SUMMARY:

• I am a highly - experienced, professional engineer with a strong sense of responsibility and commitment to quality work.
• I have developed skills in the areas of network architecture, implementation, and operations of data and security systems in very large scale environments.
• Self-motivated and adept at distilling information, identifying requirements, spotting issues, and developing a systematic approach to implementing practical and sound solutions.
• Demonstrate strong written and verbal communications skills.
• Adept at conveying information and providing understanding to technical as well as non-technical audiences, Demonstrated leadership and ability to build consensus, set expectations, and provide direction toward completion of objectives, providing both management and hands-on contributions.
• Possess CCIE-level skills in routing, switching and security functions within Cisco and Juniper families of products as found in Enterprise, Data Center, and Service Provider environments.

TOPICAL BREAKOUT OF SKILLS, KNOWLEDGE, AND EXPERIENCE:

Protocols Summary: Fabric Path, TRILL, IPv4, Ipv6, Network Address Translation, RIP, OSPF, BGP, IGRP, EIGRP, Layer-three routing and switching, Bridging, STUN, DLSw+, HSRP, VRRP, VLAN, VTP, SNMP, Spanning Tree, ISL and 802.1Q trunks, HTTP, HTTPS, FTP, channelized T-1 in layer-4-7 load balancing, remote access, RAS, thin clients, protocol tunneling, Voice-Over-IP, Cisco based QOS and queuing technologies.

Media types: Frame-relay, T1, Fractional T1, T3, DS-3, 10/100 Ethernet, 10/100 and gigabit Ethernet, single and multimode fiber and termination, ATM OC-3, DS-3, FDDI, Token-ring, 802.1b Wireless.

Security protocols and devices: X.509, IPSEC, HTTPS and Secure Sockets, SSL VPN technology, Kerberos, Public Key Infrastructure and Digital Certificates, Cisco PIX and ASA security products, Cisco Intrusion Detection devices, Cisco VPN concentrators, Checkpoint Firewall One, Netscreen firewalls, McAfee IPS devices, Cisco Secure and secure access tokens, VPN and IPSEC technologies, Foundstone Network security scanning, NETCAT, Trend Micro Golden Gate Network Antivirus admission and client control devices.

Routing/Switching Hardware/ Platforms: Cisco serial terminal servers, 25XX series routers, 1600, 1700 series remote-office routers, 26XX and 36XX series modular routers, 4000/4500 series routers, 75XX series routers. Catalyst 2900, 3550, 4000, 5000, 5500, 72XX, 65XX, 76XX series switches, Local-director, Cisco Content Switch (CSS), Content Module (CSM), F5 Big IP load-balancing products. LS1010 and LS100 ATM switches, Foundry Big Iron, Net Iron, Fast Iron, Server Iron products. Juniper routers to include J2300, M10, M20, M40, and M160, as well as various models within the Juniper SRX gateway platform.

Miscellaneous: Intel/Linux work stations, Sun, Intel/ WINNT, Intel/XP, Intel/98, Intel/95. Red Hat Linux, Apache, Microsoft Internet Information Server, shell scripting, Perl, Novell (multiple versions), Mail platform architecture and interoperation Lotus Notes, SMTP, Groupwise, MS Mail, Exchange, Active Directory and Novell Directory Services, WINS, DNS, Multiple CSU/DSU types, HP Openview, Cisco Works. Bind, QIP, Tivoli.

Programming and Development: Solid experience with PERL in a Linux and MS/CYGWIN setting. Have sound grasp of MS development environment, HTTP and HTTPS support and general support of multi-tiered, SQL-backed, web-based development and Active Server scripting methods in Windows 2000 and 2003 settings. Good familiarity with MYSQL, PHP 5.0, and Apache developmen

WORK EXPERIENCE:

Network and Security Engineer

Confidential

Responsibilities:

