Systems Engineer Solutions Architect
Resume:
RACHEL HARRIS
*** ******* *****, ******, ** ***** 731-***-**** ***********.******@*****.*** http://www.linkedin.com/in/rachel-harris-30468113
SUMMARY:
Analytical Systems Engineer with over 13 years of experience designing and adapting system components with technical integrity and consistency. Expertise in communicating across organizational levels with cross-functional teams evaluating the requirements to drive a shared vision. Multi-talented critical thinker with the ingenuity to deliver solutions that utilize all services available, applying a positive, innovative, and truly dedicated work ethic.
CERTIFICATIONS:
Microsoft Certified: Azure Solutions Architect Expert AZ-305 (2023)
Zscaler Zero Trust Certified Associate (ZTCA), Cyber Threat Protection, Data Protection, Deception (2024)
Sentinel One IR Engineer - Siren (2024)
Stellar Cyber Certified Associate (2024)
CompTIA Cloud+ (2024)
ITIL Foundation v3 (2017)
Cisco Systems: CCNA (2017)
EDUCATION:
●IT Certification Training - Lab Four Professional Development Center - Memphis, TN (2017)
Associates of Applied Science: Information Technology; Computer Networking Systems - ITT Technical Institute - Cordova, TN (2011)
SKILLS:
Networking & Security
●CyberArk/ Nessus/ Sophos/
/ Stellar Cyber/ Sentinel One/ Symantec/ Windows Defender
●SSL/ TLS/ SSO/ LSA/ LDAP/SCIM
●RSA SecureID/ JSON/ API/ SAML/ PRT/ Ping ID/ OAuth
●IIS/ HTTP/ HTTPS/ FTP/ FTPS/ SMTP/ NNTP/ SMB/ AWS
●CSI/ DISA STIG/ PCI DSS/ SOX/ PII/ BCP/ DR/ HIPPA/ HITRUST/CSF/ HL7/FHIR/EU GDPR/NIST/MARS-E
●TCP/IP/DHCP/ BIN/ SNMP/ FTP/ SFTP/ DNS/ OSI/ PPP/ VoIP/ UDP/ TCP
●LAN/ WAN/ VPN/ VLAN/ ASA/ SSL/ PPTP/ L2TP/ IPsec/ OpenVPN/TLS/ IKEv2
●Cisco: iOS CLI, AnyConnect, Meraki, Sentury
●Juniper/ Fortinet/ SonicWALL/ NetScreen/ Nortel/ RapidStream/ WatchGuard/ ProofPoint/ Tessian/
●F5/ CheckPoint/ Palo Alto/ Zscaler
●CDMA/ EVDO/ 5G/ HSD
Software & Services
●Windows Server, Exchange Server: EOP/ATP
●Linux OS/ Server
●Unix OS/ Server
●MAC OS X/ Server/ iOS
●Azure: AD, Defender, Sentinel, Identity, Endpoint, Data Lake, Cloud App Security, Teams Security, security, Compliance Center PowerShell CLI
●MDT/ ADK/ HLK/ SDT/ SCCM/ Intune/ Meraki System Manager/ Apple Configurator 2/ SOTI MobiControl/ AirWatch/ JAMF Pro, Casper Suite
●SailPoint Identity IQ/ Okta/ Azure Endpoint
●SQL Server
●Remedy/ ServiceNow/ Sys Aid/ SolarWinds/ FreshService
●Citrix GoToAssist/ Cisco WebEx/ CA
●VMware: Workstation/ vSphere, Hypervisor ESX, Receiver, VDI Studio, Director/ XenApp, Desk, Server, & Mobile
●Active Directory: FS, DS/ GPO/ WSUS
●BitLocker/ WBAM
Business
●Microsoft: 365, Teams, OneDrive, Visio, Project, SharePoint, Dynamics 365, Power Platform, Apps, Automate, BI
●Cisco GotoMeeting, Jabber, WebEX, Teams/ Slack
●Visual Studio/ GitHub
●Agile/ Scrum /Kanban Methodologies
EXPERIENCE:
CyberSecurity Engineer 10/2024 – 4/2025
Cyber Guards Cordova, TN
Assisted in the implementation of Security Operations technology in client environments.
Collaborated with clients to ingest data from various sources.
Supported clients, the internal SOC team, and the engineering team lead in troubleshooting technology issues.
