Matthew Bryan Goldfarb
Santa Monica, CA 90405
ad3owk@r.postjobfree.com
Professional Summary
•20+ Years of hand-on IT experience
•Various roles including:
o Hybrid Cloud Engineer o Systems Administrator Advisor o IT Network Manager
o Senior Consultant o Senior Systems Administrator o Lab Manager
o IT Security Auditor o Information Security Officer o Programmer/Analyst
•Experienced IT professional dedicated to providing high quality services and positive results. Proven ability to leverage technology to achieve organizational objectives.
Highlights
•Linux/UNIX Engineer (RHEL, Oracle, SuSE, etc)
•Windows Server Engineer (MCSE/MCTS/MCSA/MCP)
•Database Administrator (MCDBA, Oracle PL/SQL, etc)
•Virtualization Administrator (VMware, Hyper V, Xen, etc)
•Network Administrator (DNS, DHCP, VPNs, WiFi, etc)
•Email Administrator (Exchange, Groupwise, etc)
•Cloud Administrator (Azure, M365/Office 365, etc)
•Network Engineering (LAN/vLAN/WAN/VPN, etc)
•Configuration Management (Ansible, Puppet, GPO, etc)
•Hardware Engineer (A+, ACMT, Server & PC builds)
•Mobile Device Administration (Android, iPhone, etc)
•Data Center Engineer (servers, network, storage, etc)
•Web, CMS, Email & Collaboration Server Administrator
•Email & Content Filtering Solutions Administration
•Scripting (batch files, VBScript, PowerShell, shell, Bash)
•Antivirus & DLP Administration
•Remote User Management
•Remote Work Experienced
•ITIL Service Management (Dell)
•Six Sigma Quality Improvement
•Compliance (HIPAA, PCI, etc)
•Helpdesk (Levels 1-3)
•High Reliability Operations (Dell)
•Backup & Recovery (Veeam, etc)
•Cross-platform integration
•IT Security Engineer
•Risk Management
•Risk Assessment
•Data Center Engineering
•SIP (VoIP) Certified
•Project, Visio, Office
Work Experience
Northrop Grumman 2022-Present
Senior Systems Administrator, Primary Responsibilities:
•Windows, Active Directory, DHCP, DNS, Group Policy, Domain Controller Administration
•Linux & IPA deployment, administration, networking, tuning, security hardening & troubleshooting
•Automated Deployment (Ansible) & Configuration Management (Ansible, Group Policy)
•VMware (ESX, NSX) Administration
•BItlocker, Systems Hardening, Vulnerability & Patch Management, Powershell
•Router & Switch Administration (Physical & Virtual)
•Storage Engineering & Administration
•Directory Services Engineering & Administration
•DevOps & Automated Systems Deployment & Hardening (Physical & Virtual)
•Complex Infrastructure Troubleshooting & Repair
•IT Strategy, Procurement, Deployment & Asset Management
•Mentoring & Training of Junior Systems Administrators
•Standard Operating Procedures & Systems Documentation
AmeriSave 2021-2022
Hybrid Cloud Engineer, Primary Responsibilities:
•Hybrid Cloud/On Premise Systems Engineering (Azure, Azure VM, Azure AVD, FXLogix, etc.)
oCloud, Hypervisor, Windows Server, Linux, Docker, Git Administration
•Security Systems deployment & administration (Rapid 7, IronSphere, zScaler, Device42, Netwrix)
•On-Premise to Cloud Migration
•Monitoring & Alerting Systems Deployment
•Security Hardening & Company-Authorized White-Hat Hacking
•Incident Response & Remediation
•Vulnerability & Patch Management
•Deployment Automation
•Proof Of Concept (POC) Technical Deployment
•Standard Operating Procedures Documentation
Desert Oasis Healthcare 2019-2021
IT Security Auditor, Primary Responsibilities:
•Regulatory Compliance & IT Standards Program Development
oResearch regulatory & standards requirements & frameworks, create impact analysis
oDesign IT Security Controls & create Cybersecurity Policy based on HITRUST
•Identify IT security issues & recommend security best practices
•Develop mitigation plans to address eliminate security risks
•IT Security Engineering (Servers, Switches, Wireless, Desktop, Mobile, Cloud & more)
•Security Systems Research & Evaluation (SIEM, SOAR, firewall, IDS/IPS, etc.)
