SUMMARY:

Over 8 years of experience in corporate Unix/Linux Systems Engineer with extensive, diversified information technology, adaptive, proactive, and customer service focused. Provide results driven engineering solutions that meet technical and customer requirements. Bilingual professional with fluency in French, English, and strong math analytical skills. Working experience with vulnerability assessment and remediation in a mixed environment. Active public Trust, experience in Project Management dealing with data and implementing innovative solutions, safeguarding company assets to successfully achieve strategic and planning goals.

TECHNICAL SKILLS:

• Experience with On - Premise, and Cloud Security assessment
• Experience with AWS Cloud technology
• Disaster Recovery, Performance Monitoring, and Servers Fine-tuning
• Red Hat Enterprise Linux v6, and v7, VMware ESXi 6.x administration, Solaris
• MySQL, Centos 6.4, Windows server 2008, 2012
• Ansible automation tools to perform tasks
• AWS Certified Cloud Practitioner
• AWS Certified Solution Architect-Associate
• AWS Certified Engineer

PROFESSIONAL EXPERIENCE:

Confidential

Senior Linux and Cloud Engineer

Responsibilities:

• Writing Ansible playbooks and using GitHub repository to deploy packages
• Spinning Servers using Ansible Tower
• Patching production, staging, and development
• Deploy Automation Installation of Tanium Client on Linux Endpoints
• Create and Deploy a Compliance Report Scan
• Create and Deploy a Vulnerability Scan
• Create and Run a Customized Compliance Report
• Engine Using CIS-CAT
• Benchmark ( CIS Red Hat Enterprise Linux 7 or 6)
• Fixing Vulnerability Issues HTTP Methods Enabled by disabling the TRACE Method
• Create CSR Certificate ( attached and encrypted zip file that contains the csr and key)
• Revoke a PKI Certificate
• Servers configuration, maintenance and repair, provide hardware/software
• Upgrade server hardening using CIS-Cat
• Insure that all severs are compliant with security controls
• Participate in servers vulnerabilities remediation
• Install openjdk
• Create Tomcat
• Install apche-tomcat-8.5.12
• Enable service Tomcat
• Fix catalina.sh issues
• Python, Git, Apache, MySQL Client RPMs, and NodeJS 8 etc. Open Ports using Firewall command for Rhel7 and Iptables for rhel6, and 5
• Testing ports by using ncat, python, curl, iptables-save, etc.. netcat lsof fuser
• Using resync
• Migrating servers On-Premise to AWS
• Creating and Extending local file System using LVM
• Configure Centrify and Multifactor Authentication and Identity Access
• Add an existing user to Centrify
• Create a computer role for a group of servers
• Granting access to multiple and multiple servers
• Install Centrify Agents

Confidential

UNIX / Linux Senior System Engineer

Responsibilities:

