Professional Summary

Over 14 years of experience in infrastructure design, installation and management, and IT security operations, auditing and compliance of both commercial corporate and US Department of Defense DoD networks and enclaves. Trained and managed teams consisting of US and foreign personnel in various industry and high-risk environments in the US and eastern European and Middle Eastern regions. Worked with several foreign governmental agencies to provide training and mediation with US based vendors for support with reconstruction and development initiatives.

Employment History

Confidential

Sr. Systems Engineer

The Home Depot Store Support Center

• Serves as a Sr. Systems Engineer on the Client Systems Engineering team by providing direct platform engineering, testing and implementation of various Roles and Bundles via SCCM 2007 and SCCM 2012 architectures for deployment of Windows 7 and Windows 8 instances to devices such as NCR Point of Sale Registers, Self-Check Out registers, front-end Paint appliances, Store PCs and Corporate information systems.
• Maintains client health of over 350,000 systems within Active Directory via GPOs, PowerShell scripting, and SCCM MBAM agents to ensure that reliability baselines are consistent.
• Provides Tier III IV support for The Home Depot IT Divisions regarding Incident Management or field escalations and maintains 2,500 DPs at each store to validate content replication and synchronization of database deltas.
• Trains Associate Engineer, Engineer I and Engineer II positions on common best business practices regarding design, operations and maintenance of all IT facets to include security remediation.
• Creates SQL extracts of SCCM Database views to audit PCI-DSS systems such as POS and Store PCs to inventory any blacklisted or unknown configurations and mediates between the IT Security division and the business units to ensure compliance and/or remediation.
• Serves as configuration change management coordinator for all client related GPO, SCCM deployment, and modification submissions, approvals and post implementation validations to ensure that risk has been properly assessed and provides remediation for fallback executions.
• Coordinates with IT Developers to migrate all legacy coding to modern .Net and C target frameworks and provides guidance for specific modules that will be targeted for QAQC testing.
• Meets daily with business units to provide guidance regarding metrics and milestones for their projects and assist with expediting implementation as well as creating logical, design and technical documentation to present concepts to various audiences.

Confidential

IT Director

• Developed and maintained department operating and FTE budgets, staffing plans and schedules and determined objectives for the organization as well as created nd implemented policies and procedures in accordance with ITIL frameworks.
• Directly supervised six System Administrators and Computer Technicians to sustain and enhance operations, evaluated performance and supported training and professional growth.
• Established numerous commercial enclaves within a vSphere 4 and vSphere 5 infrastructure on Dell platforms as hypervisors connected to Dell and QNAP SAN units, created and deployed Windows 2008R2 and Windows 7 hosts via SCCM and MSDT across several networks with 1,000 workstations and 3,200 customers and migrated the organization from Windows XP with internet based email accounts to Windows 7 within an Active Directory architecture with Exchange 2007 2010 messaging platforms.
• Created a configuration management database and populated numerous config items CI such as licenses and warranty status for escrow, network circuit IDs, host service tags, various equipment attributes and subnets in order to ensure compliance and consistency.
• Conducted auditing and assessments of business, public and financial systems for detection and remediation or isolation of Personally Identifiable Information, HIPAA or PCI-DSS violations and informed executive management of findings for corrective actions.
• Secured all enclaves through SonicWall NSA E5500 and Cisco ASA 5520 web application firewalls by maintaining ACL entries, content filtering, deep packet inspection and application rules in accordance with SOPs and best business practices.
• Implemented network optimization strategies via security appliances, QoS and bandwidth caching on Ubuntu Linux servers and virtual appliances to follow best practices for an ISP to ensure fair usage and prioritization of traffic within a isolated and remote area.
• Generated metrics through Solar Winds, System Center Operations Manager and SYSLOG collaborations to create threat trend views and mitigate or eliminate risks through the execution of tactics, techniques and procedures.
• Designed a Disaster Recovery Preparedness Plan to ensure that organizations will have core functionality, integrity and availability with minimal resources and commit changes quarterly per Federal regulations.

Confidential

Site Lead / Project Manager

• Engineered and established public and isolated networks for the Office of Military Commissions for legal Defense, Prosecution and Convening Authority entities within vSphere 5 on Dell server platforms with a PowerVault MD3200i SAN as a backend.
• Maintained Active Directory Management with Exchange 2007 integration for operations and secured the networks with Threat Management Gateway 2007 to provide caching and basic ACLs over a 20MBps/12MBps satellite connection.
• Deployed and configured Windows 2008 virtual servers and Windows XP clients via Windows Deployment Services and System Center Configuration Manager 2007.
• Managed a team consisting of System Administrators, Network Administrators and Information Assurance personnel and provided training and performance evaluations as well as served as a backup for each position.
• Prepared weekly and monthly reporting to the Program Manager and US Government contracting officers and prepared cost estimates, purchase requests and budget proposals to ensure that project milestones were on track.
• Implemented SharePoint 2007 with a trouble desk template for incident tracking and problem resolution and provided metrics to customer for trend analysis.
• Responsible for the delivery of services for the prime contractor and subcontractor with ITIL standards and adherence to Federal and Regulatory guidelines to validate competency and expertise with services rendered for over 1,000 customers and 850 workstations.

Confidential

Senior Systems Engineer, SCCM

• Performed System Center Configuration Manager administration for local and remote sites with 8,000 workstations throughout the enterprise by creating, testing and deploying maintenance packages with VB and PowerShell scripts to ensure that host configurations were consistent.
• Conducted application management by creating and deploying packages and jobs to install, update or remove applications and custom scripting to modify or remove artifacts left after operations.
• Deployed Windows RE environments via OSD tasking to capture existing system state onto offsite WIM files, prepare drive layouts and install Windows 7 Enterprise via custom WIM created with MSDT.
• Maintained OS and application patch deployments with SCCM and SCUP to encompass Microsoft and third party repositories and ensured break fix testing prior to releasing to production.
• Audited host attributes via queries to enumerate and identify unauthorized software, created collections via SQL statements for action and built compliance reporting for executive summaries for management.

