Benjamin Varela
Senior Microsoft *** Architect
adlsr6@r.postjobfree.com
Profile
Education
Microsoft 365 and Azure cloud engineer with 23 years of experience on the IT Industry.
Extensive experience on cloud transformations and migrations
Expertise with Azure cloud services
Expert on email migrations and file migrations to cloud services
Experience on planning, deploying, and managing Exchange servers.
Experience on planning, deploying, and managing Skype for Business servers and Teams migration.
Well versed on deploying and managing Microsoft 365 and Azure tenants
Hands On experience deploying High Availability, High Redundancy and Disaster Recovery on Exchange Servers
Led multiple projects on planning, deploying, and managing Windows Servers from 2000 to Windows Server 2019.
Knowledge on security best practices.
Experience managing Windows client operating systems.
Skilled on PowerShell and command line tools.
Knowledge on Microsoft Hyper-V and server virtualization.
Expertise on deployment and maintenance of AD DS, AD FS and AD CS on multi-forest environments
Knowledge on BitLocker, MS ATP, Microsoft CAS and Windows Defender
Experience on Azure AD configuration and security
Experience deploying Microsoft Intune, Conditional Access and Compliance policies
Deploying and managing MobileIron, creating policies, enrolling users and troubleshooting
Experience on M&A operations for AD and email migrations
Performed data migration and file migrations from On Premises file systems to SharePoint and OneDrive.
Bachelor of Science in Data Processing – Major in Computer Science
Visayan Data Computer
College - Philippines
Certifications
Microsoft 365 Fundamentals
Azure Fundamentals
MCP – Systems Engineer
CCSA/CCSE
Novell Certified Netware Engineer
Contact
adlsr6@r.postjobfree.com
Technical Skills
Microsoft 365 / Office 365
Azure Cloud Services
Azure Networking, Storage and Computing
Windows Servers (2000, 2003, 2008, 2012, 2012 R2, 2016, 2019)
Active Directory and ADMT for directory migrations
Microsoft Endpoint Configuration Manager, System Center Configuration Manager
Microsoft Intune, MDM and MAM
Windows Autopilot
PowerShell scripting and advance management tasks
Exchange Server (2000, 2003, 2007, 2010, 2013, 2016, 2019)
Exchange Online
Exchange Hybrid
SharePoint Online
Office Communicator Server
Lync Server 2007, 2010
Skype for Business Server 2015, 2019
Skype for Business Online
Microsoft Teams
Microsoft Teams Phone Systems, A/V Conferences and Live Events
Windows OS (95, 98, 2000, XP, Vista, 7, 8, Windows 10 Pro, Windows 10 Enterprise)
Email Security (EOP, IronPort, ProofPoint and Mimecast)
Email security frameworks (SPF, DKIM and DMARC)
MS 365 Security and Compliance (Data Loss Prevention, Retention, Data Governance, Data Classification, eDiscovery)
Mobile Device Management and Mobile Application Management
Microsoft Intune
Compliance policies and Client App policies
Virtualization Technologies (Hyper-V, VMWare)
Azure Information Protection and Data Classification
Azure AD Identity Protection
Privileged Identity Management, Microsoft Identity Management
Conditional Access Policies and Multi Factor Authentication
Azure AD Connect (Password Hash Synchronization and Pass-Through Authentication)
Active Directory Federation Services (AD FS)
ADFS Single Sign-On, Azure AD Seamless Single Sign-On and OKTA
OAuth 2.0, OpenID Connect and SAML
Azure AD, B2B and B2C
Enterprise Apps and App Registration
Bitlocker drive encryption
Microsoft Cloud App Security
Azure Advance Threat Protection and Microsoft 365 Advance Threat Protection
Power Platform (Power Apps, Power Automate and Power BI)
Microsoft Dataverse
MobileIron
BitTitan Migrationwiz
Canvas App and Model-driven App
Power Apps Portals
Power Virtual Agents
Change Management and Ticketing Systems (Remedy, ServiceNow, CA Service Desk)
Hardware: PCs, Laptops, Telephony Systems, Printers, Routers, Modems, Mobile devices
Networking: LAN & VPN/Remote Connectivity, TCP/IP • Platforms: Windows, NetWare Servers, Citrix
Experience
Jan 2019 - Current
Microsoft 365 Architect Consultant - MetLife - Whippany, NJ
Scope of the Project: Design, test and deploy Microsoft 365 and Azure AD policies to meet security and compliance regulations. Improve the process for license assignments, on boarding and off boarding of users and governance of Microsoft 365 Groups, Shared Mailboxes and Distribution Groups.
