Windows Systems Administrator Resume
5.00/5 (Submit Your Rating)
SUMMARY
- A highly technical, motivated, military - minded, goal-oriented professional with strong sales potential.
- Very organized, possesses classified leadership qualities with the ability to manage projects and meet deadlines.
- Strong work ethic combined with a commitment to excellence and getting the goals completed efficiently and hastily.
- A team player that works effectively with senior management in accomplishing objectives.
- Computer literacy in all Microsoft environments and familiarity in network and cyber security concepts.
- Exemplary client satisfaction skills due to experiences in harsh and calm/office conditions and has the strong will to adapt to any environment.
- US Passport available if needed to travel. Certified CompTIA, EC-Council, Microsoft and Scaled Agile professional.
PROFESSIONAL EXPERIENCE
Confidential
Windows Systems Administrator
Responsibilities:
- Managed servers and workstations for NIPR and SIPR domains.
- Implemented STIGs and pushed GPOs for 3 major NIPR/SIPR domains.
- Logged entries for specialized PKI workstations.
- Ran scripts to check for dormant/inactive accounts.
- Modified Active Directory objects for other administrators and end users.
- Pushed SCCM Client to workstations.
- Burned Windows 10 images and supervised the deployments of the secure host baseline.
- Troubleshot multiple errors for imaging procedure such as DNS errors, old ADS entries, glitches in Windows PE, BIOS updates and configurations.
- Created/maintained SOPs for SWAN Windows 10 deployment procedure.
- Tested implementations within lab network prior to deploying changes on other major domains.
- Created/edited organizational units in active directory.
- Submitted SNETREG database requests for the additions/modifications/deletions of all domain assets.
- Mapped network drives to utilize implemented and mandatory software installs and drivers for the network.
- Patched domains via the Ivanti/Shavlik agentless pushes.
- Utilized WSUS to install critical operating system updates as well as minor ones to close CAT 1, 2 and 3 vulnerabilities.
- Managed workstation and server vulnerability mitigation using the ACAS systems scanner.
- Created baseline CKL checklists for Windows 10 SNOWFLAKE imaging procedure used by all domains.
- Used SCAP tool and XCCDF files to verify the closing of vulnerabilities within the classified network.
- Tested/utilized the STIGAssist tool to enhance the procedure of implementing STIG technologies for the OS as well as 3 rd party software (Adobe, Sun Java, Mozilla Firefox, etc.)
- Updated reports of daily activities and major modifications done for lower tier systems administrators, end users and project managers.
- Made modifications to installed firewall in order to troubleshoot major issues on the network.
- Labeled the topology of SRDTE workstations and servers.
- Utilized SolarWinds DameWare to RDP into workstations and servers to implement/manage patches, fixes and compliance issues remotely.
- Uploaded patches, ISOs and software .exe files to iWeb database so customers and end users of the network could access/download mandatory installs.
- Managed Keepass database that kept all critical credentials used for workstations, servers and mandatory software used on the entire network.
- Modified ADML/ADMX template files to implement new GPOs for the Group Policy Management console.
- Made use of the MMC Console to add lower tier administrators and end users to their appropriate groups on assets of the domains.
- Provided support on the installation and licensing of both Microsoft and 3 rd party software such as Office 2016, SolarWinds DameWare Remote Support/Mini Remote Support Console, NMap, Wireshark and HBSS.
- Utilized command prompt and PowerShell on a daily basis to force GPO pushes and view current running configurations
- Acquired Data Transfer Agent (DTA) certification and privileges to transfer data securely throughout classified and unclassified environments.
- Used the CMTracelog in order to troubleshoot task sequence and SCCM errors.
- CLO and Un-CLO enforced accounts.
- Assigned colleagues, lower tier admins and end-users to their respective groups using elevated rights and privileges.
- Implemented KMS auto-activation for Windows Secure Host Baseline and Microsoft Office products.
- Created and collected MSR inputs for project managers.
- Managed licenses for 3 rd party products as well as internally used software.
- Utilized VMWare vSphere Web Client to created snapshots prior to testing implementations, monitor CPU usage on VMs and console into servers from web browsers.
- Applied WMI filters to GPOs in order to specify which categories of assets the policies should apply to.
- Certified as a trusted Data Transfer Agent in order to transfer data from downstream-unclassified assets to upstream-classified assets.
- Scanned data during DTA procedures to mitigate network asset exploitation by malware.
- Installed DOD PKI/PKE certificates from DISA’s IASE website by utilizing the MMC snap-in tool.
- Assisted in the planning of remodeling the NOC’s topology for a higher level of convenience.
- Modified/managed DNS table entries in order for clients to image assets.
- Used testbed asset in order to experiment on implementations for the real-time network to mitigate breaks in the domains.
