SUMMARY:

• Senior Wintel Engineer / Architect with over 28 years experience in the IT field and a passion for utilizing technology to help any size company achieve its goals.
• Extensive experience in planning, developing, problem solving, and implementing information technology solutions to address business opportunities and needs while also staying within financial budgets.
• Develop strategic plans for wide - area implementation and operations of IT client services, product support, quality assurance, and employee training.
• Initiate and enforce controls, addressing current and changing company needs.
• An earnest desire to project a positive image through professional presentation and performance.

TECHNICAL SKILLS:

• Azure IaaS / Office 365
• VMware ESXi 4.x, 5.x
• MS Exchange - Multisite
• Public Key Infrastructure
• NetApp, iSCSI, FC
• Terminal Services / Citrix
• Windows Server, 2K-2012R2
• Needs Analysis and Planning
• Microsoft SQL 2008/2012
• Advanced Active Directory / GPO
• Network Enclaves

PROFESSIONAL EXPERIENCE:

Confidential, Richmond, VA

Solutions Engineer

• Various roles with different sized organizations implementing IT solutions
• PKI implementation for a 22K seat organization
• Enterprise Wide Scanning of SHA1 certificates on Window and Unix systems
• Classification based off external or internal trusted roots
• Lifecycle Management of Certificates using 3rd party tools
• Email notifications
• Scheduled reports
• Continual scanning to ensure integrity and utilization of correct certificates
• SSL Certificate Template Management and governance
• Code Signing and Time Stamp Governance
• OCSP and CRL implementation and monitoring
• Implementation of Certificate CPCS and Enterprise OID
• Multiple Level of Assurance
• Cisco ASA Integration for Digital Certificate support of Endpoint Identification
• Specific certificate types for VPN vs. Workstation authorization
• Zebra / Wi-Fi 802.X Support
• Multiple Key Lengths (4096 for top CA Tiers, 2048 for issuing CA and End Point Certificates)
• Office 365 migration for several small business
• Backup Infrastructure optimization for multi-site international organization
• De-duplication and Replication
• Site-to-site for Geo-Redundancy
• Alignment with business RPO and RTO goals

Confidential, Washington D.C.

• Re-Engineered and Upgraded hardware and Software of entire VMware Infrastructure
• Implemented vSphere 5.0, ESXi, HP/IBM Blade Chassis
• Zero Outage on running Guest VMs running across 72 Hosts
• Utilize VMware Resource Pools to ensure Memory and CPU availability for critical VMs
• ITIL Foundation Certification
• Designed, Implemented Boot-from-SAN for physical server use.
• Emulex 10GB HBA
• Implemented Snap Manager for Exchange, SQL, and SharePoint to reduce backup capacity footprint and required backup time window
• Implemented Microsoft Active Directory Federation Services as SAML Auth Provider.
• Migrated on-premise Exchange 2010 E-Mail Infrastructure to Office 365 with zero interruption to mail-flow and zero data loss
• Stood Up Azure IaaS Redundant Site for ADFS as well as Office 365 Directory Sync point.
• Designed and implemented Exchange 2010 Site-to-Site failover support
• 2 Site DAG Failover
• External Autodiscover, Outlook Anywhere, Activesync, Outlook WebApp
• Implemented Microsoft Forefront Unified Access Gateway (UAG) for Exchange 2010 protection
• Escalation point for problem resolution of “out-of-band” tickets and extenuating service issues
• Rebuilt internal Public Key Infrastructure (PKI) services using Microsoft Windows 2008R2 Certificate Services
• 3 tier approach with an offline Root CA and Policy CA
• Multiple Issuing CAs
• Robust CRL publications for 99.999 availability
• Introduction of OCSP for more advanced transaction based certificate verification
• Migrated Online Root CA to Offline, while maintaining trust chain
• Development of Governance on PKI utilization based on LOA (Levels of Assurance)
• Designed and implemented GlobalSCAPE Managed File Transfer system for external information sharing.
• Designed and Implemented Citrix Xenapp for External users using Netscaler Access Gateway, Web interface, Mobile Service Site, all using 2 Factor Auth
• Re-Designed and upgraded Active Directory Infrastructure to Server 2008 R2 using Server Core to reduce vulnerability exposure.

