TECHNICAL SKILLS:

BGP, EIGRP, OSPF, VXLAN, NSX, Confidential, CVX, MPLS, OTV, TRILL, FabricPath, SolarWinds, Wireshark, Backtrack, Kali, Nmap, Metasploit, Nessus, tcpdump, BlueCoat, ArcSight, IBM Qradar, Rapid7 Nexpose, WebSense

WORK EXPERIENCE:

Principal Network Engineer

Confidential, Austin, TX

Responsibilities:

• Currently serving as lead network engineer in Confidential 's cloud infrastructure R&D lab
• Designed and currently in the process of implementing a collapsed - core leaf and spine data center design, using MP-BGP EVPN control plane for VXLAN overlay
• New design uses either Nexus 9508 as spine and Nexus 9396 as leaf, or Arista 7050S as spine and 7150S as leaf, with programmable APIs for rapid provisioning
• Migrated legacy ASA5520s to ASA5525Xs with zero downtime
• Integrated Palo Alto next-gen firewalls with overlay VMware NSX SDN network
• Integrated and evaluated Cisco Confidential, VMware NSX, and Arista CVX SDN solutions

Network Consultant

Confidential, Long Beach, CA

Responsibilities:

• Retained in order to facilitate Confidential 's compliance with PCI3.0 standards
• Designed a segregated infrastructure in order to minimize PCI scope
• Migrated legacy PIX and ASA firewalls to multi-context ASA5585Xs
• Evaluated new next-generation firewalls including Palo Alto PA-5020 and Checkpoint GAIA

Lead Network Engineer

Confidential, Los Angeles, CA

Responsibilities:

• Designed and implemented core network infrastructure (Cisco ASR1002X, Nexus 7009, Nexus 3172, ASA 5545X, and C3750X), including OTV layer 2 data center interconnection
• Designed and implemented multi-homed MPLS private IP cloud with over 20 branches. Network design includes carrier diversity (ATT & Verizon) for redundancy and disaster recovery
• Hardened network to DISA STIG standards and conducted penetration tests using Core Impact, Kali, Metasploit, OWASP ZAP and other security tools to meet contractual PII requirements
• Stood up Security Operations Center and wrote security management and incident response procedures
• Installed and configured F5 BIG-IP load balancer/WAF, ArcSight SIEM, TippingPoint IPS, McAfee vulnerability scanner, and BlueCoat Solera deep packet inspector

Senior Security Engineer

Confidential, Austin, TX

Responsibilities:

• Designed, implemented and secured public-facing network interfacing with PostgreSQL database backend, using Cisco 3925 edge router and Cisco Catalyst 3750 switches
• Network infrastructure supported 100+ users conducting extremely high frequency transactions
• Hardened network perimeter using Cisco ASA5505 firewall
• Audited network hosts using SCAP and OVAL compliance checking tools, and remediated STIG checklist violations on Debian and Red Hat Linux, as well as Windows

Field Systems Engineer

Confidential

Responsibilities:

• Managed microwave WAN over entire Regional Command-West, regularly implementing remediation solutions after outages due to hostile actions
• Supported bandwidth-intensive live streaming video PIM multicast from aerial surveillance platforms
• Ensured compliance with extremely low downtime SLAs, resulting in only 4 hours of outage throughout the year
• Maintained network confidentiality via L-3 KG-245X and Confidential
• Supported connectivity on SIPRNET, CENTRIXS and AMN networks

Security Engineer

Confidential

Responsibilities:

• Directly embedded with 1st Marine Radio Battalion, conducting SIGINT and Digital Network Intelligence operations in support of Cryptologic Support Group-Afghanistan
• Conducted network forensics using Wireshark, NetworkMiner and other tools to investigate TCP stream patterns of suspected malicious actor activity, correlating known insurgent profiles with other intelligence sources

ISR Systems Engineer

Confidential

Responsibilities:

• Designed and implemented air-gapped network solutions using Mellanox IS5023 Infiniband switch and Cisco Nexus 5548 switch
• Designed and implemented wireless air to ground network solutions using point to point microwave connections to support large-scale raw imagery transfers from 8 aircraft
• Worked closely with Confidential certification and accreditation team on Saturn Arch program to ensure compliance with DoDI-8500-2 before aircraft could deploy to theater

Geospatial Engineer

Confidential, El Paso, TX

Responsibilities:

• Selected to support Special Missions Units of Special Operations Command for 3 separate deployments to Iraq
• Maintained air-gapped LAN aboard 3 EO-5C aerial reconnaissance aircraft
• Maintained connectivity to outstations via PRC-117G SATCOM radio
• Maintained confidentiality of transmitted data using Confidential and SKL encryption devices