• Working in the role of security and network engineering for this large, national cable provider has enabled me to add in-depth security skills based on best practice perimeter and internal principles in support of multi-tiered application, hundreds of IPSEC-based remote vendor and partner VPN and DMZ access points.
• These datacenters serve corporate functions spanning all TWC facilities and including tens of thousands of devices.
• This environment is comprised of high capacity Cisco and Juniper routers (spanning the US and utilizing OSPF, BGP and MPLS), as well as Cisco switches.
• In addition Cisco ASA security devices are deployed to serve remote client VPN. Cisco Nexus devices and Fabric Path technologies
• In addition, I have installed and administered dozens of Juniper Netscreen and SRX firewalls performing normal rule-based functions as well as hundreds of site-to-site IPSEC VPNS. I have also performed administration and build of scores of F5 Big IP Global and Local load balancers providing diverse services such as redundant datacenter failover, DNS and SSL offloading in addition to writing iRules to preform customized functionality.
• In addition, I have built and administered F5 Firepass solutions for TWC allowing secure, remote access via reverse proxy and two-factor authentication.
• I have been responsible for planning connectivity and the implementation of many applications and functions participating with internal and external employees and customers.

Confidential

Responsibilities:

• Designed, developed, and deployed solutions to implement three-tier applications into Social Security’s application networking infrastructure.
• These solutions were built largely around standardized Cisco 6500 and 7600 platforms in a multi-tiered web-hosting facility utilizing firewall (FWSM), load-balancing (CSM), routing and switching functions(720 Supervisor engines)
• Also, utilized inline NAM modules to permit traffic sniffing, packet capture and anomaly detection.
• These devices were built to maintain application security while enabling high-availability and performance access to applications for multiple sets of users and developers in production, test and QA environments.
• Worked with customers to define requirements, developed and presented solutions including supporting diagrams and theory of operations documentation to customer for buyoff prior to performing testing and implementations. Performed test builds and verified proof of concept for solutions prior to implementation.

Confidential, Pentagon City, VA

Sr. Infrastructure Subject Matter Expert

Responsibilities:

• Evaluating VOIP requirements and solutions to include sizing and implementing gateway and circuit solutions for Confidential and in-band based calling as well as data circuit sizing based on user and device requirements.
• Managed processes for a portion of airports under contract.
• I chaired the Confidential group initiating field surveys, conducting technical reviews, and reviewing cost proposals for building dozens of network infrastructures.

Confidential

Testing, and Quality Lead Engineer

Responsibilities:

• I worded within architecture group to develop solutions to provide functions for general network connectivity.
• In addition, built and directed a group of engineers responsible for developing standards and defining an audit process to ensure compliance with requirements for security, infrastructure, and configurations network for over 500 domestic sites.
• Met with clients, partners, and internal engineering groups to review emerging requirements and planned implementation of solutions.
• Reviewed designs and configurations initiated actions to correct deficiencies.
• Wrote script code and developed methods to automate device configuration delta information and design drawing updates using tools like PERL and VISIO (VBA and database interaction).
• Responsible for interfacing with many groups including Network Management Systems (NMS) to help define effective ways to capture Cisco device configurations and to capture changes for automated processing as well as distributing periodic changes as required by evolving government and vendor standards and recommendations..

Confidential

Sr. Network Engineer/ Manager

Responsibilities:

• Provided overall technical guidance, planning, and leadership to a group of six individuals responsible for the Information Technology infrastructure and security for a segment of the Confidential .
• Planned, implemented and provided web engineering and database administration support of a network web server farm facility supporting a customized portals and multi-tiered applications built with MS IIS, MS SQL, MS Active Server, and protected on a site and user basis by Siteminder and a MS digital certificate service.
• Attended meetings and planning sessions related to application and network architecture in support of MS .NET development environment, Visual Studio .NET and Active Server Scripting components where understanding these components was essential to development and production efforts.
• Migrated intranet applications from discrete platforms to redundant HP blade servers, consolidating application and database functions, reducing space, power, and cooling requirements.
• Designed and implemented a load-balanced, fault-tolerant multi-site topology utilizing Cisco 11503 Content Switching devices and APP DNS-based site failover functionality for both http and https secure sockets functions.
• Designed and built a highly secure, multi-tiered, fully-redundant DMZ infrastructure using Cisco PIX firewalls and Cisco Intrusion Detection devices in support of Internet facing services.
• Supported and expanded an infrastructure based on Windows 2000 and Active Directory Services that featured a multiple domain scheme.
• Also supported Cisco 5300 Access-router and channeled T1 with Citrix Metaframe.
• Developed and configured site-to-site VPNS, connecting remote work areas and terminating on firewalls in the Confidential HQ facility.

