Author Image

Hi, I'm John Tai

John Tai

Security Operations Center (SOC) Manager at 607th Air Communications Squadron

Passionate Systems and Network Engineer with over 10 years of experience managing and implementing enterprise IT operations. Dedicated to problem-solving, innovating, and well-versed in root cause analysis to deal with complicated issues. Multi-tasking, systematic testing, and seamless implementation of modifications across the global Department of Defense network have been demonstrated.

Certified Information Systems Security Professional (CISSP)
Cisco Certified Networking Professional (CCNP) - Enterprise
Microsoft Certified Systems Engineer (MCSE) - Core Infrastructure
Microsoft Certified: Azure Solutions Architect Expert
EC-Council Certified Ethical Hacker (CEH)
CompTIA Security+ ce Certification

Skills

IT Management
IT Management

Proven leadership and project management overseeing IT operations and technical teams. Effective communication skills used to collaborate across organizational levels, delivering training, performance evaluations, and task prioritization. Expert in risk management and meticulous attention to detail in high-stakes environments.

Advanced Networking
Advanced Networking

Expert in complex network solutions, mastering routing, switching, and advanced firewall setups. Versatile in managing wireless infrastructures and optimizing protocols like IPsec, VPNs, MPLS, and SDN for peak performance and security. Proficient in dynamic routing with BGP/OSPF, and ensuring robust network services via DHCP and DNS.

Cloud and Server Infrastructure
Cloud and Server Infrastructure

Strong background in server administration and cloud services, including Azure Management, Active Directory, and Group Policy. Versatile in server scripting with PowerShell, Linux systems, and implementing backup/disaster recovery strategies.

Information Security
Information Security

Adept in designing comprehensive security frameworks and policies to protect data. Skilled in risk management, enforcing compliance with standards like DISA STIGs, and conducting detailed vulnerability analyses to maintain system integrity.

Cybersecurity Operations
Cybersecurity Operations

Experienced in running a SOC, proficient in real-time threat detection and response with tools such as Elastic Stack and Palo Alto Firewalls. Proven ability in managing incident response and maintaining security compliance under operational pressures.

Project Management
Project Management

Adept at strategizing IT budgets, developing multi-year technology acquisition plans, and serving as a technical liaison for IT projects and security implementations. Oversaw significant IT projects, including network upgrades, server installations, and migration of programs to new platforms.

Experiences

1
607th Air Communications Squadron, United States Air Force

Feb 2022 - Present, Osan Air Base, South Korea

The 607th Air Communications Squadron’s mission is to deliver reliable secure communications and cyberspace capabilities to the Air Operations Center, enabling air, space, and cyberspace operations in support of the Republic of Korea.

Security Operations Center (SOC) Manager

Apr 2023 - Present

  • Provided real-time decision-making during ongoing information security incidents, protecting corporate assets while analyzing incident request trends and patterns to enhance processes and services.
  • Oversaw all positions within the Security Operations Center, directing daily tasks and projects. Collaborated in selecting and deploying technology, devices, and software for network and information security infrastructure, ensuring compliance with information security requirements.
  • Developed and delivered reports on metrics illustrating the management of network and information security infrastructure concerning information security.
Information Systems Manager

Feb 2022 - Apr 2023

  • Responsible for collaborating with all levels of the organization to manage the Information Systems and technical team at the Air Operations Center with emphasis on maintaining systems that support the business operations of the $56M Falconer weapon system on a 24/7 basis.
  • Supervise the activities of 24 employees, ensuring appropriate skill levels are maintained in accordance with organization policies and providing mentoring, training, performance evaluations, and project and task prioritization.
  • Initiates Tier 1 technical solutions on US and Coalition unclassified and classified networks; manages system installs & upgrades supporting 3,000 operators.
American Forces Network Pacific, Defense Media Activity

Feb 2019 - Feb 2022, Yokota Air Base, Japan

The American Forces Network (AFN) is a field activity aligned under the Defense Media Activity (DMA). AFN’s primary mission is to provide command information from all Department of Defense levels to the authorized audience stationed outside of the United States, its territories or possessions. AFN uses U.S. news, information, and entertainment programming as a vehicle to deliver command information directly to the audience, which enhances their morale, situational awareness, readiness and well-being.