- Gave specified permissions and elevation rights to lower tier administrators in order to access network share drives, files, folders and applications.
- Assigned users and lower tier administrators to groups in active directory.
- Created requirements for users and lower tier administrators to carry/handle classified data.
- Utilized REGEDIT to create registry keys and remove non-compliant findings.
- Implemented managed service accounts into SCCM and Active Directory Service.
- Activated user account smartcard logons by implementing PKI certificates and inserting CAC/PIV EDIPI numbers.
- Rewired NOC topology alongside NOC custodian/network device administrator.
- Conducted and completed SHB image testing on Dell OptiPlex 7050 series; created documentation of BIOS configurations.
- Installed Microsoft Deployment Toolkit (MDT) and Assessment and Deployment Toolkit (ADK) in order to create customized baseline for Windows 10 (build 1803) ISO image.
- Created an official solution and documentation for a CAT I opening on the Windows 10 OS DISA STIG via GPO file and registry push.
- Utilized Radia to create software packages in NGEN test environments to include Windows 7, Windows 10 builds 1607 and 1803 and SBC servers (Windows Server 2008 and 2012).
- Created. OVF images via VMware for other administrators to build their testbed boxes.
- Configured virtual workstations’ hardware builds via VMware such as memory, processors, hard-disk space (SCSI), CD/DVD settings (SATA), network adapter settings and other hardware requirements.
- Developed snapshots on virtual instances in order to revert to previous states of VM’s running configurations.
- Utilized HP CAE Tools to add assets to their respective groups within active directory, retrieve ZAVIS/Exit Codes, view CAE Logs, debug, verify EMT components, restart EMTSchedule and to RDP into systems.
- Engineered solution packages via the Radia Client Automation CSDB Editor and Administrator Publisher.
- Modified ZSVCNAME, VENDOR, DESCRIPT and other attributes of solution packages within Radia.
- Utilized Notepad++ in order to modify tasks and calls of XML files within installer packages.
- Implemented installation media into Radia packages by adding components such as .exe and.msi file types.
- Utilized Microsoft SharePoint to upload, replace and edit documents and files.
- Used Story Database to update notes and statuses for ongoing projects/solutions.
- Updated/appended hosts file to point assets to numerous servers in order to receive respective custom solutions and OS patches.
- Utilized Active Directory’s Attribute Editor to add EDM polices to distribution groups in order to test software packages’ functionalities on various operating systems.
- Completed and obtained Tanium Operations & Security Essentials Certificate.
- Utilized the Tanium Platform and console to access and obtain real-time data from assets within the NMCI network.
- Made use of Tanium’s DEPLOY module in order to distribute single, as well as groups, of applications to a flexible set of targets (computer groups, user groups, departments, locations, individual computers and individual users).
- Utilized Deploy to create custom packages to install, update and remove applications.
- Monitored the status of distributed application packages via the Tanium DEPLOY workbench.
- Utilized Tanium’s COMPLY module to perform endpoint configuration checks to audit compliance with regulatory requirements.
- Used Tanium’s COMPLY to run vulnerability scans to reduce attack surface and maintain firm network posture with Department of Defense requirements.
- Configured Tanium’s PATCH module to perform the following tasks: Create asset groups for patch distribution, scan network topology for missing patch updates, build automatic patch lists for tests and production environment, create blacklists for unnecessary patches, create maintenance windows and to engineer end-user notification templates.
- Engineered and maintained workload story templates to assist engineers in their comprehension of what deems a solution resolved/deployable to the clients at hand.
- Appointed the precedency of the delivery of software solutions based on deadline dates and urgent (sometimes impromptu) communication with clients.
- Received reports/status updates from junior engineers on their assigned solutions to create a baseline of upcoming delivery dates in order to fulfil client request and service-level agreements.
- Was assigned lead engineer to deliver multiple mission-critical solutions to The Pentagon in order for the commands to pass and be successful during CCRI inspections and compliancy assessments.
- Viewed as the team’s Information Assurance consultant for implementing server-side and client-side configurations for Windows operating systems and applications.
- Enforced cybersecurity best-practices for both the technical and physical aspects of working in a Department of Defense network.
- Travelled to multiple Confidential installations to test the deployment of software solutions on production networks for both NIPR and SIPR enclaves.
- Worked in adjacency with the team Certified Scrum Masters to keep workflow at a steady and efficient pace for sprint planning and delivery of quality projects.
- Granted administrative access and credentials to production network’s NIPR and SIPR enclaves to upload solution/project documentation for clients to reference the procedures of engineering efforts.
- Completed and obtained Scaled Agile Framework (SAFe) 4.6 Certification and classroom hours.