Meticulously recording detailed information about every step involved from the onboarding, strategic deployment, to the day to day management of security operations for partners, clients, and internal staff, including network configurations, incident response procedures, vulnerability scanning methods, access control protocols, and other critical security practices, ensuring there is clear and accessible knowledge for the SecOps team to follow and maintain a consistent security posture.
Drafted a comprehensive security service catalog in FreshService ticketing that was tailored towards all of the specific security services the company offered clients which included a SOC friendly interface and incident management console in conformance with the security standards for MSSPs from detection to remediation, including incident categorization, escalation procedures, integration with SIEM and other security tools, reporting capabilities, automated workflows, prioritization of critical issues, while also maintaining clear communication with clients that illustrate the severity and our timely mitigation.
Azure Cloud Engineer 11/2022 – 5/2023
City of Memphis Memphis, TN
Developing, maintaining, and supporting the technical infrastructure (hardware, database, and system software components) for the City including patch management, Azure role-based access, AD group policies, account and access management in Okta, Microsoft 365, Exchange server, databases (Oracle, SQL), Linux, VMware, SIEMs, data loss prevention, encryption, retention policies, scheduled system backups, rollbacks, and disaster recovery.
Providing insight into the possibilities for implementing recently approved cloud strategy services and/ or all of the security fabrics required for upcoming relocation of Government applications, data, and workloads to ensure maximum efficacy.
Troubleshooting HTTP/ API response codes, SSO/SAML/SCIM, LDAP, DNS, and email routing/ tracing and coordinating Windows and Linux application and server patching.
Incident, Change, and Problem Management in ServiceNow.
Performing Microsoft 365 and Exchange Server administration, licensing, and migrations via PowerShell.
Developed debugging scripts for addressing frequent issues with user onboarding, Microsoft 365 resource provisioning, and endpoint installations.
Coordinating and executing general maintenance activities such as workflows, aggregation, user provisioning, and reconciliation rules in Oracle and authentication rules in Okta.
Performing account and access management in Okta.
Cybersecurity Engineer 1/2022 – 11/2022
PeaceHealth Remote
Objectively measured the email security posture, and compared various features, upgrades, and integrations for Microsoft 365, ATP, EOP, and Defender; Proofpoint TAP and TRAP; and Tessian security platforms to evaluate how effectively each one had been implemented, providing recommendations for improvements, offer guidance on the level of effort required, and estimating the user impact to implement the changes.
Meeting with the technical account managers for guidance on implementation, expansion, best practices and security standards, identifying and prioritizing improvements to current security policies and configurations that had been significantly impacting the company’s security posture. Providing an overview of all their current security platforms, itemizing the functions of each one while also indicating if another product already addresses it, highlighting underutilized capabilities, allocations, and best practice recommendations, ensuring that each vendor delivers the services they are contracted to provide.
Formally documented a standard process for determining a threat’s relevance, current impact to endpoints, and recommended actions to contain it.
Integrating and normalizing data from all security log streams into one SIEM to provide a comprehensive view of events and alerts throughout the company’s digital estate to better correlate events between services while maintaining context to complete investigations faster and with greater insight.
Office 365 & Azure Cloud Engineer 4/2019- 4/2021
Hilton Worldwide Headquarters Memphis, TN
Provided escalated, emergency, and afterhours support for cloud migrations to ensure that the messaging platform is stable, reliable, fully operational, and performant to meet business requirements.
Implemented and managed email hygiene and message transport policies, performed bulk user/mailbox object modifications, enforced mailbox access protocols, and policies via PowerShell.
Created and maintained documentation for the mail flow and network design, IP addressing and porting of all traffic, data, and service communication information for the Microsoft 365 environment.
Creation and management of security groups, mail-enabled security groups, and distribution lists, as well as moderating and restricting the size of distribution lists.
Supported integrated archiving and backup solutions to meet high availability SLAs, as well as security and legal requirements for the organization.
Applied and deployed Infrastructure as code, including design and security, configuration management, integration, deployment, performance monitoring and tuning, and post migration cleanup automation.
Implemented the automation of workloads utilizing scripting and automation, such as ARM, PowerShell, and Log Analytics.
Designed and implemented advanced functions of Microsoft 365 including security, governance and compliance (e.g., DLP, IRM, MDM, E-Discovery, In-Place Hold, Retention Tags, and Encryption).
