Alex F

solve et coagula

UX/IA/Research/Strategy/InfoSec

Musician

For a PDF version of this resume, please click here

Award winning UX Designer, Strategist, and Information Architect

Dedicated to creating first-class user experiences through innovation and customer advocacy, ensuring quality and usability in the face of complex demands. I am a creative and detail-focused designer and engineer, an empathetic user advocate, and perceptive researcher with people and product leadership skills and over 27 years of experience in the InfoSec field.

Core Competencies

  • Cloud security (Attack Path Analysis, IAM, Layered Context, risk assessment/methodologies, vulnerability management)

  • Design Thinking, Lean UX, Systems, and Red Team Thinking

  • UX and product strategy definition and development

  • User research, contextual inquiry, and
    research analysis

  • Competitive Analysis

  • Personas

  • Problem discovery and definition

  • Workflow discovery and Human-Centered Design

  • Network security (firewalls, DLP, IDP/IPS, Unified Threat Management, WAF)

  • Wireframes and prototyping

  • Security/technology research (C&C
    infrastructure, evasion techniques, DDoS, etc.)

  • Networking (TCP/IP, OSPF, STP, RIP, QoS,
    VoIP, VoIP proxies)

  • Extensive experience with NetFlow forensic
    analysis

  • Network security (firewalls, DLP, IDP/IPS, Unified Threat Management, WAF)

  • Conveying complex technical information
    clearly and accessibly

  • Intuiting a logical flow of data, design,
    and organization of information

  • Finding innovative solutions to difficult
    problems

  • Deconstructing complex systems into core components and putting them back together in a more intuitive manner

  • Java application security and deserialization

Professional Experience: Executive Summary

Senior UX Designer, Integrated Cloud Security

Rapid7 - November 2021 - Present - Atlanta, GA/Boston, MA

  • Lead research and design efforts for multiple features of the Cloud Security Platform such as
    Attack Path Analysis, Identity and Access Management, and Layered Context.

  • Perform competitive analysis, define the design and sometimes requirements for each feature, collaborate on the design system and data visualizations, and act as security Subject Matter Expert (SME).

Principle UX Strategist/Designer, Product Owner, Product Manager, SCRUM Master, Doc Writer

Waratek, Inc. - January 2019 - October 2021 - Woodstock, GA/Dublin, Ireland

As the principle UX Designer and Strategist::

  • Owned the end-to-end Management Console vision.

  • Worked directly with the CEO, CTO, customers, and partners to develop product, research, and design strategies in order to spearhead the development of a Management Console tailored to the needs of the users.

  • The company’s customer base more than tripled, and MC adoption skyrocketed.

Sr. UX Design Lead/Projects Manager (contract via Cognizant)

Delta Airlines - May 2018-December 2018 - Atlanta, GA

As the principle UX Designer and Strategist::

  • Led the research and design efforts (solo UXer) for multiple applications across carriers including predictive tools for Delta Station Managers and tower Dispatchers.

  • Designed and documented proof-of-concept RBAC (Role-Based Access Controls), giving greater visibility and ease of use in the context of Delta’s security issues (systems and data permissions).

Sr. Designer, User Experience - UX Research, Information Architecture, Security Subject Matter Expert

Cisco Systems/Lancope - 2014-2017 - Alpharetta, GA

  • Team Subject Matter Expert (SME) on security issues and industry standards and practices.

  • Designed and developed user personas that Cisco adopted for use across the entire Security Business Group (SBG).

  • Led the effort toward section 508 and WCAG 2.0 compliance within the entire Cisco Security Business Group.

  • As a UX and IA Principal in discovery and user research, I drove many aspects of Cisco’s Stealthwatch application user experience.

Technical Sales Specialist/Inside Sales Engineer (SE)

IBM - 2008-2014 - Atlanta, GA

  • Led extensive multi-million dollar proposal responses across all of IBM’s security product and service offerings.

  • Scoped and designed end-to-end product and security solutions from network diagrams for large enterprise clients across multiple locations.

  • Team SME (Subject Matter Expert) for third party DLP (Data Loss Prevention), IBM Virtual Server Protection (VSP), IBM GX IPS and IBM Proventia MX UTM appliance as well as VPN offerings.

QA Engineer, 1996-2008

Internet Security Systems (ISS) - 1996-2008 - Atlanta, GA

  • Pioneered the concept of a “stealth mode” for IDS/IPS (Intrusion Protection Systems) that is now the world-wide standard in the industry.

