We provide IT Staff Augmentation Services!

Security Architect Resume Profile

Summary of Qualifications:

  • Over 10 Years of enterprise network, administration, implementation and security experience.
  • Experience Cisco routing, switching, and security configuration, implementation, and design.
  • Extensive experience with all Windows Server operating systems, network services, and systems administration.
  • Active Directory deployment, migration, and administration experience in multiple environments.
  • Vast knowledge of virtualization technologies from multiple vendors and configurations
  • Broad knowledge of network information security practices based on various ISO, NIST, and regulatory requirements.
  • Ability to learn new technologies quickly, lead teams, and become the SME in various areas.

Technical Competencies:

  • Operating Systems: All Windows clients, Windows Server 2000-2008 R2, AS/400, Linux/Unix, Novell Netware
  • Networking: LAN/WAN, TCP/IP, SONET, OC12 - OC192, DNS, DHCP, WINS, IIS, Active Directory/LDAP, Microsoft Exchange, OSPF, EIGRP, RIP, 802.11 wireless.
  • Security: AAA, VPN, Firewalls, IDS/IPS, vulnerability scanners, DLP, 802.1x.
  • Hardware Platforms: Cisco Catalyst 3550 6513 layer 3 switches, Cisco 3845, 7613, 12416, and CRS-1 routers. Juniper MX960, T640 routers, Cisco ASA, Checkpoint firewalls.
  • Admin Skills: Symantec Endpoint Protection, group design, Active Directory/LDAP integration, Powershell, vbscript, Quest Active Directory tools migration, powershell, etc .
  • Security Standards: ISO 27000, NIST 800, ANSI 359-2004 RBAC , HIPAA, PCI, SOX compliance.
  • Certifications: CISSP, CCNP Security, MCP currently pursuing CCIE Security .

Professional Experience:

Confidential

Role: Active Directory Engineer

  • Role Responsibilities:
  • Hired as an Active Directory engineer to provide Level 3 support to global customers on multiple continents
  • Managed AD FS infrastructure for multiple customers
  • Created powershell scripts for system integrations and customer reporting
  • Managed DNS, DCHP, and AD CS for multiple customers

Confidential

Role: Information Security Architect

  • Role Responsibilities:
  • Was brought in to help the organization with numerous critical security projects and initiatives with focused on meeting compliance with federal regulations and industry best practices.
  • Lead architect on the corporate PCI-DSS compliance project
  • Responsible for designing, deploying, and managing AD LDS environment for LDAP authentication
  • Lead architect on vulnerability and patch management projects to ensure compliance with federal and industry security best practices
  • Lead architect on creating secure baseline standards for Windows operating systems Window XP, Windows 7, Server 2003, Server 2008/R2, Server 2012 .
  • Lead architect on Complex Password Enforcement project which included strengthening passwords for Active Directory and other critical enterprise systems
  • Lead architect Active Directory integration projects which integrated key enterprise applications with the AD environment to ease with deprovisioning of accounts and reduce the number of user credentials required to access key clinical systems
  • Created multiple powershell scripts to assist in AD cleanup, AD provisioning/deprovisioning, and AD reporting to present to executive leadership.

Confidential

Role: Active Directory Architect

  • Role Responsibilities:
  • Responsible for Active Directory upgrade from 2003 to a 2008 R2 forest level. Project goals were to streamline Active Directory administration in a global 24x7 environment, lock down Active Directory infrastructure, and implement standards and automation for a centralized administration model.
  • Created a naming standard for Active Directory objects workstations, servers, groups, sites, OU's using various international standards
  • Redesigned the site and subnet infrastructure to ensure speedy AD replication and service location within Active Directory
  • Redesigned the OU structure for better delegation and group policy inheritance
  • Migrated and upgrade LDAP aware applications to ensure service availability in the new Domain structure
  • Extended the AD schema and added custom attributes to allow Active Directory to be the central repository for all authentication throughout the enterprise.
  • Secured the AD infrastructures using Microsoft guidelines and best practices
  • Upgraded the environment from 2003 to 2008 R2.
  • Performed an extensive Active Directory cleanup which included retiring legacy applications and servers, cleaning metadata from the AD database, removing empty stale groups and accounts from the directory, and provided detailed reports to management about the environment.

Confidential

Role: Security Administrator

  • Role Responsibilities:
  • I was brought in to heighten the overall security posture of the organization as the company was going through a top down reorganization. Specifically tasks included ensuring the confidentiality, integrity, and availability of their mission critical ERP platform which housed private information for clients using the housing authority's services.
  • Created a secure baseline configuration for Windows XP/7 clients and 2003/2008 R2 servers using extensive use of Active Directory group policy objects and security templates.
  • Reorganized the AD structure for effective group policy inheritance.
  • Provided guidance for securing IIS, DNS, DHCP, and Exchange servers in the data center
  • Deployed and configured Symantec DLP for ensuring the confidentiality of data leaving the network
  • Ensured the secure transmission of data to 3rd parties by using strong cryptographic algorithms and ensuring their proper implementation
  • Secured network infrastructure components routers, switches, firewalls, VPNS by configuring secure methods of communications throughout the network ARP inspection, DHCP snooping, etc .
  • Created and deployed a patch/vulnerability management program for all Windows based clients and servers.
  • Extensive Windows servers and Active Directory troubleshooting.

