TECHNICAL SKILLS:

TOOLS: McAfee EPO, Rack Wise, Nessus, vFoglight, Nagios, Spectrum, Remedy, HP - Insight Manager/OpenView, Dame Ware, LANDesk, MS SMS/SCCM, Ghost, PCAnywhere, Bomgar, RSA Security, Backup Exec/NetBackup, Splunk, IPmonitor and traffic analyzer, Whats-up-Gold, Snort, Dragon 6, Sourcefire, Net Forensics, SolarWinds, Wireshark, SNMP traps, Remedy, track-it, Heat, Scripting with PowerShell/Python

PROFESSIONAL EXPERIENCE:

Confidential, Washington, DC

Senior Cyber Security Engineer

Responsibilities:

• Daily interaction with the federal Information Security Officer to coordinate information assurance actions, investigations and remediation of cyber security vulnerabilities within the enterprise.
• Coordinated with organizational security team members and operations staff to ensure program consistency and compliance with all security procedures and requirements.
• Ensured knowledge of organizational and agency level security requirements and ensured that systems and personnel comply with these standards.
• Ensured that systems records are maintained and are promulgated to proper staff.
• Identified risks in security systems and work with technical experts to resolve security issues.
• Participate in monthly change management to do systems patching or reconfiguration.
• Maintained security updates, systems scans (Nessus) and systems/server hardening (STIGS). (SCCM/WSUS, application and system OS builds (templates)
• VMware Updates and Host firmware maintenance.
• Plan and deploy countermeasures, SNMP traps
• Investigations and remediation of cyber security vulnerabilities within the enterprise.
• Created and updated project plans, project cost estimates, project recommendations, status reports, scorecards, and executive presentations.
• Created, installed and maintained self-signed and external SSL/PKI Certificates.
• Performed Web Application Penetration and Intrusion Testing and methods and the deployment of safe and secure systems based on sound design and implementation techniques.
• Managed Multi-Factor Authentication, Vulnerability management, Intrusion Detection and Prevention.
• Reviewed and updated both DLP data loss prevention and disaster recovery plan and configuration.
• Ability to conduct assessments of the system for compliance with applicable security frameworks (such as NIST, NIST, etc.)
• Projects: Splunk implementation, IBM App Scanner, McAfee DLP, MDM migration and phone encryption (IBM MAAS360), WEB App and site control/filtering through Forcepoint.

Confidential, Washington, DC

Sr. Network/Systems Engineer/ Azure

Responsibilities:

• Maintained and administered Active Directory, O365 and Exchange online.
• Management, configuration and packaging of MS Server OSs
• Maintain and migrated compute resources to Azure Cloud and MS One Drive
• Daily administration of VMware Vcenter, managed Cisco Blade center, Dell Servers, DNS, DHCP/InfoBlox
• Storage administration of EMC VNX and Avamar backups and restores, MS SQL backups and images
• Managing, configuring, troubleshooting and monitored Cisco/Meraki Network (ISP, VPNs, firewall, two-factor authentication)
• Managing Cisco Nexus core and access switches, wireless LAN controller 2504/WAP 75XX, Initial Point of contact for network and systems errors or outages.
• Key Operations liaison between business units and development staff/teams.
• Backup MSSQL Server administration (MS SQL 2005, 2008R2, 2012)
• Creating project plans and schedules to be presented to management and non-technical users for detailed reviews
• Tracked and escalate network support requests as needed to the appropriate staff.
• Worked multiple projects with multiple delivery dates (systems and application)

Confidential, Wood Cliff, NJ

Sr. Infrastructure Engineer

Responsibilities:

• Maintain physical server infrastructure, Cisco UCS C220/HPE C-class blade systems, HPDL-series
• Advanced SAN Management including FC Zoning (Brocade) HP MSA, and 3Par storage
• Manage Windows Systems infrastructure, Server 2003 through 2016/ RedHat Linux/Oracle
• Build/maintain/triage VMware 5.5/6.0 and clustered MS Hyper-V 2016 private cloud infrastructure (AZURE/MS VMM)
• Deploy cloud applications and management of MS Azure/AWS platform
• Manage day-to-day Engineering 'Peer' interaction and direct business unit interactions.
• Azure resource management: / Hyper-V / Azure stack application and post-implementation client support
• Automation/Orchestration tools (SaltStack, Ansible) (PowerShell.
• Manage enterprise LDAP and MS Active Directory, account creation, permission attribution, GPO, local and domain security policy and standard NTFS permissions.
• Network resource configuration/allocation LAN/WAN/DMZ - TCP/IP, VLANs, VIPs/load balancing, Cisco R&S (Catalyst/Nexus)
• Palo Alto Firewall administration / security and connect via firewalls to SFTP / VPC connection to remote offices / cloud
• System monitoring and security metrics using MS SCOM, Splunk, Wireshark, SNORT packet analysis
• Manage/administered risk assessment and data security using Cyber Ark Admin/SME, RapidFire tools
• Capacity management of private cloud resources (trending, forecasting, decommissioning, reclamation of vCPUs/vMemory/Storage)

