SUMMARY:

• As an IT PRO / IT Generalist, I am comfortable across a wide range of technologies, and the last 25 years spent in many roles such as Platform Engineer, Network Operations Engineer, Senior Network Engineer, Project Manager, and Technical support manager my goal is to serve in a position where my abilities and excellent work ethic can positively impact an organizations Information Technology infrastructure and Information Security posture. In the performance of these duties
• I have gained several certifications: Certified Information Systems Security Professional (CISSP, DOD 8570 IAT/IAM Workforce level III Technical qualification), Security Certified Network Architect (SCNA, DOD 8570 IAT Workforce level III Technical qualification), Microsoft Information Technology Professional: Enterprise Administrator (MCITP: EA 2K8), Microsoft Certified Systems Engineer: Security Specialization (MCSE: Security 4.X/2K, 2K3), Microsoft Certified Systems Engineer (MCSE 4.X/2K, 2K3), Novell Certified Administrator (CNA 4.X & 3.X), Citrix Certified MetaFrame Administrator (CCA), CompTIA Linux +, Clearance: DOD Secret clearance (inactive 3/2016).

TECHNICAL SKILLS:

Security: PKI, Authentication (SASL, GSSAPI), NSA/DISA STIGS, patching/remediation, auditing, Retina, Nessus, Bastion host.

Active Directory: Best practice, RBAC, GPO, AGPMC, DNS, DHCP, WINS, DFS, RODC, Core, single sign - on, and PowerShell.

Platforms: Active Directory, Windows, Windows Server 2016 (2012 R2, 2008 R2), Linux (RedHat, CentOS, Slackware).

Virtualization: Microsoft Hyper-V, VMware, resource scaling, monitoring, iSCSI, SAN, MPIO, replica, clustering.

Project Management: Enterprise implementation, Team leadership, Governance and policy, mentoring, 30+ direct reports.

Networking: Cisco, VLAN, Fiber, TCP/IP, Switches, Routers, Load Balancers.

PROFESSIONAL EXPERIENCE:

Platform Engineer / Active Directory Architect

Confidential, Reston, Virginia

Responsibilities:

• Subject matter expert providing design, technical solutions, troubleshooting, and remediation for engineering teams: Platform, InfoSec, Risk Assessment, Operations, application and software development, as well as business units, project managers, and senior management.
• Supported environment is a multibillion dollar network with services hosted on diverse platforms including Windows, Linux (various), AIX, UNIX (various), Oracle, and VMware. Services are On/Off premise, hybrid cloud, DR, HA. The current Active Directory forests are NT styled single forest/single domain with a flat OU topology hosting all production and non-production activities.
• Principle projects involving the modernization of Active Directory practices, 2012 R2 forest upgrade and platform deployment; environment segregation of mission critical services, production and non-production activities; DISA STIG implementation for all environments.
• Prototype the upgrade of the in-house PKI infrastructure across all internal Active Directory Forests. Evaluate and scale up the existing Active Directory implementation to match the growing needs of the organization. Upgrade the Active Directory Federated Services implementation to current release. Design and document baseline security configurations and software.

Platform Engineer / Active Directory Architect

Confidential, Reston VA

Responsibilities:

• Subject matter expert providing design, technical solutions, troubleshooting, and remediation for engineering teams: Platform, InfoSec, Risk Assessment, Operations, application and software development, as well as business units, project managers, and senior management.Supported environment is a multibillion dollar network with services hosted on diverse platforms including Windows, Linux (various), AIX, UNIX (various), Oracle, and VMware. Services are On/Off premise, hybrid cloud, DR, HA. The current Active Directory forests are NT styled single forest/single domain with a flat OU topology hosting all production and non-production activities.
• Principle projects are to modernize Active Directory practices, 2012 R2 forest upgrade and platform deployment; environment segregation of mission critical services, production and non-production activities; DISA STIG implementation for all environments.

IT Pro / Consultant

Confidential, Rockville, Maryland

Responsibilities:

• Care and feeding of a 200 server infrastructure comprised of Virtual and Physical hosts.
• Implement a rigorous schedule of patching and remediation using Windows Server Update Services.
• Machine configuration hardening through the use of Group Policy Object’s and PowerShell scripting.
• Testing multiple products and deploying a cloud based endpoint protection suite replacing an existing older inferior product network wide.
• Deploying a cloud base office suite (O365) replacing multiple versions of existing legacy office products.
• Help with standardizing all phone systems on Shoretel VOIP network wide.
• Create system to image and standardize new workstations, laptops, and the distribution of software using Windows Deployment Server.
• Prototype and implement a standard cloud based help desk / ticketing system.