  • Team SME and tester for new product features (including RIP, OSPF and STP routing protocols, QoS, VoIP proxy, the Policy Editor UI, NAT and reverse NAT) and instituted full formal test plans.

 
 

Professional Experience: Detailed

 

November 2021 - Present

Rapid7, Atlanta, GA (remote)

Senior UX Design Lead, Integrated Cloud Security Platform

As a senior UX designer at Rapid7, and the only designer with extensive security knowledge and experience, not only have I led the designs for several areas of the Integrated Cloud Security (ICS) platform, but I also define the feature set and requirements for many of those areas, and collaborate with Product Managers to stage the requirements across releases. I also lead the user research efforts (internal and external) to vet designs and requirements, and perform extensive competitive analysis. These features included Attack Path Analysis and visualization, Layered Context, and Identity and Access Management, and they span across multiple cloud services including Amazon Web Services (AWS), Microsoft Azure, and the Google Cloud Platform (GCP).

  • Given little to no requirements for either the Attack Path Analysis or Layered Context features, I examined the problems that we were working to solve, and utilized my extensive security background to hypothesize a feature set and end-to-end workflows, developed the information architecture, and created UX designs and functionality for the entire feature. I then conducted both contextual inquiries and usability testing to validate or invalidate these hypotheses.

  • New to Identity Access Management in the cloud (though I did have experience designing for Single Sign-On [SSO] integration), I dove into the project and learned not only about IAM, but also how Rapid7 looks at IAM across cloud service providers. I designed a new UI that was much easier to use and followed a far more logical workflow, and developed a remediation recommendation schema for the feature that would fit across a wide variety of situations without requiring custom-tailored responses for each individual misconfiguration.

  • Collaborate across teams to ensure that all designs are consistent with current UI experiences across other products developed by Rapid7, and with in-house graphic designers to ensure a consistent style, defining new styles and UI experiences where necessary.

  • Promoted a set of visualization guidelines for other UX designers and PMs to abide by in order to ensure that visualizations were of the right data, and were presented in a meaningful and useful way to the target persona.

  • Developed and promoted a set of security severity categories, designs, color schemes, and UI/UX guidelines to ensure both a consistent experience across all Rapid7 platforms and teams, and a noise-free, clean user environment where users see only what they need to see.

Jan 2019 - Present

Waratek, Inc., Woodstock, Ga/Dublin, Ireland

Principle UX Strategist/Designer, Product Owner, Product Manager, SCRUM Master, Doc Writer

Reporting directly to the CEO and CTO, I owned the complete, end-to-end Management Console (MC) vision. I led the design and development of the Waratek MC into an MC whose workflows were tailored to the needs of the users and specific Personas, while vastly expanding scalability and ease of use. The impact of our work in this area was a reduction of console noise by 100%. During that time the company’s customer base more than tripled.

As the principle UX Designer and Strategist:

  • Collaborated directly with the CEO, CTO, and VP of Marketing to develop product, research, and design strategies and goals in order to move the MC into a competitive position in the marketplace.

  • Collaborated with customers, client services, and business partners to understand their challenges and goals in protecting and managing their applications, how they used the MC in their environment, and how the MC could help or hinder them in achieving their goals.

  • Based on user-centered / human-centered design, customer and market feedback and trends, as well as team and personal subject matter expertise, I created models of the current product workflows and reformed them into logical flows that fit clients’ needs. We increased scalability and simplicity at that time as well.

As the Product Manager:

  • Met with clients, from very small shops to Fortune 50 companies, to better understand their problems, and collaborated with internal stakeholders,
    development teams, and SMEs in order to develop realistic product roadmaps and organizational strategies around solving these problems.

  • Prioritized and led estimates for solutions to be developed, collaborating across teams with cross-functional stakeholders and development teams. Followed through with customers during and after development and “followed the code” at a high level, led product demos, and worked with the teams to pivot if sudden changes were required or priorities changed.

  • Developed and led, in a business development capacity, the relationships and integrations between Waratek and third-party partners such as
    Tenable.io and PingID.

As the Product Owner:

  • Working with customers, partners, and other stakeholders, I acted as the voice of the user for the development team and ensured that they remained
    customer-focused. I coached the developers in understanding how the different real-life customer user personas interacted with the product, their differing needs, and in understanding the core problems that the user is attempting to solve with our software. The impact of this was the development of a UI that users more intrinsically understood and more closely met their needs.

