Senior IT Infrastructure and Support Engineer
Resume:
TRI NGUYEN
Alameda, CA 925-***-**** *********@*****.***
Senior Support Engineer
Experienced support engineer with over 15 years of expertise in infrastructure and end-user support. Skilled in on-premises infrastructure, Microsoft 365 administration, Intune Endpoint deployment, and automation. Proven track record of collaborating with other team members to successfully deliver numerous deployments and IT projects. Recognized for reliability, patience, and solution delivered.
TECHNICAL PROFICIENCIES
● On-Premises Infrastructure
o Dell Power EMC, HPE ProLiant, Synology NAS,
o Fortinet Next Generation Firewalls
o Virtualize Infrastructure: Azure AVD, Hyper-V,
and VMware
o Windows Servers Active Directory, DNS,
DHCP, GPO
o Remote Desktop Services
o Cisco Meraki Firewalls and Switches
● Backup Systems (On-Premises & Cloud)
o Apex Druva, Unitrends, Veritas, and
Barracuda Backup Solution
● Cloud Applications and AI
o MS Ofice365 Admin, Box, TeamViewer,
RingCentral, Amazon, 1password, DUO, and
DocuSign
o Ai Automation Builder
o N8n Workflow Automation
o Deployed RAG Systems with Vector Database
(Pinecone, Supabase, and Qdrant)
o Local and Cloud LLM Deployment
o MCP and FastMCP server Deployment
o Claude AI Integration
● Cloud Infrastructure
o Microsoft Azure IaaS, PaaS, VPN
o Microsoft 365 Admin Center (Security,
Teams, SharePoint, Purview, Exchange Online
Defender)
● Endpoint Management Technologies
o MS Intune MDM / MDT, WDS, and PDQ
Endpoint and App(s) publishing
o Apple Device Administration - Business
Manager (ABM)
o PowerShell App Automate, Detect, and
Remediate scripts
● Cybersecurity
o MS 365 Security / MDE, MDI,TVM, DLP Policy,
Conditional Access, MFA
o MS Defender
o Duo Security
o Qualys Security Patch Management
Page 2 of 5
ACCOMPLISHMENTS
● Upgrade VMware v-Center from v7 to V8 and VMware ESX 7U2 to 8.U2
● Automated servers patch maintenance by using 3rd party Qualys Patch Management solution to ensure all systems are up to date with security releases and fixes
● Upgrade Windows 10 to Windows 11 with Intune Update Rings Policy
● Migrated On-Premises Active Directory Domain Services to Entra AD and the devices are managed by Intune
● Managed and deployed Microsoft Intune MDM managed applications and policies from Microsoft Cloud to manage endpoints
● Automated Intune App deployment with PowerShell scripting and Winget
● Conducted Cybersecurity awareness training campaign
● Built Azure and Intune chat dashboard to query users and devices through MS Graph API.
● Deployed robust Systems & Network Infrastructure that supports Carlton Senior Living to centralize ERP, CRM such as MOVE-N and Microsoft Dynamics GP, Paychex
● Deployed multiple IT Infrastructures (Servers, Network, Storage, Telecom, Workstations) for Carlton company through newly constructed buildings or through acquisitions
● Coordinated with local Managed Print Services company to deploy a robust, heavy-duty printer fleet for all facilities
● Managed Carlton Senior Living LLC telecom and mobile services o Reviewed and upgraded Carlton Internet services for every 2-3 o Assisted IT and Business teams to replace outdated telecom with modernized IP phone systems
o Managed company mobile services and ensured the company gets the best discount, support, and services
● Coordinate with an Internet AI/Deep Machine Learning Start Up companies such SafelyYou, CarePredict to deploy IoT devices that alert our Caregivers when elderly residents need assistance
● Assisted IT and Clinical team to deploy eMedication, Mobile Medication Technology, to enhance the distribution accurately and minimize medication errors Page 3 of 5
WORK EXPERIENCE
Northland Controls 05/2024 -03/2025
Infrastructure Engineer
Supported on-premises Windows Domain and virtual environments, including VMware ESX, AWS, and Azure, integrating Duo Security for two-factor authentication (2FA). Managed and upgraded network and server infrastructure, including Meraki routers, switches, wireless access points, and Dell EMC systems. Provided high-level support for Office 365, including Intune Endpoint Manager, SharePoint Teams sites, and provided appropriate access for guests and vendors. Utilized 3rd party Qualys Cybersecurity Platform for Vulnerability Management, Detection & Response (VMDR), and Patch Management across ESX, Windows Server, and endpoint systems. Managed backups with Apex Druva for AWS, VMware, and Office 365
Responsibility:
● Manage Enterprise Microsoft infrastructure including Active Directory, Windows Server, 0ffice365 Suite, Azure AD, Exchange Online, SharePoint, Teams
● Built out Intune Management Solution to support On-Premises Endpoint migration to Intune.
● Deployed Windows Autopilot, and iOS ADE Enrollment
● Packaged and deployed applications and device configuration policies using Intune Endpoint Manager
● Manage IT Infrastructure which include Meraki Firewalls, Meraki switches, and Meraki aps.
