DUANE HUFF

Microsoft Exchange Windows **** Cloud Engineer

Phone: 860-***-**** Gmail: ad1v6u@r.postjobfree.com

PROFILE SNAPSHOT

Highly seasoned IT professional with over 15 years of experience specializing in Microsoft Exchange technologies, spanning versions 2007 through 2019, and Office 365/Outlook/OWA

Adept in hands-on administration of Windows Server 2008R2 and 2012R2, demonstrating proficiency in installation, configuration, and ongoing management

Skilled in the design and implementation of high availability and disaster recovery solutions for messaging infrastructure using technologies such as CCR/SCR and DAG

Proficient in configuring and deploying highly available messaging server infrastructures using clustering, DAG, load balancing, pools, and pool pairing

Extensive hands-on experience in Microsoft Exchange messaging systems and computer center operations and support

In-depth knowledge and hands-on experience with SaaS applications, including Exchange, Teams, OneDrive, and SharePoint

Expertise in private and public cloud integrations and transitions, with a focus on Azure, Exchange Online, and Office 365 coexistence and migration

Experience of configuration and verification of Active Directory Federation Services as primary domain sources

Proficient in management of Active Directory, Microsoft Identity software (ILM, FIM, MIM), Azure AD Connect, and ADFS as well as Microsoft Federation

Managed installation and configuration of firewalls, networks, and perimeter applications, including Barracuda, Meraki, IronPort, and Proofpoint

Managed configuration of DHCP, DNS, WSUS, and DFS services in enterprise environments

Experience with virtualization deployment and management via VMware, V-Sphere, and Hyper-V

Worked on server monitoring tools, coupled with a comprehensive understanding of Active Directory DC design, schema, OU design, AD replication topology, and DC backup/restore procedures

Expertise in Service Center for task allocation and approval, as well as SCOM for monitoring and alerting

Application of knowledge in networking protocols and components such as TCP/IP, DNS, SIP, MAPI, and SMTP

Experience with SQL Server, including the installation to run alongside Lync and Skype-for-Business

Proven ability to troubleshoot technical issues across Exchange and Windows 0365 and related technologies

Regularly interact with customers and stakeholders to analyze, validate, specify, verify, document, and manage requirements

A Collaborator successfully managing client stakeholders on strategy and vision, aligning IT initiatives with organizational goals

Skillfully assisted in managing support services and related deliverables, ensuring timely resolution of issues and high-quality customer support

Have a record of supporting client initiatives both remotely and on-premise, conducting routine network maintenance in various Microsoft environments

TECHNICAL SKILLS

Exchange:

Database Availability Group (DAG), Client Access Server (CAS) Arrays, Load Balancing, Continuous Cluster Replication (CCR), Standby Cluster Replication (SCR), Local Copy Replication (LCR), Hub Transport Server, Exchange Management Console (EMC), Transport Pipeline, Managed Availability, Exchange Admin Center (EAC), Outlook Web App (OWA)/Outlook On the Web (OOTW) for 2016, Exchange Online Protection (EOP), Active Directory Federation Services (ADFS), DirSync, Azure AD Connect, Hybrid Deployment, Staged Migration, Cutover Migration

Identity Management Tools:

Oracle Identity Manager, Tivoli Identity Manager, Sailpoint

Servers:

Microsoft Exchange Server 2007, 2010, 2013, 2016/Exchange Online/Office 365/Outlook Web App (OWA), Windows Server 2008R2, 2012R2, 2016, Microsoft PowerShell 5.0, 4.0, Microsoft Active Directory, Lync Server, Hub Transport Server, Oracle Virtual Box, Virtual Machine, Microsoft HyperV, CAS Servers (Client Access Server), Mailbox Servers, Edge Server, Dial-In/Dial-Out, Lync Online, Front End Server, Back End Server, Director Server, Mediation Server, Proxy Server, Cloud Servers

Tools:

