Sign in

Enterprise IT Administrator

Paramus, New Jersey, 07652, United States
January 19, 2018

Contact this candidate


Mark Cristaldi

*** ****** ***** 201-***-****

Paramus, NJ 07652

Delivering results that exceed expectations by “going the extra mile”


MS CNE - Microsoft Certified Network Engineer

Novell CNE - Novell Certified Network Engineer


Management: LAN/WAN Operations Management, Strategic/Tactical Planning, Infrastructure, Networks, Security, Storage, Budget Accountability/Expense Control, Staffing/Training/Team LeadershipConfiguration/Release Management, Business Process Reengineering, Quality Control/Assurance, Problem Resolution, Business Continuity/Disaster Recovery, MDM, Info-Box.

Languages/Software: Check Point VPN Clients, Juniper IVE, MS Office 97 through 2010, MS Office 365, SharePoint, Outlook, Exchange 5.5/2000/2007, VERITAS Backup Exec, CommVault Backup, SMS, Microsoft System Center Configuration Manager (SCCM), Symantec System Center (Enterprise Anti-Virus Management), Attachmate Extra! Terminal Emulation, Citrix Xenapp

Operating Systems: All Windows Server and Desktop OS (Win XP/2000/2003/2007), MS Active Directory 2003 & 2008,2012, MAC OSx and Novell Netware

Protocols/Hardware: DNS, DHCP, WINS, TCP/IP, UDP, WI-FI, VPN, IBM xSeries Servers, IBM Desktop/Lenovo PC, IBM DLT & LTO Storage Devices, RSA ACE Server & Client Administration, various Remote Communication products

Software Systems: Server and Windows migrations, SCCM, ie8 deployment to 5000 desktops/laptops, SCCM (System Center Configuration Management), Scripting and Packaging for sccm, ie8 and ie11, Checkpoint Pointsec Media Encryption, iPass Device Management, Juniper Networks SSL VPN, RSA Secure ID/Tokenization, INFO-Blox,


Independent IT Consultant 06/2016 Present

Enterprise Service Desk Analyst

J.P. Morgan Chase, INC, New York, New York 1994 – 06/2016


Managed LAN/WAN infrastructure,encompassing Windows XP, 2000,2003,2007 workstations, Windows Servers 2003, 2008 and 2012 Services Server & Backup, Data Server, Domain Controller and Commvault Server (Tape Backup Server). Ensure comprehensive local LAN equipment and servers support, including creation of ITSM reports for weekly patching of all on-site and remote servers. Remotely manage a variety of specialty servers

Key Accomplishments:

Seamlessly migrated servers from Windows 2000 through 2012 enhancing functionality, throughput and Sharepoint/Exchange compatibility

Utilized DFS (Distributed File System) to configure the local Data Server to be accessible via the WAN

Set up DHCP scopes on services server to provide Data/VoIP telephony for 150 IP phones/workstations

As Administrator of Juniper Networks SSL VPN solution, give remote users access to the Internal network

Propelled implementation and troubleshooting of RSA Secure ID/Tokenization

Workstation Administrator

Built and led Internet Explorer 8 Deployment Team of 6 Software Administrators, maintaining 3000 local/remote desktops and laptops. Guided team in testing and creation of ITSM reports for weekly patch and software install deployments

Key Accomplishments:

Led & Managed technical teams successful deployment of Internet Explorer 8 to 3000 desktops/laptops, with an unprecedented <2% failure rate

Lead creator of Internet Explorer 11 installation package and pertinent registry settings to LAN / WAN / GP environment

Championed and implemented multiple software to maximize efficiency and performance, including:

iPass Device Management - for deploying updates and installing software on remote user computers

Checkpoint Pointsec Media Encryption - for controlling access to removable storage media

SCCM (Microsoft System Center Configuration Management) – for maintaining inventory while providing software updates/patches to all the Windows-based computers in the organization

Enhanced imaging speed and accessibility, by producing desktop/laptop Ghost images using WDS (Workstation Deployment Services)

