Azure Architect and Engineer
Resume:
Mark Stewart
ad3nbh@r.postjobfree.com
Confidential Resume
SYNOPSIS:
Mr. Stewart is an experienced, disciplined senior IT professional with over 20 years of experience implementing and managing various types of information systems and technologies. He is seeking employment opportunities that are senior or management capable in description. His “skill” sets include the project management of multiple large IT projects including conversions, deployments and the actual implementation of global and national enterprise computer networks and infrastructures to support them. He has managed large Data centers for military and civilian enterprises. He has managed and constructed large, converged network and small networks using MSF, Agile, SCRUM techniques and methodologies. He is proficient, knowledgeable, and experienced with the facets of network architecture, server virtualization, cloud (AZURE), M and A consolidation/remediation, governance and network security.
BUSINESS EXPERIENCE:
Architect/ Sr. Cloud Engineer
Multiple consulting engagements JULY 2019-NOV 2023
PSCI
PA /Remote
●Provided project management, implementation and operational support to project-based upgrade of Cisco Meraki FW and advanced VPN client for remote VPN access with SSO and MFA capabilities
●Provided SME, architecture, implementation and operational for support for AZURE multi-tenant hybrid cloud design pattern
●Provided cost and operational analysis for server reduction and AZURE compute artifact reduction
●Provided operational and implementation support for VMWare upgrade to version 6.7X
●Implementation automation support for the creation of IaaS/PaaS resources using ARM templates, JSON, AZURE CLI, Terraform and Visual Studio code
●Implemented AZURE Blueprints and for orchestration of AZURE policies ( custom) of environment governance (FedRAMP(High),, NIST SP800-53 Rev 4), automation of role assignments and AZURE resource groups
●Implemented O/M365 using ODT tool in “click-to-run” configuration ( from cloud)
●Implemented AZURE SQL services in stretch database configuration; implemented linkage to “on-prem” MSSQL servers; transformed exiting SQL servers into FCI ‘always-on” configuration AZURE Managed instances
●Designed and implemented PoC and production for Keeper Enterprise Password Manager with SCIM and SSO functionality
●Implemented tiered AZURE BLOB storage services for data ingestion in ADL VHD files, backup files SFTP, AZURE File shares and log files ( migration from NetApp appliances)
●Implemented and provided operational support for AZURE AD DS, AZURE AD Connect, AZURE MFA, MS ADFS IaM/IdP services, AZURE Federation and conditional access SSO ( enforced pattern)
●Implemented and provided operational support for AZURE Federated Identity “Gatekeeper” design pattern in the form of AZURE Application Gateway and AZURE API Management services
●Designed and implemented multiple AZURE based PoCs/PoTs to visualize BULK data load from SQL databases, PostgreSQL databases to ADLS/ADL via AZURE CI/CD pipelines, GitHub, AZURE DevOPS Server, and DOCKER
●Designed, implemented, and managed AZURE Entra with Managed identities and its associated beta test user groups
●Designed, implemented, and provided support for AZURE services and “on premise” monitoring in the form of ETW, PerfView, Log Parser, and ANTS profiler
●Designed and implemented migration of power, and power conditioning network to PowerChute Network Shutdown based platform
●Provided project management and implementation services for ATP/Defender deployment to enterprise Windows servers; implemented AIP, AIP unified labelling client and AIP scanning
●Provided project management for deployment of HikVision access servers for corporate physical access control and COVID monitoring
●Designed and implemented PoC of Microsoft Purview
●Provided vendor management and MSP coordination for the IT enterprise
Infrastructure Consulting Principal Consultant September 2015-March 2019
NTT DATA Inc.
REMOTE and on site
●Provided SME support for complex public and private hybrid Cloud delivery Services for a VMWare 5x\6.X compute environment.
●Provided SME implementation services, project management and operational support for enterprise conditional access MFA/AZURE MFA, SSO, “claims’-based authentication and PCI/PII compliance project utilizing MS RDP/RDS gateways, MS RADIUS/NPS servers, MS ADFS, MS Authenticator, VSKs, and WHFB (Windows Hello for Business)
●Defined and implemented ARM templates using Visual Studio Code, PowerShell 6.X, JSON, Terraform and AZURE CLI
●Defined and implemented AZURE Blueprints to orchestrate AZURE policy assignments, role assignments and resource groups.
