SUMMARY:

• Over 10 Years of enterprise active directory administration, implementation and security experience.
• Experience Cisco routing, switching, and security configuration, implementation, and design.
• Extensive experience with all Windows Server operating systems, network services, and systems administration.
• Active Directory deployment, migration, and administration experience in multiple environments.
• Vast knowledge of virtualization technologies from multiple vendors and configurations
• Broad knowledge of network & information security practices based on various ISO, NIST, SANS, and regulatory requirements.
• Ability to learn new technologies quickly, lead teams, and become the SME in various areas.

TECHNICAL SKILLS:

Operating Systems: All Windows clients, Windows Server R2, Linux/Unix

Networking: LAN/WAN, TCP/IP, DNS, DHCP, WINS, IIS, Active Directory/LDAP, Microsoft Exchange, OSPF, EIGRP, RIP, 802.11 wireless.

Security: AAA, VPN, Firewalls, IDS/IPS, vulnerability scanners, DLP, SIEM, NAC, 802.1x.

Hardware Platforms: Cisco Catalyst 3550 & 6513 layer 3 switches, Cisco 3845, 7613, 12416, and CRS - 1 routers. Juniper MX960, T640 routers, Cisco ASA, Checkpoint firewalls.

Admin Skills: Symantec Endpoint Protection, Active Directory/LDAP integration, Powershell, vbscript, Quest Active Directory tools (migration, powershell, etc).

Security Standards: ISO 27000, NIST 800, SANS CSC, ANSI (RBAC), HIPAA, PCI, & SOX compliance.

PROFESSIONAL EXPERIENCE:

Confidential

Windows Systems Engineer

Responsibilities:

• Assisted in Active Directory clean up projects that included securing AD, DNS, and limiting administrative access
• Integrated Active Directory with various enterprise applications
• Created powershell scripts to automate the provisioning and deprovisioning of AD accounts.
• Managed AD health and performance and responded to level 3 related incidents

Confidential

Sr. Systems Engineer

Responsibilities:

• Performed AD CS administration for projects required strong encryption and based authentication
• Created powershell scripts to provide automation and reporting on Active Directory and system health
• Responsible for GPO creation, troubleshooting and administration to ensure adherence to corporate security standards.
• Implemented Active Directory security controls to enhance the organizations security posture by following best vendor and industry best practices.
• Worked on Active Directory domain consolidation project to implement a centralized administration model.
• Created secure baseline configurations using the Microsoft Security Compliance Manager

Confidential

Active Directory Engineer

Responsibilities:

• Managed AD FS infrastructure for multiple customers
• Created powershell scripts for system integrations and customer reporting
• Managed DNS, DCHP, and AD CS for multiple customers

Confidential

Information Security Architect

Responsibilities:

• Lead architect on the corporate PCI-DSS compliance project
• Responsible for designing, deploying, and managing AD LDS environment for LDAP authentication
• Lead architect on vulnerability and patch management projects to ensure compliance with federal and industry security best practices
• Lead architect on creating secure baseline standards for Windows operating systems (Window XP, Windows 7, Server 2003, Server 2008/R2, Server 2012).
• Lead architect on Complex Password Enforcement project which included strengthening passwords for Active Directory and other critical enterprise systems
• Lead architect Active Directory integration projects which integrated key enterprise applications with the AD environment to ease with deprovisioning of accounts and reduce the number of user credentials required to access key clinical systems
• Created multiple powershell scripts to assist in AD cleanup, AD provisioning/deprovisioning, and AD reporting to present to executive leadership.

Confidential

Active Directory Architect

Responsibilities:

• Created a naming standard for Active Directory objects (workstations, servers, groups, sites, OU’s) using various international standards
• Redesigned the site and subnet infrastructure to ensure speedy AD replication and service location within Active Directory
• Redesigned the OU structure for better delegation and group policy inheritance
• Migrated and upgrade LDAP aware applications to ensure service availability in the new Domain structure
• Extended the AD schema and added custom attributes to allow Active Directory to be the central repository for all authentication throughout the enterprise.
• Secured the AD infrastructures using Microsoft guidelines and best practices
• Upgraded the environment from R2.
• Performed an extensive Active Directory cleanup which included retiring legacy applications and servers, cleaning metadata from the AD database, removing empty stale groups and accounts from the directory, and provided detailed reports to management about the environment.

