To work within a network team while utilizing my networking, security & troubleshooting skill sets to enhance the company’s network environment, and its productivity with opportunities to advance & grow throughout my career.
- Windows 2008, 2003, 2000 Server
- MS Office/BackOffice
- Windows 8, 7, Vista, XP, 2000
- MS Exchange 2007, 2003, 2000
- Windows NT Server
- MS IIS / SQL
- Bay Networks
- Windows NT Workstation
- Windows 3.x / 9x
- Veritas Net/BackupExec
- DOS v3 - v6.22
- Imagecast / Ghost
- VMWARE / Virtual PC
- Cisco ASA/PIX
- Axent/Symantec: SEF/Raptor, ITA, Netprowler, Net Recon
- Token Ring
- Check Point: Firewall-1 & VPN
- Interceptor & NetFortress HW/SW systems
- Wireless / WEP / AES
- ISS RealSecure Suite
- Mesh / Star / Bus / Ring / Tree
Networking Department - Sr IT Network Manager, Orlando, FL
- Redesigned and scheduled the architectural changes/upgrades to the network.
- Migrated environment from a Fiber Ring network to a modern & redundant 10G VPLS Network.
- Manage, monitor and configure Cisco Nexus 7k, 5k, 3k series switches
- Manage, monitor and configure Cisco Catalyst 6500, 4500, 3850, 3560, 2960 series switches.
- Manage and monitor Cisco Wireless environment; 5508 WLCs and 1142N WAPs. Local & FlexConnected.
- Redesigned and Implemented Cisco Confidential Secure and Tiered Access.
- Installed and Configured Solarwinds monitoring and Change Management systems (NCM).
- Managed and Installed ElevenWireless/11OS tiered wireless offering for mulitple properties.
- Managed, Configured, Upgraded and Installed Nomadix Access Gateway 5800s
- Guest Access at 7 hotels for convention properties & tour and travel facilities.
- Convention Access at 3 major properties that offer convention services.
- Provided Tier 3 support for Outside Sales department as their Sr Network Services Engineer.
- Designed and Configured Cisco LAN/WAN switches
- Designed and Configured Cisco ASA firewalls
- Designed and Configured Cisco Routers
- Managed Network team of 4 engineers; 2 Jr Network Engineers, 2 Mid Level Network Engineers.
- Implemented Change Management and Implementation & Backout Plan documentation for all change services.
Sr Network & Firewall Engineer, Silver Spring, MD
- Designed, Configured, Troubleshot and Maintained Confidential routers, switches and subsystems.
- Helped migrated multiple COLO facilities various internet circuits to MPLS network.
- Assisted Security department, as a Network team liaison, with yearly scan reports and helped organize a plan to mitigate any findings IAW Confidential policies and procedures. (POA&M)
- Successfully rebuilt What’s Up Gold Network Monitoring and Reporting Tool
- The original WUG build was not fully optimized and out-dated.
- Installed the latest version of WUG and moved the database from local virtual machine to database cluster.
- Configured Rules, Alerting, SNMP, Flow Monitor, IIS w/SelfSSL, AD (LDAP) Integration, Reports (Performance, Network, Device), Inventory and working with team on Dashboard layouts.
- Repaired, Maintained & Managed Solarwinds NCM Backup, Configuration Updating and Device Script Push/Pull Implementations.
- When I came onboard, NCM was not working.
- Daily, Weekly, Monthly reports now fully automated.
- Fixed and upgraded Cisco Confidential
- Misconfiguration found and appropriated the correct domain credentials necessary to fix and finish the configuration that was started.
- Upgraded Confidential from 5.2 to 126.96.36.199 and patched the upgrade, per cisco documentation/release notes.
Sr Network & Firewall Engineer, Landover, MD
- Maintaining Firewalls, as primary Network Firewall Engineer. (W2W, D2D, L2L, M2M)
- Access Control Lists
- Static/Dynamic NATs
- CIRC Required Block Lists
- Network Connectivity Troubleshooting
- Remedy/Trouble tickets
- Maintaining & Managing NCM Backup, R/T Reporting, Configuration Update with Push/Pull Scripting and Implementation.