 

May 2018 - Dec 2018

Delta Airlines (via Cognizant Technologies)

Sr. UX Design Lead/Projects Manager (contract)

The project at Delta encompassed a number of functional areas for the dispatchers in the towers. As the UX project lead for the fueling, deicing, delays, and
cancellations projects, I cross-collaborated with a number of other teams in order to ensure both alignment on the stakeholders’ needs, and a consistency of
design while meeting the requirements of the dispatchers.

  • Led the research and design efforts (solo UXer) for multiple applications across carriers including fuel tankering tools (to calculate fuel savings) and flight
    database searches. The results allow dispatchers to view flights across multiple factors in order to calculate the most effective location to refuel, resulting in significant cost reductions. The ability to see these automated calculations for all their flights is a first for the carriers.

  • Led the research and design efforts (solo UXer) across multiple predictive tools for Airport (Station) Managers to aid in decision support. These include deicing, cancellation, flight delay and gate capacity tools. My designs allow Managers, at a quick glance, to instantly determine the delay margin of diminishing returns in order to optimize and minimize deicing wait times, visualize predictive gate capacity problems, and manage standard flight delay and cancellation issues, remaining within FAA regulations. They allow the Managers to see problems before they occur, and to be presented with solutions.

  • Based on my extensive security industry experience, I created a document for the stakeholders regarding Role-Based Access Controls within a single application. The document gave the stakeholders - novices just learning what RBAC means - a thorough understanding of RBAC levels (RBAC, RBAC1, etc.), hierarchies and inheritance models, Separation of Duties, ANSI standards, and security considerations, all in the context of the issues being faced within this area at Delta.

  • Created full-featured POC RBAC administration prototypes for an RBAC0 base configuration that gave greater visibility, flexibility, ease of use/administration, and a crystal-clear understanding of the Users, Roles, and Permissions/Rules relationships than systems currently in place. This will allow for even novice users to administer the system.

 

cisco Systems/Lancope, Alpharetta, Ga

2014-2017

Sr. Designer, User Experience
User Experience Design, Research, Information Architecture, Security Subject Matter Expert

Primary accomplishments:

  • As team Subject Matter Expert (SME) on security issues and industry standards and practices, I significantly influenced the teams’ designs, enhancing
    workflows across the product to support customers’ needs to a far greater degree than the existing workflows.

  • Dissected the policy system and developed, based on user research and problem definition, multiple approaches including a future-looking solution that
    greatly simplified policy management while making it more powerful, resulting in extremely enthusiastic user feedback.

  • Designed and developed user personas that Cisco adopted for use across the entire Security Business Group (SBG).

  • Received numerous awards for work within Cisco including for policy UI design, persona design, and work across the entire Security Business Group.

Other accomplishments and responsibilities include:

  • Led User Experience teams through the entire Design Thinking life cycle from discovery/empathy, to strategy development, user research, problem definition, prototype iterations, and through to release.

  • As the UX Principal in discovery and user research, designed the user experience for the Cisco Stealthwatch application.

  • Led the effort toward section 508 and WCAG 2.0 compliance within the entire Cisco Security Business Group.

  • Defined UX guidelines and brand standards for every product within the Cisco Security Business Group across areas such as jobs management, and acted as a principle designer for policy UI components.

  • Performed research analysis, proposed prioritized solutions, and presented the findings and results to product stakeholders.

  • Standardized the interactions and branding for multiple applications by creating a style guide.

 

2008-2014

IBM, Atlanta, Ga.

Technical Sales Specialist/Inside Sales Engineer (SE)
Primary accomplishments:

  • Led extensive multi-million dollar proposals (RFP responses) across all of IBM’s security product and service offerings.

  • Scoped end-to-end product and security solutions from clients’ network diagrams or descriptions and designed technical solutions from small business
    clients to large enterprise clients across multiple locations.

  • Managed the Identity and Access Manager sizings and developed a new document model, educated sellers and customers on sizing results, and
    developed and continually maintained extensive documentation on all processes involved in creating sizings, where none existed previously.

Other responsibilities include:

  • Worked directly with clients to design enterprise network security solutions for their environments, and performed live demonstrations of proposed
    solutions.

