Active Directory Security
Resume:
**** ******* **. ** *****: 202-***-****
Washington, DC 20009 Email: ********@*****.***
Systems Administrator, Engineer, Architect, and Team Lead with over fifteen years’ experience:
problem solving, documentation, administration; troubleshooting systems (both hardware, and
software), and Engineering solutions. I have extensive experience with many types of systems from
small office / home solutions, to enterprise solutions. My earned certifications have included: MCSE
(NT4; 2000), MCP/MCTP for Exchange (5.5; 2007), Citrix CCA, CISSP; MCSA (Server 2012).
1 Education:
Johns Hopkins University, Baltimore MD (DC Extension campus)
Graduate Certificate in Information Technology Coursework completed in 2004.
Carnegie Mellon University, Pittsburgh PA
Bachelor of Science in Engineering and Public Policy September 1996
Bachelor of Science in Mechanical Engineering September 1996
2 IT Experience:
1 Active Directory & Messaging Team Lead (2013)
Triple-I, Inc.: United States Patent and Trade Office.
• Responsible for the health of Active Directory & messaging systems used by over 18,000 users.
Change Management, Incident Response; Documentation for: AD, Email, IM; Fax services.
Microsoft Exchange 2007; 2010 in four domains (DOC, USPTO, USPTO-COOP; Dev.).
Clustered Mailbox Roles in 2007; DAG in 2010.
Axeway / Tumbleweed (Mail Filtering Devices).
Blackberry, Good; Boxtone (management for remote devices).
Active Directory 2008R2 with DFRS (six domains; three sites).
Microsoft Office Communications Server 2007 Instant Messaging (two domains).
Fax Services (RightFax), Network Monitoring (NetIQ), & other duties as required.
Managing schedules, hours, and duties for a team of eight administrators.
Ensuring that Team members met SLAs; communicating task statuses to management and
other affected parties.
2 Active Directory Architect (2012)
Apex Systems, Inc.: Federal Energy Regulatory Commission, Network Operations Team.
Attached to the Windows 7 Implementation project “Surge”
• Redesigned the Active Directory Domain structure to allow implementation of security policies,
obtained approval for & successfully implemented the redesign and requested security policies.
Re-organized Group Policy Objects to allow for clean implementation of GPOs in a new
OU tree structure. (Sans unwanted, enforced, Domain level policies)
Analyzed Visual Basic based Logon scripts; documented & proposed both power-shell, and
Group Policy Preference, alternatives.
Achieved desired security baseline compliance for Windows 7 clients via GPO.
1. Coordinated with the Security unit to get an approved baseline & approval for
deviations needed by custom built software, and operations processes.
2. Coordinated with Security to obtain Nessus auditing to verify compliance.
3. Coordinated with the Desktop unit for testing of COTS and custom software
functionalities.
4. Improved the Windows 7 client security baseline compliance to the USGCB
baseline from ~70% to 93% compliance, and had deviations formally approved
by Security and Management.
• Improved Windows 2008; 2008 R2 Server security compliance with the required Baseline.
• Windows 2008; R2 servers improved from 63% compliant with Client specified server
baseline (CIS based) to 80% compliance to baseline requirements.
3 Active Directory /Windows Team Lead (Systems Support 6) (2008-
2012)
G&B Solutions, Inc.: Bureau of Labor Statistics, DTNM Team.
• Primary Support for Active Directory & Group Policies.
1. Verified AD functionality, supported Active Directory; Resolved AD (& GPO) related issues.
2. Upgraded the AD schema twice. (Included documentation as to how to migrate DC’s from
2k3x32 to 2k8x64, and docs on how to upgrade domain levels for Regional administrators in 9
domains, 12 sites; moving from a 2000, to 2003- and later a 2008 domain functional level.)
3. Implemented relevant client workstation security standards (FDCC; USGCB) via GPO.
• Primary Support for vmWare Infrastructure (IAAS) at BLS
1. Upgraded / Migrated: vmWare Hosts from ESX 3.01 to 3.02, to 3.5, to ESXi 4.1
2. Upgraded / Migrated: Command and Control from vmWare Infrastructure to vSphere (4.1)
3. Provided documentation for basic tasks related to vmWare systems including management,
migration to VM, and restore from backup systems.
