TABLE OF CONTENTS
Professional Summary
A professional summary describes my life as a dedicated technologist with a lifelong passion for innovation and a deep commitment to advancing the field of technology through continuous learning and groundbreaking solutions.
Network Security Architecture Resume
A detailed resume showcasing the breadth of my professional experience and accomplishments in the field of computer science.
Career History
Detailed career history spanning the last 15 years.
Education History
Detailed education history, including college, conferences, external classes and kaizen.
Contact Details
Contact form and contact details.
Resume Download
Optional resume download available
PROFESSIONAL SUMMARY
Hello,
I am Aaron Stovall, a Senior Network Security Architect with over 15 years of experience driving the design, implementation, and optimization of secure and resilient IT infrastructures. My career has been defined by a passion for emerging technologies and a relentless commitment to protecting enterprise environments against evolving threats. With a unique blend of technical expertise and strategic leadership, I have consistently delivered high-impact solutions that align IT security practices with organizational goals.
Throughout my career, I have specialized in architecting robust network security frameworks, managing complex multi-cloud infrastructures, and integrating advanced cryptographic standards. My technical portfolio includes leadership in multi-domain firewall management, automation-driven DevOps workflows, and compliance adherence to industry standards such as NIST, CIS, SOX, and CISA. My ability to bridge the gap between business objectives and technical solutions has enabled me to safeguard critical systems while improving operational efficiency across global enterprises.
In my recent role at TikTok, I was instrumental in maintaining and protecting the perimeter security of a global network infrastructure while ensuring compliance with stringent data privacy regulations. I spearheaded critical projects, including the creation and implementation of architectural design standards, automation of audit processes through Large Language Models (LLMs), and strategic DevOps integration to streamline operations. My work in leveraging AI-driven methodologies and developing Post-Quantum cryptographic measures positioned the organization at the forefront of security innovation.
Previously, I managed a Multi-Domain Checkpoint firewall environment, overseeing thousands of high-availability firewalls across data centers, branch offices, and remote locations. This role required extensive on-site leadership, with 35-45% of my time dedicated to greenfield network deployments, technical integrations, and business expansion. My efforts not only improved system security and reliability but also enabled seamless onboarding of new acquisitions into the corporate network.
My expertise extends to securing multi-cloud environments, including Oracle Cloud, Microsoft Azure, and AWS. I have a proven track record of enhancing security postures by 30% through advanced threat analysis, seamless integration of security standards, and implementation of cloud-native tools. Additionally, I have designed and implemented Post-Quantum cryptographic systems leveraging Open Quantum Safe (OQS) libraries, ensuring encryption, authentication, and key management are future-proofed against quantum threats.
I have also led large-scale security assessments for mergers, acquisitions, and divestitures, utilizing structured playbooks to reduce risk exposure by 20% while ensuring smooth integrations into corporate operations. My ability to collaborate across cross-functional teams has been pivotal in standardizing security practices and scaling technical solutions to meet the demands of rapidly evolving business environments.
Further, I have demonstrated a deep understanding of API security and management, using tools like Meraki and Palo Alto APIs, Kong Gateway, Ansible, and Terraform to orchestrate seamless deployments and automate critical processes. My proficiency in full-stack development has enabled me to design custom tooling solutions that align with enterprise security standards, enhancing both operational efficiency and user experience.
As a leader, I am dedicated to fostering high-performing teams, mentoring regional technical staff, and promoting a culture of continuous improvement. My collaborative leadership style has resulted in the development of autonomous, technically skilled teams that consistently exceed performance goals.
What motivates me is the challenge of leveraging my technical acumen, leadership skills, and innovative mindset to advance corporate objectives while safeguarding critical assets. I thrive on creating secure, efficient IT environments that empower businesses to achieve their strategic vision.
Regards,
Aaron Stovall
SUMMARY
Senior Network Security Architect with over 15 years of experience securing multi-cloud environments and leading DevOps automation initiatives. Expert in architecting secure infrastructures across Oracle Cloud and Microsoft Azure, specializing in Cisco Check Point, Palo Alto firewalls, Meraki solutions, and advanced security tooling. Proven track record in streamlining operations using Python, Ansible, and custom automation tools, as well as integrating network and software layers with robust API management. Adept at driving security strategies that ensure compliance with regulatory standards and enhance organizational resilience.