Project Manager, Technical Services

Apr 2021 - Feb 2022

  • Managed strategic planning and project execution for broadcast network projects valued at $24.4 million, delivering command information to 13 remote locations for a Department of Defense audience.
  • Oversaw logistics, fulfilled requirements for Higher Headquarters and local bases, and maintained broadcast operation capabilities for a force of 400,000 personnel.
  • Acted as the primary technical point of contact for the Pacific region, facilitating collaboration with the Defense Media Activity headquarters and Defense Information Systems Agency on cyber projects, network maintenance, and security for 33 servers.
Network Lead/Information Systems Security Officer (ISSO)

Feb 2019 - Mar 2021

  • Led the customer service team for 235 clients across 11 locations, supporting the United States Indo-Pacific Command’s public affairs initiatives.
  • Maintained, updated, and managed a specialized Department of Defense network with 564 cyber assets, ensuring continuous communication for command and control with headquarters.
  • Implemented information security policies from the Defense Information Systems Agency and the Defense Media Activity, conducted security assessments, and directed countermeasures for 315 user accounts.
  • Managed regional information technology service requests, providing technical solutions, system installations, and repairs in a joint military environment.
  • Employed enterprise management tools such as McAfee’s Security Information and Event Management system and Microsoft’s System Center Configuration Manager to apply software standards across the network.
  • Guided the design and implementation of network security protocols, including Virtual Private Networks, firewalls, Intrusion Defense Systems, and Intrusion Prevention Systems, contributing significantly to the development of new teleworking policies.
2
3
Systems Engineer/Instructor, Tactical Network Operations
1st Combat Communications Squadron, United States Air Force

Jan 2017 - Jan 2019, Ramstein Air Base, Germany

The 1st Combat Communications Squadron’s mission is to rapidly provide deployable communications and air traffic control services throughout Europe, Africa, and the Middle East. The unit also supports training exercises, deployments, contingencies, and special military projects for the United Nations, Joint Chiefs of Staff, North Atlantic Treaty Organization, United States European Command, and the Department of State as directed by United States Air Forces in Europe.

Responsibilities:
  • Managed maintenance inspections & production readiness for 20 tactical mobile datacenters valued at $18M.
  • Provided combat communications in support of contingency operations and coalition exercises throughout Europe, Asia & Africa.
  • Trained personnel on Network and Server administration, preparing personnel for mobilizing data centers to remote locations.
  • Track security vulnerabilities and update software while ensuring the efficacy and compatibility of the software/hardware and our network.
  • Directed fix actions of complex telecommunications systems by interpreting technical data and schematic drawings using the troubleshooting methodology.
Helpdesk Specialist II/DoD Security Manager
694th Intelligence Support Squadron, United States Air Force

Nov 2015 - Dec 2016, Osan Air Base, South Korea

The 694th Intel Support Squadron’s mission is responsible for operating, maintaining, and sustaining the AN/GSQ-272 Sentinel Weapon System at Distributed Ground Station-3. Conducts cyber and logistics activities to enable collection, processing, exploitation and dissemination of tactical, theater, and national intelligence from ground-based and airborne platforms, enabling coalition ISR operations in direct support of the Republic of Korea.

Responsibilities:
  • Monitored and organized maintenance on 900 assets for $500M weapon systems; facilitated airborne Intelligence, Surveillance, and Reconnaissance (ISR) Processing, Exploitation, and Dissemination mission for intel community use.
  • Provided technical support to four organizations with 650 network users; mediated client end software/hardware problem resolution/repair tickets and provided recommendations to management.
  • Coordinated a $35 million intelligence mission center move; relocating 385 systems and six networks in less than six days, integrating the site with the Distributed Ground System warfighting enterprise network.
  • Led an HVAC outage and coordinated a server room shut down to protect $50M worth of IT assets; preserved nine networks and intelligence operations for three organizations.
4
5
Helpdesk/Desktop Technician II
423rd Communications Squadron, United States Air Force

Oct 2013 - Nov 2015, Royal Air Force Alconbury, England

The 423rd Communications Squadron provides premier communications support and global connectivity to the U.S. European Command Joint Intelligence Operations Analytics Center Europe, NATO Intelligence Fusion Center, U.S. Africa Command J-2 Intelligence Detachment, Joint Warfare Center and the RAF Alconbury, RAF Molesworth and Stavanger Air Base communities.

Responsibilities:
  • Oversaw and meticulously documented the upkeep of seven production workcenters and fourteen communication systems, ensuring optimal operational efficiency.
  • Skilled in troubleshooting and repairing issues across various technologies including telephones, mobile devices, computers, network systems, and radios; maintained thorough records of all outages and resolutions.
  • Vigilantly monitored the security status of a network valued at $9.5 million, managing security updates and overseeing planned service interruptions to maintain system integrity.
  • Served as the primary point of contact for customer support, efficiently managing IT needs for over 2,100 users and 1,200 pieces of information technology equipment across 60 buildings at two separate remote locations.

