SUMMARY:

IT professional with over 10 years of experience in the architecture, configuration, deployment, customization and troubleshooting of various network technologies for professional to global enterprise environments which includes proficiency in routing, switching, security and data center technologies. Most recently working as Security Engineer for AT&T covering the security needs for the county of San Diego enterprise network spanning Palo Alto, Pulse, Cisco, and more security products.

TECHNICAL SKILLS DETAIL:

Network/ Data Center Tech: F5, Cisco Nexus (2k FEX, 5k, 7k, 9k, VPC, VDC), Cisco Routers (3900, 2900, 1900, 800), Cisco Catalyst Switch (6500, 4500), Cisco 5500 WLC, Aruba 7005 Cloud Services Controller, F5 load balancing, Check Point, VMware, Riverbed WAN Optimization.

Routing/Switching: OSPF, EIGRP, BGP, MPLS, VTP, SNMP, SMTP, IPv4, IPv6, TCP/IP, WAN, LAN, Spanning Tree, Frame - relay, PPP, Network Address Translation (NAT), Port Address Translation (PAT), Access Control List (ACL), Static Routing, VLAN, HSRP.

Security Technologies: Palo Alto NGFW, Cisco ISE, Firepower IPS/IDS, Firepower Threat Defense (FTD) 4110, Tipping Point IPS, Cisco ASA (5555-x, 5525-x, 5512-x) Fortinet Fortigate firewall, Juniper SRX Series, Checkpoint Firewalls, Cisco RV110W Wireless-N VPN firewall, IPS/IDS, TACACS+, RADIUS, SSH, VPN, Cisco ACS, Data Loss Prevention, IPSec, Port Security, MAC Address Filtering, IPS/IDS, DirectAccess, F5 Big-IP, Dell SonicWALL.

Monitoring/Apps: Cisco Prime, Firepower Management Center (FMC), Solarwinds, Managed Engine NMS, Device Expert, Finisar, Wireshark, Nagios, VMware, Cisco Works, LogicMonitor, Cisco Security Manager Suite, FireMon.

Other Technologies: Windows Server 2003, 2008 and 2012, Microsoft Windows 7, 8, 10 operating systems, MAC OS X, and Linux CentOS 5/6 operating systems, backup systems and management of data storage solutions, server virtualization (VMware, Citrix, Hyper-V), disaster recovery solutions, helpdesk ticketing solutions and management

SUMMARY OF PROFESSIONAL EXPERIENCE:

Confidential

Security Engineer

Responsibilities:

• Confidential placed me at Security Engineer within AT&T servicing the County of San Diego’s enterprise network
• Deployment of wired dot1x throughout CoSD network, over 1,000 switches configured for dot1x authentication
• Administration of Palo Alto firewalls for site to site VPN’s, security profiles for AV, IPS, WilldFire
• Administration of Palo Alto Aperature, a Cloud Access Security Broker (CASB)
• Ticket escalation for security access related events
• Generation and analysis of security reporting
• Administration of Pulse Secure VPN appliance
• Responsible for the network security of a 20,000 plus user enterprise network

Confidential

Sr. Network Engineer

Responsibilities:

• Integrate IPS with policies from the Firepower Management Center
• Replaced Cisco ACS with ISE for TACACS+, RADIUS, and 2-factor authentication
• Deployment of ISE for device profiling, 802.1x authentication, and device posturing
• Optimization of 5GHz wireless throughout hospital spanning 6 floors, and 3 offsite offices
• Cisco Prime deployment for management of wireless infrastructure with over 215 wireless access points
• Configuration and deployment of Cisco Prime for wireless and other network device management & monitoring
• Deployment of Cisco Stealthwatch for monitoring of east/west traffic
• Network device hardening for over 60 network devices involving best practices and known solutions
• Integration of Imprivata for 2-factor authentication with remote access VPN
• Network architect and deployment for branch office of 50+ users

Confidential

Sr. Network Engineer

Responsibilities:

• Migrate datacenter edge router to dual routers running HSRP
• Migrate datacenter routing to layer 3 core switch fabric
• Build internet lab for proof of concept, VPN connectivity and troubleshooting between Cisco, Fortinet, Palo Alto, and Checkpoint firewalls
• Build, manage, and execute firewall migration project
• Partnered with AT&T to migrate over 30 ASA firewalls to Fortinet for California State court houses
• Build Sourcefire IPS management service for customers
• Build Sourcefire eStreamer service for integration with custom built SIEM
• Troubleshooting for customer connectivity issues, firewall requests, IPS requests within ServiceNow
• VPN migrations, as well as troubleshooting for VPN connectivity
• Management of network spanning Southern California, Las Vegas Toronto, and Warsaw

Confidential

Network Engineer

Responsibilities:

• Tacacs deployment for over 400 Cisco nodes worldwide.
• Migration of network device backups to Solarwinds for the same nodes.
• IPAM deployment for over 2,500 subnets located across the world.
• Troubleshooting for network related tickets within ServiceNow
• Management of network spanning North America, Canada, Australia, England,

Confidential

Sr. Network Engineer

Responsibilities:

• Management of over 120 concurrent site-to-site VPN tunnels as well as troubleshooting customer issues for service interruptions as well as additions/changes.
• Upgrade of corporate network equipment, planned and executed upgrades based on company network requirements including Cisco Catalyst, Nexus, and ASA units.
• Datacenter migration of all corporate networking equipment (Nexus 5k & 2k FEX, Cisco ASA, Catalyst 3750, access switches, Aruba wireless, A10 load balancer
• Cleaned over 2,000 lines of dead access list entries for optimized performance on production firewalls.

Solution Support Consultant

Confidential

Responsibilities:

• Member to a team of professionals responsible for the tier 1 & tier 2 escalation support and maintenance of the IT infrastructure to include onsite administration and support, scheduled installation, configuration and troubleshoot activities related to server, network and voice issues.
• Technologies handled by the team include but not limited to local area network (LAN) technologies, wide area network (WAN) technologies, server and enterprise applications and desktop technologies.
• Professional responsibilities included management, documentation, preparation of statement of work (SOW), options for growth, and following corporate policies and procedures.

Confidential

Network Consultant

Responsibilities:

• Member to a team of professionals responsible for the day-to-day administration, 24/7 support and maintenance of the IT infrastructure to include onsite administration and support, remote support, scheduled installation, configuration and troubleshoot activities for mid-size to large LAN/WAN infrastructures.
• Datacenter Migrations for customers such as San Gorgonio Hospital, Greenlight Financial, and Banc of California
• Firewall deployments for Cisco ASA and Fortigate
• Routing/Switching troubleshooting for tickets created within Managed Engine
• Windows Server/Desktop configuration, implementation, and troubleshooting