This document provides a qualification summary for Harry G. Nazarian. It outlines his extensive experience working with various network operating systems like Windows, Linux, and VMware ESXi. It also details his skills in areas like security, firewall configuration, database administration, and network monitoring. His objective is seeking a position to further develop his IT skills in areas such as networking, security, and infrastructure management.

1. Harry G. Nazarian
hnazarian@verizon.net
Error: Reference source not found
2349 Massanutten Drive • Silver Spring, MD • 240-678-4693
QUALIFICATION SUMMARY
During the course of my career, I have become acclimated with the Terramark and HP
Solutions Cloud Infrastructures and Red Hat Enterprise 6.5, 6.6, 7.0 and CentOS 6.6, 7.0 and
Ubuntu 10.04.1 networking environment as well as integrating ESXi operating system within
the Windows Active Directory Environment. My abilities encompass setting up and
establishing domain controllers on a Windows 2008 R2 server environment with multi-
platform operating systems such as Linux RHEL 6/7 and ESX/ESXi, creating network
infrastructure to support servers that host global services, load balancing and clustering web
servers, and creating disaster recovery plans. I have also been charged with writing white
papers, presentation, and implementation procedures for our hardware refresh migration in
reducing our network infrastructure footprint, power consumption, and cooling requirements
by 75%, as well as improving upon our high availability environment by 35%.
My abilities and duties also involve securing a domain to Department of Defense
specifications to ensure compliance with current DoD regulations. In addition, I am
responsible for applying all IAVA (Information Assurance & Vulnerability Assessment)
patches that are due and updating our Plan of Action and Milestones (POAM) as systems are
updated.
I am proficient in monitoring network security from internal and external sources that may
jeopardize the integrity of the network via an intrusion detection device. I am familiar with
most classical behaviors such as sequential port scanning, banner grabbing, fingering, excess
amounts of unsanctioned connections going to the outside internet from an
unverified/verified internal source, and observing firewall logs via Splunk/What’s Up
Gold/EM7 for Windows and incorporating Zabbix for observance of the overall
infrastructure.
OBJECTIVE
Seeking an opportunity to learn and grow with a company that will challenge my Information
Technology skills in computer networking, network security, information assurance, and
network infrastructure configuration / troubleshooting.
SECURITY CLEARANCE: Single Scope Background Investigation (SSBI) - Top Secret –
Fully Adjudicated.
EDUCATION
May, 2004: B.S. Information Systems Management; University of Maryland University
College, College Park, MD Graduated Dean’s List: GPA 3.6
OPERATING SYSTEMS
 Windows 2008 R2, Windows 7, VMWare ESX Server 3.5, VMWare ESX 4.0, VMWare
ESXi 4.1, VMWare ESXi 5.0, CentOS, Ubuntu Server, Linux Red Hat RHEL 6.
 Cisco IOS version 10.0 IP Suite, IOS version 12.0 IP Suite.
HARDWARE/APPLIANCES
 Nokia IP440 Integrated Firewall/Router, Xceedium XIO SSL-UAG, BlueCoat 800-3,
Netscreen NS500 Firewall, MacAfee Intrushield 2600 IDS/IPS, Cisco ASA5540

