PROFESSIONAL SUMMARY:

An accomplished self - starter with a focus on the design, deployment and management of systems and technologies including Exchange, Active Directory, storage, and virtualization. Focused on detail, documentation, and standards, consistently leading critical projects.

CORE COMPETENCIES:

• Office 365 PKI/OCSP/Smart Card Azure Active Directory Security and Mitigation
• Messaging Active Directory Systems Architecture Scripting Solutions
• Email Security Systems Management Virtualization Hardware Support
• Cloud Security Storage Management Network Operations

CURRENT TECHNOLOGY SUMMARY:

Security: Proofpoint, Microsoft CASB, Cofense Triage and PhishMe

Messaging: Proofpoint, Cisco Ironport/ESA, Microsoft Exchange (5.5 - 2013, Exchange Online), Blackberry

Virtualization: VMware ESX/ESXi, Terminal Server, Hyper-V

Hardware Vendors: Dell, Cisco, HP, APC,EMC,Dell/Equallogic

Hardware Systems: SAN, NAS, DAS, DFS, RAID, iSCSI, Clusters

Systems Management: SCCM/SMS, WSUS, SCOM, MOSS, Tivoli/ Confidential Endpoint Manager/BigFix

Mobile Device Management: MS InTune, Airwatch, BES/Good Technology, Azure Conditional Access

System Scripting: Powershell (advanced), VBScript, Batch, Exchange Web Services, basic C#

Anti-Virus/Anti-Spam: McAfee, Microsoft SCEP, eTrust, Symantec

Backup: BackupExec,Netbackup,NetApp Single Mailbox Recovery for Exchange

EXPERIENCE:

Confidential, Hanover, MD

Systems Engineer

Responsibilities:

• Architecture and engineering for migration form Microsoft Exchange Online Protection to Proofpoint On Demand (35,000 mailboxes)
• Operationalized Proofpoint support within Confidential (including, mentoring, etc)
• Design and engineering for on-prem Exchange 2007 to Office 365 migration for 35,000 mailboxes
• Migration from on-premise ADFS to password hash sync for authentication to Azure AD/O365
• Engineering and support for Exchange Hybrid Org and Centralized Mail Transport (Symantec DLP on-Premises). Very advanced/complex mailflow.
• Implemented security policy for Azure Active Directory (Conditional Access, legacy protocol mitigation)
• Designed and deployed solution for MFA and risk-based conditional access with Azure Identity Protection
• Microsoft CASB security policy engineering and support
• Architecture and engineering for User Lifecycle Management on Sailpoint IdentityNow platoform.
• Design and engineering for Azure D Confidential Factory, SQL Server Integration Services
• Designed and implemented strategy for group-based Microsoft licensing, cutting costs significantly.
• Assist as necessary with Microsoft true-up and EA agreement renewal
• Advanced Powershell scripting including: Exchange, Active Directory, Sharepoint, and Exchange Web Services
• FIM 2010 R2 and Azure Active Directory sync (AAD Connect)
• Senior level engineer assisting other teams with projects, including but not limited to: Sharepoint, Windows 10, Microsoft “Red Forest” implementation, Security event remediation eDiscovery: O365 Litigation Hold/GDPR/retention polices design and strategy, EnCase eDiscovery suite, mailbox auditing
• Responsible for License reclamation and terminated user license management strategies
• Designed and engineered migrations due to acquisitions: platforms migrated from include: Google, hosted Exchange, O365, on-prem Exchange. Active Directory migrations for acquisitions (where applicable)
• Privleged Role and Access Management: Azure PIM, Hitachi HIPAM
• Public Folder and SMTP relay migration(s) from Exchange 2007 to Exchange 2013 on-prem

Confidential, Washington, DC

Team Lead

Responsibilities:

• Infrastructure Engineering
• Designed and deployed solution for HSPD-12 complaince (PIV Card/Smart Card Logon/PKI)
• Team Lead for Windows O&M Team
• Final escalation point for all Infrastructure operational issues.
• Ironport/Cisco ESA support and transition
• Designed Exchange 2013 solution
• Powershell advance automation design and engineering
• Assist junior team members with resolving all manner of operations issues including but not limited to: Windows, Ironport, Exchange, PIV/Smart Card logon, Checkpoint VPN, Group Policy, McAfee EPO, Checkpoint Endpoint Security, Powershell, DNS, DHCP, Active Directory.
• Contract was ended prematurely with 4 remaining option years

Confidential, Alexandria, VA

Identity Management and Directory Services Engineer

Responsibilities:

• Designed and engineered virtualization solutions based on Microsoft Hyper-V.
• Migration design and engineering for Active Directory R2 migration.
• Migration design and engineering for proprietary Application Servers on Confidential “cutters”
• Escalation point for Operations teams for Platforms and Directory Services/IAM
• Produced documentation/deliverable as required including but not limited to: Group Policy deployments, Hyper-V deployments, AD Directory Services.
• Part of engineering team working on Identity integration within DoD for Confidential GAL visibility, auth, etc.

