Seasoned Systems Security Engineer with experience in Systems Administration and Security Endpoint Engineering, I bring 18 + years of success in producing a diverse range of business solutions that adhere to a least privileged methodology while balancing the impact to the customer experience and low-cost business model. My experience includes assignments as a systems administrator, security engineering, cybersecurity-based initiatives, team leadership, evaluator of existing technology, build out of boxed solutions to address deployment limitations, patch management & vulnerability auditing, cross-training of staff across both large 300000 seat enterprises on down to 3000 seat mom and pop shops. Recent success encompasses working at some of today’s top fortune 500 companies, delivering everything from cloud hosted, behavioral based NextGen endpoint solutions to the more traditional, server hosted applications. Using a “role up your sleeves approach” I enjoy being right in the middle of the design and support efforts, being keen to set expectations while managing project perception and potential impact, change can bring to the user community. (key parts of any truly successful project). The past 7 years have “pulled” me over to more security-based projects which I have found both challenging and rewarding. I take great pride in my work and never shy away from the chance to “get my hands dirty “ I look forward to the opportunity of discussing how I can help your Team be successful on their next IT based project while being a value add to the business bottom line. I’m interested in finding either a long-term contractual engagement or full-time opportunity at a company where the employees value their work and challenges themselves to learn something new every day.

Partner up with internal Carter's Inc. staff, working as part of a small Team to bring the Carter's Corporate and Retail environments over to the latest offerings of the Carbon Black Enterprise Protection Security Suite. Instrumental in facilitating working relationships between Retail and Information Security while also satisfying Audit driven information/documentation based requests around Carbon Black and Active Directory. Cycles from this project also dedicated to the inspection of existing Cb Protection Rules and Policy based setting to identify opportunities to address any security gaps or process improvements. Create a Policy & Procedural based library for the Carbon Black along with some other security related applications. Lead proof of concept initiative that centered around resident DLP solution (Trustwave), calling out its shortcomings then providing feedback for alternative DLP solution to be considered in early 2019.

Contractually engaged consisted of remotely hosting an 8-month independent in-depth product evaluation of 12 traditional/next-gen endpoint security products for 300,000 seat Health Care shop. Led the customer information collection then built out a VM lab designed to duplicate the client’s Windows/MAC endpoint environment. Additional project efforts encompassed a formal requirements analysis, vendor request for information (RFI), facilitating the vendor/client relationship by scheduling then hosting each vendor in a one-off fashion via GoToMeeting remotely, stepping thru their configuration (cloud/web portal or local) of their product and finally walking each product thru a rigorous regiment of internally developed testing. Testing efforts included running over 500 known virus/malware/PowerShell scripts/DLL injection/false positive/repackaged/ransomware/locky/rehashed scripts against each vendor’s endpoint agent configured on Windows 10/7 x64 and MAC VMs. Documented results were then added into a weighted/scale-based spreadsheet and submitted to the business in support of the down-selection process used to develop their roadmap/endpoint security for 2018 and to also evaluate against their incumbent solution which was included in the testing.

Contracted to stand up the Bit9\Carbon Black Enterprise Protection Security solution across the entire Windows Enterprise. Assessment of existing environment + removal of original incomplete-orphaned Bit9 Agents. Identify hardware requirements, design staggered deployment plan based around bandwidth constraints, stand up Server\SQL database in single-tier configuration, testing of Whitelisting Rules using HERO Policy settings then step thru different Policy levels until all endpoints + servers in High Policy. Create exception Policy + Rules to secure the Servers running Server 2003 OS (hosting legacy applications), Add custom software rules for ICS hardware (Industrial Control Systems) Add whitelisting rules specific to Trusted Shares, Trusted Paths, exception rules for Anti-Virus directories etc. Champion automation efforts around suite of Security tools including Carbon Black, PhishMe Reporter, Print drivers hosted in Aduc. Tasks included the approval of existing publishers, configuring custom verbiage into the alerts, notifiers, email, approval requests and justifications. Delegation of Administration thru the creation of Active Directory Groups for Management Console Configure the behavioral based Advanced Threat Indicators (ATIs), build out portlet driven Dashboards and Reporting. Lead 3 CB version product upgrades, build in Event Rules to facilitate VirusTotal using API connector, Automation of daily approval requests that were closed based on file trust ratings against the SRS Database, Host periodic webcasts for cross-training of staff, own the vendor client relationship thru entire length of contract. Write technical documentation and procedural support based on company SLAs, develop CB maintenance tasks and schedule to define. Rollout Carbon Black Enterprise Response Agents and configure to Bit9 Server thru hidden PHP page of Bit9 to promote 30 day eval. Hardening of existing Laptops/Toughbook’s, associate member of monthly patching UAT Testing Team etc.