Confidential, Crystal City, VA.

Sr. Systems Engineer/Integrator

Responsibilities:

• Built AWS cloud environment to interconnect various DOD Health information systems to exchange EHR data/records for holistic personal health care (Linux CentOS and Oracle)
• Managed onsite physical enterprise environment (VMware 6.0/Dell/Cisco UCS, HyTrust).
• Configured and managed network connections, (physical and virtual) (cisco switches, routers, vPC, ELB, firewall)
• Created and managed AD domain, user groups, GPO, DHCP and DNS, (windows server 2012r2)
• Responsible for resolving complex service problems; performing expert maintenance; and installing, configuring and testing all production enterprise systems, data communications.
• Provided analysis for problems and provided solutions for a wide range of operational and support problems to meet customer (DOD)
• Maintains data network equipment and services to ensure working order and demand availability for test/DEV schedule.
• Routine on-line test and by checking, adjusting, or replacing equipment to established security and standards
• Developed and implemented software and procedures to improve system performance.
• Recommended methods and technologies to improve overall operations and performance of inter-site exchange.
• Supported DEV/TEST team and environments to security standards, application performance and errors.
• Nessus scans, SCAP scans/STIGS to maintain DISA/FISMA/NIST security standards
• Experience configuring and managing the Atlassian Software Suite including JIRA, Confluence,
• Maintained documentation of the various hardware and software solutions.

Confidential, Washington, DC

Network/Systems Infrastructure-SME

Responsibilities:

• Reviewed and updated agencies COE documentation.
• Assisted in updating and creating agency level network and infrastructure architecture
• Requirements Development & Analysis, recommending system improvements/optimization -
• Network security assessment, server security assessments (Nessus)
• Design Planning, Scheduling, Cost Estimation and Control
• Configuration Management; Testing; Verification (Ansible/Puppet)
• Validation, Implementation and Documentation of new Datacenter virtualization, Cisco UCS 51XX-B200/420/M4
• (2008r2/2012r2 Windows)(VMwareVSphere 5.5/SRM)
• Built Cloud DR using (AWS) cloud connections/VPC.
• AZURE POC / Test
• Built VDI pilot platform/POC- Nutanix servers, VMware View/Horizon and (Xendesktop VDI in a box)using both, Windows 8/10 clients/MDT/SCCM

Confidential, Washington, DC

Sr. Solutions/Systems Engineer (Fed Ramp Cloud Migration)

Responsibilities:

• Key participating the architecture, design, and implementation of IT infrastructure to support Data Center consolidations and migrations.
• Supported customer datacenter migration to private and public cloud providers. (AWS/AZURE)
• Assisted with developing physical and logical infrastructure designs, migration of business applications, web based and/or client-server
• Supported network Infrastructure and application integration to Windows 2008r2/2012r2and Linux Operating Systems.
• Installed and managed business unit’s application deployments. (COTS, WEB/IIS, Custom Apps, hosted Apps SaaS)
• Collaborated with customers/peers to understand business requirements and define requirements and/or solutions
• Supported multiple customer projects and technologies, interfacing with IT organization as well as other internal business units and external customers/partner
• User access security and file controls using IAM, SSO, ADFS & Rights Management
• (Fortinet & Cisco) NAC (Network Access Control), PAC (Privilege Access Control) concepts, firewall rules and ACL, IPS, IDS;
• Performed Nessus Security Scanning and reporting and planning support for remediation
• NetApp/EMC and Cisco UCS platforms
• Used Hyper-V &VMWare technology, (Vcenter, vCAC/Realize,vSRM, and ITIL service delivery concepts
• Application technologies (.NET, JBOS, etc.), software développent processes, database implementations (MSSQL, MySQL, Oracle)
• NIST & FISMA standards (FIPS-199, SP A controls), FedRAMP concepts and NIST defined Risk Management Framework (RMF);
• Created, Managed and monitored day-to-day systems administration and maintenance of AWS cloud servers and storage EC2, RDS, EB2.
• Systems administration, configuring, updating, monitoring and cloning/templates of win 2008r2 servers.
• VPC site connection (public to private cloud)
• Created IAM accts for new employees and maintain application access for all services.
• Created AWS resource group and application access secured with SSL certs.
• Created AWS access dashboards, publishing user application and resource access
• JIRA administration, workflow development, forms, email handling, permissions and Confluence Administration.
• Testing of API’s to connect to JIRA and Confluence and other applications.
• Configured, Managed and Administered applications test bed for various vendors
• Administered Salesforces.com configuration and management.
• Tableau server installation, configuration and administration - Visual Analytics, Business Integration, Web & Mobile Authoring
• Public facing IIS configurations and security

