Information Systems Technology
Resume:
Larry Gramling
Papillion NE *****
Cell# 803-***-****
*****.**********@*****.***
Certifications:
VMWare Certified Professional (VCP-DCV)
Microsoft Certified Solutions Expert (MCSE)
Certified Information Systems Security Professional (CISSP)
Information Technology Infrastructure Library (ITIL 4v)
Current security clearance: Active Top Secret – SCI
Over 12 years of IT Management, 15 years Systems Engineering and 12 years of Networking Administration Experience.
Education: Bachelor of Science in Management and Computer Information Systems, Park University, Parkville, Missouri
IT Systems-Operating Systems supported: Windows Server 2012/2019, Windows 10, VMware vSphere ESXi 7.0, RedHat Linux, Dell servers, Dell Compellant / Equallogic SAN solutions, Blue Coat Proxys, NetApp ONTAP 9, Data Domain Dep-duplication solutions. Installed, administered and maintained Cisco switches, routers, VoIP phones, Fiber Channel / ISCSI SAN Switches, Firewalls and Cisco Call Managers. Administered and have a working knowledge of Palo Alto L3 systems
Other software supported: VMWare VIEW Horizon VDI, VMWare vCenter 6.7/7.0, Microsoft Azure, Cisco Unity Voice Messaging System, CommVault backup solutions. Various Microsoft services (Active Directory, clustered print services, DNS, DHCP, GPOs, MS Network Load-Balancing (NLB), MS Sharepoint Portal Services (clustered), MS Remote Devices 2012 (RDS), Skype for Business 2016, Remedy Inventory / ticketing system 9.1, SQL Server 2012/216, STIG Viewer, eMass
A US citizen that worked in Germany for the US Government now living in Nebraska. Willing to relocate
Wiesbaden, Germany July 2022-October 2023 – Contract
Has a clear understanding and assisted implementing NIST 800, HIPAA, PII and Department of Defense Risk Management Framework (RMF) standards
Wrote numerous polices in accordance with Information Assurance policies and controls that align with various software platforms
Was assigned Trusted Agent duties working along side Information Security Sever Officer and Managers to get networks fully accredited.
Daily checks included vulnerability checks on Microsoft and Linux physical and virtual servers using SCCM and Puppet
Maintained SQL 2016 databases. Installed and maintained patches in a timely matter. Created and installed certificates using certificate authority sever. This included SAN (Subject Alternative Name) certificates.
Network and systems technologies supported includes 2016 DNS, GPO, DHCP, Microsoft Active Directory.
Wrote numerous unit polices containing cell phone usage, properly storing sensitive items among other tasks which was approved by company leadership
Created and presented technical presentations, workshops, and technical validation engagements
Technical lead presenting leadership with courses of action on emerging technologies to include data duplicating, snapshot, and disaster recovery technologies to help provide a more resilient network
Wrote disaster recovery policies and instructions approved by unit’s CIO. Policies and instructions updated quarterly or as needed to reflect on going changes in the environment
Assisted in hardening through Microsoft GPOs using IA controls on all servers throughout the enterprise.
Able to push patches to various automated data processing systems at least once a month.
Has 10+ years of experience with VMware/ESXi to include vCenter and Horizon View/VDI. Installed, configured, and maintained master image for instant clones ensuring that clones are on proper datastores. Monitored and expanded datastores, memory and vCPUs upon request. Created new clusters in vCenter segmenting master image, VIEW servers, and instant clones from other on premise services. Ensured that zero clients can communicate with VDI servers correctly configuring ESXi servers vmnics, SAN switches and storage area network appliances. Recommended best of breed solution for zero clients.
Security Engineer helped design both Secret and Non Secret networks to include the DMZ Intranet and extranet networks
Maintained on a daily bases Cisco’s ASA firewall, Blue Coat Web Proxy, Microsoft Forefront Threat Management Gateway (Forefront TMG) and Cisco’s VPN Appliance
Able to modify access control lists in routers and is able to administer access layer switches to troubleshoot locked out ports, switch VLANs amongst other various tasks
Designated one of three Information Assurance managers to hold an Enterprise Mission Assurance Support Service eMASS account
SOSi Wiesbaden, Germany Wiesbaden March 2021 – January 2022
CND Cyber Network Defense/ Systems Engineer - Contract
Designed and developed the RMF (Risk Management Framework) responsible for applying Security Technical Implementation Guides (STIGs) for multiple operating systems and applications to address issues and identified the impact to Information Communications Technology infrastructure.
Assisted in the developed and implementation of the Information Security Continuous Monitoring
Responsible for the installation, maintenance, configuration, and integrity of computer software applications.
