- Worked as a Consultant / Sr. Network Security / Analyst / Network & Application Architect for USDA - NICT, Black and Veatch, Sprints, Microsoft, AD and Azure, and Federal agencies for NERC CIP, FISMA, HIPAA, SOX, PCI, NIST etc. in Kansas City. Worked with W2k12-R2 Active Directory, Exchange, IIS, and Red Hat. Performed Vulnerability Scanning and Pen-Test with Metasploit framework, with Python and PowerShell Empire + Kali + Burp, etc.
- Web and Software Security, Fortinet, Palo-Alto NGFW (Next Generation Firewall), Cisco ASA NGFW with FirePower Service plus SourceFire, URL Filtering, Advanced Malware Protection and FireSIGHT Management Center, Q-RADAR, PhishMe, DR, Mobile Device Management (Mobile Security Management), Operation Procedures and Processes.
- Worked as Enterprise System Admin / System Architect for federal enterprise Microsoft network operating system W2k3 / W2k8-R2 for more than 3000 servers, 50,000 nodes within multiple Active Directory forests, multiple domains and child-domains, plus Exchange 2k7 / 2k10 - Front-end Edge server / Back-end, SharePoint Portal, SCOM 2k7, SCCM 2k7, IIS 5.0 / 6.0, 7.0, Active Directory - Integrated DNS, Caching-Only DNS, DHCP, WINS, RIS (Remote Installation Services),WSUS (Windows Software Update Services), DFS (Distributed File System), Group Policies, Net Backup, Data Protection Manager, etc.; implemented a large scale Active Directory W2k3, Upgrade W2k3 to W2k8-R2, W2k8-R2 to W2k12-R2, and Exchange 2k10 throughout the nation.
- Worked as Consultant / IT Security Director / IT Security Manager, managing nine technical staffs (4 MCSEs, 1 CCIE - Network Engineer; 1 Network Security Analyst (Vulnerability Scan and Pen-Tests), and 3 Desktop Specialists). Managed a large and complex Microsoft network with multiple forests and domains, including AD-Integrated DNS, DHCP, WINS, Dfs (Distributed Files System), Exchange 2k7 front-end/back-end, MOM 2k5, Group Policy, IIS, FTP, Norton Live-Recovery Backup System, Trend-Micro anti-virus.
- Had written hundred how-to lab articles, and sold them to various authors, some of which had been on Microsoft TechNet.
- Working with AD, Azure, Azure Security, Office 365, Office 365 Security
- Working with Vulnerability Scanning, and Pen-Test
AD / Office 365 Admin & Security Consultant
- Architect Azure, O365, Azure Security and O365 Security
- Using Office 365 Security and Compliance Center and to remediate phishing attacks.
- Design/Architect Network Security including Microsoft technologies
- Upgraded W2k8-R2 to W2k12-R2, and to W2k16 Microsoft Active Directory.
- Building AD ADFS, and AD LDS environments.
- ADCS, DFS, AD-Integrated DNS, Truly Fail-over DHCP
- File-Integrity Check
- Microsoft IAM
- Performing Vulnerability Scanning and Pen-Test as well as SOX
- Q-RADAR, PhishMe, Computer Forensics, Qualys, Nexxus, SAINT, SecPoint
- Palo-Alto, Cisco ASA Next Gen, Fortinet including IDS/IPS
- DDOS Mitigation
- Cisco routers/switches,
- Crowdstrike, Trend-Micro, Sophos
- Lead of 10
Sr. Network Security Manager / Architect / Consultants
- Designed Microsoft security for AD in Azure
- Designed Microsoft AD
- Performed Vulnerability Scanning.
- Pen-Test with Python and PowerShell Empire + Kali Metasploit + Burp, etc.
- Performed audit on NERC CIP, FISHMA, HIPAA, SOX, PCI, etc.
- Cisco routers/switches
- Microsoft IAM
- Network Security Architects
- Perform computer / mobile forensics for electronic crimes.
- Cisco ASA NextGen, Palo-Alto
- Performed pen-tests as Network Security Consultant, and Vulnerability Scan on all segments of the network.
- Managed Firewall Policies.
- Performed domain security tasks (File, Active Directory & DNS Security, and Web access).
- Created general IT policies.
- Perform vulnerability scanning and pen-test for federal.
- Mobile Device Management (Mobile Security Management)
- Created all GPOs for W2k3 and W2k8-R2 forest /domains, and based line security policies for all servers.
- Managed over 300 servers, 1500+ nodes, multiple forests / domains, Active Directory, GPOs, DNS (Primary/Secondary, Active Directory - Integrated DNS), WINS, WSUS, IIS (Web), Exchange 2k / 2k3 (front-end and back-end), Exchange 2k7 and Exchange 2k10 including the Edge server, MOM 2k / 2k5, 2k7, SCCM 2k7, Dfs (Distributed File Servers), File and Printing, Backup (such as Net Backup), and Security.
- Managed Hyper-V environment.
- Composing technical articles as well as conducting the training for various teams on W2k3 and W2k8 technologies as well as Hyper-V, etc.
Sr. System Administrator
- Managed the IT team, its budget and technical staff (10 full-time and five contracts)
- Provided in-house hands-on training.
- Migrated NT 4.0 multiple domains and its BackOffice products - such as IIS 4.0, Exchange 5.5 - to W2k domains and IIS 5.0, Exchange 2000, Conference, Share-Point Portal, Microsoft Office Management (M.O.M.), W2k-Terminal, IIS 5.0, SQL 2000, SMS 2.0.
- Creating and managing Domain Controllers, DNS, DHCP, WINS, FSMO, Sites, RIS, Distributed File System (Dfs), Group Policy, IntelliMirror, Security, and routine maintenance on the domain-wide.
- Created and managed mailboxes, storage groups, policies on incoming and outgoing mail, routing groups, public folders, instant message, security and routine maintenance on all front-end/back-end Exchange 2000 servers.
- Created and managed the disaster recovery plan, including the backup, power and network outage.
Evening Adjunct Professor
- Taught NT 4.0, W2k Server and W2k Active Directory classes at JCCC as Adjunct Professor / several CTECs as Microsoft Certified Trainer
- Voted best Adjunct Professor by the IT division within JCCC. Nominated for the Lieberman award for the years of 2001, 2002 and 2003
- Manage NT 4.0 domain, three sites, and 40 servers, all PDC, BDCs, WINS, DHCP, DNS, IIS 4.0, File and Print servers, Exchange 5.5 server, policies, security, and routine maintenance.
- Managed SMS 2.0 server.
- Provided in-house hands-on training.
Technical / Project Manager
- Managed 35 full-time server and desktop/laptop technicians.
- Hired and conducted performance reviews for all staff.
- Managed multiple projects for multiple clients at any given times.
- Managing NT 4.0 multiple domains, multiple sites, over 3000 nodes, 200 servers.
- Provided in-house hands-on training for all staff.