Jersey City, New Jersey, United States
Throughout my 20+ year career, I’ve worked in various roles and environments, learning about all different types of technologies and where processes were not standardized, or where network restrictions posed challenges. No matter what was asked of me, even when I had no prior experience, I always took on the challenge and excelled. I believe this has been one of my greatest strengths. I have a passion for IaC and my ability to create scripts in Bash and PowerShell has been instrumental in collaborating with different teams. I’m able to understand specific requirements and foresee potential issues when installing applications or agents, depending on the operating system. Winning the Raising the Bar - Honorable Mention award two times in a year at S&P is a testament to that. More recently, I've embraced AI tools — Claude, ChatGPT, and Grok — as genuine engineering partners in my day-to-day work. I use them to accelerate infrastructure automation, generate configurations, harden security postures, and work through complex problems faster. Very few engineers are fully leveraging AI at this level yet, and I think it's becoming one of the most important skills in our field.
When I joined APC Postal Logistics, I was brought in at a pivotal moment — the company was growing and ready to invest seriously in building out its IT infrastructure and security foundation. It was the kind of opportunity I thrive in: a chance to architect things the right way from the start, with real ownership and impact. Within 4 months I had built the company's entire security program from the ground up — drafting all SOPs and policies, implementing Vanta for compliance monitoring, and remediating infrastructure gaps across MS 365, Azure, AWS, and on-premises environments. We achieved SOC 2 Type I certification and I'm currently driving us toward Type II. Beyond compliance, I've been responsible for everything across the stack — endpoint security (Intune, Defender for Endpoint, AutoPatch, BitLocker), identity management (Entra ID SSO, 1Password SCIM integration), email security hardening (DMARC, DKIM, SPF), firewall and network management (SonicWall, Cisco Meraki), TLS certificate management, and DNS administration across Cloudflare and Entra Domain Services. I reduced vulnerability exposure from 8,000+ CVEs to under 2,000 and am actively conducting Zero Trust and RBAC audits across our cloud environments to enforce least-privilege access. One thing I'm particularly proud of is how I've leveraged AI tools — Claude, ChatGPT, and Grok — as daily engineering partners. Whether it's generating Intune configuration policies, analyzing phishing headers, troubleshooting infrastructure issues, or accelerating compliance work, AI has allowed me to operate at a level well beyond what a single engineer would typically deliver.
Promoted to enhance our IT environment's resilience by keeping the number of vulnerabilities down by leveraging Tanium. I advanced our vulnerability management, evidenced by the successful execution of patches and packages(scripts) that updated applications, system configurations, and agents. My script also saved the company millions by removing unused Java licenses. I led the Tanium Automation Team and assisted with their scripts. I utilized Azure DevOps boards to keep track of requests and cross-team projects, conducted weekly stand-ups and one-on-ones to maintain team health, and utilized SharePoint for internal Tanium SOPs.
I was tasked with vulnerability remediation and consolidation of infrastructure. I assisted in a datacenter exit and helped in the server decommission process. I reviewed weekly Nessus vulnerability reports and conducted weekly meetings with operations team on my recommended remediation steps. I was given the opportunity to help in the build out of Tanium where I managed both its infrastructure as well as helping to develop scripts to remediate vulnerabilities. I've developed both Bash and PowerShell scripts that helped extract data from servers, and ones that would standardized configurations for compliance. I also assisted in improving the patching process for our server endpoints, and creating an ongoing deployment. My contribution, helped remediate over 300k vulnerabilities within the year. I collaborated with teams to deploy and update agents like CrowdStrike, Service Now Agent Client Collector, Splunk Universal Forwarder, Guardicore, and DataDog. I developed custom sensors to monitor connectivity post-installation and provided weekly health reports to ensure agent compliance.
I was initially hired to assist in Linux support, but with my background, expanded to other sub teams - Windows Server, Nagios Monitoring, and have helped on occasion the AD and VMware Teams. I have been involved in numerous projects involving server hardware refresh/migrations, OS upgrade/rebuilds, and Ops tool installs/updates. All to improve platform stability and performance. I've been recognized as one of the POCs for DC operations in rack/stack of servers and resolving P1 issues pertaining to server hardware/connectivity. I've assisted the SAN team with fiber runs to Brocade switches, and the Network team with their Cisco top of the rack switches and chassis. I took the lead of on managing OS deployment of both Windows and RHEL/CentOS systems, cutting build time from four hours to 2 hours or less. I also managed the in-house Linux repos making sure the Patching Team had the latest security patches every quarter.
I was involved in projects to improve infrastructure as well as managing all end-user computing for a public library and its three branches in Northern NJ. I improved their network by replacing their firewall, and adding more access points to eliminate dead spots. I also upgraded their backup solutions by implementing disks, and advised to continue to use tapes for DR. I supported Exigent’s other client’s infrastructure, from level 1 support to network, backup, and server support.
I worked on projects in improving the team's support process such as build and application deployments, and asset management. I supported executives and administration on their technical issues, and provided guidance to junior support specialists on resolving tickets.
I managed nine desktop support engineers globally, trying improve our end user support process. I tried to make time after hours to train my colleagues on how to resolve tickets efficiently and how to deal with difficult users. Even though I was the lead, I liked to be in the trenches and help my team get work done. I improved the ticket system by setting alerts of unassigned tickets, and utilizing a follow the sun model. I also improved workload by utilizing my overseas teammates by getting them involved in onboard/offboarding to reduce tasks for the U.S. team so they could provide more onsite support during their time.
I worked on various projects to improve end-user support workflow. At one point, myself and one colleague were the only ones providing L2 and L3 desktop support for over ~1000 employees in the US (onsite and remote) and international offices for several months, yet we still met SLAs and project deadlines. I supported all print, file and terminal servers within the US offices, and video conferencing equipment.