We provide IT Staff Augmentation Services!

Lead Active Directory Architect Resume

4.00/5 (Submit Your Rating)

Chicago, IL


Confidential, Chicago, IL

Lead Active Directory Architect


  • Active Directory architect responsible for entire AD upgrade project (2003 to 2012R2) and AD roadmap
  • Document and assess current environment - including performing RAAS evaluations and remediation plans for all 7 forests globally
  • Authored entire domain re-alignment and migration plan design document for presentation to architectural review board of peers
  • Re-architected entire Confidential infrastructure globally including server placement and AD Zone integration
  • Re-designed AD site and replication topology to ensure most efficient convergence times
  • Built out multiple lab environments as mirrors of production to provide test bed for applications to vet authentication viability against the 2012R2 AD DS
  • Work with server ‘steady-state’ team to develop 2012R2 standard build for domain controllers
  • Worked as part of the GPO remediation team to clean up and consolidate the entire GPO infrastructure (implement central store)
  • Developed plans to leverage new functionality in AD DS 2012R2 including training operational groups on the functionalities and various caveats of the everyday operational tasks which may be applicable to utilize the new features
  • Provide 4th level support to operational AD teams in support of various initiatives and overall support for critical issues
  • Developed action plan to reduce the number of users who are part of the domain admin groups globally (some domains with 450+ users in DA)

Confidential, Lexington, MA

Lead Architect


  • Architect, design, implement new Forefront Identity Manager Infrastructure from the ground up encompassing all aspects
  • Build and design workflows within FIM - build connectors, configure management agents for multiple identity sources, (sun, flat files, etc), synchronization service, etc
  • FIM Web Portal configuration for user self-service, password management, group DL management, etc
  • Merger and Acquisition migratory planning and execution on variety of directory services
  • Responsible for all Confidential upgrades and changes including Powershell scripting to aid in Confidential /IPAM migrations, creation of new zones, and migration to Infoblox platform
  • Active Directory Architect responsible for planning and upgrade of Active Directory infrastructure, IAM solutions, and Confidential
  • Re-architected entire active directory infrastructure from the ground up including migrating sites, collapsing of domains, domain controller upgrades (to 2008R2 and 2012R2)
  • Migrated primary corporate domain from forest functional level 2000 to 2008R2 then to 2012, including SYSVOL to DFSR migration
  • Lead architect handling multiple mergers and divestitures (planning, configuration, migration and execution, as well as service design and transition)
  • Architecture, planning, and deployment of RSA Envision Multi-site infrastructure including configuration of Database, Application, and local collector servers, configuration of forwarders and data forwarding tasks, remote collectors, NIC Domains, configuring alerts, configuring site to site collections
  • Set up and configure RSA Envision event collection, vulnerability and asset management, access permissions, views, alert module toold, reports, message handling
  • Architected entire ADFS environment including ADFS proxies, tenant setup, federation configuration, dirsync
  • Implementation of Quest software suite of products (Spotlight on AD, Change Auditor, Quest Reporter, and Recovery Manager for Active Directory)
  • Consolidated entire GPO infrastructure from 375 group policies down to less than 100
  • Re-designed / clean-up of logical Active Directory structure to better suit Confidential ’s ever changing infrastructure, business model, and support structure
  • Re-design and re-build corporate PKI infrastructure
  • Design and implementation of Active Directory test lab / innovation lab
  • Provide support to levels 1-3 of technical administrators and engineers
  • Design custom reports for Quest suite of products to align with key security initiatives and requirements
  • Develop automated processes via powershell to maintain overall AD environment

Confidential, Princeton, NJ

Active Directory / Systems Engineer


  • Active Directory Engineer involved in planning and upgrade of Active Directory infrastructure, AD Engineering and support, Confidential and WINS support, RSA and Infoblox engineering and support
  • Migrated entire AD infrastructure from 2000 to 2008R2 then to 2012 including building and promotion of domain controllers, troubleshooting incompatibility with legacy applications and domains, etc
  • Merger and Acquisition migratory planning and execution
  • Member of team responsible for re-design / re-architecture of the current Confidential WINS infrastructure
  • Member of team responsible for overall Confidential re-design, upgrade, and maintenance
  • Migrated and consolidated existing 2000/2003 Confidential infrastructure to 2008 and 2012, including scope consolidating, troubleshooting, etc
  • Implemented Quest suite of products including Change Auditor, Spotlight on Active Directory, and Intrust for Active Directory
  • Design custom reports in Intrust for AD and Change Auditor, as well as custom protected object templates
  • Design, implementation, migration of RSA 6 to RSA 7.1
  • 3rd level support of RSA including role creation, soft token implementation, report creation, and training of other teams within IT
  • Provide on-call support for AD and RSA/Radius Infrastructure
  • Work with various business units and application managers to provide directory authentication mechanisms for various projects throughout infrastructure
  • Designed LanDESK patching plan for Domain Controller infrastructure
  • Maintenance of GPO infrastructure including creation of new GPOs, GPO consolidation, troubleshooting, and existing GPO modification

