SUMMARY:

• Performance - Focused Senior Network, Network Security & Cloud Engineer Dedicated to Delivering Excellence in Multi-Platform LAN, WAN, Data Center & Cloud Environments within Challenging Client-Driven Operations
• Highly Accomplished Senior Network, Network Security & Cloud Engineer who expertly drives dynamic IT initiatives to deliver results that align with a company’s mission, vision, and values, and who directs multi-platform LAN, WAN, Data Center, and Cloud environments while synchronizing design, troubleshooting, and optimization of shared IT networks.
• Innovation-Focused Self-Starter who plans, designs, and implements secure network technologies; who exhibits solutions-centric critical thinking to achieve insightful outcomes; who maintains knowledge of groundbreaking IT / telecommunications trends; and who sees the “big picture” at all times while thriving in quickly evolving IT scenarios.
• Influential Strategist who synergistically leads projects to attain goals and position businesses for optimal scalability, security, and success, along with seamlessly liaising among multidisciplinary teams, stakeholders, and clients while effectively managing resources to exceed expectations - always willing to “go the extra mile” to surpass the status quo.

TECHNICAL SUMMARY:

• AT&T Network-Based Firewalls
• SD-WAN - Silver Peak & Cisco Viptela
• Linux - KALI, Red Hat, SUSE & Ubuntu
• Wireless Access Points - Cisco Aironet
• Proxy Services - Zscaler, Blue Coat Proxy
• ISP Link Load Balancer – F5 BIG-IP Link Controller
• Web Application Firewalls – F5, Cisco WAF, Incapsula – Imperva
• Implemented SNMP and Cisco NetFlow for Network Management
• Industrial Ring Topology Ethernet Switches – Siemens & Hirschmann
• Web Acceleration – F5 Web Application Accelerator Software Module
• Security Policy Management Platforms – Cisco ISE and Cisco Secure ACS
• Layer 2 Multi-Site Extension – Cisco OTV (Overlay Transport Virtualization)
• Cloud Platforms - AWS (Amazon Web Services) & GCP (Google Cloud Platform)
• Network Firewalls, Proxy, Intrusion Detection Systems, Security & Group Policies
• Software-Defined Networking (SDN) – Cisco Application-Centric Infrastructure (ACI)
• Centralized Management of DNS, DHCP, and IPAM Services – Infoblox Grid Platform
• Implemented QoS – FIFO, Weighted Fair Queuing, Priority Queuing & Custom Queuing
• Advanced Network Monitoring – LogicMonitor SaaS-Based Hybrid Monitoring Platform
• Traffic Optimizers – Cisco WAAS (Wide Area Application Services) & Riverbed Steelhead
• Intrusion Detection & Prevention System – Cisco 42xx Sensors, Cisco IDSM & Linux Short
• Network Firewalls – Checkpoint, Cisco ASA Firepower, Brocade Vyatta, Palo Alto & Fortinet
• Implemented HP OpenView, Insight Manager, CiscoWorks & MRTG Management Platforms
• Data Center LAN / WAN Environment – Configuration, Administration, Maintenance & Troubleshooting
• Routing Protocols (BGP, OSPF, EIGRP, IGRP, RIP, RIPv2), Routed Protocols (TCP / IP, IPX / SPX) & Multicasting
• LAN / MAN / WAN Hardware / Software Design, Installation, Configuration, Administration & Maintenance
• Switches – Cisco Nexus (7000, 5000, FEX Fabric Extenders), Cisco Catalyst, Extreme Network, Allied Telesyn)
• Application Load Balancing – Design, Configuration & Troubleshooting – F5 BIG-IP, Cisco ACE, CSS & Barracuda
• Traffic Filters using Standard, Extended & VLAN Access Lists, NBAR, Null Routing, Distribute Lists & Route Maps
• MPLS BGP Traffic Engineering with Loop Avoidance, BGP Route Tagging / Filtering & BGP Community Marking
• Network Traffic Analyzers – Network General InfiniStream Sniffer with Matrix Switches, NetScout Sniffer Distributed, WireShark Network Protocol Analyzer & HttpWatch In Browser HTTP Sniffer / Analyzer

