Sigfredo Javier Aldarondo
San Francisco Bay Area
Phone: (617) 848-8154
Email: tito.aldarondo+resume@pm.me

PROFESSIONAL OBJECTIVE:
Leverage my extensive and diverse experience as a developer, site reliability engineer, mixed-platform systems administrator, and mentor to solve operational, security, and growth challenges in a pragmatic and team-oriented fashion.


WORK EXPERIENCE:

Site Reliability Engineer, WinOps TeamGoogle LLCSunnyvale, California  |  July 2016 – March 2024
* Responsible for Active Directory, DirectAccess, and related systems across the company
* Coordinated and implemented responses to vulnerabilities with security team 
* Reduced human toil by writing and documenting PowerShell, Python, and bash scripts for deploying domain controllers, databases, DirectAccess servers, and short-lived TLS certs
* Developed a binary in Go to restrict RDP access to Windows servers via multi-party authentication
* Windows Deployment Automation:
- Leveraged Jenkins, Terraform, and GCP to automate Windows base OS image updating, cutting deployment time of new systems by half
- Added Wi-Fi support to WinPE allowing Windows clients to be deployed without Ethernet
- Developed an executable tool in Go for Windows, Linux, and MacOS for preparing USB boot media for initiating client Windows builds from off the corporate network

Corporate IT ArchitectWayfair LLCBoston, Massachusetts  |  May 2012 – June 2016
* Served as the technical backstop and primary mentor for the Corporate IT team
* Designed and implemented a three-tier, enterprise-wide PKI, consolidating existing cert authorities under a single collection of cert issuance policies
* Wrote an ASP.NET web application in C# using Duo Security’s Web API to allow intranet users to enroll their mobile devices for two-factor authentication based on AD group membership
* Introduced and drove security and efficiency initiatives:
- Migrated DCs to Windows Server Core reducing resource requirements and attack surface area
- Replaced writable DCs with RODCs at remote sites or in security-hardened network segments
- Automated Windows server provisioning via the Microsoft Deployment Toolkit
* Automated via PowerShell:
- DHCP server configuration, backup, migration, and scope provisioning
- Provisioning of MS SQL Server clusters on Windows Server 2008 R2/2012 R2
- Parsing LDAP queries on multiple remote domain controllers for diagnostics and reporting
- Managing password replication policies for read-only domain controllers

IT ManagerRapid7 LLCBoston, Massachusetts  |  April 2006 – June 2011
* Expanded IT infrastructure to meet the rapidly growing operational demands of an aggressive start-up in the field of Network Security and Vulnerability Assessment by increasing server count from 12 to over 150 as user headcount increased from 10 to over 200
* Designed and established a highly available, collocated datacenter for revenue-generating hosted instances of Rapid7 Nexpose network vulnerability assessment scanners and other externally facing production systems
* Introduced Active Directory 2003 (later upgraded to 2008) into a Linux/UNIX server environment, integrating AD DNS with BIND and ISC DHCP, and bringing Windows clients under AD group policy
* Migrated corporate website from a single-host, Debian-based, physical PHP configuration to an Ubuntu-based, VMware ESXi virtualized, load-balanced, Puppet-managed Java Servlets/JSP infrastructure on Apache Tomcat with automated deployment to reduce security patch workload, increase performance, and maintain greater than 99.5% uptime
Web Applications DeveloperEmbarc, Inc.Newton Upper Falls, Massachusetts  |  September 2004 – April 2006
* Developed and maintained corporate intranet applications and websites using both classic ASP and Java Servlets on both Windows and Linux
* Communicated directly with clients regarding application errors and hosting problems
* Detected and mitigated SQL injection vulnerability in content management system login mechanism implemented across all customer projects
Systems Techniciani-Tech Support, Inc.Orlando, Florida  |  May 2000 – August 2002
* Acted as Team Lead in the management of the IT needs of over twenty-four SMBs throughout Florida
* Responded to daily client service calls and planned PC, server, network, and website upgrades 
* Managed and documented installation and certification of CAT 5e cabling projects


EDUCATION

Post-Graduate Studies, Boston UniversityBoston, Massachusetts
* IT Project Management
* IT Strategy and Management
* Systems Analysis and Design

B.S. in Information Technology, University of Central FloridaOrlando, Florida | December 2003
GPA: 3.54