Executed the system design, documentation, deployment, and operational guides for migrating Skype for Business to Microsoft Teams.
Developed Microsoft 365 and OneDrive technical architecture guides and diagrams, fully functional specifications, security configuration, run books and other operational documentation.
Responsible for opening, tracking, and reporting on Microsoft Premier tickets as needed, while identifying and raising awareness of any credit eligible service outages per the Microsoft SLAs.
Performed administrative maintenance on the O365 tenant services to ensure optimal service response times and proper license and rights allocations.
Microsoft 365 account administration, including the removal of user accounts, management of service requests, file sharing and permissions, group policies, etc.
Performed regular PowerShell scripting and development of Microsoft 365 modules for automating messaging processes, server maintenance, and reporting.
Researched and implemented a 3rd party solution for federating telepresence and interoperability between Cisco Teams and Microsoft Teams and later spearheaded the execution in formal test, QA and UAT surroundings then later implementing in the production environment.
Hosted meetings across multiple time zones to address email delivery issues serving as the liaison between the business and IT departments.
Evaluated, developed, and implemented mobile solutions to incorporate on company approved devices, as well as, executed unit, system, and integration test plans for new releases.
Microsoft 365 & Azure Cloud Engineer 12/2017-10/2018
FedEx – World Technology Center Collierville, TN
Tailored anomaly detection policies in Microsoft 365 Cloud App Security to reduce the number of alerts and eliminate false positives, allowing teams to focus on the truly exploitable issues.
Reviewed and released (or deleted) messages in quarantine that were filtered as spam, contained malware, or that matched mail flow rules.
●Adapted Microsoft 365 Security Administrator, Manager, and Reader role-based groups, ensuring that least privilege access was granted.
●Collected metrics and delivered statistics and reports that provided an aggregated count of malicious content (email, files or URLs) blocked by Exchange Online Protection (EOP) and Microsoft 365 ATP anti-malware engines, allowing key stakeholders to see the operational effectiveness and impact on day to mail flow.
●Analyzed activities in aggregate to rule out known good behavior, identified/tracked malicious activity using evidence from Microsoft 365 Security and Compliance Center, Cloud App Security, ATP, PowerShell, and other API interfaces, and then executed the appropriate action to remediate security breaches based on the findings.
●Continuously monitored and managed the stability, integrity, and efficient operation of Office 365 and Azure services. (Office 365 Security and Compliance Center, Cloud App Security, Advanced Threat Protection and Threat Intelligence, Cloud Discovery, Windows Defender Security Center, and Azure Portal).
●Reviewed and restructured EOP and Microsoft 365 ATP and Cloud App Security policies to ensure that they were configured correctly, included the latest enhancements, and reflected the company's security goals.
●Articulated the architectural differences between solution methods during the conceptual/ planning level of the migration in partnership with application, security, and networking workstreams.
●Provided a structured approach to threat scenarios, ensuring migration objectives are met while also proactively looking for opportunities to adjust current practices and optimize assets (people, technology, and processes), sanctioning more effective and centralized methods of detecting vulnerabilities.
●Provided proactive technical oversight that remained focused on the needs of the business to allow for collaboration and security without limitation, a balance between information usability and security.
●Spearheaded the adoption of user and entity behavior analytics (UEBA) and various other processes and procedures with emphasis on network security, reliability, on-site availability, and functionality of Microsoft 365 and Azure services, specifying techniques to leverage the full breadth of Azure PaaS and IaaS.
●Conducted code audits, fuzzing, and static analysis to discover vulnerabilities, improve accountability, and determine where additional solutions are needed to reduce the attack surface of critical services, and mitigate the impact of exploits.
System Administrator 11/2017- 12/2017
Campbell Clinic Orthopedics Germantown, TN
Worked closely with Apple Developers and medical staff by conducting research to identify pain points within the Doctors’ apps, gathering feedback on proposed UI changes, and ascertain areas where the mobile app could add value to the Doctors’ day-to-day responsibilities.
Developed core dashboard features for the mobile-first implementation of Meraki Sentry and System Manager.
●Served as Apple Server and iOS SME, configuring and kitting devices to client requirements.
●Developed Mac/iOS build components (including scripts and configuration profiles) to support over the air mobile device enrollment and endpoint configurations using Apple Configurator 2, Profile Manager, and Cisco Meraki System Manger.
●Evaluated alternative mobile solution architecture components and provided recommendations to key stakeholders.
