IT OPERATIONS INFRASTRUCTURE SECURITY PROJECT MANAGEMENT PROCESS IMPROVEMENT
Innovative IT professional with demonstrated success implementing strategic & tactical solutions to solve complex infrastructure and operational challenges, improving IT security, reducing cost, and minimizing risk for small to Enterprise size companies alike.
SKILLS
oMicrosoft 365 & Azure
oHands-on Server Management
oSaaS, PaaS, and IaaS experience
oSecurity best practices
oServer Infrastructure hardening
oBackup\Archiving
oSystems Design and Integration
oDocumenting Processes and Policies
oImplementation of Co. Requirements
oMonitoring Tools
oActive Directory, DFS, CA,
oIIS, SCCM, RDM, ADFS
oHA Web Farm Management
oLoad Balancing
oAutomation
oStorage
oTroubleshooting
oPowerShell
oCross Departmental Collaboration
oBudget and Vendor Management
oCommunication
oFile Sharing Solutions
oSecurity System Integration
oIT Strategy
oCloud implementation and Mgmt.
oIncident/Problem Management
oExecutive Support, including C-Level
oAttention to Detail
oTechnical Writing
EXPERIENCE HISTORY
ANSWER FINANCIAL INC. (AN ALLSTATE FAMILY OF COMPANIES)
One of the original insurtech companies, established in 1997 and focused on delivering various types of insurance through innovatively developed in-house software.
Systems Administrator III - March 2019 – October 2023
oMicrosoft Office 365: Administering Office 365 cloud services, including Exchange Online\Hybrid, Teams, OneDrive for Business, Advance Threat protection, Microsoft Purview eDiscovery, Connect-ExchangeOnline PowerShell administration.
oWindows Server: Administration of Microsoft products including - Microsoft Active Directory, GPO’s, Exchange, Servers, IIS. Supporting on-premises Active Directory with O365 (Azure AD Connect).
oSecurity\Hardening: Implemented CIS server hardening recommendation throughout the server infrastructure. Vulnerability remediation on servers\applications\appliances.
oVMware: Installing, configuring, and maintaining VMware ESXi and vCenter and VDI infrastructure. Creating and managing virtual machines, templates, clones, and snapshots. Monitoring and troubleshooting ESXi hosts, virtual machines, and virtual networks. ver. 6-8 (Familiar with the Product Interoperability Matrix)
oRegulatory: Created a centralized audit log to track all changes made in the environment and ensure compliance with regulatory requirements SOC, CEP. Participated in regulatory audit processes.
oSpecial Projects: Data Center Migration, Microsoft Remote Desktop Management, SFTP server migration and developing a new system for Key based SFTP transmissions, FIM deployment, SCOM migration\upgrades\configuration and administration, AD Audit setup and administration, deployment and administration of Jira, Tableau, Jenkins, Solar Winds.
oVeeam: Migrated backup systems from Networker to Veeam BAR utilizing AWS S3 storage. A backup and archive system developed based on AFI’s policies for data retention. Also utilized Rubrik & Networker for different backup strategies.
oStorage: Deployed and familiarity with Pure Storage, AWS S3 (including immutability configuration) and NetApp.
The Los Angeles LGBT Center - FEB 2018 – FEB 2019 (Contract)
The world's largest provider of programs and services for LGBT people with 500+ staff and hundreds of volunteers united by a common goal to make the world a better place for LGBT people.
Systems Engineer - Recommended by the CDO & CIO of the Los Angeles LGBT Center
oContract project “Access Management and User Life Cycle Management”.
oAzure and Azure AD, Office 365 & ADFS support and configuration.
oWindows Server 2016 & Windows 10 Security and Deployment
oOverall discovery and documentation of current Life Cycle process, this includes best practices in-line with some ITIL processes and User Account security best practices.
oImplementation of new services, workflows, and custom scripts on their already existing Service Desk technology (ManageEngine’s Service Desk).
oDiscovery and in-depth functionality of all Health Services (HS) applications for AD integration and SSO.
oCollaborated with the HS application vendors and the in-house HS Information technology team on building the project plan for SSO implementation. Plan of attach, testing, process, setting the acceptable undesirable results, timelines, rollback, etc.
oWorked closely with the development team to create customer reports for User Access Permissions across all platforms and applications.
oDocumented the AD OU Structure to identify possibly benefits of a restructuring to meet the changes and expansion of the organization physical site\ footprint.