Contracted to assist with company-wide Windows 7 rollout to 50000 desktops using the Microsoft 2012 Deployment Tool Kit, SCCM.2007 and OSD snap-in. Duties included Image regression testing, troubleshooting of task sequences and Nomad points of failures (bandwidth bottlenecks). Research morning after failures to identify root cause. Technical Writer for internal support policies & procedures to align with existing SLAs. Mitigate existing printer/driver issues with windows 7 x64 by building out universal print driver solution based on vendor switcher file based on internally shared deployment share, meeting project goal of necessitating need to manage additional vendor-based print/driver software library. Document solution to include SOP then perform hand-off with training to internal staff. Troubleshoot customer driven complaints around existing web-based apps and incompatibilities while working with different Browser versions. Craft new documentation along with procedural solution then hand-off to internal support staff with training as needed. Build out a DVD/USB based DOD level 3 hard drive wiping solution based on the WipeDrive Enterprise application for the Cigna hardware which has been earmarked for new hardware buyback (re-harvesting) initiative. Include mandatory method for validating the success (HIPPA requirement) of said drive wipe process by generating then capturing a log file that gets dumped either to the USB or Network location once available. Solution designed to dump USB based success files to predefined Network location upon next good connection. Document then hand-off of solution to internal Cigna Desktop Staff with cross-training. Evaluate Windows 8 across multiple tablet/Ultrabook platforms with the goal of identifying must robust solution to be used by internal associates.

Lead the design, implementation of WDS based Imaging solution that consisted of 44 Servers sites throughout the world to host image standardization. Manage the vendor client Dell relationship thru companywide hardware conversion. Tasks included Hardware evaluations and recommendations, imaging then deployment. Asset management, software licensing and overall support of the applications used across all endpoints. Research solutions; provide functional and technical written evaluations of products, drive software lifecycle, identify hardware for emerging wireless technologies. Meet with Business Team Leaders to review SLAs then ensure that desktop standards are understood and followed by stakeholders and team members (ITIL based desktop service model). Collaborate with infrastructure, architecture and development teams to provide implementation blueprints, industry best practices and vendor product guidelines. Prioritize work efforts, multitask in fast-paced environment to provide timely and clear updates for minimizing impact to business. Assist project manager with the budgets, resource allocation, task distribution, delivery management and risk management. Provide feedback for development of Service Catalog, Change, Release, Disaster Recovery along with Incident and Problem Management. Rollout Bitlocker encryption across all endpoints while hosting recovery keys in Active Directory then cross-training of staff around supporting recovery key requests

Contracted to oversee a Desktop Transition Team task with the integration of the 2 banks SCCM environments. Duties included the transition of existing systems, clients and applications along with re-defining all procedural support approaches for these technologies as part of the merger. Develop Windows 7 Image and delivery methodology within MDT 2010/ SCCM 2007 from current WDS solution to promote zero touch/lite touch upgrades. Enhance existing desktop patching processes to expand coverage from 6000 to 20000 seats. Recent activities include build out of SCCM onto Server 2008 VMs including the installation/configuration of distribution and management points. Evaluate and document existing Group Polices related to the desktop infrastructure as part of Active Directory house cleaning where dormant machine accounts were first quarantined, disabled and eventually removed.

Lead 8 seat Team that was responsible for facilitating high quality cost effective approaches to application implementations. Tasks included evaluation and proposal of new solutions to meet emerging business driven need, vendor engagement and licensing to packaging then rollout of solutions. Ownership of end point Images and core applications that get laid across thin image as part of the imaging process. Manage Business/3rd party application Library (certified software packages), version control, along with automating the removal of undesirable apps and potential threats. Dictate best practices for application delivery using SCCM and GPOs, ADM template configuration then linking to GPOs, manage 2nd level ticket escalation to resolution or re-assignment. Develop then implementing best practice support methodologies into procedural approach for team to follow for the deployment of RMS (Rights Management Services). Primary focus on delivering high quality desktop solutions with goal of driving down the total cost of ownership. End point patching process using SCCM 2007 with WSUS snap-in, tasks included monitoring/updating the global catalog, scheduling of patches and remediation of patching failures. Generate then present to management, Incident -Problem Management Reports, take ownership role for Change Management dependent changes. Interview, hiring, terminations and annual – bi-annual performance + bonus goals

Directed the activities of 18 technical support representatives located in 5 different states, providing support to approximately 4400 desktops. Support efforts include telephony, desk side or by hosted remote technologies. Manage the desktop team’s daily activities, projects, on-call schedules and resolution of technical problems. Maintain the outage notification process and ensure that the processes and procedures are followed by all IT staff. Responsible for coordinating employee recruitment, the selection and training of staff, completing performance assessments, salary reviews and all bonus recognition. Identify and implement processes that improved service delivery Including formal definition and documentation of those processes. Leverage service desk best practices such as ITIL foundations, to drive continuous process improvement, provide Senior Technical Resource expertise on systems, processes and procedures. Ensured appropriate training plans were created then implemented for IT staff and business users as appropriate.