  • Aided Sales as a technical resource for product or security questions, including participation on client calls.

  • Team SME for third-party DLP (Data Loss Prevention) products including: Digital Guardian DLP software and Fidelis DLP appliances; IBM Virtual Server Protection (VSP); IBM Proventia MX UTM appliance and VPN offerings; and Proventia XGS series of IPS appliances.

  • Created white papers on topics generally misunderstood, including the proper use and scenarios for fail-over bypass units in a High-Availability (HA)
    environment, as well as documents describing how to match a fail-over bypass unit and network adapters with the correct appliance.

 

1998-2008

IBM/Internet Security Systems, Atlanta, Ga

QA Engineer

  • Pioneered the concept of a “stealth mode” for IDS/IPS (Intrusion Protection Systems) that is now the world-wide standard in the industry.

  • As team SME, I tested new product features including RIP, OSPF and STP routing protocols, QoS, VoIP proxy, the Policy Editor UI, NAT, and reverse NAT.

  • Instituted full formal test plans across entire products and other related documents based upon PRDs, Engineering Responses, and other sources, and
    created and managed test cases. I became fully engaged with the technical documentation and development teams, resulting in my areas being the most
    thoroughly tested, well-documented areas of the product.

  • Created public Knowledge Base entries on technical topics (e.g. Color-coding methodologies for QoS; OSPF and STP configuration) reducing technical support calls for these areas to near zero.

  • Maintained QA test lab involving various routing protocols, proxies, and the MX and GX security appliances. Created tools and developed procedures under which the test lab could quickly and automatically be reconfigured in order to test the various routing protocols and proxy requirements, simulating both internal and external networks.

  • Worked with and trained the QA team in India, assisting them in creating test environments and case development for QoS and OSPF as well as VoIP Proxies.

  • Proventia MX team liaison to the UX team.

 

1996-1998

Internet Security Systems, Atlanta, Ga

Webmaster, Technical Support, Trainer

  • Created the initial website for Internet Security Systems.

  • Supported products and thousands of customers across a wide variety of Windows and *NIX platforms as the first full-time technical support engineer at ISS.

  • Trained corporate customers on the use of our products and created and administered the initial ISS Product Certification exams.

 

Other Professional Experience

Fall 2017

Georgia Tech, Atlanta, Ga

Guest Lecturer, UX Research and Persona Develomment
Recent Georgia Tech guest lecturer for the graduate-level User Research class, teaching how personas are effectively researched and created, as well as their purpose and practical real-world, vision-focusing applications.

 

2014-2017

Validentity, Atlanta, Ga

Co-Founder, VP Product and Strategy
A startup in the identity space providing unique, traceable, identity solutions for service providers while safeguarding anonymity among user communities. Currently on hiatus.

 

2004 - Present

The Lighthouse Program, Fayetteville, Ga

Board Member
A private, non-profit school (5-12) and non-traditional learning center specializing in children with learning disabilities.

 

Education

Georgia State University, Atlanta, Georgia
Post-Baccalaureate studies in Music Industry

Emory University (Goizueta Business School), Atlanta, Georgia
B.B.A. Business

Musicians Institute, Hollywood, Ca
1 Year Professional Program

Oxford College of Emory University, Oxford, Georgia
Associate of Arts

 

Additional Technical Skills

Specialties: Security services (Managed/MSS and Professional/PSS); User Experience and Product Strategy; Information Architecture; Lean methodologies (Dual Track Agile); IoT Architectures and Protocols; Edge, Fog, and Mist computing; complex routing environment configuration; Security product configuration (Network and Host-based IPS and UTM appliances and software, security forensic software, and VMWare Virtual Server Protection)

Tools: Figma; Miro; Wireshark; Adobe Creative Suite (Photoshop, XD); Axure RP Pro; Omnigraffle; Sketch; Balsamiq; InVision; print publishing prep; Office;
Jira/Confluence; Slack

Interests: Artificial Intelligence (AI); anything 3D, ever since I was a kid: eXtended Reality (XR), Augmented Reality (AR), Virtual Reality (VR), Mixed Reality (MR); automotive UIs. I have been a musician for over 30 years, released CDs, and have an interest in learning composition for film. I am an insatiable learner and polymath and maintain yearly subscriptions to LinkedIn Learning, Udemy, Interactive Design Foundation, Wondrium, Curiosity Stream, TrueFire, and JamPlay.