2. Firewalls via ASDM interface, Cisco 3650X series switches, Cisco 2600/3800 series
routers, ASUS RT-N66U Access Point Wireless Routers.
HARDWARE/SOFTWARE SKILLS
 Backup Exec 2010 R3, Backup Exec 2012.
 Microsoft WSUS Service Pack 3 – Automation of patching for IAVA and Microsoft patches.
 Cisco 2600 and 3800 series routers – Configuring routes, access control lists, and separation of
public and private infrastructures.
 MySQL enterprise and Community Edition Database Management – installing, configuring,
backing up, and setting up database replication between master – master replication and master –
slave replication.
 Nagios XI network systems monitor, Zabbix network systems monitor – performing network
interface scanning and monitoring of Linux Red Hat and Microsoft systems.
 VMWare ESXi vSphere 5.5 Update 2 and vCenter 5.5 Update 2, ESX 4.1, ESX Server 3.5 and
Virtual Center 2.5
 Managing EFS Recovery keys on Windows 2003 Enterprise systems and windows
Server 2008 R2.
 Implementing SSL Encryption on Windows 2003 Enterprise and Windows Server
2008 R2.
 Designing File Security on Windows 2003 Enterprise and Windows Server 2008 R2.
 Red Hat RHEL 6.5, 6.6, 7.0 – Installing, configuring, and maintaining the environment.
 CentOS 6.5, 7.0 – Installing, configuring, and establishing our sandbox environment
for code testing.
 BlueCoat 800-3 proxy appliance – SmartFilter blocking configuration, creating custom
blocking rules, visual policy manager troubleshooting and configuration.
 NetScreen v5.0 with IPv6 – DoS attack prevention and DNS proxy/client
configuration.
 McAfee Intrushield 2600 – Monitor illicit traffic and updating sensor block lists for
illicit internal and external network behavior.
 Zentyal Open Source Enterprise Mail Server, Zimbra Mail Server, Citadel Open
Source Enterprise Mail Server – configuring and managing alternative solutions to
Microsoft Exchange for enterprise mail.
EXPERIENCE
6/2014-Present ICES Corporation Tysons Corner, VA
Senior System Administrator/Security
 Install, configure, and maintain our Linux RHEL 6, 6.5, 7.0 infrastructure.
 Installed, configured, and maintained our MySQL 5.6.21 Community Edition
database infrastructure in both production and testing/sandbox environments.
 Perform backups and restores of our MySQL Linux environment.
 Create Master – Master replication and Master – Slave replication on our MySQL
database environment.
 Maintain and configure VMWare ESXi 5.5 Update 2 environment, including creating
virtual machines, updating our templates, creating new templates, cloning and
migrating VMs as needed to maintain a stable infrastructure.
 Maintain and configure Cisco 3650G series switches.
 Maintain and configure Cisco ASA5540 Firewall, using the ASDM interface to add
VPN users, update VPN policies for split-tunnel connections (as required), adding
new external routes.
 Create SOP for installing and configuring a MySQL Database server, as well as
setting up replication.
 Create SOP on creating MySQL backups and performing a restore on a MySQL
Database environment.

3.  Manage and maintain ASUS RT-66U Wireless access points.
 Install, configure, and test Open Source solutions on our RHEL 6.5, 6.6, and 7.0
environments.
 Create and establish a testing/sandbox RHEL 6.5 and 7.0/CentOS 7.0 environment
for code testing and stage deployments.
 Troubleshoot, resolve, and configure Open Source mail solutions such as Zimbra,
Zentyal, and Citdel Mail servers as an alternative to Microsoft Exchange.
 Install, configure, and maintain Nagios XI and Zabbix network service monitoring
solutions.
 Install, configure, and maintain JIRA server.
 Install, configure, and test help desk software such as Web Help Desk for help desk
solutions for clients and local company usage.
 Install, configure, and maintain our LDAP environment using Microsoft Server 2012.
 Install, configure, and maintain Bind9 DNS server.
 Install, configure, and maintain NGINX proxy server for we portal authentication and
SSL hand off.
7/2013-4/2014 Aquilent, Inc. Laurel, MD
Senior System Administrator/Security
 Maintain our Linux RHEL 6 HP, Terramark, and Amazon Web Services cloud
infrastructure with patch updates to our applications.
 Installed and configured Linux applications on our environment including Puppet for
central policy management, JIRA for issue tracking, and Confluence for document
versioning control and FAQ database.
 Configured LDAP configuration on the environment’s Linux applications to meet
HHS CMS policies.
 Add/Remove users on our client interface to our Linux servers.
 Perform auditing on all Linux RHEL 6 virtual machines on our cloud infrastructure
to meet FedRAMP requirements (NIST 800-53 rev 4)
 Updated System Security Plan documentation to reflect current cloud infrastructure.
10/2011-7/2013 Walter Reed National Military Medical Center Bethesda, MD
Senior System Administrator/Engineer
 Perform maintenance and patching of our VMWare ESXi 5.0 virtual infrastructure
via VMWare Update Manager.
 Perform Gold Disk, SCAP and Retina Scans and create reports, and update the ATO
POAM for scanned systems in preparation for mitigation and compliance with
DISA/NAVY standards.
 Perform IAVA mitigation compliance and maintenance on our current
production environment in preparation for migration to a virtual infrastructure
using ESXi 5.0.
 Create, configure, and migrate from physical servers to the newer ESXi 5.0
version 8 virtual server using physical to virtual (P to V) solutions such as
Symantec Backup Exec 2012.
 Configure Storage using VMWare ESXi 5.0’s new Storage DRS feature to
help load balance I/O usage from the virtual host to the SAN, in coordination
with setting up LACP (Link Aggregation Control Protocol) on a Cisco 3750x
switch.
 Configure HA environment for our DMZ, Private Side, and COOP site
network.

