An experienced Senior Network Engineer, Network Architect and Team Lead with a wide range of knowledge on enterprise networks, systems, security and cloud architectures. Proficient in designing, implementing and securing enterprise wireless, LAN, WAN, Service Provider, VPN, cloud, Cisco, Aruba, and Microsoft solutions. A proven and reliable leader with the ability to work well under pressure and adapt to dynamic, complex and unconventional client objectives. Exceptional written and oral communication skills with experience in drafting design, as - built, CONOPS, implementation, configuration, testing and training documents.
Platforms: Microsoft Azure; Windows 2000/XP/7/8; Windows 2000/2003/2008/2012/2016 Server; Active Directory; Microsoft Management Console; Microsoft Network Policy Server (NPS); Microsoft SQL 2000/2005 Standard Edition; Cisco IOS; Juniper NetScreen 5.0.; JUNOS; Barracuda Networks; LiveWave FirstView; Cisco Wireless Control System (WCS); Cisco Prime Infrastructure; Cisco ASDM; SecureView.
Software: Microsoft Office 2000/XP/ 2003/2007/2010/2013/2016 ; Microsoft Exchange 5.5/2003 Standard/Enterprise Edition; Veritas Backup Exec. 9.0/10.0; HP OpenView 7.5; Symantec Antivirus Corporate Edition 10.0; Symantec Mail Security; Symantec Ghost 7.0/8.0/2003 ; VMWare VSphere; Cisco Clean Access Agent; Cisco NAC Agent; Cisco VPN client; Cisco AnyConnect; Cisco SSL WebVPN; Cisco ACS.
Technology: Aruba wireless appliances, including Aruba 3600 wireless controller, Aruba 7210 wireless controller, and Aruba Access Point (AP) 225, Aruba ClearPass, Aruba AirWave 8.0; Cisco wireless appliances, including the Wireless LAN Controller (WLC) 4402 and 5508, Wireless Location Appliance (WLA) 2700, Mobility Services Engine, and Aironet 1140, 1232, 1242, and 1250 Access points; Cisco routers, including 1800, 2500, 2600, 2800, 2900, 3600, 7200, 7600 and Aggregation Services Routers (ASR) 1000 and 9000 series, Integrated Services Routers (ISR) 3800 series; Cisco access and multilayer switches, including Catalyst 2900, 3500, 3750, 4500, and 6500 series, Nexus 5000 series; Juniper routers; Cisco firewalls and security appliances, including PIX 501, PIX 515, PIX 520, firewall service modules (FWSM), Adaptive Security Appliances (ASA) 5505, ASA 5540, ASA 5525, ASA 5545-X, Network Admission Control (NAC) v. 4.1.8, v. 4.5.1, and v. 4.7.2, Identity Services Engine (ISE) v1.1, v2.1, v.2.2, NAC Profiler v. 2.1, and v. 3.1, Cisco NAC Guest Server v. 2.0, ASA intrusion prevention (AIP-SSM), intrusion detection system modules (IDSM) and MARS; Palo Alto 3050 firewall; APCON tap; Gigamon tap; load balancers, including Cisco CSM and F5 Big-IP LTM; wired/wireless sniffers, Wireshark, Cognio, AirMagnet, Fluke device; Video teleconferencing (VTC), including Polycom HDX 7000 and 8000 series; Symantec Firewall Appliance v. 5660; Cisco Stealthwatch; Dell Blade servers; Gigabit Passive Optical Network (GPON); Netscout nGeniusOne, NetScout Infinistream; Riverbed 5050, Riverbed 6050, Riverbed Steelhead 7070.
Protocols: TCP/IP, BGP, EIGRP, OSPF, RIP, T1, DS3, OC3, OC-12, OC-48, OC-192, Frame Relay, MPLS, MP-BGP, L2 VPN, Pseudowire, VPLS, L3 VPN, VRF, Ethernet (LAN/WAN), 802.11 a/b/g/i/n/ac, HSRP, TACACS+, RADIUS, VTP, STP, PVST+, 802.1Q VLANs, SSL, IPSec, IKE, ISAKMP, 802.1x, EAP, PEAP, TLS, H.323, video over IP, voice over IP (VoIP), QoS, SNMP, NTP, NAT, PAT, Etherchannel, AES, 3DES, Suite-B encryption; SAML.
Confidential, Gaithersburg, MD
Senior Network Engineer
- Designed and implemented networking and IP addressing for first-ever Microsoft Azure deployment.
- Designed dual datacenter scheme for migration of critical applications over L2VPN to allow for real-time replication.
- Designed, configured and deployed first-ever enterprise-wide employee wireless network using Cisco ISE with 802.1x/PEAP-TLS authentication.
- Designed and configured a revamped enterprise guest wireless network using Cisco ISE for guest account creation, using a Sponsor portal with SAML authentication and smart card access.
- Successfully migrated TACACS services from Cisco ACS to Cisco ISE.