Database Availability Group (DAG), Datacenter Activation Coordination (DAC) Mode, CAS Array, Exchange Management Console (EMC), PowerShell Scripting, Visual Basic Scripting, Microsoft ADFS, DirSync, System Center Configuration Manager (SCCM), System Center Operations Manager (SCOM), Microsoft Identity Software (ILM, FIM, MIM, ILM 2007 to MIM 2016), Azure AD Connect, Microsoft Federation, Mimecast, O365 Office Portal, O365Teams, O365Mail), McAfee, SecureLink, Fortiguard, Crowstrike, Sentinel One, Dynactrace, TeamQuest,

Protocols:

TCP/IP, DNS, SIP, MAPI, SMTP, DHCP, VPN, POP, IMAP

Administration:

Email Services, User Management, Permissions and Authentication, Managed Availability, Critical Access, Mobile Device Management, Exchange Aware Proxy Server, Storage LDAP, Domain Management, Load Balancing, Database Availability, Role-Based Access Control (RBAC), Namespaces, Requesters, Migration, Registry Management and Editing, Disaster Recovery, Backup and Restore, Coexistence, Process Testing, Policy Administration, Distributed Groups, Dynamic Groups, Identity Management

PROFESSIONAL WORK EXPERIENCE

CIGNA GROUP

Microsoft O365 Cloud Engineer Expert, Bloomfield, CT December 2022 – Present

Actively contributed to the design, planning, implementation, and operation of Microsoft Azure and Office 365 cloud technology solutions, ensuring seamless integration within the infrastructure

Collaborated with various CIS teams and external vendors to perform complex incident triage within the hybrid Office 365 stack, ensuring swift issue resolution.

Addressed and resolved Office 365 issues for Staff, and Retirees, showcasing a high level of expertise.

Provided mentorship on Office 365 and Azure to college IT administrators and internal CIS staff, sharing knowledge and insights to empower them in their roles. Engaged in consultations with business process owners, executive staff, and end users to enhance application lifecycles and ensure consistency.

Created and maintained crucial documentation, including MS Office 365 cloud-specific Standard Operating Procedures, baseline build guides, runbooks, infrastructure diagrams, and process automation scripts, streamlining operations and ensuring compliance.

Responded to confidential litigation, eDiscovery, FOIL requests, and content investigations as directed by authorized entities, safeguarding data and information as required.

Worked as a knowledge and consulting escalation resource for other CIS Collaboration Team tiers, providing guidance and expertise as needed.

Played a key role in configuring and deploying 1,500 Teams-certified devices in collaboration with vendors.

Designed, configured, and implemented baseline security requirements across the global tenant, encompassing over a million objects.

Crafted custom security policies, including anti-spam, anti-phishing, anti-malware, and advanced threat policies.

Served as the primary architect for eDiscovery requests, providing expert guidance on data governance and information protection policies.

Designed and configured migration tasks and processes, ensuring seamless transitions.

Designed conditional access policies incorporating Multi-Factor Authentication (MFA) to enhance tenant security.

Actively supported engineers in readiness efforts post-basic authentication deprecation, including policies disabling legacy protocols and providing training to administrators for a smooth transition to modern authentication, while also supporting affected users

Collaborated closely with Microsoft Intune Engineers to design the comprehensive CUNY implementation framework.

Delivered extensive training to administrators and devised rollout plans.

Designed and configured Role-Based Access Control (RBAC) and tags, simplifying device enrollment and management, with over 30,000 devices enrolled to date.

Nuvance Health

Microsoft Cloud Engineer, Danbury, CT September 2021 - December 2022

Orchestrated the strategic planning of mailbox and user personal store data migration to O365, ensuring a seamless transition.

Prepared the on-prem Active Directory environment using IDFix and PowerShell scripts, optimizing it for integration with O365.

Formulated SharePoint and OneDrive data policies, establishing guidelines for sharing and access.