●Updated Campbell Clinic’s WIKI site with recently revised configuration steps and processes.
Upgraded the Mac Mini server for APN certificate installation, network authentication, supervision, MDM enrollment, and scaled the network toward larger deployments.
Developed custom configuration profiles and blueprints to work with new, as well as, older iOS devices that could no longer receive Apple software updates.
Managed support requests for the Physicians and Staff in SolarWinds Help Desk, ensuring that the confirmed resolutions were well documented and accurately updated with resolution categories for better issue tracking, prevention, and reporting.
●Managed the Avaya PBX telephony system and implemented a method for routing existing extensions to ShoreTel VoIP extensions without exhausting the limited number of available licenses.
●Monitored critical infrastructure including network switches, security appliances, and wireless access points.
Mobility Systems Administrator 8/2017 - 10/2017
Workspace Mobility Bartlett, TN
●Supported the company's migration to the cloud and designed custom rules triggering workflows in Azure AD to automate a user’s email account creation on their hire date, assign them to the appropriate role-based group(s), send their login credentials, and even schedule a one-on-one meeting with their Manager on their first day.
●Published KBAs and end user how to documentation supporting Office 365 self-service Azure AD registration, AD join, and self-service password reset.
●Corrected issues with a prior installation of Azure AD to allow for synchronization with the DNS server and more reliable connectivity to Azure AD and Office 365 endpoints, optimizing system performance, installing upgrades/patches, establishing system monitoring and maintaining security protocols.
●Managed user accounts, subscriptions, and licenses in Office 365 Admin Center and Azure AD using Azure CLI and PowerShell.
●Performed firmware/ hardware/ application upgrades, managed spare pools, device loans and transfers, as well as, expedited manufacturer repairs as required.
●Managed all support requests, ensuring that client issues were well documented with a confirmed resolution, associated with a CI record, and accurately categorized in Sys Aid in conformance with ITIL standards and best practices.
●Managed the Cisco Avvid VoIP network including Unity voicemail, unified messaging, and integrated a support line to automate ticket creations in Sys Aid.
●Recommended system security measures and modifications to improve the speed of operations in the new Azure cloud environment such as opening the required Office 365, Azure, and Intune client ports and services on the Fortinet firewall/ router to allow for uninterrupted communication between managed devices and websites required for cloud-based services.
●Conducted preliminary analyses to ensure all workstations and mobile devices interconnect seamlessly to Azure AD and Office 365 authentication endpoints.
●Configured, deployed, maintained, and supported all workstations, handheld scanners, printers, cloud servers, mobile devices, and VoIP phones.
●Maintained the system architecture, development, operation, and maintenance services for SOTI MobiControl MDM system; provided client support and hardware/ software repairs for 36,000+ clients’ scanners and tablets running Android, Windows, and Apple iOS platforms.
●Coordinated mobile solution components (AirWatch MDM, VMware, SQL, etc.) to install, configure and integrate into the mobile solution architecture.
●Designed a more efficient system for bulk imaging, deployment, and management of mobile devices requesting pre-activated, location specific SIM cards, allowing the IT support and warehouse staff to easily distinguish each device by their hostname and correlated QR code and labels linked into the Company’s inventory management system.
IT Technical Specialist II 3/2016 - 4/2017
ServiceMaster Memphis, TN
●Trained new support personnel in processing inbound tickets/ requests while maintaining a high-level of customer satisfaction and meeting the SLA during peak call volumes.
●Serving as interim team lead, I managed the Deskside Support team and queue, SLA percentages, customer satisfaction surveys, ticket misroutes, and known issues for the team. During this time, I also designed custom reports that provided definitive data supporting my theory that ticket assignment based on a Techs’ skillset and/or location resolved incidents 81% faster than with random, equal ticket disbursement. These reports are still used today.
●Diagnosed and resolved unique, non-recurring problems associated with application software and operating systems to determine the source of the problem and classify their SLA level, priority, and nature for integration into categories allowing for better incident tracking, speedier resolution, and knowledge base article creation.
●Evolved into subject-matter expert for all Windows 10 (Microsoft Surfaces) and Mac OS devices, setting standards for group policy, file permissions, network addressing schemes, and company and CIS standards.
●Solely responsible for network printer and server installation, custom configurations, migrations, and management for the entire (47K) enterprise.
