Resume

  • Upstate
  • New York
  • USA
Experience
Various Locations
VMware SME
  • Implemented a VMware Infrastructure environment consisting of 475+ physical hosts running on HP blade servers with 8000+ virtual machines in 8 geograhical locations.
  • All major upgrades of vSphere
  • Automated management and reporting of environment using Powershell scripting (backup of folder structures, permissions, role, custom annotations and VMDK usage from with guest operating system).
  • Created process for physical to virtual (P2V) conversion trained staff of administrators and oversaw the conversion 2500 physical servers to virtual servers.
  • Architecting new VMware View environment to scale up to 20,000 virtual workstations located in the two main computing centers.
Lucid Solutions Group
Albany, NY
Senior Consultant @ New York State Office of Cyber Security and Critical Infrastructure Coordination
  • Fixed issues in Active Directory configuration; including DNS, DHCP, Group Policy, implemented a full redesigned of the domain OU structures to efficiently target and implement new Group Policy Objects as set forward as requirements from ISO and industry best practice, and configured subnets in Active Directory Sites and Services.
  • Created reverse DNS lookup zones and configured conditional forwarders to direct DNS queries to E-Port caching servers at OFT.
  • Designed Multiple VMware Infrastructure clusters in a multi level tiered network. Clusters consist of Dell PowerEdge 2950 servers with Distributed Resource Scheduling, High Availability and Enhanced VMotion Compatibility configured and connected to EMC Clarion CX 3-40 fibre channel SAN.
  • Implemented VMware Consolidated Backup (VCB) to backup VMs over the fibre and then to tape.
  • I was able to consolidate 80% of the original servers.
  • Redesigned network infrastructure, replacing Netscreen Firewalls and Nortel switches with Cisco ASA 5500 and Cisco Catalyst Switches.
  • Created a multi-tier DMZ network to allow for publishing of services and applications to the Internet.
  • Implemented remote VPN access, allowing users to use their Active Directory user credentials to authenticate using Microsoft’s Internet Authentication Server using the RADIUS protocol.
  • Implemented Cisco Works LAN Management Server that monitors and maintains Cisco switched in the network.
  • Configured and maintained ISA Servers with Websense.
  • Trained local staff on Active Directory, Group Policies, network configuration, and VMware maintenance and administration.
VMware SME @ Carthage Central School District
  • Worked with the IT Director to design a robust virtual environment using VMware and implementing a disaster recovery solution within a reasonable budget.
  • The environment consisted of four Dell PowerEdge Servers and two Dell Equalogic iSCSI SANs to hold 30 windows servers from the Novell migration.  Data would be replicated off-site using the Equalogic SAN replication feature.
  • When migration was completed 94% of servers were virtualized.
Senior Consultant @ New York state Office of Homeland Security
  • I was brought in to determine random issues that were happening within their network that was effecting DHCP on their network.  A packet sniff using wireshark showed that DHCP clients were not registering their IP addresses to the DHCP server, due to the requests being hijacked by CA DSM server.
  • Converted their Albany office from a flat-network to multiple networks using VLANs on their Nortel 1710 Contivity VPN Router. Implemented remote access through Contivity to use IPSec VPN.
  • Configured Active Directory Sites and Services to allow for more efficient logon authentications.
Senior Consultant @ New York State Office for Technology
  • Administrated several Active Directory forests with trusts maintained between them with 60,000+ user objects, over 25 domain controllers in a multi-site firewalled environment containing trust relationships with each other and external agencies.
  • Designed a proof of concept lab for implementing non-Microsoft Linux clients to authenticate with Active Directory using Kerberos, LDAP, LDAPS and RADIUS. Wrote a whitepaper outlining the procedure with specific configurations on how to get each method to work properly and presenting the pros and cons of each.
  • Developed migration plans and documentation to relocate user accounts and workstations between the domains and forests.
  • Review all change control requests involving all Active Directory and infrastructure servers to minimize any risk to service uptime.