Created and updated distribution lists and O365 groups, streamlining communication and collaboration.

Configured and executed e-Discovery searches within Exchange Online, enhancing data discovery capabilities.

Implemented free/busy sharing for organizations utilizing cloud services, fostering efficient scheduling.

Enhanced security measures for mail, mail flow, identities, and connections through Azure Information Protection, VPN connectivity, and Exchange Online Protection (EOP) services

Executed Azure Sync for seamless user identity synchronization into the Azure AD space.

Deployed Azure Threat Protection and Information Protection, fortifying the overall security posture.

Implemented conditional access rules based on network location, device compliance, and multi-factor authentication (MFA), coupled with Azure Identity Protection for identifying suspicious activities.

Migrated user-stored data to OneDrive for Business, ensuring data integrity and accessibility.

Conducted rigorous testing of mail flow and authentication measures with Azure and Active Directory.

Classified and categorized data for labeling, contributing to streamlined data management.

Managed rights and permissions in OneDrive and SharePoint, ensuring data access aligned with organizational policies.

Followed incident response procedures for handling attacks and data leakage cases.

Led the migration of mailboxes from on-premises Exchange 2016 to Exchange Online, managing hybrid deployment connectors and troubleshooting issues.

Identified, created, and managed mailbox and calendar permissions, optimizing collaboration.

Reviewed and enhanced email security settings, implementing additional measures such as SPF, DMARC, and DKIM.

Monitored quarantine message queues, determining mitigation strategies.

Completed domain and user whitelisting, blacklisting, and policy configuration for email integrity.

Managed mobile devices through Intune, configuring conditional access policies for enhanced security.

Enabled users for Teams and facilitated the transition from Skype to Teams, optimizing collaboration tools.

Conducted testing of Azure VM creation for the implementation of Azure servers, ensuring infrastructure readiness

Set data policies on document repositories in SharePoint, aligning with data governance requirements.

Tied permissions to security groups in Azure and automated group memberships, enhancing access management efficiency.

Regularly reviewed threat analytics for the environment, addressing ransomware, phishing, and other vulnerabilities.

Conducted advanced threat hunting based on events and applications, proactively identifying and mitigating potential threats.

Conducted thorough threat investigations on malicious emails, links, and attachments, ensuring a resilient security posture.

Conducted threat investigations on malicious emails, links, and attachments.

Atlanta Braves

Sr. Microsoft Teams Administrator Atlanta, Georgia June 2018 – September 2021

Developed specifications for outbound network ports and protocols for Microsoft Teams, ensuring optimal connectivity.

Determined recommendations for WAN optimizers, proxies, and load balancers to enhance Microsoft Teams performance.

Configured Tenant Data Upload in Microsoft Call Quality Dashboard, ensuring efficient monitoring of call quality.

Identified licensing requirements for compliance features, advanced lifecycle management of teams, guest access, calling/phone system/resource accounts, Microsoft Teams Rooms, Common Area Phones, and apps within Microsoft Teams

Established policies for Microsoft 365 Groups creation, implemented expiration and naming policies for Microsoft 365 Groups

Configured reporting labels for Microsoft Teams, enhancing data classification and management.

Managed SharePoint and OneDrive sharing settings at the organizational level, including external file-sharing settings for OneDrive users.

Configured meeting settings, policies, conference bridges, live events settings, and policies for seamless collaboration within Microsoft Teams

Applied security and management policies, selecting appropriate administration roles and threat policies.

Planned and configured retention policies, sensitivity labels, Data Loss Prevention (DLP) policies, conditional access, and Multi-Factor Authentication (MFA) for Microsoft Teams

Implemented information barrier policies and managed Microsoft Teams preview features through updated policies.

Created and managed policy packages in Microsoft Teams, strategically planning policy assignments for users and groups.

Conducted restoration and troubleshooting of Microsoft 365 Groups, ensuring data integrity and system stability.

