SUMMARY

• Experienced Cloud Engineer with a wide breadth and depth history of working in information technology. Strong engineering professional skilled in cloud migration, Azure, AWS, Active Directory, Storage and Network Infrastructure.
• Chief architect/engineer of cloud infrastructure team in multiple Microsoft Glod Partners.
• Head engineer and designer of multi - layer distributed web application comprised of web servers, load balancers, databases, network equipment(s) and storage appliances.
• Designed and implemented a centralized monitoring system which oversees teh health and performance thresholds of critical servers spread across major cities in teh U.S. for a multibillion-dollar enterprise.

PROFESSIONAL EXPERIENCE

TEMPPrincipal Cloud Architect

Confidential - New York, NY

Responsibilities:

• Built out Azure assessment report with cost and performance analysis on VMWare datacenter environment with over 300+ VM’s. Proceeded to migrate 50+ VM’s to teh cloud using Azure Migrate virtual appliance.
• Rolled out Windows Virtual Desktop (WVD) in 15 different Azure tenants for various clients. Configured Azure App Service, VNET, S2S VPN, FSLogix and Dynamic HostPools to build out a complete solution of WVD features and capabilities. Leveraged algorithm-based auto-scale features using Automation Accounts, Logic Apps and Nerdio to maximize cost efficiency. Employed Azure AD Conditional Access to require IP filtering and MFA to secure teh parameters in continual vigilance in security posture.
• Single handedly assessed and upgraded Active Directory Domains/Forests from 2003, 2008 R2 and 2012 R2 to Windows Server 2016 functional level for 4 different clients. Azure AD Connect and Azure AD Password Protection were subsequently implemented to integrate directory services and security with Azure.

Senior Cloud Consultant

Confidential - New York, NY

Responsibilities:

• Established enterprise cloud application in Azure with HA pair firewalls, 60+ VM’s, 18 subnets, and 5 LB’s in preparation of lifting and shifting SAS application from on-prem to teh cloud.
• Collapsed Cytel’s 3 separate Active Directory forests dat span multiple countries into one using Azure IaaS. Teh directory was tan synchronized to Azure AD using Azure AD Connect, successfully consolidating disparate Identity Management systems into one.
• Deployed 4 separate virtual Cisco ASAv units in Cytel’s Azure account for 2 separate projects, with one site utilizing HA pair. Integrated teh units into Azure fabric using custom routes in teh firewall(s), Azure UDR’s and NSG’s in separate subnets under one VNET. Enabled SSL-based Cisco AnyConnect VPN gateways on all teh firewalls with autantication forwarded to Windows NPS servers coupled with Azure MFA.
• Designed and executed a step-by-step project plan for migrating 1200+ mailboxes from on-premises Exchange 2013 servers to Office 365 using a hybrid configuration. Project was completed under 3 weeks.
• Scripted out UPN (Universal TEMPPrincipal Names) switch outs, decouple/couple Office 365 licensing and mailbox permission assignments using PowerShell scripts.
• Enabled Azure Automation Accounts to automatically start/stop VM’s to save on costs.
• Implemented a real-time failover Disaster Recovery (DR) plan using Azure Site Recovery (ASR) for teh critical accounting system. ASR was deployed to fail over teh on-premises VMWare servers to teh Azure Recovery Services Vault and failed back to re-protect teh VM’s.
• Migrated 300+ mailboxes from Exchange 2010 to Gemma’s Office 365 tenant.

Manager, IT Infrastructure

Confidential - New York, NY

Responsibilities:

• Tasked as teh primary architect of all IT operations of Leading Hotels of teh World, overseeing all internal IT infrastructure and web operations of lhw.com by working with Rackspace in concert.
• Managed four separate AWS environments with all aspects of EC2, RDS, S3, CloudWatch, IAM and VPC's where teh Enterprise Data Platform (EDP) was developed utilizing Dell Boomi/Sabre.
• Installed arrays of SFTP servers in AWS using EC2, CentOS v7 and OpenSSH to enable clients and partners to securely upload/download critical feed files using public key cryptography.
• Built out Tableau and Alteryx servers in AWS with Azure AD as teh SAML based identity provider (IdP) and teh Enterprise Data Platform (EDP) stored in AWS Redshift as teh backend. Teh cloud-based data analytics service provided data modeling and revenue projections for all participating hotel partners and business analysts.
• Constructed monitoring system using PRTG to ensure all aspects of IT are closely observed and tracked, including all Windows/Linux servers, network equipment (Meraki firewalls and WAP and Cisco switches), SAN/NAS devices and critical site URL's.
• Decommissioned and transitioned from multi-tier Cisco ASA firewall environment to a pair of redundant Meraki MX250 firewall units dat manage all inbound/outbound traffic for LHW.
• Configured S2S IPSec VPN tunnels from on-premises site to remote offices, vendors and public cloud (Azure and AWS). Designed IP schemes and routes to ensure all communication between each location were conducted by traversing teh VPN tunnels and private IP range.
• Installed and configured 11 separate Wireless Access Points (WAP) using Meraki MR34's and MR42's and ensured all aspects of WiFi were accounted for, including access and security.
• Perform all day-to-day Active Directory related duties, including AD Site rep, DNS, Group Policies, DHCP, etc.

