Active Directory Engineer
Resume:
Jeffrey Gray
425-***-**** ************@*******.*** Linked in Profile: http://lnkd.in/c4u6zp Bellevue, WA 98008
Professional Summary
With nearly twenty years of experience, I am able to offer a unique blend of expertise in many areas of Information Technology, Management, Project Management and Technical Writing. My experience is largely Microsoft concentric with an emphasis on Active Directory architecture and engineering. This also includes proficiency in all core services such as authentication, replication, site management, DNS and a thorough understanding of al FSMO roles. I consistently use a Microsoft Best Practices approach when recommending technology solutions or when participating in incident escalations. Additionally, I constantly utilize a due diligence methodology in all other areas of accountability, ensuring a secure and reliable computing environment.
Notable Achievements
Exceedingly successful “live”, Active Directory migration for Blue Origin, a local aerospace company
Numerous Active Directory and Exchange migrations for various clients; recovery / re-branding
Identify and deploy a cross platform anti-virus solution for Nintendo of America
Achieved a Microsoft authorized Cloud Services reseller status for Design Laboratory Inc.
Completed SEO initiative(s) greatly improving customer page rank and relevancy ratings
Deployed a secure Remote Access solution for the Tulalip Indian Tribes {WatchGuard, Aventail, RSA}
Successful recovery of the Exchange server platform for the Washington State Convention & Trade Center
Assess and recommend security solutions for the U of W Medical Center, Otolaryngology department
Deployed a secure wireless mesh network for Seattle Opera / McCaw Hall in support of their POS system
Design & deployed a highly efficient, 10 GB network equating to a 50K savings for Design Laboratory Inc.
Core Competencies
Active Directory, FSMO Roles, Authentication, Site Containers, Replication Optimization, Group Policy Management
DNS, Replication Topology, Reverse Lookup Zones, Conditional Forwarders, Forwarders, Scavenging
DHCP, Split Scopes, Super Scopes, Load Balancing, Failover, Dynamic Updates (DNSUpdateProxy)
Certificate Authority Services, Enterprise Root CA / Subordinate CA servers
Microsoft Exchange thru 2012
Microsoft SQL {non-DBA}
PowerShell / Merlin (AD, SharePoint, Exchange)
LAPS {Local Administrator Password Solution}
SCOM / AD management pack rules & monitors fine tuning
Business Continuity / Disaster Recovery
Technical Writing, Wiki’s, SOP’s, Standardization
Education & Certifications
Marysville Pilchuck High School: Diploma
Bellevue College: Associate of Arts / Computer Science
Bellevue College: Project Management Certification
Microsoft Cloud Services (Authorized Reseller Status)
Microsoft Certified Professional
ITIL Foundation III (in progress)
Employment History
Insight Global: Microsoft CP Engineering Team: Redmond, WA 6/23/17 - Present
Azure \ Active Directory Architect \ Engineer
Responsible for the Architecture and Administrator of both Azure and Active Directory domain environments. Maintain AD lab environments with over 45 customer applications validating SSO, TF and MFA authentication.
Primary:
Microsoft Azure ASM/ARM
Microsoft Active Directory
ADFS Configuration
O365 Administration
Web Application Proxy services
Exchange 2013 / 2016 Hybrid
SharePoint 2016 Administration
Visual Studio Team Services Portal
Key Vault Password Repository
Other Initiatives: SCCM, WSUS
Administration of Azure based Active Directory and DNS Zones
Administration of V-networks, V-subnets, LBs, NSGs, RGs, VMs
Move all End Point ACLs to NSGs for security compliance
Remove exposure of “well known” TCP/UDP ports from the internet by way of End Point, ACL and NSG management
Create plan for migration of ASM (classic) VMs to ARM VMs
Certificate Authority Services, certificate requests and renewals
Assist with testing and validation of SSO, 2FA and MFA authentication using CA and CBA with location based and mobile clients
Intune Device Compliance, Configuration in a BYOD environment
ATD Technology, LLC: AT&T Global Business 1/09/17/ - 4/14/2017
Active Directory / DNS Architect Lead
Assist with a 26 billion dollar corporate merger (company names confidential), to facilitate a “Go Live” date on the NYSE April 3rd, 2017. Member of the core AT&T architecture team supporting the merger.