●Provided SME support for client and internal MS Windows 2008R2, Windows 2012R2, and Windows 2016 server platforms and environments.
●Defined, implemented, and provided support for “claims” based application authentication utilizing MS ADFS, SAML, OAuth/OAuth2, OpenID/OpenID Connect, REGEX expressions, and WS-FED protocols
●Implemented, analyzed, and identified applications for cloud deployment, mapped workloads across MS AZURE based IaaS, PaaS, public and private cloud networks
●Implemented hybrid connectivity between AZURE and internal networks using virtual networks and AZURE Express Route, NSGs, and S2S VPN connectivity
●Provided implementation and SME support for MS Active Directory, RBAC, and AZURE Active Directory/AZURE Active Directory Domain services (AZURE AD DS)
●Provided technical written documentation for internal and external consumption in the form of “runbooks”
●Provided cost estimates, SOWs, identified tasks and recommended sequencing pertaining to complex problems, and project solutions using VMWare 5x/6x infrastructure, MS AZURE infrastructure, MS Windows Server 2008R2, 2012R2, and MS Windows server 2016
●Provided, defined, and implemented highly available DR\BIA solutions using AZURE ASR, and InMage Scout
●Implemented and managed data analytics solution PoCs/PoTs based on R (Spark) server clusters, KAPPA and LAMBDA architectures, AZURE Data Lake Gen1 and 2, WAImportExport tool, AZURE Copy, AZURE BLOBS, and AZURE HDInsight
●Implemented and supported multi-site clustering, stretch, and cluster-cluster failover using Windows 2016 server MSSQL server in FCI (Always-on) configuration
●Provided automation support for IaaS resources using PowerShell, ARM/ARM templates,Terraform (IaC,) and JSON
Implementation Architect October 2014-April 2015
Consulting engagement
Comcast NBCUniversal
Philadelphia, Pennsylvania
●Designed and implemented various enterprise class infrastructure projects using AGILE methodologies in a converged architectural environment
●Provided SME services for configuration and implementation of IRules for F5 GSLB/GLTM
●Designed, implemented, and evaluated Cisco ASA firewall rules and ACLs to support various project initiatives
●Specified and implemented VMware 5.x and 6X ESX hosts and VMWare clusters in HA and FT configurations; designed and implemented SRM, SDDC (vCloud) and HA/DRS/SDRS environments
●Provided SME L3 support to all problem issues in the COMCAST Sitecore infrastructure
●Provided business requirement assessments, project management, BRD, Design, and project plan documents utilizing Microsoft VISIO, Project, and other modeling tools
●Performed capacity analysis, performance analysis for COMCAST Sitecore infrastructure
●Automated various administrative tasking via PowerShell v 3,4 and 5 Preview WMF
●Designed and implemented various POC’s for consideration and research for future Sitecore deployments via private and hybrid vCloud environments
●Designed and implemented Microsoft AZURE Pack, AWS, and AZURE services for microsite and DEV/QA/POC environments
●Configured and managed AZURE Compute and Storage services (BLOBS, Tables, and Queues)
●Configured and managed AZURE APP services CDN, AZURE AD, and Service Bus
●Managed, maintained, and performed upgrades on Cisco UCS server assets
●Gathered research, performed use-case discovery, and platform analysis
●Generated convincing and substantiated technology and architecture recommendations
●Served as the primary day-to-day technical contact for clients, third-party vendors, technology partners and internal project stakeholders
●Collaborated with the BAS and Monitoring teams to develop estimates and overall implementation solution plans
●Served as the lead for all implementation and integration efforts
●Defined and documented best practices and contribute to company knowledge sharing efforts
●Identified and defined integration points with third party solutions
●Defined and documented tools and technologies used to implement the solution
●Performed problem analysis (identify root causes, outline resolution options, and take appropriate actions to resolve problems)
Implementation Engineer January 2014-September 2014
Consulting engagement
Allscripts, Inc.