- F5 LTMs
- Wireless APs
- WAN Accelerators
- Design, Configuration, Maintenance of Routers, Switches, WAN Accelerators and Wireless devices.
- Configuration Management
- SNMP Traps
- Update/Script Updates and Push configurations (routers, switches, firewalls, F5 LTMs, WAN accelerators and Wireless devices).
- Remedy/Trouble tickets
- Successfully designed and implemented, as the Firewall Lead Engineer, the PIX to ASA migration strategy for OCC Confidential, DO and Satellite/COLO Offices. Implementation is ongoing.
- Integral member of the CC Swing space migration for network architecture/engineering.
- Found and Fixed Spanning-tree issue at CC facility.
- Managed, Configured, Architected; configurations, maintenance and troubleshooting for the OCC/OTS merger. Primary contact during all phases of merger for network and security requirements and updates.
- Successfully migrated OTS network devices from old Confidential system to OCC Confidential system.
- Assisted in the Redundant Internet circuit upgrades and WAN Optimization updates/upgrades (configuration) for OC3 and DS3 circuits with 7200 series routers, on the government MPLS environment.
- Designed, Configured and Maintain the Solarwinds Orion NCM network configuration management program. As well as, monitoring and troubleshooting device backups/checks, performing configuration pushes from NCM console.
- Upgraded and Tested Router, Switch and Firewall IOS’s and Configurations.
- Responsible for the Installation/Updating of CIRC provided Network/IP Blocklists to all OCC firewalls.
- Architecting/Clean up/Redesign and Implementing Firewall management and continuity standards. To include: Cleaned up ACLs, (Static/Dynamic) NATs, OBJECT-GROUPS and VPN configurations.
- Provided LVL3 support and on-call rotation. Primary responsibility - Firewall Lead Engineer. Secondary Responsibility - R&S.
- Acting secondary for Solarwinds R/T reporting & alerting system for OCC.
- Responsible for maintaining and scheduling on-call rotation roster as the On-Call Coordinator, for OCC PM.
- Provides, as the primary, the required morning reports for team reviews of current network and staff statuses.
Sr Network Engineer, Lanham, MD
- Redesigned & Implemented Network Core infrastructure from a flat network to a dynamic network with redundantly connected/failover servers and services.
- Replaced Dell switches with Cisco 4506, 3750 and 3560 switches. Creating a Core, Distribution switch environment with an external external/DMZ switch configuration.
- Re-IP’d the Production and COLO sites and deployed them on VLANs with vACLs.
- Updated/Upgraded from Sonicwall firewalls to Cisco 5500 series ASA Firewalls.
- Redesigned L2L connectivity/structure for server connectivity/communication, but also logshipping.
- Implemented rate-limiting for logshipping & internet scraper services.
- Provided 24/7 LVL3 on call engineering & support.
- Designed a PCI approved DMZ for Credit Card/eCommerce transactions & connectivity.
- Redesigned the F5 LTM Load-balancer design from “in-path” to “one-armed”
- Implemented Riverbed Steelhead 5050s; “in-path” via L2 connectivity and “one-armed” at primary production facility via WCCP.
- Responsible for maintaining/troubleshooting Domain Controller errors/problems.
- Configured and Maintained Bluecat Adonis DNS appliances.
- Responsible for Security posture and client questionnaires (LVL2 questionnaires, PCI, NVA)
IT Network Manager, Annapolis Junction, MD
- Redesigned entire infrastructure from a flat network and under/over utilized servers to a dynamic network with evenly/appropriately utilized servers and services.
- Upgraded their Windows 2000 & 2003 servers to Windows 2008 servers. Created service accounts instead of Administrator accounts for use within the domain.
- Developed & Implemented Group Policy, thus re-writing the company policies & procedures.
