SUMMARY:

• Highly skilled technical individual who is able of operating independently or within a team.
• Confidential has a proven track record of success and is best known for his integrity, efficiency and broad talent. Confidential is presently looking for senior level, hands - on position as a senior network systems engineer.
• Network Architecture, (Design Engineering, Implementation and Operation)
• Systems Engineering, Implementation and Operation (Windows/Linux)
• Telecommunications Service Provider Operation and Management
• Datacenter Engineering / Operations
• Detailed Engineering Design Documentation
• LTE/4G/5G Evolved Packet Core Engineering and Operation
• Software Defined Data Center (SDDC)
• Operational Support Systems (OSS) / Business Support Systems (BSS) / Network Management Systems (NMS)
• Network Management Systems (NMS) Expert
• Infrastructure as a Service (IaaS) (OpenStack, CloudStack, AWS, Azure)
• Platform Virtualization, Infrastructure Virtualization, Application Virtualization
• Issue Mitigation and Remediation & Pre/Post Disaster Recovery
• Security, Intrusion Detection and Prevention Systems (IDS, IPS)
• Penetration Testing / Vulnerability Remediation
• Firewall, Switch and Router Software Configuration
• Software Defined Data Center (SDDC)
• Network Traffic Engineering and Systems Optimization
• Network Programming, Orchestration and Automation
• Storage System Management and Administration
• Cloud Systems Operations
• Wireless Systems (Meraki, Legacy Cisco WAP, Aruba, Ruckus, Mikrotik)
• VoIP & E-Mail Systems Administration

TECHNICAL SKILLS:

Languages: PERL, XML, Shell Scripting, C#, RegEx, Python, YMAL

Operating Systems: Windows, Linux (CentOS, Slackware, Debian, Fedora, SUSE)

Platforms: Arista EOS, Cisco IOS, Cisco NexOS, VyOS, RouterOS, FortiOS, CatOS, HP, DELL, Etc.)

Virtualization: Infrastructure (ESX, XEN, KVM, Parallels, vSphere, Containers)

Virtual Network Appliances: Big-IP LTM, Vyatta, RouterOS, PFSense, Cisco veASA, Checkpoint)

Hardware: Cisco UCS, HP 9000, Dell VRTX

Applications and Environments: MS Office (Word, Excel, Powerpoint, Outlook, Visio, etc.. OpenOffice, .Net, X, Element Management Systems, Shell, X)

Operational Support Systems / Network Management Systems: Ericsson OSS-RC, OpenNMS, Request Tracker, Cacti, Nagios, Castlerock SNMPc, Solarwinds, PRTG, HP OpenView, Xerox/Newfield Truecall, Micromuse Netcool, Cisco CTM, Foundry INM, RANCID)

Facility Management Systems: Visionael, Confidential, Martin-Group, Granite, OasisFM

Trouble Ticketing Systems: Remedy, Request Tracker, Online Ticket Request System, Microsoft CRM, Trouble Portal, Confidential JMS, Service Now

Network Graphing, Security Analysis and Diagnostic Utilities & Applications: MRTG, PRTG, Cricket RRDTools, SNORT, TCPDUMP, ETHEREAL (Wireshark), NAGIOS, TrueCall, OpenNMS, Cacti, Osiris, theDude, Cisco Prime Data Center Manager, Logic Monitor. NMAP, KALI, Metasploit), NMAP, Plixer Scrutinizer.

Security,Firewalls & VPN: Intrusion Detection Systems IDS, Intrusion Prevention Systems IPS, Cisco ASA Family, Fortinet, Palo Alto, Checkpoint, Sonicwall,, IPSEC, PPP, PPTP, L2TP, SSH, VPC, AAA, Diameter/Radius, LDAP, DMVPN, TTLS/MD5/IKE, Adaptive Security Appliance ASA (5500 Series), Cisco Private Internet eXchange (PIX), IP Tables, GRE/VPRN, MPLS, DMVPN, Fortinet (FortiOS),, Checkpoint, Palo Alto, Sonicwall)

Data Center: SDDC (OpenVirtualSwitch, Cisco Nexus, Extreme, OpenStack Heat, IAAS)

Orchestration and Automation: Openstack, Ansible Network Admission Control / Network Access Control Systems (NAC) Cisco Identity Management Engine (ISE), Cisco Access Control Server (ACE), TACACS+

Software Defined Network Controllers: Faucet, Open Floodlight, Open Daylight, WLC

Wireless Systems Infrastructure: Cisco Legacy/Traditional Wireless Systems, Cisco (Meraki) Systems, Airspan, Mikrotik, Ubiquity, Ruckus, Aruba)

Routing, Bridging & Switching (OSI 2&3): TCP/IP, Routing, BFD, MPLS, VPLS, BGP, OSPF, RIP, STP, SIP, SRB, ATM

Network Communications Protocol Analyzers & Traffic Generators: Ethereal/Wireshark, Spirent, Fluke, (x)Perf, (+Legacy BERT, OTDR Systems).

