SKILLS

Bon Secours provides compassionate medical care to those in need, especially people who are poor, dying, and underserved.

2023-

Role: Senior Systems Engineer

Location: Remote

Working as a Senior Systems Engineer with the following enterprise Active Directory (AD) and Public Key Infrastructure (PKI) responsibilities:

- Design, analyze, and support a highly complex, enterprise level Active Directory service in a hybrid Azure AD environment

- Troubleshooting involving AD, DNS, SYSVOL replication, Kerberos, PKI, NTLM, IPsec, LDAPs, and security ciphers

- Approach all tasks with a DevOps mindset, strive to automate and innovate when possible

- Develops, documents, and enforces the standards, security procedures, and controls for access to ensure integrity of the Active Directory

- Analyze the current Directory Services environment to identify security, technical, and operational opportunities

- Develop continuous improvement action plans and maintain an up-to-date environment

- Participate in disaster recovery, capacity planning, performance monitoring, and maintenance to ensure high availability

Microsoft enables digital transformation for the era of an intelligent world, empowering every person and organization on the planet to achieve more.

2022-23 (contract)

Role: Support Engineer

Location: Remote

Software support engineering for the following Active Directory (AD) and Public Key Infrastructure (PKI) technologies:

 - Kerberos and NTLM authentication

- Certification Authority, SCEP/NDES, CDP, AIA, OCSP, and certificate templates

- Replication, group policy, and AGPM- Forest trusts and schema extensions

- SPNs and constrained/unconstrained delegation

- Secure channel and SSL

- Windows Hello for Business

Troubleshooting investigation and analysis included:

- Network and ETL trace analysis of authentication and replication traffic

- Certificate service installation, key renewal, configuration, restoration, migration, diagnostics, and repair

- Certificate-based authentication for Kerberos, NPS, VPN, and smart cards

- Windows Hello configuration and authentication diagnostics, troubleshooting, and repair

- NTDS diagnostics and GPO/CSE debugging

- Detailed log review of services, events, error codes, and authentication components

Key achievements:

- Consistent 5-star Customer Satisfaction scores highlighting excellent communication, resourcefulness, and empathy

- Worked on a daily basis with highly-complex Fortune 500, Enterprise Customer, and Strategic Partner environments

- Provided not only subject matter expertise, but also a calming and focused presence on crisis response calls

- Improved troubleshooting and reduced time-to-resolution by maintaining multiple concurrent AD+PKI lab environments for reproducing customer scenarios

- Quick and effective customer focus and problem-solving resulting in an average closure rate of 2¼ days per case

- Constant research and application of industry best practices for Microsoft Active Directory products

- Continued education in and practice with PowerShell for scripting, automation, and deployments

- Empowered teammates to achieve more through mentorship, guidance, and collaboration

- Created a smoother, more effective customer experience by fostering strong collaboration across support departments

Additional thoughts:

In this role, I dove deeper into AD and PKI than ever before; I've been using Microsoft services throughout my career, but rarely had I been able to dig into the minute detail of log review, troubleshooting, and interoperability of AD components. There's so much that goes into a functioning AD and PKI environment, so much behind the scenes, so much under the covers, and we worked on all of it.

As a support engineer, I investigated for the smallest details - whether self-imposed by a strict group policy, a typo done in haste to recover from a critical production outage, or a misconfiguration done in ignorance of a new deployment - to the largest catastrophes - a Root CA was deleted irreparably and we have to build an entirely new PKI, or all domain controllers have entered a USN rollback state and need to be recovered, or SYSVOL is failing to replicate any data and needs to be authoritatively restored.

I only had a year to learn, and I learned a lot - including how much more there is still to grow. 🚀 

arrivia is the world's largest standalone travel loyalty provider for companies wishing to reimagine their loyalty and rewards programs.

2019-21

Role: IT Manager

Location: Scottsdale, AZ

Managed a highly-skilled administration and engineering team providing Tier 3 support to business units spanning the globe:

- Five system admins performing daily ops, project work, and ITSM ticket/change management

- Two system engineers managing the virtual environment, inventory and patch management, and storage/BCDR

- One modern workplace manager handling the Microsoft collaboration toolset (Teams, OneDrive, and SharePoint)

- Partridge in a pear tree not included

Technical responsibilities included:

- Executing the design, deployment, security, and administration of a new Microsoft PKI architecture to align with industry best practices

- Updating and maintaining certificate templates and authentication policies for clients, servers, and VPN systems

- Leading VMware, Nutanix, and Hyper-V virtualization platform design, installation, troubleshooting, and administration

- Achieving and maintaining compliance with PCI-DSS Level 1 certification requirements

- Coordinating PureStorage and Dell storage migration, troubleshooting, and administration

- Overseeing Microsoft server deployment, configuration, troubleshooting, and administration

- Guiding Microsoft 365 full suite (AAD, EXO, SPO, MCAS, DLP, Intune) migration, configuration, and administration

Nontechnical responsibilities included:

- Providing career guidance for direct reports

- Balancing workloads and project vs. operational duties

- Conducting annual performance reviews

- Maintaining each team member's goal trajectories towards personal growth and company KPIs

- Creating, strengthening, and terminating vendor relationships

- Conducting quarterly and annual business reviews for contract and licensing maintenance/negotiation

Additional thoughts:

In this role, I learned a lot about the differences between leading a team vs. managing my people. I strove to inspire, reward, and support my direct reports in their careers, whether that took the form of a promotion, appreciation and recognition, advancement to another internal team, or even departure to another position so they could grow outside their current structure.

I was - and still am - a transparent advocate for my team. I wanted them to feel seen, acknowledged, and compensated for their hard work.

