Senior System Engineer/ System Architect/ Infrastructure Engineer

• Project: To migrate on-premises data centres to an Azure cloud, install a colocation VDI solution in place of outdated hardware, and deliver Office 365 and VDI remote working solutions for their overseas staff.
  • Management of three sites’ IT infrastructure including Microsoft Server 2016, DFS file shares, Active Directory, Group Policy and inter-site networking equipment.
  • Deployment of Office 365 applications including Microsoft Teams and OneDrive.
  • Decommissioning of data-centre hardware and migration of workloads to Azure.
  • Data Centre migration of data to Azure Blob, OneDrive & SharePoint.
  • Maintaining system reliability for circa 142 Dizzbo staff.
  • Managing application patching and deployment.
  • Setup of virtual desktop infrastructure (VDI) environment.
  • Handover documentation for CTO.
  • Configuration of SD-WAN solution
  • Tools: Active Directory, Server 2016, Microsoft Exchange Server, OneDrive for Business, Office 365 Intune, OneNote, Microsoft.
• Project: Architecting, deploying and supporting Microsoft Modern Management platforms which includes Intune, SCCM, Cloud Management Gateway, Windows Autopilot, Co management, MEM and Azure Portal.
  • Intune:
    • Infrastructure design, architecture setup with Intune
    • Microsoft Endpoint Management - Responsible for device management, maintaining the Intune / autopilot
    • environment OSD creation/maintenance, application packaging/deployment, Windows patching, hardware specs, etc.
    • Administer, integrate and co-management (Intune-SCCM)
    • Device Management - JAMF and Intune MDM
    • Setup of Policies
    • Share JAMF Pro computer inventory information with Microsoft Intune.
    •  Enforce compliance policies defined in Microsoft Intune on computers managed by JAMF Pro.
    • Restrict access to applications set up with Azure Active Directory (Azure AD) authentication (e.g., Office 365).
    • Feature policies for users in the Device Compliance category in JAMF Self Service for macOS.
    • Create a policy registering user computers with Azure AD.
    • View the Conditional Access Inventory State for a computer in JAMF Pro.
    • M365 Security Products (Microsoft Defender ATP, MDAV, Azure RMS)
    • Microsoft Windows 10 Security and Management (Bitlocker, MBAM, DeviceGuard, Credential Guard)
    • Windows 10 driver, power utility
  • SCCM:
    • Distribution points - Capacity constraints in distribution points
    • AD/GPO/Azure Cloud integration
    • Maintaining and managing SCCM servers, setting up Distribution points - Capacity constraints in distribution points
    • Work along with 3rd party vendors to troubleshoot core applications and patch deployment issues.
  • Tools: Citri VDI, Microsoft Azure, Azure Active Directory, Office 365, Microsoft Intune, Exchange Server, Microsoft Teams, SharePoint, VMware, Hyper-V, Google Workspace SCCM/SCVMM Linux MacOS/Server Microsoft SQL Server, JAMF. Servers2016 & 2019.
• Project: Designed and Implemented the Okta suite from scratch in co-existence mode along with Microsoft Azure.
  • Have integrated okta internal and customer applications with okta B2B and B2E tenants.
  • Have leveraged Okta API access management for securing application APIs and defining custom access policies
    for managing tokens' lifetime.
  • Installed and implemented okta Access Gateway for securing on-prem apps and protecting organization hybrid cloud infrastructure integrated Okta SSO for more than 119 applications with MFA enabled at Okta level and
    app-level.
  • Integrated Okta with O365 provisioning & de provisioning including assigning/re-assigning licenses.
  • Integrated Okta to workday using API credentials for both real-time sync and batch import.
  • Integrated okta provisioning to SAP using Opp agent deployment and SCIM connector to manage users.
  • Have setup MFA for all applications in scope to Okta such as Okta verify, SMS, voice call authentication, & security questions.
  • Have integrated substantial numbers of applications for Okta provisioning via API.
  • Have created different API tokens and shared same with the application team to configure at their end for successful integration.
  • Tools: Okta, Azure AD, CA user/Provisioning Directories, Microsoft AD, SCIM/SMAL 2.0/Auth0, Servers 2016&2019, Linux, VDI
• Technical Support
  • L2/L3 support for all Cloud Infrastructure.
  • Managing Google Workspace & Office 365, Jamf pro
  • Managing alles Clients/end-users devices in our Environment Mac/Windows and Linux.
  • Documentation and implementation of Microsoft Information Protection.
  • Provisioning & de-provisioning all SaaS Applications in our Environment.
  • Design and Installation of new Implementation.
  • Setup Jira and Confluence for the Organisation.
  •  DNS-Management with R53 and Configuring SCIM / SAML 2.0/Oauth
  • Revision of the Cloud Security Policy