Database Platforms: MySQL, Microsoft SQL

Cloud Platforms: Amazon Web Services, Microsoft Azure, Inter-server

Data Center Platforms: Arista, Nexus, OVS

Storage Area Networks / Network Attached Storage: VMWare vSAN, NetApp, EMC

VoIP: SIP, Cisco Call Manager, Cisco Unity, Cisco UCCX

EXPERIENCE:

Senior Network Architecture and Security Engineer

Confidential, Rockville, MD

Responsibilities:

• Serve as hands-on technical expert and assumes additional responsibilities as needed to develop customer solutions/integrations, solve firewall/networking engineering.
• Assist with security and audit activities related to Cloud infrastructure.
• Implement Network Access Control / Network Admission Control (NAC), AAA, ACS
• Produce build and implementation documentation for configuration of firewall, network, and switches.
• Senior Escalation support for Operations.
• Advised and assisted staff and clients in translating business requirements to technical requirement to functional requirements.

Information Technology Infrastructure Consultant

Confidential

Responsibilities:

• Network Systems Infrastructure Administration and Engineering Services
• (Virtualization, Storage, Firewall)(Cisco, Arista, FortiNet, Juniper, Windows, Linux, HP, Force10, Aruba, Meraki)
• NMS/BSS/OSS Inter-System API Developer (Structured Software Design and Programming)
• Infrastructure Assessment / Solution Architecture / Applied Systems Engineering
• Consultant / Program Manager / Project Engineering

Lead LTE EPC Network Architect

Confidential, Houston, TX

Responsibilities:

• Managed LTE/4G Radio Access Network (RAN). Managed LTE/4G Evolved Packet Core (EPC).
• Implemented Operational Support System (OSS), which involved multiple Element Management Systems, automated performance data collection, processing, and reporting.
• Lead research and development of alternative service technologies (e.g., Brocade, SiRRAN, ExteNet, Vyatta, F5 Networks, Cisco Nexus, Juniper, Extreme Networks, Mikrotik, Citrix, Linux,).
• Established Evolved Data Center incorporating a HA Infrastructure.
• Responsible for the research and development and successfully Hyper Convergence of the Organization’s Evolved Packet Core.
• Staff Subject Matter Expert (SME) for Ericson Mobile Packet Backbone Network (MPBN), Ericsson Multi-Mediation (EMM), Mobility Management Entity (MME), Operational Support System (OSS), Converged Packet Gateway (CPG)(pGW)(sGW), LTE Domain Name Service (DNS), Home Subscriber System (HSS), Network and Systems Security (Remote Access and Control), Configuration Management (CM / Configuration Backups), Service Aware Policy Controller (SAPC) (PCRF), Ericsson Multi-Activation (EMA)..

Senior Staff Consultant

Confidential, Houston, TX

Responsibilities:

• Program Manager for a team of professional services software engineers.
• Automated various OSS/BSS provisioning functions.
• Documented Business Processes and Procedures and Project Plans.
• Performed software code review and testing (Q&A)
• Designed implemented and supported data, voice and video service.
• Technical Subject Matter Expert (Routing, Switching, Systems: Command, Communications, and Control)

Senior Engineer

Confidential, Houston, TX

Responsibilities:

• A Leader: Provided guidance and support to Provisioning, Facilities, and (Network & Field) Operations
• Network Systems Infrastructure Administration and Engineering:
• Principle Unix/Linux Infrastructure Engineer & Administrator ( Solaris, Linux, BSD)
• Operational Support System (OSS) & Telemetry Systems Infrastructure
• Automated Element Backups, and Change Monitor (Scripted + RANCID)
• Established Traffic Monitoring, Data Logging and Alert Systems (MRTG/Cricket + Big Brother/ Hobbit.)
• Responsible for all configurations Routers, Switches, Routing Protocols.
• Information Technology Systems Engineering and Support (Multi-disciplinary)
• Provided guidance and support to IT for Corporate Back Office Systems
• Windows Active Directory Administration / Support / Troubleshooting
• Exchange 2003 Support
• Storage Systems Support ( SAN/NAS )
• Internet Services Administration (Systems and Applications)
• Exchange 2003, DNS, DHCP
• Corporate Voice Systems Administration
• Corporate and Production Security Administrator ( IPS / IDS / ASA / PIX )
• Responsible for all Firewall configurations, traffic monitoring, and event logging.
• Implemented Intrusion Prevention System (IPS) for production network, and IT
• Implemented Intrusion Detection System (IDS) for Corporate IT network
• Charged with CALEA readiness (Service Provider)
• Disaster Recovery System Preparedness
• Assigned to assure Data Replication and Host Configurations.
• Tasked to perform annual DR simulation
• Systems Virtualization Architecture and Administration
• Resident Virtualization Expert
• Responsible for Virtual Hosting Platform Evaluation (ESX, ESXi, XEN, Solaris Containers) (Documentation)
• Implemented Systems Virtualization (ESX, ESXi, XEN)
• Application Virtualization
• Managed Legacy Citrix Application Farms
• Traffic Engineering / Capacity Management:
• Documented Traffic Management Guidelines and Implemented by way of Load Balancing, offloading, and policy markings.
• Principle Internet Services Administrator
• Managed IP Transit Providers (BGP Peers)
• Maintained Route and IP Number registrar databases.
• Network Architecture / Multi-Layer Capacity Planning
• Designed, implemented, and maintained IP routing and security infrastructure.
• Tier IV Support (24x7)
• Telecommunications, Data & Voice Network Engineering
• Network Planning, Design, Documentation, Implementation, and Support.
• Generated Engineering Documentation
• Asset Tracking / Material Management / Project Management
• Records Management
• Metro Ethernet / SONET / IP & Data Transport Engineering & Support
• Wireless Microwave Communications Administration and Support
• Support
• Provided consultation and support to facilities department.
• Supported sensor/alarm connectivity, signal-conversion, network continuity, and system monitoring for each locations power plant support.
• Implemented and deployed Facility Access and Control (FAC) System. Permitting the use of RFID access to most facilities. This involved both network and system administration.

