Nathan McNabb

Experience

• Managed National Active Directory Infrastructure responsible for all IAM for environment 
• Responsible for Quarterly Audit and SOX reporting
• Automated alerting system with PowerShell for issue regarding daily provisioning
• Developed a PowerShell script to eliminate lateral movements for certain service accounts
• Created various alerts and reporting using Netwrix Auditor 10.5
• Developed a process to move Azure Dynamic Groups to locate groups due to 5k limit
• Using PowerShell scripted solutions clean up provisioning problems
• Responsible for all changes to environment as needed for New Projects or Tools
• Worked with Security Team to remediate issues identified by ADRAP 
• Worked to remove service accounts but moving Application teams to Group Managed Service Accounts

• Worked with Security and Compliance to create protocol Standards for Truist Merger with Suntrust
• Designed and engineered a product for identifying weak authentication protocols. Worked with existing toolset to create a database and reporting mechanism for audit issues.
• Worked with operations team on AD remediation issues identified by ADRAP to help document closure 
• Worked with Audit to document risk acceptance issues identified by ADRAP 
• Worked with Application teams to identify issues related to authentication in new environment
• Worked with the IAM team to publish identification patterns in Visio
• Deployed Microsoft Defender in the Azure Lab environment to help with risk acceptance of ADRAP items 
• Worked with various teams on both merger partners to deploy MDI sensors in the all environments

• Designed and implemented Global Domain for transition of American Express Global Business Travel into separate company
• Worked with American Express security and compliance to activate a trust between the new domain and American Express.
• Mentored admistrators on process and security changes and day to day activities 
• Created OU design and GPOs for new greenfield domain
• Created various PowerShell scripts to update custom AD attributes as needed for business reasons. 
• Using ldifde, created 20 custom attributes and added them to the Migration Manager DSA
• Using Center for Internet Security (CIS) specifications created GPO for CIS certification. 
• Created process and procedures and documentation for migration of user workstations to the new environment
• Created and migrated various Group Policies to meet security compliance and business requirements
• Created PowerShell scripts to update Office 365 smtp attributes for Office 365 migration 
• Using PowerShell automated IAM processes for contractor conversions to full time employees 
• Worked with Dell to install and configure Quest Migration Manager for migration for 15,000 Global Business Travel employees
• Worked with American Express operations and Global Business Travel development to identify Active Directory custom attributes needed for business continuity
• Worked with the application team to create appropriate permissions in Azure. 
• Began creating policies based off GPO for Intune implementation
• Worked with the security team to configure McAfee SIEM functionality on all the global domain controllers. This included logging levels and alert tuning
• Created and configured Organizational units and worked with Security team for proper delegation
• Worked with security and compliance to install and configure Stealth Intercept require for Trust activation

• Direct Energy needed to move a portion of the business into a child domain. Created and configured the domain for the business
• Created the appropriate Organizational Units to match the application needs of the business and ensured alignment with processes and standards of the environment 
• Worked with Dell Migration Manager Team to migrate 3000 users to the child domain. This implementation caused no interruption in service or loss of business continuity
• Ensured DNS was correctly configured for joining and re-ip of servers. 
• Worked with network engineers to ensure aliases and entries were made to ensure proper data flow
• Worked with MSSQL team to ensure reports and service accounts were applied correctly

Management Profile

Primary managerial strength is a comprehensive understanding of the relationship between Active Directory capabilities and business and business objectives. Experience implementing the processes, procedures and controls needed to mitigate risk and protect information assets in organizations from startup to medium, public company. Extensive and varied career providing leadership and technical excellence over a wide range of systems and applications. Working knowledge of many business operations with a focus on the financial industry. Experienced in economic analysis and all phases of budget development and tracking. Experience managing cross-functional teams both locally and remotely.

Training and Background

Chemistry, Kennesaw State College 1985-1990.

