Experienced and fast - learning Network Engineer with proven skills and System Engineering experience in installation, configuring, and troubleshooting of state-of-the-art secure Enterprise networking technologies.
Cisco Routers: 1800, 1900, 2600, 2900, 3600Cisco Switches: Catalyst 2900, 3500, 3700
Firewalls: Cisco ASA 5500, Sonicwall TZ &NSA Series, Fortigate Fortinet 300 - 500 Series, Meraki MX60, MX100, MX400, Checkpoint 1120, 1180
Wireless: Cisco 2500 and 4400, Ruckus ZD1100, Meraki MR18 and MR32, Brocade RFS4000
Security: Forescout CounterAct NAC, NAT/PAT, VPN, Load Balancing, IDS/IPS, IPsec and ACL.
Routing: OSPF, EIGRP, BGP
Switching: VLAN, VTP, STP, RSTP, Port Security, Ether-Channel (PAgP, LACP).
Other Vendors Switches: Brocade FCX648S/POE, Dell PowerConnect 2800 and 6200 Series
Microsoft Server: 2003, 2008/2008r2, 2012/2012r2, 2016
Microsoft: Win7/8/10, Office 2007/2010/2013/2016
Other Protocols: HSRP, VRRP, GLBP, IPv4, IPv6
- Responsible for architecture design, implementation and advanced support of Routers, Switches, Security Solutions, VPNs and Network Management Solutions across LAN/WAN
- Responsible for managing activities such as upgrading Cisco IOS/ASA and Checkpoint firmware, upgrading hardware by installing new devices, optimizing configurations, making standardization for the network topology
- Upgraded network devices that were using SNMPv2c to the more secure SNMPv3 with authentication and privacy keys so the payload will be encrypted
- Enabled/Configured multiple security solutions (on network devices) such as ARP inspection, BPDU Guard, Root Guard, OSPF/EIGRP MD5 Authentication, 802.1x, Port Security, and others to mitigate any threats that could potentially be performed on the network
- Configured and troubleshot various networking protocols and features such as EIGRP, OSPF, port security, Access-list, VLAN, NAT and STP
- Configured SolarWinds NCM to maximize efficiency in the intercontinental management of remote network devices
- Followed ForeScout CounterAct best practice design and configure SPAN port on the switch so the NAC could monitor the network traffic
- Configured, monitored and troubleshot Cisco's ASA 5500 with ACL, NAT, Object Groups, Failover, Multi-Contexts
- Created and edited policies on Checkpoint and ASA Firewalls
- Upgraded the wireless devices (and configuration) deployed in remote offices from Cisco 1602 APs that were in an autonomous system deployment to Cisco Mobility Express 1852 APs which is a WLC/CAPWAP deployment, this implementation gave us greater visibility, security, and control over the wireless network
- Deployed, configured, and managed Cisco, Ruckus, Brocade, Ubiquiti, and Meraki wireless networks, with and without WLAN Controllers
- Created Traffic Shaping policies on a per application basis to prioritize the bandwidth of Enterprise applications and throttle recreational ones within Meraki based wireless networks
- Led Network Reconfiguration project where I configured and designed a topology and for a client that wanted to move all servers to a datacenter that was located in the same building
- Configured 802.1x Authentication for both Wired and Wireless networks to help prevent non-domain joined devices from connecting to the internal network
- Isolated Guest Wireless networks from LAN on Cisco, Brocade, and Meraki devices through VLANs and ACLs
- Implemented Failover using VRRP on Meraki MX100 & MX400 Firewalls for redundancy purposes.
- Configured InterVLAN Routing on Cisco, Brocade, and Meraki Layer 3 switches to allow hosts in different VLANs to communicate with each other and/or network resources.
- Led migration of existing IPSEC VPN tunnels from Pre-Shared key to the more secure option of Certificates.
- Troubleshooting of LAN/WAN infrastructure, including routing protocols EIGRP, OSPF & BGP.
- Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, AAA (RADIUS) to help harden client’s network infrastructure.
- Configured Group Policy Mappings from Firewall Groups to Active Directory Groups on Fortinet and Meraki Firewalls
- Configured Remote Access SSL VPN on SonicWALL and Fortinet Firewall and managed the deployment of the client application.
- Configured DMZs in both Single and Dual Firewall configurations
- Configured site-to-site IPsec VPNs to connect Branch Offices to Corporate Headquarters
- Interface with the customer’s POC serving in a Virtual CIO type role providing guidance on IT strategies and solutions
- SME on MDT 2012/2013 and using it for enterprise level deployments of Windows 7, 8, and 10 Operating Systems
- Led projects where I integrated the customer’s on-premise Windows Active Directory with Microsoft Azure Active Directory
- Contributed to projects that moved clients from a Microsoft Exchange 2007/2010/2013 to cloud-based solutions (Google Apps for Work and Office365)
- Experience in virtualization platforms with hypervisors related to VMware vSphere 5.x, 6.x, ESXi 5.x, 6.x, VMware Workstation
- Performed P2V, V2V MIGRATION using VMware vCenter Converter and Created host/client VM templates
- Created system administration SOP (Standard Operating Procedures) documents
- Provided a Data Security solution by creating a policy where Windows Bitlocker would auto-encrypt all domain joined workstations during OS deployment and configured the recovery keys to be backed up to Active Directory automatically
- Proficient at creating/managing OUs, Security Groups, Users, and other objects and components within an Active Directory Database
- Created/Linked/Enforced GPOs via the Group Policy Management Console in Server 2008r2/2012r2
- Configured Windows Server 2008r2/2012r2 Domain Controllers, DHCP, and Terminal Servers for small to medium sized clients
- Deployed RADIUS servers using Microsoft Server 2012r2 NPS to authenticate users connecting to the network, both wired or wirelessly
- Created Sites, Subnets, and Site-Links in AD Sites and Services for RODC servers that were deployed to branch offices
- Configured HP iLO and Dell iDRAC cards for remote management of servers.
- Served as internal/external customer liaison to expedite resolution of customer issues
- Provided dedicated on-site support for metropolitan D.C. area clients and instant remote support for global customers
- Led and completed client projects to configure and install WDS with MDT2012/2013, for use as the Windows 7 and 8 Deployment Solution
- Provided Tiers 1, 2, & 3 technical desktop support (on-site, phone) and routine monthly maintenance calls
- Responded to all customer phone and email inquiries to the Help Desk, escalated support as required, and logged details in a ticket tracking system
Help Desk Technician
- Used Remedy Ticketing System to track of user issues, resolution actions, and phone/email follow-up to ensure satisfactory resolution
- Used Symantec Ghost to reimage Desktops and Laptops with irreparable operational systems, and replaced failed hardware components
- Resolved Microsoft XP and Microsoft Office 2003 user issues, and used Remote Desktop and Active Directory (password resets, lockouts, deletion of inactive PC’s and terminated users)
- Escalated calls to next tier, and collaborated with team members to research and resolve user issues