Security-Focused Infrastructure Engineer

Building Secure & Intelligent Infrastructure

I design, build, and run high-availability environments end to end-from physical cabling and 100GbE spine-leaf cores to self-hosted AI ecosystems. Specializing in cybersecurity investigation, scientific workload optimization, CMMC compliance, and translating complex technical challenges into measurable business value.

Years Experience

99.9%

Uptime Achievement

<5min

Service Restoration

70-80%

AI Cost Reduction

Get In Touch View IT Framework

CMMC Level 3

100GbE Networks

AI Integration

Proxmox VE

Digital Forensics

DrawIO Expert

Security-focused infrastructure, network, and AI systems engineer with a proven track record of designing enterprise-grade solutions that balance cutting-edge innovation with rigorous security practices.

My architectural approach centers on 100GbE spine-leaf cores with server distribution/routing, dual-WAN edge with HA firewalls, and 10GbE high-availability MLAG/VLT distribution and access layers. This foundation, built with extensive SFP+/QSFP+/DAC cabling expertise and meticulous physical layer design, supports everything from traditional enterprise workloads to GPU-intensive scientific computing environments with self-hosted AI platforms and multi-model orchestration.

Core Philosophy

"Build secure, reliable, scalable systems that are invisible to users, transparent to operators, and always tied to measurable business value."

Cost Optimization

60% reduction in virtualization licensing costs through strategic VMware vSphere 6.7 to Proxmox VE 8.2 migration

AI Platform Efficiency

70-80% cost savings vs cloud alternatives via self-hosted multi-model orchestration with GPU resource management

Enterprise Scale

Network modernization serving 1,000+ devices and 300+ users with sub-5-minute service restoration capabilities

Government Security

Successfully passed all third-party government security probes while maintaining CMMC Level 3 compliance standards

SMART-E + CIA Framework

The comprehensive cybersecurity framework I've developed and implemented across enterprise environments, combining practical security measures with the foundational CIA triad for holistic protection.

Strengthen, Speak, Sustain

Strengthen: Implement MFA, enforce strong password policies, and create comprehensive documentation and user guides for knowledge sharing

Speak: Encourage reporting of suspicious behavior, foster open communication for ideas and feedback, and maintain transparent security awareness

Sustain: Maintain continuous vigilance, conduct regular incident response testing, and reinforce security best practices through ongoing education

Monitor, Mindset, Mitigate

Monitor: Implement comprehensive logging with SIEM solutions like Graylog, establish real-time alerting for anomaly detection

Mindset: Adopt zero-trust security principles, verify all access requests, and question assumptions in security decisions

Mitigate: Maintain robust backup strategies, develop comprehensive incident response plans, and ensure disaster recovery capabilities

Assess, Audit, Assure

Assess: Conduct thorough risk assessments, evaluate vendor relationships, and perform comprehensive supply-chain security reviews

Audit: Regularly verify log integrity, validate security controls, and ensure ongoing compliance with regulatory standards

Assure: Demonstrate organizational integrity and trustworthiness while consistently meeting industry security standards

Risk, Review, Reevaluate

Risk: Systematically identify threats, assess vulnerabilities, and analyze potential business impact scenarios

Review: Regularly examine security policies, operational procedures, and implementation results for effectiveness

Reevaluate: Continuously adjust security strategies and controls as new threat intelligence and information emerges

Timely Patch, Tightly Secure, Trim Privileges

Timely Patch: Rapidly deploy security updates for operating systems, applications, and firmware across all infrastructure

Tightly Secure: Implement encryption for data in transit and at rest, harden system configurations to minimize attack surface

Trim Privileges: Enforce least privilege access principles, regularly review and minimize user permissions and system access

Ethics, Education, Evolution

Ethics: Honor privacy rights, act with responsibility and integrity, and maintain the highest ethical standards in all security practices

Education: Provide continuous security awareness training, foster a culture of learning, and keep teams updated on emerging threats

Evolution: Adapt security measures to address new threats, integrate emerging technologies, and stay compliant with evolving regulations

CIA Triad Foundation

Confidentiality

Protect sensitive data from unauthorized access through encryption, access controls, and secure communication channels

Integrity

Maintain data accuracy and prevent unauthorized alterations through checksums, digital signatures, and audit trails

Availability

Ensure systems and data remain accessible when needed through redundancy, disaster recovery, and performance optimization

Professional Experience

16 years of hands-on experience building secure, reliable infrastructure while maintaining empathetic user support and continuous learning

Mar 2023 - Present

Cyber Security Engineer / Analyst

Herrick Technology Laboratories, Inc. (Remote - 3+ years)

Neutralized sophisticated insider sabotage attempt using SANS SIFT forensic workstation, preserving complete chain-of-custody evidence and producing decisive legal documentation

Led CMMC Level 3 and NIST 800-171 Rev 2 compliance implementation with automated Graylog 5.1 evidence collection and standardized security controls

Architected comprehensive VMware vSphere 6.7 to Proxmox VE 8.2 migration with Ceph Quincy 17.2 clustering, achieving 60% licensing cost reduction while maintaining 99.9% uptime

Deployed custom Sysmon 15.13 + NXLog 3.2.2329 + MSI bundled rollout across 300+ Windows 10/11 endpoints with Advanced Installer 20.3 packaging

Implemented enterprise Graylog 4.3/5.1 SIEM with custom parsing rules, ElasticSearch 7.17 backend, and MongoDB 4.4 replica sets for log correlation and threat detection

Engineered complex GPU cluster interconnectivity using NVIDIA Tesla V100/A100 with NVLink bridges and InfiniBand HDR 200Gbps fabric for scientific computing workloads

Successfully passed all third-party government security probes and penetration testing while maintaining continuous operations under DIB constraints

Jun 2020 - Mar 2023

Network Design Engineer

Herrick Technology Laboratories, Inc.

