Summary
Overview
Work History
Education
Skills
Certification
Timeline
Hi, I’m

STEPHEN ELLIS

Sr Cloud Engineer / Solution Architect
Manassas,VA
STEPHEN ELLIS

Summary

Cloud solutions integration expert with 20 plus years of experience, specializing in implementation, monitoring, managing, and securing Azure IaaS/ PaaS / SaaS in hybrid model. Proven leader, developing IT governance zero trust landing zones, using various tools, frameworks, and technologies. Expert Azure automation solution provider using various modern tools such as Terraform and PowerShell.

Experienced with advanced infrastructure design and deployment. Utilizes comprehensive knowledge of system architecture to enhance operational performance. Track record of effectively managing project lifecycles and optimizing resource allocation.

Overview

27
years of professional experience
1
Certification

Work History

Akira Technologies

Senior Infrastructure Engineer
05.2024 - Current

Job overview

  • Currently support GitHub Enter Cloud for the agency by handling any 3rd tier support challenges, things such as member and owner access, enterprise and or org build outs
  • Provide support for the Data Science teams building and maintaining the Integration Runtime (IR) is the compute infrastructure
  • This is used by Azure Data Factory and Azure Synapse pipelines to provide data integration capabilities across different network environments
  • Maintain heavy workloads in DevOps by following Team Stories through Epics, PBIs and etc.
  • Support the lifecycle of Azure and some Data wrangling code in GitHub and DevOps
  • Provide security compliance against various Azure resources such as Storage Accounts, Vnets and etc.
  • Create ongoing automations tasks to capture the health against new and existing Data Pipelines through Azure Monitor and or Azure Graph
  • Work on many projects/tasks while leveraging Agile Scrum modeling effort utilizing DevOps
  • Assist Data science teams with complex data pipeline connectivity issue through network troubleshooting using various tools, DevOps, bugs, tool logs, Azure Insight and etc.
  • Build out repeatable admin tasks using languages such as tf, json and etc.
  • Ensure that Azure cloud resources/environments meet stringent security and compliance requirements, implementing robust security controls, encryption mechanisms, and access management policies
  • Resources such as but not limited to Azure Application Security Group, NSG, Conditional Access and etc.
  • Monitor cloud infrastructure performance, identify optimization opportunities, and implement performance tuning measures to enhance system efficiency and cost-effectiveness
  • Provide guidance and training to internal teams on cloud best practices, migration methodologies, and operational procedures to build internal capabilities and foster a culture of continuous improvement
  • Assist merging best practices, security compliance with customers requirements as it relates to Azure resource deployments
  • This process is delivered with automation in mind
  • Currently utilizing Azure Defender for cloud to assist with keeping various resources complaint based on government guidelines.

Technology Innovations LLC / GPO, Azure

Senior Sys Engineer
01.2024 - 05.2024

Job overview

  • Currently working in End-to-end virtual desktop solutions through meticulous analysis of business needs, evaluation of existing infrastructure, and formulation of scalable, secure, and high-performance architectural systems
  • As an Azure AVD sr, I plan deploy solutions by leveraging FSLogix to assist with user profiles management hosted in file share storage
  • Creating RBAC to those shares etc....Updating session host to be able to utilize the solution
  • While still working in the AVD environment, I would set up health and cost monitor alerts to assist with minimizing any admin support re-activeness and increase proactiveness type efforts
  • In AVD, I evaluate, propose, configure, and support new solutions such as but not limited to app and os updates through ARM templates and or MSIX App Attach storage
  • Planned and performed the migration of MS’s depreciated Monitor agent called MS Monitor Agent MMA/OMS to the now supported Azure Monitor Agent (AMA) on across 10 AVD workspaces (Dev and Prod environments)
  • Providing technical leadership in deploying cloud environments and charting modernization roadmaps
  • Support the MS Intune architecture, engineering and maintenance of the MDM management platform and related MDM infrastructure in around Windows 10,11 and MacOS Devices
  • Designed and deployed the autopilot solution for user assisting leveraging company portal
  • Registered the latest MS Store App integration with Intune to allow app deployments to managed devices
  • O365 /

