Markus Ickenroth

Senior System Engineer Microsoft

Ingelheim am Rhein, Germany

Experience

Jan 2024 - May 2024
5 months

Senior System Engineer Microsoft

Technidata it-service gmbh

  • In this project, I was responsible for running a Citrix farm for 600 users, optimizing the user experience and ensuring high availability. I managed and optimized the entire application landscape for a major client, evaluated and implemented application updates, and ensured software compatibility and security.
  • Another focus was efficient management of Active Directory and core Microsoft services. I managed user accounts, implemented security policies, and monitored system performance. I also administered Azure Entra ID to control identities and access rights, set security policies, and synced on-premise directories with the cloud.
  • I implemented and managed Microsoft Intune for centralized client device management, including configuring and managing BitLocker for disk encryption and protecting sensitive data. I managed file servers and NTFS permissions to ensure secure and efficient data access.
  • I handled change requests and last-level support tickets efficiently to resolve complex system issues and improve user satisfaction. I also supported and advised the client team on various topics and projects, identified improvement opportunities, and implemented best practices.
  • Technologies and tools used:
  • Citrix XenApp and XenDesktop
  • Microsoft Windows Server 2012R2 and 2022
  • Exchange 2016 and Exchange Online
  • Entra ID (Azure AD)
  • Entra ID Connect
  • BitLocker
  • PowerShell scripting
  • Microsoft Intune
  • LDAP (Lightweight Directory Access Protocol)
  • DNS services (Domain Name System)
  • Active Directory Certificate Services (AD CS)
Oct 2023 - Dec 2023
3 months
Germany

Active Directory Specialist

Atotech Deutschland GmbH & Co. KG

  • In this project, I was responsible for enterprise-level user management, including provisioning, deprovisioning, and lifecycle management across multiple locations and business units. I designed and implemented complex Group Policy Objects (GPOs) to secure and manage extensive computer and user settings. I planned and maintained a robust Active Directory infrastructure with multiple forests and domains, established trust relationships, and optimized site topology. I also ensured deployment and maintenance of Active Directory Federation Services (ADFS) to enable secure identity sharing between organizations and cloud services. I coordinated directory synchronization with cloud services like Entra ID for consistent identity management on-premise and in the cloud.
  • I ensured high availability of AD services and deployments across regions, executing comprehensive backup and disaster recovery plans. To optimize directory services, I monitored system performance, identified bottlenecks, and made adjustments. I conducted security audits and compliance checks, fixing issues to maintain AD security and integrity. For complex AD issues, I provided expert-level troubleshooting, including cross-domain authentication and forest-wide replication errors. I worked closely with IT management to align Active Directory services with business goals and integrate new technologies and cloud migration strategies.
  • Technologies used:
  • Active Directory Domain Services (AD DS)
  • Group Policy Objects (GPOs)
  • Azure Entra ID (Entra ID)
  • Active Directory Federation Services (ADFS)
  • PowerShell
  • LDAP (Lightweight Directory Access Protocol)
  • Active Directory Certificate Services (AD CS)
  • DNS services (Domain Name System)
  • Active Directory Sites and Services
  • Windows Server
Sep 2020 - Sep 2023
3 years 1 month

Interims Technical Lead

SHE Informationstechnologie AG

  • In this project, I supported the team with complex troubleshooting and escalations, planned and executed Microsoft-environment projects including Intune and Entra ID. I was responsible for designing, implementing, and managing Windows Servers and Windows 10/11 in VDI environments and for migrations in Windows Server, Active Directory, Exchange, and Azure. I also coordinated troubleshooting and evaluated architecture for Microsoft technologies.
  • I provided technical consulting and mentoring for team members, led the Microsoft team, and ensured smooth communication with other departments and clients. I oversaw training and development of team members. In risk management, I created technical documentation and managed Office 365 environments, Entra ID, and Exchange Online. I conducted configuration reviews, managed file servers and NTFS permissions, and automated processes with PowerShell.
  • I also planned and operated Microsoft Intune for device management and security, and Azure Entra ID for identity and access management. I coordinated the transition from Skype for Business to Microsoft Teams and handled administration and troubleshooting of SharePoint and Office Apps Server.
  • Technologies used:
  • Microsoft Windows Server (2008R2 - 2022)
  • Windows 10/11
  • Microsoft 365
  • Microsoft Azure
  • Office 365
  • Exchange Online and Exchange Server
  • Microsoft Teams
  • Intune
  • BitLocker
  • PowerShell
  • Quest Kace
  • WSUS (Windows Server Update Services)
  • Entra ID
Aug 2019 - Sep 2020
1 year 2 months

Active Directory Specialist

Bilfinger Global IT GmbH

  • In this project, I provided expertise in operating a globally distributed Active Directory and advised on mergers and carve-outs. I developed automation scripts to optimize AD and implemented security measures for domain controllers. I handled 3rd-level incidents and troubleshooting. I played a key role in building the Enhanced Security Administrative Environment (ESAE). I monitored AD performance and availability, created and enforced security policies, and executed disaster recovery plans for AD components.
  • I also operated and managed Azure Entra ID for identity and access control, implemented and managed security policies and access controls, and synced on-premise directories with Entra ID. I regularly reviewed and audited Entra ID configurations and security, supported multi-factor authentication (MFA) and conditional access implementation, and managed users, groups, and roles in Entra ID. Monitoring and troubleshooting Entra ID services for high availability and performance were part of my tasks, as well as creating and maintaining documentation and operational guides for Entra ID.
  • Technologies used:
  • Active Directory
  • LDAP (Lightweight Directory Access Protocol)
  • PowerShell
  • Kerberos and Group Policy
  • DNS (Domain Name System)
  • Entra ID (Azure AD)
  • Windows Server (2008R2 - 2019)
Jun 2019 - Aug 2019
3 months