Confidential, Reston, VA

Responsibilities:

• As a member of engineering design team, created network physical and logical infrastructure designs utilizing Frame Relay, Gigabit and Fast Ethernet media for several Confidential, as well as detailed implementation, security, and migration plans for Confidential entities folded under the Transportation Security Administration’s integration into the Confidential network infrastructure. Interfaced with regional and site management as well as Confidential management to assess and define requirements and to provide comprehensive integration solutions for individual facilities. Wrote several design and project plan documents which were submitted formally to Confidential for approval of designs and plans.
• Planned and implemented general network services on the Windows 2000 platform for such things as DNS, DHCP, Directory Services, file and print services, mass-storage solutions, Voice-Over-IP (VOIP), applications integration and Network Intrusion Detection Systems (NIDS), general security to include Cisco Pix firewalls in a secure, fault-tolerant manner etc.
• Designed, planned and managed, migration of Novell-based network at Confidential headquarters over to Windows 2000, Active Directory based platform.

Confidential

Self-Employed Consultant/Engineer

Responsibilities:

• I formed this corporation to provide contract network services primarily.
• I worked primarily as a design and level-4 support contact for network functions providing worldwide corporate access to the Internet.
• I worked in the areas of BGP External peering, internal IGP protocols, DMZ and Firewall configurations, using Cisco and Juniper equipment providing resilient, fault-tolerant and high capacity access solutions.
• Diagrammed and documented these solutions for general use by other personnel.
• Terminated circuits of varying kinds include t3 and t1 as well as various optical circuits. Built and tested various solutions and pieces of equipment for use by Solutions clients.
• Compared vendor equipment and tested for appropriate use based on features and capacity.

MIS Manager/ Sr. Analyst

Confidential, Baltimore, MD

Responsibilities:

• Directly reporting to the Vice President of MIS, I was responsible for the planning, design, build, and maintenance of corporate data infrastructure at five major sites and 15 international remote sites utilizing TCP/IP and IPX transport protocols in a mixed NOS environment consisting of NetWare 4.11, 3.12, Windows NT 3.51, & 4.0 and Solaris.
• Designed and implemented local and wide-area network topology utilizing Cisco routers (75XX, 25XX, 16XX series) connecting via frame relay, T1, fractal T1, and FNS circuits.
• Designed and implemented a switched design and of bandwidth to desktops utilizing Catalyst 5000 and 3000 series in a 100mbps FDDI up-link/backbone environment.
• Performed troubleshooting and resolved wide-area connectivity security, and routing issues.
• Planned and implemented universal private IP addressing scheme for this multi-site, international firm making use of DHCP, WINS, and DNS services utilizing Windows NT. Planned and implemented redistribution of multiple routing protocols integrating EIGRP, and retaining RIP and static routes where required.
• Design and implementation of a multi-vendor e-mail system comprised primarily of GroupWise and Lotus Notes and SMTP via gateways.
• Provided support for MHS and ccMail functions including gateways and clients for interaction with external clients and partners.
• Implemented Cisco PIX providing internet security and address translation allowing use of internal private address space (RFC 1918) and port/protocol filtering.
• Designed and implemented secure remote access via RAS and Citrix Winframe, both asynchronously and via WAN. Areas under my direct management involved the activities of 30 professional staff members and a range of consultants whose responsibilities included Lotus Notes administration and development, intranet application development in HTML and ActiveX.
• Managed technical teams involved in the implementation of PeopleSoft Financials (Ver6) to include Oracle DBAs, Solaris UNIX administration --- all back-end servers and systems supporting corporate computing environment.