FOURTH DIMENSION FELLOWSHIP - JAN 2018 – FEB 2018 (Contract)
A nonprofit organization working to bring fellowship, services, and programs for LGBT people.
Systems Engineer
oOperations and management of Office 365 suite, Hosted Exchange, SharePoint, OneDrive, Skype for Business.
oEstablished Office 365 suite.
oConnected and configured desktops, network infrastructure, Wi-Fi, and firewall security.
oSelected and engaged a developer once I had designed the functional and operational specifications for NP websites -including e-commerce- with oversight of the month-long project through final revisions and load balancing testing.
oImplemented Skype for business phone systems.
AZOFF MSG ENTERTAINMENT, LLC.
A premiere entertainment, sports and venue, music rights management conglomerate of five companies
INFRASTRUCTURE MANAGER - JUN 2016 – NOV 2017
oExpertise in Active Directory, GPOs, DNS, DHCP, File & Print Server, IIS (Web Server), FTP, Terminal Server, NAT, Microsoft Clustering and Exchange Mail Services.
oExperience with VMWare administration and similar virtualization technologies. Created, managed and maintenance Virtual Server.
oDesign, deployment, and maintenance of new and existing network infrastructure.
oPlanning, coordination, and installation\upgrades of Windows 2008 – 2016 Windows Servers and associated services and hosted applications.
oOversight and operational maintenance of the existing server room & a build-out of new server room with redundant power and HVAC systems, cabling \ patch panels, UPS installation and configuration, RACK and Stacking of new and existing servers\network equipment.
oResponsible for implementing and maintaining of on premises and hosted Exchange Environment, working with the customize settings to meet the needs of the multiple companies and deployment and operations of highly available SPAM servers.
oDesigned, build out and operational support of company Firewalls/Link Balancers - LAN/WAN/Wi-Fi, including provider provisioning and equipment procurement for a company infrastructure.
oWork alongside key vendors (Microsoft, Dell, Nutanix, Cisco, Barracuda) to drive the support, development, and deployment of their technologies within the environment.
oConducting routine administration, maintenance/troubleshooting, performance monitoring, & on-call after-hours remote support of mission critical network infrastructure, enterprise systems and applications (Cisco\Dell\HP Switches, Routers, Cisco\Barracuda\Fortinet Firewalls, Endpoint security, Dell servers, virtualized systems and Nutanix, Barracuda Link balancers, VPN, Backup Exec, VDP, Veeam, Acronis Backup Systems)
oPlanned an offsite DR network and virtual servers as Hybrid cloud.
oSuccessfully led a two-member IT team to five members, with direct reports and consultant, as the two-company, 60-user enterprise expanded to a 250-user, five-entity organization.
oEvaluated, selected, and oversaw the successful deployment of Vivantio helpdesk ticketing system, immediately improving reporting and ticketing operation performance by 50%, and consistently reaching SLA goals of 48-hour resolution time.
oDrove continuous process improvement strategies through 200% acquisition growth by assessing and managing operational expectations of new department heads, advancing team building initiatives to improve morale through change management.
oHeld full responsibility for the creation of IT project budgets <$100k, and budget management on large spend ventures.
oIndependently established budget parameters and managed project delivery for the following:
$65k Mitel phone system migration
$40k network upgrade to replace entire infrastructure for two companies, creating high redundancy/availability on the firewall and servers.
oAdvised executives on project budgets and managed implementation for the following:
$350k purchase of Nutanix/Acropolis hypervisor system.
$150k infrastructure expansion for an acquired entity
Reason for leaving post-acquisition VP engaged new leadership. Reference available upon request.
MUNCHKIN INC.
A privately held, global design, development, manufacturer, and distributor of high-brand children’s products.
