I have over 19 years of system administration and engineering experience. For the past 8 years, I have worked on a project for the federal government that focuses on securing Apple technologies in DOD environments. Prior to that, I spent 12 years in the media industry supporting efforts for the award winning non-profit independent journalist outfit, the Center for Public Integrity, as well as the nationally known Washington Times. Focusing on improving efficiency and user experience, I have provided solutions to integrate and maintain solutions for Apple technologies in an enterprise environment.
NCI – Senior Macintosh Engineer – DISA JSP
My current position within the Macintosh Center of Excellence supporting the efforts within the Pentagon as part of the Joint Service Provider (JSP). My role as the Senior Macintosh Engineer is to provide secure solutions leveraging macOS, offering users an alternative desktop platform that gives them a secure environment using a familiar interface they prefer over a Windows desktop.
Zantech IT – Senior Macintosh Engineer – DISA JSP
April 2017 – December 2019
Continued efforts with the Macintosh Center of Excellence, now part of DISA, I am part of a team of engineers who maintain the secure macOS environment for the Office of the Secretary of Defense as part of the Joint Service Provider (JSP). Leveraging JAMF Pro to manage device policies, updates, and configuration. As part of the engineering team, I have worked with integrating a number of enterprise security solutions into the macOS desktop, including Nessus (ACAS), McAfee ePO (HBSS), Splunk, and Tanium.
My efforts continue to grow as our team builds out the JAMF Pro infrastructure out to the DMZ to accommodate external agencies and support Mac efforts throughout the Department of Defense. I foster relationships with Apple and other vendors to improve security and enterprise deployments as I continue to develop and maintain the Secure Host Baseline for macOS Sierra and High Sierra, as well as provide technial expertise as part of the DISA STIG creation process. While working with Apple, my efforts have led to the inclusion and improvement of the Smartcard integration with the macOS, which allows for native PIV support for authentication and access to the DOD PKI infrastructure.
I develop and maintain tools used to manage macOS endpoints with security as top priority, without sacrificing the user experience. Tools to manage FileVault in a SmartCard enforced environment, and authentication plug-ins that help facilitate the process of deployment when using Apple Business Manager.
CGI Federal – Apple Systems Administrator
April 2017 – Present
APEX – Apple Systems Administrator
October 2016 – April 2017
As the Macintosh SME for DMA, I am responsible for administering the JSS for management of enterprise Macintosh computers and providing Tier III/IV engineering support to Tier II support technicians. I continue to ensure Macintosh workstations are patched, configured and secured according to DoD guidelines. Providing expert guidance for all Apple related technologies within DMA and DINFOS. Collaborate with other system administrators to better integrate the Macintosh systems into the DMA environment. I’ve stood up an internal software update server to provide Apple system updates using Reposado, rebuilt the JSS environment and workflow to support the latest SHB, and established a workflow to maintain 3rd party software updates to ensure systems were compliant against STIGs, IAVMs, and other DOD guidelines.
R&K Enterprise Solutions – Senior Macintosh Engineer
August 2012 – October 2016
As part of the original founding members of the Macintosh Center of Excellence (Mac COE), my primary objective was to develop and maintain secure Macintosh OS X environment for the Office of the Secretary of Defense. Leverage the JSS Casper suite to manage device policies, updates, and configuration. Provide Tier III/IV engineering support to Tier II support technicians. Provide complete documentation on standard operating procedures, change management, and end-user knowledge base. Work with external agencies to collaborate on Macintosh efforts across the DoD.
I engineered the Secure Host Baseline (SHB) process for OS X 10.9, OS X 10.10, and OS X 10.11. Gained approval of the 10.9 Mavericks deployment image in the Office of the Secretary of Defense. Configured the processes, policies, and workflows as well as working with other groups such as IA, CSD, NetOps, and ServerOps to integrate the new system into the environment. Developed approved image of Mac OS X 10.6 in the Office of the Secretary of Defense. Wrote the hardening scripts, imaging workflows, and developed management policies for client devices on the DoD NIPRNet. Deployed standard image to Macintosh users in the Office of the Assistant Secretary of Defense – Public Affairs (OASD-PA), OSD Graphics department, and members of the Joint Chiefs of Staff. Drafted all requirements for the Defense Information Systems Agency (DISA) publication of the Security Technical Implementation Guide (STIG) for OS X 10.8. Member of the Joint Consensus Group whose objective is to develop and validate security requirements for the 10.9 Mavericks STIG, the 10.10 Yosemite STIG, and beyond. Also served as a member of the DOD Coalition of Apple Engineers Board of Directors.
Center for Public Integrity – IT Manager
August 2010 – August 2012
Manage and monitor all day-to-day IT operations. This includes support to end users’ desktops, network infrastructure, telephone system, and server administration. Responsible for the uptime, backup, and maintenance of the Exchange email environment, Cisco Call Manager phone system, multiple SQL 2008 servers, including a Sharepoint 2010 farm, as well as print and file servers. Provide key technical support to the company’s web presence, focusing primarily on server setup, security, and administration.
Installed a Microsoft SharePoint server to manage editorial workflow from production to web. The SharePoint solution is also used for the company’s Intranet site, with custom workflows, forms and document management for other departments to utilize. Set up environment for the Center’s new website and application as part of their Center 2.0 initiative. This was configured using Rackspace Cloud Servers in a virtual environment. To help mitigate hardware and maintenance costs, and update a near end-of-life technology, we migrated our email system from Exchange 2003 to Microsoft’s cloud solution: Office365.
The Washington Times – Publishing Systems Manager
March 2001 – August 2010
Maintain the fleet of installed Apple workstations. Create new images and package deployments using Apple Remote Desktop and Netboot servers. Keep systems up-to-date using a combination of customized scripting, in-house Apple Software Update Servers and third party tools such as radmind, JAMF’s composer, and DeployStudio. Manage the Help Desk, which provided IT support for 400+ users 24 hours a day, 7 days a week. Use shell scripting to automate tasks to keep our small team efficient and productive. Tasks include deploying new workstations; customized workflows for end users; and collecting and maintaining log files.
Managed the deployment and upgrade of the entire news operation (200+ workstations) from Mac OS 9 to Mac OS X, including a full integration with Active Directory. Researched and installed a high performance SAN environment to consolidate all enterprise systems. Serve as the SAN and backup administrator for all company systems. Led the project team in the development of a daily electronic edition of the newspaper.