SUMMARY:

• Over 12+ Years of progressive responsibilities and expertise in performing Systems Administration of Microsoft Windows Servers 2016, 2012/R2, 2008/R2 and previous versions on hardware infrastructure, VMWare and HyperV based virtual infrastructures, and servers based in the 3 major Cloud providers AWS, Microsoft Azure and Google Cloud Platform.
• Extensive work experience on Active Directory Domain Services including promotion of member servers as Domain Controllers, decommission of DCs/demoting DC roles, placement of FSMO roles between on - prem and Cloud Infrastructure.
• Experienced in designing and implementing Privileged Access Management (PAM) using Microsoft tools such as Group Policy, Password Settings Objects, and 3rd party tools such a CyberArk vaults for securing accounts and PingID MFA for muti-factor authentication.
• Experienced in creating and managing Group Policy for environments, and administering various account exceptions via Password Settings Objects.
• Ability to understand the existing architecture and work flow of Active Directory in an environment and work on troubleshooting issues related to FSMO roles, directory partitions, global catalog, replication using GUI based tools as well as command line tools including NTDSUtil, Repadmin, Dcdiag etc.
• Administration of Active Directory Lightweight Directory Services, including upgrading ADAM instances running on Server 2003 to ADLDS instances running on Server 2008 R2 for End of Life projects.
• Experience with implementing Active Directory Certificate Services; Build servers and setup Root CA and SubCAs for environment for issuing SHA2 certificates; This project was for SHA1 deprecation.
• Setup SCOM 2012 R2 monitoring for a large environment; Installed Management servers in the root domain and Gateway Server in DMZ to monitor all aspects of the environment using Management Packs.
• Setup SCOM alerts to auto create tickets in BMC Remedy, and forward alerts as emails to respective teams via subscriptions.
• Setup Dell Unified Communications Command Suite Diagnostics (Spotlight Monitoring) for Exchange services monitoring for a large environment.
• Administration of Office 365 as a federated domain, using ADFS and Azure AD sync.
• Authored PowerShell scripts to automate various admin tasks including Active Directory management, SCOM administration and daily Windows Administration tasks.
• Virtual server migrations on VMware ESXi 4.x and 5.x host servers.
• Administration of virtual server infrastructure using VMware vSphere client, vCenter Server.
• Extensive experience in Server Migrations from Windows 2000 to Windows 2003, Windows 2003 to Windows 2008 and Windows 2008 to Windows 2012.
• Extensive experience in developing Perl scripts to automate the tasks involved in Server Migrations and Desktop OS migrations.
• Proven experience in IT infrastructure planning, performance, monitoring, development, and familiar with applicable data privacy practices and laws.
• Extensive experience in performing desktop support of Windows 8, 7, Vista and XP.
• Capable of managing numerous projects while leading cross-functional teams to meet and exceed overall IT initiatives.
• Ability of effective prioritization and execution of tasks in a high-pressure environment, in addition to exceptional customer service orientation.
• Extensive work experience in a team-oriented and collaborative environment.
• Proven analytical, evaluative and problem-solving skills.

TECHNICAL SKILLS:

Operating Systems: Windows Server 2016, Windows Server 2012/2012 R2, Windows Server 2008/2008 R2, Windows Server 2003/2003 R2, Windows 2000 Server, Windows 10, Windows 8.1/8/7 and Windows XP. Working knowledge on Unix and Linux platforms.

Cloud Infrastructure: Amazon Web Services, AWS: EC2, Cloud Formation, Route 53, VPC, S3, Directory Service, ELB, CloudWatch, SNS Topics, AWS PowerShell

Microsoft Azure: Virtual Machine, DNS, Virtual Network, Load Balancer, Azure AD, Office 365 Administration, Google Cloud Platform, GCP: Compute Engine, Cloud DNS, Cloud Virtual Network, Cloud Load Balancing

VmWare: VMware vCentre Server, vSphere 4.x and 5.x, ESX and ESXi hosts, VDS, DRS, HA, iSCSI and FC Datastores

Microsoft: Hyper V, SCVMM, SCDPM, SC Orchestrator, App Controller, Remote Desktop Services, VDI, Terminal Services, Microsoft Virtual Server 2005/2008, Microsoft Virtual PC.

