SUMMARY:

Cybersecurity specialty, vulnerability management, threat analysis and mitigation, IAM, Okta, SSO, PAM, Active Directory forests, domains, sites, schema trusts configuration, migration. Azure AD, Azure ATP. VMWare Administration, Systems Administration, Application Support, programming, and automation. Ability to apply new knowledge to production quickly.

PROFESSIONAL EXPERIENCE:

Directory Services Architect / Security Engineer

Confidential

Responsibilities:

• Overlook security architecture of the Active Directory, Azure AD, and AWS supporting >15,000 employees, >15,000 endpoints, > 3000 Windows /RHEL servers, and corporate acquisitions, merging, consolidation, and decommission.
• Configure domain schemas, sites, DNS zones, trusts, and migration, domain controller /sites/domain decommission. Configure Azure AD/AWS integration with on - prem AD. Create Group policies. Lift and shift application migration to cloud.
• Implement, configure, and administer CyberArk PAM. Design and create customized Platforms and Policies. Upgrade vaults and component servers.
• IAM SSO Okta, SuccessFactor, Mulesoft, Workday, MFA, Okta Verify, Confidential Authenticator, Symantec VIP. Okta Sign-On Policies. Attribute mapping, profie mastering. SAML 2.0, OpenID OAuth, custom SWA, Universal Directory, Okta Policy Framework. SSO Applications SharePont Online, SharePoint On-Prem, O365, AskIT, AskHR, PartnerConnect, Oracle EPR, Benefit Direct, Ignite, Percipio, License Management, Salesforce,Flex-Force,..
• Azure AD, Application Proxy, Intune, LDAP integration of Solarwinds, PaloAlto, WormBat, NetScope Microsoft Teams, SharePoint, Bomgar, ServiceNow, JIRA, etc. Shift Lift migration.
• AWS IAM, AD Connector, AWS AD, AWS Group Policy. Lift shift migration apps to AWS.
• Implement and support threat and vulnerability management tools: Carbonblack Defense, SCEP, MDATP, O365 Defender, Azure ATP, Qualys, Nexpose, Nessus, ForeScout. Deploy and configure SIEM tools LogRhythm, Splunk, ActiveGuard and support training.
• Participate instance response on-call support and threat analysis/mitigation. Guide and prescribe solutions for System Admins and application owners to mediate the vulnerabilities.
• Report privileged groups and accounts. Replaced standard accounts with privileged accounts in groups and on servers in applications. Conducted PAM trainings for groups/individuals.
• Perform quarterly auditing. Draft and update security policies.
• Automate AD reports, log data process reports, domain health reports, and AD maintenance jobs in Powershell, Python, and bash scripts.

Contract Security Engineer and Systems Admin

Confidential

Responsibilities:

• Built secure Platinum Templates and Golden images for Windows Servers and RHEL Servers. Built new VM Windows and Linux servers. Expanded disks, CPUs, RAM for exiting VMs.
• Implemented Microsoft AGPM and created GPOs and Firewalls to secure systems and data.
• Enforce security settings by GPOs, Windows Firewall rules, and Linux conf files.
• Remediate vulnerabilities of Windows servers, Linux servers, and applications.
• Studied PHP, rewrote PHP code, and fixed XSS/SQL injections for applications.
• Create reports and automate procedures in Powershell, Python, and bash scripts.

Contract Linux Integration Engineer

Confidential

Responsibilities:

• Performed application support and deployment in Linux, Oracle databases: UIM, OSM, SoapUI, ASAP, SAT, DM, MetaSwitch/Sonus/Nortel/CedarPoint, CSG/Sigma, Jenkins, WebMethod. Monitored order flow and system performance with Splunk, Solarwind, and AppDynamics. Created/updated SharePoint SOPs.
• Studied Splunk and the proprietary application systems. Created Dashboard reports in Splunk for teams to proactively resolve issues, improved services, and increased business revenue.