•Vulnerability & Patch Management (WSUS, PDQ)
•Antivirus Management (Sophos)
•Network Engineering & Troubleshooting
•Develop IT security training materials
•Mitel VoIP phone system
•Create security document templates (e.g., Risk Assessment) & Documentation
Dell 2016-2019
Systems Administrator Advisor (Healthcare),
Primary Responsibilities:
•Systems Administration (Windows, AD, Linux), IT & IT Security Systems Deployment
•Data Center Systems Engineering & Management in a High Availability environment
•Access Control, Vulnerability Management, Upgrades & Patching
•Monitoring, Log & Active Threat Management and Remediation (Cisco)
•Security Officer (primary and secondary)
•Compliance (HIPAA, SOX, PCI) Pre-Audit & Audit Reponses & Remediation & Risk Assessment
•Troubleshot and resolved technical issues and outages, detected & stopped active attacks
•Virtualization Administration (VMware HA) & Storage Administration (EMC, NetApp)
•Network & Wireless Administration (Cisco)
•Recommended & supported mission-critical application migration to hosted cloud environment
•Repaired old backup system (fixed broken tape library), procured & installed new backup system
•Managed Disaster Recovery and Backup solutions (restored files from multi-tiered D2D2T system)
•ITIL Service Management/Change Management (wrote test plans with rollback scenarios, etc)
•Troubleshooting, Break-Fix, Scripting, Documentation
•Tier II Helpdesk & participated in on-call rotation
Archer 2015 – 2016
IT Network Manager, Primary Responsibilities:
•Windows Server Engineering, Administration & Troubleshooting
•IT Security Engineering & Management (legacy & next generation firewalls, permissions, etc)
•Network Engineering & Troubleshooting (switches, wireless, firewalls)
•Vulnerability Management
•Storage Engineering & Administration
•Virtualization Management
•Mitel VoIP Phone System Support
•Database Administration
•Application Troubleshooting
•Scripting (PowerShell, Windows)
•Server administration (Windows, Mac OS X), installation, monitoring, troubleshooting
•Cloud (Google, Microsoft, Asana)
•Tier II Helpdesk support
HRL Laboratories, LLC 12/2013-6/2015
Systems Administrator, Primary Responsibilities:
•Systems Engineering & Administration (Linux, Oracle, Windows)
•Security Engineering & Server Hardening (OS, packet encryption testing & deployment)
•Vulnerability Management (Oversaw deployment & operated KACE & Satellite Servers)
•Data Center Engineer (HP Blade & Dell & HP rack mount servers, fiber channel & storage, etc)
•Troubleshooting & Root Cause Analysis (found & fixed serious intermittent timeout issue, etc)
•VMware administration (managed VMware HA environment, migrated to new storage array, etc)
•Storage Engineer (LUN creation & management, multipathing, cabling)
•Active Directory (AD) Management & Group Policy (GPO) Administration
•Email System Administration (Microsoft Exchange)
•Backup System Administration (NetBackup)
•Directory Services Cross Platform Engineering & Integration (SAMBA, Winbind, LDAP)
•Configuration Management (installed & managed Puppet) & scripting (Bash)
•Data Recovery (recovered data lost due to hard disk crash)
•Break-Fix Support (Web Server, etc)
•End User Support (Linux, Windows & Applications)
UCLA 6/2013-8/2013
Systems Administrator Primary Responsibilities:
•Charged with protecting & managing many of the University’s most sensitive data assets
•Server and VM Administration (Windows, IIS, Hyper V, VMware)
•Code deployment (Test to Production)
•Evaluated and deployed new OS (Windows 2012/AD/DNS/DHCP) and applications
•Collaborated with non-technical management on application configuration
•Managed backup systems
•Managed DNS (Cisco CNR) and fault tolerant DHCP
•Database Administration (DBA)
Digital Cinema Systems Corporation 11/2011-10/2012
Lab Manager, Primary Responsibilities:
•Windows Server Engineering including DAS storage engineering & performance tuning
oDesigned and benchmarked storage configuration for OEM server product
•Performed configuration management (OS, database)
•Wrote Configuration Guides and End-User Documentation & Mentored Junior Engineers
•Performed product testing & collaborated with developers & management
•Provided Product Engineering, Troubleshooting & Upgrades in a (DCI) Compliance Environment
•Security, Certificate & Encryption Management & Intellectual Property Management
•Configured. upgraded & supported embedded (Linux/Windows) controllers
•Installed Windows & Linux, upgraded firmware and drivers
•Installed OEM applications, SQL databases & documented complex installation process
•Troubleshot network problems (Wireshark, Ping, Netstat, MTR, Network Monitor, iPerf, etc)
•Repository management (subversion), managed, secured & installed digital certificates
•Code deployments, Setup & maintained lab equipment, provided developer support
•Produced concise, color coded reports for development and management
•Ticket System & Document Management System Administration & Tier III Technical Support
•Tested OEM system using $70,000 Barco projector, Dell servers and embedded controllers
•Performed field troubleshooting and upgrades in vendor test laboratory under tight timeframes
AXON INFOSYSTEMS, INC. 6/1996-10/2012
Senior Consultant,
Primary Responsibilities:
•Senior Windows (Active Directory, Group Policy, DNS, DHCP, DC, KMS, CA, etc)
•Senior Linux Engineer (Redhat, CentOS, Fedora, SuSE, Ubuntu & more)
•Heavy command line administration & utilities & scripting (Windows & Linux)
•Server & Desktop engineering, troubleshooting & support (Windows, Linux, Mac OS X)
•Security engineering & server hardening (Windows, Linux)
•Server, network and storage design, implementation, troubleshooting and maintenance
•Network & Security Engineering ([Cisco] switch, router & firewall configuration, WiFi, etc)
•Automation & Configuration Management Experience (Group Policy Object, Puppet)
•Cloud engineering & administration, on-premise to cloud migration (Microsoft, Google & more)
•Advised customers on technologies that improve operational efficiency, security & continuity
•Coding (C, VB, SQL) & scripting (BASH, batch files, VBScript, Powershell) experience
•Regulatory compliance (HIPAA, PCI) program development, implementation & consulting
•Incident response management & remediation, antivirus & security tool management
•Migrations (old to new server & desktop OS, server to cloud Migrations, etc).