Active Directory: Design, Installation, Configuration & Troubleshooting. DC Migrations, IFM, GPO, Privileged Access Management(PAM)

Remote Install: WDS, RIS, Symantec Ghost

Network Servers: DNS, DHCP, NLB & Failover clusters.

File Servers: BranchCache, DFS, FTP, Windows SharePoint Services.

Office Servers: Exchange 2010, Exchange Management Console

Patching: WSUS, SCCM, SMS Admin, DameWare Mini Remote Control.

Remote Access: Direct Access, VPN, VPN Reconnect, DialUp Server, NATRRAS, RADIUS.

Web Servers: Internet Information Services 6.0/7.0/7.5

Scripting: Windows PowerShell, Perl

Addressing: IPv4 and IPv6

Hardware: Dell/HP/IBM infrastructure; DRAC, ILO and RSA.

PROFESSIONAL EXPERIENCE:

Confidential, McLean, VA

Sr. Active Directory Engineer

Responsibilities:

• Provide 24x7x365 operational support of an enterprise level and highly complex Active Directory environment consisting multiple domains.
• Perform common responsibilities such as domain controller promotion and demotion, organizational unit setup and delegation of administration, group policy creation and modification, administration of AD sites, subnets and site links, and schema changes.
• Build servers in the Multi-cloud architecture (AWS, Microsoft Azure, Google Cloud Platform), and promote them as Domain Controllers. Manage\Administer the Cloud DCs to be running on latest image by Cloud vendor, replicate to on-prem DCs, and provide authentication services to Cloud enabled apps.
• Worked on design\implementation of Privileged Access Management (PAM) in the environment to categorize user accounts and server/computer objects in a tiered model. In the tiered approach, only accounts from the same tier level can access/interactive login to servers\workstations in the same level.
• Upgrade and maintain existing Active Directory Domain Services infrastructure; Promotion and demotion of Domain Controllers, placement of FSMO roles.
• Creating and managing Group Policy for the environment, and administering various account exceptions via Password Settings Objects.
• Usage of Dell Change Auditor or StealthIntercept for auditing changes in the Active Directory environment.
• Restore changes in the AD environment using Dell RMAD or StealthRecover.
• Extensive usage of PowerShell with Active Directory module to perform infrastructure tasks to providing compound reporting of the environment.

Confidential, Lansing, MI

Windows Server Administrator

Responsibilities:

• Upgrade and maintain existing Active Directory Domain Services infrastructure; Promotion and demotion of Domain Controllers, placement of FSMO roles.
• Creating and managing Group Policy for the environment, and administering various account exceptions via Password Settings Objects.
• Implemented periodic password change policy for the Domain Administrator account by investigating dependencies for the account and moving dependencies to newly created service accounts.
• Administration and management of AD Lightweight Directory Services instances; Upgraded ADAM instances running on Server 2003 to ADLDS instances running on Server 2008 R2, administering user objects and group objects by binding to AD LDS instances.
• Implement Active Directory Certificate Services; Build servers and setup Root CA and SubCAs for the environment for issuing SHA2 certificates; This project is for SHA1 deprecation.
• Create certificate templates as per various team’s requirements. Worked on increasing default tenure of issued certificates as some teams requested certificates longer than what the CA could issue by default.
• Administration of Office 365 as a federated domain, using ADFS and Azure AD sync.
• Authored PowerShell scripts to automate various admin tasks including Active Directory management, SCOM administration and daily Windows Administration tasks.
• Management of the DFS infrastructure for file servers running on Windows Server 2008.
• Worked on implementation of CyberArk security infrastructure for securing admin access to Windows Servers.
• Worked on implementation of SailPoint infrastructure for single sign-on implementation.
• End to end handling of new Server builds -
• Hardware resource requirement analysis.
• Decide on names, IP for the new server and co-ordinate DNS update.
• Co-ordinate for required ports to be opened if the server is going to be in the DMZ.
• Build the new server (physical server) or create the new VM in VMware vCenter.
• Installing BMC Footprints, patch via Footprints and set the new system up on a monthly patch cycle going forward.
• Securing the new build with Symantec Antivirus.
• Co-ordinate for Tenable security scan of the server, and work on resolving the vulnerabilities reported.
• Installing Tivoli Storage Manager and setting the system on a daily backup schedule.(Co-ordinate with Storage on setting up the new node on the TSM server)
• Co-ordinate with individual requesting teams/vendors and install other software as needed for the new build.
• Setup monitoring of the server and required services in Microsoft SCOM and Nagios.
• Create run book documentation (to include all core details of the server, applications installed, scenarios to be considered for restarts, downtime etc.) for the new build.
• VMware Administration of the ESX 4.1/5.0 environment
• Analyze current data store capacity, and add new data stores to the various ESX host clusters when needed.
• Snapshot management and Resource management of existing VMs. vCenter based warning and alert management.
• Setup and maintain SCOM monitoring (Internal Management servers, and DMZ Gateway server) for the Windows Environment, Exchange Environment and other environments supports by the Windows Server Admin team.
• Setup and maintain Dell UCCS Diagnostics/Spotlight Monitoring for Exchange and Lync environment.
• Work on Incident Tickets, Change Requests and Problem Investigations on BMC Remedy.
• Work on projects assigned and implement on a timely fashion via WorkFront.
• Serves as Level-3 escalation for Windows Server supported applications and hardware.
• Be on 24/7 availability on a weekly on-call rotation schedule in the team.