East Burlington, Vermont (remote)
●Installed and configured Allscripts Touchworks EHR software platforms and systems
●Performed network discovery and analysis of edge network metrics and equipment, recommended configuration, and provisioning modifications
●Installed and configured MS SQL 2008/2012 server and Microsoft SQL 2012 database systems
●Performed performance analytics on internal database tables and databases using SQLIO
●Installed and configured Windows 2008/2012 Enterprise Servers
●Specified and recommended customer architecture for EHR platform
●Created and installed scripting automation based on PowerShell scripting technology
●Installed and configured MS IIS 7.0 WEB systems and the associated F5 LTM/GTM load balancers
●Built and installed MS Hyper-V and VMware V.5x virtual servers in vCloud (private and hybrid SDDCs)
●Migrated data by SAN replication technology
●Managed, maintained, and performed upgrades on Cisco UCS server assets
Providing end-to-end support of Windows based infrastructure across distributed platforms. This includes Active Directory, Group Policy, PowerShell, IIS, and DNS\DHCP
Infrastructure Engineer March 2013-November 2013
Consulting engagement
TRION Inc.
King of Prussia, PA
●Remediated and re-architected backup/archive topology using Symantec Netback up and AVAMAR technology
Designed, implemented, and documented new KPI, procedure and policies for backup, archive
●Designed and implemented new IP addressing and VLAN scheme
●Installed and configured new Cisco switching technology based on CISCO Catalyst technology
●Designed, and implemented new Active Directory schema and infrastructure based on Windows 2012 native domain topology; built and deployed new DC/GC’s, DNS, DHCP architecture
●Performed “gap analysis”, capacity analysis and cost-benefit analysis of virtual infrastructure
●Designed and implemented new virtual infrastructure based on VMWARE 5.X and Microsoft Hyper-V
●Designed and implemented VMware 5.X and Microsoft Hyper-V with Dell Compellent and EqualLogic SAN technology, including LUN creation and fabric zoning
●Designed and implemented DR/BCS scheme via VMWARE SRM technology
●Designed and implemented migration scheme for Microsoft Exchange 2003 to Exchange 2010
●Implemented Microsoft FIM 2010; established Extensible WS-* APIs and Windows Workflow Foundation workflows and SSO capabilities
●Managed, maintained, and performed upgrades on Cisco UCS server assets
●Provided end-to-end support of Windows based infrastructure across distributed platforms. This includes Active Directory, Group Policy, PowerShell, IIS, DNS, and DHCP
High Performance Computing Architect January 2011-December 2012
Consulting Engagement
Prudential Financial
Newark, NJ
●Planned, implemented, and managed a grid platform migration solution architecture initiative; increased node capacity by 300 percent
●Provided operational enhancement by increasing performance by 27 percent.
●Created cost reduction through standardization of platform and native implementations of existing applications
●Synthesized initiative requirements through UAT, DEV and modeling of initiative with internal LOBS and external service organizations
●Created, documented, and regression tested new network, hardware, software and business process specifications utilizing MOF protocols
●Migrated and tested (10) mission critical grid applications, managed job scheduling
●Created and tested enhanced DR procedures; implemented new VMware 5.X based HA/DR initiative using MSSQL clustering, Microsoft Hyper-V, VMware 5.X DRS clustering, VMWare EVC, VMotion and VMWare Storage motion
●Implemented and managed all new scheduling capabilities included node job templates, head node configurations, SQL server customizations, over allocations via AZURE BLOB technology, Excel UDF support, MATLAB operational configurations, and workstation resource scavenging
●Implemented web portal job submission capability for SOA and parametric sweep type jobs
●Created, tested and implemented MPI type application protocol
●Provided management and coaching for all new operational paradigms for in house and offshore support teams
●Created and implemented PowerShell and VB scripts for administrative tasking
●Created, tested and implemented VMWare 5.X image, host profiles, OVF templates, P-V “run-book” for DR/HA node cloning process
●Collaborated with storage team to design, test and implement VMware storage provisioning requirements ( “thin”) on EMC DMX-3 SAN
●Designed, prototyped, and implemented VMWare VADP and EMC Avamar to effect ESX host and guest backup and recovery.