Education

Western Governors University
2021-2022 (Graduated)
Masters of Science in Cybersecurity and Information Assurance
Taken Courses
  • Secure Network Design
  • Cybersecurity Architecture and Engineering
  • Forensics and Network Intrusion
  • Ethical Hacking
  • Information Security and Assurance
  • Cybersecurity Management I - Strategic
  • Cybersecurity Management II - Tactical
  • Secure Software Design
  • Cybersecurity Graduate Capstone
Western Governors University
2017-2021 (Graduated)
Bachelors of Science in Network Operations and Security
Taken Courses
  • Managing Cloud Security
  • Introduction to Cryptography
  • Data Management - Foundations
  • Scripting and Programming - Foundations
  • Information Systems Security
  • Web Development Foundations
  • Linux Foundations
  • Interconnecting Network Devices
  • Emerging Technologies
  • Techncical Communication
  • Data Management - Foundations
  • IT Capstone Written Project
Extracurricular Activities
  • Order of the Sword & Shield National Honor Society
  • The National Society of Leadership and Success
Community College of the Air Force
2019-2020 (Graduated)
Associate in Applied Science Information Systems Technology
Taken Courses
  • Computer System Familiarization
  • Cyber Surety
  • Electronic Communication Theory
  • Telephone Fundamentals
  • Cable Construction and Installation
  • Principles of Computer Systems
  • Computer System Familiarization
  • Advanced Computer Networking
  • Leadership and Management I
  • Managerial Communications I
  • Military Studies I
  • Specialized Mobile Security Functions

Projects

PAN-OS Automation Scripts
PAN-OS Automation Scripts
Hobbyist December 2021 - Present

The Palo Alto Networks operating system (PAN-OS) includes a scripting language that allows administrators to automate tasks and customize the OS to their specific needs. Scripts can be run from the command line or from within the Panorama management console. This is a repository of scripts made using the PAN-OS-Python Framework.

hobby professional python automation
Star

Recent Posts

Card image cap
☁️ AZ-900: Microsoft Azure Fundamentals

The AZ-900 exam is the only one you need to pass to get the Azure Fundamentals certification. It is designed for people just starting in the Azure ecosystem. This exam is for people who want to show that they know the basics of cloud services and how Microsoft Azure provides those services. The exam is for people with non-technical backgrounds who sell or buy cloud-based solutions and services or have some other connection to them.

May 10, 2022 Read
Card image cap
🧱 Palo Alto Networks Python Automation – Coding The Future

DISCLAIMER! NOT AN EXPERT! Python is a widely-used programming language known for its ease of use and readability. It is also known for its robust library of modules that make it a powerful tool for automation. This blog post will explore how to automate Palo Alto Networks Next-Generation Firewalls using Python. I will start with an introduction to Palo Alto Networks. I will then briefly overview the Python scripting language and its benefits.

February 26, 2022 Read
Card image cap
🤺 Defeating Anti-forensics Techniques

Anti-forensics refers to various techniques by cybercriminals to destroy or conceal traces of illegal activities and obstruct forensic investigation processes. After compromising a system, attackers frequently attempt to destroy or conceal all traces of their activities, making forensic investigation extremely difficult for investigators. Anti-forensics must be overcome/defeated by forensic investigators so that an analysis yields concrete and accurate evidence that can be used to identify and prosecute the perpetrators. 5.1 Understand Anti-Forensics Techniques What is Anti Forensics?

February 6, 2022 Read
VMware vSphere: Install, Configure, Manage V6.7
VMware Learning July 2018

Five-day course that features intensive hands-on training that focuses on installing, configuring, and managing VMware vSphere 6.7, which includes VMware ESXi and VMware vCenter. This course trains students to administer any sized vSphere infrastructure for an organization.

  • Manage vCenter Server inventory and vCenter Server configuration
  • Manage, monitor, back up, and protect vCenter Server Appliance
  • Creating a content library and deploying virtual machines from templates in the library
  • Creating and managing a vSphere cluster that is enabled with HA and DRS
  • Using VMware vSphere Update Manager to apply patches and perform upgrades to ESXi hosts and virtual machines

View Certificate
Palo Alto Firewall Essentials 10.0
Palo Alto Networks May 2021

The Firewall 10.0 Essentials: Configuration and Management course combines instructor-led training and interactive hands-on labs to build a working knowledge of how to configure and manage Palo Alto Networks Next-Generation firewalls.

  • Configure and manage the essential features of Palo Alto Networks Next-Generation Firewalls.
  • Configure and manage Security and NAT policies to enable approved traffic to and from zones.
  • Configure and manage Threat Prevention strategies to block traffic from known and unknown IP addresses, domains and URLs.
  • Monitor network traffic using the interactive web interface and firewall reports.

View Certificate
C2C Enhanced Forescout Certified Administrator Training
Forescout July 2021

Forescout Certified Administrator training is a four-day course featuring instruction as well as hands-on labs in a simulated IT environment. Students learn how to establish security policies using all of our available tools. Students will classify and control assets in a network environment and observe how the Forescout platform monitors and protects an enterprise network.

View Certificate