PROFESSIONAL SUMMARY:

• Highly accomplished Network Administrator with over 18+ years of experience providing solutions for mission critical network systems.
• Successful history of leading network infrastructure deployments and enhancements.
• Detail - oriented with a track record of delivering infrastructure enhancements on time and with minimal impacts to production.
• Expert in developing procedures that improve information security and business continuity.
• Great ability to find solutions during high risk, precarious situations
• Reviews all probabilities and implements a data-based process of elimination to disregard all possibilities and arrive at the best possible option
• Excellent track record for leading or working within a team or group framework
• Excellent Communicator ; great ability to articulate ideas into instruction or information to teammates

TECHNICAL PROFICIENCIES:

Networking: Wireless routers, T1/ DSL, Ethernet/ LAN/WAN, VLANs, Cisco VPN, IP Routers, Cisco IP Networks, IOS Packages, Cisco Adaptive Security Appliance firewall using ACLs, Exchange High Availability mail server appliance, Windows 2000 Server, Windows 2003 Active Directory Domain, Cisco Catalyst switches, Cisco ASA security appliances, Cisco 2600 series, MS Exchange Server, Cisco ASA security appliances, Cisco 2600 series

PROFESSIONAL EXPERIENCE:

Network Engineer/Microsoft Administrator (Team Lead)

Confidential, Laurel, MD

Responsibilities:

• Created and managed Local Area/Wide Area Network (LAN/WAN) infrastructure utilizing Cisco 1841, 3845 and ISR 4451 series routers to limit access using Access Control Lists (ACLs) and direct traffic to designated systems improving organizational security posture.
• Managed development and maintenance of the network infrastructure by evaluating and applying IOS (Internetwork Operating Systems) packages, applying security controls such as Access Control Lists (ACLs) and port security, restricting access to authorized users, maintaining highly detailed configuration files and network topology diagrams to facilitate and control system operation utilizing optimal security posture.
• Monitored network capacity and performance by utilizing Solar Winds network monitoring software, Observium network monitoring software and Adaptive Security Appliance (ASA) Device Manager to ensure optimum network infrastructure performance, detection of security anomalies and optimum security posture.
• Monitored network capacity and performance by archiving system event logs and reviewing logs to ensure optimum network infrastructure and security posture.
• Monitored network capacity and performance by utilizing internal command line utilities provided by Cisco network devices to ensure optimum network infrastructure performance, detection of security anomalies and optimum security posture.
• Monitored network capacity and performance by utilizing Nipper Suite to evaluate firewall, router and switch configuration files to identify security and performance best practices and optimum security posture.
• Created and managed a test network infrastructure utilizing a Cisco Adaptive Security Appliance firewall using Access Control Lists (ACLs) and access-control polices to limit access to test systems enhancing organizational security posture.
• Created and managed a sensor network infrastructure by researching, specifying and implementing a Cisco Catalyst 2960C Power over Ethernet (PoE) switch to support environmental sensor devices that utilized Power over Ethernet (PoE).
• Developed testing and troubleshooting milestones for Cisco switches, routers and Adaptive Security Appliances.
• Established procedures to audit system activity of Cisco network devices.
• Maintain Cisco Smart Net inventory to support operational integrity of current systems and to project remaining life of systems by identifying and documenting end of life dates.
• Created detailed Visio diagrams, spreadsheet of Internet Protocol (IP) address ranges and archived device configurations to document network infrastructure.
• Preformed an emergency recovery of the CO-OPS Production Project server disk array following a power event by a failing Uninterruptable Power Supply (UPS). Moved the server to standard power and implemented Microsoft recovery procedures enabled the recovery of the Project Server Data which was essential to all employee quarterly reviews.
• Preformed yearly contingency plan exercises coordinated with CO-OPS ISSO and NOS Information Technology Security Program (ITSP) and presented results in the Security Team and Security and Infrastructure team meetings. Presented and explained exercise result to CO-OPS security analyst.
• Preformed IT system Vulnerability scan and security evaluation and reviews of Linux systems to ensure these systems are administered following industry standard utilizing Nessus security scanner.
• Preformed IT system Vulnerability scan and security evaluation audits and reviews of the network infrastructure and IT systems for current, new and emerging threats using Nessus security scanner, McAfee Antivirus, and Nipper Suite. In the event of a finding, leadership is notified, proposed solutions are recommended and appropriate corrective actions are implemented.
• Conducted technology system risk assessments for current, new and emerging threats using Nessus security scanner, McAfee Antivirus, and Nipper Suite. In the event of a finding, leadership is notified and appropriate corrective actions are implemented.
• Defined, framed and presented benefits of technical changes and configurations to CO-OPS and NOS change control boards to facilitate approvals for changes and/or new equipment and procedures.
• Evaluated Chesapeake, Virginia network identified deficiencies and lead the effort to develop and implement a strategic plan to address productivity, reliability and resource utilization which involved:
• Redesigned, implemented and managed Cisco Catalyst core switch combining 3 independent switches into 1 switch stack improving speed 32 times while improving Local Area Network (LAN) infrastructure performance and security posture.
• Redesigned, implemented and managed Cisco Catalyst distribution switch combining 2 independent switches into 1 switch stack improving speed 32 times while improving Local Area Network (LAN) infrastructure performance and security posture.
• Separated network resources using Virtual Area Networks (VLANs) to isolate discrete sections of the network and group similar network resources together.
• Added redundant links utilizing Spanning Tree Protocol to improve Local Area Network (LAN) infrastructure and resilience by eliminating single point of failure connections with multiple redundant paths to fiber channel fabric connection to the core switch.
• Defined requirements for replacement Wide Area Network (WAN) router in Chesapeake, Virginia. Advised management on new capabilities and technology of the Cisco ISR 4451 router, reviewed specifications and recommended equipment purchase.
• Created a new Wide Area Network (WAN) configuration for the Chesapeake, Virginia border router. This improved the security posture of the device by updating the Intrusion Prevention System, implementing current Intrusion Prevention System signature definition files, replacing Access Control Lists (ACLs) with improved and more accurate rules.
• Authored and presented informational sessions to educate users on the Polycomm video conference systems, Virtual Private Network (VPN) client, network security best practices, Outlook Mail Client, McAfee Antivirus features and Backup Exec operations.
• Composed 3 chapters of the System Security Policy (SSP) and participate in annual test and review of network security plan.
• Managed, maintained, validated and updated system documentation as changes are implemented.
• Designed, established requirements and criteria, implemented, and managed modifications to network infrastructure to fulfill requirements and facilitate changes in response to technological and user requirements.
• Developed strategic plan that created and managed a new configuration for the Cisco Adaptive Security Appliance (ASA) firewall. The new configuration adjusted access to comply with NOS security policy, improved performance by creating more effective Access Control Lists (ACLs) and access control policies, strengthened device security by updating the ASA device software which provided the added feature of generating more complex security cyphers to replace the weaker security cyphers. Researched security findings, implemented corrective actions and sustained current operational integrity.
• Configured and managed the Border Gateway Protocol (BGP) configuration on the Chesapeake, Virginia Trusted Internet Connection (TIC) compliant border router Wide Area Network (WAN). Implementation of this device allowed for the migration of the internal user network to a TIC compliant WAN connection well in advance of the NOAA end of FY14 TIC compliance deadline.
• Managed Routing Information Protocol (RIP) routing protocol configuration of the Chesapeake, Virginia border router Wide Area Network (WAN).
• Managed the Open Shortest Path First (OSPF) protocol configuration of the Chesapeake, Virginia border router Wide Area Network (WAN).
• Designed, built, deployed and managed a configuration to modify organizational structure which accommodated IT infrastructure goals by providing a fully Trusted Internet Connection (TIC) compliant solution prior to the NOAA end of FY14 deadline by creating a Site to Site VPN Tunnel configuration which was adopted as the standard solution that was adopted by the National Ocean Service (NOS).
• Developed an emergency solution while on site in Seattle, Washington to reengineer the Seattle network border to facilitate the move of server equipment into the Office of Restoration and Response (OR&R) data center. Relocated assets, revised Access Control Lists (ACLs), decommissioned a Cisco PIX firewall and coordinated with the OR&R network engineer to move CO-OPS networks behind the OR&R firewall which resulted in successful completion the project. Provided briefing to ISD section representatives including the ISD Division Chief, Assistant Chief and Information Systems Security Officer (ISSO), in Silver Spring, MD explaining the Seattle, Washington emergency re-engineering solution via teleconference.
• Identified, presented to leadership, and implemented settings in new Windows 7 deployments that caused network interface card speed to be automatically throttled down to achieve stability. By disabling this setting, network performance was restored to full speed and users performance was greatly improved.
• Established standard audit procedures for Windows Systems patching to ensure patches were validated during the test cycle.
• Established and implemented algorithms based on performance metrics of equipment performance, CVSS scoring criteria and other areas to produce efficient IT system operation.
• Coordinated with the NOS Network Infrastructure Team (NIT) to implement RSA 2 factor authentication which improved overall security posture.
• Served as Backup Information Security Systems Officer (ISSO) coordinating with the ISSO and/or acted for the ISSO on security related matters.
• Preformed vulnerability scans, active member of the NOS vulnerability scanning team, served as liaison to the NOAA NOS Information Technology Security Program (ITSP), advised and recommended security actions and presented corrective action plans to management, Change Control Board (CCB) and Enterprise Change Review Board (ECRB).
• Provided instruction and guidance on proper IT security techniques and procedures. Recommended best practices, alternative methods and advised on zero-day or emerging security threats and concerns.
• Manages a team of eight contractors in several disciplines.
• Responsible for all reporting requirements of the Project to the customer and to Confidential division manager
• Awareness of contractual items such as deliverables and SLAs
• Responsible for, coordination, and liaison with direct customer and end customer interaction.
• Assist Project Manager with customer satisfaction and serve as customer Liaison
• Understand work plans for Project work, project team work assignments, schedule performance, Cost Performance, and Quality
• Understand all project-team work assignments
• Develop corrective actions with Team members to meet schedule and cost performance if variances develop during the course of execution.
• Develop corrective action with Team if quality goals are not achieved. These may include both contractual Service Level Agreements and metrics as well as project-determined Service Level Agreements.
• Assist project manager in staffing, including assisting in evaluating the performance of Project staff, obtaining input from the Government, adjusting the skill sets on the Project, interviewing and coordinating hiring of new staff, staff morale, escalating staff issues to the project manager.
• In consultation and with the approval of the project manager, responsible for assisting in of Project staff, and working with Human Resources and project manager on all staff issues related to hiring, and termination.