4.  Configuring a segregated iSCSI network solely communication between the
virtual hosts and SAN units.
 Configuring a backup regimen for the virtual infrastructure using Backup
Exec 2012.
 Writing documentation for standard operating procedures for troubleshooting,
configuring, and setting up virtual servers.
 Configuring PKI access solutions, using DoD issued Common Access Cards.
02/2009-10/2011 ITT Intelligence and Information Warfare Columbia, MD
Senior System Administrator/Engineer
 Perform maintenance on current systems on customer LANs.
 Perform security updates and configurations on all machines, including
customer LANs.
 Engineering a new WAN for customer to meet DoD and Customer
requirements before going live.
 Perform backup and disaster recovery solutions for all customers and
company network using Backup Exec 2010 R3.
 Research, engineer, and implement a virtual solution for all customer LANs
and current company network, using VMWare ESX 4.1.
 Research and implement automated security patching on all customer LANs
and current company network using WSUS.
11/2008-02/2009 Johns Hopkins University Applied Physics Lab Laurel, MD
Information Assurance Engineer
 Perform research and guidance on secure network infrastructures based on
physical and virtual implementations interfacing with the Secure Internet
Protocol Routing Network (SIPRNet).
 Engineering a (Demilitarized Zone) DMZ network for US Releasable
Australia networks to interface with US-Only networks via cross domain
solutions.
 Developing requirements documentation for establishing a US Releasable network,
meeting network centricity requirements for connection to the Global Information
Grid (GIG).
 Performing research for virtual implementation into networks and reducing footprints
and costs in reliability, maintainability, and availability.
 Performing research on Secure Technical Implementation Guides (STIG) and
Technical Implementation Instructions (TII) to support a secure virtual infrastructure.
05/2008-11/2008 National Naval Medical Center Bethesda, MD
Network Engineer
 Activating drops on switches for users, based on requests from our Remedy
ticket system.
 Investigating connection issues on layer 1 to layer 2 when users are unable to
access their network.
 Creating new switching stacks for users when current switch stacks can no
longer support users.

5.  Configuring virtual local area networks on new switches and switch stacks to
expand user expansion.
 Updating our current hardware inventory with the Army Depot in Tobyhanna,
for TIMPO, when exchanges or new hardware is needed to support our
network.
 Experience in setting up network downtimes to install or configure new
switch stacks.
 Testing hardware functionality using FLUKE toners and port testing
equipment to ensure proper operation of our switches and routers prior and
post installation.
 Reconfiguring virtual local area networks on switches where needed for users
unable to join their network segment due to no port availability for their
segments.
05/2006-05/2008 Naval Medical Information Management Center Bethesda, MD
Network Engineer Team Lead
 Performed security patch updates and STIG Gold Disk security scans on all servers to
ensure optimal security standards per DITSCAP (DoD Information Technology
Security Certification & Accreditation Process), DISA, and IATO/ATO (Interim
Authority to Operate/Authority to Operate) guidelines.
 Performed IAVA compliance patching, configuration, and reports on all servers.
 Built, configured, documented, and maintained domain controller redundancy to
support the Navy Medicine Online private infrastructure and resolve many latent
lookup queries and intermittent connectivity losses when DNS zone transfers took
place.
 Established a fail over configuration on all Navy Medicine Online domain controllers
for better assurance of higher uptime and less down time for maintenance and
patching.
 Compiled auditing reports on all servers for documentation and IATO/ATO
standards.
 Daily monitoring of server logs for added assurance of proactive response and
disaster prevention.
 Performed phased PKI/CAC implementation on servers.
 Configured a specific Group Policy on the Navy Medicine Online domain for
subsequent additions to the NMO portal site to further extend the security blanket
with little to no downtime for reconfiguration.
 Created and maintained additional portal sites on the Navy Medicine Online IIS
server.
 Performed implementation of current CTF – GNO Network and Security
configurations to maintain optimal security compliance with NETWARCOM
requirements and mandates.
 Ensured all servers were compliant with current DITSCAP ports and protocols
requirements.
 Compiled detailed configuration reports on all current servers on what software and
hardware are installed.
 Performed configurations and backups on all virtual servers installed on our Virtual
Machine Ware servers.
 Performed hard disk recovery on a failed SANS (Storage Area Network Server) to
restore 5 years worth of lost data.

