attrition, and replacing Chef as the automation system for AWS. While discussed earlier in 2014 it really didn’t get a foothold until the end of the year.


SPS Commerce
Consultant from 9/2013 thru 7/2014
Lead Systems Engineer 10/2013 thru 8/2015

Duties

Came into SPS to help figure out why the operations team seemed to be doing more fire-fighting than operating.

As a teammate of the systems engineering group, I helped build morale, increase efficiencies, and bring about pride in the job.

Experience

  • Introduced LogicMonitor into SPS to handle monitoring activities of the network and servers replacing Nagios and the deprecation Sitescope and Nagios.
  • Wrote many of the initial base Chef cookbooks/recipes for AWS deployment.
  • Solidified systems engineering team into a tight-knit group supporting Cisco UCS, VMware, and almost 900 servers.
  • Worked many hours with the understaffed networking team to solve issues, finish projects, and day-to-day management.
  • Implemented Amazon Web Services (AWS) services (see below).

Achievements

  • Initial design work on ElasticSearch+Logstash+Kibana for centralized logging of over 90 applications.
  • Cleanup of F5 load balancer configurations.
  • Created first Reason For Outage (RFO) documentation and policies for ongoing internal notifications.
  • Segregated customer-facing infrastructure from internal infrastructure to create logical boundary for measurement and monitoring of service delivery.
  • Initial architecture and implementation of AWS for SPS:
    – Implemented production and development AWS Virtual Private Cloud configurations.
    – Designed and implemented initial subnet and security group designations.
    – Implemented (physical) HA Fortigate firewalls in both (current) production and development environments.
    – Initial implementation of VPN connectivity between AWS VPC to new (physical) HA firewalls in the two data centers.
    – BGP configuration for new AS.
    – Helped networking team with new policies to support AWS connectivity, failover, and security.
    – Instrumental in the set up of the first direct-connect from AWS to SPS (New Jersey data center).
    – Implementation of direct-connect from AWS to SPS (St. Paul data center).


Atomic Data, LLC
Director of Network Engineering from 12/2012 thru 8/2013

Duties

Manage multiple teams to fulfil a common goal.  Deeply involved in design and implementation of server and network projects base on business and customer requirements.

Experience

  • Defined VMware cluster architecture based on business requirements and growing customer demands.
  • Integral member of Compliance Advisory Board that defined products, services, and general policies for operation of the business.
  • Defined scope of security compliance, definition of access, policies, and implementation of security measures used in the day-to-day operations of the business in regards to SOC3 compliance as part of Security Advisory Board

Achievements

  • Designed, implemented, tested, and delivered new VMware cluster in record time including NetApp storage configuration and deployment.
  • In depth knowledge of VMware technologies, NetApp storage appliances, F5 load balancers, and IPv4/IPv6 networking protocols and design.
  • Created first Reason For Outage (RFO) documentation and policies for ongoing internal notifications.
  • Segregated customer-facing infrastructure from internal infrastructure to create logical boundary for measurement and monitoring of service delivery.


ipHouse
CTO from 4/2004 thru 10/2012
Senior Engineer from 10/2012 thru 11/2012
Principal Owner and Founder from 4/2004 thru present

Duties

Designed, implementation, delivery of high-tech infrastructure for the service provider industry. Managed the day-to-day operation of the business as a whole including employees, purchasing, scheduling, and customer interactions. Deeply involved with purchases and mergers and their integration into the ipHouse infrastructure.

Experience

  • Designed and built complete network and server infrastructure for launch of business.
  • Documented customer services for purchased companies.
  • Presented business cases and solutions to internal resources.
  • Advised customers and designed platform plans for them to meet their short-term needs and positioned them for future growth.

