SUMMARY Over 18 years of experience in Information Systems Administration, Engineering, Installation, Integration, and Security with Microsoft based Operating Systems, working with customer agencies in both the DoD and commercial arenas. I am experienced in process improvement, Security Compliance Governance, Security Auditing and reporting, as well as the day to day Engineering and Administration of servers within the Boundary. Possess strong problem solving, communication, leadership, and mentoring abilities.

Security Clearances in past positions: Public Trust Clearance, DoD Secret, Investigation for TS.

EXPERIENCE

Confidential

Engineer Information Security

• Performed a review of the security settings implemented in the Microsoft Server 2003 baseline, vetting it back to CIS and NIST standards and created a new security baseline for the Microsoft Server 2008 server builds. Documented the Security Compliance process as it applied to the MetLife Microsoft Server Engineering related teams, and helped the involved teams implement the process when implementing the necessary security scans for post build, and pre-production to ensure the baselines followed through the process.
• Performed and integral support role on the Project to remove unnecessary, unsecure, unwanted Services residing on Microsoft, AIX, Linux servers Enterprise wide providing guidance about the services to the multiple Business Units and how to perform the necessary checks and verifications.

Confidential

Systems Administrator

Performed Citrix Migration from Prior version 5.0 to Citrix 6.5. The prior version did not have the capability to perform Roaming Profile Management. Brought new XenServers up, performed AD modifications then migrated the users and profiles to the new OU created for the new Citrix version of XenServer and XenDesktop, verified with the customer that they had access and that all of the functionality worked, and decommissioned servers as necessary. Performed this process for 850 users in all sites across the U.S.

Confidential

Information Security Engineer

• Performed an operational and engineering role on a project to encrypt all laptops within the organization country wide and overseas with the COTS product Safeguard Easy, to include scheduling with the customers, and implementing the encryption remotely and troubleshooting any issues to completion.
• Tested, Documented the process for the USB encryption Project utilizing the Truecrypt encryption for all USB mobile memory devices.

Confidential

Information Security Engineer Lead Microsoft Engineer

• Performed role on multiple teams that traveled to locations in country, and out of country performing Boundary assessments on the Tricare Project for DISA.
• The security Audits were performed on all devices that connected to the network within the boundary to reveal any security violations that needed to be documented, and remediated in order to obtain the Authorization to Operate approval.
• Worked with the Engineers helping them to resolve all vulnerabilities utilizing industry best practices, as well as all Department of Defense Advisories and tools to ensure that all devices met the necessary requirements to be connected to the Department of Defense MAN.
• Performed security scans and audit work using the following tools: Retina, Gold Disk, and DIACAP Audit Guidelines.
• Scanned all Security event logs that are collected, and investigated the cause and whether they warranted further investigation by Security.

Confidential

Systems Administrator Team Lead

• The site comprised of two physically separate networks, one classified network with 100 servers, and one un-classified network with 250 servers.
• Responsible for all Security patching maintaining the security posture of the Microsoft based servers in both environments as well as all day to day break fix work as well as commissioning, and decommissioning servers. Work was performed utilizing SMS 2003 R2, WSUS, and manually managed and scripted Q-chains scripts.
• Managed the following technologies in the role: Microsoft Server Versions: NT 4.0, 2000, 2003, 2008 Microsoft Exchange 5.5, 2003 VPN Server 2003, SMS 2003 R2, Sharepoint 2005 R2, IIS 6.0 servers, MS SQL Servers various builds, Blackberry BES Server, VMWare.
• Performed security scans and audit work using the following tools: Retina, Gold Disk, and DIACAP Audit Guidelines.
• Scanned all Security event logs that are collected, and investigated the cause and whether they warranted further investigation by Security.