Senior Applications Engineer 5/10-12/10
Consulting engagement
Deloitte
Glen Mills, PA
●Managed and administered enterprise WEB farm operation of custom J2EE/ASP.NET application of EMC E-Room environment in an SOA load balanced architecture using VMWare 4.X virtualization, SAML 1.0/2.0 (FIS), SSL, IIS, Windows 2008R2 OS, and custom SSO technology
●Performed “regression” testing of applications to VMware 4.X; performed POC testing of newly migrated physical servers; documented solution for risk/problem mitigation
●Conducted daily operational activity for E-ROOM MSCS clustered servers, SQL servers, and IIS Web servers, patch management. security updates, middleware revisions: executed various SQL functions (SP’s, SSIS cube processing, scripting, and SQL queries)
●Provided cost-benefit analysis, BIA, and performance/capacity monitoring analysis for the migrated environment; managed and coordinated UAT testing by internal business units
●Documented analysis and recommendations for configuration modifications of the VSPHERE client and host image build; presented solution for UAT testing; implemented VM Converter and PlateSpin processes for P-V migrations; created process for VMWare client cloning
●Provided operational support to migration via ADMT/QWEST and remediation efforts for AD replication schema, AD provisioning, firewall rules, and AD security, identity (SSO), and authentication processes
●Recommended, implemented, and managed weekly change control processes ensured IT alignment with LOB objectives for increased reliability and risk management
●Implemented VCenter server, and VMWare host monitoring, host profiles, templates VMotion and VMWare DRS cluster
Consulting Engineer 3/10-5/10
University of PA
ISC-AIT
Philadelphia, PA
●Provided SME BIA analysis of university grant application infrastructure; created cost-benefit analysis for proposed solution
●Performed packet/performance analysis of migrated applications
●Provided SME/lead support for migration of custom J2EE application to MS Windows Active Directory 2003R2 including ADMT, SSO, SAML 1.0/2.0 (FIS services), SSL management, documented solution architecture
●Provided “gap” analysis of university N-tier architecture for various applications, documented solution architecture
●Implemented performance testing on new architecture; provided analysis of results
●Analyzed VSphere 4.X infrastructure architecture, ORACLE 10.X database configuration and schema; implemented optimization techniques (“Thin” provisioning Jumbo frames, ORACLE ASM’s, LIP support, and paravirtualized drivers (PVSCSI); revised existing problem resolution procedures
●Provided SME optimization recommendations for VSphere servers, ORACLE database configuration, VMWare DRS cluster, and Windows 2008 server hosts
●Created, implemented, and managed RHEL 64-bit LVS cluster based on VMWare 4.X platform
●Provided solution architecture, built, and managed various ESX host servers and VCenter server. Managed VCenter DRS, HA, and VMotion tasks and configurations.
●Performed P-V conversions of application servers, web servers, and file servers to VMWare 4.X
utilizing PlateSpin technology
Senior Network Engineer (Consultant) January 2009- January 2010
Federal Reserve Bank of Philadelphia
Philadelphia, PA
●Provided support for various infrastructure projects including SAN expansion for IBM Blade Server Centers, BlackBerry server infrastructure, and Microsoft SQL 200x server infrastructure
●Managed and administered Active Directory 2008 infrastructure including domain re-structure, schema extensions, AD FS, AD RMS, FIS, DFS ; performed daily operational tasks for the Active Directory infrastructure
●Implemented an upgrade/migration project and replaced hardware platforms with VI3 and VSphere 4.X virtualization technologies, VMConverter and Platespin for P-V migrations and Windows Server 2008 operating systems
●Managed co-location and contingency networks, applications, and Active Directory infrastructure
●Managed and administered IBM BladeCenter, DS4800 SAN, IBM HS21, HS20, and HS22 Blade servers and associated SAN switch architecture
●Managed WSUS patch analysis and deployment application
Infrastructure Architect May 2007-Ocober 2008
Consulting engagement
Tata Communications
Wall, NJ
●Provided functional, technical requirements and operational cost benefit analysis for the implementation of MS Virtual Server R2 SP1 and Hyper-V virtual server betas for use in development, test, and production environments with a concurrent migration of test and development applications to a “virtualized” environment utilizing Microsoft Soft Grid application virtualization technology, JAVA based applications and .NET based applications
