Summary
Overview
Work History
Education
Certification
Skills
Additional Information
web
Parham Karimi
Open To Work

Parham Karimi

Information Technology
San Diego,CA

Summary

Senior Infrastructure & Cloud Engineer with 18+ years of experience designing, supporting, and modernizing enterprise IT environments across on-premises and hybrid cloud infrastructures. Strong expertise in Microsoft server technologies, virtualization, networking, enterprise operations, and infrastructure modernization, with extensive experience in cloud security, endpoint management, and hybrid identity solutions.

Specialized in Microsoft Azure, Intune, Microsoft 365, Hyper-V, VMware, Microsoft Defender XDR, and enterprise endpoint modernization. Successfully led large-scale deployments and automation initiatives that improved operational efficiency, strengthened security posture, and supported highly available environments for 400+ users.

Recognized for solving complex infrastructure challenges, optimizing IT operations, and delivering scalable, business-aligned technology solutions within fast-paced enterprise and public-sector environments.

Overview

22
22
years of professional experience
3
3
Certificate

Work History

Senior Information System Analyst

ARJIS
San Diego, CA
08.2025 - Current
  • Leading infrastructure modernization initiatives across hybrid cloud, virtualization, identity, and enterprise security platforms.
  • Designed and implemented Microsoft Intune and Windows Autopilot architecture across enterprise endpoint environments.
  • Expanded Microsoft Sentinel, Defender XDR, and Microsoft Defender for Endpoint (MDE) onboarding across servers and enterprise systems.
  • Implemented Microsoft Sentinel monitoring and security initiatives aligned with CJIS compliance requirements and enterprise security standards.
  • Reviewed and enhanced on-premises Group Policy configurations to strengthen security baselines and support ongoing compliance initiatives.
  • Implemented Entra ID Identity Protection, Privileged Identity Management (PIM), Conditional Access, and MFA security enhancements.
  • Automated onboarding and access request workflows using Entra ID catalog-based approvals and role assignment processes.
  • Developed quarterly access review and identity governance processes to strengthen access control and compliance initiatives.
  • Replaced legacy third-party RADIUS token authentication solutions with Microsoft Entra ID MFA services.
  • Led VMware-to-Hyper-V migration planning and infrastructure modernization efforts.
  • Expanded Veeam Backup & Replication infrastructure through implementation of additional proxy servers and backup optimization initiatives.
  • Onboarded enterprise servers into Azure Arc and implemented Hotpatching strategies for critical infrastructure systems.
  • Implemented enterprise security solutions including LAPS, Windows Hello for Business, Company Portal, and endpoint compliance initiatives.
  • Designed and implemented enterprise RADIUS authentication integrated with Active Directory for secure wireless access.
  • Integrated Apple Business Manager and assisted with deployment of enterprise applications across multiple partner agencies.
  • Implemented PRTG, Freshservice, and Automox platforms to improve infrastructure monitoring, ticketing workflows, patch management automation, and operational visibility.
  • Implemented Dell OMSA and Dell AIOps monitoring solutions to improve infrastructure visibility and operational management.
  • Led BIOS, iDRAC, firmware, and Windows Server upgrade initiatives across enterprise infrastructure environments.
  • Improved infrastructure network performance through migration from legacy 10Gb connectivity to 25Gb enterprise networking.

Associate Information Systems Analyst

SANDAG
San Diego, CA
08.2019 - 08.2025
  • Managed hybrid enterprise infrastructure across Azure, Microsoft 365, Intune, and on-premises environments supporting 400+ users.
  • Led enterprise endpoint modernization initiatives using Microsoft Intune and Windows Autopilot, reducing provisioning time by 89%.
  • Led Intune compliance policies, endpoint security baselines, application deployments, device lifecycle management, and enterprise mobility solutions.
  • Implemented Microsoft Defender XDR to improve endpoint visibility, centralized security management, and threat detection capabilities across Windows and macOS environments.
  • Supported enterprise virtualization environments including Hyper-V, VMware vSphere, Azure Virtual Desktop, and Windows 365 platforms.
  • Managed core Microsoft infrastructure services including Active Directory, DNS, DHCP, Group Policy, VPN, IIS, file services, and Microsoft 365 administration.
  • Assisted with hybrid identity and access management initiatives involving Entra ID, Conditional Access, MFA, and security policy enforcement.
  • Automated operational workflows and administrative tasks using PowerShell and modern endpoint management tools to improve efficiency and reduce manual overhead.
  • Managed Azure Backup validation processes and disaster recovery readiness testing across multiple backup repositories and enterprise systems.
  • Deployed and configured 240+ enterprise devices during the pandemic transition to remote work.
  • Integrated Apple Business Manager with Intune to standardize compliance and security policies across enterprise Apple devices.
  • Provided Tier-3 escalation support for complex infrastructure, cloud, virtualization, and endpoint-related incidents.
  • Collaborated with vendors and stakeholders to evaluate and implement scalable enterprise technology solutions.
  • Created technical documentation, knowledge base articles, and internal training materials to improve operational efficiency and consistency.
  • Supported enterprise security and compliance initiatives involving BitLocker, endpoint protection, vulnerability remediation, and policy enforcement.

