System Security It
Resume:
Phillip Kevitigala
Phone: 301-***-****
Email: **********@*****.***
PROFFESSIONAL PROFILE
Responsible and energetic individual with over 21 years of related experience and good interpersonal, communication, and resourceful skills with the ability to grasp new IT concepts, products, and technology in a timely manner as well having a strong understanding of Networks, Cloud, and IT system security authorization procedures.
PROFICIENCIES
Microsoft Azure Cloud Data, Active Directory, Networking, Security, Storage and Virtualization
Enterprise Architecture and Design
Cyber Security Engineering
VMWare Esxi Virtualization Technologies
Citrix XenDesktop\XenApp VDI Virtualization
Amazon AWS (Amazon Web Services) Cloud Infrastructure and AWS-based solutions
EDUCATION
University of Maryland University College
B.S in Information systems management 2004
SECURITY CLEARANCE
Current Top Secret/SCI with CI Poly
TECHNICAL EXPERIENCE
Cloud Systems Engineer August 2024 - Current
Red Arch Solutions
Lorton, VA
Designed and deployed comprehensive data catalog and cloud security solutions leveraging Microsoft Purview Data Governance and Information Protection suite hosted on Azure IL-5, ensuring secure cloud infrastructure and data protection platform.
Experienced in creating & managing to compute, networking and storage concepts on Microsoft Azure.
Created and Managed Azure Vnet (Virtual Network), define subnets for inbound and outbound security rules depending on the infrastructure requirements and creating network security groups (NSG).
Hands-on experience in Azure Virtual Desktop, Azure Virtual Network, Azure storage, Azure active directories, Azure Subscriptions, azure polices, Azure DNS, Azure Load Balancer and Auto Scaling.
Proficient with Azure Automation Desired State Configuration to deploy, monitor, and automatically update IT systems using Azure ARM templates and PowerShell cmdlets for Azure Automation.
Collaborating with clients to continuously improve cloud security posture through the integration of proactive security controls and optimization of existing cloud security solutions
Proficient in DISA eMASS (the Assessment and Authorization tracking tool and system of record) and DISA ACAS (Tenable Nessus and Security Center products for vulnerability scanning).
Strong experience with IC/DoD Assessment and Authorization (A&A) process (e.g., RMF, NIST800-53, ICD503)
Develop and maintain IT security documents, including system security plans, risk assessments, Plan of Action and Milestones (POA&M), contingency plans, incident response plans, IT security policies and procedures.
Developed and implemented security measures for cloud-based solutions that meet Government requirements.
Cloud Security Engineer November 2023 – August 2024
Parsons Inc,
Chantilly, VA
Managed all six RMF workflow steps to perform assessment and authorization to fulfill cybersecurity compliance reporting and continuous monitoring using XACTA 360, SNOW RMF tools in regard to RMF/ATO activities for onboarding programs with multiple AWS services.
Proficient is using RMF tools in reviewing network architecture diagrams, controls and artifacts.
Assisted DAO representatives, Security Assessors with System Review TEMs onboarding AWS Services with the RMF process.
Coordinated ongoing efforts with the local IA PM and DISA ISSM on RMF ATO, IATT, system decommissioning, reciprocity, PPSM, topology artifacts, maintaining baseline integrity, managing change requests, and conducting control selection, categorization, inheritance, and periodic reviews for ACAS (Tenable), ARAD (Tanium).
Provided subject matter expertise on security related matters for enterprise information system and network architectures, access problems, and implementation of security policies and procedures.
Provided advisory services to maintain and evolve the future-state service provider-authorized, multi-cloud architecture based on ever-changing IC mission needs and ensuring optimization of cost, consumption, and performance of services are achieved across all Cloud Service Providers (CSPs).
Developed a security baseline for multi-cloud architecture methodology and framework for implementation within the C2E multi-cloud ecosystem.
Advised senior business and technical personnel to aid in the delivery of robust, scalable cloud architectures that meet or exceed mission requirements.
Architected multiple CASB (Cloud Access Security Brokers) solutions as part of essential elements of cloud strategies to help security and risk management leaders to discover cloud services and assess cloud risk.
Implemented a centralized CWPP (Cloud workload protection platform) solution for extending the visibility into cloud resources and secure cloud workloads.
Implemented a CSPM (Cloud Security Posture Management) solution to implement continuous, automated security and compliance processes, primarily to secure the infrastructure where workloads are deployed.
Serving as a cloud agnostic advocate and helping to educate the Government customer on cloud services appropriate to meet mission and security requirements.
Designed multiple cloud solutions in alignment with applicable security policies, standards, and practices.
Provided creative and innovative architectural solutions to ill-defined requirements.
Reviewed and accessed impact of proposed scope changes to future architectures.
