Systems Engineer who specializes in deploying and securing both physical and virtual environments. Experience includes hardware and software virtualization (integrating VMware), building Forests/Domains, managing Active Directory, applying specific security settings (STIG) to all server/client devices, and providing detailed documentation (per Customer requirements) to the Customer regarding the environment. In addition, provide training and technical documentation for guidance. For personal training, perform testing, evaluation, and scenario situations within home lab.
Active Directory: Domain creation, Group Policy Management (GPMC), Configure supporting services (DNS, DHCP, IPAM, Global Catalog Servers), Control access by delegating authority, Recover Deleted Active Directory objects with Powershell / LDP.exe.
System Security and Analysis: Create templates with sceregvl.inf and Security Editor, STIG applications for server and client systems (Microsoft Operating Systems), Retina, STIG Viewer, Gold Disk, Administer McAfee HBSS, Patch Management, Antivirus Management.
Virtualization: Implement VMware vSphere (4.x, 5.x, 6.x), Build ESXi Host Servers, Build vCenter Server, Convert physical servers to virtual servers with vCenter Converter, Build virtual servers (Domain Controllers, Member Servers), Create Resource Pools, Configure resource allocation settings to ensure that virtual machines operate efficiently.
Evaluation: Within virtual testing environment, perform systems modeling, simulation, and software evaluation to provide appropriate software solutions.
Documentation: Develop and maintain technical documentation related to building domains, building servers, configuring and applying STIG settings, software installation, software administration, and software maintenance. certifications
Confidential, Crystal City, VA
Server Engineer | Systems Engineer
- Design major computer systems and coordinate work on subsystems.
- Oversee the integration of new applications with established systems and files.
- Confer with assigned system’s users and evaluate utilization to identify requirement modifications that will facilitate integration, increase efficiency, and/or reduce costs.
- Investigate new procedures, equipment, and operating systems to determine their usefulness and applicability to operations.
- Assist management in developing systems analysis standards and provide consultative direction to application’s developers, system’s software engineers, computer center operations and user personnel in the planning and scheduling of system’s projects that cross functional lines.
Confidential, Ft. Belvoir, VA
Sr. Systems Engineer
- Provided Active Directory and Group Policy Management.
- Provided data backup administration for all DLA systems including but not limited to Windows, UNIX, Citrix, Exchange and Web, classified and unclassified.
- Provided account management for local drives including folder permissions.
- Provided support for the Print, File Transfer Protocol (FTP)/Secure File Transfer Protocol (SFTP) and digital sender servers.
- Managed tape backup and recovery operations to include interaction with DLA provided backup software (Symantec Netbackup). Ensured backups occurred as scheduled, ensured tape read/write errors did not occur, and rescheduled backups as required.
- Monitored climate conditions, commercial power input, emergency power hardware (Uninterruptible Power Supply, batteries, generator, etc.), air conditioning, and Power Distribution Unit for normal operations within the computing facility in order to provide situation awareness of operational thresholds.
Confidential, Crystal City, VA
- Conducted market research and evaluation on technical areas of interest to the OSD/CIO ensuring that legitimate needs were identified and trade - offs evaluated to acquire items that met those needs.
- Tested and evaluated new technologies in both the Development environment and the Testing environment.
- Implemented new technologies into the Production environment from the ground up.
- Provided general subject matter expertise to the Program in the area of Microsoft Active Directory.
- Developed and maintained documentation to support the transition of projects to Service Operations and to ensure the use of repeatable processes and procedures: Network Diagrams, System Configuration, System Deployment.
- Provided training on solutions as well as address emerging training requirements.
- Reviewed EITSD published Standard Operation Procedures (SOPs) and processes, suggested changes/modifications to improve performance and workflow.
Confidential, Arlington, VA
- Engineered and administered Microsoft Active Directory, including Windows Server 2008 and 2003 domain controllers in an environment consisting of Windows 2008 and 2003 functional domains in a Windows 2003 functional forest.
- Utilized PowerShell and VBScript to query Active Directory and Exchange environments to collect and modify objects in Active Directory and Exchange object models.
- Migrated user, computer, and group objects between trusted domains and forests.
- Managed users and computers through the design, management, and application of group policy.
- Engineered and administered Microsoft Exchange 2007.
Confidential, Lexington Park, MD
- Installed, configured, and managed the Windows Server operating systems and related tool sets supporting NAVAIR Data Center; Gathered requirements, developed and conducted design reviews to implement within the mainstream corporate infrastructure.
- Ensured servers were compliant per NAVAIR and DISA policies to include backup and disaster recovery requirements, anti-virus protection, and implementing system security.
- Performed vulnerability and SCAP scans of assets using Retina. Resolved findings and provided the results to the IA Team.
