SUMMARY

• Cisco Certified Internetwork Expert (CCIE # available upon request) with 20 years of experience designing, implementing, and supporting networks for large enterprises up to 300,000 employees in size.
• Experienced in a variety of environments including professional services, financials (stock / bond brokerages, investment banks), accounting, automotive, government, and real estate.
• Recognized for excellent troubleshooting skills and the ability to learn new technologies quickly and thoroughly.
• Reliable and flexible; stays until the problem is solved.
• Team player who can coordinate with other IT disciplines to get the job done

TECHNICAL SKILLS

• Catalyst switch series including Catalyst 9000, 1900, 2900xl, 2948g, 2980g, 3500xl with inline power, 3550, 3560, 3750, 3750 - X, 3850, 4000, 4500, 4500-X, 5000, 5500, 6500, 6509, 6800, MSFC2, Sup 32, Sup 720, SUP2T, SUP6T, Cisco Router series including 831, 2500, 2600, 3600, 4500, 7200 VXR, 7500, SR520W, ISR G1 series including 1800, 2800, 3800, ISR G2 series including 1900, 2900, 3900, ISR4K series including ISR 4451-X, ASR1K series including ASR1001, ASR1001-X, ASR1002, ASR1002-X, ASR1004, ASR1006, ASR9K series including ASR 9006, Cisco PIX 515, 520, 535, ASA 5505, 5508-X, 5510, and 5520 Firewalls, Cisco ACE20 Modules, Juniper (Netscreen) SSG5, 20, 350, and 550 firewalls, Cisco Local Director 416 Load Balancers, Cisco VPN 3000 Concentrators, Iron Port Proxy, 3COM Tipping Point and Juniper IDP / IDS, Checkpoint Firewalls, Provider 1, F5 Load Balancers, Hewlett Packard Hubs, Expand Accelerators, Nortel Routers, Cisco 7960 IP telephones, Fluke LAN testers, TxPort and Adtran CSU/DSUs, T-1, E-1, T-3, DS-0, DS-1, DS-3, WiFi Wireless Routers (D-Link and Linksys), Tandberg Video Conference, Modems (cable and analog)Viptella (Cisco SD-WAN) vEdge 1K, 2K, 5K, vSmart, vManage, vBond.
• Cisco Nexus Switch series including Nexus 9000 (Standalone and ACI mode), 7000, 6000, 5000, 3000, 2000, 1000v, FEX, Nexus 7k/5k/2k.
• Computer Hardware Installation including network Adapters, IDE/SCSI devices (Hard Drives, CD-ROM, Tape Drives), Printers (HP Laser/Office/InkJet), RAM.
• Wireshark, CSPM (Cisco Secure Policy Manager), Juniper NSM Express firewall management platform, Ciscoworks 2000, Network Associates Distributed Sniffer, CiscoSecure ACS, Cisco VPN Client, Cisco Anyconnect VPN client, What’s Up Gold, Solarwinds Orion, MRTG, Aprisma Spectrum, Netcool, Concord Network Health, Snort IDS (Intrusion Detection System), Netscan Port Scanners, Ping Plotter, Visio, IOS, IOS-XE, IOS-XR, NX-OS, CatOS, Proxy, basic knowledge of Cisco Call Manager / Cisco Unified Communication Manger (CUCM) versions 4.x, 6.x, and 7.x.,Windows NT 4.0 Server and Workstation, Windows 3.1/95/98/2000/ Me/XP, Red Hat Linux 9.0 (a few commands), Solaris Unix (a few commands), Novell 4.11/5.0 client software, MS-DOS, Norton Ghost, Microsoft Office, WordPerfect, Internet Explorer, Netscape, McAfee and Norton Antivirus, Traceroute, Ping.
• Network - TCP/IP, UDP, ICMP, CDP, LAN - Ethernet, Fast Ethernet, Gigabit, WAN - PPP, HDLC, Frame Relay, ISDN, Routing - EIGRP, IGRP, OSPF, RIP, BGP, HSRP, VRRP, BFD (Bidirectional Forwarding Detection) Switching - FabricPath, VPC, VPC+, eVPC, Spanning Tree, PVST+, Rapid PVST+, MST, 802.1s, 802.1w, VLAN, BPDU, Trunking - ISL, 802.1q, EtherChannel, VPC, VSS, VXLAN, Security and Encryption - GETVPN, DMVPN, IPSEC, DES, Triple DES, IKE, ISAKMP, ESP, AH, GRE, PPTP, IP access lists, DMZ, TACACS+, Radius, AAA, Multicast - PIM, CGMP, IGMP, VOIP - Working knowledge of Voice over IP protocols such as MGCP, SCCP, H.323, SIP, RTP, Misc. - DHCP, ARP, SNMP, FTP, TFTP, Telnet, DNS, HTTP, SMTP, WINS, IP Subnetting and Addressing, QOS, CBWFQ, LLQ, Priority Queuing, Route Filtering, Route Redistribution, NAT.

