DN
LinkedIn Resume

Consulting Systems Engineer

Infrastructure, security, and modernization engineering.

David Nicola designs, secures, and modernizes hybrid infrastructure across virtualization platforms, network security, distributed file services, cloud systems, and operational security workflows.

View resume LinkedIn profile dnicola95@gmail.com
01 Platform modernization

VMware vSphere and Proxmox VE assessment, host design, storage planning, high availability, backup alignment, and migration cutovers.

02 Network security

FortiGate policy review, segmentation, site connectivity, routing behavior, VPN/IPsec tunnels, logging, and failover validation.

03 Security operations

Vulnerability validation, remediation tracking, identity controls, endpoint security, SIEM logging, DNS security, and evidence handling.

Capabilities

Infrastructure engineering with security depth.

Client-facing systems engineering across hybrid infrastructure, virtualization, network security, operational controls, cloud platforms, automation, and recovery planning.

01

Virtualization modernization

VMware vSphere and Proxmox VE architecture assessment, host design, storage behavior, high availability, backup compatibility, workload placement, and migration sequencing.

02

Network security architecture

Fortinet firewall policy, segmentation boundaries, site connectivity, routing paths, encrypted tunnels, high-availability behavior, logging, and traffic-flow validation.

03

Security operations delivery

Vulnerability management, security evidence, identity infrastructure, endpoint controls, SIEM logging, DNS security, email security, and remediation coordination.

04

Hybrid systems engineering

Linux and Windows servers, AWS and Azure infrastructure, distributed storage, resilient file services, backup architecture, automation, and self-hosted retrieval systems.

Selected work

Representative infrastructure and security projects.

Work examples from consulting systems engineering, infrastructure operations, network redesign, security liaison responsibilities, platform modernization, and self-hosted retrieval infrastructure.

01

Modernization

Virtualization redesign and migration planning

Designed modernization paths for VMware vSphere and Proxmox VE environments across compute, storage, networking, backups, recovery priorities, and cutover execution.

Scope

  • Assessed host state, storage paths, workload dependencies, backup relationships, and network bindings.
  • Defined migration sequencing, change-window steps, validation checkpoints, and rollback paths.
  • Aligned high availability, storage behavior, backup design, and operational ownership before workload cutover.

Systems detail

  • VMware vSphere, Proxmox VE, shared storage, server hardware, Linux workloads, Windows workloads, and backup platforms.
  • Runbooks, dependency maps, recovery priority, post-cutover validation, and operations handoff.
02

Network security

Fortinet segmentation and site connectivity review

Reviewed firewall policy, segmentation boundaries, encrypted site connectivity, routing preference, and logging behavior to improve security posture and operational supportability.

Scope

  • Reviewed rules, address objects, NAT behavior, routing paths, site tunnels, and failover behavior.
  • Mapped application traffic needs to firewall policy and segmentation boundaries.
  • Produced low-risk change paths with validation steps for infrastructure and security stakeholders.

Systems detail

  • FortiGate, Fortinet logging and analysis, VPN/IPsec, SD-WAN, routing, segmentation, high availability, and traffic analysis.
  • Cisco, Juniper, Meraki, MikroTik, Aruba, and multi-site hybrid connectivity exposure.
03

Security operations

Security liaison and vulnerability remediation workflows

Coordinated security requirements, evidence collection, risk review, scanner validation, remediation tracking, and operational follow-through across infrastructure and security teams.

Scope

  • Validated vulnerability findings, separated real exposure from scanner noise, and prioritized remediation by operational risk.
  • Coordinated evidence, control status, remediation ownership, and technical closure with infrastructure stakeholders.
  • Supported identity, endpoint, logging, email-security, and DNS-security control workflows.

Systems detail

  • Duo authentication proxies, Mimecast, DNS security, Carbon Black, Aurora, FortiAnalyzer, Active Directory, LDAP, PKI, and OpenID.
  • Security review workflows, remediation evidence, operational risk, control validation, and stakeholder communication.
04

Data and recovery

Distributed file services, backup resilience, and recovery design

Supported migration and operational improvement of file-service platforms where user experience, permissions, performance, namespace behavior, backup strategy, and restore validation intersect.

Scope

  • Supported legacy file-system migration into resilient distributed file-service patterns.
  • Reviewed access patterns, latency-sensitive workloads, namespace behavior, permissions, and recovery requirements.
  • Connected retention strategy to practical restore behavior and operational recovery procedures.

Systems detail

  • Nasuni, Distributed File System namespaces, Windows servers, Linux servers, server hardware, backup platforms, and colocation environments.
  • Recovery objectives, restore validation, file-service performance, permissions, and operations handoff.
05

Retrieval infrastructure

Self-hosted retrieval-augmented generation infrastructure

Built local document-retrieval workflows that connect model inference, document ingestion, embeddings, vector indexing, source grounding, latency, and data-control requirements.

Scope

  • Built local model workflows with document ingestion, embeddings, vector database indexing, and retrieval pipelines.
  • Evaluated local inference, hardware constraints, latency, data handling, and source-grounding behavior.
  • Documented practical operating patterns for infrastructure teams maintaining retrieval-assisted systems.

Systems detail

  • Ollama, Open WebUI, local models, vector databases, embeddings, document retrieval, Docker, Linux, Python, and automation.
  • Data control, source attribution, retrieval quality, operational support boundaries, and governance-aware design.

Technical domains

Core engineering surface area.

Modernization systems

VMware vSphere, Proxmox VE, server hardware, shared storage, high availability design, operating system migrations, backup compatibility, monitoring, and change-window execution.

  • Architecture assessment and migration-path definition.
  • Workload dependency, recovery priority, and operational-risk mapping.
  • Runbooks, rollback plans, and post-cutover validation checklists.

Resume

Consulting Systems Engineer focused on infrastructure, security, and hybrid systems.

Experience advising clients and securing, redesigning, and performance-tuning cloud, hybrid, and on-premises infrastructure. Eligible for U.S. Secret or Top Secret clearance.

Open PDF resume Download DOCX

Certifications

AWS Solutions Architect — Professional AWS Solutions Architect — Associate Cisco CCNP Security Microsoft Azure Administrator Associate Fortinet Public Cloud Security Fortinet Network Security

Education

  • M.S. Cyber Operations, University of Maryland Global Campus
  • B.S. Computer Networks and Cyber Security, University of Maryland Global Campus
  • B.S. Political Science, The Ohio State University

Experience

Professional infrastructure, network, and security roles.

June 2026 — Present

Consulting Systems Engineer

World Wide Technology

Client-facing systems engineering across virtualization modernization, infrastructure redesign, network security projects, migration planning, and operational-risk review.

July 2024 — June 2026

Infrastructure Engineer

IBP

Security liaison work, Fortinet network operations, vulnerability remediation, authentication proxies, email security, endpoint controls, SIEM logging, VMware administration, Nasuni/DFS migration, and Proxmox development workloads.

April 2022 — July 2024

Systems Engineer

Bresco Broadband

Legacy network redesign, DNS/core services, replication and failover, Azure and on-premises domain hardening, Linux databases, cloud networking, server migration, and vulnerability remediation procedures.

2020 — 2022

Network, implementation, and cyber QA roles

Chick-fil-A · L Brands · Huntington National Bank

Network implementation, endpoint and server support, firewall and device deployment, IAM testing, security-control validation, documentation, and technical troubleshooting.

Contact

Infrastructure, network security, cloud, and systems engineering.

Email, LinkedIn, and resume downloads are available below.

Emaildnicola95@gmail.com LinkedInlinkedin.com/in/davidanicola ResumeOpen PDF resume