Provided cloud agnostic technical guidance in the formulation of customer multi-cloud work statements.
Systems Architect May 2022 – November 2023
Blackspoke LLC,
Chantilly, VA
Served as subject matter expert in technical areas, specializing in Enterprise Architecture and associated platforms and tools.
Performed complex systems architecture and engineering studies for various enterprise solutions.
Performed various migration related efforts with RedHat OpenShift virtualization as a way to provide virtualization using the same control plane/management as with containers to migrate workloads that are very hard migrating off virtual machines.
Developed and designed concepts consistent with customers Enterprise Architecture guidance and industry best practices to address new requirements and changes in the technical environment.
Provided technical expertise in creating, updating, maintaining, and visualizing architecture data.
Performed various migration activities related to on-prem and virtualized systems to cloud-base environments utilizing in-depth domain knowledge and strong analytical skills.
Collaborated with internal customers to evaluate mission drivers, identify challenges, and define mitigation strategies for enterprise solutions.
Identified any potential challenges, such as any future changes in the system being migrated, and if legacy systems will need extra care.
Implemented a Robotic Process Automation environment for the enterprise to run automation at the desktop level by the process owner an on-demand capability.
Architected and designed a cloud-based environment to add process capacity and scalability to support end to end process automation.
Worked on multi-vendor RPA (Robotic Process Automation) solutions for the customer to include Data, Networking, Security, and Virtualization.
Performed Risk Management Framework-related activities for and worked on various Authority to Operate for Robotic Process Automations.
Configured Amazon WorkSpaces and provision end users multiple dedicated instances.
Maintained and restored VMs from backups and snapshots of the VMs using AWS AMI images.
Administered an Amazon AWS EC2 environment for Windows 2016 virtual machines to support MBSE teams.
Configured VPC’s with private subnets and NAT gateways within the customer’s AWS EC2.
Sr. Systems Engineer November 2019 – May 2022
Perspecta Engineering Inc,
Chantilly, VA
Configured and supported multiple Digital Engineering tools for the customer’s MBSE engineering teams.
Installed configured and administered IBM Rationale suite of products for customer’s Model based Systems Engineering teams.
Configured a Teamwork Cloud virtualized environment for use by the customer’s Systems Engineering Modelers.
Administered an Amazon AWS EC2 environment for Windows 2016 virtual machines to support MBSE teams.
Configured VPC’s with private subnets and NAT gateways within the customer’s AWS EC2.
Configured Amazon WorkSpaces and provision end users multiple dedicated instances.
Created baseline image for Amazon AWS WorkSpaces to include end user applications and windows updates.
Maintained and restored virtual machine’s from AWS AMI Images and snapshots of the virtual machines.
Performed integration activity for the customer’s Model Based Systems Engineering Tools into the AWS C2S cloud environment.
Configured and hardened Red Hat Linux RHEL 7 Amazon AWS EC2 images on customer’s AWS C2S cloud environment.
Sr. Virtual Desktop Infrastructure Engineer Sep 2019 – November 2019
WC Brown INC,
Springfield, VA
Configured multiple Citrix StoreFront servers to provide access to internal and external users.
Configured Citrix infrastructure on multiple sites each with its own Virtual Apps & Desktops sites.
Upgraded firmware with Citrix NetScalers to fix known vulnerabilities and bugs.
Worked on Citrix StoreFront optimizations to improve logon times and performance.
Validated certificates on all Citrix infrastructure servers
Maintained and restored VM’s from backups and snapshots of the VM’s.
Managed dual Citrix NetScaler appliances for web portal and SSL VPN access for remote clients
Utilized Citrix Provision Server to create master images to be deployed to XenApp servers Farm
Maintaining and Troubleshooting Pooled and Assigned VDI Desktop groups for the VDI environment.
Administered Citrix farms running XenApp 7.x and migrated XenApp applications.
Configured Citrix ADC’s as part of a remote access expansion project for users to remotely connect.
Managed VMware VCenter servers and managed multiple ESXi hosts and virtual machines on them.
Virtualization Engineer Nov 2018 – Sep 2019
SHR Consulting group,
Alexandria, VA
Implemented and configure a VMware Multi-Tenant Virtual Environment running on Red Hat Linux with VMWare vCloud Director Software.
Migrated Windows 2008 physical servers to a virtualized Windows Server 2016 environment.
Migrated legacy applications from Windows 2008 physical infrastructure to a virtualized Windows server 2016 environment.
Created new vApps and import VMs as well as Catalogs of templates and media.
Created new IP pools, network identifier’s and initial resource constraints for the organization’s virtual machines.
Experienced with VMware appliances, vSheild, vCenter, vCloud and Edge Gateways and utilize a customized version of Linux to perform their functions.