4. Maximized uptime by using DRS and HA across 20 ESX/ESXi servers in 5 clusters hosting ~50
Citrix & AD infrastructure servers; various other (~220) servers and workstations.
• Support for Microsoft Exchange 2003; 2007
1. Designed and implemented an email system upgrade: From 12 (regionally managed) Exchange
2003 email systems, to one centrally managed Exchange 2007 system. (from 16 servers to six)
Drafted BLS Security Standards for Windows 2008 (DISA Based) certification.
2. Tested, documented & implemented power-shell based email migration to the new email
system.
3. Routine creation, management, maintenance; decommissioning of user email accounts
• Management and Communications Tasks
1. Responsible for communicating with managers; co-workers, and updating them on tasks.
2. Coordinating tasks between the Windows, Network, Firewall, UNIX; Security groups.
3. Keeping Task Primaries on schedule
4. Assisting junior staffers with problems: Aka. Continuing education; documentation
5. Improving Patch Scanning for remediation; avoiding flags from the Security team.
4 Systems Administrator (2006-2008)
National Democracy Institute for International Affairs
• Provided business case for implementation of a Test Network using vmWare technologies.
Virtual Infrastructure based test network allowed staff to test major (and minor) system
changes such as: SSO implementation; software updates & upgrades in a safe environment.
Allowed for testing of Disaster Recovery Plans.
• Maintained Microsoft Active Directory (Mixed 2000/2003, upgraded to Native 2003)
Managed all aspects of the user life cycle from account creation, RBAC, and account
retirement – to group policy enforced security requirements.
Managed and modified DNS, DHCP, Print Servers & …
• Managed, and maintained, the server systems life cycle:
• Monitored and improved security systems for the NDI network.
Implemented Symantec Endpoint Protection AV (11.2 after upgrading from Corporate
Edition v9 & v10.2) bringing AV systems up to current, centrally monitored, standards.
Managed Firewall Rules and VPN accounts on redundant SonicWall firewall appliances.
Championed and implemented user password security and account lockout policies.
Implemented & Managed email AV & Spam filtering (Sonicwall and Symantec SMSMSE)
Configured automated monitoring systems for web & email systems with OOB alerting
• Responsible for NDI backup systems: (Windows, Linux, Email, Websites, and Databases)
• Managed and maintained the NDI contact management database (Members Only)
5 Consultant (2004-2008)
McDiarmid.net, LLC
• Provided information services and technology consulting for computers, networks & systems.
• Provided ongoing maintenance and emergency services for private & small office networks.
Office services – Windows 2000/2003 servers, SBS, Firewalls, Networks; File and Print
support, support of various software packages. Home services: networking, troubleshooting,
virus remediation, equipment recommendations & other services as necessary.
6 Contractor (2003-2004)
The Solutions Group, Inc.
• Provided troubleshooting and maintenance for client networks, servers, and workstations.
(included File & Print Services, Exchange 2000/2003, Windows 98-xp; Apple OS 8.1 – X.4;
Goodlink & Blackberry Enterprise Servers, and other client issues as required.
3 Professional Certifications:
1 Current Certifications:
• Microsoft Certified Solutions Associate (MCSA)
Windows Server 2012
• Microsoft Certified Technology Professional (MCTS)
Microsoft Exchange Server 2007
• Microsoft Certified Professional (MCP)
• vmWare: VCA-DCV: Data Center Virtualization
• CompTIA: Security+
2 Selected Legacy Certifications:
• Microsoft Certified Systems Engineer (MCSE)
Windows 2000
Windows NT 4.0
• Microsoft Certified Professional (MCP)
Microsoft Exchange Server 5.5
• Citrix
Certified Network Administrator (Metaframe XP; Winframe)
• ISC2: Certified Information Systems Security Professional
Contact this candidate