Created a PowerShell script to audit ShareMailboxes and Distribution Groups membership
Planned, tested and deployed MS 365 Group-Based licensing, and troubleshoot license assignment issues.
Created multiple Conditional Access policies to enforce MFA, App Protection policies and block untrusted locations.
Deployed Azure MFA and deployed Microsoft Authenticator App on mobile devices.
Created End-user training material for MFA use.
Deployed Azure AD Identity Protection policies, User Risks policies and Sign-in Risk policies, and enforced the policies using Conditional Access.
Performed monthly Assignment Reviews for privileged accounts, using Privilege Identity Management
Enabled Just in Time access for administrative roles using Privilege Identity Management
Applied Retention policies to Exchange Online, SharePoint sites, Teams and OneDrive
Performed eDiscovery searches for legal investigations and exported results.
Created MS Intune policies for corporate mobile devices and BYOD.
Enrolled Android, iOS and Windows 10 devices on Intune
Used Azure Hybrid Joined device management for Intune Automatic enrollment
Created device compliance policies for Intune enrolled devices.
Created Security Baseline profiles and Antivirus profiles for Endpoint Management.
Deployed Azure AD Connect for Pass-Through Authentication, enabled Seamless SSO.
Created GPOs for OneDrive to enforce Document and Desktop synchronization, and Outlook GPO to enforce Exchange Cache.
Deployed Data Loss Prevention policies to meet compliance requirements for Financial Information and HIPPA
Created and deployed sensitivity classification labels using Azure Information Protection
Maintained Email Security Gateway policies on ProofPoint, adding and removing senders from Trusted list, as well as managing the quarantine.
Jun 2017 – Dec 2018
Office 365 Engineer – Carolina's Healthcare System - Charlotte, NC
Scope of the Project: Email migration from Exchange 2013/Exchange 2016 to Exchange Online
Planned and deployed Exchange 2016 in a DAG environment
Managed Exchange environment 2016 and 2013 in coexistence and migrate 50% of mailboxes to Exchange 2016.
Created the Office 365 and Azure tenant and added custom domains.
Installed Exchange Hybrid Configuration Wizard on Exchange servers and configured the Hybrid Environment.
Planned the deployment for Directory Synchronization, cleaning Active Directory using IDFix
Used PowerShell to perform environment discovery and obtain mailbox statistics and delegation information.
Planned the migration process, creating daily batches and using PowerShell to perform the migrations.
Tested pilot migration and troubleshoot post migration issues.
Migrated Transport rules and Retention policies from Exchange 2016 to Exchange Online
Created PowerShell script for Office 365 E3 license assignment.
Assessment – Responsible for Discovery & Analysis, Planning, and Detailed Design (Exchange Hybrid, Azure AD Connect).
Worked with Help Desk for remediation and provided L3 escalation for hyper support.
Deployed of 2 Windows Server 2012 R2 for HCW and AADC.
Created DLP policies for sensitive information shared inside and outside of the organization.
Created malware filtering policies.
Created SPAM Filtering policies
Created IP and Domain Filtering Policies
Created Mail Flow Rules to Route Mail
Created MDM Policies for mobiles devices with ActiveSync.
Jan 2016 – May 2017
Office 365 Migration Engineer – WEC Energy - Milwaukee, WI
Scope of the Project: I managed the implementation of Office 365 with Exchange 2013 on premises coexistence.
Readied on premise deployment for hybrid by analyzing the state of AD, Exchange, and the corporate network.
Began the planning of the hybrid implementation of Exchange 2013 and Office 365 to create federation of services and coexistence.
Planned the migration of the user databases.
Architected a new messaging environment to include a dual DAG for high availability and failover scenarios.
Architected and led implementation of an archival system using Symantec Enterprise Vault to digest local PST’s and allow for eDiscovery and DLP protection.
Recovered PST files for multiple user archive mailboxes.
Created daily automated reports using System Center Orchestrator (SCORCH) to monitor the behavior for 12 Exchange mailbox servers and over 100 mailbox databases.
Defined and documented a process to enable direct mailbox provisioning in Office 365 with MS FIM, for future use in case mail system is fully migrated to cloud.
Developed a solution for dynamic distribution group lists on Office 365.