Managed the vCloud Director environment that provided an IaaS functionality to the multi-tenant virtualization environment.
Utilized VMware VShield manager to provide network security to the virtualized infrastructure.
Worked with VMware VShield manager to deploy ad security devices throughout the virtual environment to facilitate the network isolation and separations.
Upgrade, monitor and maintain remote access Citrix farm running on Presentation Server 6.5
Daily tasks included working with Citrix end users and working with application teams to install, improve or deploy updates to their applications installed in Citrix.
Patched hosted Windows Server and Desktop VM’s for security vulnerability compliance.
Implemented Secure Gateway Internal / External and Web Access hosting Citrix presentation server.
Managed Citrix Server with Load Balancing, Resources Manager Server, Web Interface Server and Secure Gateway
Maintained Citrix Logon scripts, monitored and troubleshot connectivity to the Presentation Server data store
Resolved Problems related to Disk Space Usage, Printing, Virtual IP addresses and CPU workload management for the Citrix environment.
Sr. Systems Engineer Aug 2014 – Nov 2018
Metronome LLC,
Springfield, VA
Managed VMware VCenter servers and managed multiple ESXi hosts and virtual machines on them.
Configured VMware VCenter servers to organize hosts and virtual machine's into clusters using VSphere High Availability and Distributed Resource Scheduler.
Created resource pools with CPU and memory resources for virtual machine's in VMware VCenter.
Maintaining and supporting the customer's VDI sessions running on high performance servers in the customer’s data centers.
Maintained and restored VM’s from backups and snapshots of the VM’s.
Managed dual Citrix NetScaler appliances for web portal and SSL VPN access for remote clients
Utilized Citrix Provision Server to create master images to be deployed to XenApp servers Farm
Successfully integrated application delivery and management in virtual desktop and published-application environments for the customer’s Citrix XenDesktop/XenApp environment.
Maintaining and Troubleshooting Pooled and Assigned VDI Desktop groups for the VDI environment.
Administered Citrix farms running XenApp 6.5 and migrated XenApp applications.
Created and configured a WMWare Appvolumes virtual application layering solution for the Virtual Desktop Infrastructure to provide real-time delivery and management of mission critical applications to the customer.
Configured and administer a Liquidware Profile Unity profile management and a Felxapp virtual application deployment system for the customers VDI environment.
Implemented administer an App-V 5 packaging and virtual application publishing environment for the customers VDI environment.
Sequenced virtual applications using Microsoft App-V 5 Sequencer and use full infrastructure to publish them.
Created and troubleshoot application packages with the Microsoft App-V 5 environment.
Created various COTS, GOTS software installation packages using Flexera (Install Sheild) Admin Studio application re-packaging tool.
Worked on various applications to build MSI packages and used Transforms (MST) according to the package requirement.
Edited Tables, Created Components, and Created MSI’s in Admin Studio for Windows Installer software packages.
Created custom actions within the MSI’s to make the applications work according customer requirements and best practices and standards.
Worked on Various Applications with automated scripts using Microsoft Installer (MSI), PowerShell, Batch and InstallSheild scripts to automate the installations.
Windows Desktop 7, 10 and Server 2008, 2012 systems administration and configuration in support of the customer’s VDI and virtual application environment.
Sr. Systems Engineer Sep 2010 – Aug 2014
SMS Data Products Group,
Washington, DC
Created various COTS, GOTS software installation packages utilizing Flexera (Install Sheild) Admin Studio 11.5
Worked on various applications to build MSI packages and used Transforms (MST) according to the package requirement.
Edited Tables, Created Components, and Created MSI’s in Admin Studio for Windows Installer software packages.
Created custom actions within the MSI’s to make the applications work according customer requirements and best practices and standards.
Worked on Admin Studio (Repackager) to take snapshots of the pre-install, post-install and capture the changes.
Worked on Various Applications with automated scripts using Microsoft Installer (MSI), Installsheild to automate the installations.
Expert knowledge in Windows XP and 7 desktop operating systems and troubleshooting.
Windows server 2003, 2008 administration and configuration for the enterprise.
Created and maintained enclave specific Windows 7 desktop and laptop images utilizing Microsoft Deployment Toolkit 2010.
Proficient in desktop architecture and OSD deployment and implementation strategies to maintain the integrity of desktop and laptop systems.
Created collections, packages and advertisements in Microsoft SCCM for department wide software distribution.
Managed, Maintained the System Center Configuration Manager 2007 (SCCM) infrastructure and System Configuration
Creating, testing and publishing virtual application utilizing Admin Studio Microsoft APP-V and VMWare ThinApp Tools.
Sequence applications using Microsoft APP-V sequencer and use full infrastructure to publish them.
