Seasoned Senior Network Architect/Engineer (CCNP/JNCIS) seeking upward mobility supporting critical network infrastructure in robust environments. Both CCIE R/S and CCIE Security in progress. CCIE R/S lab scheduled. Managed hundreds of clients in Hampton Roads and greater Richmond area, with lead autonomy in context of senior, integration services, project - oriented, and Level III/escalation infrastructure architect/engineer.
Sr. Network Infrastructure Engineer
Confidential, Richmond, VA
- Emphasis on sustaining all aspects critical infrastructure in Level 1 PCI DSS environment.
- Multi-vendor maintenance/management of all network appliances (F5 3600, BlueCoat Proxy, etc.), Nexus 5000 chassis/2000 FEX, Catalyst 4500/6500 chassis w/ Cisco ASA-SM in collapsed core, Cisco ASA 5520/5585 (all ASAs using context mode w/ 802.1q trunks).
- Scope, design, and troubleshoot complex firewall and L2/L3 switch topologies in global PCI environment, maintain ACL configs/Radius and RSA remote VPN config, etc., troubleshoot virtual and physical appliances in IPSec hub-n-spoke and MPLS/VRF/MP-BGP topologies, Juniper SRX and Cisco ASA tunneling and interface configuration, troubleshoot complex http/https flow requirements in international context.
- Collaborate with North American ISO to assimilate and remediate environment using pentesting (vuln assessment, enumeration scanning, etc.) to circumvent PCI failures, additional collaboration with international security teams to enhance global security posture.
- Assist with maintenance of VRF segmentation across MP-BGP/L3VPN topology (per PCI requirements), troubleshoot EIGRP/OSPF adjacency/peering, Multicast PIM-SM concepts, etc.
- Configure, troubleshoot, and evaluate Cisco ACI platform to prototype in current international datacenter environment, VTEP, VXLAN, APIC management, basic Python automation testing, etc.
- Extensive troubleshooting in multi-vendor core network, Cisco/Juniper/F5 Big-IP, BlueCoat Proxy SG, enterprise VMWare (vCenter/ESXi).
- AWS resource security posture review, vulnerability assessments. Troubleshoot Route53, VPC, EC2, and other connectivity-related issues.
- Leverage various security appliances and SIEM platforms, AlienVault, Splunk, Scrutinizer, etc., to proactively identify and circumvent potential threats. Proficiency with Nessus, Rapid7, Metasploit, and Kali utilities.
- Emphasis on monitoring and threat intelligence using various NGFW/UTM features (IDS/IPS), ProtectWise threat hunter (cyber kill chain), Nagios agent monitoring.
- Extensive threat research using MITRE, AlienVault Open Threat Exchange (OTX), OWASP, academic journals, NIST NVD, etc.
- Collaborate with North America and Regional ISO on all Red/Blue team exercises as team lead, interface with external security vendors for conducting whitebox/blackbox testing.
- Troubleshoot complex front-end/back-end proprietary web solutions, across PCI-compliant boundaries, spanning continental US, as well as international boundaries (Germany, France, etc.)
Sr. Network Architect/Engineer
Confidential, Midlothian, VA
- Report directly to Executive VP of Cyber Security and Integration Services.
- Level III team lead for systems, network, and security issues escalated from NOC/SOC
- Deploy myriad of network security appliances, physical and/or virtual.
- Network protocol proficiency, troubleshooting L2-L7 with Wireshark, Ettercap, tcpdump, etc. vSphere, Linux KVM, and Hyper-V deployment, maintenance in HA environments with shared storage (EMC, Dell Equallogic, Synology, HP 3Par, etc.)
- Amazon AWS maintenance for mid-size/enterprise customers.
- Provide forensic-level ethical hacking/pentesting using SANS/GIAC methods, cloud-based cyber security, and various compliance (FISMA, HIPAA, PCI-DSS, ISO, etc.) consultation to remediate security vulnerabilities.
- Research and sandbox SDN solutions including VMware NSX, Cisco ACI, VXLAN, VTEP principles, and SD-WAN concepts.