- Hosted sprint planning calls and used poker planning sessions to assign story points and estimation of work efforts toward the delivery of solutions as well as assign junior engineers to solutions to be delivered.
- Developed consistent and detailed acceptance criteria response templates in order to assisted junior engineers in their fulfilment and documentation procedures towards solution stories.
- Consulted for POA&Ms and RAR/mitigation statements due to having the knowledge and insight of the release/tier-load dates for all solutions.
- Became the liaison for the software packaging procedures and the information assurance implementations due to having solid experience in both realms.
- Hosted meetings and technical training for both in-house software packaging methods and information assurance technical and documentary implementation.
- Applied SAFe Framework methods to scale Lean and Agile development into day to day operations and delivery of solutions for Radia and Information Assurance.
- Acknowledged all Agile Release Train team members and their roles and assigned specific projects based on the members’ known specialties and fortes.
- Identified roles and dependencies between other teams and my team on the company’s Agile Release Train.
- Planned Iterations to make available for 2-week sprints and to open up the flow of the delivery of packaging and IA stories on Team Foundation Server database.
- Provided methods to execute sprints and iterations to demonstrate value of quality and efficient solutions.
- Coordinated with other Product Owners and Program Managers to execute similar goals for the delivery of quality solutions to the client.
- Managed the submission of recommendations to better the 2-week sprints and implemented them in order to improve future sprints and iteration plotting.
- Reached out to vendors to solve discovery stories in order to implement fixes and patch products that were delivered into the client’s production environment.
- Updated/Uploaded guideline documents that were necessary to pass on technical information and in-house instructions to newly on-boarded engineers and ISSOs.
Confidential
Deployment Supervisor
Responsibilities:
- Supervised installations of recent operating systems and updated military branch’s network infrastructure
- Oversaw the use of multiple methods to image assets via servers, boot media and HDD
- Worked/communicated hand in hand with the United States military’s top-class technicians on a daily basis
- Administered the troubleshooting of issues within highly secured networks
- Proficiency in manual backups of user profiles with User State Migration Tool
- Provided administration of commercial off-the-shelf (COTS) products (Dell desktops, HP, SolarWinds, Microsoft Office, Ivanti/Shavlik licensing, IBM BigFix)
- Performed backups using the administrative command prompt
- Updated BIOS on multiple manufacturer assets
- Worked as a team supervisor of six systems administrators and four deployment technicians as well as alongside soldiers, sailors, marines and airmen within the IT sector of the military.
- Joined assets to domains with inclusion of running specified scripts and batch files
- Installation of Software Center using administrative privileges
- Modified McAfee Host Intrusion Detection System (HIPS)
- Backups and restores performed via HDD
- Monitored logs to ensure completion of backups and restores
- Utilized administrative permissions to access highly classified documents on secure network
- Configure IP addresses statically and via Dynamic Host Configuration Protocol
- Perform activation of full-disk encryption via BitLocker
- Utilized Trace Log on Windows 10 OS to track backup and restore activity
- Modified Boot Order in BIOS
- Implemented domain join fixes by utilizing Kerberos scripts and automated batch scripts
- Updated various device drivers on multiple manufacturer assets (HP, DELL, Lenovo, ASUS, NCS)
- Enabled virtualization functionalities for numerous manufacturer assets
- Demonstrated the knowledge in activation of TPM security chip
- Provided fixes for proxy errors
- Troubleshot BSOD on numerous operating systems
- Overlooked and assigned daily Windows 10 OS deployments for the United States Confidential Corps (MCEN)
- Supervised the configuration of BIOS on multiple PC manufacturers
- Managed daily hours for shift lead as well as deployment technicians
- Coordinated sites and use of network ports to initiate deployment processes
- Distributed HDD and external disc drives for appliance to imaging procedure
- Utilized Microsoft Excel and Word to display daily schemes for shift lead and technicians
- Performed site surveys prior to setting up for deployment procedures
- Utilized administrative rights to access Confidential Corps Enterprise Network
- Delegated daily tasks for shift lead and deployment techs (SCCM pushes, IPL, Refreshes, Staging, ETC.)
- Cooperated with other deployment teams to maximize efficiency in daily productiveness
- Provided solutions for technical issues (BSOD, CAC reader issues, domain join, layer 1, proxy server fixes, etc.)