Create application packages in the Microsoft APP-V management Console to publish it.
Interacted with Users/Application owners for Application Packaging/ Distribution support for the implemented packages.
Worked on Requirement gathering, Implementation, Testing, Documentation, Production support, and End-User support for Software packages.
Experienced in using Windows Installer SDK development tools for package (MSI’s) validation, package review/clean up and debugging.
Proficient in utilizing IBM Tivoli Endpoint Management (Bigfix) system for software and image deployments.
Created fixlets and action scripts utilizing relevance language in Bigfix enterprise management system to distribute software applications.
Sr. Systems Engineer Aug 2009 – Sep 2010
K-Force Inc,
Washington, DC
Created custom and third-party software packages using Admin Studio and Wise installation studio.
Created Transforms (MST) by providing MSI and put them in a script (.wse) and build wrapper (.exe) as a final output.
Worked on various applications to build MSI packages and used Transforms (MST) according to the package requirement.
Wrote Custom Actions in MSI packages.
Experience packaging applications for Locked-down Environments.
Package and distribute NTFS file permissions and used Calcs and Xcalcs for assigning file and folder permissions.
Resolved application conflicts with other packaged applications using Software and Conflict Managers.
Created collections, packages and advertisements in Microsoft SMS for department wide software distribution.
Managed and Developed the Microsoft SMS infrastructure and System Configuration.
Maintained and Administered Microsoft SMS site database, primary site and distribution points as the SMS Administrator.
Created Microsoft SMS Collections, Packages, Advertisements and Deployed SMS software packages for end users using both Query-based and Direct collections.
Provided guidelines on License Metering, Asset tracking, Workstation Patching Software packaging, Package distribution, Custom Reporting using SQL Queries.
Proficient in creating queries in SQL for custom reports for management using Microsoft SMS.
Resolved tier III issues involving Microsoft SMS and software packaging and distribution.
Installed monthly workstation and server patches using Microsoft Windows Systems Update Server.
Windows server 2003, 2008 administration and configuration for the enterprise.
Installed and troubleshoot Applications vital for productivity in a timely manner eliminating downtime.
Responsible for troubleshooting Network, Server, and client issues.
Systems Engineer Nov 2008 – Aug 2009
Quotient Inc,
Washington, DC
Used Wise Package Studio and Admin Studio Professional to repackage, build the application packages.
Created Transforms (MST) against vendor provided MSI applications, according to the package requirement.
Re-packaging, testing, Deployment and support of software Packages.
Debugging and troubleshooting during application installation and package deployment.
Worked with user permissions using cacls and Xcacls and adding functionality to the package and make the package work on the client build.
Wrote Custom Actions in MSI packages
Interfaced with 3rd party software vendors and service providers in supporting State Department applications.
Involved in creating classified and unclassified desktop images for different Bureau’s within the State department.
Build Windows 2003 Servers and develop baselines for various types of Servers.
Responsibilities include the design and implementation of Active directory Artitechture
Provided guidence on GPO deployment using third .party tools, System monitoring and recovery tools.
Provided support for data communications, networking and connectivity within Microsoft System Management Support (SMS) server environment.
Created and advertised Microsoft SMS packages.
Create, Modify and Test Installation Policies for Microsoft SMS 2003.
Systems Analyst Mar 2001 – Oct 2008
Chevy Chase Bank
Laurel, MD
Provided Windows NT and XP systems administration, configuration and support for Chevy Chase bank.
Installed and configured Windows NT, 2000 and 2003 server on IBM Blade Center and E-series servers.
Provide d Tier II desktop support for a large user group with a Windows NT and XP desktop environment with seven years of experience.
Experienced in providing end user support for banking and financial applications such as Loansoft and Bloomberg and other third-party vendors and service providers.
Trained and guided other technicians in network connectivity, hardware and software troubleshooting.
Provided excellent customer service from problem resolution to effectively following up with end users.
Troubleshot server and desktop issues using IBM Director and SMS remote management systems.
Created Microsoft SMS Collections, Packages, Advertisements and Deployed SMS software packages for end users using both Query-based and Direct collections.
Installed required Microsoft patches by-monthly on all enterprise servers using Microsoft SMS.
Provided data communications analysis and planning for the bank in implementing new technologies and working on long term projects that last up to one year.
Involved in managing a Windows NT to XP migration project for 2400 end users as a project manager.
Installed and configured Cisco routers and switches in a Chevy Chase bank branch network setup environment for the past three years at the bank.
Interfaced with telecom providers for ordering, provisioning and troubleshooting of T1 and ISDN circuits for bank branches.
Managed a large number of File, Print, Domain controller and Application servers in a Data Center environment.
Contact this candidate