Apex Systems / Dentons Law Firm

Senior Cloud SME/ AD Engineer
07.2023 - 12.2023

Job overview

  • Designed and developed Azure services and foundational templates using Azure Landing Zones and Terraform
  • This would involve creating standardization around Resource Group, VM, Storage account etc
  • Created repeatable process for the various services/ support areas
  • As an Azure AVD subject matter expert, designed, implemented, managed, and maintained Microsoft Azure Virtual Desktop experiences and remote apps
  • This environment supported for over 15 hosts pools that contained multiple session host for redundancy
  • Azure portal, templates, scripting, and command-line tools were utilized to manage the Azure Virtual Desktop deployment
  • Assisted with the monitoring and reporting for cost management and health
  • Supported Intune User and Device policies and certification push for enrollments
  • Leverage reporting feature to assist with compliance purposes
  • Advance feature deployment testing and delivery
  • Played major role in creating standard solution offerings in and around Azure house cleaning
  • Things such as virtual machine scaling and auto shutdown etc
  • Performed Azure best practices in around Tagging to assist with ownership and cost management purposes
  • Assisted with the deployment of MFA in a fifteen thousand user based broken across 3 sites
  • This deployment was leverage with Azure Conditional Access
  • Moved the SCCMs Azure Cloud Service Gateway CSG (classic) to extended support due to it being deprecated
  • Created all necessary documentation including system standards, run books, and more research
  • I played a strong role in developing Runbooks for overall Azure and other 3 party environment modifications such as but not limited to OnPrem Exchange, EXO online, AVD environments
  • Deployed on Prem ready line of business application to Azure through app registration process while performing heavy testing and working alongside end user to assure access
  • Assisted developed deployed and maintained necessary profiles and policies for development teams through PIM and Entra Roles
  • Migrated Azure Cloud Service Gateway (CSG) Classic to Azure Cloud Service Gateway Extend Support leveraging Migration tools
  • This effort was addressing a MS service that was set to be deprecated.

CACI / DHS : Trust

Cloud Infrastructure Engineer
09.2022 - 07.2023

Job overview

  • Deployment of Azure Monitoring and Alerting based on Governmental requirements, while taking into consideration of cost consumption for budgeting purposes
  • For over 10 resources broken out by workloads Performed Active Directory Domain Controller promotion to Azure environment by way of virtual build and then DC promotion process
  • Preformed all AD and Azure validations
  • Planned and deployed ExpressRoute Route filters to allow for MS’s monthly Border Gateway Protocol) communities prefixes
  • Working in a team of 4 cloud SMEs and chief architect, I played a key contributor in building Azure cloud architectural design
  • Documents such as but not limited to RACI, MS Project, and requirement documentations
  • Assisted the mobile team building a Intune best practice migration plan
  • This was a high level 7-step statement of work for MS Intune transitioning process
  • Configure and build monitoring and logging tools to monitor integrated cloud applications and virtual servers
  • Introduced and deployed NSG Log Flow for traffic analysis
  • Working with Security team to improve their security posture leveraging Azure solutions such as but not limited to Conditional Access, Defender for Azure, Azure AD etc
  • Ensuring applications and various Azure services are horizontally and vertically scalable, highly available and are deployable with our existing tools such as
  • Help the team build and maintain processes and tools for rapid deployment of infrastructure, monitoring, and operations
  • Azure File Share Planning and Migration of 5TB SMB on-prem
  • ADFS Cert rollover management (ADFS Proxy and Internal farm)
  • Azure DC planning and deployment
  • RBAC and Azure Permission Planning and Deployment
  • Worked with the Teams leadership to identify best practices for rolling out a standard framework for Azure workload access by way of RBAC and Azure AD roles
  • Planned and deployed Azure Compute Backup and Restore procedures for 4 different workloads
  • Azure Site Recovery for DR Planning
  • Leveraging Terraform to assist with resource repeatable processes for standardization
  • Assist with on-prem application access for clients via Azure App Proxy
  • SME Office 365 / Azure