Systems Engineer

Klöckner Pentaplast

  • In this project, I provided 2nd-level support for all Microsoft services including Active Directory (AD), Microsoft Exchange, and client operating systems. I assisted with the rollout of Windows 10 and Office 365, diagnosed and resolved system issues in a Microsoft environment, and managed user accounts and permissions via AD. To ensure efficient and secure data access, I managed file servers and NTFS permissions.
  • I monitored system performance and implemented optimizations, supported backup planning and recovery processes, and worked with the IT security team to implement security policies and procedures. Finally, I documented system configurations and update procedures.
  • Technologies used:
  • Windows 10
  • Office 365
  • Active Directory
  • Microsoft Exchange
  • PowerShell
  • Windows Server
Sep 2017 - May 2019
1 year 9 months

Systems Engineer Specialist

SHE Informationstechnologie AG

  • In this project, I provided 2nd-level support for a range of Microsoft products and custom applications. I planned, implemented, and monitored Microsoft-environment projects including migrations and server upgrades. My work included design, maintenance, operation, and troubleshooting of Exchange Servers (2010-2016), managing hybrid setups and DAGs for 200-4000 mailboxes. I operated and managed Microsoft Servers (2008R2 - 2019), including patch management, monitoring, and performance tuning.
  • I gained experience with Skype for Business, SharePoint, and Office Apps Server administration and troubleshooting. I managed and optimized Microsoft 365 services including Exchange Online, SharePoint, and Teams. I implemented and managed security policies on on-premise and cloud servers. I supported and trained end users on Microsoft 365 services and developed PowerShell scripts to automate recurring tasks and system administration.
  • I also managed file servers and configured NTFS permissions for secure data management. I conducted configuration reviews to ensure compliance and performance, coordinating with other IT departments and external providers. Additionally, I administered BitLocker for disk encryption on client devices and managed Entra ID (Azure AD) for identity and access control and directory sync. Finally, I administered devices, policies, and users in Microsoft Intune for centralized device management and security.
  • Technologies used:
  • Windows Server 2008R2 - Server 2019
  • Windows 10/11
  • Microsoft 365
  • Azure
  • PowerShell
  • Microsoft Exchange (Online)
  • SharePoint Online
  • Microsoft Teams
  • BitLocker
  • Entra ID (Azure AD)
  • Microsoft Intune
Mar 2017 - Sep 2017
7 months
Germany

Systems Engineer Specialist

Sika Automotive Deutschland GmbH (Damals faist chemtec)

  • In this project, I analyzed and optimized the existing Active Directory infrastructure and implemented best practices. I advised the IT manager on security, network structure, and IT process optimization. My tasks included 2nd-level incident and change handling, troubleshooting, and implementing production changes. I also monitored and optimized the Kaspersky Antivirus solution, including updates and configuration changes.
  • I managed file servers and set NTFS permissions to ensure secure and efficient data access. In collaboration with the security team, I conducted security audits and hardening. Finally, I created technical documentation and work instructions for the IT team.
  • Technologies used:
  • Active Directory
  • Kaspersky Antivirus
  • Windows Server
  • PowerShell
Oct 2016 - Feb 2017
5 months
Germany

IT Coordinator

Handwerkskammer rheinhessen

  • In this project, I acted as technical IT lead, coordinating between departments and handling strategic planning. I had overall responsibility for IT infrastructure across up to five locations, covering network, servers, and security. I designed and planned a private cloud infrastructure for a new training center, managed and operated Exchange 2016 with up to 500 mailboxes, and implemented various work packages from the private cloud project, including server configuration, data migration, and security policies.
  • I conducted risk analyses, developed emergency plans for critical IT systems, and implemented ITIL-based processes for incident, problem, and change management. I was responsible for budgeting and cost control for IT projects and operations, as well as selecting and managing external service providers and vendors for IT services. I provided 2nd- and 3rd-level support for all IT requests and issues, managed file servers, and implemented NTFS permissions to optimize data access security and efficiency.
  • I maintained about 80 specialty applications, including updates and user training, and conducted regular audits to ensure compliance with policies.
  • Technologies used:
  • VMware vSphere
  • Windows Server 2012/2016
  • XenDesktop/XenServer
  • Failover Cluster
  • SQL Server
  • Exchange Server
  • System Center Suite
  • Various specialty applications

Summary

Markus Ickenroth is a skilled Senior Systems Engineer focused on managing Microsoft-based IT infrastructures. He has solid knowledge in:

  • Windows Server
  • Active Directory
  • Microsoft Exchange Server

In addition to his deep technical expertise in those areas, Markus has extensive skills in cloud computing, especially in:

  • Microsoft Azure
  • Microsoft 365

He combines technical know-how with strong methodological skills in ITIL and sharp analytical abilities. His problem-solving skills and reliability make him a valuable team member in complex IT projects. His soft skills include, among others:

  • Teamwork
  • Customer focus
  • Resilience
  • Reliability

Languages

German
Native
English
Advanced

Certifications & licenses

Microsoft Certified: Azure Fundamentals AZ-900

Microsoft

Microsoft Certified: Windows Server Hybrid Administrator Associate

Microsoft

Upgrading Microsoft Certified System Engineer to 2012R2

Microsoft

Zertifizierung zum VMware Certified Professional on vSphere 4

VMware

CompTIA Security+

CompTIA

Microsoft Certified System Engineer on Windows 2000

Microsoft

Cobit Foundation

ITIL v3 Foundation