TECHNICAL SKILLS

• Hands on experience with Zoom, Webex, Nmap, John the Ripper, Metasploit Pro, Rapid7 NeXpose, Windows Server, Cisco routers, Cisco switches, Juniper Routers
• Juniper Firewalls, VMWare, VC, VOIP, Meraki, VPN and DMVPN in Data Center Environment. Experienced in network pen testing, development, training and design using
• Kali Linux, Stunnel, Web Inspect, Paros. Experienced in using Network Protocols and Services such as TCP/UDP, EIGRP, OSPF, BGP, DNS, SNMP, FC, iSCSI, SIP
• Kepware, IPsec, SSL, CAR, DHCP, GRE, VRRP, NTP, IPv4, IPv6, QoS, HSRP, MPLS, VDC, VSAN, VLAN, ACL, VPN, VACL, DMVPN, 5G, 40Gb

PROFESSIONAL EXPERIENCE

Sr Network Engineer

Confidential

Responsibilities:

• Strong troubleshooting and design skills for PLC Rockwell
• Automation ControlLogix and Siemens/TI 505 based controllers
• Root cause analysis on any issues that resulted in downtime or unwanted behavior.
• Refactor existing python scripts and add new features to improve its functionality
• Utilized SolarWinds to develop and distribute in - depth analysis and reports on network data, system availability, and performance for all applications.
• Developed system security plan to provide an overview of federal information system security requirements and described the controls in place to meet those requirements.
• Responsible for incident response and containment of security compromises, and malware infections
• Programming languages: VB .NET, C#, C, C++, JAVA, HTML, Perl, VB script, bash, python, puppet, Shell and PowerShell
• Cyber Security Technology, Threat Modeling & Intel, Cyber Security Ethical Issues, Wireless and Mobile Security, Splunk (ES & ITSI), Evident.io, AirWatch, AlienVault, CrowdStrike falcon, Rubrik, Okta, SignalFx, SCCM, Office 365, SCOM and OMS 2016.
• Lead team efforts in performance of information security risk assessments, security controls and corrective actions to mitigate risk using model, such as NIST 800, PCI DSS, HIPAA, FERPA, and NERC.
• Work with development team and managers to gather requirements to further streamline the existing workflow
• Setup Docker containers in local environment to deploy salt states and setup JBoss webserver
• Our support tools stack includes Bitbucket, Bamboo, Atlassian Jira, Atlassian Confluence, Artifactory, Splunk, Zabbix, Salt Master, MySQL etc
• Enterprise Network architecture and compliance for ICS (Industrial Control Systems)
• Work with developers to create new modules and automate their builds and deploys
• Upgrade Wireless infrastructure utilizing Meraki MR53
• Work on setting up the hotfix process for bugs in our code, versioning changes and release process
• Installed and managed Exchange 2003. Migrated from Exchange 2000 to 2003 then from 2003 to 2010
• Upgrade Controller integrated Servo Motion Control (Allen- Bradley; Emerson; Axima)
• Expert in various IP routing & switching technologies such as OSPF, EIGRP, BGP, RIP, HSRP, VRRP, GLBP, LACP, STP, Fabric Switches, VXLAN, MPLS, DMVPN, NTP, DHCP and DNS
• Deployed Aruba 500 series access point in dense areas for improved WiFi experience.
• Implemented NSX-NV L2/L3 architect over existing physical infrastructure.
• Utilize F5 LTM to Load Balance Circuit\System to provide Redundancy during high utilization or outage.
• Monitor Security Cameras for Port access with Genetec Software
• Solid hands on experience with Cisco ASA Firewalls(55XX,5512-X,5515-X), Palo Alto, IPS (42XX), PAN-OS, Cisco ISE, ACS, DMVPN, IPSec, NAC, content security and Identity management
• Follow internal configuration and change management processes.
• Designed and implemented a revised network management system with Catalyst and Nexus 7k, 9k switches using SNMPv3, and Cisco Secure ACS 5.3 (TACACS+) in a Datacenter Environment.
• Knowledge of Connectivity medium administration and design (Ethernet IP, ControlNet, Device Net, ProfiBus, Remote I/O, and serial over multiple mediums.
• Implemented network security for remote access to database and application servers. Tasks included configuring site-to-site and clients-to-site VPN tunnels through multiple Juniper VPN concentrators and SRX firewalls
• Research Designed Deployed New Meraki Cloud MR MS MX solutions for branch offices
• IOS\NXOS upgrades for Cisco switches and configure
• Windows security patching using WSUS for Windows 2012
• Created working LAN topology for two major Distribution Centers detailing logical/physical ports.
• Design network diagrams for new branch offices.
• 24hr on call availability during network outages
• Manage IDP operations that included log collection, analysis, reporting, and alerting, sensor/console management and capacity, performance, and availability monitoring, fault diagnostics, and signature and policy updates for IDP.
• Perform upgrade of Juniper SSG5 6.3 to MX and tested failover redundancy for Internet access.