SES / Census Bureau

Messaging Engineer
01.2019 - 09.2022

Job overview

  • My duties preformed are planning, implementing, designing, configuring, maintaining, and troubleshooting Microsoft (MS) Office 365, SharePoint, Microsoft Teams, Exchange Online, Security and Compliance controls, Mobile Device Management, Active Directory (AD), and Azure Active Directory (AAD
  • I assisted in developing system configuration and procedure documentation; collaborating and planning with project stakeholders for special projects; assisting with responding to litigations, appeals, and Freedom of Information Act (FOIA) requests
  • I troubleshot customer reported problems; and executing scripts to automate and streamline business processes
  • Hold monthly cadence to expresses technical information (for example, ideas or facts) to individuals or groups effectively, considering the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, recognizes potential miscommunication, attends to nonverbal cues, and responds appropriately
  • Initiated the project of possibly leveraging MS Azure VDI solution for Census field temporary employees
  • These users would be leveraging the non-persistent VDI solution since they all will be utilizing the same list of applications while working from the field
  • Still working through the series of steps required in order to deliver the VDI solution
  • Leveraging the Azure Defender to assist securing some of the agency’s workloads such as Servers and Storage
  • Deployed the agent to those identified servers and ran the auto provisioning to report on log analytics against the server and end-point protection health checks
  • Lead the effort to prepare the agency for the MS basic authentication change by initially assembling those apps/teams (inhouse dev and outside vendors) that would be impacted by the change if they weren’t ready
  • A few apps required application registration via Azure App Services once completed we would move to testing the app sign in and then rerun the Azure Sign-on report to see if it still shows up on the list of legacy logins
  • Lead efforts to help the security team harden Azure / office365 environment by leveraging IAM features RBAC and Services principles
  • Assembled teams through various departments to discuss grouping for access
  • Created groups based on accessed need using the model
  • Assisted the Virtual Team to identify candidates for the migration to Azure VMs
  • This was based on utilization and cost
  • Once our systems were identified, I created management groups, storage accounts, networks and associated the new VM
  • After access was provided and access was confirmed the server was then delivered to the client/team
  • This process was completed by using both the CLI and Admin portal
  • A
  • As the Enterprise Messaging Engineer, I provide on-site/remote service support to all Census employees; planning, designing, configuring, maintaining, and troubleshooting the various software programs
  • Leveraging Azure Automation, moved 15 admin tasks that were initially running as window scheduled admin tasks
  • I assisted the help desk to work more efficiently by creating tasks that will ensure various checks are performed and that generate reports that could be shared with management
  • Tasks such as, but not limited to, provisioning mailbox archive enablement against all mailboxes and license assignments and counting
  • Currently working with Terra Form to automate VM deployments more efficiently and effectively
  • I assist the Office of Information Security (OIS) on eDiscovery for litigation and FOIA requests; work with MS Premier Support to report and address cases for unresolvable issues and bug fixes; and work with other leads and project managers
  • Troubleshoot and resolve customer reported problems and system configuration issues execute PowerShell scripts to automate and streamline Office 365 business processes and metric reporting
  • Working to maintain and buildout the Office365/Azure/Exchange Census infrastructure (Prod and Lab)
  • This includes but is not limited to ADFS/Identity Management system
  • Assist Dev team migrating on prem middleware to Azure web server
  • Subject Matter Expert migrating users home drive to OneDrive while leveraging SharePoint Migration Manager (SMM)
  • Provide technical Microsoft cloud and onprem leadership in the Census Change Control Board Meetings
  • Performing 3rd tier Offiice365 / Azure support
  • Running PS scripting against Exchange online and onprem, OneDrive/SharePoint, AZURE AD / onprem and Teams
  • Converted (20) on-prem powershell scheduled tasks to Azure Automation
  • Leveraging Automation Tasks, while still sustaining backend governmental workflows

Marathon TS / HOR

Messaging Engineer
10.2018 - 01.2019

Job overview

  • Assisted in creating an overall assessment/discovery of their existing Azure Subscription
  • Some of my efforts were server role consolidation/ workloads separation and RBAC/Azure AD role permission landing zone application
  • Worked to support a 3 node 2013 Exchange Organization Experience with malware, anti-spam/anti-virus and archiving solutions utilizing Symantec and MS’s ATP
  • Worked to support and provide proof of concept migrating GFEs from AirWatch to Intune by creating a mirrored mapping of policies from existing to the source
  • While leveraging my strong skills within an Exchange Multi-Role environment I transitions production to a high availability DAG designs
  • Many of the solutions deployed for the customer were preformed leveraging PowerShell scripts and or commands
  • Assisted in making recommendations and performing proof of concept modern Dell /HP and VM monitoring solutions such as but not limited to, SolarWinds, Big brother and etc
  • Build and implement pipeline and automations modern solutions for the customer based on their requirements and their compliances
  • Provided training and best practices solutions for the area focus teams.