  • Maintain and update VMware ESX 2.5.3 and VMware Virtual Infrastructure 3 running development lab and Staging environment that mimics production Active Directory forests, including patching and backups.
  • Implemented domain controllers on Microsoft Virtual Server and VMware Server to show lower cost of ownership with the hardware and to identify any issues before implementing in the production environment.
  • Designed and deployed authentication system for new VPN solution using Cisco Secure ACS 4.0 to authenticate users against the Active Directory.
  • Developed extensive documentation on roll-out and roll-back plans, schema updates deployments and risk assessments.
  • Worked on SharePoint project to test using SharePoint Server 2007 in a multi-forest environment with several authentication providers, including Active Directory and the SunOne LDAP.
  • Analysis of identity management, federation services, directory synchronization and monitoring software packages.
Senior Consultant @ New York State Office of Alcohol and Substance Abuse Services
  • Provided security audit of web application running Microsoft Internet Information Server 6.0 with ColdFusion and Microsoft SQL Server 2000.
  • Identified several vulnerabilities using tools such as Nessus and nmap.
  • Documented results with recommended solutions and industry best practices.
Senior Consultant @ New York State Office of Parks and Recreation and Historical Preservation
  • Managed infrastructure upgrade project which included replacing all existing servers, desktops, switches, and upgrading custom applications to work with SQL 2000 with integrated authentication and MDAC 2.7.
  • Upgraded all domain controllers to Windows Server 2003 with Active Directory, spanning 14 main regions with more than 3600 users throughout the state. Along with upgrading their DNS and DHCP.
  • Performed a side-by-side upgrade of 15 servers to Exchange Server 2003. This was all done with little to no down-time for the end-user. GroupShield was used to scan all mail for viruses and controlled by ePolicy Orchestrator.
  • Replaced ISA 2000 with ISA 2003, chaining the region servers to the enterprise array in Albany before going to the Internet. Surfing policies were implemented on the Albany array using Websense and downloaded content was scanned for viruses using GFI Download Security.
  • Replaced former SQL 7.0 server with SQL 2000 server, and upgrading the custom databases. • Deployed a new installation of Systems Management Server 2003 to deploy security and officeupdates, along with asset information and software deployments.
  • Instructed IT Staff on more efficient uses of their VPN concentrator, their AS5350 for dial-up connections, and configuring portfast on their switches.
  • Implemented new IIS 6.0 web servers and migrated a number of ASP pages and web applications including Outlook Web Access (OWA), ArcGIS, and a number of java servlets. Some of the vbscripts, java scripts, and ASP pages needed to be modified to work with the newer security model within IIS 6.0.
  • Corrected and updated their Group Policy Objects, removing several redundant entries, placing them in optimal order, thereby reducing the start-up and logon times. Applied a number of security polices for Windows Server 2003 and Windows XP with SP2 to reduce the amount of administrative overhead for data coordinators and to guarantee the security settings are applied.
  • Wrote a number of vbscripts using ADSI to populate information into Active Directory.
  • Implemented and administrated VMware GSX Server, VMware Workstation, Microsoft Virtual Server and Virtual PC. Created templates of Windows XP, Windows 2000 Server and Pro, and Windows Server 2003 using Sysprep for quick virtual deployment.
  • Installed and configure Veritas Backup Exec with Remote Agents, Open Files Agent, Intelligent Disaster Recovery, and Library Options.
  • Configured and replaced all access layer switches with Dell Gigabit switches. Worked with local staff to setup LAN-to-LAN tunnel between OPRHP and Reserve America from Nortel Contivity to Cisco PIX. Created policies on the Netscreen to allow traffic through firewall.
Schenectady, NY
Senior Network Engineer
  • Employed to fix existing environment and to modernize for the future. This included documenting a business case to secure funding, outline project plans, examine, and specify hardware and software products, negotiate with vendors, and delegate tasks to members of the project team.