Confidential, Washington, DC

Sr. Systems Administrator

Responsibilities:

• Installed, upgraded/migrated and virtualized windows server 03 to 08r2 or to 2012. Upgraded/migrate and raised windows 03 AD level - schema to 08r2(Dell R7XX, HP DL3XX\G7)
• Planned, installed and managed POC Citrix Xen desktop VDI (Nutanix1000)
• Installed and managed a mix Hyper-V and VMware 5.x sites.
• Administered the EPA office of Budgets Citrix Xenapp6.5 application servers with SQL and Oracle 11G DB with hosted and customized apps on Window 7/8. managed finance office laptops via SCCM 2007 (MS Office, Crystal reports, remote connectors, VPN, Citrix receiver)
• Supported COOP DR and built a secondary remote DR Site, installed servers and storage,
• Managed backend storage devices and space allocations (LUNs and clusters) 3Par, EMC NAS,
• Managed server security scans using Nessus making sure servers met NIST & FISMA security standards.
• Configured SNMP Traps, patching, McAfee EPO, HIPS protection. Remote admin using Dell Open manage, Problem resolution/Ticketing in Remedy.
• Replication to DR site and disk to disk using Veeam backup/ local tape using Backup Exec.

Confidential, Washington, DC

Enterprise infrastructure/Server and Virtualization Engineer

Responsibilities:

• Virtualized multiple datacenter sites using VMware 4.1/5/Citrix 6.0 installation, configuration.
• New host installation during Datacenter refresh Dell R620, R720, R 0, M1000 / M620, M820, M910
• Multi-site connection and load balanced using F5
• Vcenter Load balancing and virtual connections using Citrix NetScaler for acceleration
• VDI project using XenDesktop AppSense, MS-APP V, and SCCM 2007 on Windows 7 desktops.
• Upgraded, virtualized and supported 2007/2010 Exchange DAG cluster, Lync, Windows 2008 R2, Active Directory/DNS, tested and installed BES and MDM server/application.
• Server and VDI virus protection using McAfee EPO. in-Depth expertise in VMware and storage technologies (DRS/HA, vMotion, SRM) EMC VNX & VMAX storage systems,
• EMC Recover Point for local and remote data protection.
• Work with BC team to update and add to the DR plan with the new storage, higher speed backbone and VMware utilities (vCAC, vCDC).
• Systems administrator and WIKI knowledge base for (Confluence/JIRA) for help-desk and ticketing.
• Oracle DB Linux Red Hat and Oracle Linux.

Confidential, Washington, DC

Storage/Messaging/Server Engineer

Responsibilities:

• Windows Server 2003/2008 R2 installation, configuration and administration, Windows Clustering, AD/DNS/DHCP, systems management using MS SCCM 2007
• Windows 2003 IIS,Windows Terminal Services, and Citrix XENAPP 5.0
• VMware 4.1, Vcenter Server -Installation and Maintenance,Template creation and procedures
• Maintenance, Patches and upgrades using WSUS and Server based anti-virus using TREND.
• Directory Services replication, Backup systems Data Deduplication, and Data Replication (CommVault)
• Storage Area Network using NetAPP, EMC VNX and HP EVA and Nexsan. Storage configuration, LUN Configuration, Server connectivity through Fibre channel brocade switches
• Exchange 2003/2010 administration, replication and clustering.Exchange connector and webmail and Gateway configuration and maintenance
• HP/Compaq servers, C7000 enclosure/BL460’s, DL380/G3, G4, G5, G6, G7, Cisco 3750 Switches, 6513 Core, 7206VXR routers (switch configs, VLANs, OSPF and static routes)