Achievements

  • Instrumental in refocusing corporate mission from home Internet access to managed hosting services for businesses.
  • Designed and launched fastest growing product line in company history — VMware virtual servers and virtual datacenters.
  • Integrated 3 purchased ISPs into the ipHouse infrastructure preserving over 95% of customer base while streamlining product offerings to decrease support burden and increase profitability.
  • Implemented new billing procedures resulting in decreased billing support and measurable increase in revenues.


VISI.com
CTO from 7/1996 thru 5/2000
Director of Network Engineering from 5/2000 thru 5/2004

Duties

  • Design and managed internal and external servers, network, and physical infrastructure.
  • Created disaster recovery plans and led engineering teams during both scheduled and unanticipated downtimes.
  • Day-to-day management of all engineering and support staff.

Experience

  • Proactively managed servers and network to achieve near 100% uptime.
  • Designed and supervised building of new data center in Minneapolis.
  • Retrofitted old data center in St. Paul to modern infrastructure.
  • Redesigned network/server infrastructure to improve reliability during rapid growth.
  • Primary vender contact and manager of relationships of multiple telecommunications providers including US West/Qwest, Level3, BBN Planet/Genuity Networks, Sprint, AT&T, and UUNET/MCI to support the growing network.

Achievements

  • Deployed and managed the largest 3rd party DSL network in the US West/Qwest ILEC states with over 6000 direct customers as of 2/2000.
  • Instrumental in company growth from a fledgling ISP to the largest ISP in Minnesota with $8.5M in revenue in under 4 years.
  • Operated and managed Minnesota peering point, growing it to 25+ peers in the state.
  • Operated and managed top 10 UseNet service with over 100 peers.
  • Deeply involved with the sale of VISI.com to DSLN for $25M.
  • Managed growth of network from single T1s to multiple BGP OC3 connections.


Winternet
President, Owner 11/1993 thru 7/1996

Experience and Achievements

  • Launched and grew first Internet Service Provider in Minnesota from zero revenue to $2M in less than 18 months
  • First ISP to deliver and support PPP in Minnesota.
  • Worked with multiple telecommunications providers to support the growing network including US West and UUNET, and MRNet (regional provider).
  • Changed server infrastructure from i486 systems to Sun Sparc systems running SunOS 4.x in 1994, and later settled on using Sun Solaris 2.x in late 1995.
  • Operated large UseNet news hub with over 80 peers.
  • Creating and operating Minnesota’s first peering point exchange.


MicroNet of Minnesota
Builder 9/1991 thru 11/1993

Experience

  • I built computers for small businesses in the Twin Cities area.
  • I shipped computers to small businesses in the Twin Cities area.
  • I installed and maintained Novell services for the company and clients.


Zitur and Associates
Database programmer and general services from 2/1991 thru 9/1991

Duties

  • Program in PICK on projects for multiple customers.
  • Define, source, and build custom servers to support PICK and customer applications.

Experience

PICK programming directly on i386 systems.

PICK programming within SCO UNIX on i386 systems.

Achievements

  • Implement recovery solution for returned cassette tapes and CDs for local distribution firm.
  • Design and implemented EDI solution between local music distribution firm and Target, Sam Goody, Musicland over 1200 baud bisync communications using SCO UNIX.


US Army
Truck Driver, Ammunition Handler from 5/1985 thru 11/1987 (active duty 11/1985-11/1987)

Duties

  • Review rules and regulations for both US and German statutes in the handling and movement of ammunition while stationed in West Germany.
  • Manage and coordinate storage of ammunition in active ammunition supply points in 3 regions of West Germany.
  • Support E6 management by organizing and filling out of required paperwork.

Experience

Determined correct procedures to follow when government ammunitions regulations conflicted.

Supported ammunition teams by organizing schedules, duty rosters, and layout of temporary supply points while on manoeuvres.

Achievements

  • Perfect marksmanship throughout active duty with commendations.
  • Zero issues in audits of ammunition supply points during my deployment and management of the ASPs.
  • Lead teams of non-commissioned personnel including higher ranked individuals in day-to-day operations.