Actionet / DOT

Cloud Integration Engineer
03.2018 - 10.2018

Job overview

  • Leads multiple projects for integrating global enterprise customers into a hosted solution
  • Managed 3-4 simultaneous projects while providing principal expertise and guidance
  • Trained 3 tier support team and managers on new methodology and project controls
  • Serve as the O365 SME voice for the governmental weekly change control board
  • Design, deploy, test and administer DOT’s Office 365 (O365) tenant and on-prem Exchange 2013 hybrid infrastructure
  • The environment includes 2x identity management solution (AADConnect), 4x 2013 Exch server (2-prod & 2-dr), 2x skype servers (2 prod/ha) and 2x routers (2 prod/ha IronPorts)
  • As the O365 SME, successfully delivered a governmental mandated risk and benefit assessment proposal that compares the efforts of relocating the entire hybrid to the cloud with leaving the hybrid on-prem
  • Developed a governmental detailed proposal to upgrade the soon to be out of support hybrid Exch 2013 server to hybrid Exch 2016
  • This involves documenting extending schema, updating the SCP, virtual dir, copy over relay connector and re-running the hybrid wizard
  • Aided, designing and deploying Intune solutions while phasing out BES and Good services
  • Working as a key O365 SME with governmental project stakeholders to introduce Sharepoint online
  • Assessed, deployed, trained and assisted with the 3rd tier support for mail, calendar and ondrive backup solution called Spanning
  • Re-designed in-house project methodology and processes to include a more robust set of deliverables which are customizable for each customer
  • Introduced new technologies into the service line for certification to streamline offerings and lower overall total cost of ownership
  • Provide daily 3rd tier, o365 hybrid, operational support for Exchange 2013 / 2016 organization by monitoring the messaging 3rd tier queue when projects and solution deployment isn’t required or slows
  • Tested, designed, documented, deployed and supporting additional Office365 new services for business customers
  • The MS PowerBI, MS Teams
  • Sr
  • Messaging / Cloud Engineer Washington, DC

Unisys / OCC

Sr. Messaging / Cloud Engineer
08.2016 - 03.2018

Job overview

  • Of the Currency (OCC) Clearance:, Team initially consisted of 5 members, 2, , 1 senior architect and 2 senior engineers
  • Engineer, performed an environmental assessment to ready the existing MS Exchange 2010 organization
  • The existing environment consisted of a 2008 AD forest functional level domain with a 2010 3 member DAG stretched across 2 sites (DR and PROD).(Invent: 3 MBX servers, 2 MBX/CAS, 4 HUB/CAS and 2 Edge)
  • Assisted proposing o365 hybrid solution (services: exchange Online and ATP) with Azure AD sync tool while leveraging SSO ADFS
  • It was decided to go with their existing SSO product, CA Siteminder instead
  • Utilizing various known such as but not limited to MS OnRamp, IDfix, RemoteConnectivity, local EMC, ExchangePS, Exchange Deployment Assistant, ADSIedit and etc..
  • Assisted with the purchasing of the test and prod O365 tenant subscription
  • Built out a working virtual test lab to closely resemble the client’s environment to assist with proof of concepts and etc..
  • Recommended on-site hardware deployments and the associated MS recommendation setup docs
  • Deployed and directed the configuration of DirSync/AADConnect from the tenant Azure portal
  • Assisted with the downloading and installation of Azure on the designated Sync box
  • Worked as 2nd engineer to get their SSO solution setup and configured for Office 365 from the o365 tenant
  • Assisted with the O365 CSR generation and installation for the Azure, Exchange, Firewalls, CA SSO and etc..
  • Ran the hybrid wizard from the 2013 edge server that auto configured send and received connectors and established the remote proxy endpoints
  • Provided 2nd tier engineering support with the setup and configuration for the Hybrid Wizard Config from on-prem and in the tenant
  • Pre client prep work for Outlook 2010 and 2016 as it relates to modern authentication capabilities
  • Orchestrated the mailbox and public folder migration process/task by utilizing remotePS and On-prem ExchangePS through rigorous testing and evaluations
  • While perform task involved, As-built guides, general technical and meeting notes were developed while staying within the government guidelines
  • Currently working as the lead o365 3rd tier engineer to assist with any daily operational post issues
  • Some post issues such as object correlation due to sync errors and mbx archive challenges
  • Outlook profile failures due to RemoteRoutingAddress missing and etc..
  • Provide team o365 on-site training for the existing messaging team also assembled a tiger team to assist with any outstanding global issue
  • This team consist of key IT players such as but not limited to Network, Security, SSO etc
  • Dev new account provisioning and deprovisioning process to follow.
  • Assisted in migration projects from on-premises data centers to cloud environments, ensuring minimal disruption to business operations.

SoftTech / National Institutes of Health, NIH, Public Trust

Sr. Messaging Engineer
11.2015 - 07.2016

Job overview

  • Worked in a team 2 to deploy an O365 hybrid solution for NIH/multi agencies
  • Assisted with the setup and configuration (in DMZ) 2 clustered virtual Ironports, 2/ 2008 r2 ADFS proxy servers
  • (in Internal network) 2/ 2008 r2 ADFS servers, 1/ 2012 DisSync Azure server
  • The hybrid Exchange 2013 has a 4 member DAG with 1 witness currently stretched across 2 site (prod and dr)
  • Work directly with the client as a consultant and as operation engineer on day-to-day basis all for messaging services
  • Provide daily operational support for CIT’s MS Exchange 2010 environment that consists of a 12 member DAG stretched across 2 site (prod and dr)
  • This is such as but not limited (i.e
  • Handling offline databases, server patching, database fail overs, mail routing and etc.)
  • All messaging support and new implementation efforts are primarily performed utilizing powershell (commands and or scripts)
  • Propose innovative solutions to meet the changing messaging needs of the customer, things such but not limited to (MDM solutions, leveraging native DLP, arching and etc..)
  • Design, deploy and support AirWatch 8.2 solution to manage over 2000 NIH devices
  • This configuration was setup with 2 secure email gateway (reverse proxy) that resides in DMZ to routes EAS devices communication to 2 backend SEG servers while routing browser users to their endpoints