Identified bandwidth needs and worked with network team to establish proper communication circuits.
Scale-out existing infrastructure for hybrid and AD FS and provided inputs for Azure ExpressRoute bandwidth requirements.
Provided detailed planning for all phases including end-user communications and migration schedules\tool configurations.
Secured Exchange by implementing online protection in Exchange online for Spam filtering, Antivirus and threat management.
Troubleshot federation services between on premise and Office 365 cloud.
Implemented rich coexistence by enabling calendar sharing between tenant and on premises.
Implemented DR failover procedures using PowerShell scripting.
Utilized PowerShell and other scripting skills to automate messaging processes and reporting.
Created batches using PowerShell scripting for mailbox database moves to Office 365.
Nested 1,500+ Distribution and Security Groups within members using PowerShell.
Migrated over 500 Active Directory accounts between Domains using ADMT.
Tested on premise connections to cloud services with the help of security and networking teams to ensure proper routing, authentication, communication.
Responsible for testing and validation of various custom codes and templates for compatibility with the Office 365 and Office 2016 Pro Plus deployments.
Configured ADFS/ADFS Proxy servers on premise for Single Sign On services for users.
Jun 2013 – Dec 2015
Unified Communication Engineer – Vivint Smart Home, Inc. – Provo, UT
Scope of the Project: Provided Unified communication solution integrating Exchange and Lync servers, managing users and providing high availability and disaster recovery.
Implemented and administered Exchange 2013 on premises: single forest, 24 servers, with over 1500 user mailboxes.
Deployed Lync front-end servers in a pool configuration for hosted services and Edge servers for external communications, allowing unified communications services both internally and for remote users.
Managed and supported Lync 2010 & Lync 2013 Unified Communications Enterprise environment consisting of sixteen servers, a load balancer, and several media gateways, providing voice and video over IP, instant messaging, presence, web conferencing, video integration and Unified Messaging for users across six global locations.
Implemented and tested new MS Exchange 2013 Server along with Archiving systems,
Verified network and server configurations, tested virtual implementation, and readied servers for application deployment.
Implemented DAG for Exchange 2013 and add additional server node.
Performance tuned and optimized Exchange 2013 Server for maximum performance and continued operation.
Managed servers using PowerShell scripting, and Active Directory tools.
Implemented the following roles in a Microsoft Exchange environment: Edge Transport, Mailbox, CAS Array, Hub Transport and Unified Messenger.
Active Directory support through site build outs, group policy implementation and design support.
Reported on AD sync issues, errors, and conducted manual syncs as required.
User administration via Active Directory Users and Computers, ADSIEdit. •
Utilized Active Directory to administer users, computers, sites and services.
Performed active directory backups and restore and carried out installation of new Windows 2012 servers.
Troubleshot failed mailbox migrations, monitored migration statistics, reported to management on progression, and adjusted plans as deemed necessary.
Created workflow processes and automation infrastructure.
Mobile Device Management experience with iPhone, Android, and Blackberry devices.
Performed daily monitoring of Exchange software through native tools and SCOM.
Managed Exchange messaging system created legacy namespace, and assisted users with connectivity issues.
Managed Microsoft Exchange 2013 enterprise environment over 5 Active Directory networks in a VMware 5.0 virtual environment.
Responsible for document control, including build docs, server diagrams, architecture, user issues and change requests.
Performed daily monitoring of Exchange software through native tools and SCOM.
Administrated Blackberry Server, Good for Enterprise, McAfee Spam Servers.
Implemented group policies and various strategies to improve existing systems.
Ran reporting on users licensing, policy enforcement, and account statuses.
Jan 2011 – Jun 2013
Senior Exchange Engineer – The Kroger Company - Cincinnati, OH
Scope of the Project: Exchange and Active Directory administration, daily maintenance tasks, backups and health checks.
Maintained clustering configuration for Exchange 2010 server high availability through the clustering manager to monitor and maintain services and configuration.
Troubleshot issues with mail blockage, spam, and slow performance, providing both on site and remote diagnosis and resolution.
Handled requests related to mail quotas, delegation, rights management and individual mail restores.
User management, creating and modifying accounts, file systems, network rights and access to file systems and directories.
Assisted in building and managing lab environments with complex settings, configurations, topologies and equipment including servers and various network elements.
Proactively monitor systems health by physically inspecting environment and utilizing provided tools such as SCOM.
Lead effort to verify and decommission Exchange 2007 servers and provided status reports.