Confidential, Crystal City, VA

Lead Network and Systems Engineer(contract/consultant)

Responsibilities:

• Built, Installed and configured 2 HP blade C-3000 enclosures.
• Installed and configured HP MSA 2000 SAN (2 Controller, 3 expansion units) (HP Storage works).
• Virtualized system for maximum high availability and redundancy using VMware 4.0 ESX with guest OS on SAN
• Performed system backups utilizing HP Backup solution, LTO tape with Symantec BEX 12.5
• Monitoring site using HP Openview and insight manager
• Chaired weekly meeting providing detailed updates and milestones, problem remediation steps.
• Oversaw exploratory testing of HP TRIM and MS Apps.
• Worked directly with vendors to assess and modify product, created and pushed packages via SCCM 2007
• Created test plan and cases, documented results and systems documentation creation using Visio application flow and hardware infrastructure network.
• Installed and configured HP Procurve switches26XX (VLAN’s, Trunks, tagging, port groups, etc).
• Installed, configured, and administered MS Server 2003/2008, DNS, Active Directory, Clustered Exchange 2003, Clustered MSSQL 2005, SharePoint 2007
• Migrated 2003 Active Directory native infrastructure to MS 2008 server network
• Administered and monitored the network using HP Insight Manager, Virtual Connection Manager, Onboard Administrator and MS Systems Center Manager.
• HP Firmware updates and BIOS updates (blades chassis, SAN controller and Servers)
• Installed and configured system security using McAfee EPO/Server Patch management using BigFix.
• Server Scan Nessus/NBTscan and NIST/FISMA standards
• Installed/configured and administered the TRIM/TOWER application.

Confidential, Washington, DC

Broadcast Systems/Network Engineer

Responsibilities:

• Performed broadcast network admin and support (High Resolution HD video over IP network)
• Supported and managed the Thomson Grass Valley TGV network over a fiber network. (fiber channel, SAN, NAS, SQL Clusters and failover nodes) Brocade switches
• Installed and administered/supported Solaris 9/Red Hat Linux servers, MAC OS/Parallels and Wintel HP/Dell servers/W MS server 2003, GPO, DNS, Active Directory, Cisco routers, cisco PIX, WAPs, cisco switches (VLAN), wireless(Ethereal/Wireshark) troubleshooting/installations (frame relay/IP addressing/point to point)
• Supported editors, graphics dept., production suites and playout booths. (Final cut pro, Filemaker, Video encoders and rippers, media players, flash, etc)
• Managed and monitored Media/Streaming servers, network prioritization of AV traffic,
• Supported/manage draw data feeds (Reuters, AP, NPR, etc.) to backend EMC SAN. (mpeg2 and 4)
• Performed backups to disk and robotic tape library (StorageTek and Symantec BEX 12.5).
• Performed Network Nodes and end-points monitoring using “what’s-up-gold", Configured and pushed Server upgrades/patching using WSUS, tested SCCM for update servers’ replacement, virus scan installation and configuring (Symantec Endpoint),
• Administered MS Exchange 2003, Avaya VoIP phone system and MS SQL 2000/2005.

Confidential, Washington, DC

Security Administrator(contract/consultant)

Responsibilities:

• Performed security evaluation testing on the Networks/servers and Computers for the DVA and VA Hospitals.
• Responded to network/systems intrusion alerts/incidents
• Analyzed Network traffic, systems logs and audit logs to determine corrective action and implemented counter measures to prevent systems/network breaches.
• Performed remote surveillance, pushed virus DAT updates and system updates using MS SMS.
• Provided oral and written reports/Documentation on the state of systems security and daily activity.
• Worked problems (Remedy ARS) and escalated issues to center management and sent out daily threat reports.
• Monitored gateway end points (Cisco & CheckPoint) (router and firewall, managed IDS/IPS).
• Web ports/page interface/gateway monitor
• Provided user/systems support for Cisco VPN clients and MS terminal server/Citrix clients, Cisco VPN 3000 concentrators, L3 Auto dialer software, ISS Desktop protector/firewall, and Epolicy Orchestrator/MacAfee virus scan.
• Maintained HIPIAA, FISMA, NIST, and PCI and compliance policies and practices