Promontory Financial Group

Sr. Messaging Engineer
11.2013 - 11.2015

Job overview

  • Project planned, documented, trained and executed the integration of MS Exchange 2013 in order to migrate from MS Exchange 2007 currently hosting 1500 mailboxes
  • This messaging infrastructure contained BES 5.x and 10, Enterprise Vault for archival solution, Add2Exchange for syncing business contacts to ActiveSync devices and Cisco Unity for voicemail
  • Leveraged SMSME for virus and spam detection from mailbox servers, utilized 2 virtual smart host called Sendio that assisted with the first level of spam detection in a HA setup
  • NetBackup is used as the backup solution at the database and mailbox level
  • The 2013 Exchange is designed with 5 member DAG (3 nodes in production and 2 in DR) 4 CAS servers (2 per site load balanced) These CAS are load balanced using 2 Barracudas setup in a HA solution
  • Creating and maintaining daily operational stability, enforcing security measures, testing, developing against both the Exchange 2007 and 2013 environments
  • This involves but not limited to upgrades, scale outs, database MA log threshold adjustments, daily health check PowerShell scripts, blocking ECP from external access and etc..
  • Developing and maintaining documentation for application deployment, configuration and related processes in the Microsoft exchange environment
  • Trained fellow IT support team members and the help desk technicians on the new features of Exchange 2013 when compared to legacy 2007 technologies
  • Documents were developed and shared with the students.

Interstate Hotel and Resorts

Senior Lead Sys Engineer
03.2011 - 11.2013

Job overview

  • Demonstrate senior lead system engineering expertise for Interstate Hotel and Resorts (IHR)
  • IHR is the largest U.S
  • Based global hotel Management Company
  • We currently have 400 hotels that are leveraging email services and various other specialized IHR applications
  • These hotels are all across the US and some are extended in other countries (Russia, China, Canada, Mexico and Belgium)
  • IHR currently host 40 domain names for various customers
  • Email resources are accessed via RPC over HTTPS, RPC over TCP/IP, webmail and or ActiveSync devices
  • Provided technical expertise in an effort to stabilize MS Exchange 2003 Organization
  • The environment was redesigned with HA and for database protection by deploying a co-existing 2003/2010 Exchange organization
  • With a mailbox count of 4000 plus users, we leveraged a 4 member DAG allowing the fourth member to sit in our DR site
  • (2 Cisco Ironports for content filtering, 2 2003 2 node cluster, 2 CAS/HUB, 4 Mailbox servers with 4 DAS and 1 BES 5 HA)
  • Project led our Exchange 2003 to 2010 email migration to a hosted solution
  • Provide daily 3rd level support for the messaging environment but not limited to organizational upgrades and or build outs
  • Designed and lead the implementation of an enterprise monitor solution called SolarWinds by Orion
  • This solution was stood up and configured to monitor Windows servers (2003/2008) & Apps (Exch, SQL), Network devices (Cisco appliances)
  • Exercise technical leadership within the Vsphere 4.1 environment
  • This entailed creating advanced HA configurations such as leveraging virtual to host affinity rules for our DRS ESX cluster of 5 hosts
  • Also deployed various resource pools based on performance rules after running an assessment
  • Utilizing CapacityIQ
  • Based on the results virtual servers were re-provisioned for better optimization purposes
  • Distribute additional storage solutions to the virtual environment via RDM for Windows cluster nodes and or ESX Datastores
  • Configured vNetworks Distributed Switch for additional network resources for virtual machine needs
  • (vMotion and etc.)
  • Provide Technical leadership with support of Xiotech Emprise 7000 SAN storage
  • (2x MDS 9126 multilayer fibre switches, 10 disk array shelf driven by two 1U dell controllers) LUNs are presented out to our ESX and VM in various ways (RDMs and virtual disk)
  • Lead all 2008 Active Directory upgrades and or modifications
  • (DNS, GPO, Enterprise Cert Sever, IIS and DFS.)
  • Demonstrate technical leadership for my 5 man engineering team by holding weekly meeting to discuss outstanding third tier support issues and technical knowledge transfer
  • In addition, I promote IT innovative ideas among teammates as it relates to the hospitality business by sharing new ideas
  • During the meeting minutes are taken and are utilized for upper management review
  • Attend Management/change control weekly meeting to discuss any outstanding concerns as it relates to environmental upgrades and or maintenance requirements
  • (change control committee approval member)