Assessed security controls, reviewed organizational policies and procedures, performed vulnerability scans utilizing Assured Compliance Assessment Solution (ACAS), Security Content Automation Protocol (SCAP) and manually reviewed device security configurations
Researched, tested and installed VMware environments to include Horizon VIEW with vCenter giving VMs access to storage LUNs through storage area networks. Has 10+ years of experience with VMware/ESXi to include vCenter and Horizon View/VDI. Monitored and expanded datastores upon request. Created new clusters in vCenter segmenting master image, VIEW servers, and instant clones from other on premise services. Ensured that zero clients can communicate with VDI servers correctly configuring ESXi servers vmnics, SAN switches and storage area network appliances. Built multiple master images upon request of the customer including test image for compatibility issues with software and patches before rollout to the main environment (Adobe, JAVA, Microsoft, etc.)
Assisted in the development of the project plans and schedules for the security posture throughout the network
Designed and analyzed various switching and routing devices and VPN connections to ensure a secure quality network is deployed
Wrote numerous policies and required waivers as it pertains to best practices that were incompatible with various software platforms
Assisted in the execution, installation and upgrade of tech refreshes and provided detailed formal presentations and assessments to the leadership
Worked with various SAN vendors to include Dell, EMC and Hitachi on the development, configuration, deployment and licensing of a secure storage architecture.
Administered network and systems solutions to support Microsoft 2016/2019 DNS, DHCP, Microsoft Active Directory/Group Policy Objects, SQL 2012, 2016 and Cisco VPN solutions
Designed a custom installation of the Linux operating systems and troubleshot baseline issues
Maintains SQL servers (clustered) by ensuring timely backups, creating maintenance plans and ensuring virtual machines are optimized.
Deployed software applications through SCCM making software available through software center.
Assisted the O&M community with the building of several RDS (Remote Desktop Services) so administers could remotely access administrative tools
Installed and troubleshoot Microsoft’s IIS that hosted multiple high profile clients and websites
Able to push patches to various automated data processing systems at least once a month.
BAE Systems Ramstein, Germany August 2020-March 2021
Systems Engineer - Contract
Designed and developed in-depth iSCSI/fiber channel technologies giving VM access to SAN storage
Has a clear understanding of DISAs Risk Management Framework (RMF) and was a technical lead in hardening Windows operating systems
Wrote numerous polices as it pertains to STIGs that were incompatible with various software platforms
One of the lead engineers implementing SecureView an Air Force Reach Lab (AFRL) software/ hardware platform at enables users to mission essential workstations on Secret and Non Secret in a single pane of glass
Provided oversight and maintained over 100 Microsoft virtual machines deploying VMs using OVF files
Network and systems technologies supported includes 2016 DNS, DHCP, Microsoft Active Directory/Group Policy Objects, SQL 2012 2016 and Cisco VPN solutions
Deployed Linux operating systems. Trained end users and developed a guide to navigate in the operating systems operation and preform maintenance
Monitored and corrected errors in VSphere VCenter 6.7 and optimized virtual machines by adding storage and memory upon validated requests. Installed zero client management software on management servers to upgrade firmware on zero clients to include Message of the Day and recommended settings.
Generated server certificates through Microsoft Certificate Authority server and successfully applying them to servers.
Developed, implemented, and coordinated activities designed to ensure, protect, and restore IT systems, services, and capabilities.
Able to push patches to various automated data processing systems at least once a month.
Assigned personnel to various projects, monitored their activities, and evaluated their work.
Trace Systems (MPE-S) Wiesbaden, Germany March 2020 to July 2020
Systems Engineer - Contract
Maintains over 600 Linux and Microsoft Virtual Machines using VMware's vCenter
Monitored and corrected errors in an Active Directory 2012, 2016 and 2019 environment using GPOs and registry editor
Monitored and corrected errors in VSphere VCenter 6.5 expanding data stores and adding memory to VMs as needed. Tested on a daily bases end user experience to include two way audio and video as well as front office products (MS Office, Adobe, Internet Explorer, Firefox, etc.)
Has a clear understanding of DISAs Risk Management Framework (RMF) and was a technical lead in hardening Windows operating systems
Able to push patches to various automated data processing systems at least once a month.
Network and systems technologies supported includes 2016 DNS, DHCP, Microsoft Active Directory/Group Policy Objects, SQL 2012 2016 Cisco router, switches and VPN solutions
Familiar with Linux operating systems. Able to navigate proficiently throughout the operating system and troubleshoot baseline issues
Maintained and monitored NetApp OTAP appliances. Checked daily for volume usage ensuring thin/thick provisioned volumes for efficient storage space usage
Key IT manager and engineer in validating two separate networks which were approved for the Authority to Operate - ATO
Mantech International (66 MI BDE) Darmstadt, Germany April 2017 to March 2020
Field System Engineer (FSE)
Installed, configured and maintained Microsoft SQL servers 2012/2016
Lead VMware Engineer for the entire organization, installing, configuring and maintaining VMware vSphere environments on two separate networks.