•Disaster protection and recovery
•Installed and supported web, email and content management (CMS) servers
•Installation and administration of servers, clients, tablets, Kiosks and smartphones
•Installed firewalls, routers, switches, wireless, VoIP telephone systems and more
•Provided help desk support (Tier I – Tier III) & field service (including on-call)
•Root cause analysis
•Upgrades and migrations
•Database administration (DBA) database application development & reporting
•Cross platform integration (Windows, UNIX, Mac OS, Linux, AD & SAMBA integration)
Education
Institution: UCLA
Result/Degree: Bachelor’s Degree, Business Administration/Quantitative Methods/Political Science
Phi Beta Kappa, Magna Cum Laude, Deans List Student
Certifications
MCTS, MCDBA, MCSE, MCSA, MCP, CCNA, A+, Apple ACMT, Structured Cabling Products, SIP (VoIP)
Hands-On Experience
Windows Server NT3.51–2023, Active Directory (AD). Group Policy (GPO), Windows 1.0 - 11, IPA, Winbind, Redhat (7.x, RHEL 4-9), Centos, Fedora, SuSE (SLES, OpenSuSE), Ubuntu, UNIX (various), Mac OS 6-X, Azure, Azure, Azure VM, Azure DevOps, Azure Active Directory, Azure Virtual Desktop, Ansible, Puppet, Apache, IIS, SQL (Oracle, Microsoft, Postgres, MySQL), coding (C, Basic/VB/ADO, SQL & more), scripting (Windows, Bash, VBScript, PowerShell, HTML), DHCP, DNS, network tools (ping, traceroute, iPerf, Wireshark & more), SSL certificates, encryption, storage (DAS/NAS/ SAN -- NetApp, Compellent, Equalogix, EMC, Hitatchi, HP, Brocade, Fiber Channel, 10G, iSCSI), routers, switches, firewalls (Cisco, SonicWall, CheckPoint & Palo Alto), VPN concentrators, wireless (HP, Cisco), HP switches & WLAN controllers and APs, ITIL Service (Ticket) Management (BMC Remedy, Jira & more), Vulnerability & Patch Management (Rapid 7, Dell KACE, SUS, WSUS, Redhat Satellite, PDQ Deploy) & much more.
Affiliations
Southern California Linux Exposition (SCALE) Staff 10+ years, Bsides Security Conference & more.
Training (partial list)
oMicrosoft Certified Systems Engineer (MCSE)
oMicrosoft Certified Database Administrator
oAzure (Microsoft hands-on training, 2014)
oAzure Fundamentals
oAzure Administration (AZ104)
oAzure Architecture (AZ304)
oAzure Security (AZ500)
oOracle PL/SQL (beginning & advanced)
oWindows Server (2K/2K3/2K8/2012/2016)
oWindows Security Bootcamp (Microsoft)
oCisco Academy (2 years) & CCNA (two)
oApple ACMT
oLinux (HP, Novell/SUSE, more)
oCompTIA Security+
oA+
oCertified Novell Engineer (CNE)
o CISSP
o CEH
o CISA
o IT Security Audit
oIBM QRadar
oDell KACE
oMicrosoft M365/Sentinel/Defender
oSANS Security Workshops (Various)
oHigh Reliability Operations (HRO)
oITIL BMC Remedy (Dell)
o Six Sigma Quality Improvement
oInternet Information Server (IIS)
o PostgreSQL
o Tomcat
oAnsible
oChef
oVmware (ESX, NSX)
oHyper V
oMicrosoft Exchange Server
oMicrosoft Visual Basic, SQL
oIntroduction to Programming
oData Structures and Algorithms
oC & C++ Programming
oAssembly Language Programming
oHTML/CSS
oStructured Cabling Products
oNetApp (CDOT)
oHitachi SAN