Set up and installed PGP Encryption on all laptops

Software Application Support

Key resource entrusted with supporting 200 local and Web-based custom applications across the entire infrastructure. Utilized and maintained diverse software, including Peregrine/Vulcan Help Desk Ticket and AIMS Inventory Management

Support MS Office Suite and other MS applications

Extensive login support for SSO, NAEAST, USAD and RB user accounts

Key Accomplishments:

Implementation of ECMS & ITSM (IT Service Management) for improved deployment oversight

Implementation of Smart Provisioning (providing centralized administration and security provisioning of Check Point devices) and IPAM (IP address management) to full optimization

Fulfilled role as RSA Authentication Manager, securing RSA tokens and ensuring smooth account creation and configuration


Crystal Micro Computers, Owner

Touch Tech Inc., PC Repair/Installation

Graphnet, Data Communication Specialist


Metropolitan Technical Institute, Saddlebrook, NJ.

Advanced Digital Logic Circuitry/Advanced Analog Circuitry, Transector AC Characteristics, Electronic Theory (6000 hours), iPass/EPM Endpoint Policy Management

■ ■ ■ ■ ■

Job Description

Ticket Support/ Phone Support–

Manage Ticket queues (Close an average of 3,278 tickets per month)

oVulcan ticket queues (Button tickets)

oRequest Center ticket queues

oService Center/Peregrine ticket queues

Troubleshooting all desktop / laptop issues (hardware and Operating System)

Application support and troubleshooting,

Application installation/removal

CheckPoint SOHO support (250 remote users with SOHO devices)

VPN support

Remote user printer setup

Assist users with NAEAST authentication issues

Phone support (Average of 1,400 calls per month)

oDesktop Tech average 35% available time expected

oTeam Lead average 20% available time expected

CheckPoint SOHO support - (250 Remote users with SOHO devices)

Checkpoint account creation / IP assignment

Hardware configuration (Each setup is approximately 3 hour process)

Employee setup (also a time consuming process depending on the users technical ability)

Extensive end user support / troubleshooting

Support – Desktop team supports all corporate users and applications (215 applications)

(Account Creation/Deletion, Management, Audits, Password resets, Citrix, etc)

Application Account Management – Responsible for creating/supporting/terminating the following:


oPeopleSoft Reporting




oTransaction History

PeopleSoft TTT

ClearTrust Accounts


oClearTrust Admin

oTitan (Password Management only)

oOrbital (Password Management only)

oNetConnect (Password Management only)

Resource Online

PTI Reporting




Attachmate Sessions

Control M

RSA Remote Access

VM Setup /support


Wireless Access

Verifone Connect CDMA & GPRS

HP Quality Center LDAP User Administration

Infoblox/IPAM – Soho Device and User administration

Smart Provisioning - Soho User administration and Gateway Administration

New Application Testing & Deployment –

Acquire software for the new application

Install, troubleshoot, document on a test machine(s) to ensure stability on image build

Build an SCCM package for deployment (where applicable)

Identify machines/users that require the application

Schedule change management ITSM for Deployment (where applicable)

Follow up on deployments (where applicable)

Audits –

Perform audits as required or requested by Enterprise Security

Desktop iCert audits






MS Security Patches

AIMS Asset

Clean Desk Policy (Bi-Annual firm-wide audit)

Desktop Patching - Occurs Monthly (except for December during Freeze)

Identify the Microsoft Patches that are required for the monthly patching

Code and build a deployment package to push out via SCCM to all desktops and laptops

Alpha and Beta test the package

Submit change management ITSMs for the deployment

Deploy the patches to all machine

Follow up on failures to ensure 100% of machines are patched with critical MS patches

Report results to Enterprise Security by the last Thursday of each month

SCCM Management -

Maintain current patching deployments in SCCM

Maintain current patching reports in SCCM

Build queries

Build SCCM Tokens for easier deployment

Deploy packages

Maintain collections

Application Updates -

Identify the applications that require updates (this includes all desktop applications, MS Office, all Adobe products, proprietary applications such as TM Suites or Vericentre, Internet Explorer, licensed applications such as Toad, as well as back end tools such as .Net, Flash or Shockwave, etc.)