Information Technology DataCenter Administrator

Renderstorm
Carlsbad, CA
03.2017 - 05.2019
  • Managed and maintained 500+ render and server systems across enterprise data center environments.
  • Administered VMware virtualization environments, Windows Server infrastructure, and macOS systems.
  • Performed infrastructure monitoring, patch management, hardware maintenance, and lifecycle operations.
  • Optimized server cooling, rack infrastructure, and PDU management to improve reliability and operational stability.
  • Improved operational efficiency through automation and streamlined maintenance processes.

Education

Bachelor of Science - Information Technology

Azad University
Tehran

Certification

  • CJIS Security & Privacy Certification (v6.0) – Valid through Nov 2026
  • Microsoft Certified: Azure Administrator (Renewed 2026)
  • Microsoft Certified Solutions Expert (MCSE - Renewed 2020)

Skills

Enterprise IT & Platform Engineering

  • Enterprise systems administration & operations
  • IT infrastructure planning, modernization & lifecycle management
  • Veeam Backup & Restore / Proxy Server
  • Hybrid cloud architecture & design
  • Windows Server administration & modernization
  • Server, storage, and database administration
  • Patch management, system updates & vulnerability remediation
  • Disaster recovery planning & business continuity
  • Data center operations & asset lifecycle management

Identity, Endpoint & Access Management

  • Enterprise Identity & Access Management (IAM)
  • Microsoft Entra ID (Azure AD), RBAC, Conditional Access
  • Hybrid identity (Entra ID Connect / directory synchronization)
  • Enterprise identity infrastructure (AD DS, Group Policy, DNS/DHCP, RADIUS, NPS)
  • Microsoft Intune & endpoint lifecycle management
  • Windows Autopilot (Hybrid & Entra Join)
  • Apple Business Manager (ABM) & Mobile Device Management (MDM)
  • Android Enterprise & Samsung Knox Manage
  • User lifecycle management (Joiner / Mover / Leaver)
  • Privileged access governance & entitlement management

Security, Risk & Compliance

  • Security operations & incident response
  • Microsoft Defender XDR (Endpoint, Identity, Server)
  • Microsoft Sentinel (SIEM/SOAR)
  • Information protection & data governance (Azure Information Protection, DLP, Encryption)
  • IT risk management & regulatory compliance (CJIS v60)
  • Security policy implementation, access reviews & auditing
  • Zero Trust architecture & least-privilege enforcement
  • Passwordless & phishing-resistant authentication (FIDO2, Windows Hello for Business)

Cloud, Automation & Integration

  • Microsoft Azure & cloud services
  • Azure Arc & hybrid resource governance
  • Secure automation using PowerShell, Azure Functions & Microsoft Graph API
  • API integration & application administration
  • Workflow automation & process optimization
  • Virtualization & cloud desktop platforms (Hyper-V, VMware, Windows 365, Azure Virtual Desktop)

IT Operations & Service Management

  • IT service management (ITSM)
  • Incident, problem & Tier 3 escalation management
  • Change management & release coordination
  • System monitoring, reporting & continuous improvement
  • Inventory, asset & cost management
  • Backup, recovery & data validation (Azure Backup)

Leadership, Delivery & Communication

  • Technical leadership & senior escalation ownership
  • Team supervision, mentoring & training
  • Project planning, coordination & execution
  • Vendor relationship, procurement & contract management
  • Business process improvement & operational efficiency
  • Technical documentation & SOP development
  • Cross-functional collaboration & executive communication

Additional Information

  • Eligible to work in CJIS-regulated and public safety environments
  • Law Enforcement Clearance (2025)

Similar Profiles

CREATE PROFILE
Parham KarimiInformation Technology