SUMMARY

• Skillful Systems and Desktop Infrastructure Engineer/Architect with a certifiable track record of managing large scale corporate infrastructure technologies.
• Proficient in gathering business requirements, managing small, mid - tier, and large global IT projects for the implementation of effective IT solutions.
• Strong interpersonal skills, highly adept at facilitating discussions and negotiations with stake holders and product/service vendors.

TECHNICAL SKILLS

• Active Directory
• Microsoft Hyper V; VMware ESXi
• BigFix Reporting Tool
• Microsoft Configuration Manager
• Microsoft SharePoint 2010; Lotus Notes
• Microsoft Exchange; Microsoft Office
• Windows PowerShell
• Qualys Vulnerability Cloud Agent
• Windows Autopilot
• Microsoft O365 Exchange & Intune
• Windows Server 2008 & 2012 R2 DC
• Windows 7 & 8 x64, x86
• Windows 10
• PMO development, implementation and full life-cycle support
• Leadership, coaching & mentoring

PROFESSIONAL EXPERIENCE

Confidential - Spring, TX

Hybrid Modern Management Solutions Architect

Responsibilities:

• SME in Microsoft SCCM (ConfigMgr), Active Directory, Azure Active Directory, Windows Server and Desktop Operating Systems, O365 Cloud and Microsoft Intune MDM platform
• Server as Azure subscription owner and global administrator, accountable for the Identity Access Management of enterprise Azure subscriptions
• Configure Azure app proxy access to custom enterprise applications such as 1E Shopping Hub, Flexera Suite, and HP Analytics Agents
• Configure and integrate Ping ID SSO authentication with Azure AD for secure/remote authentication for on-prem applications
• Build and manage Azure Resource Group Cloud Infrastructure
• Designed and build the HP Adaptive Device Management go to market backup and disaster recovery solution using Azure Site recovery, availability zones, and ARM template backups
• Develop and deploy sign-in risk and conditional access policies for Azure/O365 resource authentication
• Integrate on-prem NPS infrastructure with Azure AD to allow MFA (multi-factor authentication) for access to cloud infrastructure and resources
• Enable Point-to-site and site-to-site VPN for secure on-prem access to Azure cloud infrastructure
• Configure Just-in time access and RDP port elevation security methods for internet facing Azure resources
• Design and lead the solutions that enable modern management for HP Device as a Service (DaaS) along with Analytics and Proactive Management
• Architect and design the hybrid modern management solution for various support tiers targeting various enterprise customers
• Assist with designing Architect 0365/1E Shopping Portal/Azure AD/Hybrid Azure AD with Microsoft SCCM and Intune hybrid modern management solution targeting various small/mid/large enterprise customers
• Lead DaaS Delivery Team with internal HP DaaS with Proactive Management and Security initiative and deployment
• Act as HP liaison with partners critical to solution offering (i.e. Microsoft, Samsung, Bromium)
• Develop architecture for Windows Autopilot and Intune conditional access and application policies
• Write customer facing technical procedural guides for installation/deployment/ configuration of HP software and tools
• Lead architecture and design of Mobile and Endpoint device management solutions
• Confer with development team to resolve software bugs and implement design and feature enhancements with use of AzureDevOps

Confidential - The Woodlands, TX

Desktop and Server Computing Solutions Architect & Engineer

Responsibilities:

