Senior Systems Engineer and Security Analyst
Resume:
Scott E. Elsenbroek
********@***.***
PROFESSIONAL SUMMARY
·Senior Systems Engineer and Security Analyst with 17+ years of experience in VMware vSphere - global virtualization and storage networking infrastructure.
·Experience in design, deployment of virtual networks and upgrading systems, including hardware, software, networks, databases, servers and peripheral equipment.
·Extensive experience with Active Directory, GPO’s, DHCP, DNS, IP, Sub Nets, VPNs, vLAN, Network routing, firewalls, LAN/WAN switching and Backup & Recovery, File & Print Server, IIS (Web Server), FTP, and Terminal Server.
·Managing incident response and root cause analysis.
·Supported security auditing tools and SIEM tools.
·Conducted Internal audits to ensure SOX, SOX 2 and PCI DSS compliance.
·MCSE (Expired)
Technical Skills:
·Core VMware Virtualization Skills ESXi 6.7 VSphere and Virtual Center Server, P2V, V2V, Storage VMotion, HA, DRS, SRM 4.0, Host Profiles, vApp, VMware Consolidated Backup, VMware Management Assistant, VMware
·vSphere Client, VMware View 4, VMware Thinapp, Events and Alerts, Capacity Planning, Platespin PowerConvert.
·Microsoft Azure, GCP and AWS Infrastructure Management and Automation and Security
·DR/P2V Tool Platespin migrator, Quest converter and Double take DR tools
·Desktop Operating Systems Microsoft Windows 7 and Windows 10.
·Server Operating Systems Microsoft Windows Server 2008 R2, 2012 R2 and 2016 R2.
·Clean Server Installation/Migration, MS Office 365.
·Management Tools HP Onboard Administrator, HP Virtual Connect Manager, Avocet DS View, Putty, MKS Integrity Change Management Software, Groundwork’s VI Monitoring Tool, Vkernal Monitoring Software, Microsoft Robocop GUI, Solar Winds IP Address Tracker, Veeam Backup-FastSCP
·Directory Services / Internet Designing, Deploying and Migration of Windows Based Active Directory. Installation and Administration of IIS 6.0.
·Server/Storage Hardware HP blades C7000, IBM blades HS21, HP ProLiant DLs and Blade Servers, Dell Power Edge Servers, HP Enterprise Virtual Array Family, Netapp FAS2000 series, Cisco UCS, EMC SAN storage VNX, and Symmetric DMX-3
·Microsoft software Excel, Word, and PowerPoint, Lotus notes, Active Directory, People Soft
·Nessus, Nexpose, NTOSpider, ParosPro, NetSparker, BlueCoat SA 800, Symantec DLP, MacAfee IPS/IDS, Imperva SecureSphere and FireEye Firewalls.
PROFESSIONAL EXPERIENCE
(Contractor) Procom/Transunion LLC Remote Dec 2024 – Jan2026
Dev- Ops Engineer/Systems Engineer
·Tested and deployed services to Public, GCP, AWS, and On-Prem environments using CI/CD Pipelines.
oJenkins
oGitLab
·Managed all Dell Backup tape drives and Commvault backups for On-Prem Physical and Virtual critical Servers.
·Active Directory Management.
oManaged 1500 users
oCreated OU’s and GPO’s in Group Policy Management console.
oLinked GPO’s to OU ‘s to harden and to comply with company Security Standards.
oNetwork Segmentation. Created dedicated segments (VLAN/subnet) for Domain Controllers (DCs), DNS and DHCP servers, protected by strict firewall rules.
·Used Terraform automation to provision and manage infrastructure VMs, networks, DNS,
·AWX for managing and scaling Ansible automation.
·Monitored Critical PROD servers using Zabbix, and Grafana.
·Manage F5 Load Balancing at node level.
·Handled All Audits for Active Directory, Linux, Windows servers and DB servers for SOX and PCI-DSS Compliance.
