Resume: Brian Johnson
Summary
Seasoned System Administrator with 15+ years of experience in the areas of IT Security, Operations, DevOps, Network Management and Service Management.
Objective
Looking for a System Administrator/Lead position with the opportunity to work with others in IT to ensure adequate customer service, reliability and integrity of data/information systems. With a proven track record of success, I am able to respond to rapid business changes as well as changes in technology while able to accommodate business requirements.
Experience
Senior System Administrator
(Feb 2021 — Dec 2021)
- AWS "Global VPN" Project: Architected a scalable/redundant global Client VPN solution in AWS leveraging Fortinet technology. Setup DNS geo-location DNS routing nearest VPN endpoint using Cloudflare and Amazon Route 53. Integrated new Client VPN network with existing corporate global network.
- AWS VPC/EC2 security improvements - Identified, scoped out and corrected a multitude of challenges related to security groups, OS/application-level configuration and user access policy concerns
- AWS Single Sign-on and IAM policy transition to SSO - coordinated with development teams to consolidate 400 + IAM policies (across 30 different AWS accounts), roles and groups into AWS SSO into a handful of AWS SSO Permission Sets
- AWS Global Network/Security project - integrated cloud networks with internal office network using IPAM, Site to Site VPN, Transit Gateway from shared-services account to numerous other accounts and custom Client VPN solution eliminating the need to access critical/production servers using their public IP.
- Created internal DNS alias/proxy service to provide minimum-level SSL compliance across all servers (cloud and on-prem)
- Created AWS VPC on-boarding and VPC/website security best practices guide as it relates to the corporate/global network
- Documentation -- end user (IT "Knowledge Base"/"high-level") and IT internal (low-level) using Atlassian Confluence and LucidCharts/CloudInsights and diagramed in detail all cloud and physical (on-prem) networks
- Documented AWS account "landscape" of 30+ individual accounts (spread across 3 organizational tiers) and their function, management team, business owners, and identified numerous cost-saving strategies, network management tactics, identified security concerns and formulated user account management process (IAM/SSO) using AWS Organizations, AWS Config, AWS Cloudformation, Transit Gateway/Network Manager, and AWS IPAM
- Troubleshooted end-user IOT device connectivity challenges with internal FW/SW development teams
System Administrator
(Dec 2018 — Feb 2021)
- Integrated numerous cloud applications into Okta SSO (single sign-on) including: AWS Single Sign-On and AWS IAM (Federation), Active Directory (to/from), Atlassian Access (and related apps- Jira/Confluence/Bitbucket), Google Workspace/G Suite
- Mentored development teams understanding the technologies used (full-stack) on the website (Node.js) and e-commerce platform (Magento)
- On-boarded, mentored and supported development teams (~ 50 remote consultants worldwide) on various full-stack projects ranging from web-frontend [CloudFront/EC2/Elastic Beanstalk/Github/Pipelines], e-commerce [RDS/EC2], analytics/data engineering teams (RDS/RedShift/data-warehouse [RedShift], data-analysis streams [Kinesis/Firehose]),
- Headquarters relocation: architected, setup redundant networking solution in new headquarters (3 floors, 15 managed switches and ~30 access points) using Fortinet technologies: FortiGate, FortiSWitch, FortiAP
- Enabled WPA2-Enterprise encryption, authentication using RADIUS and Active Directory
- Enabled Client VPN authentication, authentication using LDAP and Active Directory
- Enabled multicast print functionality to allow Secure AirPrint (and other zero-conf/UPnP technologies) in an office environment from the Client VPN as well as
- Isolated internal WAN traffic depending on their exposure risk to outsiders (i.e. conference rooms and ports )
System Administrator
(Jun 2017 — Dec 2018)
- Primary system administrator of Microsoft Azure cloud/Windows 2016 servers – including Active Directory, SQL Server, and Remote Desktop Services (terminal services)
- Setup multiple VPCs using Amazon Web Servers (AWS) – multiple EC2 compute resources and S3 buckets
- Architected virtual machine and shared storage (SAN) storage solution in remote Datacenter using technologies from VMware, Nimble storage, HP/Aruba switches and Fortinet/FortiGate
- Assisted with the migration from Google Apps and Dropbox to Microsoft Office 365