● Created AWS EC2 Instances and provide user access to Amazon Workspace
● Deploying and managing enterprise systems in AZURE and VMware
● Managing SAN and fiber channel storage
● Upgraded VMWare V-Center, ESX, and Dell EMC Hardware
● Diagnose and rectify network issues efficiently
● Deploying, integrating, and Managing SSO/MFA such as ADFS, DUO, and Azure AD
● Deploying and Managing Endpoint security with Intune Endpoint Manager and Qualys Cybersecurity Platform
● Dell Apex and Rubrik Backup and Restore MS 365, VMWare V-Center, and AWS EC2 AIMMUNE THERAPEUTICS 01/2021-12/2023
Senior System Lead
Primary Responsibilities:
● Device Deployment and Management: Deploy and supervise Windows, MacOS, and iOS devices using Meraki and Intune Mobile Device Management (MDM). This involves ongoing testing and implementation of new policies, monitoring device compliance, and addressing incident alerts from Microsoft 365 Defender as needed
● IT Operations Support: Manage and support Azure AD, Microsoft 365, and various SaaS applications. Provide B2B vendor and guest access and troubleshoot SharePoint, Team Sites, OneDrive, and Box issues
Key Duties:
● Cloud and On-Premises Infrastructure: Oversee day-to-day operations of cloud and on- premises infrastructure and cybersecurity, including Azure Servers, Virtual Machines
(VDI and AVD), Storage, Networks, Azure Entra ID, and Papercut Cloud
● Microsoft 365 Management: Administer the Microsoft 365 Admin Center and support Purview, Defender, Teams, SharePoint, Exchange Online, and OneDrive. Harden Page 4 of 5
Exchange Online with SPF, DKIM, and DMARC. Configure and monitor threat policies such as Safe Attachments, Safe Links, Anti-Phishing, Anti-Spam, and Anti-Malware
● Security Incident Response: Monitor and respond to Microsoft Security incidents and remediate security issues
● Endpoint Management:
o Manage and support the Aimmune Endpoint Management Solution for over 500 employees and 700 contractors
o Build, test, and deploy enterprise business applications, and enforce system policies for Windows and MacOS devices
o Test and deploy new Microsoft Baseline policies
o Oversee provisioning and deployment of company endpoints and MacOS devices through Intune MDM
o Configure and test Intune policies and rollout as requested by the IT Manager. o Support iOS app deployment via Meraki MDM
o Manage Apple Business Manager (ABM), Adobe, TeamViewer, and Docusign o Provision TeamViewer app deployment through Intune Connector. o Deploy applications through Intune
o Use PowerShell scripts and Winget for application installation and uninstallation on endpoint devices.
o Update third-party applications using PowerShell remediation scripts
● End-User Support:
o Coordinate with HR, User Managers, and outsource helpdesk services to ensure on-board users receive proper tools and required applications. o Provide white-glove onboarding services for Aimmune VIP users. o Manage SaaS application access, including Box, ServiceNow, RingCentral, AimLearning, Compliance-Wire, and Smartsheet
o Monitor and support regulatory department access to Azure Virtual Desktop
(AVD) and published applications
o Onboard and offboard users using PowerShell scripts o Provide RingCentral and Teams Room support on premises o Offer Tier 2/3 end-user support.
o Weekly service review of helpdesk ticket performance o Assisted with quarterly SOX audit for standard and privilege user account management
● Printing and Security: Manage and maintain on-premises printing support, including Papercut Administration, badge, and secure printing. Coordinate with third-party vendors for physical security video surveillance systems and door access systems Page 5 of 5
CARLTON SENIOR LIVING 01/2006-12/30/2020
System and Network Administrator
The primary responsibility is to ensure the stability of Carlton's IT infrastructure. This includes automating the on- off boarding process, conducting backups, and upgrading servers and firewalls. The role involves the installation and troubleshooting of software and hardware for servers, and endpoints, as well as integrating new facilities into the existing IT infrastructure
● Managed day-to-day infrastructure and endpoint support for small businesses with over 12 facilities in the Bay Area
● Administered corporate on-premises data center that consists of VMWARE ESX Infrastructure, Hyper-V, Windows Active Directory, Microsoft Exchange, Dell Storage Systems, Fortinet Firewall, Barracuda SPAM Firewall, and Unitrends (on-premises and Cloud) backup solutions
● Implemented Unified Threat Management / Next-Generation Firewall solutions for all 12 PCI and HIPAA Compliance facilities. Leveraged system capabilities and deployed IPsec Multi-Site VPN, Enterprise managed Wi-Fi, Network Intrusion Detection, Web Filtering, and Protection
● Deployed Barracuda Networks SPAM and Firewall capabilities to protect email communication and ensure PCI compliance
● Worked cross-functionally with HR, Payroll, and executive teams to implement enterprise Time
& Attendance / HRIS solutions
● Deployed VoIP / Unified Communication system at all 12 facilities
● Deployed over 150 wireless access points to support digital transformation initiatives and accommodated the growing needs for facility-wide Wi-Fi
● Built and deployed Windows devices via Microsoft MDT Solution and ManageEngine Desktop Central to manage endpoint devices
● On-Offboard user using PowerShell script
● Assisted in deploying and Managing MFC Copiers for printing and email scanning for all 12 sites
● Setup vlan to separate network traffic
● Administered and troubleshoot Exchange email 2008-2012 services with Outlook client
● Managed vendors such as Dell, Microsoft, Lenovo, Ray Morgan, AT&T, XO, Verizon, TelePacific
● Assisted the clinical department in deploying electronic medication software for Med Tech EDUCATION & CERTIFICATIONS
JOHN F KENNEDY UNIVERSITY 01/2010- 06/2012
● Bachelor of Business Administration
COLLEGE OF MARIN
● Associate of Science
● Associate of Art
Microsoft Certified System Engineer (MCSE) * Microsoft Certified IT Professional (MCITP) * Microsoft 365 Administration * Microsoft Endpoint Administration Microsoft Virtual Desktop Administration * VMWARE Certified Professional (VCP) Proofpoint Phishing and Attack Protection Specialist * CIW Security Analyst Cisco Certified Network Associate (CCNA) * Citrix Certified Associate (CCA)
Contact this candidate