Installed, configured and maintained backup system solutions including Symantec Net Backup, Commvault, and native solutions
Responsible for the Security Technical Implementation Guide (STIGing) and patching of numerous virtual machines and VMware ESXi Hypervisors.
Worked with multi-vendors in the design and deployment of iSCSI/fiber channel technologies in Command and Control infrastructure.
Develop system integration implementation plans for network and systems technologies supported includes DNS, DHCP, Microsoft Active Directory/Group Policy Objects, and Cisco VPN solutions
Ability to troubleshoot and pull information using numerous scripts for auditing.
Has a clear understanding of the Department of Defense Risk Management Framework (RMF) and was a technical lead in hardening Windows operating systems.
Pushed out IAVA (patches) on all 300+ Linux virtual machines using Puppet ensuring clean Puppet runs
Developed and maintained the Microsoft SharePoint 2016 server sites throughout two separate networks
Patched numerous commercial of the shelf operating systems including Microsoft, Linux and VMware.
Key IT manager and engineer in validating two separate networks which were approved for the Authority to Operate - ATO
Jacobs Sverdrup, (HQ USSOCOM), MacDill AFB, FL April 2016 to April 2017
US Special Operations Command Engineer/ IT Project Manager Contract
Built and tested multiple technologies for prospective use in the SOCOM Enterprise environment. Installed, configured and maintained the following services: Microsoft Skype for business 2013, MS SharePoint 2013, Windows server 2012/2016, SQL server 2012/2016, Adobe Connect, Tempus Pro tele-health servers, Kemp virtual load balancers, MS domain controllers 2012/2016.
Built and maintained Active Directory services in accordance with DoDs Risk Management Framework (RMF).
Customized configuration of VMware vSphere 5.5/6.0 and ESXi 6.0, 6.7
Customized configuration of Dell server configuration and iSCSI/fiber channel technologies
Overseen the HQ J632 IT Project Manager assessment team responsible for assessing emerging technologies that can be utilized in the SOCOM Enterprise.
Assessed over 10 different technologies some of which have become official USSOCOM IT projects.
United States Air Force Federal Employee, (JCSE) MacDill AFB, FL September 2007 to April 2016
IT Manager/6Systems Engineer/Network Engineer (Lead)
•Designed, implemented and maintains unit’s (AD) Active Directory infrastructure.
•Designed, implemented, and maintains unit’s VMWare vCenter to include ESXi hosts, vSwitches and VDI (VIEW) environment.
•Manages 100+ virtual MS Windows 2008/2016 servers on two networks (Secret/Non-Classified Networks).
•Installed, configured and maintained SQL server 2012. Created maintains plans to natively backup shrink and optimize databases
•Implemented and managed Dell EqualLogic/Compellent and Hatachi iSCSI/FCoE Storage Area Network (SAN).
•Designed, installed, configured and maintained MS Sharepoint Server 2010 and 2016.
•Maintain BMC Remedy 9.1 web inventory / ticketing system systems
•Designed, implemented and maintains the unit’s backup solution ensuring all critical data that reside on the Storage Area Network (SAN) is backed up in a timely manner.
•Designed, implemented and maintains the unit’s Exchange clustered servers (2010) to include mailbox, hub transport, and CAS servers.
•Responsible for implementing Security Technical Implementation Guides (STIGs) on operating systems and applications such as Windows 2012 and 2016 DNS, Active Directory, etc. IAW the Risk Management Framework (RMF).
•Performs daily system administrator functions that include adding, modifying and deleting objects from the domain, modifying entries in various Microsoft services such as Active Directory, Dynamic Host Control Protocol (DHCP), Group Policy Objects (GPO) and Domain Name Service (DNS).
•Responsible for the daily operation and performance monitoring of server systems, mass storage technologies, data protection, e-mail flow, database replication and client access experience.
•Planned and executed the installation of new or modified hardware, operating systems, and application software
•Responsible for upgrading all software and maintaining the most current service packs for all back office products.
•Implemented and supports DoD PKI, CAC Authentication, and Signed/Encrypted Email.
•Network administrator – Daily functions include adding rules to the firewall, using packet tracer, unlocking error disabled ports, moving ports to the correct VLAN, and troubleshooting various issues as it pertains to the network using various Cisco commands.
•Proficient in configuring Cisco switches, routers and firewalls.
•Administers the unit’s Cisco ASA 5520 firewall allowing Simple Mail Transport Protocol (SMTP), Virtual Private Networks (VPN), and other required services to the customer.
•Maintain unit’s SMTP mail gateway server monitoring all email traffic inbound and outbound the unit’s enclave.
•Supervises civilian personnel and provides oversight to contractor personnel involved in network, server, electronic mail, desktop support, telecommunications, and vulnerability remediation.
Excellent References Upon Request
Contact this candidate