·Used Jira/Remedy ticketing system for approved task from Change Management.
·Responsible for all Patch Management using Ivanti EPM and AWX automation patching processes.Created Ansible Playbooks for patching Windows 2022 and 2019 servers.
Transunion LLC Remote Feb 2021 – Dec 2024
Lead Engineer, Info Sys Engineering
I was responsible for ensuring all technical foundations for Virtualization, Operating Systems, Security, and support of cloud environments. Developed the organization’s infrastructure and Obsolescence plans, aligned implementation plans, and ensure integration of all infrastructure. Administered the company’s Enterprise Server and Virtualization infrastructure environments, performing upgrades when necessary, monitoring systems performance and planning for capacity. Ensured company’s Enterprise IT structure met standard security Service Level Agreements.
I also lead a team of IT Engineers and IT Administrators overseeing the Datacenter server & Storage, Hypervisors, server operating systems, system orchestration, DNS, DHCP, Active Directory, and Public Key Infrastructure.
Lead Architect and Engineer designs, analyzed, developed, configured and maintained Virtual Infrastructure, Operating Systems, Networks, Servers, Security/Vulnerability Programs and Software Solutions. Utilized consoles, orchestrators, & PowerShell scripts. While supporting infrastructure change testing, deployment, & maintenance activities both Linux, Windows and Cloud services.
·Cloud Services
oMicrosoft Azure
oAWS
oGCP
·.NET, Java and related application frameworks.
·Active Directory Management.
oManaged 1500 users
oCreated OU’s and GPO’s in Group Policy Management console.
oLinked GPO’s to OU ‘s to harden and to comply with company Security Standards.
oNetwork Segmentation. Created dedicated segments (VLAN/subnet) for Domain Controllers (DCs), DNS and DHCP servers, protected by strict firewall rules.
·VMware Administrator.
oBuilt servers for App admin and Dev teams
oCreated VM templates.
oConfigured VMware host machines for HA and DRS
·Used the following Patch Management tools
o2022, 2023 and Ivanti EPM
oSCCM/WSUS
· Automation operational processes
oAWX Ansible
oPython
oJava
oTerraform
oMASS
·Worked with Monitoring/Alerting tools such as
oGrafana
oZabbix
oSplunk
·Created architecture diagrams and worked with teams on infrastructure designs.
·Developed tooling and processes for patch management in large scale environments.
·Managed all Dell Tape drives.
·Used Commvault Commserve and Commvault Command Center for all backups.
oCreated backup schedule and Disaster Recovery plan.
Tested for Disaster Recovery on a quarterly basis. By performing Full Bare Metal Backups.
Documented processes and interacted with Cross -functional teams. Handled all Active Directory and Data Center
servers PCI-DSS, SOX and SOX 2 compliance
WELLCARE Tampa FL Jul 2019 – Dec 2020
Systems Engineer (Contract)
·VMware Vsphere version 6.7
oBuilt servers for App admin.
oCreated VM templates.
oConfigured VMware host machines for HA and DRS.
oManaged storage space for Datastore Clusters.
oConfigured Virtual switches and created Vlans.
·Active Directory
oDeveloped organizational units in Active Directory and managed user security with group policies.
oManaged and created Group Policy Objects throughout the Active Directory enterprise.
Configure users, groups, group policy objects, service accounts, application layer services and other objects.
oProvided third level help desk support for problems relating to Active Directory.
oUsed PowerShell scripting to automate processes, migration, reporting, and troubleshooting.
·SCCM Administrator
oUsing SCCM 2016, actively planned migration efforts (Windows 7 to Windows 10, coordinating with users, management, managers, project management, and co-workers.
oConfigured Production and Dev server collections
oDeployed Windows security patching updates.
oOSD deployments of Windows Server 2012 R2 and 2016 R2.
oCreated MS PowerShell scripts to automate deployments.
