SUMMARY OF QUALIFICATIONS

• Experienced Systems Engineer seeking Traveling / Remote/Telecommute opportunities
• Systems Engineer with expertise in system administration, networking, and security.
• Over 12 Years of cross - platform experience in system administration, including analyzing, designing, installing, maintaining and administering hardware, software, peripheral and networks.
• Superior troubleshooting and technical support abilities with migrations, network connectivity, security and database applications.
• Proven track record in IT Security Systems administration and IT Security Auditing.
• In-depth and results-oriented IT professional with experience in Systems and Security Process automation.

TECHNICAL SKILLS

• Hardware: Windows, Dell Server Hardware, EMC Avamar Backup
• Software: Microsoft Office Suite - 2003, 2007, 2010, Symantec Backup Exec, FIM,ILM, Microsoft SQL Server 2005 and 2008, Citrix, ADFS Single Sign-On, Unified Access Gateway (UAG), Antivirus
• Programming Languages: C++, HTML, Pascal, VB Script, ADSI, LDAP Query, Java Script
• Operating Systems: Windows Server 2003, 2008 R2, Server 2012 R2, XP, Vista, Windows 7
• Database Platforms: Microsoft SQL Server 2005,2008, Relational Database Management Systems (RDMS)
• Networking: Ethernet 802.3, 802.11,DHCP, DNS, FTP, NAT, IIS, VPN, LAN, routers, cabling, TCP/IP
• Computer: Active Directory, VMware ESXi 5.x & 6.x, Hyper-V, Virtualization, SCCM & SCOM 2012

PROFESSIONAL EXPERIENCE

Confidential

Responsibilities:

• Designed, configured and manage multiple Identity & Access Management solutions including Sail Point IIQ Governance 7.0, Federation Services, Azure Cloud solution and Identity Manager.
• Microsoft Windows Azure AD (WAAD) Tenant Setup with Azure AD Connect setup and configuration to synchronize on-premises AD domain accounts to Azure AD Tenant
• Manage Hybrid Cloud Environment for WAAD and On Premises Active Directory
• Maintain Bit9/Carbon Black environment in Visibility, Low, medium and high enforcement for all Domain Controllers.
• Integrated Cloud Azure MFA with VPN for Radius authentication with Office 365 Multitenant solution and Cloud Applications
• Configured Microsoft Azure Multi Factor Authentication (MFA) integration with CyberArk EPV Solution across multiple Data Center Sites for High Availability and Disaster Recovery.
• Setup and Published Azure MFA Phone and Mobile Portal on Azure Application Proxy for access internally and externally on the Public Domain
• Identity & Access Management of User objects in Microsoft Identity Lifecycle Manager (ILM) and FIM 2010 R2, PeopleSoft and Active Directory domain
• Establish automated Processes and scripts using VB and PowerShell scripts for Management of AD objects and account processes.
• Setup, tested and managed MFA for Azure AD Tenant integration for Office 360 Cloud Users
• Active Directory Users & Computers (ADUC) OU architecture, design and administration
• Microsoft Active Directory Federation Service (ADFS 2.0) instance design and setup on Microsoft Windows Server 2008 R2 Enterprise server. Setup ADFS Server Farm for Development and Production to connect to Microsoft SQL 2014 DB instances.
• Configure LDAP Authentication and Authorization between ADFS (2.0 and 3.0) and Active Directory for Trust relations in Web SSO setup for federated Users.
• Seamlessly updated ADFS SSL, Token Encrypting and Decrypting certificates on Production and Development servers without any downtime to over 70,000+ users
• Deploy ADFS WAP & Federation Proxy Farm for HA on Production & Development environment
• Successfully migrated 20 SSO Application from Development to Production ADFS Farm.
• Coordinate, Test and publish Approved Applications via UAT in ADFS 2012 R2 Server Farm
• Microsoft ADFS Capacity Planning for High Availability and Redundancy across multiple Sites and Data Centers.
• Designed and implemented Enterprise Password Vaults including Thycotic Secret Server Suite Version 8.0.
• Scope and design network architecture for the implementation of Thycotic Secret Server Enterprise Password Vault solution and integration with LDAP and Radius.
• Manage Secrets on Windows and Unix Platforms and configuration of Privilege Manager for Windows using Secret Server
• Manage and administer ADFS Server Farm Test and Production instances with over 20 Application utilized by over 70,000+ Users.
• Manage and administer Splunk for monitoring an auditing user and object access on network
• Manage Privileged domain Service Account and Application Accounts in PIM Suite
• Implementation of CyberArk PAS including components with on Premise Identity
• Implemented and manage CyberArk Enterprise Password Vault (EPV), Central Policy Manager (CPM), and Privileged Session Manager (PSM), accounts, Master Policies, safes, usages and Password Vault Web Access (PVWA) 9.7.
• Manage Cyber Ark Privileged Session Manager
• Integrate EPV with BMC Service Desk for Process request Workflow
• Privileged Account Auto discovery and automatic password management in Vault
• SailPoint Identity IQ Governance Application implementation, installation & administration
• SailPoint Employee and Manager Security Audits & Access Review administration
• Schedule, monitor and manage IT SOD SOX processes in SailPoint IIQ
• Integration of SailPoint IIQ (7.0) with Active Directory and Relation databases via ODBC and flat files
• Security Account and End User Access Control Administration
• Designed and implemented New ADFS 3.0 Web SSO Production, Stage and Development Farm environment running on Server 2012 R2
• Coordinated with Business Partners to setup migrate and setup Trust in ADFS for SSO applications to migrate from ADFS 2.0 & 2.1 environment to 3.0 Environments.
• Designed, setup and configure Microsoft Azure AD Multi-Factor Authentication for internal and external SaaS application published on ADFS 3.0 Farm
• Use Fiddler and HTTP Analyzer to analyze, troubleshoot and monitor Web SSO traffic
• Setup and establish SSO setups and trusts with Business customers using metadata information

