Network Architecture & Segmentation

Led a full network redesign initiative including VLAN overhaul, segmentation strategy, and IP plan re-architecture.

  • Programmed and maintained Cisco core switching infrastructure
  • Eliminated unmanaged switches and standardized switching stack
  • Improved broadcast control and network visibility

Remote Production Site Connectivity

Designed and implemented GRE tunnel connectivity supporting a remote production environment (Yale Residential Locks).

  • Established secure site-to-site routing
  • Enabled production continuity during infrastructure transition

Security Hardening & Compliance

Focused on reducing enterprise risk through access control and endpoint hardening.

  • Removed local admin access via GPO (except approved accounts)
  • Deployed McAfee encryption and resolved BitLocker integration issues
  • Led Security Task Force initiatives
  • Implemented Security Onion IDS for network monitoring

Monitoring & Visibility Engineering

Built centralized visibility into infrastructure health and performance.

  • Implemented SNMP + Grafana alerting stack
  • Deployed SolarWinds N-able from scratch
  • Developed custom network monitoring tools (MAC tracing, ARP/DHCP correlation, SQL monitoring)

Virtualization & Infrastructure Architecture

Designed and deployed VMware ESXi infrastructure from hardware to production workloads.

  • Architected Dell-based virtualization stack including datastore layout
  • Configured vSwitches, port groups, and VLAN tagging aligned with segmentation strategy
  • Integrated ESXi host with core switching and firewall policies
  • Migrated physical services (Domain Controller, DHCP) into virtual environment
  • Implemented lifecycle management and backup/resiliency practices

Automation Engineering

Built automation tooling to reduce manual effort and improve operational consistency.

  • Developed CompXfer to automate Windows 7 → 10 migrations (profiles, printers, drives)
  • Authored PoShPatch for lightweight remote patch execution across endpoints
  • Created Log4jSherlock vulnerability scanner (CVE-2021-44228 family)
  • Built Selenium automation for web-managed device configuration
  • Implemented Winget/Chocolatey-driven software lifecycle automation
  • Developed custom PowerShell network reporting tools