·Vulnerability Management
oOversee and/or perform the development, maintenance, and continual improvement of the vulnerability management platform, processes, and technical assessment support.
oManaged Rapid 7 Nexpose and Nessus vulnerability scans to identify vulnerabilities and threats.
oDeveloped and maintain metrics and reports on vulnerability findings and remediation compliance.
oUsed Spider data to evaluate custom Web applications.
VA James A Haley Hospital Tampa FL Oct 2018 – Jul 2019
VOCERA COMMUNICATIONS
System Administrator
·Database Management
oResponsible for Adding, updating, deleting user groups and address book entries.
oCreated and scheduled all report packages sent to Nurse managers departments.
oMaintained all group/call flow/permission diagrams using MS Visio.
oEnsure user accounts and appropriate groups are created.
·Device Management
oDeveloped and implemented Vocera equipment and inventory process.
oProvided statistical analysis and gave feed back how to improve processes.
oSet up equipment and configured all Vocera badges using configuration tools.
oServer management and wireless management.
oScheduled and verified all system backups.
oUpgraded and troubleshooted Vocera servers.
oLoaded system software and applied upgrades and patches.
oIdentified and fixed Access Point issues within the hospital to ensure consistent communication for Vocera badges.
·Training
oHeld training classes for all new VA hospital employees.
oDeveloped agenda and provided classes for all Vocera Super users.
oIncreased Vocera user adoption by 60 %..
PSCU Jun 2012 – Oct 2018
Sr. Systems Engineer /Security Analyst
·Evaluated & architected IT Security solutions for the enterprise to improve the IT Security defense in depth.
·Provided leadership & mentoring to security Operations personnel.
·Optimized current security programs for efficiency & effectiveness.
·Developed & maintained operational configurations of multiple IT security solutions.
·Created DLP police to prevent loss of data “in motion/at rest”
·Created DLP effectiveness by reducing false positives by proving policies.
·Built out an enterprise Splunk solution to index 400+ gigs of raw data daily.
·Produced custom Splunk “TA’s” FOR Forwarders, Search Peers & indexers
·Responsible for monitoring & acquiring data feeds from a variety of technologies for Splunk (Firewalls, BlueCoat proxy, Windows, Linux, Imperva, RSA, etc.)
·Worked in a NOC and conducted audits using Imperva.
·Built VMware and Hyper V host machines using ISO’s and SCCM.
·Worked on Windows Server 2003 uplift to Windows Server 2008 R2 and Windows Server 2012 R2.
·Worked with MS Office 365, Active Directory, DR and MS Exchange.
·Setup Integration of FireEye alert in other security systems.
·Setup Automation of FireEye alerts to block infected devices in other security systems.
·Secured company internet access using BlueCoat proxies.
·Engineered and implemented BlueCoat polices to follow company’s policies & procedures.
·Responsible for maintaining McAfee IDS/IPS policies.
·Constructed actionable reports & alerts from RSA Security Analytics.
·Created & maintained policies for Axway Mailgate & securemail appliances
·Conducted network vulnerability assessments to identify system vulnerabilities.
·Developed remediation plans & security procedures
·Created custom scripts to save time & labor cost on attestation of 50,000 + accounts
·Collaborated with other departments in investigations for HIPAA & PCI violations
·Provide consultative services at the time of PCI audits & reviews.
·Installed and configured Symantec Enterprise Anti-Virus.
·Administered and managed SEP Client deployments to Workstations and Servers.
·Setup policies for servers with specific policies for apps running on servers.
·Used Nexpose and Nessus vulnerability web security tools. To manage and identify vulnerabilities and to protect from zero-day threats for Windows OS 2012 R2, 2008 R2 Server, and Windows 2010 and 3rd party applications.
·Scheduled Scans and created vulnerability threat reports to Senior Security Engineers and Architects.
·Experience with Microsoft Azure encrypting data in transit, at rest, and in use.
·Protecting Azure Active Directory accounts against compromise.
·Reducing the attack surface of all your Azure resources..
Contact this candidate