Confidential  

Responsibilities:

• Configured, install and maintain Windows Desktops, Servers, Printers and LAN cabling.
• Setup and maintain Virtual Infrastructure including VMware ESXi 4/5 and Hyper-V servers.
• Configured and administer Thycotic Secret Server Vault & Cyber-Ark PIM Suite/Enterprise
• Setup Enterprise Password Vault solution to integrate with domain and discovered over 10,000 privileged Windows/ SQL/ local accounts on the network domain and DMZ zones.
• Password Vault solution to monitor privileged accounts and passwords.
• Privileged Account discovery and password management in Vault.
• Manage daily backup processes using EMC Avamar and ensure rapid recovery of data loss.
• Implement and manage Active Directory domain network on Server 2003 & 2008 R2 including DHCP, DNS, Group Policies (GPOs), DFS, Print and File Services, FTP administration
• Active Directory Federation services, Patch Management, SEIM solution implementation.
• Create and implement automated processes/scripts in VB, Batch and PowerShell scripts.
• Administered and installed Symantec Anti-virus (SEP) programs on client networks systems.
• Manage Infrastructure Resources in Hybrid Cloud Environment for Azure Active Directory and on Premise Active Directory Domain

Confidential

Responsibilities:

• Responsible for the successful deployment of Enterprise hardware and software projects within the customer’s environment.
• Assisted with on-site integration, installation, implementation, maintenance and repair of Dell IT hardware and security systems.
• Data Center Systems migration for servers and network equipments.
• Escalated Break/fix troubleshooting of Dell hardware.
• Implemented and managed Active Directory domain network on Server 2003 & 2008 R2.
• End- User Application review, implementation and security setup on Microsoft Windows and IIS web Application servers.
• Managed, audit and setup discovery for Privileged User and Service Accounts in Password Vaults
• Reviewed layout and setup of Enterprise Password Vault solutions on client site including Privileged Identity Manager and Privileged Session Manager for Cyber-Ark Solutions, Dell One Privileged Password Manager and Thycotic Secret Server.

Confidential, Oklahoma City OK

Responsibilities:

• Control and configured security access based on approved user requests.
• CA Identity Suite and Control Minder Proof Of Concept configuration on Physical and Virtual Lab Environment for managing Privileged Identities and control End - User Password access and management.
• Designed and implemented Enterprise-wide SIEM log and Event monitoring systems including Prism Micro Systems Event Tracker, Stealth Audit, and ArcSight.
• Experience administering and analyzing syslog and security logs on IT Systems.
• Integrated corporate Active Directory (AD) environment with internal and external/hosted web application for consolidation of User administration.
• Maintain integrity of IT security infrastructure by maintaining and upgrading systems and client software as needed using Systems Center (SCCM) via Patch management.
• Implement programmed processes to report on all End-User access controls for SOX Auditing.
• Designed and implemented automated processes via secured coding including VB scripts for IT administrative and IT Security tasks.
• Managed and monitored server and network devices daily in SolarWinds Orion including device entry and classification into groups and troubleshooting connectivity issues.
• Administered IDS systems including McAfee, Trend Micro System and WebSense.
• Administered, backed up and restored network data, coordinated and migrated over 200 servers running on Windows and UNIX servers to a newer version of EMC Avamar Backup client.
• Setup, support, manage and maintain over 500 physical and virtual servers from Windows Server 2000, 2003, 2008 and 2012 in VMware and Hyper-V via Windows Remote Server Administration Tools (RSAT) and Vsphere.
• Data center network management including Disaster recovery using SRM, AD, DNS, DHCP, VPN, LAN, and firewall rules in IPS including Threat Management Gateway (TMG) 2010.
• Ability to multi-task and manage multiple concurrent projects and incident requests.
• Manage, monitor and ensure system connectivity for all servers and other applications.
• Engineered and implemented Automated VB Scripts for the Provisioning and De-provisioning of End-User domain accounts from company database to Active Directory Domain.
• Coordinated and implemented primary data center core switch replacement while maintaining full services to the organization during the maintenance.
• Engineered and implemented dual network interface connection to all SandRidge servers to the high-availability core switch for continued application services in the event of a core switch failure. The functionality was proven to be effective during a data center core switch replacement by providing solid performance through the removal of the primary core switch network device.
• Researched and implemented Application & Windows security solutions.
• Designed and implemented Enterprise Password Vaults including Thycotic Secret Server and Cyber-Ark Privileged Identity Manager (PIM) Suite.
• Scope and design network architecture for the implementation of Thycotic Secret Server Enterprise Password Vault solution.
• Implemented Cyber-Ark Privileged Identity Manager including Enterprise Password Vault, Privileged Session Manager, and On-Demand Privileges Manager in a Proof of Concept (POC)
• Setup secure sessions and proxy access to all SOX systems/application and servers for Privileged access by Systems Engineers and IT Management
• Utilized Enterprise Password Vault solution to integrate with domain and discovered over 10,000 privileged Windows/ SQL/ local accounts on the network domain and DMZ zones.
• Integrated Thycotic Secret Server Enterprise Password Vault with BMC Service Desk Incident request tracking system and SIEM solution (Event Tracker, Stealth Audit and ArcSight)
• Analyzed security incidents as well as liaised with outsourced IT Security services on internal and external monitoring of critical systems.
• Implemented Active Directory domain network on Server 2003 & 2008 R2.
• Designed and implemented multiple Group Policy Objects (GPO) on multiple domain network
• Engineered and implemented an Enterprise-wide Identity and Access Lifecycle Management solutions in-house for administration, Provisioning and de-provisioning of domain accounts.
• Reviewed and implemented and tested multiple IAM solutions from Microsoft Forefront Identity Manager (FIM), CA Identity Manager and Quest Active Roles Server (ARS).
• Designed and successfully implemented Active Directory Federation Server (ADFS) farm and connected to existing Active Domain Network for various technologies to attach to ADFS environment for Single - Sign on (SSO).
• Setup IIS server and troubleshot SAML 2.0 assertion errors for web applications integrated into ADFS environment with back end data sources using Fiddler and HTTP watch tools.
• Successfully installed and implemented Microsoft Unified Access Gateway (UAG) environment for the publishing of web based applications for access externally.
• Microsoft SQL Server Database design, implementation, and administration.
• Working knowledge and administration of AD objects in Microsoft Exchange 2007/2010.
• Assisted with AD Domain Trust and Forest Trust setups during acquisitions and migrations
• Troubleshot Oil & Gas and energy based application issues.
• Desktop, Laptop, Phone and Multi-Function Printer hardware/software support.
• Installed, configured and supported WAN, LAN, and WLAN networks.
• Performed all levels of hardware and software systems supports for over 1,500 clients.
• Supported about 2500 employees in about 3 locations nationwide, including corporate office.

Confidential, Oklahoma City OK

Responsibilities:

• Served as Technical liaison between confidential Tech Support and Child Care Agencies.
• Trained all Oklahoma Child Care Agency staff and interviewed staff on database needs.
• Managed all IT Infrastructures and administrated the Computer network.
• Administered statewide database that supported all Child Care agencies.
• Coordinated and migrated entire regional office from workgroup network onto a domain.
• Created user manuals and provided technical support sessions for new Child Care Resource employees across the State of Oklahoma.

Chesapeake Energy, Oklahoma City OK

IT Security Systems Engineer

Responsibilities:

• Reviewed and implemented controls to clean-up Active Directory stale accounts from domain.
• Analyzed security incidents as well as liaised with outsourced IT Security services on internal and external monitoring of critical systems.
• Implemented Active Directory domain network on Windows Server 2003.
• End User and Application IAM on SQL and Windows Server Platform.
• Working knowledge and administration of objects in Microsoft Exchange 2003.
• Troubleshot Oil & Gas and energy based application issues.
• Implemented automated processes to report on all End-User access controls for SOX Auditing.
• Managed Active Directory domain network on Server 2003 including DHCP, DNS, Group
• Policies (GPOs), DFS, File and Print Services, and AD User Objects