- I am a seasoned / certified Sr. Network Security Engineer / Architect - Systems Engineer looking to advance my career & knowledge by designing & implementing new secure network technologies & practices.
- Currently, I am a Senior Network Solutions Engineer working for Confidential located in Mid-Town New York, NY.
- I am looking for a position in which I can keep my hands dirty & mind sharp by assessing / securing / redesigning / configuring and managing mid-level to large-scale network LAN, WAN, VOICE, SERVER environments / topologies.
Operating Systems: Windows 7 & 10; Windows Server 2008, 2012; Linux (Desktops & Servers)
Development Tools: Visual Studio; Dreamweaver; Photoshop; Notepad++
Networking/Administration: CCNA, CCNP, CCIE Written Routing & Switching; CISCO IOS (STP, VTP, VLAN, VRF, BGP, RIP, OSPF, EIGRP, ACL, TCP/IP, Route Maps, Multicast, PBR); Juniper Junos; SDN fundamentals; Firewalls; Routers; Switches; Micro-Segmentation, Wireless; AD User and Group Policies/Privileges; Remote Access; VPN; Windows Server; Linux Server, VMWare & Hyper-V
Hardware Knowledge: Cisco Nexus 2000, 5000, 7000; Cisco Catalyst 3750, 3750, 45xx, 4500-X, 6509; Cisco Router ISR-29xx, ISR-39xx, ISR-44xx, ASR-100x, ASR-90xx; Checkpoint 4800, 12000, Cisco UCS; Juniper SRX Firewalls, Juniper MX Routers, Juniper EX Switches; HP ProLiant DL Series Servers; HP ProLiant BL Series Blade Servers; Dell PowerEdge R Series Servers
Databases Knowledge: PostgreSQL, MYSQL, Microsoft SQL Server
Confidential,New York, NY
Sr. Network Infrastructure EngineerResponsibilities:
- Network design, implementation, and configuration engineer
- Manage Juniper vGW & (VMWare NSX) hosts micro-segementation firewalls
- Build then create & manage firewall security policies/rules/filters on Cisco ASA, Fortinet, Checkpoint & Juniper SRX Security Gateways
- Research network direct and IPSec tunned connectivity to AWS & GCP cloud providers for near future migrations.
- Create AWS & GCP BGP peerings via Direct Connect & IPSec Tunnels respectively.
- Work with windows/linux/dev systems department personnel to troubleshoot source to destination connectivity issues.
- Review / Complete security access request(firewall rule) tickets
- Review, propose then implement BGP/OSPF configuration changes to increase DC to DC and local routing performance / efficiency.
- Riverbed SteelCentral NetProfiler configuration for network visibility when troubleshooting
- Internal / External Citrix Netscaler Load-balancer management
Sr Network Edge Security EngineerResponsibilities:
- Network edge design & modernization (Lead network edge security engineer - Securing Internet & WAN links as well as 200+ virtual Site-to-Site IPSec VPN links with various remote affiliates/3rd party vendors)
- Lead Checkpoint / ASA firewall engineer - Redesigning / Building / Upgrading / Management of the current edge security infrastructure
- Level 3 edge network issues troubleshooting / mitigation (eg. ddos attacks, cryptolocker/malware infections, corporate wireless outages, etc...)
- Network edge security / performance / management / monitoring redesign diagramming & write-ups
- Team ticketing processes redesign
- Securing the network edge for the new medical software ‘EPIC’
- Internal / External Citrix Netscaler management. WebSense proxy policy management.
- Network topology / equipment needs forecasting & purchase reviews (Moves from WebSense to Bluecoat, ASAx upgrades, Edge network redesign switches / routers / firewalls models, etc...)
Lead Network Solutions Architect / EngineerResponsibilities:
- Lead network design, implementation, and configuration engineer.
- Review/Decide on standard appliance IOS code versions. As well as devise a format / execute automatic and manual code deployments via ISSU, non-ISSU, and standard upgrades of nexus and non-nexus Cisco equipment.
- Define QOS Policies / Re-Design / Re-IP Address the Confidential main & branch offices in preparation for a mass migration of 5000+ users from the current AT&T Centrex solution to a hosted Cisco voice solution.
- Troubleshoot network outages / performance issues that were notified to the group either via an escalated helpdesk ticket or alerted via the SolarWinds or Cisco Prime NMS.
- Troubleshoot and resolve network related issues on various city SCADA networks eg CATS, CDOT, Charlotte Water...
- Provided suggestions to improve network performance / security / redundancy / overall health / etc…
- Research secondary connectivity solutions which comprised of DMVPN IPSec tunnels via a private 4G LTE cloud.