Managed Azure AD access reviews for members and guests, enhancing security protocols.

Executed bulk user operations efficiently using PowerShell, streamlining administrative tasks.

Managed external file-sharing settings for SharePoint sites, ensuring secure collaboration.

Administered guest users for Microsoft Teams from the Microsoft Teams Admin Center and configured guest access through the Azure AD Admin Center

Strategically planned and configured emergency services within Microsoft Teams for enhanced crisis management

Utilized Call Analytics for troubleshooting and resolving issues related to Microsoft Teams

Investigated and addressed Microsoft Teams sign-in issues using Azure AD sign-in logs, ensuring seamless user access.

Raymond James

Exchange Administrator Tampa, FL March 2015 – June 2018

Designed and implemented Microsoft Windows and Exchange farms within the Network Infrastructure

Updated and prepared Windows servers and virtual environment for the integration of Exchange 2016 with Exchange 2013 in a side-by-side migration scenario

Configured messaging server infrastructures with high availability through clustering, DAG, load balancing, pools, and pool pairing.

Developed custom PowerShell scripts for process automation and utilized PowerShell in both Exchange and Skype-for-Business environments.

Implemented critical roles in the Microsoft Exchange environment, including Edge Transport and Mailbox roles.

Resolved Office 365 tasks efficiently using PowerShell and created and tested batches for the migration from Exchange 2013 to Exchange 2016

Ensured the Azure Active Directory Connector was up-to-date and verified server integration with the internal Active Directory domain.

Worked with networking protocols and components, including TCP/IP, DNS, SIP, MAPI, and SMTP

Experienced in Office 365 migrations and hybrid solutions.

Addressed tenancy technical issues and monitored Office 365 systems, automating procedures using Windows PowerShell

Created policies for Skype-for-Business online on Office 365 and established federation policies and conference policies on the cloud.

Served as a Subject Matter Expert (SME) and acted as a liaison between operations, helpdesk, and networks to ensure service continuity.

Proficiently worked with Exchange Management Console and Exchange Management Shell, showcasing expertise in Microsoft messaging and collaboration environments

Payless Shoes

Information Protection Analyst, Topeka, KS December 2017 - October 2018

Performed role maintenance and updates in the RBAC queue, collaborating with end users, management, and technical staff to resolve access-related issues.

Acted as an analyst, collaborating with business areas across the enterprise to gather requirements, build, rollout, and maintain role-based access, offering hands-on technical expertise.

Participated in small RBAC-related project activities for enterprise projects, contributing technical RBAC work.

Demonstrated expertise in security administration functions, working with provisioning tools to ensure the creation and maintenance of roles.

Engaged in clear and concise communication across all organizational levels regarding Identity Access Management.

Applied technical knowledge across key platforms, including Active Directory, ACF2, Unix, Tivoli Identity Manager, and RSA Access Management

Compiled and analysed large datasets to form strategic conclusions, emphasizing data-driven decision-making.

Simultaneously, administered and hardened the Exchange 2010 environment for end users, executing tasks such as setting up Database Availability Groups (DAG) for high availability of mailbox databases.

Provided Level I and Level II IT support, including creating PowerShell scripts for querying AD distribution groups and conducting monthly database maintenance.

Ensured uninterrupted communication channels by performing regularly scheduled maintenance on telephone and communication systems.

Handled the creation of user accounts, security groups, and organizational units, configured transport rules, and utilized DNS, DHCP, and WSUS for system modifications.

Tackled troubleshooting of complex technical problems, addressing hardware limitations, services, GPOs, and misconfigurations

Configured Threat Management Gateway (TMG) for added protection of the internal network and actively participated in projects, testing equipment and software for future deployment.

Identified and repaired computer equipment, printers, and communication devices, while also participating in the purchasing of computers and communications equipment

Installed, configured, and supported specialized software and configured PBX voice gateways for media traversal into the internal network, preparing for the transition into the role of an Information Protection Analyst.