AboutWeb / SEC

Government Contractor
01.2011 - 03.2011

Job overview

  • Lead the engineering team of 5 to complete various high-level projects in preparation for Lockheed Martin and SEC’s government contract agreement closeout
  • Stabilized the coexistence of MS Exchange 2003/2007 and provide ongoing day to day administrative support
  • Project managed and provided technical assistance with mass server 2008 refresh (Domain Controllers and Print Servers)

CNSI / USDA

Lead Exchange and Active Directory Operation/Engin
06.2009 - 01.2011

Job overview

  • Exchange and Active Directory Operation/Engineer Alexandria, Provide the Food and Nutrition Services’ (FNS) headquarters and their 7 regional sites with 3rd tier Active Directory and Exchange messaging infrastructure 24 hour/on call support utilizing various administrative tools and resources
  • (Server 2003 support tools, ESM, Good Mobile Messaging console and etc.)
  • Ensure the availability and reliability of FNS’s 2003 native forest level
  • The FNS forest consists of two domains (root and child); the child domain contains seven sites that represent all regional offices
  • Each site has two domain controllers configured as global catalog servers
  • FNS’s Exchange
  • 2003 sp2 /2007 sp3 co- organization resides in the child domain with six exchange servers (2003/3 gateways and 1 mail server_2007/1 Mail and 1 HT and CAS server role server)
  • The FNS AD forest consists of 14 sp2 2003 DC/GC_ of these DCs, 4 are configured as DNS servers
  • There are 4000 user objects within the forest 3200 are mail enabled and 1100 are resource mailboxes
  • Lead the domain consolidation and cleanup efforts using Quest Migration Manager (QMM) while exercising various governmental security guidelines
  • Assure all DC communication remains stable by actively monitoring the physical and logical state of these servers on a bi-weekly basis
  • As it relates to (NIST) Active Directory security hardening, enforce AD object, GPO and OU container creations and delegations
  • All potential and recommended technological implementation is first performed in the FNS virtual test enclave
  • As the lead, I’m responsible for maintaining and assuring documentation is kept up to date for any present and or future test lab use
  • As the lead messaging engineer my responsibilities are to make sure the overall health of exchange organization is maintained at an optimal performance state
  • This would entail daily monitoring and reviewing of system logs via either SolarWinds, Windows 2003 and 2008 Event logs and performing a bi-weekly 03/2010 ExBPA against exchange servers
  • Supporting the exchange organization would entail troubleshooting 3rd tier message routing issues as it relates to global settings, recipients and or mail server configuration conflicts
  • Tested, documented, and executed the AD Schema Prep in a 2003 native environment that provides compatibility with Exchange 2010
  • Lead the development for Exchange 2003/2010 project which required months of planning, piloting and documenting for the intra-organization migration of Exchange 2010 in a 2003 Exchange SP2 organization
  • During this project two 2010 exchange servers were built and deployed in production (1-Mail and 1-Hub Transport/Client Access Server)
  • These efforts were performed to assist with the load balancing of 2003
  • Migrated 2300 mailboxes from 2003 to the 2007 mail server
  • Developed de-provisioning and provisioning processes for windows 2003/2008 server builds using STIG and NSA guidelines while maintaining FNS’s requirements
  • Delivered time sensitive technical datacenter layout documentation for daily and future functional use
  • Project led the ADRAP for FNS; this is an Active Directory risk assessment scoping tool for overall AD environment
  • The tool performs various checks in AD and then produces the results for future optimizing and cleanup efforts (ex: FRS replication occurrences, DC port utilization and etc...)
  • Assembled the planning, testing, and rollout for Windows 2008 while staying with the guidelines of Government Security Compliance Aware
  • Project led testing, documenting and implementation of an AD Enterprise-wide solution called Quest ActiveRole Server
  • This is a system administration tool that is currently being utilized to manage and run reports against Active Directory
  • Led the redesigning of FNS’s DNS environment while utilizing MS’s best practices while keeping in line with STIGS and NIST (DNS record scavenging and zone transferring were key solutions implementations carried out)
  • Provided professional assistance with the FNS AD site topology redesign in an effort to eliminate the agency’s AD replication latency challenges
  • Delivered the strengthening of security for governmental workstation and laptops as it relates to the FDCC standardization of various policies ( GPO)
  • Served as one of key engineer on the FNS change control board (CCB) to ensure all changes to the environment have been properly tested, documented, and considered
  • Responsible for delivering many times sensitive, high-profile project and tasks to the customer