Junior Infrastructure Engineer - Humanoo Gmbh  Berlin - (July 2022 - November 2021)

• Project: Designed and installed new branch network systems in AWS to support the DevOps and Platform Team and. Resolved
  network issues, running test scripts and preparing network documentation.
  • Have create AWS computing instance services like EC2 and Amazon Elastic Load Balancing
  • Have created and managing a AS storage like S3, EBS, and Amazon CloudFront
  • Have created AWS RDS and Handled software installation, backups, and patches as well as routine administrative tasks.
  • Experience in using configuration management tools like puppet, and Ansible, and little knowledge of chef.
  • Experience working with Ansible to perform automation of configuration management and application deployment.
  •  Experience in database technology such SQL , PLSQL, and MYSQL including NoSQL databases.
  • Creating documentation for customers' environment, process, and support procedures.
  • Hand all virtualization with VMware vSphere, ESXi servers, vCenter servers, and Hyper-V servers.
  • Worked on popular application services like Amazon Simple Queue Service (SQS) and simple workflow services
    (SWS).
  • Involved in the health check of servers after patching / rebooting and checked all the services of Linux/windows
    server on AWS.
  • Handle the upgrade server using RPM package manager and Yum
  • Tools: CloudWatch, Beanstalk, Nagios, Ansible, Puppet, GIT Circle CI,vCenter, vSphere, Terraform, Confluence, Apache Tomcat, shell script, Jira, and WS Services: EC2, S3, RDS, IAM, Cloud Formation, VPC, cloud Front, Docker, lambda, Microsoft Azure, Storage gateway, Application gateway. Kubernetes. SNS, Dynamo DB, Linux.
• Project: Designed, implemented and administer Microsoft Azure network infrastructure for application platform Teams.
  • Azure load balancing solutions included layer 7 application gateway and layer 4 load balancer.
  • Managing virtual Networks and subnets.
  • Creating and managing network security groups for virtual machines and virtual networks for security purposes.
  • Configuration and troubleshooting of VPN connections such as site to site, point to site (included point to site
    connections using ADD authentication) , Vnet-to-Vnet peering.
  • Creation and administration of route tables to manage traffic within Azure environments.
  • Integration of web applications with virtual networks to ensure communication with Vnets and on-premises side.
  • Tools: Microsoft Azure Networking, load balancing, VPN, Microsoft AD, Citrix, ARM template,JIRA.

• Project: Migration of Microsoft Intune:
  • Responsible for the creation, testing and Implementation of Various conditional access policy.
  •  Creating App protection policy for android & iOS devices.
  • Designing and configuring Intune policies (device, application, email, conditional access, password management, etc.)
  • Designing and configuring relevant Intune policies for BYOD, CYOD
  •  Configuring co-management (Intune+SCCM) as part of modern device management transformation
  • Supporting multiple scenarios based on device identities (Azure AD vs Hybrid Azure AD vs On-prem)
  • Configuring Intune-based reporting reflecting compliance, application protection, audit logs, and trends
  • Monitor application deployment status
  • Able to resolve issues related multiple Device OS platforms
  • Troubleshooting Intune L1, L2 L3 issues
  • AAD proxy setup and configuration
  • Role-Based Access controls (RBAC) assignments for different Intune roles
  • Android for Work configure and setup A4W device management
  • Device settings configuration to enable Azure AD join (for Windows 10 devices)
  • MDM auto-enrolment configurations (for Windows 10 devices)
  • Create & deploy remediation script for patch/ failed error/unknown devices.
  • Utilizing PowerShell Script for automating various tasks for Intune.
  • Windows patch troubleshooting from backend & client side.
  • Creating SCCM Client health check report
  • Creating Applications for Win 10 devices via Microsoft Endpoint Manager (MEM) Console.
  • Implemented Windows Autopilot for pre-provisioned deployment over production.
  • Tools: Office 365 Admin Center, Intune, Microsoft Teams, Skype for Business, Office 365 Desktop Clients, SharePoint, OneDrive for Business, OneNote, Azure DMZ File Shares, Zscaler VPN, Windows 10 Enterprise, ServiceNow, and Dell EUC Hardware and AD Connect, Microsoft AD.
• Technical Support Experience
  • Set target regarding Identity Secure Score and follow-up
  • Oversee IT procurement lifecycle (Budget, purchase, maintenance, renewals, Vendor Management, stock) Using Dynamics and ServiceNow for Inventory
  • One of my First Tasks was replacing Excel-based asset tracking with a Management System based on Asset ServiceNow to Control over 1000 high-value Items.
  • Designed and implemented Disaster Recovery and Business Continuity Plans, including Recovery Time Objects.
  • Migrating the Austrian Telephony System (300 users) cisco System to CNT softphone telephony based in Berlin Germany.
  • Designed and implemented the asset Management of the German IT asset.
  • Involved in the Global IT Transformation Projects in Migration of different Solutions and services Skype for Business, VOIP Telephony, VPN, Bitlocker, Windows 10 Migration
  • IT technical support to all users within all the branches by ensuring all technical requests are completed in timely manner.
  • Manage Access Point, Conference Rooms (Google Hangouts, Teams, etc.)
  • Managed SaaS Solutions (Office 365, Azure Active Directory, SharePoint).
  • Managing communication and productivity Stack like Teams, Slack, Google Apps,
  • Support and maintain of 0365, Exchange Server, Active Directory, VMware vSphere
  • On-Boarding and off-Boarding of users, grant Access and maintain User Workstations.
• Service Desk Experience
  • 2nd and 3rd Level support for Windows, Mac, and Linux for over 180 users.
  • Ensure Efficiency of Atlassian product (Jira/Confluence) and utilization of ServiceNow.
  • Handle all Microsoft Core Services – Windows Server, Active Directory, DNS, DHCP, File- & Print services,
    SharePoint, PC-Imaging.
  • Maintenance of the internal Linux Systems and VMware applications.

