- An accomplished, performance - driven and proven IT Solutions Architect with in-depth experience in Planning, Designing, Implementing and maintaining system applications in AWS, Google Cloud Platform, and Azure Cloud on both Windows & Unix Platforms.
- Great working knowledge in Agile Scrum Software Development Life Cycle with emphasis to delivering Operations, Functional and Technical Specifications, Resource Planning, Development, Testing and Maintenance.
- Deep knowledge in migrating and implementation of multiple applications from on-prem to Cloud using AWS services .
- Working experience using EA tools like TOGAF and DoDAF to design and implement architecture framework.
- Employ ITIL best practices to improving systems administration and operations. Broad range of knowledge with a multitude of software and hardware platforms.
- Indepth knowledge of Information Security and Assurance, System Engineering, VM ware Cloud on AWS, and VMware virtualization (ESXi/vC enter/ vSphere).
- Excellent interpersonal skills to drive and influence decision-making on t echnology s trategy, Cloud Migration, and A rchitecture.
Senior Cloud Security Solutions Architect / Consultant
- Coach development teams on secure software and hardware configuration management and secure test automation strategies associated with cloud based solutions
- Design and Deliver dashboard security metric solutions (Quad Chart) to provide a window to operational status for senior leadership.
- Created an IT security technical architecture and documented current state security capabilities, current state gaps and future state roadmap aligned with IT and business strategies
- Develop Policies, Strategy and Security Metrics for Cloud PMO for implementation in the IC Cloud fabric.
- Design and develop security architectures for cloud and hybrid cloud based systems. Possess a firm understanding of the offerings within both Amazon Web Services (AWS) and the Microsoft Azure platforms. Based on business requirements, designs and implements cloud-native architectures with appropriate security controls present
- Accountable for functional architectures, design specifications and implementation plans for requirements documents, architecture diagrams, solution designs and other written and verbal information for cloud initiatives
- Created a risk assessment process with templates and conducted system design reviews as lead security representative on the Enterprise Architecture Review Board / Technical Configuration Control Board (TCCB)
- Providing design-time review and guidance to teams building and deploying new technology on and integrating with services provided by public cloud platforms
- Working knowledge in developing target architect ure mappings, readiness assessment decision trees, and technology adoption tenets .
- Deep Understanding of large-scale federal D ata C enter consolidation/migration/modernization efforts
- Strong knowledge of secure development (DevSecOps) and general software development methodologies and practices
Infrastructure & Operations Lead (AWS Cloud & VMware)
- Collaborate with App-Dev teams, Infrastructure Engineers, Software Engineers, and Systems Administrators to develop and manage AWS GovCloud and Hybrid Cloud Solutions.
- Responsible for architecting, designing, implementing, and supporting of Cloud based infrastructure and its solutions.
- Principal advisor to C-Level & VP level on analysis, planning, design, integration, assessment, and management of enterprise framework to align IT Strategy with mission, goals, and vision of agency/organization.
- Designed, configured and deployed AWS Infrastructure for multitude of applications utilizing AWS stack (EC2, S3, RDS, SQS, IAM, Route53, etc.)
- Configuring AWS CloudWatch and Nagios for real time monitoring of AWS and virtual resources.
- Experience working with stakeholders to transition waterfall methodologies to Agile and refine & improve requirements, goals and deliverables to clients/customers.
- Experience with web-centric programming languages such as Python, Ruby, etc.
- Experience evaluating emerging issues and provide recommendations related to technical integration of enterprise services through transition from legacy computing environments to enterprise cloud end state.
- Strong understanding of DevSecOps CI/CD processes and implementation of related technologies; including version control and artifact repository tools.
- Responsible for architecting and implementing deployment solutions for various projects and deployment environments
- Building and configuring Virtual Data Center in AWS GovCloud to support enterprise hosting which includes VPC, private subnets, route tables, security groups, etc.
- Implemented Splunk for continuous monitoring and assessment of AWS/Virtual Environment
Information Security & Systems Engineer
- Perform technology planning, design, implementation and L3 support of IT Security solutions including Vormetric Data Encryption
- Experience or understanding of AWS EC2, VPC, S3, IAM, ELB, Route 53, GovCloud Security Groups.
- Good understanding and management of Google Apps for work including user administration and management
- Performing NIST SP IDPS scans using Nmap, WebInspect, Nessus, AppDetective and SNORT intrusion/penetration detection scans
- Experience in installation and configuration of McAfee Endpoint Products such as McAfee Agent (MA), Host Intrusion Prevention System (HIPS), Data Loss Prevention (DLP), Policy Auditor, & VirusScan Enterprise (VSE)
- Communicate & enforce security policies, procedures and safeguards for all systems and staff, based upon NIST and/or RMF Assessment & Authorization
- Use Amazon CloudWatch metrics to monitor the health and utilization of AWS resources.
- Good understanding of security concepts (Log management, Cryptography, Data Protection, and Network security
- Ability to create client accounts on behalf of clients and configure consolidated billing.
- Performs analysis of systems and identify problem areas, identify ways of enhancing existing systems, and develop viable solutions.
- Performs preliminary forensic evaluations of internal systems including monitoring and reacting to security incidents using multiple tools & sources (e.g. loggers, SIEMs, Scans, etc.)