- Fixed their multiple Domain Controller errors/problems and improperly configured DNS.
- Replaced HP Procurve switches with Cisco 4506 & 3750 switches. Creating a Core, Distribution and Access switch environment.
- Replaced Netopia routers with Cisco 2821 routers for internet use. The routers have spare DSU WIC cards in case the primary fails.
- Upgraded their Symantec BackupExec from version 10 to 12.5
- Successfully turned up 2 new T-1 Internet circuits, 3 private lines and 1 bonded T-1 Internet circuit.
- Designed and Implemented new Cisco ASA 5520 redundant Firewalls with CSC-SSM 20 modules.
- Upgraded all Cisco IOS images on multiple devices - 4506, 3750, 2821, 1801, 2621, 5520.
- Successfully moved the workstation environments from Static IP address configurations to DHCP.
- Provided training for Microsoft and Cisco training to subordinates, as needed.
Sr. Network & Security Engineer, Annapolis, MD
- Managed and Maintained all network devices companywide (Local, Remote and COLO).
- Successfully implemented a new network design:
- Using only Cisco Routers, Switches, PIX Firewalls and VPN Concentrators
- Implemented OSPF to local, remote and COLO facilities.
- Successfully turned up 3 new T-1 Internet circuits and 1 bonded T-1 Internet circuit. (BGP)
- Developed and Implemented redundant failover connections to all sites using L2L VPN tunnels.
- Designed and Implemented redundant 4506 layer 3 switches at 2 facilities using HSRP, also configured GLBP on Layer 2 links.
- Assisted with and helped configure QoS for new Avaya IP phone system.
- Upgraded all IOS/FOS/VPN images.
- Cleaned up PIX firewalls (ACL, NAT and IPSEC tunnel reconfigurations) at all sites.
- Troubleshooting & Repair work (Break/Fix) - Routers, Switches, PIX firewalls, DNS, Active Directory, Servers, DNS, DHCP and VPN clients.
- Developed & Implemented Group Policy, based on company policies & procedures.
- Provided training for Microsoft (MCSE) and Cisco (CCNA) classes/testing.
Independent Engineer/Contractor & Senior Contract Instructor, Newport News, VA
- Performed the following Engineering work for Contracts/Sub-contracts:
- Designed and Implemented Network and Security Infrastructure - Cisco Routers/Switches/PIX/SEF
- Performed Vulnerability, Penetration and Network evaluations.
- Troubleshooting & Repair work (Break/Fix) - Active Directory, Servers, DNS, DHCP, Routers, Switches.
- Successfully migrated multiple client networks from Microsoft Windows NT 4.0 to Windows 2003.
- Developed & Implemented Group Policy, based on company policies & procedures.
- Configured and Managed Cisco PIX/ASA firewalls for national distribution company. (Firewall Administrator)
Confidential, Silver Spring, MD
- Manage multiple site networks for the Confidential ’s Affairs, while responsible for multiple engineering staff departments. Developed tiered sections for 24/7 coverage.
- Successfully developed, installed/upgraded and configured all servers from Native Windows 2000 to Windows 2003 environment: (approx 20,000+ local/remote users)
- Windows 2003, 2000 and Windows XP Operating Systems (Servers and Workstations)
- Maintained/Rebuilt/Developed all Domain Controllers (Domains/Forests/OUs), Exchange Servers (front & backend servers), Workstations, Active Directory Infrastructure, Sites (including Hot Sites), Backup Servers/Libraries, Group Policy, Administrative Install Packages, SUS Servers, Confidential Servers (VPN access), VMWARE, VoIP, LAN/WAN/SAN, Blackberry Servers, DNS, DHCP and DMZs.
- Migrated and Managed Microsoft Exchange 2000 and 2003 Front and Backend Servers.
- Install & Configure Anti-virus network management systems. (AVG & McAfee network editions)
- Developed Security baseline for all servers, workstations & devices,
- Perform regularly/random server, workstation & network vulnerability and penetration testing.