Code and build a deployment package to push out via SCCM to all desktops and laptops

Alpha and Beta test the package

Submit change management ITSMs for the deployment

Deploy patches to all workstations and follow up on failures

Images -

Develop CPS Specific images and maintain them with updates and configuration changes that occur throughout the year

Customize departmental images for more efficient deployments

Maintain the WDS server and stored images

Review the images quarterly for changes

Hardware Refresh/Deployments -

Identify hardware that is out of warranty

Build replacement machines

Install SCCM – Ensure that each is reporting back to the server and receiving patches

Install required applications

Schedule upgrades and data transfers with end users

Asset Management -

Update AIMS any time hardware is updated:

oNew Hires





Update Hardware changes (additions/deletions) in Active Directory

Removed deleted machines from SCCM

Troubleshoot and Report DNS issues for remediation

Perform quarterly Remediation Audits in AIMS / AD

Decommission retired Hardware

oCollect the hardware

oInventory the hardware

oRemove all Hard Drives

oInventory the Hard Drives

oCoordinate with Arrow to have the hardware collected/removed

oCoordinate with Enterprise Security to have all Hard Drives shredded

PowerBroker Management -

Ensure that Power Broker is loaded on all laptops (and desktops where elevated privileges are required)

Create / Test / Implement Power Broker Rules

Troubleshoot issues related to Power Broker limitations.

New Hire setup -

Ensure that new hire accounts are created by the start date

Configure/Image Hardware

oEnsure all laptops are 100% PGP Encrypted before deploying

Set up the users profile

Install all required applications

Deploy Hardware before the users start date (PC, Monitors, keyboard, mice, docking station)

oFor remote users, ship the encrypted laptop to the remote user by start date

Follow up with new hire to ensure they can successfully log in

Update assets in AIMS and AD Active Directory

Termination -

Remove all CPS application account access (only accounts that Desktop is responsible for)

Collect Hardware

Update assets in AIMS and AD active directory

Migration Efforts – Exchange, Lync, iSpace, MyTech Hub, My App, etc

Testing application / access

Troubleshooting issues

Building deployment packages

End-user testing with the deployment

Change management ITSM submission


Telecom Support -

Setting up and supporting IP Phones

Network/Server -

All WAN and LAN responsibilities


All internal employee office/desk moves

Server Room Job Description

Submitted all ITSM’s for server patches and security updates. Used WSUS and also manually patched servers.

Built (from four walls) and maintained three small computer rooms 15’ X 15’. Remote managed Maryland computer room and IT department for 1 year. Locally managed NY computer rooms for 20 years.

Calculated server rooms AC power requirements for dual LR-30 receptacles 250VAC @ 30AMP’s. Configured dual UPS input and output KVA loads. Cabled dual power supply servers to operate on two different UPS systems in case of UPS failure. Setup APC Power Chute software.

Setup Dual server racks with Cisco Routers T1, T2 & T3, Gigabit Ethernet Switches, Servers, Telco, UPS Systems, 96 & 48 Port Patch Panels and Data backup systems for DLT, LTO 1, LTO 2 & LTO 3.

Troubleshoot basic router path issues.

Cabled Gigabit Ethernet switches, Setup uplink ports, Installed stacking connectors (Daisy Chain Cables) Configured Ethernet switch ports for PPPoE VOIP Phones, computers and printers on last Ethernet Daisy Chain set for 100/Full (printers only).

Installed and configured two NIC’s in each server for load balancing aka “Teaming”.

Installed network printers with static IP’s instead of DHCP. Configured printer MAC hardware addresses in Services Server DHCP scope.

Configured DHCP Scope for 100 VOIP phones. Deployed 100 VOIP phones in office.

Installed and configured Comvault backup software. Operated Tapetrax application and schedule Iron Mountain security pickup and Tape returns. Went to Iron Mountain facility four times per year to verify all tape inventories. 1000 plus tapes at most times.

Configured servers (MS Server 2000, 2003 and 2008) disk arrays, Raid 5 and hot swaps.

Troubleshoot Telco T1, T2 & T3 circuits to determine data outages and smart jack issues.

Configured small WiFi router on separate circuit / domain for security purposes.

Contact this candidate