Impact Skills Experience Education Contact Hire Me โ†’
Open to senior roles & consulting opportunities

Junaid
Imtiaz

> |

8+ years engineering enterprise-scale infrastructure at Freddie Mac, HP, and Cisco. Specializing in Active Directory security, cloud infrastructure, vulnerability remediation, and DevSecOps automation at scale โ€” with a track record of measurable cost savings and risk reduction.

View Experience โ†“ Download Resume โ†—
8+
Years Experience
3
Enterprise Employers
2
Master's Degrees
โˆž
Automation Mindset
// impact

Key Achievements

Measurable outcomes delivered across enterprise environments.

1000s
BladeLogic jobs migrated to Ansible โ€” eliminating legacy vendor dependency
โ†“ HPU
Privileged account attack surface reduced via CyberArk, JEA & PAM/JIT
2025
Led Windows Server 2025 enterprise certification at Freddie Mac
609
Days of continuous server uptime โ€” validated infrastructure reliability
// expertise

Technical Skills

Deep, hands-on expertise across security, cloud, automation, and enterprise infrastructure.

๐Ÿ” Security & Compliance
Active Directory SecuritySTIG Compliance CyberArkPAM / JIT / JEA Zero TrustNessus Splunk / ESSSIEM Analysis PKIKerberos MFAWindows Hardening Vulnerability Remediation
โ˜๏ธ Cloud & DevSecOps
AWS EC2 / S3 / VPCIAM / KMS CloudFormationInfrastructure as Code JenkinsCI/CD Pipelines PackerGitHub / Bitbucket DevSecOpsCodePipeline
โš™๏ธ Automation & Scripting
PowerShellPython AnsibleREST APIs Power AutomateNETCONF / RESTCONF YANGVMware Aria APIs GitHub Copilot
๐Ÿ–ฅ๏ธ Systems Engineering
Active DirectoryGroup Policy (GPO) Windows Server 2016โ€“2025SCCM / SCOM WSUSVMware ESXi DNS / LDAPInfoblox DTC
๐ŸŒ Networking & Data Center
BGP / OSPFVXLAN / EVPN MPLSCisco NX-OS / IOS-XR Spine-Leaf / ClosF5 GTM/LTM TCP/IPWiresharkECMP
๐Ÿ› ๏ธ Tools & Platforms
JiraServiceNow TableauSolarWinds PRTGLogicMonitor VMware AriaSplunk
// career

Experience

Enterprise engineering across financial services, technology, and networking.

Freddie Mac ยท McLean, VA
Senior Systems Engineer Current
Aug 2024 โ€“ Present
  • Lead enterprise Infrastructure Security & Active Directory modernization for Windows Server 2022/2025 environments
  • Designed STIG-aligned security baselines (BSCs) and GPO/LGPO hardening policies for domain controllers and member servers
  • Spearheaded initiative to reduce Privileged Account (HPU) usage via CyberArk, JEA/PAM/JIT, and Ansible, shrinking attack surface
  • Led migration of thousands of legacy BladeLogic jobs to enterprise Ansible automation, delivering significant annual cost savings
  • Expanded enterprise Active Directory into AWS with CloudFormation IaC; configured Security Groups, KMS, CloudWatch
  • Redesigned LDAP VIP architecture using Infoblox DTC for intelligent region-aware domain controller affinity routing
  • Built hardened Windows Server 2022 AMIs using Packer, Jenkins, CodePipeline to satisfy Nessus and enterprise compliance
  • Led Windows Server 2025 certification: STIG/BSC validation, vulnerability remediation, app testing, agent onboarding
  • Used Splunk, ESS, and Tableau to identify legacy ciphers, insecure protocols, and anomalous activity patterns
HP ยท Global
Lead Systems & Vulnerability Remediation Engineer
Oct 2021 โ€“ Aug 2024
  • Led vulnerability remediation and AD security across global enterprise infrastructure
  • Built PowerShell and Python frameworks for vulnerability analysis, patch deployment, reporting, and compliance validation
  • Managed remediation strategies across thousands of Windows systems while maintaining production stability
  • Managed enterprise patch deployment using SCCM, Group Policy, and scripting automation across distributed global environments
  • Coordinated End-of-Life OS migration initiatives to improve compliance posture and reduce enterprise security risk
  • Led enterprise training in cybersecurity, automation, and infrastructure modernization
Cisco ยท Remote
Network Engineer
Jun 2019 โ€“ Sep 2021
  • Advanced troubleshooting for enterprise and SP customers involving BGP, OSPF, MPLS, VXLAN, EVPN in large-scale data centers
  • Supported Spine-Leaf and Clos-based networks on NX-OS, IOS-XR, IOS-XE at scale
  • Developed automation workflows using Python, NETCONF, RESTCONF, and YANG models
  • Managed VXLAN EVPN networks with overlay/underlay architectures and ECMP forwarding
  • Used Wireshark, GDB debuggers, and Python for deep analysis of network anomalies and hardware/software crashes
The Bridge Corporation
Network & Systems Administrator
Oct 2018 โ€“ May 2019
  • Revamped network infrastructure for redundancy, resilience, and reliability
  • Implemented Cisco AnyConnect VPN with ASA firewalls, AWS VPN Gateway, NAT, and ACLs
  • Managed Windows/Linux environments including Active Directory, WSUS, VMware ESXi
  • Deployed SolarWinds and PRTG for infrastructure monitoring, alerting, and proactive operations
// credentials

Education & Certifications

Dual master's degrees in security and engineering, backed by industry certification.

M.S. Information Systems Security
University of the Cumberlands
2020 โ€“ 2021 ยท Williamsburg, KY
M.Eng. Electrical Engineering (Telecom)
City College of New York (CCNY)
2015 โ€“ 2017 ยท New York, NY
B.S. Engineering Sciences
GIK Institute
2010 โ€“ 2014
๐Ÿ… Cisco Certified Network Associate (CCNA)
// connect

Get In Touch

๐Ÿ“ง
Email
junaidimtiaz93@gmail.com
 ๐Ÿ’ผ
LinkedIn
junaid-imtiaz-145a4175
 ๐Ÿ“ฑ
Phone
+1 (917) 365-3673
 ๐Ÿ“„
Resume
Download PDF โ†—
Available for new opportunities

Let's work together

Open to senior infrastructure, security, and cloud engineering roles. Also available for consulting engagements. Based in Ashburn, VA โ€” open to remote and hybrid opportunities nationwide.

Send Me an Email โ†’

Typical response within 24 hours