PROFESSIONAL SYNOPSIS:

Confidential

Principal Network, Network Security & Cloud Engineer

Responsibilities:

• Capitalized on the opportunity to serve as the lead authority tasked with driving forward-thinking network security initiatives for clients, including designing Cisco ACI Multi-Pod SDN at 3 locations, 3 APIC controllers, 6 Spine switches, and 68 Leaf switches, and multi-factor vendor authentication using Checkpoint Identity Awareness software blade.
• Managed implementations of Cisco ISE (Identity Services Engine) and Cisco ACS (Secure Access Control Server).
• Configured, managed, and troubleshot F5 BIG-IP and Cisco ACE network appliance-based Application Load Balancers for internal access and external Internet facing VIPs. Designed large-scale internal and external F5 BIG-IP load balances.
• Configured F5 Web Application Accelerator software module and optimized settings for existing multimedia web applications.
• Configured, managed, troubleshot, and / or optimized Brocade Vyatta firewalls for Internet access and IPsec VPN services; 58 Cisco WAAS appliances; and WAF appliances and migrated WAF to Incapsula - Imperva WAF.
• Troubleshot and rapidly resolved user access issues to Internet resources by optimizing the Zscaler settings or creating PAC file exceptions to bypass the proxy service. Configured and supported AT&T Network-Based Firewalls providing access to WebEx and Zscaler nodes from the AT&T MPLS network without traversing external Internet firewalls.
• Configured and managed Infoblox Grid clusters to manage, control, and optimize DNS, DHCP, and IPAM services; Cisco WCS and high-volume Cisco WLC wireless controllers and access points; and Siemens and Hirschmann Industrial ring topology Ethernet switches across both Layer 3 (RingMaster) and Layer 2 mode at 17 large-scale factory sites.
• Designed and implemented LogicMonitor for monitoring numerous client networks via onsite collectors or using GCP cloud-based Collectors connected client networks via Site-to-Site IPsec VPN tunnels; Cisco Overlay Transport Virtualization (OTV) across 3 data centers; and complex data center / multi-cloud environment using AWS and GCP.
• Managed F5 BIG-IP Link Controller ISP link load balancer setup with 3 primary and 1 backup providers, migrated 34 RingMaster Layer 3 industrial switches to Layer 2 setup and moved Layer 3 VLAN gateways to 34 Checkpoint Security Gateways, and migrated legacy physical Data Center infrastructures to single or multi-cloud AWS and GCP environment.
• Configured multi-site data center environment with 6 Nexus 7000 core switches, 32 Nexus 5000 switches and 200+ FEX extenders. Developed WAN peering configuration to provide connectivity from 3 MPLS VPNs at AT&T MPLS network to LANs in 2 Equinix data centers using BGP loop avoidance, BGP route tagging and filtering, and BGP community marking.
• Expertly created and managed 150+ site-to-site IPsec VPN tunnels to diverse vendors utilizing Cisco ASA .
• Developed relationships among primary Coca-Cola European Partners client and additional clients such as Coca-Cola Beverages Florida, Office Depot, Standard Insurance Company, and Parkland Memorial Hospital.
• Designed and built new Cisco ISE 2.2 environment and migrated security services from legacy ACS 5.x platforms .
• Successfully configured and managed Silver Peak SD- WAN infrastructure across 18 high-volume locations.
• Designed a large-scale distributed network security infrastructure with 46 Checkpoint Security Gateways at 22 locations and 3 Checkpoint Management Servers provided L3 separation between Industrial Factory Networks and internal MPLS-connected IT network.
• Redesigned and implemented Checkpoint network security platforms, including effectively providing inbound and outbound internet connectivity, DMZ environments, Dynamic OSPF routing; and extranet, proxy, and IPsec traffic filtering.