PROFESSIONAL EXPERIENCE

Confidential

Network Consulting Engineer

Responsibilities:

• Provide subject matter expertise and act as a trusted advisor to clients for Routing/Switching and Data Center Networking products and technologies
• Provide Network Optimization Services and Best Practice Recommendations
• Review customer designs and implementation plans and make recommendations
• Perform analysis and diagnosis of complex network problems & designs
• Build simulated networks in test labs to resolve problems and compatibility issues
• Provide ad hoc systems/product training
• Act as the technical specialist for complex deployments
• Provide guidance and direction to junior engineers and review their work for technical accuracy
• Work closely with Cisco TAC, Sales, Engineering to resolve service issues
• Generate reusable Intellectual Capital in the form of standard customer deliverables
• Provide remote or onsite deployment support
• Notable projects including:
• Assisted global financial institution client with the design, planning, equipment selection, implementation, and migration support of new routers and switches for their ISP consolidation project which consolidated over 20 different internet routers and 20 different internet circuits down to four ASR9K's and four 10gig Internet circuits.
• Performed Code Testing, project planning, generated how-to procedure documentation, best practice recommendations, and provided change support to financial institution on global GETVPN upgrade project involving 7 key servers and over 400 group members globally.
• Optimized configurations of Nexus 7k/6k and ASR1k’s in financial institution trading floor environment to reduce failover time from 3 minutes down to 750 milliseconds.
• Wrote LAN Security Best Practice Guide and provided code and configuration recommendations to help improve the security posture of Campus LAN environments for a “Big Four” global Accounting firm
• Working on a large scale migration from GETVPN to SD-WAN for a large financial client
• Assisted with CPOC (Customer Proof of Concept) testing of the SD-WAN solution for the financial client.
• Assisted a large healthcare client with a redesign and migration of their network from a flat EIGRP design to EIGRP with BGP between regions which solved a number of scalability issues they were facing

Confidential

Senior Cisco Network Engineer / Team Lead

Responsibilities:

• Team Lead for NAFTA Networking Team which was responsible for all Confidential - Confidential USA networks as well as shared service networks used by Daimler affiliates such as Confidential - Confidential Financial, Sprinter, Smart Car, and Daimler Trucks North America.
• Provided network design, implementation, and level 2/3 support.
• Worked on Data Center Consolidation and Virtualization Project.
• Migrated Confidential - Confidential USA from a single legacy data center to two active / active Data Centers.
• Deployed Nexus 7000, 5000, and 2000 series switches and migrated servers from the Catalyst 6500's to new Nexus 7k/5k/2ks.
• Tested and implemented new technologies such as FabricPath and VPC.
• Worked with VMware administrators to provide connectivity for Cisco UCS C and B series blade chassis including setting up the Fabric Interconnects and connecting them to the N5Ks.
• Worked with VMware administrators to deploy Nexus 1000v virtual switches on ESX hosts.
• Collaborated with Network Architects in Germany to create customized network designs based on Daimler global standards and Cisco best practices.
• Worked with server administrators and application developers to migrate applications from a flat legacy environment with no security between zones to a highly secure network based on 3-Tier architecture model.
• Worked with developers to document data flows and troubleshoot connectivity issues.
• Installed and configured Cisco ACE 20 / ACE 30 (Application Control Engine) load balancer modules in Catalyst 6509 switches.
• Migrated from Cisco CSS load balancers to Cisco ACE load balancers.
• Configured server, firewall, and IPS load balancing policies on the ACE.
• Configured advance features such as SSL offloading/acceleration, stickiness, and TCP normalization on the ACE.
• Performed routing configurations using protocols such as BGP and OSPF as well as traffic engineering using PBR (Policy Based Routing).
• Configured QOS policies on WAN and branch office routers using LLQ / CBWFQ.
• Added, deleted, and modified rules on Checkpoint firewalls.
• Configured HTTP and FTP access policies on Iron Port Internet Proxies.
• Monitored and performed vaccine/signature updates on Tipping Point and Juniper IDP/IPS.
• Troubleshot complex networking issues using packet capture tools such as Sniffer, tcpdump, and Wireshark.
• Created and update Visio diagrams and network documentation.
• Created procedures and work instructions for the level 1 NOC technicians to follow.
• Provided mentoring and guidance to junior engineers.
• Reviewed and approve firewall rules and network changes.

Confidential

Senior Network Engineer

Responsibilities:

• Created design for new WAN infrastructure consisting of EPRS primary (Ethernet Packet Ring Service also known as Ethernet over SONET) circuits with VPN over Internet as a backup.
• Evaluated SONET, Metro Ethernet, MPLS, and Internet offerings from various service providers and assisted in provisioning.
• Provided lab performance testing for the Juniper (Netscreen) SSG5, 20, 350, and 550 series firewalls.
• Performed a migration of Checkpoint firewalls to Juniper SSG 350’s at a branch site.
• Evaluated and made recommendations for new hardware purchases.
• Performed memory, flash, and code upgrades for Catalyst 6504, 6506, and 6509 series switches.
• Converted Catalyst 6500 switches from hybrid CatOS to native IOS.
• Installed Solarwinds Orion network monitoring platform.
• Configured NetFlow on Cisco routers and switches.

Confidential

Senior Network Engineer

Responsibilities:

• Senior network engineer for the IDN (Integrated Data Network) Collections team.
• Performed an assessment of the network environment and made recommendations for improvement.
• Lead the effort to integrate the IDN Collections network team into a larger shared infrastructure team.
• Documented processes, procedures, and work flows and made recommendations for improvement.
• Configured routers and switches to support new multicast feeds from major financial exchanges such as Nasdaq, NYSE, CBOT etc...
• Troubleshot network issues including latency and packet loss using tools such as Wireshark analyzers.

Confidential

Senior Network Engineer

Responsibilities:

• Senior network engineer for the E-Commerce department at Confidential .
• Responsible for securing the E-Commerce infrastructure in a complex multi-tiered DMZ environment.
• Performed a large scale migration of the Client Access Network from Nortel to Cisco gear including Catalyst 6509’s with Sup 720’s, Cisco 2960 switches, and Cisco 3845 and 2811 routers.
• Modified rules on PIX firewalls and router ACL's to permit or deny traffic.
• Configured BGP peering between internal and external autonomous systems.
• Controlled route filtering through route maps, access-lists, and prefix lists.
• Configured redistribution between RIP, OSPF, BGP and static routes.
• Maintained and deployed network hardware in a complex multi-vendor environment.
• Troubleshot problems that have been escalated by network operations team.
• Acted as project manager / team lead for the network implementation team.
• Worked with developers to resolve connectivity and performance issues.
• Created network designs and standards.