Confidential, Annapolis, MD

Sr. Systems Analyst

Responsibilities:

• Level 3 OS administration support of Windows Servers (2008/2012) installed on Physical as well as Virtual infrastructure.
• Hardware support of Physical servers built on Dell/HP/IBM infrastructure.
• Configuration and administration of Virtual servers hosted on VMware ESXi 5.1 servers using VMware vSphere 5.1 and vCentre Server.
• Investigating SAN connectivity issues using SANsurfer FC HBA Manager.
• Troubleshooting issues related to Failover Clusters and failover policies effecting clustered resources.
• Investigate issues related to failed backups.
• Configuring NIC teaming.
• Troubleshooting issues related to monthly server patching.
• Active Directory management of user and computer objects.
• Respond to automated alerts with regards to a wide range of hardware, software, storage and network related issues with the servers.
• Handling Trouble Tickets and Change Management Tickets to resolve various issues and requests raised by users.
• Create Change Management tickets and work with application team and hardware vendor to co-ordinate maintenance window and work on hardware troubleshooting and part replacements.

Confidential, Atlanta, GA

Network and Computer Systems Administrator

Responsibilities:

• Level 4 Support for migration of servers from Windows 2003 (HP G7 Server) to Windows 2008 (HP Gen8 Server).
• Level 4 Support for migration of desktops from Windows XP to Windows 7.
• Level 4 Support for Tablets running Windows 7.
• Worked on BitLocker encryption related issues on Windows 7 workstations.
• Automated the daily tasks of systems administration through Perl, PsExec, VBScript and Power Shell.
• Liaising with various vendors in systems integrations, Design and Architecture.
• Active Directory management of user and computer objects.
• Perl scripting and automation for ad-hoc requests based on the change control.
• Implementing RAID configurations.
• Working on the customization of hot fixes and critical fixes released from Microsoft.
• Working on Cisco Routers and Switches to analyze issues with the network in Production.
• Developed Perl scripts for auto-login to routers/switches and gather required details during change management.
• Supporting Level 3 and Level 2 teams for fixing production issues.
• Level 4 support for Banking Centre operations related printer implementations.
• Usage of various reporting methodologies to track the progress of the change management schedule.
• Maintenance of lab environment replicating Banking Centre setups for testing.
• Manage and maintain IIS based websites, used for in-house tool hosting.
• Responsible for new Banking Centre setups, including network and computing devices.

Confidential, Rochester,NY

Sr. Systems Engineer

Responsibilities:

• Bulk management of Active Directory objects.
• Promotion of member servers to domain controllers.
• Troubleshooting active directory replication issues.
• Provisioning virtual servers and workstations on VMware ESX servers.
• Campus Infrastructure Support (Eagan and Rochester offices).
• Distribute software using SMS Admin.
• Backups and Restore using Volume Shadow Copy Services.
• Configure and Administer DFS implementations
• Implementing RAID configurations for new servers.
• Processing mailbox creation requests and providing mailbox access rights.
• Grant various levels of access to intranet sites.
• Processing new hire Unix account requests.
• Troubleshoot Windows, Microsoft Office and other software related issues for users.
• Remote Management using SMS Admin and Dameware
• Work on Incident Management tickets.
• Provide remote access to Citrix farms.
• Investigate and resolve Domain lockout issues.