Sr Network Engineer

Confidential

Responsibilities:

• Utilize Visio for making network designs and wiring schematics.
• Perform disaster recovery plans, implementation and administration.
• Create projects documentation including high level design, low level design, design build specification and Proof of concepts.
• Robotics Fanuc 4 and 5 axis, Adept SCARA
• Install, configure, and administer IDP - Sensors.
• Build Setup and source/version control of custom sources.
• Ensures knowledge and control of changes to organizational systems and environments of operation; and maintains awareness of threats and vulnerabilities
• Verified compliance with information security requirements derived from organizational missions/business functions, federal legislation, directives, regulations, policies, and standards/guidelines.
• Hands-on technical assistance for information security to aid in securely configuring systems or troubleshooting security issues.
• Worked closely with management support teams and customer network and operations teams to establish and document requirements to complete implementation and configuration tasks
• Used COTS security tools, managed data feeds, and integration to manage risk for network security posture.
• Managed and maintained all critical server in company datacenter servers
• Setup and administered Active Directory/DNS servers
• Install, configure, and administer IDP-Sensors.
• Monitored IDP Sensors for misuse
• Server and network systems monitoring using third party applications
• Installed, configured and administered printing devices including firmware upgrades
• Configure IPSEC VPN tunnels between Juniper and other endpoint devices using IKE pre-shared keys, 3DES and MD5
• Wrote engineering requirements such as Frame Relay, PPP/HDLC, Ethernet, automatic IP address allocation, OSPF, EIGRP, redistribution, distribute lists, static routes and ISDN
• Monitor LAN/WAN via Solar Winds to minimize network down times.

Sr. Network Engineer

Confidential

Responsibilities:

• Migrate end users from Local 7040 OptiPlex to Dell PC VMware Quest Environment
• Support SCADA systems, Level 1 and 2 manufacturing equipment and instrumentation, industrial labeling (SATO, Zebra, Intermec) and associated peripheral systems
• Advance Knowledge about TCP/IP and OSI models
• Deployed and support an enterprise Cisco VoIP Telephony including CUCM 8.6. CUCM 9, Unity Connection, Voice Gateways and Analog Gateway.
• Configure Cisco AnyConnect to allow end users to bring your own device (BYOD).
• Hands - on experience with Cisco Access Points, Cisco Wireless implementation and support, Cisco 12XX series access points and Cisco Wireless LAN Controllers 2500,4000 and 5800s controllers in campus implementations.
• Monitor, maintain, analyze, and troubleshoot company network systems using Solar Winds
• Expert knowledge of LAN protocols STP, RSTP, MST, VTP, VLAN and Port Channel Protocols LACP, PAGP.
• Provide technical oversight and management of all network infrastructures Checkpoint\Cisco\Juniper.
• IOS upgrades for Cisco switches and configure
• Designed templates to normalize configuration for Cisco routers and switches like 2911, 3650,3750
• Manage and maintain network asset inventory.
• Researched and developed firewall policies tethered with advance URL filters allowing clients to adequately surf the web without compromising network security.
• Perform sensor tuning and general IDP system troubleshooting
• Updated signatures/rule sets, researched and tracked vulnerabilities
• Implement Syslog to monitor network activities.
• Implement intrusion detection agents and capabilities.
• Design and implemented switched networks utilizing Layer 3 switching technologies.
• Work with Network Management Systems to monitor the health of the network as well as collect statistics for reporting functions
• Provide onsite and/or off-site support during non-business hours.
• Travel to remote site for implementation.

Network Engineer

Confidential

Responsibilities:

• Migrated transparent ASA 5500 series firewall to 5515x routed mode for PCI compliance.
• Coordinate with appropriate staff to establish effective network monitoring and problem notifications
• Engaged in the use of ticketing and change control systems
• Troubleshooting of complex technical problems that cross - discipline boundaries
• Professional demeanor and strong work ethic
• Administer MS server 2003/2008 R2 Active Directory.
• Configure, mount, and rack network equipment
• Vulnerability Management Consultant in charge of Top Secret and Secret networks controlling 20 servers.
• Develop and maintain security plans and security testing plans and improve risk models, metrics, reports, processes.
• Debug any performance issues, disk space, permissions, firewalls etc
• Conducted analysis, and disseminated scan results to senior management and provided patch management recommendations
• Implement Syslog to monitor network activities
• Upgrade as well as manage PC anti-software
• Implemented and supported network solutions on multiple platforms
• Executed fault tolerance design /configuration on Cisco Routers/Switches VRRP, HSRP, LACP. Support Cisco network devices globally.
• Independently support LAN/WAN connectivity at eight Regional Distribution Center for the Texas Southern Region.
• Implement VLAN, VTP domain, trunking and IP addressing schemes on Cisco switches.
• Provide Tier III network support to remote clients.
• Configure Cisco 4500 Series, 1921 Series, 1841 Series, 2960S, 2960G
• Rolled out 1000+ computers and converted desktop platform from Windows XP to Windows 7.
• Manage wireless client via WCS
• Provide detailed technological reports of test activities, developed procedures for network testing, and provided recommendations for a central management solution.
• Maintain documentations of all related network/telco devices for branch openings and closing.
• Migrated Frame Relay to MPLS
• Test solutions which allow wireless users privilege to access the public internet by mapping WLAN to VLAN then routed on a secure tunnel.