Senior IT Operations Engineer

Confidential - New York, NY

Responsibilities:

• Fully administer 300+ VM's installed on Nutanix in 3 datacenters and 50+ VM's in Microsoft Azure Portal.
• Supported distributed web application made up of HA Netscreen firewalls, HA F5 Big-IP load balancers and Nutanix hyperconverged Infrastructure (HCI) as IT infrastructure team lead, overseeing 4 engineers.
• Established a full coverage of monitoring in US and UK environments using Solarwinds. Made sure critical HTTPS and other application monitors were established to send out alerts in timely manner and every metric of server resource were being recorded for performance and historic use.
• Created PowerShell scripts to automate and repeat procedures, including scheduled addition/removal of VM snapshots, WSUS parameter assignments and pushing out SNMP variables to Solarwinds clients.
• Overhauled monthly patch cycle by rolling out WSUS 2012 R2 in 3 separate sites in coordinated fashion, addressing a critical SOC1 audit item.
• Run daily standup meetings as a scrum master halping to organize and review projects and daily tasks using Microsoft VSTS kanban board. Document and coordinate incident reports and RCA's.
• Install and implement Vormetric DSM to encrypt data at rest (File server and SQL database) in Azure.
• Implemented DKIM/SPF/DMARC in multiple outbound email domains to ensure messages are delivered successfully and unfiltered by SPAM software.
• Created backup strategy for client data in Azure environment. Researched teh use of MARS agent and System Center DPM in Azure Recovery Vault for quick recovery and long-term archival strategy.
• Lock down servers' security parameters in compliance with Confidential 's security hardening initiatives as dictated by SecOps team using Nexpose security software and CIS scan tools.
• Successfully decommissioned Microsoft ISA proxy servers in Exchange 2010 environment by replacing them with an alternative solution in Citrix Netscaler. Implemented SSL Offload Virtual Server in Netscaler to allow continuous email flow to various mail clients including Microsoft Outlook, iPhone, Android and OWA. Managed day to day Exchange 2010 operation in 1000+ user environment.

Infrastructure Manager

Confidential- New York, NY

Responsibilities:

• Chief architect and manager of Infrastructure engineering team responsible for teh design, administration and operational support of TMP’s web products and corporate infrastructure. Ensure all TMP systems and services meet teh business requirements for high availability and optimal performance.
• Build, support and optimize TMP’s LOB application product made up of servers in co-located datacenter, firewalls, Netscaler load balancer, VMWare clusters, IIS and CDN (Akamai and MaxCDN).
• Chief designer and operations architect of a fast-growing server infrastructure running in Windows 2003 Active Directory spanning multiple continents and VMWare clusters with over 400+ virtual machines in Production, QA, DEV and Corporate environments.
• Implement email infrastructure for Company’s Job Alert system which averaged 700K outbound emails per day using SendGrid, SMTP servers, postfix, Port25 and secure email protocols SPF/DMARC/DKIM.
• Work in coordination with DBA team and datacenter to design, install and maintain multiple Windows SQL failover clusters and other standalone database servers critical to teh business systems.
• Design a centralized alert system to ensure status updates are covered for all critical systems, which include servers, network equipment and applications using Orion Solarwinds, EM7, AlertSite and IPMonitor. Generated custom application monitors in Solarwinds such as HTTP, SQL and Performance monitors to provide 360-degree coverage of critical business systems.
• Install, configure and troubleshoot linux servers (RedHat/CentOS) for postfix, SFTP, SSH and BIND.

Senior Systems Administrator

Confidential - New York, NY

Responsibilities:

• Chief Architect and engineer overseeing teh health and performance of teh company’s infrastructure.
• Administer VMWare infrastructure made up of 5 clusters, 40+ hosts and 400+ virtual machines managed through vCenter v4.1 and vSphere ESXi v4.1.
• Manage day to day operation of SAN and NAS devices. Create Storage pools, LUN’s and File Shares in EMC Clariion and Celerra devices. Create LUN’s and allocate them to teh appropriate ESXi and Windows servers using LUN masking and soft zones in Fabric switches. Manage SAN arrays for Windows Clustering, VMware suite and file shares.
• Oversee company’s web server operation with traffic ranging from 11 - 24 million hits per day using load balancers and server/network monitoring tools.
• Manage Windows 2008 R2 Cluster service on Confidential central database running across multiple nodes.

TECHNICAL SKILLSETS

Platform/Software/Systems: Microsoft Azure IaaS PaaS, Amazon AWS, Azure AD Connect, Microsoft WVD, Nerdio WVD Manager, Azure Migrate, Azure Site Recovery (ASR), VMWare VCenter v6.5, BitTitan, Solarwinds, AppDynamics APM, New Relic, MS Exchange 2013/2010, Microsoft Visual Studio Team Services (VSTS), Microsoft SQL Server, SCCM 2012 R2, SCOM 2007, Atlassian JIRA, Confluence, Mimecast, Alertlogic, Nexpose, Microsoft WSUS, PRTG, MRTG, Kiwi CatTools, ESET Antivirus

Operating Systems: Windows 2019/2016/2012/2008, Red Hat/CentOS Linux v7.x, v6.x, Debian GNU/Linux

Hardware/Virtual Appliance: Azure Cisco ASAv, Citrix Netscaler MPX 5500/8200, VPX, F5 BIG-IP v11.6, Juniper Netscreen SSG550, Nutanix, Cisco ASA 5550, Meraki MX250 firewall, Vormetric DSM v6, AlienVault (SIEM), RSA Secure Logon, Foundry BigIrons RX-8switch, HP ProLiant DL380 G3-G9, Dell EqualLogic PS6500ES, HP StorageWorks P2000, Dell Powervault MD3000, IBM BladeCenter S and H Chassis, EMC Clariion CX3-80, EMC Celerra, Netapp N5200, Dell PowerEdge, Cisco 2621 router, Meraki MR42 AP

Scripting and Programming Languages: PowerShell, Windows shellscript, C#