TECHNICAL SKILLS:

• Cisco Nexus/ Confidential: 7010, 5020, 5548, 2232, 2248 FEX, 6120 Fabric Interconnect (5108 Chassis and B series Blades), 9000 ( Confidential Mode), 5672 using FabricPath to Nexus FEX
• Cisco Routers 2600, 2800, 3800, 3900, 7200, 7600, ASR 1002
• Cisco Catalyst 2900,3500, 3750, 4500 (SUP 6E and 7E), 6500 (SUP 720)
• Cisco ISE/NAC 3355 and 3315 Hardware, Cisco NAC 4.9, Cisco ISE 1.2.0
• Palo Alto Firewalls 5050, 5020, 2050, (Standalone, Active/Active and Active/Passive HA)
• Checkpoint Firewalls UTM 3070, Nokia IPSO Secure XL 1280
• FireEye Web Malware Protection System, Malware Analysis System, Central Management System
• McAfee SEIM (formerly Nitro) Enterprise Security Manger, IPS, IDS, ELM, Receivers
• Wireshark
• TACLANE E100, E100 Classic, KG 175D, KIV 7HS, DTD - CYZ10, SKL
• Riverbed Steelhead WAN Optimization 1050LR
• Cisco ACS 5.1/5.5, Solarwinds Orion, BMC Network Automation
• EIGRP, BGP, OSPF, 802.1Q Trunking, HSRP, IPSEC, GRE, LACP, PAgP, GLBP, DHCP, ACL’s, Fabricpath

PROFESSIONAL EXPERIENCE:

Sr. Network Engineer

Confidential

Responsibilities:

• Perform network performance analysis in support of the evaluation, development, and operation of LAN/WAN infrastructures
• Provide Cyber Security project engineering, architectural and acquisition support to senior management.
• Act as Technical SME for AntiVirus, HBSS, security incident event management and other Confidential technologies as needed, providing technical input throughout entire product lifecycle.
• Assist in management and oversight of Confidential engineering and deployment projects.
• Support the development of contracting documentation. 
• Participate in integrated product teams, DoN and Confidential working groups, and other activities in support of Confidential engineering actions.

Sr. Network Engineer

Confidential

Responsibilities:

• Perform network performance analysis in support of the evaluation, development, and operation of LAN/WAN infrastructures
• Configured, tested and implemened Cisco networking devices such as routers, firewalls, WLC, and switches.
• Provide hands on experience and working knowledge of Voice over Internet Protocol (VoIP).
• Install, test, implement and maintain activities of all aspects of network management tool administration
• Trace frames or packets to analyze network-related issues with protocol analyzers such as Wireshark, NI observer, Network General Sniffer or Cisco NAM.
• Use ticketing system to document symptoms and status information as well as assign an applicable priority.
• Document configurations and maintain such documentation per department Change Control methodologies
• Assist with the forecasting and managing of network technologies and growth, coordinate and manage disaster recovery planning.
• Assist with establishing business continuity, disaster recovery, and incident responses across the network, using VM servers to ensure business continuity.

Lead Engineer

Confidential

Responsibilities:

• Performed cutover for Federal customer at two datacenters. Transitioned from Extreme switches to Cisco 9000’s running Confidential with Confidential connectivity to the server layer and to a Confidential 6200 FI’s. Our task was to ensure the network and storage components were set up properly for the FlexPod installation to be performed by another company.
• As Lead Engineer, I was assigned projects for various customers both government and commercial, and tasked with completing the projects often solo, but sometimes as a part of a team. These tasks ranged from basic design and implementation, resolving critical design issues to live cutover projects. I was responsible for balancing customer expectations against billable hours, while accounting for unforeseen customer events like design changes, licensing problems, lack of access, etc.
• Transitioned customer from Confidential module to new SFR module in ASA 5585-X. Created new inspection rules on the SFR module to capture customer specified interesting traffic in a way that did not harm throughput. Created specific inspection and drop rules for customer specified Confidential ’s that existed on old Confidential module.
• Resolved multicast and spanning tree convergence issue for large Navy project. Went through several test cycles in a lab before taking solution to live customer site. Reduced L2 convergence to 3 seconds or less using basic STP parameter modifications, static IGMP group memberships and a reduced PIM query interval timer. A detailed explanation of the customer’s requirements, design, and the ultimate solution can be provided upon request.
• Configured McAfee Sidewinder as an IPS (set up as proxy) to bridge connectivity between two Federal customers. The project was originally only to set up basic rules on the Sidewinder to inspect customer specified traffic between the two Federal entities, however, once on site, we discovered a number of other inconsistencies with the environment that required me to make significant design changes. Also, I ended up reviewing one of the customers’ ASA configuration and providing guidance on how to properly configure his end of an IPSEC VPN.
• Assisted other Lead Engineers with their projects, and also worked to provide documentation and research support for account managers on contract proposal support while also working my own projects.