DC, Indus Corporation, FHWA, Public Trust

Senior Sys Engineer
06.2008 - 06.2009

Job overview

  • Provide Federal Highway Administration (FHWA) and Federal Land (FLD), 63 field sites with 3rd tier Microsoft Exchange 2000/2003, Domain Controller, DNS and backup infrastructure support
  • Because of the multi-roles assigned to each field sites Domain Controller (DC, GC, DNS and Exchange), task with consolidating, decommissioning, and refreshing the roles to new servers local to each field site
  • Serve as the FHWA DR engineer, data restore, maintenance, patch management backup, monitoring engineer
  • Perform full MS Exchange server 2000/2003 cluster consolidation support that was a two-phase project
  • The project required the move of all FHWA’s field mailboxes and resources to a temporary clustered exchange server within the same Exchange organization
  • Once all FHWA field sites have been moved successfully, the second phase would migrate all mailboxes and resources to Department of Transportation’s Exchange clustered server in a different Exchange organization
  • End user communication and using tools such as but not limited to ESM, MS Exchange Wizard, Exmerge, ADUC, ArcServe and Netbackup were exercised
  • Exercise FHWA’s structured decommissioning procedures along with the use of MS tools for removing decommissioned/failed MS Exchange serves from the environment such as ADCU, ADSI, SS and Replmon
  • Utilize FHWA’s decommissioning structured procedures along with MS tools for removing scheduled decommissioned/failed Domain Controllers from the environment using tools such as (ntdsultil, SS, ADUC DNS Manager) to clean up any metadata left in the environment
  • Perform MS Exchange and or Domain Controller disaster recovery efforts for all but not limited to assigned supported FHWA field sites using tools such as ArcServe 11.5, ESM and or ExMerge
  • Partially responsible for FHWA’s Exchange clustered Netbackup 6.5 (NBU) environment to monitor and perform bricklevel/database restores and backups
  • Second technician responsible for FHWA’s mail, DC, DNS disaster recovery efforts in addition to maintaining actuate documentations
  • Perform daily field site monitoring efforts utilizing tools such as Hobbit/Big Brother, Quest Spotlight Messaging / AD, ESM, Remedy with SLA, ArcServe, Dell IT Assistance and HP Insight
  • Participated in the server build base line compliancy meetings for FHWA
  • Any projects and or changes to the environment are first handled through FHWA’s change management board before the process can occur
  • Recommended, implemented, and managed various types of technological solutions for monitoring supported field sites such as Quest Spotlight for Messaging / Active Directory, HP Insight and Dell IT Assistance
  • Served as one of key engineers on the FHWA change control board to ensure all changes to the environment have been properly documented and considered
  • Assisted with the strengthening of security for governmental workstations and laptops as it relates to the FDCC standardization of various policies.

DC, American Chemical Society, ACS

Senior Windows Server Engineer
06.1998 - 06.2008

Job overview

  • Demonstrate expert level proficiency in designing, creating, modifying and administering Active Directory and related OUs and Group Policies using tools such as GPMC and ADUC between intra-sites
  • Perform technical systems design and architecture for MS WSUS 2.0-3.0, in an environment of 736 users and more than 80 servers
  • Manage, maintain and monitor server communication within the society’s network infrastructure using snap-in such as DHCP, DNS, WINS, Active Directory, Sites and Services, Trusts and Domains
  • Design, implement and provide lead support for the Windows server backups using Netbackup 5.1 and 6.0 hosted in a SAN and server-based environment between headquarters and our branch office
  • HQ is set up with a master/ media and branch has the media server
  • Led, a major file server migration project that required restructuring of the old file system and login script before performing the move of 1.2 terabits of data
  • This environment was migrated to the NAS now accessed through Distributing File System (DFS)
  • Assisted with the architecture and implementation of ACS’s domain consolidation project by migrating ACS’s AD objects and
  • Led efforts to raise forest and domain functional level in preparation for the Exchange 2003 upgrade project
  • Upgraded and currently support the Exchange server 5.5 to Exchange 2003 using Antigen virus tool in a development and production environment for over 1200 users
  • Evaluated, recommended, and implemented a migration plan to relocate 120 printers from one print server to another using a scripting tool
  • Maintain and administer the society’s Blackberry 4.1 server for over 150 Blackberry devices hosted in an Exchange 2003 environment
  • Provided technical engineering analysis support for the DBA team and the Business Units when working from SharePoint 3.0 and SQL Reporting services
  • Test and implement the deployment of security and critical patches for all ACS Servers using WSUS
  • Hold weekly team technical meetings to discuss and to establish industry technological best practices to improve operational procedures
  • Spearheaded the new DST 2007 project for an entire windows environment (workstations and servers) of 737 users
  • Serve as final problem solver for advanced server support issues for various server hardware platforms such as Dell PowerEdge and PowerVault/Compaq Proliant Devices configured with HBA card and raid controllers
  • Install, configure and support 3 VMware datacenters and over 30 virtual machines for production, staging and for ACS’s disaster recovery site
  • Lead and performed the VMware ESX host data storage and vm machine migration from an outdated EMC Soloris CNS14 to NS84
  • Maintain and administer some Active Directory replication challenges within the ACS forest between domain controllers, in addition but not limited to various FSMO role seizing and reassignments using Ntdsutil utility
  • Provide a full scale of daily administration support for all ACS Windows 2000/2003 servers between Washington HQ and our two branch offices such as site design, implementation, support and all types of replications support.