Confidential

Security Administrator

Responsibilities:

• Created a secure baseline configuration for Windows XP/7 clients and (2003/2008 R2) servers using extensive use of Active Directory group policy objects and security templates.
• Reorganized the AD structure for effective group policy inheritance.
• Provided guidance for securing IIS, DNS, DHCP, and Exchange servers in the data center
• Deployed and configured Symantec DLP for ensuring the confidentiality of data leaving the network
• Ensured the secure transmission of data to 3rd parties by using strong cryptographic algorithms and ensuring their proper implementation
• Secured network infrastructure components (routers, switches, firewalls, VPNS) by configuring secure methods of communications throughout the network (ARP inspection, DHCP snooping, etc).
• Created and deployed a patch/vulnerability management program for all Windows based clients and servers.
• Extensive Windows servers and Active Directory troubleshooting.

Confidential

Information Security Architect

Responsibilities:

• Designed the PKI implementation and security parameters for key LDAP applications.
• Supported TACACS+ using Cisco ACS Server for AAA services.
• Deployed an enterprise whole disk encryption solution to as part of the data loss prevention strategy.
• Performed successful migration from AD R2 as well as schema upgrade and modification.
• Worked daily in Active Directory for object creation and created automated processes to help standardize user, group, Exchange, and computer object creation.
• Installing, Configuring and Troubleshooting Windows 2003 and 2008 servers
• Automated user creation using various scripting, web, and database languages with developers.
• Integral in securing an Identity & Access Management solution for user life cycle management.
• Worked with various integration projects around LDAP security and administration.
• Responsible for Checkpoint (R71, SPLAT) and Cisco ASA 5500 series maintenance, upgrades, and administration.

Confidential

Active Directory Consultant

Responsibilities:

• Troubleshoot domain migration issues during the project.
• Verifying Active Directory/LDAP aware applications such as Exchange, Office Communicator, & SharePoint were successfully migrated.
• Migrated core network services such as DNS and DHCP.

Confidential

Network Engineer/Project Manager

Responsibilities:

• Implemented AT&T VPN solutions for customer sites.
• Managed projects dealing with router and card life cycle for carrier level routers.
• Performed router provisioning and testing for Cisco 7613, 12416, 12418, and CRS-1 routers.
• Configured OC links ranging from OC12 to OC768 for testing, internet peering, and router defects.
• Worked closed with 3rd party vendors in the central offices to ensure proper fiber runs, cable labels, light levels, IOS image upgrades, and equipment testing were up to AT&T NOC specifications.
• Worked directly with Cisco in troubleshooting and RMA procedures for faulty hardware.

Confidential

Information Security Consultant

Responsibilities:

• Configured Checkpoint R60 and Cisco ASA appliances.
• Worked with various teams in deploying McAfee NAC appliance for all endpoint devices.
• Worked on the implementation of an 802.1x wireless infrastructure for secure authentication and network control.
• Was responsible for Identity management for Active Directory/LDAP accounts.
• Worked with the server team in redesigning the AD/LDAP structure for more efficient administration and heightened security.
• Was involved with testing the implementation of a complete identity management and user provisioning software package.

Confidential

Identity Management Engineer

Responsibilities:

• Responsible for managing the identity and user life cycle management (from account creation to deletion) for all network based applications.
• Approved/Denied access requests to various systems based on corporate policy.
• Responsible for provisioning Active Directory/LDAP, Exchange, Citrix, Linux, Unix, and Mainframe access and granting the necessary levels of permissions as they came in.

Confidential

Active Directory Deployment Architect

Responsibilities:

• Developed scripts used to integrate with the various applications for the SSO deployment.
• Deploying applications through Active Directory and group policy to sites on 5 different continents.
• Worked with local techs, the network services team, and end users for user acceptance testing for post deployment feedback.
• Tasked as the meeting facilitator and adjunct project manager for many of the deployments. Submitted change control requests, wrote technical documentation, and handled backup and restoration of custom applications and databases for the team.

Confidential, OH

System Administrator

Responsibilities:

• Managed the Checkpoint and Cisco PIX firewalls and VPN appliances to provide remote connectivity.
• Oversaw the day to day maintenance of Active Directory, Linux, UNIX, and Netware servers.
• Assisted in the migration from NT4/NDS to a 2003 Active Directory infrastructure.
• Migrated all file, print, antivirus, DNS, DHCP, & WINS servers to Server 2003.
• Responsible for developing a patch testing/management solution to increase network security and uptime of client’s as well critical production servers.
• Implementing Group policy objects for Windows Server Update Services
• Engineer, design and implementation of Microsoft Windows 2003 Active Directory Services for enterprise network management of users, computers, printers and all resources that are part of the organization.
• Extensive troubleshooting of Active Directory DNS, DHCP and WINS servers
• Was involved in integrating core network resources to utilize Active Directory as its authentication mechanism for simplified administration and a unified login process.
• Involved in a major network rollout from a Nortel to Cisco infrastructure including all edge routers and the core layer 3 switch.