Configured PBX voice gateway for media traversal into the internal network.

Anthem, Inc.

Information Protection Analyst, Indianapolis, IN November 2016 – December 2017

Orchestrated the maintenance of Windows Server 2008 and 2012, implementing robust configurations to enhance server resilience and efficiency.

Managed and administered the Exchange 2007/2010 system, overseeing critical aspects such as user mailbox provisioning, security group management, and fine-tuning shared access, delegation, and permissions settings.

Installed and configured Exchange Online, facilitating seamless email migrations and deploying client machine configurations. Additionally, implemented Lync Online for unified communication purposes.

Executed the setup and troubleshooting of Directory Synchronization and Forefront, ensuring a smooth and secure synchronization process.

Configured DirSync and ADFS to enable seamless Active Directory synchronization and single sign-on capabilities with Office 365, optimizing authentication processes.

Designed and deployed new Anti-Malware policies for System Center Endpoint Protection (SCEP), bolstering the organization's cybersecurity posture.

Utilized SharePoint for managing backup processes and providing valuable feedback for Office 365 Managing Distribution Lists, actively contributing to process improvement initiatives.

Maintained clustered server scenarios through Continuous Cluster Replication (CCR) and Standby Cluster Replication (SCR), conducting routine reports and validation checks to ensure high availability.

Executed mailbox migrations from Exchange 2007 to Exchange 2010, ensuring a seamless transition with minimal impact on user operations.

Conducted comprehensive training sessions for end-users on Microsoft Outlook 2010 post-deployment, fostering user proficiency.

Established voice policies aligned with the organization's requirements, enhancing communication capabilities, and ensuring adherence to industry best practices.

Leveraged Lync server logging and snooper tools to troubleshoot and resolve issues in the Lync 2010 environment with a single front-end pool.

Provided adept support to end-users and addressed server-related challenges in the Lync 2010 environment, ensuring continuous system optimization.

The Hartford Financial Services Group

Sr. IT Administrator (Service Restoration) Hartford, CT September 2015 – November 2016

Managed end-to-end incident management processes, taking charge of all Severity 1 incidents and actively engaging in Severity 2 incidents as necessary to prevent escalations.

Served as a pivotal single-source call facilitator, bringing together essential support teams and steering calls toward resolution.

Acted as the liaison between the Service Desk, Business Units, and Technical Support staff during service outages, ensuring seamless communication and collaboration.

Monitored the ticket queue in Mytechexpress\ServiceNow for all Severity 1 activities, maintaining a vigilant stance on critical incidents.

Collaborated with support teams as the voice of the business (VOB) and voice of the customer (VOC) to guarantee the stability of critical functions and overall organizational operations.

Delivered leadership notification updates to executives and relevant staff, providing essential information on business impact, the number of affected individuals or applications, and anticipated service restoration timelines.

Worked closely with customers, vendors, and technical support staff to assess and track potential service outages, ensuring proactive measures were in place to address and mitigate disruptions promptly.

Southwest Airlines

IT Support Technician / IAM Security Analyst Dallas, TX September 2013 – May 2015

Spearheaded end-to-end onboarding processes, managing provisioning and requests encompassing equipment, application access, LDAP, network shares, group emails, and software tools for new positions, transfers, moves, role changes, and terminations.

Directed the development and delivery of comprehensive corporate information protection standards, policies, procedures, and best practices, ensuring data and information integrity across the organization's systems and networks.

Administered and meticulously updated user accounts and access control rules, conducting vulnerability assessments to thwart unauthorized access. Supported the implementation of network security and encryption routines to fortify IT systems.

Collaborated with project teams as a security consultant, proactively educating clients on security policies and best practices. Engaged in meetings, training sessions, and testing related to disaster recovery and business continuity planning.