Acted as point of contact and communicated with end users on mailbox moves and changes to functionality.
Assisted with management of the operational support and system account lifecycle applicable to all non-human Ids.
Administer multiple disjoint Active Directory Forests, Domains, DHCP, DNS and various other Infrastructure services.
Trust relationships setup, dcpromo and decommission of Active Directory.
Updates, patching and software installations via group policies (GPO).
Created distribution groups, shared mailboxes, and room mailboxes for company use.
Troubleshot external and internal connection to Exchange server mailboxes and resources.
Responsible to applying patches and updates to Exchange servers and testing after application.
Utilized PowerShell and other scripting skills to automate messaging processes and reporting.
Utilized PowerShell and replication and systems monitoring tools.
Active Directory support through site build outs, group policy implementation and design support.
Active Directory migration between different domains and forest using ADMT tool.
Reported on AD sync issues, errors, and conducted manual syncs.
Managed the desktop environment using Group Policies in a Microsoft Windows Active Directory Environment. (Windows Server 2008/2012)
Managing user accounts within Active Directory, modifying permissions for access to pertinent network.
User administration via Active Directory Users and Computers, ADSIEdit.
Performed active directory backups and restore and carried out installation of new Windows 2012 servers.
Managed Active Directory users and computers and Exchange Server.
Worked with Active Directory (domain, User accounts, groups).
Oct 2007 – Dec 2010
Exchange and AD Engineer – PNC Financial Services - Pittsburgh, PA
Performed the documentation and implementation of migrating users from Exchange 2003 to Exchange 2007
Executed the transition of legacy Microsoft Exchange 2003 servers to Exchange 2007 ending with the final decommissioning of the legacy servers.
Assisted in building a complex architecture which included several Edge Transport servers on the perimeter network to provide added security to Hub Transport/Mailbox role servers.
Administered and supported Blackberry Enterprise Server 4.1 to provide Tier 3 support for Blackberry users.
Built test lab environments, creating virtual machines using Microsoft Hyper-V.
Documented current Active Directory/Exchange infrastructure and organizational policies.
Managed DNS, DHCP, AD, FTP, IIS, DFS and Print Servers.
Implemented and managed VMware ESX 4 servers.
Monitored Microsoft Exchange events in SCOM 2007 and any migration-related issues.
Provided troubleshooting support for client issues with Outlook and BlackBerry devices
PowerShell scripting employed to automate repetitive administrative tasks.
Design new applications to be used on manufacturing floor.
Lead a group of programmers on the construction of innovative programs for different departments on the company and then install them successfully on the organization on .NET.
Oracle databases management PL/SQL.
SQL server 2005 databases management.
Responsible for SharePoint software.
Responsible for the equipment on floor like PDA, wireless access points and network.
Microsoft Windows Server administration using Virtual Desktop.
Use the Citrix to access various programs in the network.
Sep 2001 – Sep 2007
Senior System Engineer - Credit Suisse – New York, NY
Work on the Disaster Recovery (DR) Plan / BCP for the company’s offsite Helpdesk.
Primary Technical Support on the DR sites in New Jersey.
East coast branches’ remote support for desktop and networking systems. Handle sites in Jersey City-NJ, Raleigh-NC, Atlanta-GA, and Baltimore-MD, among others.
Provide periodic Power down planning and support on branch sites such as Jersey City, Atlanta, Baltimore, and Princeton.
1st & 2nd level desktop support analyst for FA&O users by performing all functions pertaining to problem escalation and user administration support for the Helpdesk using remote tools such as SMS, Remedy, and Altiris desktop support applications.
Provide lead support on IT area renovation in Princeton site for both preparation and actual move of about 150 users from one floor to another.
Handle Operations floor support and performs installs, moves, adds, & changes (IMAC) activities.
Provides off-hours support and on-site visits for the East coast branches,
Prepares periodic and ad-hoc reports requested by manager providing status reports, ticket resolution summary and team updates.
Jan 1998 – Aug 2001
Senior Infrastructure and Network Consultant - Moody’s Investors Service – New York, NY
Managed Moody’s Global Messaging environment by administering all MS Exchange servers with mailbox, X400 connectors to international sites, Internet Mail and Site/Replication connectors.
Performed version & site upgrades and the deployment of MS Exchange servers.
Performed mailbox recovery situations.
Provide third-level resolutions for support on Exchange and Outlook clients, and Internet mail issues.