Delivered comprehensive enterprise network overhaul supporting 1,000+ devices and 300+ scientific research users with Dell S5248F-ON 100GbE spine-leaf architecture

Implemented dual 1Gbps WAN connectivity with SonicWall NSA 6700 HA cluster and 10GbE core switching using Dell S4048-ON with extensive SFP+/QSFP+/DAC optical interconnects

Executed meticulous Cat6A and OM4 single-mode fiber installations with APC Smart-UPS 3000VA power distribution and comprehensive facility grounding protocols

Deployed FreeRADIUS 3.2.1 with MySQL 8.0 backend, custom PHP 8.1 web management interface, and 802.1X authentication across Dell PowerConnect switches

Configured separate corporate and guest WiFi networks using Cisco WLC 9800-CL with complete Layer 2 isolation and dedicated VLAN segmentation

Implemented comprehensive Veeam Backup & Replication 12 solution with HPE StoreEver MSL3040 LTO-9 tape autoloader providing 400TB capacity

Sep 2023 - Present

Founder / Owner - Multiple Ventures

Unity Tech Labs, DATAROSS IT, Option A, Insightful Eye (AI)

Built enterprise-grade Proxmox VE 8.1/8.2 virtualization platforms with advanced Ceph Pacific/Quincy storage clustering and automated failover capabilities

Deployed comprehensive ConnectWise Control 23.4 (formerly ScreenConnect) infrastructure with SSL certificates, custom branding, and multi-tenant support

Implemented Dovecot 2.3.20 IMAP/POP3 with Postfix 3.7.3 SMTP and Roundcube 1.6.2 webmail solution providing secure email services for defense contractors

Consolidated multiple OpenVPN 2.6.5 server instances with unified certificate management, automated client provisioning, and centralized logging

Created cost-effective infrastructure solutions achieving 70-80% savings through strategic open-source adoption while maintaining enterprise-grade functionality

Developed AI-powered threat detection systems using Llama 2 70B and Mistral 8x7B models with custom Python 3.11 analysis pipelines

Aug 2019 - May 2020

Systems / Network Engineer

Experient (Maritz Global Events)

Managed VMware vSphere 6.5 U3 PCI DSS 3.2.1 compliant datacenter with advanced DRS and HA cluster optimization supporting financial transaction processing

Administered Check Point R80.20 firewall cluster (4200/4400/5600 appliances) with SmartConsole R80.20 and comprehensive policy management

Deployed centralized Kiwi Syslog Server 9.7.2 architecture with PRTG Network Monitor 20.1.57 providing comprehensive infrastructure visibility

Supported Citrix Virtual Apps and Desktops 7.15 LTSR CU6 with NetScaler MPX 5550 load balancing and session sharing optimization

Aug 2009 - Aug 2014

IT Intern & Associate Systems Engineer

Invitrogen Corporation / Life Technologies / Thermo Fisher Scientific

Launched IT career as high school work-study program intern, commuting daily by bicycle to gain hands-on experience in enterprise technology

Developed foundational expertise in Dell PowerEdge server hardware, Windows desktop support, and network troubleshooting

Supported critical scientific computing infrastructure serving biotechnology research including PCR thermal cyclers and gel imaging systems

Navigated multiple corporate acquisitions while maintaining service continuity and learning enterprise change management

Specialized in troubleshooting complex scientific instrumentation network connectivity including automated laboratory robotics

Core Principles

The foundational values that guide every technical decision, client interaction, and team collaboration

Foundational Values

Mutual Care and Reciprocity

"What we do for others, we do for ourselves; and what we do for ourselves, we do for others."

Rooted in Matthew 25:40, serving clients and colleagues serves a greater purpose

The Golden Rule

"We treat others as we would like to be treated."

Inspired by Luke 6:31, guiding all interactions with clients, partners, and team members

Shared Responsibility

"We carry each other's burdens to strengthen the whole."

Based on Galatians 6:2, working collaboratively to achieve shared goals

Generosity and Prosperity

"When we help others succeed, we succeed together."

Drawn from Proverbs 11:25, fostering mutual growth and shared success

Humility and Selflessness

"We prioritize the interests of others to build a stronger, united team."

Guided by Philippians 2:3-4, emphasizing humility, respect, and valuing others

Interconnected Excellence

"Our work reflects the interconnectedness of all we do."

Every action aligns with values, ensuring contributions benefit the collective

DATAROSS IT Core Values

Empathy

Understanding and sharing feelings of others for user-centered design and support

Patience

Tolerating delays and problems without frustration, crucial for troubleshooting and user support

Effective Communication

Conveying information clearly and empathetically, vital for teamwork and project management

Problem-Solving Skills

Analyzing issues and finding creative solutions essential for resolving IT challenges

Attention to Detail

Noticing and addressing small errors or changes important for system reliability and security

Adaptability

Adjusting to new situations and technologies, key for staying relevant in evolving IT field

Continuous Learning

Commitment to ongoing education and skill development in rapidly changing technology landscape

Security Mindset

Prioritizing protection of data and systems with proactive security measures and awareness

Service Orientation

Focus on helping others and providing exceptional user experiences in all technical solutions

Quality Focus

Commitment to excellence and best practices ensuring reliable, maintainable systems

Get In Touch

Let's discuss how the SMART-E + CIA framework and empathetic approach can strengthen your organization's security posture

Location

Frederick, Maryland

Remote/Global Available

linkedin.com/in/zachary-ross-5b7a6b25/

Professional Network

GitHub

github.com/rosszc91/

Code Portfolio

Support My Work

paypal.me/DATAROSSIT

Buy me a coffee!

Send Me A Message

Ready to secure your infrastructure? Let's start a conversation!

0 / 1000