• Control the Red Hat Enterprise Linux7 boot process by:
• Selecting a systemd target with systemclt on a running system such as graphical.target, mult-user.target, rescue.target, and emergency.target
• Selecting a Boot Target, diagnose, and repair systemd boot issues.
• Controlling Services with Systemctl, listing unit files with systemclt, starting and stopping system daemons on a running system, enabling system daemons to start or stop at boot, and using systemctl to manage services.
• Recovering the root password for Red Hat Enterprise Linux 7
• Managing IPV6 Networking by:
• Adding an IPV6 network connection
• View networking information
• Controlling network connection
• Modifying network connection setting for IPV6
• Using IPV6 troubleshooting tools such as ping6, traceroute -6, tracepath6, for ports and services netstat, and ss
• Adding IPV4 network connection
• Controlling the network connection
• Modifying network connection setting for IPV4 and the Hostname
• Using IPV4 tools to troubleshoot issues
• Configuring Link aggregation, bridging, and troubleshoot advanced network interface functionality, including teaming and local software bridges
• Use network teaming to provide link redundancy, load balance
• Manage a network team interface
• Manage local software bridges and associated interfaces
• Working on vulnerabilities assessment Security Audit and Technical Implementation Guidelines (STIGs) Security Content Application Protocol (SCAP)
• Configure and manage SSH
• Configure Key-Based Authentication
• Securely Transfer Files Between Systems
• Diagnose and Correct File Permission Problems
• Create and manage Access Control Lists (ACLs)
• Patching Servers
• Configure a System to Use an Existing Authentication Service for User and Group Information (Using Realmd)
• Configure and Use Existing LDAP credentials for Single Sign-On
• Set Enforcing and permissive modes for SELinux
• List and identify SELinux file and process Context
• Allowing programs through the Firewall
• Change passwords and adjust password aging for Local User Accounts
• Use network scanning tools to identify open network service ports, configure and troubleshoot system firewalling
• Verify package Security and validity
• Use encrypted File Systems, tune File System features, and use specific mount options to restrict access to file system volumes
• Configure console Security by disabling features that allow systems to be rebooted or powered off using boot loader passwords
• Install and use Intrusion Detection capabilities in Red Hat Enterprise Linux to monitor critical system files
• Perform monthly patching, Security Assessment
• Manage system login security using Pluggable Authentication Modules (PAM)
• Configure remote system logging services, configure system login, manage System log files using mechanisms such as log rotation and compression
• Configure system auditing services and review audit reports
• Configure network port security to permit and reject access to network service using advanced SELinux and firewalled filtering techniques by:
• Managing firewall using the command-line "firewall-cmd", and the graphical tool "firewall-config"
• Configuring more complex firewall configurations using firewalld support for "rich language rules."
• Masquerading and port forwarding
• Managing SELinux Port Labeling such as listing port labels and configuring SELinux configuration file to be persistent
• Managing Puppet
• Create, Delete, and Modify Local User Accounts
• Create, Delete, and Modify Local Groups and Group Memberships/etc/nsswtch.conf, /etc/hosts and /etc/resolv.conf
• Configure a System to forward all Email to a Central Mail Server
• Configure a System to forward all Email server-client testing
• Configure NFS Server and Client.
• Enabling Kerberos security to secure access to NFS Network Share-Kerberos NFS Server and Client
• Configure SMB and SMB multiuser by
• Provide Network shares to Specific Clients-Server installation and configuration
• Provide network Shares to specific-Clients-Client installation and configuration
• Configuring NTP Server
• Synchronize Time Using other NTP Peers-Set UP Local Time Server
• Synchronize Time Using NTP Peers-Peer with New Time Server
• Configuring Apache File for Web server
• Configure Virtual Host
• Configure Secure Web Server
• Configure Webpage Content modification
• Configure Private Directories
• Configure Dynamic Webpage
• Configure ISCSI Storage and Initiator
• Configure a System as Either and iSCSI target or initiator that persistently mounts an iSCSI Target-Target Setup
• Configure a System as Either and iSCSI Target or Initiator that persistently mounts an iSCSI Target-Initiator Setup
• Manage and Configure Database Services
• Install and Configure Maria DB
• Perform Simple SQL queries Against a Database
• Create a Simple Database Schema
• Restore a Database on Server from the backup
• Produce and Deliver Report on system Utilization such as Processor, Memory, Disk and Network
• Create and Configure File Systems
• Create, mount, unmount and use VFAT,Ext4 and XFS File Systems
• Extend Existing Logical Volumes
• Mount and Unmount CIFS and NFS Network File Systems
• Install and Update Software Packages from Red Hat Network by
• Using Yum and RPM
• Install and Update Software Packages from Red Hat Network, a Remote Repository or the Local File system:
• Configuring a Local Repository
• Configure the GPG Key
• Troubleshooting False maintenance mode in Citrix (occasionally the "registration state" of a VDI desktop to the Citrix Desktop Controller (Broker) somehow got corrupted. The user will not be able to connect the desktop. He/ She would see an error saying the desktop is in maintenance mode. The desktop will need to be re-registered again to the Broker.
• Migrating data using PVD Migration (Browsing the data store, and locate the folder of the bad VM. Copy the PVDxy.VMDK of the bad VM and paste to the new VM folder
• Re-register the VDI desktop in the Citrix Studio
• Creating new PvS VMS using XenDesktop setup Wizard
• Rebuilding Activation Tokens file in Windows 7
• Deploy an ESXI host and VMware Vcenter Server appliance
• Manage virtual machines, template, clones and snapshots
• Monitor and configure Citrix environment using tools such Director, SCOM, SCCM and Citrix Studio.
• Maintaining the health of the system, and troubleshooting network issues, also working in the Datacenter Room fixing issue with the blade servers such as AMMI, firmware upgrade errors or failures.
• Hardware/software configuration, and management.
• Creating users, modifying permissions, creating groups, granting SUDO permissions, and allocating storage and file systems.

Unix/Linux System Administrator

Confidential

Responsibilities:

• Installed with provisioning virtual servers in VMware (ESXi v5.5 ; v6)
• Built and supported Red Hat Linux v6 and v7 and Solaris 10 servers and such as creating users, modifying permissions, creating groups, granting SUDO permissions, and allocating storage and file systems.
• Installed applications, and tools to monitor process on Linux System and Solaris 10 system such as Nagios, VmStat, Top, Htop, Wireshark, Tcpdump
• Hardening, patching ( Solaris 10 using 10-Recommended patches, and Linux system using Yum) , and upgrades (release), on a standalone servers (using single user mode), and production servers (live upgrade)
• An understanding TCP/IP networking
• Troubleshooting and building servers such as DNS, DHCP, NFS, CIFS, MySQL, Samba, LDAP, Apache.
• Installed and managed Active directory on Windows server 2008
• Configured a system to forward Log messages and manage Iptables Rules.
• Configuring, maintaining, and scheduling process such as crontab, PS anacron, top
• Performed and wrote Bash Shell scripting to schedule and automate processes including using tar, cpio and ufsdump
• Perform multiplatform volume management on Linux and Unix system including Net Backup application support and performance tuning using SVM, LVM, ZFS, VERITAS, SWAP, NAS (FREE NAS) used for creating LUNS and used iSCSi for Solaris system
• Setup whole root Zones/ Containers on Solaris 10 for application management, migrating Zones paths and complete Zones to other platforms
• Accessing remotely a RHEL system and Microsoft remote console using Putty
• Add a new user to VDI
• Reset a PvD and login into the VM through console as local administrator and open up and admin prompt and issue following command: C:\Program Files\Citrix\personal vDisk\Bin|CTxPVD -s reset. Designing the Citrix XenDesktop VDI Architecture ( user connect to Netscaler, users Enter RSA Pin and code, User authenticate to AD, Users access their VM)
• Working on projects to shut-down and Power-up all VDI Gracefully by login into one of the Desktop Controller and use the Citrix Studio to put all of the desktop groups in maintenance mode then shut down all the of the VDI desktops in the desktop groups.
• Use Power shell script to get user account " Last logged on time" on a Citrix DDC server
• Excellent documentation skills