Security Platforms

Authentication – RSA SecurID OKTA

Proxy/Content Filtering – Bluecoat, Managed Proxy.pac files, Global Protect, External DNS

SIEM – McAfee SIEM collector 10.2

Vulnerability Management – Qualys, Microsoft Defender, Stealth Intercept, Netwrix Auditor

Software platforms 

OS – Microsoft Server 2012 R2, 2016 2019, HPUX 11i, RH Linux

Messaging - MS Exchange 365, Sendmail, Binary Tree & Walcott migration tools

Database - MS SQL Server, MySQL

Programming Experience

PowerShell, MS SQL, HTML 

Experience

• Managed National Active Directory Infrastructure responsible for all IAM for environment 
• Responsible for Quarterly Audit and SOX reporting
• Automated alerting system with PowerShell for issue regarding daily provisioning
• Developed a PowerShell script to eliminate lateral movements for certain service accounts
• Created various alerts and reporting using Netwrix Auditor 10.5
• Developed a process to move Azure Dynamic Groups to locate groups due to 5k limit
• Using PowerShell scripted solutions clean up provisioning problems
• Responsible for all changes to environment as needed for New Projects or Tools
• Worked with Security Team to remediate issues identified by ADRAP 
• Worked to remove service accounts but moving Application teams to Group Managed Service Accounts

• Worked with Security and Compliance to create protocol Standards for Truist Merger with Suntrust
• Designed and engineered a product for identifying weak authentication protocols. Worked with existing toolset to create a database and reporting mechanism for audit issues.
• Worked with operations team on AD remediation issues identified by ADRAP to help document closure 
• Worked with Audit to document risk acceptance issues identified by ADRAP 
• Worked with Application teams to identify issues related to authentication in new environment
• Worked with the IAM team to publish identification patterns in Visio
• Deployed Microsoft Defender in the Azure Lab environment to help with risk acceptance of ADRAP items 
• Worked with various teams on both merger partners to deploy MDI sensors in the all environments

• Designed and implemented Global Domain for transition of American Express Global Business Travel into separate company
• Worked with American Express security and compliance to activate a trust between the new domain and American Express.
• Mentored admistrators on process and security changes and day to day activities 
• Created OU design and GPOs for new greenfield domain
• Created various PowerShell scripts to update custom AD attributes as needed for business reasons. 
• Using ldifde, created 20 custom attributes and added them to the Migration Manager DSA
• Using Center for Internet Security (CIS) specifications created GPO for CIS certification. 
• Created process and procedures and documentation for migration of user workstations to the new environment
• Created and migrated various Group Policies to meet security compliance and business requirements
• Created PowerShell scripts to update Office 365 smtp attributes for Office 365 migration 
• Using PowerShell automated IAM processes for contractor conversions to full time employees 
• Worked with Dell to install and configure Quest Migration Manager for migration for 15,000 Global Business Travel employees
• Worked with American Express operations and Global Business Travel development to identify Active Directory custom attributes needed for business continuity
• Worked with the application team to create appropriate permissions in Azure. 
• Began creating policies based off GPO for Intune implementation
• Worked with the security team to configure McAfee SIEM functionality on all the global domain controllers. This included logging levels and alert tuning
• Created and configured Organizational units and worked with Security team for proper delegation
• Worked with security and compliance to install and configure Stealth Intercept require for Trust activation

• Direct Energy needed to move a portion of the business into a child domain. Created and configured the domain for the business
• Created the appropriate Organizational Units to match the application needs of the business and ensured alignment with processes and standards of the environment 
• Worked with Dell Migration Manager Team to migrate 3000 users to the child domain. This implementation caused no interruption in service or loss of business continuity
• Ensured DNS was correctly configured for joining and re-ip of servers. 
• Worked with network engineers to ensure aliases and entries were made to ensure proper data flow
• Worked with MSSQL team to ensure reports and service accounts were applied correctly

Management Profile

Primary managerial strength is a comprehensive understanding of the relationship between Active Directory capabilities and business and business objectives. Experience implementing the processes, procedures and controls needed to mitigate risk and protect information assets in organizations from startup to medium, public company. Extensive and varied career providing leadership and technical excellence over a wide range of systems and applications. Working knowledge of many business operations with a focus on the financial industry. Experienced in economic analysis and all phases of budget development and tracking. Experience managing cross-functional teams both locally and remotely.

Training and Background

Chemistry, Kennesaw State College 1985-1990.

Security Platforms

Authentication – RSA SecurID OKTA

Proxy/Content Filtering – Bluecoat, Managed Proxy.pac files, Global Protect, External DNS

SIEM – McAfee SIEM collector 10.2

Vulnerability Management – Qualys, Microsoft Defender, Stealth Intercept, Netwrix Auditor

Software platforms 

OS – Microsoft Server 2012 R2, 2016 2019, HPUX 11i, RH Linux

Messaging - MS Exchange 365, Sendmail, Binary Tree & Walcott migration tools

Database - MS SQL Server, MySQL

Programming Experience

PowerShell, MS SQL, HTML 

Training and Background

Chemistry, Kennesaw State College 1985-1990.