6.  Compiled daily, weekly, and monthly reports on all activities that were performed
within the networking environment.
 Manage the switches and servers for web servers of Navy Medicine Online world
wide.
 Performed Blue Teaming and Red Teaming exercises on the Navy Medicine Online
network to ensure all operations and data transfer were secure.
 Created development network architecture for our software engineers and developers
to test their codes and pages for the NMO portal site.
 Performed hardware refresh migration and consolidation of physical servers to virtual
machines, reducing our infrastructure footprint and power consumption by 75%
while improving our high availability environment by 35% through a double
redundancy configuration via virtual machines and physical server clustering.
06/2005-05/2006 National Naval Medical Center Bethesda, MD
Information Security Specialist
 Created, managed, and wrote standard operating procedures for end-user and
administrative accounts, as well as contingency plans for sudden system failures and
emergency network configurations on Xceedium XIO SSL-UAG Virtual Private
Network appliances.
 Configured, managed, and wrote standard operating procedures for the BlueCoat 800-3
proxy appliance by managing the Visual Policy Manager with custom block and allow
lists, in addition to configuring the SmartFilter software to block websites with
malicious content, contingency plans for system failures, and emergency network
configurations for the appliance in case of system compromise or failure.
 Daily monitoring of illicit traffic into the network using the McAfee Intrushield 2600
Intrusion Detection System, eliminating false positives and actual threats, configuring
external and internal sensors to block questionable hosts attacking the network.
 Updated DNS “Blackhole” lists per NAVCIRT (Navy Computer Incident Response
Team) requests and updates.
 Performed daily back-ups for the Netscreen 500 firewall and BlueCoat 800-3 Proxy
appliance configurations onto our Linux log server.
 Performed investigations on potential threat hosts by parsing through the Firewall logs
on the Linux log server and performing packet captures, gathering evidence for reports
on blocking potential threat hosts to the network.
 Performed the investigative process for the DITSCAP (DoD Information Technology
Security Certification & Accreditation Process) in discovering and mitigating ports and
protocols on the firewall that are not compliant with the DITSCAP guidelines.
 Performed more extensive investigations and mitigations for better information
assurance planning and implementation.
 Performed basic and advance troubleshooting on the Netscreen 500 firewalls for users
having connectivity issues to remote sites and locations.
 Created rules and policies on the Netscreen 500 firewall using both the command line
interface and web graphical user interface, while troubleshooting connectivity and
security issues.
 Created VPN user accounts on the Netscreen 500 firewall using SHA-1 encryption and
configured Netscreen VPN client software accordingly.
04/2004 –06/2005 Presidio Corporation Burtonsville, MD
Network Engineer
 Performed technical assistance on Nortel BPS-2000s, Passport 8600s, Baystack 450-
24T, and Contivity 600 VPN boxes.

7.  Provided technical assistance and basic configuration support on Cisco 2514, 2524,
2610, and 3500 series routers and switches for our client customers.
 Performed customer on-site Cisco and Nortel phone, switch, router troubleshooting
and installations.
 Upgraded Cisco IOS software and Nortel Networks Operating System switch and
router and software.
RELATED IT COURSEWORK/CERTIFICATION
 Currently pursuing VMWare Certified Professional (VCP) 5.1 certification.
 CompTIA Security+ Certified.
 Computer Networking for Windows 2000 Advanced Server and 2003 Server.
 Designing Security for Windows 2000 Advanced Server and 2003 Server.
 Creating Windows 2000 Network Infrastructure for Advanced Server and 2003 Server.
 CompTIA Network+ Certified.
 CompTIA Cloud Computing Essentials.
 Cyber terrorism: detecting warning signs and prevention techniques.
 Microsoft Network Administration for Windows 2003 Advanced Server and Windows
Server 2008 R2.
REFERENCES: Available upon request.