- General understanding of cryptographic concepts: symmetric/asymmetric cryptography, secure hash, & digital signatures
Sr. Systems Engineer
- Secured servers in accordance with DoD IA standards: hardening guides, Secure technical Implementation Guide (STIGs)
- Ensured IA compliance of servers using Assured Compliance Assessment Solution (ACAS) to manage security vulnerabilities.
- Worked with stakeholders in planning and architecting upgrades and migrations of applications from Physical Systems to Cloud.
- Experience working with clients to develop Cloud Architecture through the entire SDLC
- Ensured maximum availability and overall health of both server and virtual environments
- Analyze AWS Service offerings with regards to efficiency and security posture, and made recommendations to the customer
- Installation, Configuration and Maintenance of Virtual Hosts, vSwitches/Distributed Switches
- Monitoring and Configuration of HA/DRS/VDP
- Knowledge of system monitoring in a cloud environment including cloud specific products and tools
- Assisted in c reating Amazon Virtual Private Cloud (VPC) resources such as subnets, network access control lists, and security groups
- Provided assistance with the design and implementation of LANS/WANS, Fileservers and Workstations
- Some hands on experience in software development for automation (Python / PowerShell experience) and Web technologies
- Understands various Firewall architectures and Network/ Cloud Security concepts
- Good working knowledge of Tomcat and Ansible automation / orchestration
- Hardening devices and Windows systems following DOD Secure Technical Implementation Guide (STIG)
- Analyze customer/internal systems requirements; Author systemic requirements (serviceability, reliability, backup/recovery, interoperability, workflow, and use case definition)
- Assisted SCCM team to deploy unique images and patches to both physical and virtual environments
- Used Active Directory to create and maintain all top-level OU hierarchies, groups and appropriate security permissions maintaining group policies as well.
- Deployed applications on AWS using VPC, EC2, RDS & IAM
- Provided Storage administration and maintenance via DELL EqualLogic PS6100 Series Group Manager.
- Used Palo Alto Enterprise Security Application to manage and secure network, firewall, application traffic, etc.
- Review AWS Environment additions and/or enhancements and make recommendations to management and/or customers
- Provide System Administration functions with Active Directory and Office 365 Enterprise for User Accounts, Groups, Security, Access levels, DNS, LDAP, etc.
- Responsible for maintaining overall health of IT systems via updates, patches and necessary configuration changes.
- Managed BOX Cloud Storage and Online File Sharing by setting content and user access and permission levels.
- Identify, analyzes, and resolves AWS environment problems.
- Hardware platform design (identifies components, design OS layout, manage standardized infrastructure components, serviceability, manage vendors, and creating system solutions and frameworks)Upgrade, configure, and administer Citrix XenApp Farm from v4.5 to v6.0 to support remote users.
- Supports end user with network issues, file access, VPN access/setup, folder permission rights, LAN connectivity, Citrix issues, etc.
- Developed a lab environment for testing systems in the AWS enclave.
- Establishes network specifications by conferring with users; analyzing workflow, access, information, and security requirements; designing router administration, including interface configuration and routing protocols.
- Provided network security policy recommendations, project planning, change control, firewall management/release updates, and routing Access Control List (ACL) management.
- Managed Cisco IP Phones via Cisco Unified Call Manager (CUCM) v. 8.6.2 and Cisco Unity Connection Administration portal.
- Used Dell SonicWALL to manage network and firewall access and security
- Performed Windows Server Maintenance on both physical and virtual servers via VMware vSphere Client4.5x/5.5x
- Periodically scan the network to detect vulnerabilities and reinforce the security infrastructure working in conjunction with the IA team.
- Maintained Cisco Switches, Routers and ASA 5500 Series Firewalls.
- Knowledge in design and implementation of secure network solutions including DMZs and web portals.
- In corporate security disciplines, recommend and develop requirements, specifications, designs, and procedures to satisfy program security policy and planning guidance.
IT Support Analyst
- Performed Windows Server Maintenance on both physical and virtual servers including backups and troubleshooting used remote assistance tools like (Logme In & GoTo Assist) to provide technical assistance to customers across the globe.
- Used Shavlik for IT Patch IT management and patching.
- Used Active Directory to create and modify User Accounts, Access Levels, Permissions, Distribution Groups, Public Folders, etc.
- Provides Admin support to Cisco Unified Call Manager (CUCM) v. 8.6.2 and Cisco Unity Connection Administration
- Provides Mac first/second level support to the Editorial and Corporate Communications Depts.
- Provides support for Windows file Servers, Windows server with SQL Server Database and Web Servers
- Assisted internal and remote clients with issues involving system navigation, Active Directory account administration, network configuration, file system architecture, MS Office configurations and operating systems.
- Provided strong second/third technical support for of network and PC Operating systems, including Windows 7 (32/64bits), Windows Server r2.
Advance Support Representative
- Provided phone and desk side IT support to external (remote) customers and over 800 internal Confidential employees in a 24/7 work environment
- Used Remedy IT ticket and management system to support other helpdesk functions performed via phone and desk side.
- Managed, Supported and maintained network systems; providing both on-site and telephone support
- Configured user and computer Accounts in Active Directory and ensured appropriate Domain Access.
- Initiated the documentation of IT operations and inventory of IT equipment within the organization.
- Responsible for troubleshooting VoIP, Cable, and Internet related issues.
- Troubleshoot desktops, laptops, print servers, AV and Cable TV Systems and network connectivity.
- Remote system management using remote control applications (VNC, WebEx, LogMeIn, etc.)