SUMMARY:

• Able to configure and troubleshoot LAN/WAN problems to include CISCO routers/switches/ASA/PIX firewalls, Call Manager, 3Com Switches, Copper, Fiber, and Media Converters
• Information technology professional with 10+ years experience in the design, installation, operation, and maintenance of Local and Wide Area Networks
• Certifications: CCIE #17074 (Emeritus), CCNP, CCNA
• In depth knowledge on how to program, install and maintain Palo Alto Firewalls, Panorama, Cisco IOS routers, Catalyst Switches, Nexus Switches, ASA Firewalls, FWSM, Cisco Wireless solutions, Cisco Unified Communications, Tandberg Video
• Experienced in setting up and managing Port Security, Access Lists, Sys Logs, Traps, Vlans, VTP, DTP, Encrypted Passwords, SSH, TACACS+, QOS, NTP, SNMP, Voice Vlans, QOS, MLS, HSRP, RIP, RIPv2, OSPF, EIGRP, BGP, Redistribution, Static Routing, NAT, DHCP, Frame Relay, AAA, PPP, IPv6, IP Subnetting, T1, Voice Gateway, MGCP, GRE, DMVPN, VPN (IPSec), Route - Maps, Policy Based Routing, EIGRP, OSPF, BGP
• Detailed experience with OSI model, network routing and switching and network security
• Strong communication, organizational, problem solving, and analytical skills
• Conscientious and detail oriented
• Able to handle multiple projects and set effective priorities to achieve immediate and long-term goals and operational deadlines

PROFESSIONAL EXPERIENCE:

Sr. Network Security Engineer

Confidential

• Network Security Engineer/Digital Security Consultant responsible for overall network security
• Designed and deployed 35+ Palo Alto firewalls across network to secure Internet edge as well as protect PIN/PCN Networks
• Palo Alto Firewall technologies utilized consist of the following: UserID, Multiple VSYS, URL Filtering, Wildfire Analysis, Panorama, Global Protect VPN, Site2Site VPN, QOS, NAT, etc.
• Designed and deployed ASA-SM Firewalls in Data Center core for protection of all corporate services
• Working on design for PIN/PCN network build-out that using the following technologies: Palo Alto Firewalls, Citrix, Cisco routers and switches, PingID MFA
• Completed project to migrate all AAA from Cisco ACS to Cisco ISE. Full wired and wireless network 802.1x redesign utilizing profiling
• Part of project was to update and secure Wireless Network
• Manage Digital Security Training program including online training and simulated Phishing through third party company Wombat Security
• Implemented OpenDNS to help secure network from Phishing and to provide URL filtering
• Perform analysis and track Virus outbreaks, Phishing, Malware, and other security related events
• Provide feedback and digital security suggestions to management

Sr. Network Architect

Confidential

• Network Projects Architect working on the design and implementation of upgraded Telecoms Infrastructure covering the second largest oil field in the world
• Lead designer on a Campus Redesign project implementing industry best practices utilizing mostly Cisco networking and security equipment.
• Created Low Level Design (LLD) documentation and detailed Handover to Support documents for all completed projects

Sr. Network Architect/Team Lead

Confidential

• Senior Network Architect supporting Department of Defense (DOD) networks in Iraq
• Manage team of 13 Senior IT professionals including Networking, Voice, Systems and IA
• Track projects and brief senior leadership on progress
• Key player in coordination of DOD turnover of networks to Department of State (DoS)
• Develop highly complex network designs and associated BOM to meet DOD standards

Sr. Network Engineer

Confidential, CA

• Senior Network Engineer for Confidential, INC Corporate IT
• Managed Confidential ’s corporate network consisting of 15+ remote sites, 4 Data Centers, multiple Internet gateways, MPLS and DMVPN clouds
• Responsible for working with vendors on all network equipment purchases totaling over $18M in 3 years
• Team lead for network integration on Wild Blue Communications acquisition
• Performed in depth technical and cost comparison between Juniper Networks and Cisco Systems on new Data Center and made recommendations to senior executives. Teams recommendations were ultimately chosen by the company
• Worked with internal teams and vendors to design new PCI and SOX compliant Enterprise Data Center. Data Center network equipment includes over 400 pieces of network gear including Nexus switches, Catalyst Switches, IOS routers, ACE Load Balancers, ASA Firewalls, Netscreen Firewalls, Juniper Routers, Sourcefire IDS and took 9 months to build
• Designed, and managed the installation of new office building network and Unified Communications (UC) solution. Managed Multiple vendors during the design and installation of structured cabling, wired and wireless network gear and UC solutions
• Implemented company-wide VTC solution including Tandberg Video units, Video Control Servers (VCS), Tandberg Management Suite (TMS), Multipoint Control Units (MCU)
• Conducted company-wide Cisco Smartnet audit and rationalization. The end result saved the company $2M over 3 years

Sr. WAN Engineer, MNC-I Signal Brigade

Confidential

• Senior WAN Engineer for Iraq Tactical Assets
• Re-engineered all tactical BGP networks utilizing detailed and complex route-maps and several different BGP attributes and communities. The end result ensures symmetrical and predictable routing in and out several multi-homed autonomous systems
• Responsible for the WAN connectivity for 100,000+ end users
• Engineered several data networks servicing from 50 to 5,000 users to include IP scheme, Vlan layout, routing protocols, AES 256 encrypted GRE tunnels and QOS
• Utilize line-of-site (LOS) radio, satellite and troposphere propagation (TROPO) connections to guide and support network connectivity among remote locations
• Identify and resolve all network connectivity issues by utilizing a structured and systematic process
• Designed and implemented a mobile solution that allowed the Commanding General access to the local unclassified and classified networks from anywhere in the world.

Enclave Network Administrator

Confidential

• Senior Network Administrator for the International Zone Enclave team, Baghdad, Iraq
• Managed 4 separate networks (NIPR, SIPR, CENTRIXS, and Baghdad Forum) routed to over 40 remote sites
• Utilized EIGRP to route 40+ sites over Fiber, Copper, and microwave shots
• Program, Install and deploy General Dynamics KG-175 TACLANES on various networks for encryption of sensitive data and voice traffic utilizing manual programming and General Dynamics Encryptor Manager (GEM)
• Implemented security measures and standardized configurations on all Cisco switches and routers
• Utilized Cisco Works to perform configuration changes, IOS upgrades and audits