Confidential

Lead Systems Administrator

• Led a team of 4 Systems Administrators on all aspects of Microsoft Server 2003/2008 administration tasks and day to day operation.
• Performed Active Directory modifications, OU creations, deletions and security ACL changes to ensure security met DIACAP standards, and when integrating new products into the AD Enterprise infrastructure.
• Monitored Active Directory to ensure it was functioning properly, and responsible for troubleshooting instances when we were experiencing issues within our Agency, or issues between Agencies.
• Managed the Group Policy Implementation, and troubleshooting Policy issues.
• Administrated the PKI smartcard, and Certificate server for the Agency. We had a console for managing cards and resetting passwords.
• Responsible for maintaining Security Posture of all Servers within the enclave following the Dept. of Defense alerts received from related security agencies.
• Also performed the role of the SMS/SCCM application SME.
• Implemented and managed the laptop and data encryption utilizing Credant Enterprise Server.
• Microsoft Server Versions: 2003, 2008 Certificate Authority Servers, Microsoft Exchange 2003, 2007 VPN Server 2003, SMS 2003 R2, Sharepoint 2005 R2, IIS 6.0 servers, MS SQL Servers various builds, Blackberry BES Server, VMWare.
• Performed security scans and audit work using the following tools: Retina, Gold Disk, and DIACAP Audit Guidelines.
• Scanned all Security event logs that are collected, and investigated the cause and whether they warranted further investigation by Security.
• Microsoft Server Versions: 2003, 2008 Microsoft Exchange 2003, 2007 VPN Server 2003, SMS 2003 R2.
• Performed security scans and audit work using the following tools: Retina, MBSA, Gold Disk, and DIACAP Audit Guidelines.

Confidential

Systems Administrator

• Member of the Systems Administration of a secure network within the Bureau of Labor and Statistics that processed the Cost Pricing Index Report.
• Performed Active Directory modifications, OU creations, deletions and security ACL changes to ensure security met NIST and Agency standards, as well as when integrating new products into the AD Enterprise infrastructure.
• Monitored Active Directory to ensure it was functioning properly, and responsible for troubleshooting instances when we were experiencing issues within our Agency, or issues between Agencies.
• Managed the Group Policy Implementation, and troubleshooting Policy issues.
• Responsible for the security patching of servers and desktops within the boundary.
• Performed day to day administration tasks as well as break/fix work.
• Managed the SMS enclave within the secure boundary.
• Ensured that disaster recovery COOP site was tested and functioning monthly.
• Microsoft Server Versions: 2003, 2008 Microsoft Exchange 2003, SMS 2003 R2, IIS 6.0 servers, MS SQL Servers various builds.

Confidential

East Coast Remote Site Lead Systems Administrator / Engineer

• Responsible for managing the day to day Administration and IT tasks for 5 remote sites.
• 30 servers and 150 desktops.
• Performed IT requests made from the Network engineer at the Home office on Cisco Routers, Switches, Taclane tunnel encryptor devices.
• Managed remote site laptop encryption to ensure safety of data on mobile devices.
• Managed an NT 4.0 SP4 domain that was a precursor 'Sharepoint site' that was comprised of 2 Web Servers, 2 SQL servers, 2 IIS servers for document publishing for SPAWAR.
• Performed Active Directory modifications, OU creations, deletions and security ACL changes to ensure security met NIST and Company standards, as well as when integrating new products into the AD Enterprise infrastructure.
• Monitored Active Directory to ensure it was functioning properly, and responsible for troubleshooting instances when we were experiencing issues within our Company, and between remote sites.
• Managed the Group Policy Implementation, and troubleshooting policy issues.
• Performed all patching on desktops and site based servers for each of my sites as well as day to day maintenance and break fix
• Performed cabling, and cable troubleshooting from desktop to patch panel, as well as troubleshooting connectivity between sites.
• Performed security scans and audit work using the following tools: Retina, Gold Disk, and DIACAP Audit Guidelines.
• Scanned all Security event logs that are collected, and investigated the cause and whether they warranted further investigation by Security.
• SKILLS Microsoft Applications: Active Directory, Group Policy, Exchange 5.5, 2003, 2005, 2007
• SMS 1.2, 2.0, 2003 R2, SCCM Microsoft VPN Server 2003 IIS 4.0, 5.0, 6.0, 7.0 Sharepoint 2005 WSUS, SQL, HyperV
• Antivirus Solutions: Symantec, McAffee, Norton, Trend Micro, Nod32.
• Endpoint Protection solutions: HBSS, BladeLogic, Symantec, Norton, Trend Micro, Nod32, Personal firewalls
• Enterprise monitoring: SCOM, Whatsup gold, MRTG, Nagios, Solar Winds, Net IQ, BMC
• Security tools: Retina, Metasploit, Nmap, Ophcrack, Cain and Abel, Wireshark, OWASP Mantra Security Tools, aircrack-ng, Snort, Kismet, App Detective, WebInspect
• Hardware: Dell, HP, Cisco, Security Appliances, Blade servers, Cisco devices.
• SYSTEMS Microsoft Server OS: NT 4.0, 2000, 2003, 2008, Linux CentOS
• Microsoft Desktop OS: 95, 98, NT workstation, 2000 workstation, XP, Windows 7.0