Confidential, Manhattan, NY

Systems Architect


  • Lead Active Directory Engineer responsible for 2008 upgrade design path and migratory strategy
  • Build and Upgrade domain controllers
  • Aided in re-design of Confidential namespace

Confidential, Branchburg, NJ

Senior Engineer / Senior Architect


  • Lead engineer responsible for architecture and design of VMWare infrastructure
  • Build and configuration of 30 ESX hosts, including resource pools, datastores, networks, etc
  • Engineered migration of 450 virtual servers from Branchburg location to Level 3 co-location facility in Newark
  • Perform P2Vs, V2Vs, V2Is, on servers as pre-migration step
  • Co-ordinated with business units and application owners for scheduled migration of over 150 applications
  • Re-designed existing Citrix farms and migrated from MPS 4 and 4.5 to Xenapp 5 Feature Pack 2 (in preparation for Windows 7 rollout)
  • Utilized Citrix Dynamic Application Delivery, Single Instance Management, Power and Capacity Management, Provisioning Services, Service Monitoring, and Workflow Studio
  • Re-architected Citrix remote access solution including implementation of Citrix Access Gateway and new Xenapp farms in both Europe and the Americas
  • Design and implement PKI / RSA Envision infrastructures
  • Architecture of new SQL infrastructure which includes the building and maintenance SQL 2005 and 2008 clusters to support various enterprise applications including database creation, delegation, writing sql scripts, setup backups, and setup sql reporting services
  • Introduced powershell as the preferred scripting language for all administrators, including writing custom commandlets, scripts, and other routines to facilitate repetitive tasks and allow for ease of administration of various infrastructures (SCOM, VMWare, AD, Citrix, SCCM)
  • Design and support virtual desktop infrastructure for 150 field sales reps
  • Builld and support Microsoft Exchange clusters
  • Architecture of new SCOM 2007r2 environment, including migration from MOM2005, utilization of distributed apps, end to end monitoring, etc
  • Re-built entire lab infrastructure, migrating from a purely physical environment to completely virtual
  • Implemented Active Directory lag sites for directory redundancy, also implemented dedicated Exchange replication site for increased performance
  • Re-designed entire Active Directory infrastructure including complete site link re-design, implementation of RODCs in perimeter networks, upgrade to 2008R2 and decommissioning of all 2003 AD servers
  • Designed and implemented Scriptlogic/Quest infrastructure, including Active Roles server, Password Self Service, Forest Recovery Suite
  • Build IBM Blades (HS12, 21,22) and Rackmount servers (3550)

Confidential, Tampa, FL

Senior Systems Engineer / Systems Architect


  • Project lead engineer responsible for architecture and re-architecture of Active Directory, PKI, and Virtual Infrastructures
  • Team lead of 4 engineers responsible for entire production, test, and validation infrastructures
  • Implementation and support of enterprise-wide VMware ESX 3.5i host clusters, Hypervisors, VirtualCenter - supporting 400+ guest operating systems
  • Perform P2V’s of servers using VMWare Converter
  • Lead engineer for both test and development of new technology initiatives and implementations
  • Citrix server builds, application and desktop publishing, Citrix Access Gateway/Netscaler SSL-VPN implementation and support
  • Support of 3 Citrix farms (dev, test, prod) which support a concurrent connection rate of roughly 500 users
  • Overall Citrix Infrastructure design and support (MPS 4.0 & 4.5)
  • Performed Microsoft ADRAP including but not limited to problem diagnosis, site link re-design, and implementation of MS best practices
  • Consolidation and design of entire Active Directory - domain consolidation and migration to new domain including all users, machines, service accounts, and data (NAS consolidation of 10+ TB of data)
  • Re-designed overall group policy infrastructure and consolidated/re-wrote OU login scripts
  • Development of Three-Tier PKI
  • Re-designed entire Confidential and WINS infrastructures (from 40 Confidential servers down to 6, 30 Wins boxes down to 3)
  • Design, implementation, and support of highly available cluster solutions utilizing MS Cluster services for both file systems and applications (SQL, Exchange)
  • Implementation of the Quest suite of products (ARS, ITAD, RMAD, etc)
  • Development of disaster recovery operations for Active Directory
  • Perform troubleshooting and support for AD as a whole including diagnosis of replication issues, adding sites/ou’s/subnets, and other BAU tasks
  • Support of server hardware (Dell/IBM rackmounts and blades)
  • 24x7 Level 4 On-Call support
  • Work with various business units on application testing and troubleshooting
  • Documentation of current state environments as well as new policy development for standards and best practices

