TECHNICAL SKILLS:

• Network Architecture/Design
• Windows 3.x/95/98/NT/ME/2000/XP/2003/Vista/7/8.x/ 10/2008/2012
• Linux/Unix - CentOS/Fedora/RedHat/Ubuntu/HP-UX/Solaris/Mac OS X
• Active Directory/Novell eDirectory/LDAP/eTrust/PKI
• Exchange 5.5/2000/2003/ 2007/2010/2013 Setup & Administration
• VMware (Workstation 1 - 11)
• ESX Server/vSphere 2.5 - 6.x HA/DRS/Vmotion/SRM/NSX/VDI
• Microsoft Hyper-V/SCVMM 2012 / Citrix XenApp/XenDesktop Server 5-7.x
• Microsoft Clustering (Quorum/Majority Node Set)
• SQL 2005/2008/2012 - Oracle 10g/12c
• Microsoft Office Communications Server 2007/MS Lync 2010/Skype for Business
• Blackberry Server 3.6 - 4.1
• SharePoint Services 3.0/SharePoint Server 2007/2010/2013
• Maintenance/Troubleshooting Dell/HP/IBM/Cisco/F5 products
• RAS/VPN/SAN/NAS/VOIP
• MOM 2003/2005/SCE/SCCM-SCOM 2007/SCCM - SCOM 2012

PROFESSIONAL EXPERIENCE:

Confidential, Washington, DC

Senior Systems Engineer

Responsibilities:

• Day to day activities included Active Directory and Exchange 2007 Account creation, deploying patches and updates using SCCM 2007, adding Pre-boot users to the Check Point End Point Security Console, adding wireless MAC Addresses to the Aruba Wireless Network Infrastructure, deploying virtual servers using VMware vCenter 5.5 and vSphere 5.5 along with any other ticket that may be placed in my ticket queue and also well versed in cloud.
• The organization is currently deploying new HP ZBook 15 U G2 Laptops to replace an aging Dell Latitude Laptop 6 400-643 0 Series environment.
• Currently prepared 1 to 2 new HP ZBook Laptops a day or so to deploy to users within the organization.
• Currently creating a new Windows 7 Image that will be used to test Benchmarking for the next round of purchasing for the new HP ZBook 15 G3 that may take place.
• This consists of using tools such as Microsoft MDT and DISM.
• Currently tasked with testing and implementing a Proof of Concept for the use of Microsoft BitLocker that management may select as a replacement for an ageing Check Point End Point Security environment.
• This includes creating BIOS packages that can be deployed to existing workstations already in the field using Dell Command Configure Wizard and HP BIOS Configuration Utility to enable BIOS Admin Password as well enabling the TPM Chip to be used in conjunction with BitLocker.
• Created a SCCM Task Sequence that automates the process of decrypting from Check Point Full Disk Encryption and re-encrypting to BitLocker. This SCCM Task Sequence allowed management to be able to decrypt and re-encrypt the entire organization overnight versus the use of man power to visit each workstation to manually decrypt and re-encrypt. The organization currently uses a workstation auditing product called IT Auditor.
• Recommended to management that using Microsoft Network Policy and Access Services could provide a more robust alternative to the current product in use. Management liked the recommendation and is moving forward with the idea.

Confidential, Bethesda, MD

Sr. Systems/Network Engineer

Responsibilities:

• Managed the Windows 2012 Server Hyper-V infrastructure using System Center Virtual Machine Manager 2012 along with the standard Hyper-V MMC to ensure the Hyper-V virtual fabric was functioning correctly. This also included creating new virtual networks using Hyper-V Logical Switches.
• Also managed the VMware vSphere 5.5 infrastructure using the VMware VI Client to connect to vCenter.
• Ensured the VMWare virtual networks were functioning correctly using VMware NSX. This also included creating new virtual networks using VMware NSX and cloud technologies.
• The various versions of Linux were managed with the either GNOME or KDE (Web Servers).
• Day to day activities included VM creation, VM Monitoring, Active Directory and Exchange 2010 Account creation and any Tier 3 trouble ticket that may have been placed in my ticket queue.
• Upon arriving at Confidential they were behind in their PCI Compliance because of out of date firmware for their LSI HBA being used within the HP ProLiant Blades, out of date IBM SDDM SAN Connectivity Software and also because of out of date Hyper-V Integration Services.
• Tasked with coming up with a solution to patch and update all of the affected systems to meet PCI Compliance.
• LSI or IBM didn’t offer a solution to automate the update process for such a vast geographically dispersed infrastructure. Geico does business in all 50 states as well as internationally.
• Accomplished this goal by modifying PowerShell Scripts from the Microsoft TechNet Gallery to suit the needs of my task and also incorporating the use of tools such as the Microsoft Devcon Utility.
• Used the modified PowerShell Scripts along with the Devcon Utility to drain a Hyper-V Host in a cluster to update the Redundant Path LSI HBA by injecting the driver’s one path at a time to prevent a complete SAN outage to each ProLiant Blade while also updating the IBM SDDM SAN Connectivity Software simultaneously. Also used Microsoft SCCM to deploy the updated Hyper-V Integration Services to the affected VM. After the completion of the maintenance window Confidential was PCI Compliant.

Confidential, Rockville, MD

Sr. Systems/Network Engineer

Responsibilities:

• Upon first arriving my first task was to come up with a solution to make their VPN solution (Juniper SA4500) meet the FISMA and FIPS compliance of two factor authentication while providing a 256bit encryption tunnel.
• Upgraded the firmware of the Juniper SA4500 and ensured that OCSP (Online Certificate Status Protocol) was enabled to enforce PIV Card verification from the provider of the PIV Card (Entrust) while also verifying from Active Directory using Certificate Name Mapping.
• Also enabled Juniper Host Checker to verify that a user is using an authorized FHFAOIG computer to connect to the VPN. This was done by checking domain validation of the computer plus searching for the MD5 Hash of a hidden file placed on every domain computer to help prevent any type of spoofing. The new Juniper Junos Pulse VPN Client was deployed to every domain computer using SCCM 2012 to complete the tasks and cloud technologies.
• Created a custom package using VB Script that allowed the user to delay the installation 3 times before forcing the VPN Client to install on the laptops that were running Windows 7 Enterprise.
• Created PowerShell scripts that automated the process of providing a daily Office 365 “Non Owners” report to upper level executives to ensure them that no unauthorized person was accessing executive email.
• Created PowerShell scripts that automatically disabled user accounts if the account hadn’t been logged into in the last 30 days and created 2 new Windows Server 2012 R2 Domain Controllers on a Hyper-V Cluster to replace the aging Windows 2008 Servers. This included raising the Domain and Forest Functionality Level from Windows 2003 to Windows 2012 ; while ensuring the correct placement of FSMO Roles and that Global Catalogs were communicating and replicating properly. Raising the Domain and Forest Functionality Level helped resolved some Microsoft Lync connectivity problems with calls and client connectivity while also improving Active Directory Federation Service Replication (ADFS, Single Sign-On) with Office 365. FHFAOIG decided to move from Dell 6420 Latitude Laptops running Windows 7 Enterprise to the new Microsoft Surface Pro 3 Tablet running Windows 8.1 Enterprise.
• Responsible for creating the .wim (Windows Image) file that would be used within the entire agency. This was completed using such Microsoft tools as MDT, AIK and was tested to ensure that it met FISMA and FIPS Compliance for 256bit encryption using BitLocker (MBAM 2.5 Client). FHFAOIG was using PXE Boot to image laptops from their SCCM Server. That process took about 90 minutes to 2 hour per laptop. I created stand alone bootable USB thumb drives that housed the approved image to be used. This allowed for a Microsoft Surface Pro 3 Tablet to be booted from a USB thumb drive and imaged with the corporate image in less than 10 minutes. The migration also included setting up a State Migration Point on the SCCM Server to collect user data using USMT from their old laptops to be placed on the new tablets. 180 users who are geographically dispersed (NY, MI, CA, FL, etc) were migrated from Dell 6420 Latitude Laptops to Microsoft Surface Pro 3 Tablets in 4 months.
• Created a .wim file to be using for the FHFAOIG deployment of “Windows To Go” using Imation Iron Keys for a Disaster Recovery solution. The bootable Iron Keys allows for an employee to walk up to any computer with an Intel or AMD processor that allows booting from a USB Device to be turned into a FHFAOIG workstation running its OS from the USB Imation Iron Key.
• Day to day activities include providing Tier 3 support to the Help Desk, Assist with Office 365 Support (SharePoint sites, Workflows, InfoPath Forms, etc), Preparing the SCCM Server for monthly patching of MS applications as well as Java, Adobe Flash, etc, keeping the FHFAOIG Windows 8.1 image up to date with the latest OS and software patches, Dell EqualLogic maintenance to ensure that retention policies for Hyper-V Snapshots as well as Volume Shadow Copies are being met and duties as assigned.