Network Engineer/Windows System Administrator

Confidential, Alexandria, VA

Responsibilities:

• Managed and maintained the operation of a Windows 2003 Active Directory Domain, with 5 independent sites and 700 clients. To include user accounts, user rights, resource allocation, and various additions to the domain with new technologies.
• Managed and maintained the operation of a Teneros Storage Area Network (SAN) appliance and fiber channel fabric technology.
• Managed and executed the first successful disaster recovery test within a 72 hour timeframe.
• Designed, implemented, deployed and managed an Exchange 2003 Server environment within Active Directory to include front end Outlook Web Access (OWA) support and remote exchange servers at 3 independent sites.
• Designed, implemented and managed replacement of the primary Exchange Server.
• Evaluated integration of Exchange 2007.
• Evaluated integration of Teneros Exchange High Availability mail server appliance.
• Managed Barracuda 400 Spam Firewall.
• Designed, implemented and managed antivirus network infrastructure utilizing Trend Micro Server Protect 5 and Symantec Antivirus Enterprise Edition.
• Managed server hardware and software applications.
• Managed coordination of warranty service and part return procedures.

Network Engineer/Windows System Administrator

Confidential, Hagerstown, MD

Responsibilities:

• Managed server hardware and software applications.
• Designed, configured, implemented and managed a Cisco PIX firewall.
• Designed, implemented, and managed data network infrastructure.
• Designed, configured, implemented and managed network infrastructure resource segmentation using network routers and network switches.
• Designed, configured, implemented and managed a Windows 2003 Active Directory Domain, internal DNS server, and print server.
• Designed, configured, implemented and managed network drops for 100 clients.