SYSTEMS ENGINEER - JAN 2016 - JUN 2016 (Contract)
oHandpicked by IT Director (former Cedars Sinai colleague) for six-month engagement to provide technical leadership for a team of five, comprised of three developers and two help desk professionals, in strategic planning for enterprise infrastructure and platform technologies.
oTeam leader assisting development with functional specifications and backend infrastructure for business-critical product design applications used for inventory, warehouse, and resellers.
oEstablished and implemented processes for automating SOPs, including creating standard images and image deployment processes.
oDesigned, provisioned, and administered all infrastructure resources, and configured enterprise standard application and conferencing systems.
NIGHT SOURCE INC.
An IT consultancy servicing private, multiple-site medical entities.
FOUNDER/SYSTEM ENGINEER – JAN 2013 – DEC 2015
oResponsible for all strategic and tactical operations of the organization, including managing a developer employee.
oIndependently developed a complete iPhone application, creating functional and technical specs to designing and implementing back-end infrastructure on MYSQL (open-source Technologies), and front-end UI design.
oDesigned clear performance standard agreements to ensure cost effectiveness and continuous quality improvement remained the basis for all projects.
oEmployed practical knowledge of DNS, WINS and AD LDS; migrated and consolidated complex domains and forests.
CETERA FINANCIAL GROUP
A shared service organization serving affiliates comprising the second-largest family of independent broker-dealers in the U.S.
SYSTEMS ENGINEER LEAD - AUG 2012 – DEC 2012 (Contract)
oServed as consulting technical lead directing a team of six to perform assessment, vendor selection and project management of a $200k Net App deployment as a replacement for all organization data storage devices.
oStrengthened the capabilities of Trend Micro to include virus outbreak prevention, executive reports and automated technical reports for Help Desk staff and support personnel.
oIndependently reduced risk by modifying user privileges in accordance with Microsoft best practices.
CERTIFICATIONS
Microsoft Azure Certification - in progress
AWS Certified Solutions Architect - in progress
Microsoft Certified Systems Engineer (MCSE)
Microsoft Certified Technology Specialist (MCITP)
Altiris Certified Engineer, ACE
CIO Award (Cedar-Sinai Medical Center)
PERSONAL
C.E.R.T. (Community Emergency Response Team)
Helicopter Pilot in training
HAM Radio General Class Certification
Active fundraising campaign leader
TECHNOLOGY
Operating Systems, Client / Server Platforms:
Active Directory, AD LDS/ADAM, DFS, PowerShell, Windows Server 2003, 2008, 2012, 2016, Microsoft Office 365 SaaS, Azure, Exchange Server 2016 & 2019, IIS, SQL Server 2008, 2012, Terminal Server, Citrix, Nutanix, Acropolis, Prism, hyperconverged infrastructure, VMware V Center vSphere ESXi, Hyper-V, Windows 10, Mac OS, Windows Mobile, SharePoint on O365, AWS, Azure, Pure Storage, NetApp. G Suite, Rack Space, Clustering, Domain Name Management, Office 365
Networking, Protocols / Services:
LAN/WAN, FTP, SFTP, HTTP, HTTPS, WINS, DHCP, DNS, NIS, NFS, FDS, NTFRS, IIS, SNMP, LDAP, SNTP, POP3, Active Directory, DSL, ADSL, ISDN, T1, T3, DS3, VoIP, CAT5, CAT6, Optic fiber, Fiber Channel, Cisco switches, routers, bridges, wireless, VPN, Firewalls, Terminal Emulator, TCP/IP, IPv4, IPv6, NAT, IPsec, MPLS, Load balancing, Load Balancers
Security, Backup & Monitoring Tools:
Veeam BR, Rubrik, Networker, Acronis, Barracuda, Sonic Wall, Trend Micro, Symantec Endpoint Protection, SolarWinds, SCCM, Putty, Nagios. OpenView, Trellix antivirus, Bitdefender, PGP encryption, Orion Monitoring Tools.
Security Systems / Recorders:
Security cameras, Infrared sensors, Tapes, DVR, DVD recorders, DCR, Local and Remote Alarms, Web Monitoring Cam’s, Kantech
Telecommunications:
Cisco VoIP, Mitel, Cisco Call Management, Verizon Communication Express, 8X8, Nortel PBX, Wi-Fi, Wi-Max, Blackberry, iPhone, iPad, Cisco WIFI, Ruckus, Apple