Confidential, Vienna, VA

Responsibilities:

• Migrated Citrix XenDesktop 5.6 to Citrix XenDesktop 7.1.
• This included installing Citrix XenDesktop 7.1 onto new HP Blade hardware, setting up new Desktop Delivery Controllers (DDC), configuring Citrix XenDesktop Policies, setting up the new StoreFront to be used to provide Single Sign-on (SSO) for users on the classified and unclassified domains using Citrix Receiver, exporting and importing existing vm into the new Citrix XenDesktop environment and creating a new master image to utilize with Machine Creation Services.
• This also included setting up the local desktop for users to use the HP t520/Raytheon Thin Client to boot from Citrix XenDesktop 7.1 to utilize the new virtual infrastructure over a thin client on the classified domain.

Confidential, Arlington, VA

Responsibilities:

• Worked on a short project while at Confidential for the Confidential to consolidate its printer pool into a manageable dash board.
• The Confidential didn’t want to use HP Web JetDirect Admin because of all of the required ports that needed to be opened to pass through the firewall, because of the connection limits of HP Web JetDirect Admin (Only 100 or so connections per installation, more OS licensing required per installation) and because there were various models of printers outside of HP.
• The Confidential wanted to see if this could be done using SNMP v3 which would only require 2 ports to be opened within the firewall (161,162) and System Center Operations Manager (SCOM)
• The project included creating SNMP Traps to monitor the massive amount of printers that the Confidential has.
• The task included importing the Management Information Bases (MIB) for each model of printer in use at the Confidential .
• Creating an alert to tell when each printer was jammed, out of paper or out of ink.
• Completing this task allowed for an email to be sent to the appropriate department to handle the printer problem and also allowed for a real time dash board to be displayed in a web browser using SQL Reporting to be able to take preventive measures.

Confidential, Washington, DC

Responsibilities:

• Setup a Windows Deployment Server for the Help Desk to use to image new equipment. Enabled PXE Boot within DHCP to allow new equipment to be booted from its NIC to be imaged.
• Cleaned up Active Directory to remove old metadata from failed install attempts of SMS and SCCM 2007. Setup SCCM 2012 to be used for patch deployment, software deployment and used for migrations from Windows XP to Windows 7.
• Created a Windows 7 image and uploaded to the new SCCM to be used as a standard image to deploy and also to be used during migrations.
• Also uploaded all driver packs for each different piece of equipment that Ex-Im Bank uses within the organization.
• Setup Group Policy within Active Directory so each new computer joined to the domain would automatically get the SCCM Client installed on it. Removed all old SMS Clients and SCCM 2007 Clients from workstations and installed the new SCCM 2012 Client.
• Showed Help Desk team how to use the new remote tools within SCCM.
• Assisted in architectural design of the Cisco ISE setup and also provided architectural design support of the Dell EqualLogic SAN deployment.
• New tasks are handed out almost daily.

