Thomas Vachon


A highly experienced technologist with extensive experience in multiple technological systems including public and private cloud, networking, and servers, as well as, budgeting, forecasting and team management

Career History

Microsoft - Cloud Solutions Architect - January 2019 - Present

The Customer Success Unit in Microsoft’s Intelligent Cloud is focused on helping our most important customers move to and leverage Azure in the best ways possible.

Harvard University - Enterprise Architecture - April 2015 - January 2019

The Enterprise Architecture team, part of Harvard University Information Technology, is leading the technological change across multiple disciplines helping Harvard move forward in the technological era while simplifying unneeded complexity.

Principal Cloud Architect
  • Responsible for setting technical direction and providing mentorship within HUIT for cloud architectural patterns and standards, in both management and individual contributor capacities
  • Provide subject matter expertise through the establishment a center of excellence and overall technical evangelism through outreach including large format presentations
  • Design end state services which are self-sustaining and scalable aligning with business needs and cloud best practices
  • Active member of the office of the CTO, working to reduce IT complexity and redundancy though the Enterprise Technology Architecture Board
  • Planned, designed, and implemented a project to provide network security stack providing visibility, redundancy, and consistency for all applications hosted in the cloud

SessionM, Inc - June 2011 - April 2015

A multi-platform engagement and loyalty company which provides marketing automation and near real time updates of activity for companies to leverage and reward their most important consumers

Head of Technical Operations
  • Responsible for all technical operations, managing a team of three
  • Planned, designed, and migrated to leverage a hybrid-cloud model with one public cloud and one private cloud data center using technologically and geographically diverse platforms achieving under 100ms response in target markets over mobile networks
  • Designed and implemented a self-hosted Openstack environment comprised of iSCSI SANs; Dell switching; Cisco switching, routing and firewalling; and Fortinet firewalling
  • Responsible for maintaining and forecasting budgets for all technological CapEx and OpEx cost centers

KAYAK Software Corporation - February 2010 - June 2011

An online travel meta-search engine serving thousands of searches per minute aggregating multiple independent travel results into one singular interface for our users to choose the best price

Operations Engineer
  • Principal engineer responsible for a PCI-DSS Level 1 Credit Card System to handle millions of credit card numbers daily from inception through the QSA audit process and certification
  • Designed and implemented internal IT ticketing, monitoring, and a complete redesign of authentication systems to support single sign on
  • Installed, configured, and tuned production systems from operating systems though the applications
  • Worked with numerous vendors to support the production system through monitoring and optimization appliances
  • Re-architected DNS infrastructure to remove single points of failure while quadrupling internal and external capacity
  • Responsible for all corporate IT security including the production network/systems (AV, HIDS, NIDS, FIM) and the PCI Cardholder Environments, in addition to the internal network/systems (McAfee ePO, 802.1x authentication, Cisco and Juniper Firewalls)

GameLogic, Inc - September 2008 - February 2010

An interactive marketing company, which utilizes the Internet for new player acquisition and player retention among casino and state lottery loyalty programs by offering structure rewards via online games

Operations Engineer
  • Designed and implemented a cloud computing platform based on Amazon EC2 for new player acquisition, industry news, and ad banner serving for all company products and platforms
  • Administered the corporate infrastructure consisting of 5 email servers running qmail, a Barracuda Networks Spam Firewall, dual NIS servers, 6 DNS servers running DJBDNS, 2 VMware vSphere 4 servers, a NexentaStor SAN, and 10 to 15 miscellaneous servers

Zvue Corporation - February 2008 - September 2008

An online media company that ran eight large websites including two in the Alexa top 2000 rankings. The company focused on delivery of multimedia content including video, audio, and flash to end users.

Systems Administrator
  • Planned and executed a major data center consolidation into two facilities including the live migration of 7 websites with minimal downtime
  • Administered 60 web servers (Apache/Lighttpd), 15 MySQL servers with replication, and various development servers

Xerox Corporation- May 2006 - February 2008

Worked with the Developing Markets Group to run an online marketing website to allow from bottom of the chain resellers up to country-wide distributors as well as internal Xerox employees

Junior PartnerNet Administrator
  • Worked with vendor to ensure the successful implantation of a SCORM online learning tool
  • Managed the development, testing, and implementation of email marketing tool based upon J2EE and integrated into the Oracle Portal system
  • Implemented and managed a division-wide collaboration website

INNgenuity Software LLC - January 2006 - December 2012

Managing Partner in software and web development company

Chief Information Officer
  • Managed the development of several websites with internal employees and outside contractors
  • Managed two employees performing web development
  • Worked with CEO and COO to write production requirements to deliver to software team for core property management system business


Proficient In:

  • Public cloud architectures, specializing in Amazon Web Services and Openstack
  • Multi-vendor network design and operation including switching, routing, and firewalling
  • Support and administration of Windows, OS X, Debian/Ubuntu, and RedHat derivatives
  • RDBMS and NoSQL database administration including Cassandra and MySQL
  • Scripting in Perl, Python, Ruby and shell
  • Agnostic cloud management toolchains such as Terraform and Fog
  • Puppet, Ansible, and SaltStack configuration management utilities
  • Application, network, and systems troubleshooting and performance tuning
  • Fundamental network and authentication services including Apache Server, LDAP, Nginx, and Tomcat
  • Implementation of and attestation to the Payment Card Industry – Data Security Standards
  • Systems security design and implementation
  • Security compliance auditing tools including Nessus, Nikto, and Qualys

Working Knowledge In:

  • VMWare and vCenter
  • MS-SQL, Oracle, PostgreSQL Administration
  • PHP, ASP, and other assorted Web programming languages
  • Sarbanes Oxley Act
  • Physical Datacenter Management

Affiliations, Certifications, and Presentations

  • Presenter - Cloud INsecurity Summit - SANS - June 2018
  • AWS Solutions Architect, Associate - 2018
  • Presenter – Network Security Architecture for the Cloud (SAC326) – AWS re:Invent – November 2016
  • Presenter – Research Computing, Security in the Cloud - Common Solutions Group – September 2016
  • Head Judge – Northeast Collegiate Cyber Defense Competition - 2009-2011
  • EC-Council Certified Network Security Administrator - 2012 (expired)


Rochester Institute of Technology - Rochester, NY

  • B.S. - Applied Networking and System Administration
  • Minor in Criminal Justice
  • Concentrations in Information Assurance and Systems Administration