- Generates SOW task lists, spearhead project from inception to completion (specs, deployment, and project management), interface with numerous vendors, and convey complex topologies to client principals.
- Architect and troubleshoot multi-site MPLS metro ethernet topologies, L2/L3VPN, core route/switch and perimeter, homo/heterogeneous environments, Aruba, Cisco, HP, Dell, Ruckus, Brocade, Xirrus, Juniper, Sophos SG/XG, Palo Alto (PanOS 6-8), and more.
- Security-conscientious SME in multiple domains, including cross-platform Windows/Linux Server (RHEL, Debian, Ubuntu, Kali Linux) engineering, rapid site assessment and information gathering techniques.
- Maintain complex MPLS-based Cisco IOS-XR/IOS-XE VMware company sandbox, approximately 100+ virtual servers (Windows, Linux), IOS devices ASAv, CSR1000v, etc.
- Provide level III engineer support for a myriad of government agencies (state/local/federal), municipal, independent cities, counties, hospital systems, defense-oriented, and other commercial-based clients.
- Leverage numerous network monitoring tools, Nagios, Zabbix, SolarWinds, etc.
- Contribute cutting-edge research insights to bolster Managed Security Services Provider (MSSP) capabilities.
Sr. Network Engineer
Confidential, Portsmouth, VA
- Report directly to Executive VP of Technology for all project and infrastructure related matters.
- UTM and NGFW configuration, deployment, troubleshooting
- Architect and troubleshoot hub-and-Spoke IPSec, Metro Ethernet L2/L3VPN, MPLS-based, and T1-based topologies.
- Spearhead projects from inception to deployment in converged VoIP/Data environments. Provide engineer-based SME level support to end-customers, interface with numerous vendors to provide complete solution.
- Engineering emphasis in industries: defense contractors, hospitality, and financial institutions.
- SonicWALL UTM/NGFWs, Cisco Catalyst, Juniper SSG/SRX, Samsung and Toshiba telephony.
- Provide onsite/offsite support for critical infrastructure components of Navy-based machinist facility.
Sr. Infrastructure Engineer
Confidential, VA Beach, VA
- Report directly to Co-owner and Principle Executive Engineer.
- Systems/Network engineering project TCO from inception to deployment.
- Emphasis on maintaining and supporting critical network infrastructure for municipal, city, and state government agencies.
- Proactive monitoring and infrastructure troubleshooting, SolarWinds, Kaseya, etc.
- Troubleshoot and configure Cisco Catalyst and Cisco ISR appliances in core and at edge (2800/2900 series, Catalyst 3560/3750/4506 , Cisco ASA 5505/5510/5525- X, etc.)
- Maintain various cloud-managed solutions for security compliance, AV, IDS/HIDs, Offsite Backups (disaster recovery), etc.
- Deploy and support long list of vendor solutions for clients across all industries, including (but not limited to): Aruba and Unifi wireless, Juniper SSG/SRX firewall and EX switches, Dell PowerConnect, HP ProCurve, Barracuda, BlueCoat Proxy, Windows/Linux Servers, VMware, Microsoft Hyper-V, and more.
Sr. Network Engineer
Confidential, VA Beach
- Report directly to Executive VP of Technology Services for all network infrastructure matters.
- Emphasis in Federal Contractor environment, methodical and creative troubleshooting approach to maintaining critical infrastructure.
- Multi-site metro ethernet L2VPN MPLS-based network engineering, static/dynamic routing between sites, Juniper EX switches.
- Assist with maintenance of approximately 200+ virtual servers (Windows/Linux) on Hyper-V and VMware in co-located facility.
- Troubleshoot and configure redundant Juniper SRX 650 chassis, with numerous spoke sites in hub-and-spoke topology, including DNAT/Source NAT, hardened zone policies, etc.
- Provide escalated network/systems engineer support for numerous law enforcement, defense-oriented and commercial based clients (Army/Navy/Air Force, maritime security, hospitals, law firms, architecture firms, shipbuilding, aerospace defense, etc.).