Confidential, Falls Church, VA

Sr. Network/Systems Engineer

Responsibilities:

• Tasked in a three person team environment with five objectives. Those objectives are to migrate from an aging Dell hardware infrastructure, Upgrade Software, Devise a Disaster Recovery Plan and Review Security Log Retention Policy for audit purposes and to provide day to day support to the network infrastructure.
• Recently migrated all aging Dell hardware that was running VMware ESX Server 3.5 to the newer Cisco Unified Computing System using the 5100 Series Blade Server Chassis, the UCS B Series Blade Servers along with the UCS 6120XP Fabric Interconnect. The task included using Cisco UCS Manager to configure all blade servers for SAN connectivity to an EMC CLARiiON CX4 Series SAN. (i.e., configure WWN and provide redundant fabric paths,) The task also included installing VMware vSphere 5.0 in a High Availability Cluster (HA) onto the new Cisco USC infrastructure, powering down vm’s and removing them from inventory in the old Dell VMware ESX environment using vCenter and adding them to the inventory on the new VMware vSphere 5.0 environment.
• Worked with other team members and ISP’s to provide a 1GB link to the Disaster Recovery Site located in Baltimore, MD (Canton) which will house the Disaster Recovery Server.
• Worked with RSA enVision to standardize on Security Log Retention Policy.
• Occasionally use BMC IT Service Support (Magic) to help out Client Services (Tier 2) with the creation of Active Directory Accounts, Exchange mailbox creation along with patching and configuration using System Center Operations Manager and System Center Configuration Manager. (This is a “Jack Of All Trades” environment that deals with Faculty as well as Students)

Confidential, Baltimore, MD

Responsibilities:

• Worked at Confidential on a 6 week contract to help provide remediation support to meet FISMA compliance from Confidential ’s yearly FISMA Audit.
• These duties included patching Clustered VMware vSphere 4.0 Servers, Virtual Clustered Linux Servers and Virtual Clustered Windows 2003/2008 Servers that provide the platform from which the Certification Tests are ran from and administered. (i.e., MSCE, CISSP, Security +, etc.).
• These duties also included rescanning the network using Nessus & Retina to ensure that patches were applied correctly and that no vulnerabilities could be found to meet auditor requirements.

Confidential, Washington, DC

Responsibilities:

• Responsible for the day to day management of the Confidential ' infrastructure and messaging system which includes Active Directory, Exchange 2007 and GroupWise.
• Also responsible for the management of the Confidential ' virtual environment which includes vSphere 4 along with Windows 2008 Server Hyper-V. Day to day activities consists of creating new user accounts within Active Directory along with new mailboxes on both Exchange 2007 as well as GroupWise (GroupWise is used for overseas accounts), deleting accounts for departing employees, managing distribution groups, ensuring that Exchange Databases are performing at optimal performance, providing health, performance and integrity reports.
• Tasked with providing analysis of which virtual environment, vSphere or Hyper-V would best suit the Confidential ' move to a virtual environment. The task included standing both virtual environments up, devising a Disaster Recovery Plan to enable recovery at Camp David using VMware Site Recovery Manager along with Symantec NetBackup for Windows 2008 Server R2.
• The task also included working with other team members to install Exchange 2010 in a test bed virtual environment for the purpose of testing and preparing for an Exchange Migration from Exchange 2007 and GroupWise to a Native Exchange 2010 environment using Quest Software GroupWise Migrator for Exchange.

Confidential, Arlington, VA

Sr. Network/Systems Engineer

Responsibilities:

• Moved all of the company’s internal network from old hardware (several Gateway PIII GP7-600 & Dell Optiplex G1) to newer equipment (3 Dell Quad Core PowerEdge 2900 III).
• This move included setting up 3 VMware ESX 3 Servers on the new Dell servers to run the network in a virtual environment.
• Migrated the current Windows 2003 Servers and Linux Servers from physical to virtual with all associated applications (i.e. Exchange, SQL, NetBackup, Spam Assassin, etc) to the new VMware ESX Servers using VMware Converter.
• Installed and configured SharePoint to connect to SQL 2005. Installed NetApp FAS250 for iSCSI integration with the VMware ESX Servers. Created an ESX Cluster using VMware’s High Availability (HA) along with VMware’s Distributed Resource Scheduler (DRS) that connected to the NAS for failover redundancy in the event of a hardware failure.
• Created a Distributed File System (DFS) to handle replication of data to file servers located in remote offices (Herndon & Manila). Setup what’s up Gold and Microsoft System Center Essentials for Exchange, AD, and SNMP monitoring. Upgraded all ESX Servers form ESX 3.x to vSphere 4 along with upgrading the current Virtual Center 2.5 to vCenterr Server 4.
• Setup VMware’s Site Recovery Manger 4.0 in a development environment using EMC’s Navisphere simulator (which includes MirrorView) and EMC’s CLARiiON simulator along with the appropriate Storage Replication Adapter (SRA) from VMware to devise and test a disaster recovery plan that could be implemented for Confidential as well as some of its customers throughout the United States.
• Upgraded all Virtual Machines from Windows 2003 Server to Windows 2008 Server which also include migrating from Exchange 2003 to Exchange 2007 . Installed Trixbox (Asterisk) using a Digium AEX410 on a Dell T110 to work in conjunction with Exchange Unified Messaging to provide an office IP PBX for phone and voicemail use.
• Setup Polycom Sound Point IP 300 phones to connect to the new Trixbox (Asterisk) phone server. Configured staff member’s cell phones to work with Exchange Activesync (i.e. Android, iPhone, Windows Mobile) to provide mobile messaging.
• Setup Microsoft Office Communication Server 2007 R1 along with SQL Server 2008 to provide office chat using Microsoft Office Communicator and also so that presentations and collaborations can be done offsite with clients as well as staff using the Microsoft Live Meeting Client.
• Periodically traveled to customer sites throughout the United States to ensure that the customer’s network meet FISMA compliance. This was done using tools such as Web Inspect, Retina and Nessus along with CISSP best practices.

Confidential, McLean, VA

Sr. Network/Systems Engineer

Responsibilities:

• Confidential was in the process of being spun off by its parent company Invitrogen. Provided architectural design support to devise a plan on the best way to sever links from Confidential ’s parent company.
• The team decided that severing the WAN link to Invitrogen and using ntdsutil to manually seize the FSMO roles to the Domain Controllers located at Confidential and then use Microsoft’s domain renaming tool (rendom.exe & gpfixup.exe) would be the best course of action.
• The team upgraded all Windows 2000 Servers to Windows 2003 Server to prepare for this transition. Installed an Exchange 2003 Server to handle the migration of user email accounts from an older Exchange 2000 Server. Installed a NetApp FAS3000 for storage needs.
• Since Confidential relied heavily on Microsoft SharePoint and Microsoft SQL 2005 we insured that all needed service accounts and groups along with SharePoint sites would not be affected by the seizing of FSMO roles. Used Active Directory Sites and Services, ADSIedit as well as ntdsutil to manually remove any old metadata that may have still been held within Active Directory pertaining to the old parent companies (Invitrogen) Domain Controllers.

Confidential, Washington, DC

Responsibilities:

• Worked with WRI employees to devise and implement a plan to migrate their old Novell Netware environment to a Microsoft environment.
• Implementing the plan included setting up several Windows 2003 Servers for Active Directory, DNS, DHCP, IIS and Exchange. Setup NetApp FAS2000 for storage.
• Migrated all data from old Netware File Servers to the NetApp FAS2000. Migrated user accounts from Novell NDS to Active Directory using ADMT.
• Performed desktop migrations using USMT and GroupWise Migrator from Quest Software to convert GroupWise Archives to Outlook .pst files.
• Migrated user email accounts using Exchange Server Migration Wizard. Setup one VMware ESX 3.0.1 Server to handle virtual lab requests. (150 users)

Confidential, Arlington, VA

Responsibilities:

• Provided Tier 3 to Tier 1 technical support to a growing international company. This included connecting new office locations to the main office by setting up site to site VPN connections using Cisco ASA5520 Adaptive Security Appliances.
• Decommissioned an ageing WatchGuard Firebox 1000 Remote VPN solution and configured a Cisco 3000 VPN Concentrator for remote connection for people who tele-commute and field workers.
• Installed and configured a “Managed” anti-virus solution using Symantec System Center along with Symantec Anti-Virus Client.
• Created a standard desktop & laptop image to be used company wide. Created user accounts in Active Directory.
• Monitor the health of other systems such as DB2, SQL, Exchange, etc… Installed and configured several IBM Blade Center H Chassis.
• Configured the Cisco Integrated Gigabyte Ethernet Module for use within the chassis. Installed HS21 blades within the chassis. Ensured that all firmware was up to date within the Blade Center configuration. (Bios, Management Module, Cisco IOS, etc…) Setup the HBA’s on the blades that required SAN storage by connecting them to a Dell CX300 (EMC CLARiiON CX300).