- Expanded core IT network services to remote locations; datacenter in Roseville, CA; warehouse in South San Francisco, CA
Systems Administrator
(Jan 2014 — Sept 2016)
- Rackspace to Office 365 migration - migrated approx. 250 mailboxes from Rackspace Exchange to Office 365
- Vmware datacenter migration - migrated approx. 50 finance (Microsoft GreatPlains, Cognos BI) servers from Burbank datacenter to Atlanta datacenter utilizing VMware ESX Server
- Office network equipment migration/standardization - standardization of network equipment (Sonicwall/Brocade) in all Offices (migrated from Cisco ASA/Catalyst) - maintaining VLANs, routing and redundant WAN
- File server migration - Migrated from NetApp filer to Nimble storage array, setup for VMware using NFS & ISCSI
- Headquarters relocation - Assisted team moving al IT equipment to new HQ, including phones, network devices, servers
Helpdesk Support / System Administrator
(Nov 2008 — Nov 2013)
- Administration of Windows 2003 and 2008 servers - including print, Active Directory (DNS/DHCP/WINS/LDAP)
- Architected, tested, and deployed a worldwide video conferencing solution using Cisco (Tandberg) TelePresence devices as well as Cisco TelePresence Management Systems (TMS, VCS, MCU including Cisco Jabber/Movi software client (SIP)
- Assisted team with the creation, management, termination of Windows user accounts and Exchange mailboxes
- Replaced helpdesk system (TrackIt) with a more scalable solution based on ITIL-model with incident, problem, change management, service level agreement (Service-Now), identify/create business rules, and create workflows
- Built and managed engineering environments (Matlab, Cadence, SolidWorks), including deployment of Linux workstations (RedHat, using KickStart)
- Maintained several license servers using FlexLM for engineering applications - Cadence, SolidWorks. Matlab, Oracad, Mentor Graphics (PADS)
- Assisted infrastructure team with the migration of physical devices to VM (VMware) for engineers (RedHat Linux) as well as production servers (Anti-Virus, Active Directory, Print)
- Maintained, updated software install packages for members of helpdesk team, prepared packages for SCCM deployment
- Monitored ticketing system (TrackIt, Service-Now) for new tickets and work-items, update existing incidents, operated within service level agreements (SLAs) to ensure high end-user satisfaction
- Purchased, deployed numerous printers (HP, Sharp, Okidata) and setup LDAP, SMTP for document processing, troubleshooting problems, monitored printer/toner status using SNMP
Desktop Support Administrator
(Aug 2007 — Nov 2008)
- Built, tested and deployed production update server for all client/server machines using Windows Server Update Services
- Maintained home-grown internal applications developed in ASP.net using Internet Information Services and Windows Server 2003
- Managed end user licenses for Microsoft products (Office, Project, Visio, Visual Studio, MSDN), Adobe products (Creative Suite, Photoshop, Illustrator, InDesign), Matlab, Creo (Pro Engineer)
- Built laptops, desktops, workstations and servers production, test environments and new employees following strict build processes
- Defined strict build processes for end user client machines
- Purchased all IT equipment - worked with vendors to obtain quotes (CDW, Zones, Insight, Dell, PacketFusion, Intervision), with asset management
- Assisted in troubleshooting production issues with other members of IT (Linux, Network, Storage Administrators)
- Documented new and existing processes for Standard Operating Procedure (updated yearly)
- Created Oracle 10g accounts for new employees
Jr. Helpdesk Support Technician
(Jan 2006 — Aug 2007)
- Provided desktop and laptop (hardware) and software support for the Santa Clara office (300 employees)
- Maintained up todate images for desktop and laptop deployment using Symantec Ghost and SysPrep.
- Lead IT training sessions for newly hired employees (every week)
- Participated in 24/7 on call support rotation with the rest of the IT team
- Provided weekly reports of account creations, and terminations for business requirements (Sarbanes Oxley).
- Setup laptops and desktops for newly hired employees based on business requirements (Engineering, Software/Firmware Developers, etc)
Intranet Web Developer Intern
(June 2005 — Dec 2005)
- Designed from scratch a component database written in PHP using MySQL with authentication and integration into Active Directory using LDAP
- Assisted the IT team with a headquarters relocation which included the backup of all desktop machines using SyncBack and FTP