Confidential

Senior Network & Network Security Engineer

Responsibilities:

• Leveraged broad scope of industry knowledge toward driving network engineering initiatives through several organizational changes.
• Demonstrated proven network experience toward expertly managing 22 datacenter core routers (Cisco 6513), 112 Layer 2 and Layer 3 datacenter switches (Cisco Nexus 5020 + Nexus 2248 Fabric Extenders and Cisco 6513), 38 Application Load Balancers (Cisco CSS 11506, Cisco ACE, F5 BIG-IP), and 4 Cisco Hosting Solutions Engine (HSE) Appliances.
• Designed and implemented Cisco Nexus Virtual Port Channels (vPCs) in mixed Nexus / Catalyst 65xx environments and Cisco IOS based Quality of Service (QoS) network resources management. Analyzed traffic using Network General InfiniStream Sniffer and Matrix switches.
• Migrated from Cisco Cat0S to Cisco IOS on 42 datacenter catalyst 6513 switches.
• Skillfully designed, implemented, managed, and troubleshot datacenter LAN, MAN, and WAN environments; core Layer 2 / 3 routers and switches, zone access Layer 2 switches, HSRP redundant configurations, separate DMZ environments, firewalls, and network management software.
• Delivered extensive application load balancing support, including custom configuration builds, keepalives, services, and content rules parameter optimizations and troubleshooting VIP, RIP, and application issues using InfiniStream Sniffer network analyzer.

Confidential

Senior Network & Network Security Engineer

Responsibilities:

• Strategically steered oversight of 11 routers, 27 wireless access points, 63 Layer 2 and Layer 3 switches, 3 firewalls, 4 VPN concentrators, 2 IDS sensors, and 2 ATM manageable DSU / CS totaling 112 network devices. Led design and implementation of multi-zoned enterprise perimeter networks with effective firewall, IDS, and VPN security devices.
• Planned, designed, and implemented Eurocom – Plovdiv MAN – a fiber 1Gb / s City Backbone Network with 40 PoP and 72 fiber nodes. Designed, configured, and managed Cisco PIX, ISA, and Checkpoint firewalls; VPN connections using Linksys, Cisco IOS and VPN, Citrix, and Checkpoint; and Intrusion Detection using Cisco IDS, IOS IDS, PIX IDS, and Linux Snort.
• Successfully managed user accounts using Active Directory, Cisco ACS, and RSA SecurID.
• Directed efficient network migration from RIP and static routes through to OSPF and EIGRP .
• Seamlessly deployed wireless networks with top vendors, security methodologies, and environments.

Network & Network Security Engineer

Confidential

Responsibilities:

• Expertly implemented, upgraded, and managed Cisco routers, switches, and PIX firewalls.
• Exhibited proven skill with Windows NT 4.0, Windows 2000, Exchange 5.5 / 2000, and CiscoWorks and IIS 4 and 5. Implemented tape library systems using Tivoli and Veritas backup software.
• Configured traffic shaping to optimize use on Frame Relay backbone.
• Designed and implemented security policies using ACL, PIX firewall (515), and Cisco IDS.
• Designed, implemented, and managed IP services (i.e. RAS, WINS, DHCP, DNS, NAT, VPN, IIS).
• Designed, implemented, and managed VPN solutions using Cisco 3000 series concentrator and IPsec.
• Configured, implemented, and managed 800+ Cisco routers utilizing RIP and EIGRP routing protocols .

Network Support Technician

Confidential

Responsibilities:

• Played a vital role in setting up Windows NT 3.1 and 4.0 server, as well as configuring ethernet and IP network (i.e. hubs, switches, routers).
• Performed UTP, FTP, SFTP Cat5 writing, and termination of patch-panels and modular boxes.
• Delivered excellence in support for remote access connectivity and application software.
• Led targeted upgrades for all switches, routers, firewalls, and server hardware / software.