Harsha Horawala-Vithanage

Harsha
Horawala-Vithanage

Systems Engineer  ·  Microsoft 365 & Cloud Infrastructure

> specializing in _

Available for new opportunities
Let's Connect
10+
Years experience
120+
Clients managed
500+
Endpoints managed
Core competencies

Built for the
modern IT stack.

A decade of hands-on expertise across cloud, security, networking, and automation.

☁️

Cloud & Identity

Microsoft 365Azure AD / Entra ID Hybrid Azure AD JoinConditional Access MFA EnforcementAzure AD Connect
💻

Endpoint Management

Microsoft IntuneMDM / MAM Datto RMMPatch Management PrinterLogicActive Directory
🔐

Security & Compliance

Zero TrustCIS Benchmarking Vulnerability MgmtDigital Defense ProofpointITIL
⚙️

Automation & Scripting

PowerShellBatch Scripting RMM AutomationApp Packaging
🌐

Networking

WatchGuardDNS / DHCP HP Switches & APsVLAN Segmentation AuvikpfSense / UniFi
🗂️

Platforms & Tools

SharePoint & TeamsIT Glue Autotask PSAProxMox / ESXi DockerSynology NAS
Work history

A decade of
making things work.

BBH Solutions · New York, NY
Systems Engineer
Mar 2019 – Present
Current
  • Architect and manage Microsoft 365 environments for 120+ clients — hybrid deployments, Exchange Online migration, SharePoint Online & Teams rollouts, and Azure AD (Entra ID) configuration.
  • Implement Azure AD Conditional Access, MFA enforcement, and RBAC controls aligned with Zero Trust security principles across all managed tenants.
  • Deploy and administer Microsoft Intune MDM/MAM policies across 500+ endpoints — remote wipe, compliance enforcement, and device lifecycle management.
  • Build and maintain PowerShell and batch automation scripts via Datto RMM, reducing manual provisioning effort and standardizing client configurations.
  • Lead CIS benchmark assessments and remediation projects, improving security posture and preparing clients for cyber insurance audits.
  • Manage Digital Defense vulnerability platform — prioritize and track remediation of critical and high-severity findings across all environments.
  • Administer Active Directory and GPOs across multi-tenant, multi-site environments; OUs, security groups, and fine-grained password policies.
  • Create and maintain IT Glue documentation (SOPs, network diagrams, runbooks), enabling helpdesk to resolve Tier 1/2 issues independently.
  • Manage Autotask PSA ticketing queue; resolve escalated incidents and maintain SLA compliance across 120+ client accounts.
  • Execute structured client onboarding and offboarding — M365 licensing, imaging, security hardening, and asset documentation.
Emazzanti Technologies · Hoboken, NJ
Network & Systems Engineer
Feb 2015 – Mar 2019
  • Designed and configured WatchGuard firewalls, HP switches, and APs — VPN, VLAN segmentation, and access control for SMB clients.
  • Configured and managed DNS and DHCP infrastructure across single and multi-site client environments.
  • Administered Active Directory and Group Policy across multi-domain environments for 30+ client organizations.
  • Produced detailed network topology and Visio diagrams for client documentation and executive reporting.
  • Deployed Auvik network monitoring for real-time visibility and alerting across large-scale, multi-site networks.
  • Led helpdesk team projects and coordinated new client onboarding through repeatable, documented playbooks.
  • Migrated clients from on-premises Exchange to Office 365 — improving uptime, mobile access, and reducing overhead.
  • Configured Proofpoint email filtering to protect clients against phishing, malware, and spam.
  • Performed data center hardware maintenance, racking, cabling, and lifecycle deployment.
  • Authored knowledge-base articles and runbooks to reduce Tier 1 escalations.
Credentials

Education &
Certifications

🎓

B.S. Computer Science

New Jersey University  ·  2008–2013

📋

ITIL Foundation

IT Service Management — Certified

🔥

Netgate pfSense

Hands-on proficiency — production home lab deployment

🎯

In Progress

AZ-104  ·  MS-102  ·  SC-300

Self-development

A lab that
never sleeps.

A dedicated home network built to continuously test, validate, and explore technologies beyond the day job.

🔥
Firewall & Routing

Netgate pfSense with policy-based routing, VLAN segmentation, and complete isolation between CORP, IOT, and security camera networks.

🖥️
Hypervisor & Compute

ProxMox and ESXi 8 hosts running Windows Server, Linux VMs, and Docker containers — used to sandbox real client scenarios before production deployment.

🛡️
Security & Detection

Self-hosted Wazuh SIEM monitoring all machines. A dedicated sandbox environment for testing phishing samples and live threats encountered in client environments.

📡
Network & Storage

UniFi APs and managed switches. Synology NAS running automated backup schedules, recovery testing, and offsite replication simulation.

Home Lab Rack
Home Lab  ·  Built & maintained by Harsha
Beyond the screen

Life outside IT.

🏏

Cricket Enthusiast

Actively participates in a local cricket league through summer and fall seasons — staying connected to a lifelong passion while enjoying team competition and camaraderie.

🥾

Outdoor Adventurer

An avid hiker who loves exploring trails and the great outdoors. Whether a challenging climb or a peaceful walk in nature, hiking offers the perfect counterbalance to a demanding technical career.

Let's connect

Open to new
opportunities.

Available for Systems Engineer, Cloud Infrastructure, and Microsoft 365 roles.

201-423-3089 me@iharsha.info LinkedIn