SUMMARY:

Experienced and fast - learning Network Engineer with proven skills and System Engineering experience in installation, configuring, and troubleshooting of state-of-the-art secure Enterprise networking technologies.

TECHNICAL SKILLS:

Cisco Routers: 1800, 1900, 2600, 2900, 3600Cisco Switches: Catalyst 2900, 3500, 3700

Firewalls: Cisco ASA 5500, Sonicwall TZ &NSA Series, Fortigate Fortinet 300 - 500 Series, Meraki MX60, MX100, MX400, Checkpoint 1120, 1180

Wireless: Cisco 2500 and 4400, Ruckus ZD1100, Meraki MR18 and MR32, Brocade RFS4000

Security: Forescout CounterAct NAC, NAT/PAT, VPN, Load Balancing, IDS/IPS, IPsec and ACL.

Routing: OSPF, EIGRP, BGP

Switching: VLAN, VTP, STP, RSTP, Port Security, Ether-Channel (PAgP, LACP).

Other Vendors Switches: Brocade FCX648S/POE, Dell PowerConnect 2800 and 6200 Series

Microsoft Server: 2003, 2008/2008r2, 2012/2012r2, 2016

Microsoft: Win7/8/10, Office 2007/2010/2013/2016

Other Protocols: HSRP, VRRP, GLBP, IPv4, IPv6

PROFESSIONAL EXPERIENCE:

Confidential

Network Engineer

Responsibilities:

• Responsible for architecture design, implementation and advanced support of Routers, Switches, Security Solutions, VPNs and Network Management Solutions across LAN/WAN
• Responsible for managing activities such as upgrading Cisco IOS/ASA and Checkpoint firmware, upgrading hardware by installing new devices, optimizing configurations, making standardization for the network topology
• Upgraded network devices that were using SNMPv2c to the more secure SNMPv3 with authentication and privacy keys so the payload will be encrypted
• Enabled/Configured multiple security solutions (on network devices) such as ARP inspection, BPDU Guard, Root Guard, OSPF/EIGRP MD5 Authentication, 802.1x, Port Security, and others to mitigate any threats that could potentially be performed on the network
• Configured and troubleshot various networking protocols and features such as EIGRP, OSPF, port security, Access-list, VLAN, NAT and STP
• Configured SolarWinds NCM to maximize efficiency in the intercontinental management of remote network devices
• Followed ForeScout CounterAct best practice design and configure SPAN port on the switch so the NAC could monitor the network traffic
• Configured, monitored and troubleshot Cisco's ASA 5500 with ACL, NAT, Object Groups, Failover, Multi-Contexts
• Created and edited policies on Checkpoint and ASA Firewalls
• Upgraded the wireless devices (and configuration) deployed in remote offices from Cisco 1602 APs that were in an autonomous system deployment to Cisco Mobility Express 1852 APs which is a WLC/CAPWAP deployment, this implementation gave us greater visibility, security, and control over the wireless network

Confidential

Network Engineer

Responsibilities:

• Deployed, configured, and managed Cisco, Ruckus, Brocade, Ubiquiti, and Meraki wireless networks, with and without WLAN Controllers
• Created Traffic Shaping policies on a per application basis to prioritize the bandwidth of Enterprise applications and throttle recreational ones within Meraki based wireless networks
• Led Network Reconfiguration project where I configured and designed a topology and for a client that wanted to move all servers to a datacenter that was located in the same building
• Configured 802.1x Authentication for both Wired and Wireless networks to help prevent non-domain joined devices from connecting to the internal network
• Isolated Guest Wireless networks from LAN on Cisco, Brocade, and Meraki devices through VLANs and ACLs
• Implemented Failover using VRRP on Meraki MX100 & MX400 Firewalls for redundancy purposes.
• Configured InterVLAN Routing on Cisco, Brocade, and Meraki Layer 3 switches to allow hosts in different VLANs to communicate with each other and/or network resources.
• Led migration of existing IPSEC VPN tunnels from Pre-Shared key to the more secure option of Certificates.
• Troubleshooting of LAN/WAN infrastructure, including routing protocols EIGRP, OSPF & BGP.
• Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, AAA (RADIUS) to help harden client’s network infrastructure.
• Configured Group Policy Mappings from Firewall Groups to Active Directory Groups on Fortinet and Meraki Firewalls
• Configured Remote Access SSL VPN on SonicWALL and Fortinet Firewall and managed the deployment of the client application.
• Configured DMZs in both Single and Dual Firewall configurations
• Configured site-to-site IPsec VPNs to connect Branch Offices to Corporate Headquarters
• Interface with the customer’s POC serving in a Virtual CIO type role providing guidance on IT strategies and solutions

Confidential

Network Administrator

Responsibilities:

• SME on MDT 2012/2013 and using it for enterprise level deployments of Windows 7, 8, and 10 Operating Systems
• Led projects where I integrated the customer’s on-premise Windows Active Directory with Microsoft Azure Active Directory
• Contributed to projects that moved clients from a Microsoft Exchange 2007/2010/2013 to cloud-based solutions (Google Apps for Work and Office365)
• Experience in virtualization platforms with hypervisors related to VMware vSphere 5.x, 6.x, ESXi 5.x, 6.x, VMware Workstation
• Performed P2V, V2V MIGRATION using VMware vCenter Converter and Created host/client VM templates
• Created system administration SOP (Standard Operating Procedures) documents
• Provided a Data Security solution by creating a policy where Windows Bitlocker would auto-encrypt all domain joined workstations during OS deployment and configured the recovery keys to be backed up to Active Directory automatically
• Proficient at creating/managing OUs, Security Groups, Users, and other objects and components within an Active Directory Database
• Created/Linked/Enforced GPOs via the Group Policy Management Console in Server 2008r2/2012r2
• Configured Windows Server 2008r2/2012r2 Domain Controllers, DHCP, and Terminal Servers for small to medium sized clients
• Deployed RADIUS servers using Microsoft Server 2012r2 NPS to authenticate users connecting to the network, both wired or wirelessly
• Created Sites, Subnets, and Site-Links in AD Sites and Services for RODC servers that were deployed to branch offices
• Configured HP iLO and Dell iDRAC cards for remote management of servers.

Confidential

Computer Analyst

Responsibilities:

• Served as internal/external customer liaison to expedite resolution of customer issues
• Provided dedicated on-site support for metropolitan D.C. area clients and instant remote support for global customers
• Led and completed client projects to configure and install WDS with MDT2012/2013, for use as the Windows 7 and 8 Deployment Solution
• Provided Tiers 1, 2, & 3 technical desktop support (on-site, phone) and routine monthly maintenance calls
• Responded to all customer phone and email inquiries to the Help Desk, escalated support as required, and logged details in a ticket tracking system

Confidential

Help Desk Technician

Responsibilities:

• Used Remedy Ticketing System to track of user issues, resolution actions, and phone/email follow-up to ensure satisfactory resolution
• Used Symantec Ghost to reimage Desktops and Laptops with irreparable operational systems, and replaced failed hardware components
• Resolved Microsoft XP and Microsoft Office 2003 user issues, and used Remote Desktop and Active Directory (password resets, lockouts, deletion of inactive PC’s and terminated users)
• Escalated calls to next tier, and collaborated with team members to research and resolve user issues