Confidential

Senior Systems Engineer, Lead

• Maintained public and isolated networks across multiple locations from the JTFGTMO Network Operations Center to ensure high availability of services and resources to over 5,000 customers.
• Maintained 58 Windows 2003 and Windows 2008 Dell PowerEdge server traditional and blade platforms and 32 virtual servers running on 6 hypervisors with two CX-500 SAN units.
• Established SOPs to ensure that tasks were executed in a consistent manner, priority or critical services were identified and escalated, and any modifications or updates were captured.
• Created a Disaster Recovery COOP site from auxiliary equipment and established a vSphere 4 infrastructure to host replica servers on a direct attached storage appliance.
• Managed a team of seven system administrators within Operations, Application Support, Storage and Integrations to track progress with projects, perform incident reporting and problem escalation.
• Prepared budget requests and comprehensive reporting to demonstrate the ROI/TCO relations of budget proposals within each project scope.
• Monitored Exchange 2003 and Exchange 2007 instances for mail flow problems, updated Edge configurations and archived information stores in accordance with Presidential and FOIA mandates.
• Consolidated numerous standalone SQL instances into a Windows 2008 cluster running SQL 2008 to perform database optimization by granting more resources when needed and monitor via System Center Operations Manager 2007.
• Created customer requested portals, templates and workflows within SharePoint 2007 to migrate information from filesystems and exchange mailboxes into a searchable content database.
• Performed security and application patch management with SCCM with custom scripts and WSUS for over 2,000 workstations running Windows XP and Vista.
• Provided Tier II/Tier III support for other System Engineers and System Administrators throughout Iraq and Kuwait as needed.

Confidential

Information Systems Security Analyst

• Maintained operations and configuration of enterprise email and content filtering security appliances for the US Army Reserve Command globally.
• Established baseline configurations to apply message filtering signatures, vendor policies, community updates and global threat blacklists to the McAfee IronMail/SecureMail appliances.
• Managed filtering policies, access control lists, configuration and QoS management on Bluecoat security appliances and review error logs to identify any instances of proxy avoidance, traffic anomalies and created customer redirect page content.
• Ensured archiving of firmware, configurations and traffic logs to satisfy a one-year backup retention policy.

Confidential

Senior Applications Systems Engineer

• Maintained 32 Red Hat RHEL 4 5, Fedora 10, Ubuntu and Windows 2003 servers with Oracle 10g and SQL 2005 backend databases to compose the Iraq Reconstruction Management System.
• Performed module testing and updates for deprecated software and validated PHP content before replicating to production systems.
• Managed 4 Iraq application and database administrators to evaluate coding submitted through CVS to be implemented in Middleware between applications.
• Secured Internet facing Apache Tomcat servers and managed system errata and conducted penetration testing with Metasploit and Nessus to determine the risk of the instance.
• Virtualized legacy servers such as Cisco Call Manager and Unity into a VMware ESX 3.5 environment in order prevent failure due to problematic hardware.

Confidential

Senior Systems Engineer

• Maintained four Active Directory 2003 domains for Iraq and Lebanon for over 10,000 local and remote users throughout the Middle East by providing Tier II and Tier III support.
• Supported Exchange 2003 infrastructure for 8,000 mailboxes and migrated legacy servers from Exchange 5.5 to Exchange 2003.
• Performed administration for SharePoint Portal Server 2003 and established a portal with workflows to automate project tracking and designed customer content for policy review.
• Managed three Iraqi System Engineers and provided operational guidance, mentoring, training and testing, performance evaluations and timekeeping.
• Coordinated with US Government system administrators to ensure collaboration with projects for the US Army Corps of Engineers throughout Iraq.
• Performed workstations patch management with WSUS and UpdateExpert and configuration management within Active Directory group policies and security templates.
• Maintained Cisco IronPort appliances and infrastructure virtualized appliances within VMware to mitigate security risks and reduce spam for bandwidth management between sites.
• Provided support for the Dell CX500 Storage Area Networks in regards to data management, configuration and maintenance.

PROFESSIONAL EXPERIENCE

• Experience includes: Infrastructure planning and management, designing, installation and management of Storage Area Networks Fiber channel and iSCSI , host hardware and software platform rollouts, design and management Active Directory 2000 2008R2, network security assessment scanning of vulnerabilities and topology mapping, creation, validation and auditing of access control lists, Bluecoat, Websense/Triton appliances, IronPort and SecureMail perimeter mail appliances, ASA5520 and SonicWall E5500 security appliance, host virtualization into vSphere 4.x 5.x and open source Linux based products, patch and software deployment services, Windows shell and PowerShell scripting, and Mobile application development for Android.
• Software experience includes: Windows NT-2008R2 Server Editions, Red Hat Enterprise Linux, Fedora Core Linux, ISA Server 2000 2006, Threat Management Gateway 2010, SQL Server 2005-2008, Oracle 10g, Exchange 5.5 - 2010, SCOM 2007 and SCCM 2007, GFI LANGuard Network Security Scanner, Harris STAT Guardian and eEye Retina, Nessus VM, Perl Scripting, Syslog Daemon and host agents, Websense-Triton, Bluecoat SGOS 4, Veritas NetBackup 5.1, Symantec Backup Exec 9x, Symantec Endpoint Protection 11-12, VMware Workstation, ESX Server 3.5 5.0, vSphere 4.0-5.0, Windows XP, Vista and Windows 7, MAC OS X 10.4 10.8 Workstation and Server OS, Ubuntu Server 10-13.