PROFESSIONAL EXPERIENCE
TIKTOK, NETWORK SECURITY, JUNE 2022 – PRESENT
SR BUSINESS OPERATIONS PROTECTION SPECIALIST
Firewall Architecture and Management:
Led the support and management of Palo Alto Panorama-managed firewalls across global operations, enhancing security by implementing advanced policy controls and high-availability configurations. Developed custom automation scripts using Python to streamline firewall rule updates, optimize configurations, and automate log analysis, reducing incident resolution times by 20%.
Multi-Cloud Security and API Development:
Spearheaded multi-cloud architecture initiatives across Oracle Cloud and Microsoft Azure, improving the organization’s security posture by 30%. Leveraged GoLang and C++ to develop robust APIs and integrate cloud-native security tools with existing infrastructure. Designed scalable solutions for monitoring and securing hybrid cloud environments.
Custom Tooling Development:
Created bespoke security tools to enhance operational efficiency and automate repetitive tasks. Utilized Python, JavaScript, and Flask to design intuitive user interfaces for internal tools, enabling easier interaction with Palo Alto APIs and simplifying complex security workflows. Delivered automation frameworks that reduced operational overhead and improved deployment speeds by 40%.
Identity and Access Management (IAM):
Developed and enforced identity and access control standards, integrating SAML and OAuth protocols to streamline Single Sign-On (SSO) and improve user access management. Implemented advanced role-based access control (RBAC) policies, reducing unauthorized access attempts by 25% across the organization.
Compliance and Audit Leadership:
Led internal audits and ensured 100% compliance with local and international regulatory frameworks, including SOX, NIST, and CIS standards. Automated audit reporting processes using Python and custom scripts, enabling faster compliance validation and safeguarding the organization from legal and financial risks.
Biometric Authentication Implementation:
Pioneered the development and deployment of a biometric two-factor authentication solution using TruU and Prisma. Integrated APIs to enhance the authentication process, reducing security breaches by 15% while improving the overall user experience.
Advanced Threat Analysis and Incident Response:
Designed and implemented automated threat detection workflows that leveraged Palo Alto and custom tools to analyze and mitigate risks in real-time. Partnered with SOC teams to escalate and address complex security incidents, ensuring rapid and effective response strategies.
TE CONNECTIVITY, NETWORK SECURITY, MARCH 2021 – JUNE 2022
NETWORK SECURITY ENGINEER III
Identity and Access Management (IAM):
Developed and enforced identity and access control standards, improving security protocol adherence by 20% across the organization. Implemented advanced IAM solutions, integrating protocols such as SAML and OAuth to streamline Single Sign-On (SSO) and enforce role-based access control (RBAC) policies.
Compliance and Audit Leadership:
Ensured compliance with internal and regulatory standards, including NIST, SOX, and ISO 27001 frameworks. Successfully led efforts that achieved zero non-compliance findings in annual audits. Automated compliance validation processes to reduce manual efforts and ensure consistent adherence across all infrastructure layers.
Check Point Multi-Domain Firewall Management:
Managed a complex Check Point Multi-Domain Management System (MDMS) supporting thousands of high-availability (HA) firewalls across global data centers, branch offices, and remote locations. Streamlined policy creation, rule optimization, and failover testing using custom Python automation scripts, improving operational efficiency and reducing configuration errors.
Mergers, Acquisitions, and Divestitures (M&A&D):
Played a pivotal role in security assessments and integration planning for mergers, acquisitions, and divestitures. Designed structured playbooks and runbooks to integrate acquired businesses into TE Connectivity’s network environment seamlessly. Reduced security risk exposure by 20% and ensured compliance with organizational policies during the transition process.
Cross-Functional Project Consultation:
Consulted on cross-functional projects to optimize project delivery timelines by 15%. Collaborated across teams to balance workloads efficiently and establish clear priorities, aligning security initiatives with organizational objectives.
Web-Based Application Development:
Designed and developed a web application for a nonprofit organization using WordPress. The application featured a blog, donation system, and event calendar. Utilized custom themes and plugins to ensure functionality, ease of management, and an enhanced user experience.
Quality Assurance and Post-Implementation Validation:
Led quality assurance efforts and compliance validation initiatives, reducing post-implementation security incidents by 10%. Conducted rigorous testing of security policies and infrastructure to identify potential vulnerabilities and implement proactive remediation measures.
Greenfield Network Operations:
Supported greenfield network deployments and operational expansions across multiple sites. Collaborated with network and security teams to ensure compliance with internal and external standards while maintaining robust perimeter defenses.