Confidential, Washington DC

Collaboration Team Lead/Messaging Architect

Responsibilities:

• Architecture, Engineering and Operations were encompassed in this role
• Authored and deployed security policy and strategy for Cisco Ironport appliances (C360 and M670 devices) including, but not limited to: DLP rules and strategy, SPAM and malware detection, operationalizing upgrades to operating system (ASync OS).
• Security policy authoring and maintenance around the release of sensitive messages from Quarantine
• Designed and implemented TLS for secured e-mail communications (SMTP was clear text prior)
• Designed and Deployed Microsoft Lync 2013 on-prem through entire SDLC process
• Lead Engineer on deployment of Airwatch/Knox 2.0 solution for Android Mobile Phones on Samsung devices
• Principal Engineer for Blackberry, supporting BES version 5 servers and 9930 Blackberry Devices
• Desinged and deployed new backup and restore stragey and capablities
• Powershell Scripts for automation including but not limited to: Lync, Exchange, Active Directory, Quest ARS, VmWare PowerCLI
• Mentoring of Junior Level Messaging and Windows Engineers as Team Lead for Collaboration
• Design for Office 365 implementation, including ADFS, retention, security policy

Confidential, Washington DC

Sr. Systems Engineer/Messaging Architect

Responsibilities:

• Applications and Solutions Engineer supporting a 15000 user community for testing and production systems
• Designed and implemented Exchange 2010 environment for public-facing mailbox(es), also migrated
• Implementation of a “private cloud” solution for DOJ in conjunction with Microsoft Consulting Services.
• Supported the following “components” in DOJ: JMD, including Attorney General and staff, DAG’s office, Civil Division, CRM, EOIR, JCONMAIL, US Attorney’s Office, BOP, ENRD.
• Support of Blackberry 5 Server and Tier 3 troubleshooting.
• Deployment of “Triumfant” proprietary tool used for Security and Auditing
• Deployed PKI infrastructure at DOJ for authentication/auditing of multifunction devices in the enterprise, and CAC (PIV) cards
• Member of Design team for Exchange 2010 migration.
• Microsoft platforms support including, but not limited to Active Directory, SQL, Exchange, FIM, MIIS/ILM, Forefront for Exchange
• Archiving systems, including Nearpoint Mimosa and Symantec Enterprise vault
• Powershell and VBScripts automation
• Classified spill mitigation and cleanup in conjunction with various Department ISSOs.

Confidential, Sparrows Point MD

Exchange and Systems Administrator

Responsibilities:

• Administration of a multi-site/high-availability messaging environment with Exchange 2003/2007/2010
• Designed and deployed Ironport cluster (2 C360 nodes) for mail security (TLS encrypted mail) and SPAM/virus filter solution for company. Deployed Domain Keys/DKIM (DNS based email security)for Ironport. Coordinated release of false positives and custom configuration of user Spam quarantine interface
• Designed, implemented and administered VMWare ESX 3.5, ESX 4.0 clusters with high availability and VMotion
• Implemented co-existence infrastructures with other Active Directory forests in remote locations due to acquisitions by company
• Designed and Deployed SCCM environment and migrated relevant information from SMS 2003
• Designed multiple vSphere 4.0 clusters for Exchange 2010 migration
• Designed (tech lead role) migration for new 2008 AD Domain/Exchange 2010 Infrastructure
• Designed and implemented the BES 5.0 / Exchange 2010 platform.
• Performed 2010 migration using standard MS tools and scripts (Powershell and ADMT)
• Designed SQL cluster environments (SQL 2005 & 2008)
• Designed and implemented Microsoft Biztalk cluster to integrate multiple d Confidential streams (including Confidential Websphere MQ, mainframes, and Level 2 devices used in steelmaking)
• Architected and managed storage solutions including SAN administration (DELL/Equallogic) and local storage demands
• Support for ISA 2006 cluster integrated with WebSense webfilter
• Designed and deployed SMS 2003 enviornment
• Deployed images and packages with SMS 2003 in the enterprise
• Planned and executed a domain migration as a result of acquisition/divestiture
• Assisted in implementing PKI/Wireless strategies including Cisco ACS/PEAP/MS Authorities

Confidential, Columbia, MD

Sr. Systems Architect

Responsibilities:

• IT infrastructure Architecture, engineering and support for fast growing small company
• Provided messaging support for Exchange 2003 and Blackberry services
• Optimized Active Directory and Group Policy infrastructure in the enterprise
• Deployed SSL VPN solution for company using SonicWall products
• Provided support for SonicWall firewall, HP switches, printers and faxes
• Designed and administered backup strategies with BackupExec
• Provided support for Televantage phone system for on-site call center

Confidential, Columbia, MD

Network Engineer

Responsibilities:

• Assisted in large scale migration to consolidated Active Directory/Exchange 2003 environment.
• Microsoft Exchange 2003 and AD 2003 administration and user support
• Designed the imaging infrastructure using RIS
• Assisted with Help Desk duties in support of Windows XP Desktops and Dell/ Confidential servers.
• Supported Blackberry devices and users on BES server 4.0
• Supported imaging processes for new computers and Microsoft RIS