Confidential

Role: Information Security Architect

  • Role Responsibilities:
  • As the Information Security Architect, I was tasked with implementing various departmental initiatives to heighten the security posture of the organization. I worked directly with key decision makers to ensure a secure environment and maintain HIPAA and HITECH compliance.
  • Designed the PKI implementation and security parameters for key LDAP applications.
  • Supported TACACS using Cisco ACS Server for AAA services.
  • Deployed an enterprise whole disk encryption solution to as part of the data loss prevention strategy.
  • Performed successful migration from AD 2003 to 2008 R2 as well as schema upgrade and modification.
  • Worked daily in Active Directory for object creation and created automated processes to help standardize user, group, Exchange, and computer object creation.
  • Installing, Configuring and Troubleshooting Windows 2003 and 2008 servers
  • Automated user creation using various scripting, web, and database languages with developers.
  • Integral in securing an Identity Access Management solution for user life cycle management.
  • Worked with various integration projects around LDAP security and administration.
  • Responsible for Checkpoint R71, SPLAT and Cisco ASA 5500 series maintenance, upgrades, and administration.

Confidential

Role: Active Directory Consultant

  • Verifying Active Directory/LDAP aware applications such as Exchange, Office Communicator, SharePoint were successfully migrated.
  • Troubleshoot domain migration issues during the project.
  • Roles Responsibilities:
  • I was hired as a consultant to provide expertise with a migration of 2 separate Active Directory domains to a single Active Directory forest. During the project, I worked with the onsite team in troubleshooting migration problems, verifying SID migration, Exchange mailbox migration, and various network services DNS, DHCP, etc to the new domain.
  • Migrated core network services such as DNS and DHCP.

Confidential

Role: Network Engineer/Project Manager

  • Roles Responsibilities:
  • Worked in AT T's backbone network testing and configuring mission critical routers for clients and internet peering
  • Implemented AT T VPN solutions for customer sites.
  • Managed projects dealing with router and card life cycle for carrier level routers.
  • Performed router provisioning and testing for Cisco 7613, 12416, 12418, and CRS-1 routers.
  • Configured OC links ranging from OC12 to OC768 for testing, internet peering, and router defects.
  • Worked closed with 3rd party vendors in the central offices to ensure proper fiber runs, cable labels, light levels, IOS image upgrades, and equipment testing were up to AT T NOC specifications.
  • Worked directly with Cisco in troubleshooting and RMA procedures for faulty hardware.

Confidential

Role: Information Security Consultant

I was a team member of the IT Security Office working on various projects to help secure the corporate network in order to maintain our compliance with SOX and other financial regulations.

Roles Responsibilities

  • Configured Checkpoint R60 and Cisco ASA appliances.
  • Worked on the implementation of an 802.1x wireless infrastructure for secure authentication and network control.
  • Was responsible for Identity management for Active Directory/LDAP accounts.
  • Worked with the server team in redesigning the AD/LDAP structure for more efficient administration and heightened security.
  • Was involved with testing the implementation of a complete identity management and user provisioning software package.

Confidential

Role: Identity Management Engineer

Was a member of the Infrastructure and Identity Management team which was responsible for granting/denying access to network resources a 40,000 user global network.

Roles Responsibilities

  • Responsible for managing the identity and user life cycle management from account creation to deletion for all network based applications.
  • Approved/Denied access requests to various systems based on corporate policy.
  • Responsible for provisioning Active Directory/LDAP, Exchange, Citrix, Linux, Unix, and Mainframe access and granting the necessary levels of permissions as they came in.

Confidential

Role: Active Directory Deployment Architect

Worked on a high priority corporate initiative to develop, configure, and deploy a Single Sign-On infrastructure in a 65,000 user environment spanning multiple continents. The project is slated to save the company approximately 5 million dollars in savings per year.

Roles Responsibilities

  • Developed scripts used to integrate with the various applications for the SSO deployment.
  • Deploying applications through Active Directory and group policy to sites on 5 different continents.
  • Worked with local techs, the network services team, and end users for user acceptance testing for post deployment feedback.
  • Tasked as the meeting facilitator and adjunct project manager for many of the deployments. Submitted change control requests, wrote technical documentation, and handled backup and restoration of custom applications and databases for the team.

Confidential

Role: System Administrator

Roles Responsibilities

  • Managed the Checkpoint and Cisco PIX firewalls and VPN appliances to provide remote connectivity.
  • Oversaw the day to day maintenance of Active Directory, Linux, UNIX, and Netware servers.
  • Assisted in the migration from NT4/NDS to a 2003 Active Directory infrastructure.
  • Migrated all file, print, antivirus, DNS, DHCP, WINS servers to Server 2003.
  • Responsible for developing a patch testing/management solution to increase network security and uptime of client's as well critical production servers.
  • Implementing Group policy objects for Windows Server Update Services
  • Engineer, design and implementation of Microsoft Windows 2003 Active Directory Services for enterprise network management of users, computers, printers and all resources that are part of the organization.
  • Extensive troubleshooting of Active Directory DNS, DHCP and WINS servers
  • Was involved in integrating core network resources to utilize Active Directory as its authentication mechanism for simplified administration and a unified login process.
  • Involved in a major network rollout from a Nortel to Cisco infrastructure including all edge routers and the core layer 3 switch.

Hire Now