TE CONNECTIVITY, INFORMATION SECURITY, JAN 2019 – MARCH 2021
INFORMATION SECURITY ENGINEER III
Security Reviews and Risk Assessments:
Conducted comprehensive security reviews and risk assessments across enterprise systems, reducing overall security risk exposure by 25%. Implemented proactive threat analysis techniques to identify and mitigate vulnerabilities before exploitation, safeguarding critical assets and data.
Standardization of Security Measures:
Spearheaded the standardization of security policies and configurations across the organization’s infrastructure. Increased consistency and reliability of security systems by 30%, ensuring uniform application of controls across data centers, remote offices, and cloud environments.
Compliance and Regulatory Adherence:
Enhanced compliance efforts by aligning organizational security practices with regulatory standards such as SOX, NIST, and ISO 27001. Successfully reduced remediation time for regulatory issues by 15% through improved documentation, automation, and streamlined validation processes.
Check Point Firewall Management:
Managed and optimized a Check Point Multi-Domain firewall environment, overseeing high-availability (HA) configurations for thousands of firewalls across global locations. Automated routine tasks such as rule deployment, compliance checks, and log analysis using Python and other scripting tools, increasing operational efficiency and reducing errors.
Identity and Access Control (IAM):
Developed and implemented role-based access control (RBAC) policies and enhanced Single Sign-On (SSO) capabilities using SAML and OAuth protocols. Improved adherence to access control standards across the organization and reduced unauthorized access attempts by 20%.
Security Integration for MA&D:
Led security assessments and integration projects for mergers, acquisitions, and divestitures. Designed playbooks and runbooks to streamline the integration of newly acquired businesses into the organization’s secure network, reducing onboarding times while maintaining compliance.
Cross-Functional Collaboration:
Partnered with IT, network, and development teams to integrate security measures into ongoing projects and new initiatives. Improved project timelines and security consistency by standardizing workflows and clearly defining security requirements at every stage.
Automation and Custom Tooling:
Designed and implemented custom tools to automate repetitive security operations, utilizing Python, Flask, and other frameworks. These tools streamlined configuration management, vulnerability scanning, and compliance reporting, saving significant manual effort.
Quality Assurance and Validation:
Conducted quality assurance and post-implementation reviews for new security deployments. Reduced post-deployment security incidents by 10% by identifying and addressing potential weaknesses during the validation process.
Endpoint Security and Threat Management:
Deployed and managed endpoint security measures across the organization to protect against evolving threats. Ensured consistent endpoint protection across diverse devices and operating systems, enhancing visibility and control across the environment.
TE CONNECTIVITY, IT OPERATIONS, NOV 2011 - JAN 2019
IT OPERATIONS ANALYST III
West Coast Network Management:
Managed on-site network operations for the majority of TE Connectivity’s west coast locations. Led the design, deployment, and maintenance of network infrastructure for remote sites, branch offices, and key facilities. Ensured seamless connectivity and operational continuity across multiple locations through proactive monitoring and rapid issue resolution.
Greenfield Deployments and Expansion Projects:
Spearheaded greenfield network deployments, including LAN/WAN design, server provisioning, and integration of new facilities into the corporate network. Collaborated with cross-functional teams to support the expansion of business operations, achieving on-time delivery for critical network upgrades and installations.
Fostering Talent in DevOps and Networking:
Mentored and developed a regional team of technical support staff, fostering advanced networking and DevOps skills. Implemented training programs to enhance team expertise in automation tools, network diagnostics, and scripting languages. Cultivated a high-performing team capable of handling complex technical challenges and delivering consistent results.
Custom Tool Development for Network Operations:
Designed and deployed custom Python tools to automate network operations and enhance user support. These tools included custom front-end interfaces for network troubleshooting, real-time monitoring, and automated configuration updates, significantly improving operational efficiency and reducing manual workloads.
Vulnerability Management Programs:
Developed and implemented comprehensive vulnerability management programs, reducing organizational security risks by 20%. Conducted regular vulnerability assessments, applied remediation measures, and coordinated with stakeholders to ensure timely resolution of identified issues.
Internal Control Systems:
Established and enforced internal control systems, improving security policy compliance by 10%. Collaborated with information security teams to align operational practices with corporate security standards and regulatory requirements.
Endpoint Security and User Support:
Deployed and managed endpoint security measures across west coast sites to protect against evolving threats. Streamlined user support workflows by integrating automation into helpdesk operations, reducing ticket resolution times and improving end-user satisfaction.
