Software: MS Office, Visio, Symantec Firewall, CyberGuard firewall, Cisco Nexus 1000v, Cisco ASA, Cisco IOS, IOS - XE, IOS XR, Nexus OS. Firewall, Netscreen Firewall, Sidewinder firewall, Cisco VPN client, Cisco ACS, SSH, Secure CRT, MS Exchange, Alterpoint, Cisco Call Manager, Cisco Unity server, ISS Real Secure, EtherReal, ESX Server, VM Ware NSX, IXIA Network performance testing applications.
Hardware: Cisco AS5300s, Cisco VPN 3000s, Cisco ASA 5520, 5540, 5580, Cisco NAC Appliance, Cisco routers, 2800s, 3800s, 7200s,7600s, ASR 1006, ASR 9000, Cisco switches 2900s, 3550s, 3750s, 4500s, 6500s, Cisco VSS switch, Cisco Nexus 1000v, Cisco ACE module, NAM module, Cisco IGESM 3110X, IBM H Series Chassis, Dell Servers, HP servers, Juniper NetScreen 5400, SRX 550-M, MX240, MX480, EX2400, Brocade SX 800, SX1600, MLX. KG175A, KG175D, KG175G, KG175X.
Operating Systems: Cisco IOS, Cisco CAT OS, Cisco ASA OS, Cisco VPN 3000 OS, MS-DOS, Windows XP, 2000, 2003, Vista, Linux OS, Sun Solaris
Networking Technologies: STP, MSTP, Ethernet - 10 Gig Ethernet, VLAN, 802.1q, Ether-channel, Multi-chassis Ether channel (MEC), Virtual Switch System (VSS), ACL, 802.1x, RIP, ISIS, OSPF, EIGRP, iBGP, eBGP, VRF, VxLAN, MP-BGP,L2/L3 MPLS, MPLSoGRE, Frame relay, T1, E1, ATM DS3, OC3.
- Manages the data center design and implementation of IaaS Services in multiple sites
- Lead and Implement Leaf and Spine Data Center (DC) network design supporting multiple - tenants integrating with Virtual routers (VRF) with VMware virtualized NSX ESG environment
- Develop overall IP scheme and network configuration templates to automate device configuration
- Design and implement DC and DMZ Palo Alto firewall solution using virtual routers and multiple security zones mapping to VRF and providing border protection of each tenant environments
- Design network services to provide load balancing, SSL of loading and WAN acceleration
- Design campus LAN architecture based on site survey results and SoW requirements
- Design Cisco ISE solution to provide NAC services for wired, wireless LAN and remote access VPN environments using PKI based cert authentication
- Developed and received approval of network services SDP for the PDR and CDR reviews
- Work with multiple vendors to obtain quotes and built Bill of Materials for the IaaS team (4 data centers and 8 remote sites)
- Worked with PMO team to develop and support Engineering Change Proposals (ECP)
- Expedited an enhanced node implementation to meet customer mission requirement on time and led a successful migration.
Lead Project Engineer, Network
- Developed and oversaw network solutions for customer’s Industry partner networks using Layer-3 MPLS over GRE technology supporting voice, data, video, and multicast traffic
- Lead pre-sale activities to engage with customer’s mission partners to transform legacy networks into a new industry partner network model resulting in higher bandwidth, improve security and auditing capability, and reduce cost to manage and operate.
- Developed and implemented high speed MPLS VPN based WAN solution using customer’s transport meet-me concept
- Provided technical mentoring to junior team members and conducted peer review of various network migration projects
- Worked with program manager to develop and execute annual network equipment life cycle management plan
Sr. Principal Engineer, Systems
- Reviewed customer entities IT requirement, and engineered integration, and transformation solutions into NCE data center
- Developed design document and formulated Bill of Materials
- Implemented approved network solutions (Routing, Switching, VRF, MPLS, DMVPM)
- Tested and validated Active IT VRF/MPLS campus network design using level based testing
- Validated multi-context enterprise firewalls (Cisco ASA, Juniper NetScreen, Sidewinder) performance using IXIA Test Suites (IxExplorer, IxLoad, IxNetwork)
- Provided MPLS Test Network environment for virtualized data center servers
- Specialized in Cisco network admission control (NAC) solutions.
- Provided customers with Cisco NAC design solutions to integrate with existing architectures.
- Implemented Cisco NAC solutions in various DoD and civilian agencies.
- Reviewed customer network architecture and provides network design recommendation to optimize network performance and to meet various DoD and civilian agencies network accreditation policies.
Principal Information Engineer
- Provided network architecture design, implementation and failover solutions for DISANet classified (SIPRNET) and unclassified (NIPRNET) Campus, LAN, WAN, and VPN networks supporting 10,000 users.
- Provided CAC enabled remote access VPN and dialup solutions for DISANet with enterprise remote access VPN failover solution for DISA CONUS, DISA PAC and DISA EUR theaters supporting DISA Telework program.
- Evaluated NAC solutions for DISANet use; Setup Cisco NAC pilot using Clean Access solution with network profiler.
- Conducted site surveys and provided a design and implementation plan for DISA PAC classified and unclassified network relocation project; and implemented Phase I of new DISA PAC networks.
- Conducted life cycle management of DISANet enterprise router, switches, firewall and VPN hardware and software.
Senior Telecom Engineer
- Installed Cisco routers and provided troubleshooting for routing issues. He implemented router access control list (ACL)
- Configured Cisco Catalysis switches and MSFC routing supporting VoIP and data networks. Also, Confidential configured VLANs and VLAN trunking protocol.
- Tested and implemented new Cisco IOS, and CAT OS software to fix security vulnerabilities, TACACS+ and Radius authentication methods for routers, switches, access server, and VPN concentrators.
- Tested and implemented remote VPN and Dial solution with Cisco VPN concentrators and Cisco access server; and Tested
- Recommended DISANet management on network design, and acquisition of software, hardware, servers, routers, switches, and network fail-over solutions.
Senior Telecom Engineer
- Performed testing, implementation and supported Windows NT and Unix (Solaris) based Axent Raptor firewalls, as well as, BIND Domain Name Service, DNS servers.
- Provided day-to-day administration of DISA firewalls and VPN systems.
- Provided technical support to remote site firewall administrators; and Used network and security tools such as Internet Security System, ISS scanners, Microsoft network analyzer, and network general's sniffer.
Senior Network Administrator
- Established and maintained the configuration management of the mail servers and mail user policy.
- Developed MS Exchange server and mailbox disaster recovery plans.
- Migrated the agency legacy cc:Mail system to Microsoft Exchange mail system.
- Upgraded and deployed Windows NT Domain Name File, Print, DNS servers and Dynamic Host Configuration Protocol (DHCP) database servers.