Assessed and tracked upcoming on/offboarding demands in collaboration with customers. Executed tasks such as creating Exchange mailboxes, shared mailboxes, distribution groups, resetting printers in the AS400 environment, creating user accounts in Active Directory, and managing group memberships.

Conducted technical troubleshooting of computer hardware, software, and IT issues both on-site and remotely. Managed user accounts, reset passwords, and oversaw backups on assigned Exchange servers.

Reset passwords for network, VPN, email, and SAP, tracked tickets through Remedy, and troubleshooted Outlook issues and VPN connectivity.

Escalated priority issues to on-call personnel and efficiently created tickets from the customer care mailbox. Contributed effectively to the role of IT Support Technician/ IAM Security Analyst.

Created tickets from the customer care mailbox.

Toys R Us

Information Protection Analyst Washington, DC November 2011 – September 2013

Managed user-level security access on the mainframe, including support for associated applications, ensuring secure and efficient access management.

Facilitated Role-Based Access Control (RBAC) security access requests through proficient use of IBM Tivoli Identity Manager (ITIM)

Employed Access Manager (Aveksa) to effectively administer and manage Role-Based Access Control (RBAC) roles.

Worked with end users, management, and other technical staff to resolve issues.

Collaborated with end-users, management, and technical teams to address and resolve issues, ensuring seamless operation.

Executed project tasks related to Mainframe Security provisioning, ensuring timely completion and adherence to project timelines.

Actively engaged in meetings, training sessions, and testing activities related to Disaster Recovery and Business Continuity planning for mainframe access.

Developed comprehensive technical documentation in compliance with established policies, procedures, and guidelines.

Delivered exceptional customer service in all interactions with users, ensuring positive experiences and effective issue resolution.

Operated in an ACF2/RACF environment, demonstrating proficiency in mainframe security frameworks.

Applied expertise in DB2, TSO, ISPF, CICS, and JCL to support and enhance mainframe functionalities.

Berkshire Hathaway

Database Administrator Minneapolis, MN October 2008 – November 2011

Implemented robust procedures for log shipping and nightly backups, ensuring the integrity and recoverability of critical data.

Proactively monitored and optimized database performance, guaranteeing optimal functionality for seamless operations.

Provided strategic recommendations to upper management, focusing on technology enhancements and policy improvements to fortify system reliability and ensure uninterrupted business continuity.

Maintained comprehensive databases, diagrams, and documentation, fostering a structured and organized information environment.

Developed SQL scripts tailored to clients' applications, aligning database functionalities with specific business requirements.

Addressed inefficiencies in developers' SQL statements, optimizing database query performance and enhancing overall application responsiveness.

Established and executed daily backup procedures to safeguard against data loss and expedite recovery processes.

Designed and implemented Replication procedures, enhancing data availability and accessibility across the organization's infrastructure.

Mass Mutual Financial

IAM Security Analyst, Springfield, MA May 2008 – October 2008

Administered user accounts across multiple platforms, including Active Directory, Unix, Mainframe, SAP, and LDAP

Granted security access for various resources, such as group shares, distribution lists, Outlook public folders, SharePoint, and LDAP roles, ensuring alignment with organizational security policies.

Gathered and analysed data to determine user-level access requirements for diverse business units, facilitating the implementation of effective access controls and minimizing security risks.

Engaged in direct communication with end-users and management to understand and address evolving business needs, ensuring a responsive and user-centric approach to access management.

Collaborated closely with Human Resources, Procurement, Badge Security, and other business units to establish and maintain a secure environment through meticulous provisioning of access.

Integrated security measures into onboarding and operational processes, aligning access protocols with compliance standards and industry best practices.

EDUCATION & TRAINING

Attained training in AWS, Dynatrace, Team Quest, Splunk Intro training, Cigna.

IT Security Certification Track from New Horizons

Master of Information Technology from American InterContinental University, Schaumburg, IL

Bachelor of Information Technology from American InterContinental University, Schaumburg, IL

Contact this candidate