●Provided project management, BIA, cost-benefit analysis and solution architectures for implementation and operational (SME) support for various N- tier applications globally hosted by MSCS and MS Compute Cluster servers (HPC) using MSSQL 2000/2005, MSSQL SSIS/SSAS, Analysis Services, Reporting services, OLAP based data mining/analytical processing for business intelligence applications, IIS 5 x/6.x/7.x, ASP.NET, JDBC, .NET Framework, JAVA, ODBC, ADO, DCOM and various middleware components in 32 and 64-bit Windows 2003 R2 and Windows 2008 CCS (HPC) Server N-Tier configurations, migrations, and upgrades. Installed and configured load balancers in the form of Microsoft NLB and various Cisco and F5 BIG-IP hardware (Directors, 1500 LTM and CSM modules)
●Provided proactive identification and development of remediation strategies for availability, capacity, cost, functionality, performance, and process optimization opportunities throughout corporate IT functional and operational areas. UML techniques employed for visual-modeling of “as-is” and “ to-be” environments for business prioritization, process analysis and scenario decision-making using POC, UAT, work/process flow diagramming and test environments
●Provided strategies to drive the development of technology solutions which enabled the corporate LOBS to accomplish corporate operational and financial goals. Planned and modeled business processes. Created impact analysis scenarios and documents for cost benefit analysis, maintenance, and implementation of Business-Reference-Models (i.e., describing the business operations)
●Administered Active Directory, implemented schema modifications, revised replication topology, implemented Active Directory integrated DDNS, integrated MOSS 2007 functionality
●Reviewed, documented, evaluated, and tested Information Security based controls in a wide range of environments including Windows, database, and client server. Assisted in the implementation of IT control procedures to address IS organization and administration practices, system development and maintenance procedures, system software and hardware controls, security and access controls, computer operations, environmental protection and detection, archive, and recovery procedures
●Provided technical architecture, POC,and strategy for the implementation of a project utilizing Microsoft ILM and the CA IAM suite, Netegrity, and Siteminder to extend Active Directory securely into extranet zones as well as create SSO, security credential/password, 2/3 factor authentication synchronization throughout corporate IT resources
●Implemented IDERA application configured and maintained SQL databases via performance tuning, re-indexing, integrity verification, and archiving. Applied standard Microsoft SQL 2000/2005 “best practices” to apply patches and hotfixes to clustered SQL databases.
●Provided identification and implementation of “best practice’ DR methodologies for SQL databases and logs. Utilized archive systems, database mirroring, and log shipping techniques.
●Implemented and managed scripting services via ADSI, WMI, and VB scripting interfaces
●Provided project management, architectural design solution for an implementation and migration from QIP based IP management to Men and Mice v 5.6 IP management systems; including functional specifications, and business requirements. Solution based on the implementation of a VMware 3.X Infrastructure, Proxy/ DNS design, DDNS/DNSSEC best practices, multiple zone types, multiple query types, forwarding, recursion, DDNS, Windows and BIND integration of DNS, and AD-integrated DNS.
●Provided migration services, managed
● and implemented a migration process from Novell 6.X and Windows 200x systems to Windows 2003/2008 Active Directory environment. Utilized ADSI, Quest, ADMT, and Altiris application to effect migrations.
●Installed and administered applications using IBM WebSphere Server 5.x/6.x;implemented IBM WebSphere servers using clustered technology; configured Apache and IIS servers for load balancing; installed and WebSphere SPENGO applet to provision Active Directory for SSO authentication from IBM WAS servers
●Managed and provided project management with implementation services for the migration of servers to “blade server” technology utilizing IBM DS6000, 4000 series SAN architectures, IBM HS21 and HS20 blade servers
United States Army Officer 1983-1994
Global
●Provided management, command, and control for various size units in combat and garrison
●Provided project management for large NetWare WAN deployments (500-plus seats)
●Administered and managed various mainframe computers and OS including IBM390, RS6000, and AS400. Negotiated contracts and analyzed vendor compliance environments
●Technical and administrative management of military medical materials logistic systems (MRP)
●Administrative, strategic, and combat tactical command and control
EDUCATION
Rice University, BSCS
Microsoft Certified System Engineer 2000/2003
ITIL V3 Foundation certified
CICSP Cisco Ironport Certified Security Professional
CISA
VMWare VCA6-CMA, VCP6-CMA
AWARDS
US ARMY Commendation medal, for meritorious service, US Army 7th ARMY, Europe,
US ARMY Bronze Star medal, for valor, 75th Ranger regiment, Point Salines, Grenada
US ARMY Bronze Star cluster, for valor, 75th Ranger regiment, Comandancia, Republic of Panama,
US ARMY, Purple Heart, for wounds received
Contact this candidate