Contract Linux Application Integration Engineer

Confidential

Responsibilities:

• Integrated AppViewX application with AD using LDAPS.
• Mapped the security groups and users as customers desired.
• Configured AppViewX to monitor network devices: load balancer F5, A10, GVIP, VIP, Pools, and Pool Members in Linux.
• Created Dashboard reports using REST API, JSON, python, and bash scripts.

Contract Microsoft Engineer

Confidential

Responsibilities:

• Resolved daily operations tickets of servers, hardware, operating systems, security and data protection, and endpoint users. Monitored, tuned, diagnosed and resolved SCOM alert issues: DNS, ADDC, GPOs, Quest Change Auditor, McAfee, VMWare, SAN, SRM, ESXi, VMFS, DataStore, Citrix, WebEx, Exchange, MS Office, SharePoint, DFS security, printer servers, etc. Hardware: EMS enclosures and HP racks. Increased disks, CPUs, RAMs for VMs.
• Studied C#, assembled pieces of application code to compile. Updated the code to fix bugs and provide enhancement features. Automated reports and maintenance tasks.
• Studied proprietary application systems. Responsible for addressable advertisement viewer measurement file generation to ad delivery notification file delivery systems architecture, migration, configuration, system monitor, task automation, and support including: Windows Servers, RHEL, Solaris, load balancer, fail-over cluster, SAN, NAS, Cloud Storage etc. Applications: Invidi, IMS, Invision, Strata, DMD, MS SQL Server, My SQL, Hadoop, Netezza, Teradata, and Data Warehouse. Worked in all facets of SDLC including product analysis, financial models, hardware analysis, physical deployment, operating system tuning, software design, test guidance, deployment roll-out, and production support.
• Automated processes and reports in Python multithreading, PowerShell, Perl, bash, T-SQL, SP, and SSIS packages.

Contract IT Systems Administrator

Confidential

Responsibilities:

• Responsible for Active Directory maintenance, migration, and consolidation.
• Automated user account management processes with PowerShell programing in QA and Production domains. Setup and monitor Quest ChangeAudit enterprise-wide change management.
• Automated tape management/SSH SFTP, robot inventory processes in Python on Solaris.
• Setup Dell VK2000 on Esxi v5.1 deployment system. Deployed and upgraded Windows Server, SQL Server, CentOs, and RHEL. Data Center health monitor and maintenance: VMWare hosts, Databases, SAN, NetBackUp OpsCenter.

Systems Administrator

Confidential

Responsibilities:

• Responsible for all servers, > 500 PCs, LAN, WAN, wired and wireless network setup, configuration, maintenance, troubleshooting, software specialization, and tech management.
• Built/rebuilt/upgraded/migrated Windows Servers v R2, Active Directory Domain Controllers, DNS, DHCP, file servers, application servers, printer servers, NTFS shares, GPOs, WSUS, SCCM 2007 R3, SQL Server R2, Security hardening by firewall configuration, DFS share security, AVAI of MS Forefront Endpoint Antivirus Server/Clients, or Symantec Endpoint Antivirus Server/Clients .
• Created and deployed Windows customized images to fulfill requirements from teachers, labs, and variety of hardware using MS SCCM or Symantec Ghost Multicast Suite.
• Configured and installed Cisco/HP network switches, VPN, wireless access points to accommodate the needs of 5 VLANs and 3 Domains.
• Automated procedures with PowerShell, Python, Visual Basic/bash, and HTML web site programing.
• Migrated Exchange Server 2007 system user mailboxes to GoogleApps. Synchronized GoogleApps user accounts with AD user accounts.
• Managed budget planning and trained Paras on routine support tasks. Provided on-demand tier I/II/III support with SOA EMS. Evaluated market software/hardware products. Negotiated product features and prices with vendors. Made purchases, payments, and prepared invoices.
• Sole full-time employee of the IT Department. Sole on-call support any time and all the time.