Network Engineer/Microsoft Administrator

Confidential, Chambersburg, PA

Responsibilities:

• Designed, configured, implemented and managed a Windows 2003 Active Directory Domain, internal DNS server, and print server.
• Designed, implemented and managed operations of a Windows 2003 Active Directory Domain. To include user accounts, user rights, resource allocation, and various additions to the domain with new technologies.
• Designed, implemented and managed Microsoft Exchange 2003 and Microsoft Windows 2000 server within the Active Directory.
• Created and managed Local Area/Wide Area Network (LAN/WAN) infrastructure utilizing a Checkpoint IP-650 Security Appliance firewall to limit access using Access Control Lists (ACLs) and access control polices to limit access to designated systems.
• Created and managed Local Area/Wide Area Network (LAN/WAN) infrastructure utilizing a Cisco Adaptive Security Appliance firewall to limit access using Access Control Lists (ACLs) and access control polices to limit access to designated systems.
• Created and managed Local Area/Wide Area Network (LAN/WAN) infrastructure utilizing a Cisco 2600 series routers to limit access using Access Control Lists (ACLs) to limit access and direct traffic to designated systems.
• Configured and managed the Border Gateway Protocol (BGP) configuration on the border router and Open Shortest Path First (OSPF) configuration on the internal Local Area Network (LAN).
• Managed and maintained the operation of a Cobalt Storage Area Network (SAN) appliance and fiber channel fabric technology.
• Separated network resources using Virtual Local Area Networks (VLANs) to isolate discrete sections of the network and group similar network resources together.
• Designed, implemented and managed Unix/Linux client and server implementation.
• Designed, implemented and managed backup operation scheme utilizing Veritas Backup Exec 8.6.
• Designed, implemented and managed antivirus network protection utilizing Symantec Antivirus Corporate and Enterprise edition.
• Designed, implemented and managed Cisco Catalyst switches, Cisco ASA security appliances, Cisco 2600 series routers.
• Managed desktop support of workstation hardware and software applications.
• Designed, implemented and managed drive image and rapid deployment techniques using Powerquest Drive Copy, Powerquest Drive Image and Norton Ghost.
• Managed component level repair of HP printers.
• Managed warranty service and part return procedures.
• Applying Best practices for VLAN Topologies
• Implementing Spanning Tree
• Implementing Inter-VLAN Routing
• Implementing a Highly Available Network
• Implementing Network monitoring
• Implementing Layer 3 High Availability
• Configuring Layer 3 Redundancy with HSRP, VRRP and GLBP
• Understanding Switch Security Issues
• Protecting against VLAN Attacks
• Protecting Against Spoofing Attacks
• Securing Network Services
• Accommodating Voice and Video in Campus Networks
• Planning Routing services to requirements
• Assessing Complex Enterprise Network Requirements
• Implementing an EIGRP-Based Solution
• Planning Routing Implementation with EIGRP
• Implementing and Verifying EIGRP for the Enterprise LAN/WAN Architecture
• Implementing and Verifying EIGRP Authentication
• Advanced EIGRP Features in an Enterprise Network
• Planning Routing Implementations with OSPF as the Scalable Routing Protocol
• How OSPF Packet Processes Work
• Improving Routing Performance in a complex Enterprise Network.
• Configuring and verifying OSPF, OSPF Route Summarization, OSPF Special Area Types and OSPF Authentication
• Implement an IPv4-Based Redistribution Solution
• Assessing Network Routing Performance and Security issues.
• Operating a Network Using Multiple IP Routing Protocols
• Configuring and Verifying Route Redistribution
• Assessing Path Control Network Performance Issues
• Connect an Enterprise Network to an ISP Network
• Planning the Enterprise-to-ISP Connection
• Considering the Advantages of Using BGP
• Comparing the Functions and Uses of EBGP and IBGP
• Configuring and Verifying Basic BGP Operations
• Using the BGP Attributes and Path Selection Process
• Implementing IPv6
• Planning Maintenance for Complex Enterprise Networks
• Planning Troubleshooting Processes for Complex Enterprise Networks
• Maintaining and Troubleshooting Campus Switching-Based Solutions
• Troubleshooting Spanning Tree, VLANs, Switched Virtual Interfaces, First Hop redundancy protocols (FHRP)
• Troubleshooting Performance Problems on Switches
• Troubleshooting Network Layer Connectivity
• Troubleshooting RIP, RIPNG,EGIRP, OSPF,BGP
• Troubleshooting Route Redistribution
• Troubleshooting Performance Problems on Routers
• Troubleshooting NAT, DHCP and Other Protocols
• Troubleshooting Security Features
• Troubleshooting Complex Environments