• Solutions architect and engineer for a hybrid environment of 11K Win7 and Win10 enterprise endpoints in a Windows Server 2008/2012 R2 environment hosting 15 - 20 domain controllers
• Serve as forward thinking and innovation source, r esponsible for new service and application introduction and implementation as a part of technological advancement based on changing requirements
• Contribute to the overall Enterprise architecture and development of all strategy, roadmaps and design principles for the related technologies
• Define and translate business requirements into desktop and server system design specifications to create/facilitate the actual solution design
• Develop roadmap and design of Server OS and infrastructure, network infrastructure, and Windows desktop OS
• Interface with several company partners/vendors such as Microsoft Technical Account Manager (TAM) to communicate requirements and objectives
• Define standards for Windows Server 2012 R2 and 2016 upgrade
• Architect image build for Windows 7 Windows 10, Windows Server 2008R2, and Windows Server 2012 R2 desktop and server images using SCCM, MDT, WADK/ADK10, and WD utilizing Zero and Lite Touch competencies
• Create, and maintain Microsoft Active Directory GPOs, objects, and groups
• Global Administrator of Microsoft O365 tenant/admin portal: Execute, manage, and lead migration from on-prem Lotus Notes/Domino environment to O365 Exchange E-mail using Quest migration tool
• Work with external vendors/partners to handle tasks needed for staff augmentation through RFP profess and negotiating initial terms of resulting statement of work
• Completed network, Active Directory, and existing on-prem Exchange/ infrastructure assessment for O365 migration architecture planning
• Successfully architect tenant to tenant migration solution for company merger and acquisition
• Remediate Active Directory object and attribute issues resulting from assessments amid Exchange O365 migration readiness activities
• Successfully migrated from on-prem Websense proxy, implemented ZScaler Cloud proxy solution to compliment O365 migration to optimize site traffic routing, and architected local internet breakout strategy for all sites
• Define and configure O365 application conditional access policies
• Manage Mobile Iron to InTune migration for enterprise mobile devices and BYOD model
• Architect seamless single sign-on (SSO) policies using Azure AD Connect for traffic to traverse new cloud proxy design
• Integrate OKTA SSO solution with Azure AD to provision existing users with SSO for O36 resources
• Architect Application Readiness and Remediation strategies based on utilization of Microsoft Upgrade Readiness script deployment
• Configure & manage Azure and Microsoft operations management suite (OMS) portals for telemetry
• Configure all Windows endpoints to report telemetry data to Azure and OMS and manage and analyze the data using SCCM connector and OMS tools
• Identified problem applications using reported telemetry/diagnostic data in Azure & OMS to strategize app remediation plan for windows 10 compatibility
• Documented guidance on adopting Microsoft Semi-annual service channels channel service as appropriate direction for enterprise endpoints and infrastructure upgrades
• Through Windows Insider program, test latest versions of Windows server and desktop OS, and Config Manager, and develop deployment strategy accordingly
• Facilitate bi-weekly meetings with Microsoft and MS partners to assess business needs and develop strategies to address them
• Lead Dell-client relationship for enterprise maintaining roadmap for Wintel servers and endpoints
• Initiate Microsoft Modern Desktop program and lead Windows 10 migration pilot
• Architect migration plan using analytics to identify endpoint upgrades using Windows auto pilot, in place upgrade, bare metal deployment, and upgrade through attrition of assets
• Prep all endpoint computers for Windows 10 application assessment
• Provide architectural guidance through documentation for migrating on-prem Websense proxy policies to ZScaler cloud proxy solution and integrating with Azure AD
• Test, configure, and implement cloud proxy solution across MPLS infrastructure, and deploy cloud agent on all endpoints
• Serve as MS cloud architect for enterprise Azure AD/OMS Portal environment, and Global administrator for O365 tenant
• Strategize and design business direction and planning for O365 Office Click-to-Run deployment via SCCM Current Branch
• Configure and manage Windows 10 application assessment and Office Add-in upgrade analytics in Azure tenant
• Design and develop customized/secure/company compliant Windows 10 image utilizing LTI and ZTI deployments via OSD/MDT
• Prepare Deployment Workbench, using MDT 2012, For Deploying Client Operating System Images as well as Migrations. Create media Based Deployments (USB Based Media) for clients.
• Lead Windows 10 migration POC for tablet/laptop/desktop computers
• Customize Task Sequence for custom model deployments.; driver Injection based on specific make and model
• Create and define Active Directory group policies standards for Windows 10 migration
• Preform GPO assessment using CIS Microsoft benchmark and engineer enterprise settings accordingly
• Perform GPO assessment and remediation and transition from Windows 7 to Windows 10 environment
• Design Active Directory OU Structure for Windows 10 GPOs

Confidential - Houston

IT Systems Engineer & GPO Management

Responsibilities:

• Support and maintenance of 30K users, in a Windows Server 2008/2012 R2 environment hosting 15 - 20 domain controllers deploying and maintaining Windows 7, 8.1 and 10 systems
• Assist with development, planning, and design of AD infrastructure for migration from legacy domains to upgrade from Windows Server 2008 R2 to Windows Server 2012 R2
• Utilize the PSTools cmd-line tool/suite of Sys Internals to remote manage systems on the domain which entails managing processes, remote install/uninstall, and gathering data/logs for troubleshooting.
• Make use of Process Explorer to troubleshoot PC latency or high CPU utilization and narrow down issues pertaining to which application(s) may be causing slow performance.
• Define desktop and server security parameters and functionality and standardization via GPO
• Maintain and manage Microsoft Active Directory GPOs, objects, groups, and Exchange distribution lists across for over 50K users across the enterprise
• Implemented WSUS/SCCM integration and created a monthly phased patching process
• Manage DHCP Server and leases; approve for distribution of IPs for static assignment, and review DHCP server logs as a measure to troubleshoot and monitor server events
• Create, deploy, and manage over 60 Active Directory groups and corresponding share permissions
• Monitor AD object verbose log files for policy and infrastructure troubleshooting
• Deploy company/vendor applications, along with Microsoft patches to Windows 7 computers and Citrix XenDesktop/XenApp persistent desktop sessions
• Maintain, deploy, enforce, and troubleshoot, AppSense, Group policy along with Security policies in Citrix XenDestop, XenApp, and Windows 7 environment
• Engineer, and troubleshoot Citrix migrations from existing customer landscapes into new environment
• Make use of PowerShell scripting to compare, search and itemize GPOs in Group Policy Management Console
• Review GPOs on a quarterly basis to maintain customer needs and contribute to business continuity
• Collaborate with IT teams to develop and implement Active Directory Security solutions
• Troubleshoot group policy/RSOP issues through review of logs stemming from verbose logging scripts
• Remotely manage and review Group policy (GPO) reports for troubleshooting and comparing policy
• Extract AppSense EM policies into CSV/readable files for troubleshooting and parsing data
• Assist with maintain Windows VM Farm/Cluster in Windows Server 2012 R2 environment
• Assisted with and wrote documentation for Microsoft Internet Explorer 9 migration to IE11
• Reviewed business application compatibility cases to determine the best method to ensure application compatibility
• Utilize Enterprise Mode Site List Manager to test and maintain business applications for central compatibility management
• Deploy/publish legacy apps using the App-V 5.0 SP1 publishing server. Virtualize and troubleshoot application installations and configuring using AppV Sequencer
• Configure/install AD DS and SQL server on the App-V management server for connection group and data store management
• Add/upgrade/delete application packages as needed for deployment and decommission via management console
• Manage/create unique app extensions for various AD groups via management console
• Assign apps to user and machine accounts in AD after packaging via the management server/console

Confidential - Sugarland, TX

Global IT Enterprise Commercialization Engineer

Responsibilities:

• Lead Intensive Planning, Design, Configuration, Managing of Windows 7 and 8 x64 deployments for Dell laptops & HP and Dell Workstation blade systems
• Responsible for overseeing the Service Release Management for Confidential Ltd.
• Review, test, analyze, and approve the release and deployment strategy of all business and technical applications and programs for Confidential Ltd.
• Review, and test all new hardware and equipment to be released for business use
• Assist with construction of Windows 7 WIM &simplified core applications installation utilizing Microsoft MDT Task Sequence technology
• Utilize IE Nomad 2012 for software and patch distribution for branch offices via local Distribution Point
• Utilize MDT for Windows 7 image management
• Define standards for enterprise image creation utilizing SCCM 2012 and MDT 2012 Update 1 - MDT 2013
• Defined and re-wrote Windows Standard image requirements document and test plan considering the upgrade to Windows 8 and 10
• Manage and initiate authenticated network and system scanning utilizing Qualys Cloud Agent for all applications and standard images prior to approval for release and deployment
• Set and maintain enterprise virtualization standard and requirements based on targeted segment and function
• Architected, implemented, and managed Hyper-V platform for VM farm running RDP 8.1 with 400+ persistent virtual desktops running Windows 7 and 8 hosted by Windows Server 2012 on Dell PowerEdge blades
• Manage SAP and Oracle VM Farms running Citrix Xen App and Xen Desktop 7.5 using VMWare non-persistent sessions managed by vCenter
• Define security standards and policies for Confidential Windows 7 and 8 standard images
• Develop support process and knowledgebase for Confidential standard image deployment & management
• Developed step-by-step test plan for Confidential quality assurance segment, for various third party software and Microsoft operating systems, which was later adopted by Confidential Project Office Department
• Consult with hardware and software vendors (i.e. Dell, VMWare, HP, Citrix, F5) to outline requirements for the procurement of new hardware/software to update Virtual workstation environment and Windows Servers as needed
• Responsible for managing pilot of new hardware and software chosen subsequent RFP process, and gathering data accordingly
• Worked closely with Microsoft Primer team for RAP service to stay abreast of maintenance and fine tuning for Windows Servers hosting ADDS, and virtual environments

IT Systems Engineer

Confidential

Responsibilities:

• Developed bi-quarterly review of GPOs and corresponding lifecycle strategy
• Plan, design, and implement
• Install, configure, implement, troubleshoot, and maintain server-based applications including MS Exchange 2010 and 2013, SQL Server 2008 and 2012, Microsoft IIS
• Create and implement ADDS for Windows Server 2008/2012 R2 roles and features including DHCP scope maintaining and supporting 3K regional users, in addition to MS Exchange, print services, Outlook Web Mail servers
• Create and implement ADDS in Windows Server 2008 R2 and 2012 R2
• Maintained and deployed domain group policies security groups, PKI, user and computer objects login authentication, forests and domains, user/account provisioning, and LDAP/application support for over 60K users in North America
• Install, configure, and troubleshoot GPO and administrative templates
• Assist with defining criteria for user and computer GPOs; configure and deploy accordingly
• Troubleshoot and assist with managing the lifecycle of GPOs and user defined rules
• Enforce network blocks for systems exhibiting vulnerabilities using Sophos and McAfee e-Policy Orchestrator from network via PowerShell script to exclude corresponding IP addresses from the DHCP, upon detections of malicious software and activity
• Configure and troubleshoot Windows PowerShell and Visual Basic Scripting related to the deployment of system and GPO configuration
• Manage Exchange server and mobile device settings, account quotas, role account and delegate access permissions
• Perform data management services, server tuning, and server application maintenance
• Administer and maintain a Windows-based server network with a mixture of physical and virtual Hyper-V servers
• Administer and maintain a Citrix XenDesktop 7.6 VM farm with a mixture a person vDisk and non-concurrent desktop sessions
• Managed Hyper V host servers using iDRAC (Integrated Dell Remote Access) tool for Dell nodes and iLO (Integrated Lights-Out) for HP nodes
• Converted required .VDMK images (VMWare) to VHD (VHD) using the Microsoft Virtual Machine Converter v3.0 for continued support of target VMs
• Troubleshoot VM storage issues at the file level by reviewing event IDs in VMM
• Managed Hyper-V VM snapshots including backup and restore of images for reversion application testing
• Managed all VM host resources in Virtual Machine Manager (VMM) including available storage and network resources, assigning and reassigning resources to clusters as needed
• Configured available storage on target clusters into RAID levels according to system capacity to optimize system performance
• Implemented WSUS/SCCM integration and created a monthly phased patching process.
• Successfully created refresh (hard-link migration) and replace Operating System Deployment (OSD) task sequences for Windows 7 upgrade using Zero/Lite Touch Installations, WAIK, USMT 4.0, and MDT 2012 integration.
• Configured Branch Distribution point, Asset Intelligence, and Windows Deployment Services/PXE.
• Created, tested, documented, and installed applications and custom shims for Windows 7 using Application Compatibility Toolkit on multiple test workstations. Deployed applications, scripts, shims, and service packs using SCCM, monitor installation status, troubleshoot, worked with vendors, and resolved installation and OSD failures.
• Supported Windows 7/2008/2012, users, and images for multiple sites, utilized Active Directory/group policy to support and secure clients, including configuring regional settings, registry settings, SCCM client install startup scripts, etc.
• Successfully upgraded environment from SCCM 2007 to SCCM 2012 R2 including 15,000 client endpoints and 26 servers.
• Assist with network configurations to allow the broadcast of the SCCM PXE request to be forwarded beyond the local subnet.
• Project Highlights:
• Utilizing Reliability Monitor and Event Viewer UI in Win 7 to auto create rules for specific application and network failures to eliminate high volume tickets for basic troubleshooting issues and pushed out to all supported users/computers in Active Directory
• Develop Virtual Desktop On Demand program for application development, training and traveling communities
• Lead a project that provided a VDI environment for our largest organization with a mixture of persistent and non-persistent desktops and a concurrent licensing scheme. This project led to ROI from the perspective of cost savings in physical laptop support, and removing liability of third party consultant responsibility from company assets; lost/stolen assets and intellectual property.

Confidential

ITCS Support and Training Lead

Responsibilities:

• Lead support 15 person support staff with the ITCS service desk
• Managed and maintained clinical support software for care central users throughout Houston/Greater Houston area
• Coordinate service desk support operations with IT support teams of engineers, administrators, network, application owner and managers in Houston corporate office
• Managed service level agreements (SLA) in compliance with industry and support standards
• Assisted with conducting performance evaluations and annual personnel reviews for staff members
• Assisted with development of Lean Six Sigma root cause analysis process for Level 1 & 2 support teams
• Support back end and front end UI for Care Central Management clinical software
• Maintain and support SalesForce CRM (Customer Relationship Management) software and Oracle SAP database front end
• Support over 1,000 remote and local users in a Windows Server 2008 R2 environment with systems running Windows XP and 7
• Utilize MS AD DS supporting local and remote users with Windows account creation and maintenance
• Utilize Heat Tracking system for efficient case documentation and ticket tracking
• Utilize MS GPO rules and AppLocker to execute and lock system settings and features in Windows 7
• Create objects for network printers in MS AD using Print Server in Windows Server 2008 R2
• Support Lotus Notes client and iNotes web-based e-mail applications
• Support over 500 Blackberry mobile users via BES deployed with company enterprise
• Enable/Activate port for LAN connectivity at the switch and patch panel in network closet, patch and Krone cabling
• Utilize MS VB scripting to support remote and local users running custom and Windows applications and functions
• Troubleshoot and support WAN and LAN issues for company facilities and escalated issues as necessary
• Supported and enforced McAfee Safeboot encryption requirements
• Support Citrix VPN client connections
• Support/Maintain virtual machines in Windows Server 2008 R2 environment