Lead Sr. Network Architect / EngineerResponsibilities:
- Lead network design, implementation, and configuration engineer
- Backup Firewall Engineer (Checkpoint, Cisco, Juniper)
- Backup Windows Domain Administrator
- Backup VMWare Administrator
- Lead Intel/McAfee EPO Administrator
- External / Internal IP address & DNS Management
- External Certificate / Internal Certificate Authority Management
- Design / Implement Network Server Core Centralization / Datacenter Colocation
- Design / Implement Multi-Branch Cisco Hardware Refresh (Including phase/replacement out of Juniper SRX series edge Security Gateways & HP switch standard)
- Design / Implement Hub Site Cisco Wireless Network
- Design / Implement Multi-Branch Cisco VoIP Design & Configuration
- Design / Implement hierarchical IP Addressing scheme for Main/Branch sites; Re IP'd user/server segments accordingly
Sr. Network EngineerResponsibilities:
- Act as a level 3 network design, implementation, and configuration engineer on various projects to aid network growth while providing multi-vendor setup alternatives.
- Build, Configure & deploy Cisco routers (ASR 1004, ASR 1006, Cisco 7200) / L3 switches - (Cisco 7609 with sup720-3b-xl), (Nexus 3064, Nexus 7010's with sup1) and Wireless LAN Controllers (Cisco WLC 5500), Ruckus ZD5000, Belair AP's.
- Meet with Cisco, A10, Ruckus & other vendors to review TAC cases/fixes & code feature upgrades to various network appliances.
- Document network changes and review baselines, peak & delta for device, traffic, latency, session, memory, cpu, etc. (SevOne NMS) Such proactive monitoring has ensured network availability and device uptime.
- Troubleshoot Cisco CAPWAPP, Ruckus LWAPP & Belair LNS L2TP tunnel termination issues.
- Administer Cisco Network Registrar & troubleshoot DHCP extension options related issues with use of our Apcon port aggregation & Clear Sight packet capture appliances.
Sr. Network Engineer / Juniper Firewall EngineerResponsibilities:
- Act as level 3 network support. Was contracted by Confidential to aid in a large scale migration/network cutover due to Confidential acquisition of Prudential Bache.
- Aid in the management/maintenance/support of the 1,200+ Confidential global (including US, London, Hong Kong, etc…) network appliances found in their Primary, DR and Branch sites.
- Configure & deploy Cisco routers (ISR 3845 & 3945) / L3 switches - (Catalyst 3750, 4948), (Catalyst 6504s & 6509s with either sup32 3b’s or sup720 3b’s), (Nexus 7010’s with sup1) and Juniper SSG20 firewalls to be used at Primary, DR and Branch sites.
- Monitor/implement everyday routing & firewall related requests submitted by users & the helpdesk through Confidential Remedy ticking system. Example of everyday tickets include server patch schedules; configuring/trunking/VPC HP & Dell servers & BladeCenter switches to the network; creating site to site IPSEC VPN tunnels to third party companies; adding new routes to the network; troubleshooting routing protocol issues such as tweaking BGP & EIGRP metrics to alter preferred routes; work with the Windows & Unix server engineering teams to determine possible application slowness; etc…
- Troubleshoot MPLS & Point-2-Point circuit and BGP connectivity & routing issues. Work primary (Verizon), secondary (AT&T) & tertiary (optimum lightpath) circuit providers to address network stability and link flapping/down issues.
- Create firewall rules using Juniper NSM to allow servers or users (when bypassing the proxy is needed) to access internet or extranet services; Rules were also created to deny IP addresses/ranges when potential malicious threats were observed.
- Utilize network management applications such as Orion NPM, Infoblox, ManageEngine Device Expert, Optnet Acelive (Gigamon) & Wireshark, Riverbed MAZU, etc… when troubleshooting network performance & maintenance related issues.
- Create MS Visio diagrams & word documents for easier access of crucial data and to visualize the network topology when modifying or implementing changes.
- Research software’s/appliances that can increase our engineering staff’s productivity, then propose the benefits & disadvantages to management.
Network Engineer / NOC TechnicianResponsibilities:
- Installation and configuration of CISCO switches Catalyst series (2900XL, 3560, 3750, 4506, 6509, and 6513) and router series (2600, 3845) into Daily News Datacenter at Primary & DR sites.
- Preserve the integrity of the Daily News network; troubleshooting issues found by network monitoring applications CISCOWORKS LMS, SOLARWINDS ORION NPM, OPTNET ACELIVE, IPSWITCH WHATSUPGOLD, etc.
- Investigate & resolve issues regarding CISCO appliance switching / routing protocols eg. STP loops/Unnecessary convergence; routing loops, IPSEC GRE tunnel’s going down unexpectedly; BGP links down or flapping; etc…
- Aid in the management of user access to Daily News central network using Juniper’s SSL VPN appliance.
- Server & user Ethernet & Fiber patching.
- Creation of Visio diagrams to account for network changes.
- Currently I’ve been tasked with upgrading our company’s CISCOWORKS NMS from 2.6 to 3.2.