Network Operations Engineer

Confidential, Carderock, Maryland

Responsibilities:

• Responsible for directing the day-to-day operation and maintenance of a 4500 user Research Development Testing and Engineering (RDT&E) LAN / WAN. Managing up to ~40 direct reports.
• Interface with government personnel to achieve a quick turnaround on projects and trouble issues.
• Manage and direct the efforts of a large staff, comprised of: Helpdesk, Mainframe computer operations, Senior Network technical staff, Network technicians, VTC technicians, and Network Infrastructure installation crews.
• Technical Lead on all Information Assurance efforts affecting NSWCCD Microsoft Windows based infrastructure.
• Scanning, Compliance Auditing, and Remediation of servers and desktop workstations.
• Create Standard Operating Procedures for the network staff and the user base in general.
• Implementing Security Technical Implementation Guides (STIGS) per DOD guidance.
• System hardening and bastion host configuration for public facing DMZ computer systems.
• GPO creation to harden systems in the enclave and ensure compliance with Navy guidance.
• Response to Network and Computer security incidents.
• Design and implement Windows 2008 Core Domain Controller (RODC) for installation in the DMZ perimeter network to securely extend Active Directory controls.
• Technical Lead on all enterprise level tasks, for example:
• Orchestrate a team of Microsoft, Linux, VMware, and Cisco professionals to achieve solutions that cross skillset and training boundaries.
• Migration of Windows NT Master/Multiple Resource domain to a Consolidated Windows 2003 Active directory Forest with pass through authentication from the NMCI network.
• Design and Implement Microsoft Hyper-V based production replica network test lab.
• Design roll out of Windows Server 2008 Active Directory upgrade.
• Roll-out of Navy mandated PKI Common Access Card (CAC/Smart Card) infrastructure using DISA certificates. Efforts included engineering a local CRL caching solution, due to bandwidth constraints on the DISA network.
• Deploy Tumbleweed OCSP infrastructure via GPO software pushes.
• Implement, maintain and help engineer the NMCI network infrastructure across the NSWC, Carderock Division.
• Migration of Enterprise server farm from multiple IP subnets to a single Cisco VLAN with zero customer business process impact.
• Relocate Enterprise server farm computers to different physical location and place in structured server racks.
• Manage and monitor systems, tune and configure servers for maximum performance and security, provide metrics on utilization and availability.
• Operations and Maintenance of 80+ Cisco devices, 65+ campus network closets, 55 Servers (Various Unix, Windows & Linux OS), 100+ Network UPS’s, 10 WAN links.
• Interface with the Campus Electrical Engineering Services personnel to provide guidance on what the power requirements are necessary for our IT assets. Monitor our (750KVA) Diesel generator, Battery-less rotary UPS and several static banks of batteries (200KVA).
• Maintenance and upkeep on our 4500-user MS Exchange site, which is part of the NAVSEA, Exchange server enterprise architecture.
• Campus and WAN Cisco router (switch) IOS (CatOS) upgrade to address vulnerabilities.
• Manage and maintain public (internet accessible) and private (intranet accessible) web site’s and applications on Microsoft IIS and Linux Apache web servers.
• Provide guidance to NSWCCD Tech Code personnel concerning domain member servers and server assets in the DMZ.
• Automate and streamline many business processes using various technologies including PowerShell and other scripting technologies.
• Troubleshoot and resolve enterprise level network issues, in a Master Domain/Multiple Resource domain model environment.
• Create documentation on existing Campus, WAN, and VTC topology.
• Monitor and test network security: address vulnerabilities, penetration testing, enforce security policies

Senior Network Engineer

Confidential

Responsibilities:

• Managed progress on all phases of computer support, direct supervision of cabling contractors, Bell Atlantic technicians, and other Forza network engineers.
• Tasked with providing all computer-related services for clients including: rollout of servers, desktops, laptops, and applications as well as Network Infrastructure Design.
• Design and Implement Hardened Internet facing publicly accessible Web servers (Apache, IIS) and mail servers (Exchange, Sendmail). Systems brought into a C2 security level due to the sensitive nature of our clients.
• Extensive experience with WAN, remote office connectivity, roaming users, and work at home users.
• Configuration of Router, Switch, Hub Stacks, RAS, and ISDN. Interfaced with telecom personnel to achieve quick turnkey client solutions.
• Setup and secure remote ‘satellite’ locations throughout the Metro DC area for our customers. (install local resources, securely connect to the home office via ISDN or PRI, remove after project has completed)
• Responsible for the day-to-day operation of several 100+ user LAN and WAN.
• Experienced in building servers: PDC, BDC, Web, Application, Multi-Processor, Raid, Database, RAS, Terminal, as well as the daily operation of the above.

Head of Technical Support

Confidential

Responsibilities:

• Provide direction and support to our staff of 6 technical support specialists. Third tier support and complex problem resolution, crisis management.
• Project manager for 6-8 CAD drafters doing mass drawing conversion projects. Directed document workflow to achieve maximum efficiency for our clients.
• Network design and administration (Windows NT / Novell / Citrix).
• Setup 3D Studio Max Animation Network Based Rendering farms.
• Onsite installation and configuration of hardware and a wide range of CAD related software.
• Web site design and management.

LAN Admin/ Cam-Cad Technician

Confidential

Responsibilities:

• Maintain local area network and computers.
• Computer Aided design and drafting (CAD-CAM)

LAN Admin/ Cam-Cad Technician/ Civil Survey Technician

Confidential

Responsibilities:

• Maintain local area network and computers.
• Computer Aided design and drafting (CAD-CAM)
• Civil / Surveying Technical work, Instrument repair & calibration, Deed research.