Project Management for IT Initiatives:
Led cross-functional projects involving IT infrastructure upgrades, cloud integrations, and system migrations. Ensured successful delivery of projects by managing timelines, resources, and cross-departmental communication.
Custom Front-End Interfaces:
Designed intuitive front-end applications using Python, Flask, and Bootstrap to simplify network management and user support workflows. Enhanced team productivity by providing easy-to-use tools for routine tasks and advanced diagnostics.
DEUTSCH INDUSTRIAL PRODUCTS - HEMET, CA
HELPDESK ADMINISTRATOR - APRIL 2010 - NOV 2011
RAMKO MANUFACTURING - HEMET, CA
NETWORK ADMINISTRATION - FEB 2009 - APRIL 2010
EDUCATION
BACHELOR OF SCIENCE - JAN 2005 - DEC 2009
SOFTWARE ENGINEERING
Focus Areas:
Specialized in software development and game design, with a strong emphasis on graphics programming, low-level systems development, and real-time rendering.
Low-Level Programming Foundations:
Developed a deep understanding of low-level programming through coursework in assembly language and machine code. Advanced this knowledge by transitioning to strict C++ programming practices, gaining expertise in building performance-critical systems.
Graphics and Game Engine Development:
Designed custom physics engines, middleware, and game engines using DirectX 9 and DirectX 10, which were cutting-edge technologies at the time. Acquired comprehensive knowledge of real-time rendering and game physics simulation, creating performance-optimized systems tailored for gaming applications.
Software Engineering Projects:
Completed extensive projects that included designing modular game mechanics, optimizing rendering pipelines, and implementing advanced AI behaviors in game environments. Gained hands-on experience with integrating physics simulations into interactive applications.
Web and Full-Stack Development:
Expanded expertise to full-stack web development and API integration, leveraging technologies such as JavaScript, Python, Flask, Django, Qt, and Bootstrap. Developed custom tools and user interfaces to enhance functionality and user interaction.
Network Automation and APIs:
Gained extensive experience with Meraki and Palo Alto APIs, automating network tasks and operations using tools such as Python, Ansible, and Terraform. Applied this knowledge in real-world scenarios to streamline processes and improve operational efficiency.
CERTIFICATIONS & COURSES
Palo Alto Networks Certified Network Security Engineer (PCNSE)
The Palo Alto Networks Certified Network Security Engineer (PCNSE) certification is designed for individuals who have in-depth knowledge and skills to design, deploy, configure, maintain, and troubleshoot Palo Alto Networks' security solutions.
Certified Information Systems Security Professional (CISSP) Bootcamp: Domains 1-8
The Certified Information Systems Security Professional (CISSP) Bootcamp covers Security and Risk Management, Asset Security, Security Architecture and Engineering, Communication and Network Security, Identity and Access Management (IAM), Managing user identities and access, Security Assessment and Testing, Security Operations and Software Development Security.
Cisco Certified Network Associate (CCNA) 200-301
The Cisco Certified Network Associate (CCNA) 200-301 certification a basic overview of the following: Network Fundamentals, Network Access, IP Connectivity, IP Services, Security Fundamentals, Automation and Programmability
Zscaler Certified Cloud Professional (ZCCP) - ZTNA
The Zscaler Certified Cloud Professional (ZCCP) - Zero Trust Network Access (ZTNA) certification focuses on Zscaler's Zero Trust Network Access (ZTNA) solutions. It covers essential concepts and practical applications to secure access to applications and services, regardless of user location or device. The training includes modules on Zscaler's architecture, privacy, and best practices for implementing secure, private access solutions.
Check Point Certified Security Expert (CCSE)
The Check Point Certified Security Expert (CCSE) certification is designed for IT professionals with advanced skills in deploying, managing, and troubleshooting Check Point security solutions. It validates expertise in areas such as firewall management, VPNs, and security management, with a focus on protecting enterprise networks from cyber threats.
CONFERENCES
Black Hat 2023 - August 2023
Black Hat 2023 was a major cybersecurity conference held in Las Vegas, featuring expert briefings, open-source tool demos, and networking events focused on the latest threats and defensive strategies in the cybersecurity field.
Palo Alto Ignite - December 2022
Palo Alto Networks Ignite - December 2022 was a cybersecurity event in Las Vegas showcasing next-generation technologies, innovative threat research, and best practices to help organizations secure their digital future.