- Maintain & Developed Backup Systems & Contingency Plans (Hot Sites)
Network Planner/SysAdmin (Contractor), Hampton, VA
- Manage, Install, Configure, Repair, Train Systems Staff/Contractors/Remote Locations on all Langley AFB Medical Group (3000+ users):
- Windows 2000 and Windows NT Operating Systems (Servers and workstations) & VMWARE for client troubleshooting and testing/implementation.
- Analyze, Install, Configure and Repair - Dell, IBM and Compaq Servers and workstations.
- Analyzed and Implemented network/domain-wide CERT/AFCERT compliance requirements.
- Successfully Repaired, Installed and Restored: Third Party Outpatient Clinical Systems (TPOCS), as the Key Engineer, back to working status. Langley AFB is a HUB for 3 other base facilities; they are now running 100%.
- Repaired TPOCS Electronic billing to 100% usage first, for all spokes and acted as technical POC for other sites.
- Configured and Repaired Cisco Routers and Switches within various segmented departments, while maintaining and updating Configuration Management and documentation. Also, Redistributed various routing protocols into different AS networks.
- Created & Perform Critical Weekly/Monthly Server Maintenance Plan and Provided Monthly Status Meetings.
- Provided formal training to military and civilian employees on Microsoft Systems, Networks & Architecture.
Network Security/Engineering (Contractor)
- On call engineer for various projects - Microsoft engineering and various security engineering (break & fix).
- Analyzed and Repaired cluster environment for major manufacturing/distribution company, in Confidential .
- Symantec Enterprise Firewall cluster & Microsoft 2000 Advanced Server RRAS Server cluster
- Evaluated and recommended IDS infrastructure and firewall configuration with Government Project Manager, to fix latency within domain-wide security zones.
- Created documentation & templates and provided hands-on training for employees of manufacturing company.
- Supported Project Manager with technical design and detail within government sites, to include:
- Site migration/transition status - Technical support for sites (network engineering, site security, LAN/WAN support)
- Security Testing & Evaluation Assessments, Vulnerability, Penetration Testing and Risk Assessment.
Network Security Manager, Ft Eustis, VA
- Validate all security constraints and acting as the Information System Security Officer (ISSO) and Information Assurance Security Officer (IASO) IAW the latest Army/DoD guidance and NSA Rainbow series through the certification of TADLP, with the Information Assurance Manager (IAM) within the TADLP LAN/WAN Infrastructure, CIRC, CERT, ACERT, AFCERT and NIST requirements.
- Experience with DoD Information Technology Security Certification and Accreditation Process (DITSCAP) and the National Information Assurance Certification and Accreditation Process (NIACAP).
- Managed & Maintained all Firewalls, Intrusion Detection Systems and Windows Security:
- Creating/Managing Protocol Filters, Rules, Subnets, Secure Subnets, Tunnels and GSPs. Also, monitoring the Virtual Private Networking (VPN) tunnels & protecting secure session level traffic.
- Monitor & Manage a multi-tiered intrusion network defense strategy, including over 300+ pattern-matching Host-Based policies within the TADLP network. (Intruder Alert)
- Monitor & Manage TCP/IP & IP traffic on TADLP network segments to detect & respond to 550+ signature attacks. (Netprowler)
- Windows NT/2000 C2 compliance, IAW the TADLP requirements/guidelines & DoD Rainbow series. Including AR 380-19, 380-5, 381-12 and 5200.28.
- User Account Management, Policies and Guidelines Implementation. System Services & Network Shares, monitoring IAW security posture.
- Vulnerability, Penetration & Risk Assessment analysis, including government Security Testing & Evaluations (ST&E’s). Install, Repair and POC for TADLP Anti-viral program.
- Configured & Maintain Cisco Routers and Switches for both onsite prime contract and corporate office networks.
- On a site-by-site basis, helped configure Cisco PIX firewalls, Axent/Symantec Enterprise firewalls and Checkpoint firewalls.