Ports America is the largest shipping terminal operator and stevedore in the United States, with operations in every major port in the nation.

2013-19

Role: Senior Systems Engineer

Location: Chandler, AZ

Team Lead duties included:

- Executing the design, deployment, security, and administration of a new Microsoft PKI architecture to align with industry best practices

- Updating and maintaining certificate templates for clients, servers, RADIUS authentication policies, and VPN systems 

- Design, installation, and engineering of nearly a dozen Nutanix platforms (over 60 individual nodes) at multiple remote sites and datacenters around the country

- Maintaining VMware environment of over 1,000 servers and the accompanying 3PAR SAN/NetApp NAS backbone provisioning

- Installation, configuration, and maintenance of Barracuda ADC 540 Vx load balancers and SSL offloading

- Management of trusted third party SSL certificate renewals and application delivery

- Quote-to-deployment process for hardware and software procurement

General Dynamics Mission Systems provides mission critical solutions to those who lead, serve, and protect the world we live in. 

2010-13

Role: Systems Engineer

Location: Scottsdale, AZ

Systems Engineer in an ongoing partnership with General Dynamics Canada to support the Canadian Department of National Defence with:

- Product research

- Architecture design

- Commercial off-the-shelf (COTS) software and hardware acquisition

- Installation and configuration in compliance with customer requirements

- Evaluation for operational security and readiness

- Deployment to customer sites

- Technical setup and demonstrations to government and military personnel

- Process documentation

The project goals were to provide high-assurance cross-domain guarding technologies for secure communication between network enclaves operating at different classification levels and security caveats (TSABI, SABI, and SBU). Cross-domain services included fully-functioning e-mail, imagery data transfer, video streaming, instant messaging, web services, and remote desktop.

2009-10

Role: Software Engineer

Location: Scottsdale, AZ

Employed as a Software Engineer at General Dynamics C4 Systems. Primary effort was a two-person research and development initiative to design, assemble, and understand the role of thin computing with virtualization. Using VMware’s vSphere as the core, both thin and ‘zero’ devices were connected and configured to use PCoIP where available and RDP otherwise, receiving their operating systems as virtual environments. The connection to vSphere was encrypted using strongSwan IPsec with a Cisco ASA 5500 router to create a VPN between the client device and the vSphere host; heuristics were conducted on the traffic to demonstrate latency and transmission differences between secured and unsecured connections.

2008-10

Role: Director of Safety Escort Service

Department: Undergraduate Student Government

The Safety Escort Service provides a safe and prompt transportation alternative around campus at night to supplement campus security.

In addition to the standard responsibilities of participating in daily operations, management tasks included leading a diverse team of college students to promote efficacy and coordination, interfacing with student government to encourage growth and reputation, and redesigning incumbent procedures to embrace a heightened level of expedience and professionalism. Accomplishments include implementing a new tracking system for monitoring pickup requests, drastically improving response rate and customer satisfaction; championing the acquisition of two additional vehicles to the fleet; and coordinating with campus police to integrate our communication systems into the police band radio, improving clarity and speed of contact between driver and navigator personnel. During my employment as Director, the service saw a steep escalation in demand and a proportional increase in aptitude: the volume of requests rose from roughly 2% of the total student population to nearly 20%, with an average wait time of fifteen minutes. 

2008-09

Role: Undergraduate Research Assistant

Department: School of Computing and Augmented Intelligence

SCAI envisions a society where information is converted into entertainment for individuals and empowerment for businesses.

Team-based undergraduate research assistant in the School of Computing and Informatics under Dr. Guoliang Xue. Worked on the code implementation, testing, and comparison of heuristics to algorithms to improve the quality of service in wireless networks. The restraints considered in the assessment were hypothetical bandwidth and delay values between nodal connections, graphically and programmatically depicted by an undirected, layered graph that was generated using BRITE topology software. Computations included determining the shortest path (least amount of time required) and the maximum flow (highest amount of bandwidth allowed) from a specified source node to a target. The primary platform was a Linux server using ILOG CPLEX 8.1.

2008

Role: Safety Escort Service Operator

Department: Undergraduate Student Government

Driver and call operator for night-time safety service, offering vehicle escorts for students travelling campus after hours. Duties involved campus driving training, learning and navigating all contours and locations of the 631-acre grounds, interfacing with tens of thousands of students in person and over the phone, and organizing multiple driving units to efficiently service the 70,000+ student population. Required skills were strong customer service, multitasking, navigation and orientation, and cooperation. 

2007-09

Role: Undergraduate Teaching Assistant, Grader, and Tutor

Department: School of Computing and Augmented Intelligence

Grader for introductory-level C++ classes for four consecutive semesters. Duties involved tutoring students (four hours a week allotted), grading students' homework, laboratory assignments, and exams, and occasionally proctoring examinations alongside the professor. Additional obligations included reviewing midterm material for correctness, accuracy, and level of challenge, and hosting study sessions for students prior to tests.

2007

Role: Undergraduate Research Assistant

Department: Biodesign Institute

The Biodesign Institute is a place where hundreds of scientists cross boundaries and work together, creating nature-inspired solutions to global challenges in health, sustainability, and security.

Research assistant in the (at the time) Center for Evolutionary Functional Genomics under Dr. Sudhir Kumar. Designed and developed a C++ utility to interpret the human genome, presented as a text file per chromosome, and scan every string of eleven base pairs (11-motifs) for specific DNA sequences that were proposed to be naturally nonexistent (dubbed "nullomers"). Developed skills included large file I/O, low-level memory management, and search and comparison algorithms.
Publication: Nullomers: Really a Matter of Natural Selection? | PLoS ONE