RANDY ROACH
113 Mustang Drive
Rockwall Texas 75087
Tel: (972) 722-9155
Email: randy.roach@gmail.com
Summary
Innovative network professional with decades of experience in network design, security, operations and management. Designed, deployed and managed the Boy Scouts of America’s enterprise network and network security architecture at over 340 locations. Subject-matter expert providing in-house network and security consulting to BSA branch offices. Proven ability to identify customer requirements, research and evaluate alternatives, and deliver solid, cost-effective solutions. Effective communicator skilled at creating clear documentation, unambiguous policies/procedures, and convincing proposals.
Career History
BOY SCOUTS OF AMERICA, Irving, Texas 1986 - 2008
Senior Network Security Analyst
Sets overall direction of network architecture. Evaluates and implements new voice and data technologies. Provides appropriate connectivity solutions across the enterprise. Provides guidance to third-party vendors. Responsible for the overall security of voice and data networks and the policies and procedures for their use.
- Planned and managed the implementation and operation of ScoutNET, BSA’s first enterprise network. Wrote the Request for Proposal, analysis and evaluation of the responses, and vendor recommendation. Determined addressing and routing. Managed the provisioning, installation and testing of circuits and hardware for over 340 locations. Greatly enhanced timeliness and accuracy of financial and membership data by centralizing data.
- Initiated VPN Pilot Project and proved that broadband Internet connections and IPsec VPN tunnels were viable alternatives to Frame Relay/MPLS. Conversion of ScoutNET locations to VPN saved the BSA over one million dollars annually while improving security through the deployment and centralized management of Juniper NetScreen VPN firewalls at each location.
- Managed multiple telecommunications service providers including Level3, AT&T, Intergralis, iPass and Speakeasy.
- Redesigned the network and server architecture recommended by third-party e-commerce study. Provisioned hardware and corresponded with Microsoft to obtain donated software for the project. Integrated the servers with Cisco Content Services Switch to provide SSL acceleration. The result was a more flexible and robust solution at lower cost than the vendor proposal. The architecture was further leveraged as the basis for most of BSA’s Internet-facing applications.
- Managed public address systems and two-way radios for 2005 National Scouting Jamboree. Coordinated with FCC to license Kenwood LTR repeater systems and a low-power FM radio station. Engineered the data network used during the Jamboree utilizing dark fiber, point-to-point xDSL, 802.11 and Motorola Canopy links. Wrote request to Secretary of Defense resulting in use of more than 1.3 million dollars of Motorola SABRE radios.
- To simplify communications infrastructure for the 2010 Jamboree, proposed replacing most network infrastructure and radios with 3G cellular technologies. The proposal was presented to AT&T, who accepted the plan and agreed to sponsor the event.
- Developed "Five Year Infrastructure Strategy" describing the major challenges created by an expanding customer base, new regulatory requirements, and "anytime, anywhere" access. The comprehensive strategy included enhancements to network redundancy, disaster recovery planning and testing/acceptance methodology improving reliability, accessibility, scalability and security.
- Proposed and implemented Google search appliances as the search engine for the SiteCore Content Management System supporting www.scouting.org and to index internal BSA file servers and intranet sites.
- Developed the videoconferencing solution for the Chief Scout Executive. The proposal described videoconferencing standards, capabilities and limitations of each, recommended hardware and software, costs, and the recommended solution based on Microsoft Communications Server.
- Created detailed project plan listing all tasks necessary to meet the requirements of the Payment Card Industry Data Security Standard, using PCI audit procedures as a guide.
- Developed new security architecture for the National Office that replaced the concept of “trusted” and “untrusted” networks with identity-based security. As a first step, acquired and implemented a Cisco Catalyst 6500 with firewall and intrusion prevention modules.
- Converted SellWise point-of-sale systems at over one hundred Scout Shops from dialup modems to VPN utilizing ZyWall VPN appliances.
- Fixed slow response problem with BSA’s Membership Scanning system. System was deployed to the field although it had only been tested on a 100MB LAN. After characterizing the problem with packet analysis, advised the developers about their inappropriate choice of protocols for wide area networking, and suggested alternatives that solved the problem.
- Researched, evaluated and implemented web content filtering. Integrated the filter server with NetScreen firewalls located at all branch offices, providing centralized monitoring and control of Internet usage across the enterprise.
- Substantially improved security at Philmont Scout Ranch by creating separate networks for seasonal staff and mission-critical/e-commerce operations.
- Researched, evaluated and implemented secure WPA2 wireless networks utilizing Cisco Aironet 1200 access points and Xirrus Wireless Arrays. Integrated authentication with Active Directory.
Education
Brevard Community College, Cocoa FL
SANS Computer Forensics, Investigation, and Response
SANS Business Law and Computer Security
SANS Defensible .NET
Military
United States Air Force, Honorably Discharged, Technical Sgt. (E-6)
Information Systems Control School
USAF Supervisors Course
NCO Leadership School (HONOR GRADUATE)
Narrowband Systems Evaluation Course