Confidential

Senior Network Transport Consultant

Responsibilities:

• Conducted an applications availability assessment for critical Dow Jones services. This entailed a complete assessment of network, server, and storage infrastructure to determine risks and exposures.
• Met with business and technology executives to learn application flows and discuss problems areas.
• Provided network design recommendations to help improve availability and performance.
• Created presentations to document and discuss findings with Senior Management.

Confidential

Senior Network Engineer

Responsibilities:

• eSpeed is the electronic trading (ECN) division of Cantor Fitgerald which has merged with BGC.
• Supported the LAN/WAN for a large financial network (over 500 routers and switches) with several hundred customer sites and branch offices domestically and internationally.
• Designed and implemented new network configurations.
• Built deployed, maintained, and upgraded routers, switches, hubs, and firewalls.
• Coordinated projects with business units and other IT departments.
• Created and updated network diagrams using Visio.
• Resolved complex network problems throughout the enterprise.
• Monitored the network for faults, alarms, and performance.
• Worked with eSpeed customers to troubleshoot connectivity and software issues.
• Configured statics and PAT/NAT to translate addresses on the PIX firewalls.
• Configured conduits and ACL’s on PIX firewalls to allow or deny connections.
• Maintained network security on customer, enterprise, perimeter, DMZ, and extranet networks using access lists, distribute lists, route filters, and firewalls.
• Used granular bandwidth measurement tools such as Corvil to achieve QOS targets such as minimizing latency, jitter, and packet loss.
• Conducted sweeps and port scans on workstations and servers to test for vulnerabilities such as Nachi and MSBlaster worms.
• Configured Site-to-Site (LAN-to-LAN) IPSEC encrypted VPN tunnels to remote offices and partner sites through the internet using such hardware as Cisco 3030 VPN concentrators and 3660 routers with AIM modules.
• Created user accounts, groups, rules and filters on Cisco 3030 VPN concentrators.
• Troubleshot VPN clients and problems associated with home firewalls.
• Configured and troubleshot EIGRP routing throughout the enterprise.
• Configured and troubleshot RIPv2 and BGP routing between vendors and partner sites.
• Configured BGP peer relationships between perimeter routers and redundant ISPs.
• Configured route filtering for BGP advertisements using route maps and access lists.
• Configured redistribution of routes between disparate routing protocols and autonomous systems.
• Maintained Internet connections, perimeter networks, and DMZ networks that host a variety of web services ranging from high volume web sites to high volume, delay sensitive, and security sensitive internet trading applications.
• Configured Cisco Local Directors to load balance traffic to web servers and session managers on the DMZ.
• Worked with carriers to turn up, configure, and troubleshoot fractional and full T1’s, T3’s and frame relay circuits.
• Installed wireless 802.11b networks using Linksys and D-Link routers / firewalls with WEP encryption.
• Used protocol analyzers such as Sniffer to troubleshoot and baseline the network.
• Worked with developers to baseline and troubleshoot applications before deployment.
• Delegated projects and provide guidance to junior engineers.
• Implemented Fast EtherChannel and Gigabit EtherChannel connections on the campus backbone switches.
• Implemented 802.1q and ISL trunking between backbone switches.
• Created new VLAN’s and configured inter-vlan routing on Catalyst 6509 switches with MSFC2 router modules.
• Configured HSRP for redundancy on user and server segments.
• Maintained and tested Category 5E cable plant using Fluke One Touch LAN testers.
• Configured the distribution of marketdata multicast feeds using CGMP, IGMP and PIM.
• Interfaced with market data vendors to ensure feeds and trading systems are available to brokers.
• Implemented QOS for Voice over IP traffic using priority and LLQ queuing on WAN routers.
• Assisted the IP telephony administrator with Call Manager Configuration, rollout of IP phones, and troubleshooting voice call quality issues.
• Evaluated new network products and network management applications.
• Created documentation for problems, procedures, and instructional guides.
• Deployed and troubleshot Tandberg video conferencing units.