Sr. Network Engineer

Confidential

Responsibilities:

• Configured and implemented datacenter core switch architecture using 2 Nexus 7010, 20 5020 and 105 2248 FEX’s for DMA Datacenter Relocation Project. Utilized double-sided Confidential connections between 5K’s and 7K’s. Responsible for entire Nexus Datacenter Core Architecture operational and engineering functions from 2010-2015.
• Maintained DISA STIG compliance on internal and border network devices between all enclaves and the 3 Confidential ’s on the Nexus 7010 through configuration and implementation of strict ACL’s and device hardening
• Clustered Cisco Confidential 6120 Fabric Interconnects for integration with Cisco 5108 B series blade server architecture
• Configured Cisco 4510 Access Switches back to Cisco Nexus 7010 Core switches utilizing Confidential uplinks
• Responsible for project to transition from two firewall clusters to one for the entire enterprise (not recommended, customer accepted risk for cost). Transitioned all rules and two DMZ’s from the internal firewall cluster to the external firewall cluster (now the single cluster).
• Transitioned the enterprise from a Cisco Confidential deployment to Cisco ISE using the 3355 hardware and 802.1X for machine authentication
• Configured Palo Alto Firewalls as Primary URL filter with custom Permit and Block categories; used SSL Decryption to monitor and control access to sites and/or browsers that use SSL encryption by default
• Configured Checkpoint Firewalls for Active/Active and Active/Passive High Availability (HA). Solved complex connectivity problem related to Checkpoint HA communication, consolidated and updated Firewall policies.
• Configure standard and custom Application signatures on Palo Alto Firewalls to monitor and control applications utilizing network resources.
• Configured User Identification on Palo Alto Firewalls using Active Directory for more detailed activity reporting
• Designed, configured and implemented Edge Router/External Firewall transition utilizing dual ASR 1001’s and dual Palo Alto 5050’s in an Active/Active cluster. (Replaced Fortigate 5140 system)
• Configured ACS 5.1 (later upgraded to 5.5) for full ACS/RADIUS AAA functionality. Integrated ACS with Active Directory for administrative access functionality.
• Designed and implemented Cisco Confidential Virtual Gateway with a clustered CAM’s, CAS’ and a single Profiler for client posture assessment and remediation. Integrated Cisco NAC solution with AD using Role-based VLAN assignment.
• Configured Cisco 6509’s as VSS (1440) for DMZ connectivity to Checkpoint Firewall
• Designed and implemented Riverbed WAN optimization solution for a remote site using Steelhead 1050’s
• Use Wireshark on a consistent basis to resolve connectivity problems between hosts
• Utilize Wireshark, FireEye Web MPS and Nitro SEIM tools to investigate, respond to, and generate reports for GNOSC and CyberComm security incident tickets
• Manage edge Firewall/Router to update Policies, Web Filtering, and Application control features to increase security
• Perform WAN Throughput testing (Iperf) to educate the customer on how throughput is affected by high bandwidth, high latency links

Sr. Network Engineer

Confidential

Responsibilities:

• Researches, tests, evaluates, and recommends network technology, platform, network systems and/or other related services.
• Tests and evaluates hardware and software to determine efficiency, reliability, and compatibility with existing system and networks, using various types of equipment
• Support a Multi-protocol Data Network with a strong knowledge of routing and routed protocols including TCP/IP, EIGRP, BGP, OSPF.
• Multi-platform Cisco router and switch design, implementation and support.
• Resolve critical data network problems

Sales Engineer

Confidential

Responsibilities:

• Work with sales team and customers to provide technical and product leadership throughout the sales process
• Configure Aruba Wireless Access Points, Controllers, and captive portal functionality to assist sales team in product demonstrations for Confidential and Federal Customers
• Set up Aruba AP and Controller at trade shows for team internet access across the floor

Infrastructure Specialist

Confidential

Responsibilities:

• Interface with Confidential Facilities partners to plan and coordinate new and existing facility upgrades and changes
• Create and update Generic design standards for Server Farm and related facilities floor plan layout

Network Engineer

Confidential

Responsibilities:

• Troubleshoot, maintain and implement large enterprise data and voice networks (WAN, MAN, LAN, WLAN) for the Navy Marine Corp Intranet ( Confidential ) from Norfolk based NOC

Network Engineer

Confidential

Responsibilities:

• Configure and install encryption devices and Cisco switches for use on Confidential
• Configured and maintained Cisco switches at the Access and Distribution layers for Confidential networks on military installations in Confidential, Confidential and deployed environments.
• Implemented and maintained WAN circuits--OC-3,12,48, T-1’s and DS-3’s destined to hub and regional Control facilities