Primary:
Merger liaison to facilitate communication and collaboration between the project / application silos
Assigned to the SharePoint, F5 LB, Mobility/ Desktop, Backend Traffic Monitoring & Replication initiatives
Liaison for Value Capture initiatives as mandated by the merger and acquisitions team
Facilitate consolidation of parent and “New Company” sites
Identify critical components for works stream consolidations
create site survey and conduct Gap Analysis
application functionality
application requirements
networking, routing and firewall requirements
user and service deliverables
desktop / mobility requirements
Insight Global: Partners Health Care: Boston, MA 6/27/2016 – 11/12/2016
Active Directory Risk Assessment Engineer (RAAS)
A Microsoft RAAS for Partners Health Care organization uncovered over one hundred and fifty action items with forty of those being critical or high priority in nature. Primary responsibilities were to research and resolve the issues identified. Secondary, participation in the support of the day to day Active Directory administration.
Deliverables:
Meet with all stakeholders, define the SOW, identify resources and document efforts
Address critical and high priority issues as identified by the Microsoft RAAS tool
Act as the final escalation point for all Active Directory related issues
Address medium and low priority issues as identified
Assist the existing AD team as time permitted
Power Shell scripting as required
Encode Inc.: AMN Health Care: Lenexa, KY 3/21/2016 – 5/21/2016
Active Directory Migration Architect & Implementation Engineer
Active Directory SME working to facilitate an Active Directory migration for a newly acquired business unit.
Deliverables:
Perform review of AD environments for the existing and new business units
Create Active Directory migration plan
Meet with stakeholders for review of migration plan, process timelines and milestones
Lead AD migration efforts and plan execution
Perform post migration validation for local and remote user accounts
Brillio: Microsoft Windows Device Group (WDG): Redmond, WA 12/28/2015 – 2/1/2016
Active Directory Engineer in support of the WDG networking team
Primary function was to isolate and resolve any Active Directory related issues from a networking perspective. Major deliverable was the design and deployment of a DNS Relay server architecture effectively replacing Microsoft owned DNS servers on the corporate backbone. This solution was designed and implemented in an effort to reduce DNS name resolution latency for over 170,000 client workstations in the WGD test environments.
Project(s):
DNS Caching Only Forwarders
Design and document a DNS Caching Only solution
Work with stakeholders to understand DNS name server traffic patterns
Insight Global: Microsoft Services Design Team: Redmond, WA 3/30/2015 – 12/25/2015
Active Directory Architect MSCIS- FITs
Active Directory Architect for all Microsoft manufacturing and repair facilities worldwide. Lead Active Directory architect in the design and implementation of a primary management forest in a multi-forest / multi-domain Infrastructure. Responsible for new MSCIT Active Directory policies designed to establish consistency throughout FIT (Factory IT) for existing Active Directory infrastructures and future domain deployments. Final escalation point for Active Directory related issues locally as well as overseas. Additional responsibilities include the creation of Wiki’s, SOPs, and training documentation for off shore teams to perform the maintenance and administration of the Active Directory Infrastructure.
Architecture / Engineering:
MSCIT Policy Creation:
FMSO Role Allocations
DHCP Failover w/ Load Balancing Design
DNS Scavenging
Forest Trust Creation (one way - non transitive)
Active Directory Backup / Disaster Recovery
Active Directory Security Auditing
Active Directory audit compliance validation
Partner with SCOM staff for AD rule based monitoring
Certificate Authority Services
Sites & Services replication model
DNS, DNS forwarding referrals, DNS replication, Caching / Referral only
Legacy domain decommissioning
Active Directory Deployments
Beyondsoft: Microsoft O365 Online: Redmond, WA 5/2014 – 4/2015 O365 SharePoint On-Line Directory Services Escalation Engineer
Support Office365-D SharePoint deployments. Over 105 Active Directory Forests hosting over 1000 Domain Controllers in both production and pre-production environments including Multi-Tenant, Dedicated on Multi-Tenant, Dedicated and Federal (ITAR).
Active Directory Administration:
Routine maintenance included, but was not limited to the following: Troubleshoot and resolve issues relating to Active Directory, authentication, replication, time synchronization. Addition and decommission of domain controllers including metadata cleanup & site management.
Replication
Authentication / LDAP Binds
Kerberos / KDC / KCC
Domain, Forest & Explicit trusts
Group Policy administration, creation or importation of GPO policies, ACL’s & WMI links
Certificates / Trusted Root / Intermediate
NTP Time Services
DNS, replication topology and conditional forwarders
FRS / DFS / SYSVOL replication and availability
PowerShell / Merlin
Grid Manager
Contact this candidate