ABOUT ME

Hi, I'm David Cox, Chief Enterprise Architect at Sterling Bank & Trust, I am an Azure Certified Administrator with decades of experience modernizing legacy IT stacks, connecting datacenters to the cloud, and empowering enterprises to leverage the cloud allowing them to continue to innovate and grow.

I was 17 when my career in IT began, and then in 2009 I left a network engineering position at IBM to start a managed services company and web hosting company, in 2012 I built LiquidVPN, a consumer VPN service focused on Internet freedom and privacy. I served as the chief architect and co-founder of both companies until they were purchased by a private equity firm, as a condition of the sale I stayed on as the lead Enterprise Architect overseeing the merger of the companies and the transition to their new ownership. In 2020 I joined Sterling Bank & Trust as their Senior Network Engineer and in 2021 was promoted to Chief Enterprise Architect.

Work History

Sterling Bank & Trust

Chief Enterprise Architect December 2021 - Present

  • Led the modernization of enterprise infrastructure by driving the adoption of SDWAN, Enterprise PKI, modern authentication with Entra ID, and industry standard frameworks and best practices for cloud architecture, data and asset governance, ITIL, and endpoint management.
  • Designed a dual region active/active Azure Virtual Desktop solution utilizing Azure's well architectured framework that provided endusers with access to over a dozen remote apps, and full virtualized desktop as a replacement for an aging Citrix VDI solution, greatly increasing user productivity and overall availability from 99.9% to 99.998% while reducing operational costs by over 30%.
  • Connected corporate HQ, DR, and branch offices to multiple Azure regions using ExpressRoute circuits and failover IPSEC VPN Site 2 Site connections. Utilized Azure vWAN to create a resilient mesh network topology that maintained 99.9999% uptime using IBGP, route maps, and BFD.
  • Designed the bank’s private multi-region Azure Cloud tenant adhering to the five pillars of Azure’s Well-Architected Framework and Azure’s Cloud Adoption Framework to segment the tenant into landing zones that enforce policies and apply guardrails.
  • Developed comprehensive set of baseline policies, procedures and alerts using Entra conditional access, RABC, Active Directory group policies, Intune compliance, app protection and device configuration policies, M365 Defender and Pureview data protection policies and global email and data classification policies transforming the bank's security and compliance posture, greatly improving the bank's FFIEC's rating from a 5 to a 2 in under 3 years.

    • SMR Hosting LLC

    Lead Network Engineer & Co-Founder December 2009 - August 2019

  • Designed and managed companies infrastructure onsite at the datacenter. Network consisted of FortiGate firewall, Adtran routers, and switches, and Barracuda proxy and web security gateway
  • Designed, deployed, and managed complex IT infrastructures, including cloud services integration and virtualization.
  • Led DevOps initiatives, fostering agile development and continuous integration practices
  • Provided expert solutions for network architecture, enhancing clients' IT performance and security.
  • Managed a team of developers and engineers, ensuring high performance and client satisfaction.
  • Implemented disaster recovery solutions, ensuring business continuity for clients.

    • LiquidVPN

    Director of Information Technology February 2017 - January 2020

  • Directed IT operations, including infrastructure management, network security, and cloud services.
  • Automated infrastructure deployment, resulting in cost savings and operational efficiency.
  • Enhanced user experience and increased sales through strategic website redesign and functionality improvements.
  • Analyzed market trends and competitor offerings, continuously improving service delivery.
  • Developed and managed business partnerships, driving growth and market presence.
  • Implemented comprehensive risk management strategies, ensuring compliance with federal and state regulations.

    • LiquidVPN

    Lead Engineer & Founder January 2012 - February 2017

  • Established and operated a SaaS VPN service with a global customer base, achieving significant market penetration.
  • Managed a multi-cloud infrastructure, ensuring reliable and secure VPN endpoints.
  • Promoted a privacy-first mission, enhancing brand reputation and customer trust.
  • Negotiated the sale of the company, continuing as Director of IT to oversee merger and acquisition.

    • IBM Global Services

    Network Engineer July 2005 - May 2010

  • Designed and implemented robust backup systems and data retention policies.
  • Provided top-level support for Citrix Metaframe XP and Active Directory domains.
  • Advocated for and implemented virtual machines, significantly improving infrastructure efficiency.
  • Collaborated with development teams to troubleshoot and implement web-driven solutions for major clients.

    • Education

    Microsoft Certified Azure Administrator Associate

    October 2024

    Azure AI Fundamentals

    September 2024

    Azure Fundamentals

    September 2023

    Bachelor of Science: Information Technology

    Eastern Michigan University, June 2001