Senior Network Engineer
- Developed scalable, redundancy enterprise Secure Wireless architecture and design intended to reduce costs and complexity, while improving administrative efficiencies
- Successfully configured and tested EAP-TLS wireless with enterprise Active Directory (AD) and Certificate Authority (CA) over multiple sites following enterprise Secure wireless design
- Successfully migrated enterprise lab environment used by five different technical teams from one location to another, including network connectivity, remote services and server services
- Successfully developed Cisco ISE v2.1 proof of concept using wired 802.1x/EAP-TLS, MAC Authentication Bypass MAB, and Microsoft AD and CA services
- Received exceptional customer reviews for providing critical engineering expertise in support of the 802.1x project
Confidential, McLean, VA
Senior Network Engineer, Network Architect
- Promoted to Network Architect from Senior Network Engineer
- Received “Performance and Team” Award for work on OOBM Design Document, support for ICN Architecture and WAN Concept of Operations (CONOPS)
- Provided subject matter expertise and design guidance for the client’s first-ever secure wireless pilot for classified data
- Represented the IC client in interagency ICN Architecture Joint Engineering Team (JET) meetings to develop the ICN Architecture and common CAN/WAN standards
- Drafted the CONOPS and Implementation Plan for the next-generation WAN architecture
- Produced Out-of-Band Management (OOBM) Design Document that was later published in the Defense Technical Information Center (DTIC) Library
- Successfully completed a secure Confidential migration project, migrating over 300 network devices to new Confidential server environment
Senior Network Engineer
- Promoted to the title of Lead Associate from Associate after two years at Booz Allen
- Promoted to the role of Team Lead of the Network Engineering team
- Received “Performance and Team” Award for successfully completing the NAC project
- Successfully designed and implemented one of the largest Cisco NAC deployments in North America, protecting over 60,000 unique devices over more than 80 offices and remote locations
- Successfully designed and implemented Cisco NAC policy enforcement, which secured the network against non-compliant endpoints
- Presented NAC Technology Focus Group to introduce and train Booz Allen consultants on current and emerging NAC technologies, as well as NAC deployment strategies
- Successfully designed and implemented a secure PEAP wireless solution, using Microsoft NPS and Cisco Wireless LAN Controllers. Successfully migrated 25,000 users from pre-shared key wireless to PEAP wireless
- Designed and implemented custom Guest wireless solution for smartphones and mobile devices to allow for integration with Active Directory and Cisco NAC Guest Server
- Designed and deployed secure 100% wireless coverage to Booz Allen campuses and offices throughout the D.C. Metro area, servicing over 10,000 users
Confidential, Rockville, MD
Cisco Network Engineer
- Designed and implemented secure, separate air-gap multilayer switched network for transmission of sensitive data
- Redesigned Cisco NAC out-of-band, client VLAN architecture and IP addressing scheme to support new client NAC requirements
- Designed and implemented multiple site-to-site VPN remote office networks using Cisco ASA 5505 and 5540
Confidential, Rockville, MD
Wireless Network Engineer, System Engineer
- Received the company’s “ Confidential ” award for excellence and achievement in one of the company’s largest projects, regarding wireless security and perimeter surveillance
- As project lead, implemented campus-wide wireless internet access, designed a Cisco multilayer switching infrastructure, including Cisco Catalyst 6509, 3560, and 2940 switches, and configured 7.5 Mbps multilink frame relay connection
- Received e-mail appreciation and company-wide acknowledgment from the Senior Vice President as project lead for a standalone video-over-IP surveillance system
- Managed a successful Microsoft domain migration from Windows 2000 server to Windows 2003 server, running Citrix Presentation Server 4.5 and Lenel OnGuard 6.0
Confidential, Gaithersburg, MD
Network Engineer, IT Consultant
- Physically installed and configured new Cisco PIX 515E firewall parts, including installing new memory and physical modules
- Configured Cisco 1800 router with newly installed T1 controller as the primary gateway for the local area network
- Configured, deployed and secured Cisco Aironet wireless access points to provide seamless wireless coverage throughout the entire office
- Assisted in a server migration, in which Microsoft Exchange, file and print services were transferred to new Dell PowerEdge servers
- Achieved exceptional client ratings and feedback for my professionalism, customer service and technical proficiency
Confidential, Fairfax, VA
Help Desk Team Lead, Network Escalations
- Promoted to Team Lead of the Help Desk and escalation authority for all tickets escalated to the Network team
- Physically installed and configured dual T1 modules on a Cisco 2621 router, allowing 2x T1 connectivity to the central corporate office
- Installed, configured and troubleshoot a DSL router and Cisco PIX 501 Firewall used as a backup internet and corporate VPN connection
- Assisted in a successful Windows Server 2003 domain migration of over 150 users at a corporate office
- Created and presented the first ever Perot Systems IT new hire presentation
- Resolved more than 95% of all escalations without the need for further escalation
- Developed the first ever wireless hardware standard for all laptops
- Received various complimentary e-mails from users on my exceptional level of service, including an e-mail from a vice president
Confidential, Reston, VA
- Completed the onsite network rollout of a Sunrise home, including conversion from dial up to Frame-Relay WAN and software migration to Citrix thin client solution
- Configured new user accounts during the EOL Citrix Application conversion of 185 Sunrise Senior Living homes from dial up to WAN environment
- Led a project in which 60 new training and procedural documents were created
- Received various forms of gratitude for my diligent technical support and kind and patient customer service, including emails, calls to the CIO, cards and flowers