Education

University of Phoenix
Tempe, AZ

Bachelor of Science from Computer and Information Systems Management
01.2010

Skills

  • Azure Resource Groups
  • Azure Storage and VNets
  • Azure VDI and Migration
  • Azure VMs
  • Azure File Share
  • Azure Power Apps
  • Azure EntraID RBAC
  • Azure Automation
  • Intune Endpoint / MDM / MAM
  • Azure DevOps
  • GitHub Cloud
  • Terraform with Azure VM Deployment
  • Azure Defender
  • CLI and UIA VM Automate deployments
  • Teams Integration and support
  • Heavy Exchange PowerShell (Onprem-AD/Exchange & Office365 / Azure)
  • Office365 Security and Compliance support
  • O365 Plan / Deploy and Operations
  • Active Directory Infrastructure Setup and Support 2003/2008/2012/2016/2019
  • GPO Managing and Maintaining
  • VMware Vsphere 4x & 5x Setup and Support
  • Project/Task Management
  • Enterprise system design architecture
  • Government Security Compliance Aware (NIST)
  • Security Technical Implementation Guides (STIGS)
  • Supervision and Team Building
  • Server Resource Management Expert
  • ITIL 30 Compliancy Aware
  • Excellent Oral and Written Communication
  • PowerBI / Gateway Integration and support
  • PKI Encryption and Authentication
  • Office365 / Azure License Management
  • Azure APP Proxy
  • IAC
  • Cloud infrastructure management
  • Cross-functional team collaboration
  • CICD

Certification

  • Microsoft 365 Certified, Enterprise Administrator Expert - Microsoft.
  • Certified Ethical Hacker (CEH) – EC-Council.
  • Microsoft Certified, Azure Administrator Associate - Microsoft.
  • Certified Information Systems Security Professional (CISSP) - International Information System Security Certification Consortium (ISC)².
  • VMware Certified Professional - Data Center Virtualization (VCP-DCV) - VMware, Inc.
  • Core Solutions of Microsoft Exchange Server 2013 - 2019
  • AZ-900, AZ-500, AZ-104

70-341

Timeline

Senior Infrastructure Engineer

Akira Technologies
05.2024 - Current

Senior Sys Engineer

Technology Innovations LLC / GPO, Azure
01.2024 - 05.2024

Senior Cloud SME/ AD Engineer

Apex Systems / Dentons Law Firm
07.2023 - 12.2023

Cloud Infrastructure Engineer

CACI / DHS : Trust
09.2022 - 07.2023

Messaging Engineer

SES / Census Bureau
01.2019 - 09.2022

Messaging Engineer

Marathon TS / HOR
10.2018 - 01.2019

Cloud Integration Engineer

Actionet / DOT
03.2018 - 10.2018

Sr. Messaging / Cloud Engineer

Unisys / OCC
08.2016 - 03.2018

Sr. Messaging Engineer

SoftTech / National Institutes of Health, NIH, Public Trust
11.2015 - 07.2016

Sr. Messaging Engineer

Promontory Financial Group
11.2013 - 11.2015

Senior Lead Sys Engineer

Interstate Hotel and Resorts
03.2011 - 11.2013

Government Contractor

AboutWeb / SEC
01.2011 - 03.2011

Lead Exchange and Active Directory Operation/Engin

CNSI / USDA
06.2009 - 01.2011

Senior Sys Engineer

DC, Indus Corporation, FHWA, Public Trust
06.2008 - 06.2009

Senior Windows Server Engineer

DC, American Chemical Society, ACS
06.1998 - 06.2008

University of Phoenix

Bachelor of Science from Computer and Information Systems Management

Similar Profiles

CREATE PROFILE
STEPHEN ELLISSr Cloud Engineer / Solution Architect