●Solely responsible for the pre-deployment software/ hardware testing, imaging, deployment, assignment, and inventory for all Apple devices in the enterprise.
●Solely responsible for designing and managing the IT Infrastructure computer lab.
●Automated a system for requesting lab equipment in BMC RemedyOnDemand that included the hardware/ software requirements, approval chain for elevated access, scheduling, user assignment, collision detection, and inventory tracking.
●Ran vulnerability scans on all new Windows and Mac OS builds in Nessus Security Center to ensure adherence to CIS Standards for workstations.
●Researched and developed more efficient methods of completing tasks, correcting user errors, and system inconsistencies that improved the overall functionality of the Deskside Support team.
●Maintained software and hardware (CIs) inventory in the CMDB to include location, owner, assigned licenses, and warranty status, ensuring policy standards and procedures for PC refreshes and upgrades were met.
●Worked directly with Dell, Microsoft, Konica Minolta, and other hardware/ software vendors to verify timely product delivery, confirm all equipment has been installed, repaired, and ready to operate on schedule.
●Provided network access support while gathering logs related to newly implemented ISE Compliance and Posture Assessment modules for the Cisco AnyConnect Secure Mobility Client software.
●Hosted Cisco WebEX meetings, webinars, and support sessions to provide software training and support for end users, as well as, daily team meetings and discussions regarding new releases, standard procedures, and escalated issues.
IT Administrator I 3/2013 - 3/2016
ServiceMaster Memphis, TN
●Performed workflow aggregation, and provisioning testing as well as, reconciliation rule customizations alongside the SailPoint Identity IQ development team to ensure that automated system functions properly aligned with business specifications.
●User and service account provisioning across multiple platforms including AD, LDAP directories, mainframes, databases, re-certifying account access, privileged access management, file permissions, security groups, cross domain migrations, access terminations, and change requests for the following applications: Sailpoint Identity IQ, ADFS, MS Exchange, AS/400 iSeries, BMC Remedy On Demand, Vista Plus, Retarus systems, as well as, TPAM, and UNIX/ Solaris/ Linux/ Sun servers.
●Identifying provisioning, aggregation and other failures via audit logs, tasks, events, and history snapshots in SailPoint Identity IQ while working directly with the application developers to quickly identify and correct them in their early stages and prevent system downtime.
●Assisted internal and external auditors during quarterly evaluations, taking the necessary steps to remediate security policy violations.
●Volunteered to be responsible for processing all emergency, weekend, holiday, and any other system access related tasks needed after business hours.
●Resolved approximately 6,000 tickets/ issues per month in an efficient and timely manner to ensure the fulfillment of the 99.9% (SLA) Service Level Agreement.
●Analyzed and Diagnosed cross-functional/ departmental system defects that were not replicable in a non-production system environment, spotting trends to determine and implement appropriate provisioning solutions.
●Documented IAM standard operating procedures, which facilitated the Access and Identity Management department becoming ISO9001 compliant.
Technical Specialist 7/2012 - 1/2013
Gestalt Community Schools Memphis, TN
Created and deployed Mac OSX application packages and updates, and provided support for user's self-service software requests in JAMF Casper Suite.
Provided technical curriculum assistance regarding hardware usage, software applications, innovations in technology, and the general instructional use of technology in the classroom.
Assisted with the integration of new technology and applications across the K-12 curriculum.
Developed, updated, and maintained inventory and licensing for hardware and software.
Served as the technology liaison for hardware and software vendors, negotiating contracts on behalf of department chairs, division coordinators, academic, and administrative teams.
●Assisted in maintaining the electronic student records system, training the faculty on the report card program, and administration proofing the report card system.
●Served as network administrator and infrastructure support (fiber optics, T- line, and other classroom connections) including hardware (workstations, network server, cabling, switches, routers, firewalls, analog phones and extensions, printers, and all classroom and computer lab workstations and the required connections), wired and wireless network connections, and website and software (virus/ web content/ firewall intrusion monitoring, detection, prevention, and removal) coordinator.
●Evaluated, configured, and tested wireless access point reception to align with
indoor signal coverage requirements and conformance to specifications.
●Provided on-site technical support and performed Certified Apple (GSX) diagnostics and repairs for the students, faculty, and leadership staff.
●Performed maintenance and repairs on printers, projectors, robotics equipment, wireless access points, routers, switches, firewalls, and MacBook charging carts.
Contact this candidate