SUMMARY:

Innovative, driven and dependable Active Directory & PKI Architect with over 13+ years of enterprise - level experience, specializing in architecting, implementation, maintenance and support of large-scale IT infrastructures. Proven problem solving and analytical skills with the ability to quickly adapt to change and prioritize tasks in a timely manner.

TECHNICAL STRENGTHS:

• Windows Server 2003 - 2019, Windows XP-10, Active Directory, Azure AD, ADFS, Microsoft Deployment Toolkit, LDAP, DHCP, DNS, IIS, and PowerShell/scripting
• Expert in Public Key Infrastructure (PKI) and authentication cryptography
• Cloud Computing, Amazon Web Services, TCP/IP networking, CyberArk, SCOM, ServiceNow, Splunk, JAVA, HSM, VMware/virtualization technology, VDS, Linux, Unix, Azure, Oauth, SAML, Open ID
• Server, data storage design, capacity planning, backup and patching
• Administer and support Enterprise email: Microsoft Exchange 2007/2010/2013/2016
• Collaborative Communication
• Problem Solving
• Technical Analysis
• Organizational Skills
• Multi - tasking
• Interpersonal Skills
• Customer Relations
• Teamwork Oriented
• High Integrity
• Detail Oriented

PROFESSIONAL EXPERIENCE:

Confidential

Active Directory & PKI Architect

Responsibilities:

• Design, build and implement Active Directory domains and PKI solutions for enterprises using technical, application and business requirements.
• Logical and physical architecture design, capacity planning, disaster recovery, and tuning
• Define enterprise processes, best practices and tailored enterprise PKI and Active Directory solutions
• Perform risk analysis, assessment of the Active Directory and PKI environments.
• Identify gaps, apply best practices, and implement the recommended solutions
• Troubleshoot and resolve advanced issues.
• Active Directory, Azure Active Directory, Windows Servers, domain controllers, PKI/ certificate services, ADFS, domains, trusts, IIS, DNS, DHCP, GPO VMware/virtualization, Amazon Web Services, network, applications, firewall, SSO, Outlook/O365 Domain controllers, Linux and Windows servers, Amazon Web Services and password/ identity management systems
• Create custom PowerShell and VB scripts to increase performance and reliability, automate processes and backup systems, PKI and Active Directory.

Confidential

Authentication & Identity Engineer

Responsibilities:

• Evaluated and implemented Active Directory, Azure AD, ADFS and PKI solutions, Certificate Lifecycle Management solutions all the Confidential companies
• Assisted in the design, setup and management of numerous systems for all Confidential companies.
• Active Directory, Azure AD, ADFS, DNS, DHCP, certificate authorities, PKI Policy, Life Cycle management and auditing of Active Directory and PKI Infrastructure.
• Completed many successful projects for migrations, mergers and acquisitions.
• Architected and implemented single and multi-forest domains and certificates authorities
• Migrated servers, applications, Active Directory domains and objects and certificate authorities on-premise and in the cloud
• Built, migrated, patched, and supported Windows Servers, domain controllers and Linux Servers.
• On-premise and in Amazon Web Services (AWS) cloud.
• Provided on-call and 3 rd level support to help collaborate, troubleshoot and resolve advanced issues.
• Active Directory, Active Directory Federated Services, ADCS/PKI, domain trusts, DNS,DHCP, GPO, IIS
• Network, firewall, applications, virtualization technology/VMware, single sign-on (SSO), email
• Windows servers, Linux servers, domain controllers, Amazon Web Services
• Management and administration of AWS Services: EC2, VPC, S3 Buckets, Elastic Load Balancer, Route 53, and IAM (creating roles, users, groups)
• Created custom PowerShell and VB scripts for automation of processes and for generating alerts for critical systems and applications.
• Automation of processes and backup of DNS, PKI, Active Directory, critical systems, applications
• Alerting on PKI, ADFS, Active Directory, critical systems and applications to proactively prevent failures and outages
• Enabled and managed Identity & Access Management using CyberArk, Azure AD, and SSO using Ping
• Managed and control access for servers, applications and systems
• Configured SSO\MFA for applications and servers using Azure, Oauth, SAML, Open ID Connect and modern authentication

Confidential

Account payable Analyst

Responsibilities:

• Worked with SAP for payment processing, credits, and reporting.
• Reduced negative impact on cash through painstaking review of vendor statements.
• Prepared month-end accruals and forecasts for different vendors.

Systems Administrator

Confidential

Responsibilities:

• Managed and supported Active Directory, Active directory certificate services\PKI, DNS, DHCP, GPO, and Exchange.
• Provided 3 rd level support to help collaborate, troubleshoot and resolve issues.
• Active Directory, Active directory certificate services/PKI, domains, trusts, DNS, DHCP, GPO Network, virtualization technology/VMware, Windows servers, Outlook/O365 and password/identity management systems
• Ensured all server hardware, operating systems, software, and procedures aligned with organizational standards and strategic business plan.
• Applied best practice and performed risk analysis, assessment of the AD and PKI environment, identify gaps, summarize the findings and create tasks to implement recommended solution to close the gaps
• Performed daily system monitoring.
• Verified integrity and availability of all hardware, server resources, systems and key processes
• Reviewed system and application logs, verified completion of scheduled jobs, backup files
• Utilized Powershell and VB scripts to automate processes, set up alerts on servers and systems.