Systems Engineer

Confidential, Austin, TX

Responsibilities:

• Member of team responsible for the design and deployment of OSS Solutions for several commercial and government accounts
• Responsible for implementing and supporting proof of concept solutions.
• Member of the technical team responsible for the design, Integration and implementation of a NeuralStar solution to manage the client’s optical, switch and IP networks. Implemented the NeuralStar Network inventory database. Contributed to the design of web-based customer network management applications.
• Developed the network element adapters that provided a common language medium (XML) between network devices and the OSS.
• The Confidential adapters provide act as a bi-directional translation mechanism enabling communications between any two systems.
• Designed, Planned and implemented historical data-migration. This data migration was necessary to ensure accurate network traffic utilization trending for capacity planning.
• Developed network element adapters using SNMP and CLI (Command Line Interfaces) including TL1 using the NeuralStar (VBA-based) development environment
• Provided on-site support and consultation to customer network engineers.

Network Systems Engineer

Confidential, Austin, TX

Responsibilities:

• Administrated LDAP database containing all subscriber configurations (e.g. QoS, VPI/VCI, Network Blocks, and Routing.)
• Researched, and configured the core network synchronization device. This included manually installing one Datum BITS shelf and GPS antenna.
• Designed developed and implemented the web-enabled network element command system (N.E.C.S.). NECS allowed (on-demand) authorized user to (globally) query, commit action, or probe all network elements, acquire the user specified information (i.e. serial number, model number, status, port availability, finger, ...), parse, and either post or e-mail the response as directed.
• Provided the OSS developers the system support they required to effectively operate. This support was most efficiently provided by means of “Expect” scripts that I had previously written while automating many portions of the network.
• Designed and implemented a remote element access server (INSOC) enabling users (technicians and engineers) to remotely access network elements via either WAN or dialup. The server audited all Network sessions and allowed full network element and user logging, a periodically backed up all production network elements, provided WBEM utilities such as web enabled system inventory, status polling and connection reporting.
• Designed and implemented an information server e-enabling all Network System’s Engineering, design, installation, and configuration documentation. (IP/VPI/VCI ATM schemas and Element Manuals.)
• Designed and implemented a root DNS server for our internal management (RFC1918) network. Modified Connect South's DNS servers to recognized NOCC0.NM.OPS as the root domain controller for .OPS root domain.
• Tested and documented several data, voice, timing, and Telco devices. Some of these devices are the Symmetricom, Marconi, Datum, ASC, Mariner Networks, Dexter Access 3000, Alcatel (Xylan), Lucent, Cisco, Redback, Nortel, AccessLan, Paradyne, Turnstone, ADC, Oracle, Foundry, Extreme, Western-Telematics, Lucent, Copper mountain, Netopia, and others.
• Proposed, designing, and provided support for LAN, WAN, and voice based solutions for to both existing and potential customers. The technologies involved were:
• Virtual Private Networking (VPN), Network Address Translation (NAT), Network Address Port Translation (NAPT), the TCP/IP suite. As product literature interpretation issues increased, hybrid network design and AD-HOC implementation became customary.
• Created the customer routable IP assignment guidelines as per RFC2050.
• This document was a large portion of the Connect South official policy for IP allocation. Ensured that our customer base was appropriately assigned the number of IP addresses they required. Upon utilization of no less then 80% of our allocated Internet routable IP blocks, I would request additional CIDR block allocation from the American Registry of Internet Numbers (ARIN). I would then work with ARIN to acquire said block.
• Distributed and divided our allocated IP addresses to our network provisioning team. The distribution of IP blocks was dependent on market size, and sales/marketing information. Trained others how to SWIP.