Confidential
Information Technology Specialist
Responsibilities:
- Awarded the Confidential Achievement Medal for proficiency in MOS courses
- CompTIA Security+ CE Certified
- Secret clearance acquired (looking to upgrade to Top Secret to gain experience in a more locked down environment)
- Iron Soldier Award
- Distinguished Honor Graduate- graduated Advanced Individual Training (AIT-25B course) with the highest GPA in Alpha Company
- Experienced in the setup and maintenance of Voice Over IP(VoIP) phones
- Operated and configured systems that ran Cisco Unified Call Manager
- Installed Cisco routers and switches
- Set up and established Telnet connections on Cisco devices
- Installed Domain Name Servers (DNS)
- Install and maintained Windows Operating Systems to include Windows XP, Vista, 7 and 10
- Implemented Microsoft Exchange Server
- Access and modified Microsoft Active Directory User/Group/Computer Accounts
- Implemented Microsoft AD Organizational Units
- Set up and maintained VSAT tactical satellite
- Constructed OE254 (Omni-directional equipment)
- Data Recovery using administrative command prompt and GUI-based disk utility
- Implement Public Key Infrastructure (PKI)
- Configure CAISI routers and switches
- Completed and obtained Cyber Common Technical Core (CCTC) course certificate with the 171 st Cyber Protection Team.
- Utilized SCP to send and receive files from clients to remote hosts.
- Created named pipes in order to facilitate transfers within Linux command line interface (CLI).
- Enabled custom, listener ports in order to conduct file transfers via Netcat.
- Utilized Local, Remote/Reverse and Dynamic Port Forwarding techniques in order to create SSH tunnels to get around firewalls and perform exfiltration of data from important sources (HTTP, FTP, SSH, SMTP and DNS servers).
- Used proxychains in order to gain access to difficult to reach resources via the Linux CLI.
- Highly experienced and educated on cyberspace threat actors such as cyber criminals, state sponsored, hacktivists and insider threats.
- Utilized Lockheed Martin’s Cyber Kill Chain methodologies in order to successfully perform covert operations.
- Engineered and used both Linux and Windows PowerShell scripts in order to enumerate hosts and determine avenues of approach per OS understanding.
- Performed social engineering exercises to test organization’s technical and physical security awareness levels.
- Experienced in locking down unnecessary/unused ports as well as crawling through open well-known ports to see if they’re used as obfuscated attack vectors.
- Trained and educated end-users on User Acceptance Policies (UAPs) and cyberspace awareness in order to mitigate insider threat vectors within organizations.
- Utilized Open Source Intelligence (OSINT) reconnaissance methods to passively obtain information on mission targets.
- Trained on the fire walking technique in order to test whether ports and protocols are allowed through network filtering devices.
Confidential
Junior Systems Administrator
Responsibilities:
- Provide computer support and customer service for clients
- Write technical specifications for purchase of PCs and related products
- Aid in development of business recovery plans, maintain current knowledge of plans
- Support development and implementation of computer projects and installations
- Assist in developing long-term strategies and capacity planning for hardware needs.
- Assist in preparing, maintaining, and upholding procedures for logging, reporting and monitoring PC performance
- Provide support and maintenance in the setup of various VoIP devices
- Configured Cisco hardware devices using command line
- Established Telnet connections between Layer 2 and 3 devices
- Modified hardware firewalls
- Installed and maintained Symantec Anti-virus
- Perform Hard Drive Imaging
- Implement TCP/IP printers to network’s infrastructure
- Installed ActivClient software and implemented smart-card/CAC/PIV readers
- Troubleshooting of Microsoft and Apple Operating Systems (Windows XP-10/Mac OS X-High Sierra)
- Performed password recovery on Layer 3 devices
- Modify User Accounts on Microsoft Exchange Server
- Constructed network cables
- Learned how to stand up SCCM 2012 R2 servers and configurations
- Extended the Active Directory schema on domain controller in order to support/implement SCCM features
- Installed server roles and features based on servers’ specifications
- Implemented administrative rights on servers to perform specified functions (full control, read, write, modify, etc.)
- Install SQL Standard and configure memory limits (quotas) via Microsoft SQL Server Management Studio
- Implement System Management container in ADSI Edit, give principal administrative/security privileges to SCCM computer account
- Configure SQL Server Configuration Manager
- Install SCCM 2012 (SCCM 1606 & 1802 apply with the same settings)
- Add local administrator rights on SQL server
- Implement SQL Server Firewall Rules for specified, needed ports
- Insert Windows Features within SQL Server in order to perform necessary tasks
- Utilized the Internet Information Services Manager (IIS) to configure WebDAV settings and authoring rules.
- Installed/Implemented/Configured the Windows Assessment and Deployment Kit (AIK) in order to utilize the Deployment Tools (MMC Workbench), USMT and Windows PE
- Set client settings to use the Software Center to deploy applications/patches such as Microsoft Office, Java, Mozilla Firefox and much more.
- Set up scheduling of software deployment in Software Deployment tab within SCCM Console.
- Deployed SCCM Client to individual assets that joined domain after initial SCCM setup.