Confidential, Parsippany, NJ

Level 3 Active Directory Engineer


  • Build / Rebuild / Support / Monitor new and existing domain controllers in global AD
  • Perform troubleshooting and support for AD as a whole including diagnosis of replication issues, adding sites/ou’s/subnets, and other BAU tasks
  • Support of Microsoft WINS and Confidential
  • Design, support, and implementation of global lab and testing infrastructure consisting of multiple domains, child domains, new servers (DCs, VM hosts, Confidential /WINS servers)
  • Support of DR activities for multiple locations globally including delayed replication sites, co-location facilities, etc.
  • Global, 24x7 support of Active Directory DC’s and Confidential boxes
  • Support of global lab VMWare ESX environment (P2V testing, building hosts, new ESX servers, migrating VMs, cloning hosts, etc)
  • Re-Architect and Re-Engineer Global GPO infrastructure including SOP and Work Instruction preparation, site coordination, devel GPO creation/deletion/delegation/etc, and all other GPO administration related tasks
  • Perform builds and installs of new HP / Compaq servers (1850, DL380, and 6400, G2, G3, 580 and 740 models)
  • Monitoring of overall health of Active Directory including diangnosis of SNMP traps, virus activity, network congestion.

Confidential, Berkeley Heights, NJ

Independent Network Engineering and Architecture Consultant


  • Re-architected existing Active Directory, along with development of migratory path to AD2003
  • Re-architected existing WINS and Confidential environments taking into scalability and extensibility for future expansion on global scale
  • Implementation of two-factor security architecture for remote access utilizing RSA
  • Support of Exchange 2003 severs and server clusters both locally and in remote offices (mailbox migrations and restores, defrags, general administration)
  • Citrix application packaging and overall infrastructure support (Access Suite, Presentation Server, AIE support)
  • Perform builds and installs of new HP / Compaq servers (1850, DL380, and 6400, G2, G3, 580 and 740 models)
  • Perform builds and installs of new Dell servers (2850/2950)
  • Designed and implemented WSUS infrastructure for internal and remote user patch management
  • Support and development of Goodlink handheld infrastructure
  • Re-design of current GPO structure with considerations given to the changing dynamic of overall user base
  • Work on implementation of Checkpoint Infrastructure to replace current PIX firewalls
  • Citrix design and support (MPS 3.0 and 4.0)
  • Implemented VMWare for clinical application test and dev environments