  • Planned and migrated organization’s NT 4.0 domains to Active Directory with Windows 2000.  Moved them to Active Directory on Windows 2003 two years later.  Migrated the former Dynacare Labs NT 4.0 domain to the Active Directory forest on Windows Server 2003.  Dynamic DNS, DHCP and Distributed File System (DFS) were implemented to lower administrative overhead.  Designed and implemented a thorough Group Policy strategy securing and configuring workstations and servers in the domain.
  • Put together hardware and software requirements and budgets for projects along with ongoing long-term maintenance costs.
  • Designed the deployment and migration of the e-mail system to Exchange 2000 from Netscape Mail server. Upgraded mail system to Exchange Server 2003 on an active/passive cluster using HP Proliant DL380 servers and MSA 1000 storage array (SAN) connected via redundant fibre channel connections to virtualize several old systems using VMware GSX Server and Microsoft Virtual Server.
  • Designed antivirus implementation with McAfee Suite controlled using ePolicy Orchestrator. GroupShield was implemented to scan mail internally. Webshield e500 appliance was used to scan all incoming web traffic and SMTP traffic for viruses and spam.
  • Managed, maintained, and upgraded several SQL servers, versions 6.5, 7.0 and 2000.
  • Reengineered the disaster recovery strategies by upgrading to Veritas Backup Exec with a centralized backup library using a HP MSL 6000, along with updating all policies and procedures for doing backups and restores.
  • Reduced bandwidth usage and Internet abuse by implementing an Internet Security and Accelerator server array for caching frequent web traffic and publishing web servers. Content scanning was implemented, to scan employee web traffic to monitor for Internet abuse, using Web Inspector .
  • Installed and deployed Microsoft Systems Management Server 2.0 (SMS), used for asset management, remote troubleshooting, and software distribution. Later upgraded to 2003 version and was also included in patch management along with Microsoft’s Software Update Server (SUS).
  • Determined a need to replace antiquated web servers used to host a number of sites for the hospital, community organizations, and medical groups. Specified HP BL30p blade servers running Internet Information Server 6.0 with Cold Fusion 6 to migrate to.
  • Wrote detailed systems documentation, including hardware information, maintenance procedures, and disaster recovery outlines. Revised existing IT policies and procedures to conform to updated systems.
  • Managed and upgraded Cisco network consisting of Catalyst 6509 core switch, Catalyst 3550 & 2950 access switches, 3800, 3600, 2600, 2500, 1700 routers, AS5350, 3015 VPN concentrators, and PIX firewalls. Maintained routing network using EIGRP. Responsible for the setting up LAN- to-LAN tunnels with the Cisco 3015 VPN Concentrator.  Catalyst 6509 core/distribution switch, with 28 VLANs segregating traffic for security purposes with Access Control Lists (ACL).
  • Maintained numerous WAN connections for remote health clinics, partnered hospitals, financial office, school of nursing, and specific vendors/service providers. WAN connections consisted of point-to-point T1, Frame-Relay, ISDN, and point-to-
  • point 1.2 gigabit laser connection with 100 megabit RF backup connection. Implemented PIX firewalls between hospital and service providers to maintain security of patient data.
  • Maintained firewall rule set in Gauntlet 6 firewall to allow internet access to several web servers, mail servers, and VPN concentrators located in the DMZ.
  • Used monitoring tools to monitor network and server systems and alert appropriate personnel of issues. These systems included Insight Manager, Openview, Openmanage, Ciscoworks, Jetadmin, and Argent Guardian.
  • Administrated and upgraded small Citrix Metaframe 1.8 farm, used to support remote hospital site and remote financial group.
  • Other systems and devices I implemented and/or managed are Kronos WorkForce Central, RSA SecurID, Powerscribe Voice recognition transcription system, Microsoft SNA Server 4.0, Microsoft Host Integration Server, Gauntlet Firewall (Solaris Platform), Zixit VPM (e-mail encryption), and Openlink (Siemens’s medical EDI).
  • Supervised the Ellis Hospital and Amsterdam Memorial networks and systems along with remote clinical and financial billing sites, composing of more than 3,000 employees. This included daily administrating a Windows Active Directory domain and Novell 4.1 NDS tree.