• Leadership Duties:
  • Evaluate vendors bidding for IT projects using IT evaluation criteria and select the right vendor for the projects.
  • Providing extensive technical support to other Technical Services departments and user organizations on IAM Provisioning and De-Provisioning related technical issues.
• Project: Implementation and deployment of (Okta) as Identity Access Management (IAM). Responsible for the design, development, implementation, application integration, automation, and improvement of the Client’s access management solutions including, but not limited to, Single Sign On & Federation, Directory Services, Multifactor Authentication, and Web Access Management.
  • Tools: Microsoft AD, Microsoft Azure AD, Okta, Jira, Shell Scripting, bash, XML, JavaScript and Apache Directory studio.
• Project Implementation and deployment of Jira
  • Creating complex Jira workflow including project workflows, custom fields, notifications schemes, reports and dashboards in Jira.
  • Installed and configured Jira cloud from scratch starting from core project.
  • Integrating aa Jira with third-party add-ons supported by Atlassian.
  • Installed Jira suite utility plugin that provides additional workflow features such as conditions, validator and post-functions.
  • Responsible for supporting project administration agile board configuration, and user management.
  • Created a Jira workflow, and apply the condition, validators, and post-function in the transition to representing the business requirement process.
  • Created Jira and confluence user guide, admin guide, workflows, screens and other administrative activities.
  •  Worked on add-ons such as script runner, workflow extension, better excel plugin for Jira, Jira capture, Jira agile, and services desk.
  • Configuring & managing development & testing sandboxes; routine application upgraded; new product
    evaluation.
  •  Document results of JIRA workflows and process audits.
  • Manage and administer JIRA/Confluence/Bitbucket add-ons, plugins, and extensions.
  • Create and manage security schemes, permission schemes and configuration.
  • Provide User Management and support for 300+ local and remote users, manage system access across groups
    to ensure compliance and maintain best practices.
  • Integrated Jira with Gustie using IMAP to configure incoming mail server so that users can create tickets from
    Gmail email addresses.
  • Tools: Jira, Confluence, Jboss, Bit bücket, SVN, Ant, Bash, Linux, and Shell.
• Project: Jamfcloud/ jumpcloud with Apple Business Manager
  • Configure MFA, create and manage policies in Azure, Intune and jump-cloud to manage devices and users.
  •  Configuring and Integrating Google Workspace, jump- cloud, personio, Jira, Confluence, and various other
    applications for single sign-on.
  • Manage jamf protect endpoint protection to protect, track alerts and monitor devices.
  • Configured MacOS zero touch experience using Apple DEP to remotely enroll macOS devices and preconfigure
    the devices while eliminating the use of manual installation of devices.
  • Tools: Google Workspace, O365, ABM, Jamf , Jira and Jump Cloud.
• Project: Google Workspace Implementation Project
  • Configured mail routing to forward users email to another mailbox, configured mail forwarding using aliases.
  • Create groups for mailing list and configured policies.
  • Administer and configuration of all cloud infrastructure services including Jump-cloud, Okta, Google Workspace,
    0365
  • Tools: Okta, O365, Google and Exchange Online, AD and Azure AD.
• Technical Experience
  • Trusted Advisor to the Head of the Enterprise Strategy & Architecture Division.
  • Manage prospects and customers through integration and implementation of business features, including SSO,
    API integration, analytics, and reporting.
  • Work with the project teams on implementing the defined Policies within Access & Identity Management (AIM)
    solution.
  •  Provide direction, task assignment management, and technical oversight to the Identity & Access Management.
  •  Work closely with the Information Security Officer (ISO) to develop and execute on security initiatives and risk
    management.
  • Develop, update, document and manage GPOs across complex multiple domain, network environment.
  •  Plan and implement OKTA, Jamf Pro/protect in DOCTOLIB.

