SUMMARY

• Active Top Secret (TS) Clearance with SCI Professional Experience: Network Enterprise Architecture (14+ years) Network Enterprise Data Center
• (14+ years) Data Center Disaster Recovery (8+ years) Network Security (10+ years) Wireless Security (4 years)
• Brocade/Foundry (7 years) Super X/Fast Iron GS/SX1600 switches Net Iron MLX - e/Big Iron RX Routers DCX8
• Cisco (14+ years) ASA/FWSM/PIX Firewalls Nexus 7K/5K/4K/2K L3 Switch/Routers Cisco ACS 3.x to 5.x Wireless 4400 Controllers Thin or Light Weight Access Points VOIP
• Web Proxy (6+ years) Bluecoat SG Proxy Bluecoat Director Bluecoat Reporter McAfee Web gateway Cisco IronPort Web Security Appliance Manager & Web proxies Squid Proxy
• Penetration Testing Wired/WIFI (5 year) Backtrack, Kali Linux Knoppix
• Air Defense WIDS (3 years) Sensors Appliance Source fire NIDs (6 years) IPS/IDS Confidential ISS HIDS\NIDS (2 years) IDS HIDS
• F5 Network (12 years ) F5 Firepass GTM Global Traffic Manager LTM Local Traffic Manager ASM App. Security Manager Riverbed (OPNET) Technology (4 years) TOP Layer ( 2 years ) VNE Server IT Sentinel IT Guru Network Planner ARX Appliance
• I have over 16 years of professional experience in Network Design, Support and Security. Through my experience I’ve obtained a broad knowledge in network infrastructure technologies with expertise in customizing solutions that have specialized requirements.
• The clients I’ve supported are the following, Department Of Justice (DOJ) - FBI - Federal Bureau of Investigation, DOD Army (Fort Knox) via I3MP project, Army (Fort Belvoir) via AKO project, DHS (TSA) via ITIP project
• Commercial Financial customers GE Capital, GM/GMAC and Confidential Mainframe datacenter customers ( Confidential, Michelin, JC Penny’s, etc.). I currently hold an active DOD TS clearance with SCI.

PROFESSIONAL EXPERIENCE

Confidential - Arlington, VA

Senior Security Engineer

Responsibilities:

• Cisco ASA Single & Multimode Firewalls (5500 Series)
• Remote (Anyconnect) & Site to Site administration
• ACL, Static/Dynamic Translation administration
• McAfee (Web Washers) Web Proxies (Forward & Reverse)
• Symantec Antivirus
• Confidential ISS HIDS & NIDS
• Sourcefire NIDS
• F5 Load Balancers (LTMs)
• Cisco ACS, Ciscoworks, CSM administration
• Solarwinds monitoring and management

Confidential, Mclean, VA

Cyber Security Architect

Responsibilities:

• Manage Ciscoworks Prime 4.x and Cisco ACS 5.x VMware & appliances to support infrastructure.
• Designed and Implemented Cisco MAB solution for OFR and other DO bureaus.
• Managed Cisco Nexus 4KI and Security Enclave for OFR organization.
• Experience with Nexus 4Ki, 5K and 7K in datacenter environments with Treasury (Designed, Configured, first deployment of Enterprise QoS for DO infrastructure)
• Managed Router ACL’s for Security Enclave for OFR organization.
• Designed and Implemented QoS solution for DO enterprise to support VOIP infrastructure. Also to support enterprise applications for OFR and other bureaus.
• Modified design and configured ASA 5580-40 for a security enclave proposed design.

Confidential

Architect/Engineer

Responsibilities:

• DIACAP Certification and Accreditation of Atlas Application
• F5 Load Balancer Subject Matter Expert (SME)

Confidential, San Jose, CA

Network Architect/Engineer

Responsibilities:

• He assessed customer requirements and network infrastructure on future architect design upgrades. He replaced Extreme Network core with brocade high-end routers and switches.
• He maintained DISA network security STIGs for Brocade layer 2 & 3 switches. Also maintained server security STIGs for Sun Solaris and Windows 2008 servers.
• Strategic Business Systems experience (contd)
• DISA STIGS are the guidelines he used to test, assess, and evaluate technologies deployed within the infrastructure. He scanned windows & Unix applications to verify if services are secure.
• He evaluated the security of the network protocols used by the application with sniffers.

Confidential - Reston, VA

Network Architect

Responsibilities:

• F5 load balance WEB, Application, and backend database tiers. He also worked with the Confidential SOC to review the current IDS/HIDS infrastructure for compliance against customer requirements.
• This lead to an upgrade to replace the current Sourcefire IDS and Confidential ISS NIDS. He also took the lead as the AirDefense engineer on designing and testing Wireless Intrusion Detection System (WIDS) to protect the customer’s first wireless
• WI-FI Protected Access 2 (WPA2) AES-128 certificate based supplicant wireless system infrastructure. He reviewed customer security requirements to update documentation on new architecture.
• He evaluated requirements and new designs in a lab environment while documenting the as-builts for technical references in support of certification and accreditation.
• Assisted in Cisco VOIP administrative tasks and upgrades for internal and remote customer locations.

Confidential - Washington, DC

Network Architect/Senior Network Engineer

Responsibilities:

• As a Network Architect, designing all IT environments within the Confidential Enterprise, with a heavy focus on the datacenter.
• He reviewed customer requirements to evaluate the current infrastructure, and then designed solutions for Confidential to fulfill current and future requirements.

Confidential - Manassas, VA

Senior Network Engineer

Responsibilities:

• As a Senior Network Engineer, responsible for the design, implementation and management of network infrastructure for the Confidential Datacenter and other campus network locations throughout the enterprise.
• His responsibilities were to monitor and maintain datacenter switches, routers, firewalls, Dynamic Host Configuration Protocol (DHCP), Domain Name System (DNS), Simple Mail Transfer Protocol (SMTP) servers
• Cisco and F5 Load Balancers. He worked with third party financial service vendors to maintain their connectivity to the Confidential mainframe.
• He worked heavily with UNIX and Windows administrators on day-to-day requests, projects and issues. He trained contractors to build a dedicated datacenter network team for maintaining daily operations and weekend maintenance updates.
• He managed the network personnel and on-call rotation. He maintained network security for the Confidential datacenter using the following technologies.

Confidential

Network Management Professional

Responsibilities:

• As a Network Management Professional, responsible for managing and troubleshooting E-business, Confidential Internal, and Commercial customer account environments across
• He also monitored customer environments via Tivoli Netview or through E-business operation techs to detect network down issues for customer accounts.
• He supported all Confidential -wide network Local Area Network (LAN)/Wide Area Network (WAN) infrastructure and managed Research Triangle Park (RTP) network infrastructure.
• He was responsible for vendor management consisting of System Network Architecture (SNA), Transmission Control Protocol/Internet Protocol (TCP/IP) connectivity on the LAN/WAN for internal and commercial accounts within
• Confidential infrastructure. He maintained network security for all Confidential Internal datacenters, e-business, and commercial customers.