Sr. Windows Engineer, Windows Team Lead

• ITA-1 O & M Team Lead of new IT Infrastructure for FTC.
• Developed growth track for junior and mid engineers to enhance their skill set
• Coordinated staff coverage to meet contract obligations for the FTC
• Escalation point for problem resolution of “out-of-band” tickets and extenuating service issues
• Planned migration of NetApp CIFS Share to Windows 2008 DFS-N File Structure utilizing Windows Server 2008 Fail-Over Clustering and Server Core Installation.
• Ongoing management of NetApp 980, 2050, 3140, and 3170 Clustered Systems (200 TB raw capacity)
• Created initial Private Key Infrastructure (PKI) design for future implementation using Microsoft Windows 2008 Certificate Services and a 2 tier design approach with an offline Root CA and multiple AD integrated Issuing CAs
• Allowed inspection of SSL web traffic from internal endpoints
• Provided higher level of assurance for Secured Information Lab and remote management
• Laid groundwork for E-Mail SMIME / Digital Signature support
• Weekly usage of Nessus and Shavlik vulnerability/patch management and remediation tools
• Developed Active Directory naming convention for all new Server and documented existing naming standards used with User, Groups, Printer, etc. objects in the current AD tree
• Utilized the Remedy Helpdesk Ticket System for management of incoming trouble tickets and monitoring of ticket outcomes
• Integrated NIST SP-800 standards when appropriate to harden systems
• Resource management of 6 Windows Engineers to facilitate CEI phasing of ITA-1 Project.
• Inter-department liaison for various agencies at the FTC to coordinate needs for ITA-1 Design
• Designed, implemented, and managed 900 printer migrations from Windows 2000 to clustered Windows 2008 using a combination of PrintMig.exe and Printbrm.exe.
• Implementation and managed Exchange 2010 upgrade using DAG database mailbox server, redundant Hub Transport and Client Access servers
• Implemented updated Trend Micro for MS Exchange for Hub Transport and Mailbox Server Virus and attachment blocking management.
• Installed and managed clustered SQL Server 2005 on 3 physical nodes and 2 separate SQL instances for load balancing,
• Deployed Symantec Endpoint Protection 11 to new ITA-1 Servers and migrated settings from existing Symantec Corp Edition 10 installation.
• Deployed Microsoft Unified Access Gateway to secure external access to Exchange 2010 environment and test deployment of Microsoft DirectAccess for use with Windows 7 laptops.
• Implemented Boot-from-SAN utilizing iSCSI and 10GB Ethernet

Sr. Systems Engineer

• HP EVA6000 24TB SAN Environment, storage allocation and management.
• Utilized ESX VMware 3.x in Production, Lab, and DR environments, over 60 VM Guests OS in 5 node ESX cluster.
• Managed VM environment via VCenter and Putty. Utilized VMotion and Snapshots to safeguard data in VM Environment in conjunction with VMDK disks and RDM drives.
• Implemented RSA SecurID software and hardware token management via redundant servers for High Availability
• Managed 120 HP Proliant servers utilizing Windows 2000 to 2008 using Microsoft Operations Manager, HP Insight Management, and HP ILO interfaces.
• Revamped power distribution to double runtime utilizing existing APC Symmetra hardware
• Hummingbird DM 5.2 Document Management System
• AS/400 system support for accounting and legal time management system
• Optimized Group Policy usage for over 700 desktops and 120 servers
• Server and Desktop patch management utilizing SMS and WSUS
• Process documentation
• Multiserver Exchange 2003 and migration path to Exchange 2007
• Project lead for enterprise Active Directory re-design and Group Policy optimization
• Cisco PIX and Microsoft ISA WAN edge and DMZ firewall management.
• AS/400 system administration
• Deployed HP Insight Manager for server farm firmware, drivers, and support pack management
• WSUS for Windows server patch management
• Symantec Endpoint Protection 11
• Juniper 4500 VPN deployment and management
• File Access security planning and process definition utilizing AD security groups, group nesting, and denying rights when appropriate
• Designed and deployed clustered ISA Server 2006 to secure externally accessible OWA, ActiveSync, and Web based login to internal resources.

Project Manager / Consultant

• Provided AS/400 support for international accounting software division.
• Maintained several SMB client’s Windows networks utilizing Windows Server 2003.
• Coordinate and hosted training class for company employees utilizing PowerPoint and other tools.
• Cisco SMB Certified SMB product specialist - UC500 Platform
• Extensive VOIP / Telecom experience: T1, PRI. ACD, Multi-Site, Nortel BCM, Altigen
• Consultant Support for various exisiting client on AS/400 support and maintenance v4r2 to v5r1
• Boardroom presentation skills and leadership in regards to technology planning and education

IT Manager

• Worked with upper administration to guide and develop internal IS operations, general business needs analysis, and IT recommendations to improve workflow
• Software and hardware needs analysis, purchasing, and implementation.
• Contract evaluation and negotiations for equipment leasing, buyouts, and service contracts.
• Coordination with outside vendors, consulting arrangements, and service agreements.
• Implemented statewide Voice over IP Telephony network and advanced IP priority routing.
• Defined corporate information access security policy and procedures.Implemented Corporate CRM solutions for sales reps, electronic faxing, B2B deployment via WEB for sales order processing in pharmaceutical drug and supplies distribution.
• Purchased and implemented IBM AS/400 pharmaceutical solution for corporate centralization of dispensing, billing, and inventory management.
• Implemented asset management and deployment tools across statewide office WAN.
• Planned and implemented AS/400 based RX prescription and billing system for statewide Home Infusion practice.
• SetupTCP/IP routing using Static and other routing protocols across statewide network for direct access to AS/400.
• Implemented secure remote access via Linux platform to AS/400 for on-call staff and medical personnel
• Daily maintenance of AS/400 included SST, Journaling, IBM service packs and cumulative service packs
• Implemented security auth lists for restriction of access to certain libraries vie telnet sessions and ODBC
• Performed vendor application updates and interfaced with IBM for hardware and software support
• Utilize Query 400 for minor database reporting
• Integrated AS/400 into Windows network
• Implemented Novell Netware 4.0 and integrated 9 remotes server across IP and IPX WAN environment.
• Provided Networking and System Admin for Enterprise NDS structure
• Successfully integrated and migrated from Netware to Microsoft Active Directory
• Implemented Citrix Terminal Services for secured access to medical resources. Provided secured remote access for on-call pharmacist and billing specialist to medical records