• Experience Outline - Working for a Google as part of global IT team, accountable for maintaining and repairing the computer environment including troubleshooting and end-user documentation training
  • As an IT Support Engineer, I helped manage the daily internal helpdesk operations of a fast scaling
    startup including internal desktop support of all laptops and desktops.
  • Responsible for monitoring the active Jira help desk ticketing system and timely resolution of end user issues hardware and software requests. Constantly working on documentation updates and special projects as assigned by the IT manager.
  • Supported a user base of 900+ employees both local and in remote locations in the Germany nationwide including remote offices located in Australia, US, UK, and Poland.
  • Ensured employees have the hardware and software they need to be productive while maintaining an environment that is secure. Systems administration for mostly SaaS
  • SaaS applications including new hire on-boarding accounts and hardware provisioning orientation and
    off-boarding.
  • Managed new user onboarding training and off-boarding including accounts creation and security access levels. On average there were 20 to 37 new users being on-boarded during peak growth.
  • Setup and configured an in-house Mac OS X caching server to serve all local internal apple and IOS updates that helped cut down on external network chatter freeing up a considerable amount of bandwidth.
  •  Provide friendly, timely and high-quality IT support to our internal and remote team of over 9200+ users. Administration of Google apps for enterprise for all users including troubleshooting.
  • Created, updated and maintained document workflows, user resources, and IT processes. Enforced IT policies including security, email, accounts, passwords, and compliance.
  •  Plans and executes OS X software upgrades
  •  Expert level JAMF knowledge (performance tuning, end pt. monitoring & maintenance, infra. engineering to scale)

• Create script and assist with automated deployment process.
• Utilize your support expertise to set and improve existing standards for system administration such as process, builds, monitoring, reporting and documentation.
• Design and deploy key SaaS Application and Management elements.
• Ensure up-time and performance of system and applications.
• Perform system monitoring of servers and/or applications to diagnose and correct problems quickly.
• Develop and maintain accurate documentation for internal procedures and services.
• Establishes and maintain user accounts, assigns file permissions and establishes password and account policies; installs, upgrade, configures, tests, maintains and support operating system software in a production environment.
• Respond in a timely manner to issues assigned through our service Desk Management tool.
• Make recommendations for future upgrades.
• Develop and maintain installation and configuration procedures.
• Operational support as application SME for 24 x 7 systems, including on-call rotation duties.
• Reviews performance logs and monitors system performance.

• Project: Provided Systems Administration support for Both Unix Systems and Windows including Server and Workstation Upgrades, backup and disaster recovery Monitoring, User Account Setup and security Administration, Performing Regular System backups and recovery procedures, and closely following SOPs to ensure System security.
  • Adding another Veeam backup server in the cloud
  • Support systems deployment, configuration management and application installations
  •  Knowledge of hardware and software installation, testing and operation
  • Worked fundamental networking concepts such as IP, Gateway, Subnet Mask, Ping, etc.
  • Knowledge of various enterprise software products such as Windows Desktop and Server platforms, Microsoft
    SQL, Windows PowerShell, Secure FTP, WebEx, etc.
  •  Knowledge of enterprise Windows Server roles including Active Directory Services, DNS, Group Policy, DHCP, IIS, etc.
  • Knowledge of hypervisors such as VMware ESXi &
  • Microsoft Hyper-V used to support
    virtualized environments.
  • Provide support for the following: PC security, networking, PC hardware, Windows 7, Windows Server 2008, Active Directory, group policies. Monitor, maintain and inventory network infrastructure, network systems, and components, system admin and desktop systems with associated peripheral equipment.
  • Provided systems administration support for both Unix systems and windows including server and workstation
    upgrades, backup and disaster recovery monitoring, user account setup and security administration, performed
    regular system backups and recovery procedure, closely following SOPs to ensure system security.
  • Support systems deployment, configuration management and application installations
  • Tools: Microsoft AD, VMware, vSphere, Hyper-V, vCenter, Citrix Xenserver.