Confidential, Arlington, VA

Responsibilities:

• Tasked with the migration of the Confidential ’s infrastructure from older hardware to new IBM LS20 Blades running VMware’s ESX Server in a virtual environment. This includes using tools such as PlateSpin’s PowerConvert as well as VMware’s P2V and Acronis’ True Image Enterprise Server to take an image of the current platform running on the old hardware (Win 2000/2003) and deploying that image to a VM on a VMware ESX 3.0 Server running on an IBM LS20 Blade.
• Also responsible for assigning storage to the HBA’s of the ESX Servers from an EMC CLARiiON CX700. This included using EMC’s Navisphere with MirrorView to setup a mirror for redundant storage from the Confidential to Camp David its remote site for disaster recover using 100MB pipe in Synchronouse Mode.
• Worked in conjunction with F5 employees to setup BIG IP Load Balancers (LTM & GTM) to insure Quality of Service (QoS) for the disaster recovery plan as well as other high profile applications and protocols (SMB, UDP, TCP, etc…)
• Also setup a beta version of VMware’s Site Recovery Manager 1.0 (SRM was still in its infancy and not as robust as SRM 4.0 is today) to maintain synchronization between the production ESX Servers and the remote ESX Servers at the disaster recovery site to insure a quick recovery in the event of a disaster.
• Responsible for insuring that the new VM’s that were placed within the virtual environment were still interacting correctly with Active Directory before the old hardware was to be decommissioned and sent to surplus. All virtual environments were monitored using VMware’s Virtual Center 2.0.

Confidential, Washington, DC

Sr. Network/Systems Engineer

Responsibilities:

• Responsible for devising a plan for the IRS to consolidate and migrate its older systems to a more modern infrastructure. This consolidation consisted of consolidating older Dell and Compaq servers to a newer HP ProLiant Blade Server architecture running VMware ESX Server.
• The migration consisted of migrating older Windows NT and Windows 2000 systems to the newer Windows 2003 Server running as VMware Virtual Machines on the new HP Proliate Blade Servers. Provided technical support for the configuration and testing of Computer Associate’s Site Minder 6.0, Microsoft’s Identity Integration Server 2003 and Microsoft’s Active Directory Federation Services (ADFS) to help the IRS devise a plan for a Single-Sign On (SSO) solution for its customers and employees which included setting up MIIS on a Windows 2003 Server that had SQL 2005 installed on it running in a virtual environment on VMware’s ESX Server.
• Configured all aspects of the MIIS to communicate with other LDAP Network Operating Systems that the IRS was using. (35,000 users)

Confidential, Fairfax, VA

Sr. Network/Systems Engineer

Responsibilities:

• Responsible for migrating the medical branch of the Confidential from an aging Windows NT 4 Server infrastructure to the more modern Windows 2003 Server platform. This includes migrating user accounts and computer accounts using Microsoft’s ADMT (Active Directory Migration Tool).
• Installed Microsoft Host Integration Server 2004 to connect to an IBM AS/400 which provided password synchronization and application usage. Installed Host Integration Client on local computers for connection to IBM mainframe.
• Responsible for the up keep of the Microsoft Exchange Clusters which included using ESEUTIL.EXE and ISINTEG.EXE and other utilities to insure that the Exchange databases weren’t corrupt.
• Updated domain workstations using Windows Software Update Service for patch deployment and System Management Server 2003 for application deployment and asset management.
• Worked directly with Microsoft and other team members to migrate all mail servers and user mailboxes from Exchange 5.5 to Exchange 2003 using ADMT, EXMERGE.EXE and scripts. (27,000 users)