Confidential, NJ

Engineering and Architecture Consultant


  • Wintel Engineering - Windows 2000 Server / Advanced Server / 2003 Server installation and support
  • Perform builds and installs of new HP / Compaq servers (1850, DL380, and 6400, G2, G3, 580 and 740 models)
  • Rebuilds of existing HP / Compaq servers (6000, 7000, 4500, 6500, 2500, 3000, etc.)
  • Active Directory Design and Support including Group Policy implementation and NETIQ DRA support, site design, overall AD architecture and engineering
  • Member of Global AD deployment and migration team. (185 sites, approx 45000 clients)
  • Active Directory schema support (schema extensions, FSMO role management, seizures, etc.)
  • Design and Implement enterprise wide GPO infrastructure, as well as trained colleagues internationally on GPO design and implementation
  • Design and support of VMWare environment (ESX) put in place for global testing and development of 21CFR compliant applications
  • Perform builds, clones and migrations of ESX guest and hosts, as well as work on P2V’s for virtualization initiatives to reduce overall datacenter footprint(s)
  • Citrix Infrastructure Design and support (Metaframe XPe and MPS 4.0) including Zone Data Collector builds, Data Store database support on SQL2000
  • Citrix install package creation for software dissemination throughout farm(s) via Citrix Installation Manager and Wise Installer
  • Citrix AIE package creation
  • Confidential / Confidential Maintenance on both Microsoft and Lucent QIP 5.0 including Confidential file creation, Confidential record creation, object management, Confidential Zone and Reverse Zone file management, Confidential Policy files, subnet configurations
  • Performed remote builds of global Active Directory DC’s and DC promotions
  • Performed remote upgrades of Windows 2000 DC’s to Windows 2003 in prep to move to AD 2003 (for exchange 2003 migration, amogst others)
  • Basic Linux/UNIX administration and support including Apache webserver and Apache Tomcat support
  • Infrastructure capacity planning for Wintel servers encompassing storage, migration, and datacenter footprint downsizing
  • Worked on team which developed, architected, and implemented domestic wireless infrastructure
  • Responsible for creation and maintenance of global domain trust relationships for AD forest(s) and NT Domains
  • Provide support for all Exchange servers including relay hosts and bridgehead servers. Work daily with exchange engineers on various issues / projects from troubleshooting and architectural aspects.
  • Re-designed existing WINS infrastructure and rebuilt current WINS servers as 2000 and 2003 WINS servers - also implemented maintenance plan for WINS databases globally (compaction, integrity checks, etc)
  • Development and execution of IQ/OQ protocols, scripts, SOPs, design specifications and system specifications for WINS and RADIUS infrastructures with relation to 21CFR Part 11 compliance
  • Configuration of RADIUS servers to support LEAP-TTLS, EAP-TTLS, PEAP protocols, along with SecurID, AD and Oracle authentication
  • Installation / configuration / support of RADIUS/PKI infrastructure for VPN, Wireless, and dial-up authentication
  • Installation and support of Cisco TACACS+ (Secure ACS) servers for secure, directory enabled authentication to all routers and switches in enterprise environment
  • Worked on international SMS rollout team to install and configure SMS 2.0 in 20-25 remote international locations
  • Install / Configure / Support Web Proxy servers running Microsoft ISA Server including access list control, PAC file maintenance
  • Maintenance and 3rd Level Support of NDS and Active Directory environments
  • Perform RAID array / DASD expansions for servers which are running low on disk space
  • Installation and support of SQL Server 7.0, SQL Server 2000, IIS 4.0, 5.0, and 6.0 including creation of data transformation packages, COM object registration, MDAC upgrades, installation and configuration of frontpage extensions.
  • Implementation and configuration of high availability solutions including failover servers, W2k Advanced servers running NLBS and Cluster Services- work closely with members of Telecomm when implementing solution with hardware based load balancing appliances
  • Design and implementation of 3rd party connectivity solutions including remote field force helpdesk and other 3rd party contractors hired for various projects
  • Support of Siebel infrastructure including initial install of the Siebel application database migration for SQL 6.5 to SQL 7.0 to SQL 2000
  • Installation / Configuration / Analysis of Webtrends Firewall reporting software (ISA, CheckPoint, Cisco Cache Engine)
  • Support of hardened firewall management workstations running Checkpoint NG AI Management software
  • Use of distributed and software based packet sniffers for network troubleshooting
  • Installation / Configuration of Microsoft Certificate Services for CA in Schering’s PKI infrastructure

Confidential, Roseland, NJ

Technologies Consultant - Lead Engineer


  • Perform builds and installs of new HP servers (DL580, DL380, models)
  • Rebuilds of existing Compaq servers (6000’s, 7000’s, 4500’s, etc.)
  • Checkpoint Firewall NG rule base creation and support - setup firewall to firewall VPN tunnels with International subsidiaries
  • Nokia IPSO support and Troubleshooting (IP440 and IP530 platforms)
  • Microsoft ISA Server 2000/2003 support - setup reverse proxy DMZ solution for web applications as well as publish out citrix farm into DMZ
  • Windows 2003 server builds in both test and production environments
  • Microsoft Virtual Server 2005 testing in Lab environment
  • Implementation of Microsoft SUS (system update services)
  • Implementation of VMware ESX server (Linux-based)
  • Support of corporate Active directory environment (user/group creation, group policy implementation, etc)
  • Confidential server support (Microsoft Confidential ) - Creation of Confidential records, forward and reverse lookup zones, etc.

Confidential, Bridgewater NJ

Consultant / Wintel Engineering


  • Worked on NT Support Team as 3rd / 4th tier admin
  • Performed NT administration duties including user and group creation, application of Confidential ’s and NT security schemas, backups
  • Exchange 5.5 mailbox creation, site design and x.400 connector migrations
  • Corrected user issues via LanDesk Remote Control Agent
  • Resolved calls pertaining to email problems, file corruption, hardware failure, and user error
  • Diagnosed and resolved user dial-in / remote issues (RAS via Compuserve / Citrix)
  • Creation Distribution and Re-Distribution of LanDesk and SMS application packages
  • Created / Oversaw unattended installations of NT workstation
  • Installation and creation of printers, print queues, print servers via JetAdmin (Print Administrator)
  • Resolved user login issues pertaining to TCP/IP and Confidential problems
  • Create / Edit user login scripts (KIXtart and Perl)

We'd love your feedback!