- Administered vSphere 5.1; Informed team of Alerts, Resolved virtual machine resource and availability issues.
- Maintained, tuned, and patched systems for optimum performance and security.
- Produced documentation that detailed and described the systems, procedures, events, and any associated processes.
- Responded to system failures promptly to bring applications back online.
- Built new infrastructure servers.
- Maintained the operational status of servers.
Confidential, Andrews AFB, MD
VMware Engineer | Systems Engineer
- Evaluated previous NCC-R deployments for compliance with the standard configuration and worked collaboratively with NOSC and NCC-R personnel to correct any discrepancies found.
- Provided hands-on familiarization to personnel on the current VMWare / CommVault product best practices for configuring and troubleshooting NCC-R systems.
- Worked collaboratively with the Government to tune VMWare / CommVault product configurations; optimized for performance and security.
- Performed testing and implemented changes, upgrades, and patches to VMWare / CommVault products and ensured any change complied with the Change Management process.
- Reacted to critical alerts and general system health based upon unit-level requests for intervention and assistance.
- Provided VMWare / CommVault product analysis to include risk analysis, identified security risks, and identified areas for optimization.
Confidential, Sterling, VA
- Reviewed and enforced information security policy, standards, and guidelines for business operations and technology implementation.
- Proactively identified IT security risks including those related to IT implementations.
- Conducted security assessments, audits, penetration testing, forensic IT, and incident handling.
- Performed vulnerability scans of assets in the environment using Nessus.
- Coordinated group-wide IT security matters such as incident response, intrusion detection, and IT security advisories.
- Monitored incoming and outgoing network traffic using SourceFire.
- Conducted research to identify and test vulnerabilities in information systems and networks.
- Analyzed security incidents and formulated incident reports.
Confidential, Arlington, VA
- System Security: Ensured portability and reproduction of STIG settings by modifying the Windows sceregvl.inf template (including firewall and software customization) which was used by the Security Editor to create a Security Template and secure the system;
- Virtualization: Built and configured VMware vSphere 4.1 ESXi Host, vCenter Server, and vSphere Clients; Constructed numerous domains within virtual environment for testing and implementing security settings of different operating systems, software, and configurations.
- Group Policy Management: System security and user management; STIG and DoD IAVA requirements; Resolved vulnerabilities within Windows Server 2008, 2003, Office 2007.
- VBScripting: OU Creation, Groups, Group Nesting, Delegation of Authority; Software Deployment and Installation. Generated documentation and an evaluation procedure for VBscripts for purpose, implementation and validation of each VBScript
- Documentation: Prepared documentation for Customers to use as a guide when configuring their environment (Building the Operating System, General and System Configuration, Domain Controller Configuration, Applying and Configuring the customized sceregvl.inf Security Template for STIG Compliance, Securing Windows Office 2007).
- Operating Systems supported: Server 2008 R2, Server 2008, Server 2003 R2, Windows 7, Windows Vista, and Windows XP.
Confidential, Alexandria, VA
- Virtualization: Evaluated software within virtual testing environment, prior to implementation into the production environment. Created and managed virtual HyperV servers which saved energy, rack space, and made for more flexible configurations when server modifications were necessary.
- Active Directory Administration: OU Creation, Group Policy Management, and Delegate Authority.
- VBScripting: Software Deployment and Installation.
- Developed Standard Operating Procedure documentation and provided technical oversight and training for internal staff.
- Software Evaluation and Administration:
- Blackberry Enterprise Server 5.0
- Built and configured new Windows 2008 Server, upgraded blackberry software and migrated enterprise user and device accounts from Server 2003 system with BES 4.1 configuration (SQL 2000 database) to Server 2008 system with BES 5.0 configuration (SQL 2005 database).
- Managed Blackberry services for multi-site environment with Blackberry 5.0 Administration Service.
- McAfee HBSS (Host Based Security System) Build 3.0
- Designed the HBSS structure for multiple sites to provide enhanced security (traveled to remote sites).
- Installed and configured McAfee HBSS ePolicy Orchestrator 4.0, HIPS 7.0, Asset Protection, Rogue System Detection, and Policy Auditor software on the server.
- Configured Host Intrusion Protection firewall for server and client machines to allow/deny specific applications and traffic through specific ports.
- Veritas Netbackup v6.5.4
- Developed policies and managed backup jobs for Windows enterprise servers with varying operating systems and functions.
- Restored servers from tape when necessary (individual folders, bare metal restores, SQL Database, Exchange).
- Monitored, performed troubleshooting, and resolved issues with Server, Tape Drives, and Tape Library.
- Mobile Armor v3.0 SP7
- Built Windows 2003 Server and created the structure to manage Mobile Armor user and device accounts through a single point of administration.
- Encrypted hard drives of client laptops to provide additional security.