SUMMARY

• With almost 3 years of project experience and 5 years of overall IT experience, I consider myself a Jr to mid - level network engineer looking to utilize my expansive knowledge base to design and implement efficient, turn-key solutions to Fortune 500 enterprises and/or government institutions that will help promote business productivity and scalability along with further advancing my career in the IT/Telecommunications field.
• From the start, I have acquired the ability to work in a team environment or independently with general guidelines and minimal supervision.
• My proven ability to work with highly demanding customers has perfected my written and verbal communication skills allowing me to provide error free solutions to customers.

TECHNICAL SKILLS

Technologies: L4: DNS, DHCP, RADIUS, LDAP, LDAPS, TACACS+, RDP, ODBC, HTTP, HTTPS, FTP, SFTP, FTPS, Telnet, SSH L3: RIP, EIGRP, OSPF, IS-IS, BGP, PBR, PfR, NAT

Security: 802.1X, AAA, IPSEC, IKEv1, IKEv2, DMVPN, GETVPN, WEBVPN, FlexVPN, RSA, OTP, SSO, PKI, PSK, TBAR, CA Trustpoints, Cisco ACS, Cisco ISE, IDS, IPS, ASDM, CSM, NSM

General Networking: WAN, LAN, Infrastructure, Wireless Communications, IT Service Management, Best Practices

Platforms: Cisco: ISR 4400/3900/2900/2800/1900/1800/800, ASR 1000, 7200 VXR, Catalyst 6500/4500/4400/3750/3600/3500/2900, Nexus 7K/6K/5K/3K/2K, ASA 5500/5500-X, ISE 3400/WSE S170, MSE, Cisco Prime

Various: BlueCoat, PAN Firewalls, Checkpoint Firewalls, Juniper Firewalls, F5 Load Balancers

CLI Languages: IOS, IOS-XE, CatOS, NX-OS

Utilities: NMS, SolarWinds, Service Now, HP Openview, NetBrain, SourceFire, McAfee SIEM, Virtual Defence Center

Business: Microsoft Office Suite (Word, Excel, Project, Visio)

PROFESSIONAL EXPERIENCE

Confidential

Network Engineer

Responsibilities:

• Re-IP sites - 1 in Mukilteo Washington, 1 in Foxborough MA, 1 in Mexico and 3 in Argentina
• Sites were being upgraded from 3.x space to 10.
• Network discovery to update network diagrams
• Design new DHCP ranges for required SVI’s
• The entire network was redesigned to fit GE’s new standards to include VLANS, WLC’s, AP’s, Firewall rules, VRF’s and VPN Tunnels.
• Configured BGP address family, prefix-lists and route maps to reflect new IP addresses.
• ISE Buildout/BYOD Integration
• Design and implement Cisco ISE 3415 appliances within the network infrastructure.
• Configured Cisco switch interfaces for 802.1X
• ISE appliances were configured to authorize accounts and devices by authorizing them on the WLCs’ using BYOD profiling.
• Created an extended ACL to isolate the VLAN from general network.
• Used dual Distribution layer switches to act as HA pair for the site.
• The site wanted to use 2 ASA 5515Xs as an HA pair and for isolation.
• Used soft skills to leverage my idea and save the site unnecessary expenses.
• Design and implementation of 2 ASA 5525X w Firepower services
• Built Firesight management server
• Creation of 450 ACLs and 200 objects
• Added a 3850 switch to remove single point of failure at site
• Reconfigured network to provide redundancy at the Distribution layer
• Configured HSRP and L2/L3 EtherChannel on Cisco Catalyst 3850 Switches.
• Additionally site wanted to migrate from OSPF to EIGRP.
• Configured routers to redistribute EIGRP as well as OSPF into the BGP routing protocol while migrating.
• Migrated all OSPF areas into single EIGRP Autonomous system.
• Assessed site to determine requirements for build
• Acquired and implemented a stack of 3750 v2s and 3 1142 Aps

Site Refreshes

Confidential MD

Responsibilities:

• Replaced 6 Access layer switches with Cisco 2960-Xs
• Replaced 2 Distribution switches with Cisco 3850s
• Replaced 2 Routers with Cisco ISR 4321s
• Replaced 6 UPSs with PS1500 RT 3120s
• Replaced 2 WLCs with Cisco 5508s
• Upgraded Circuits from 10Mb Single MPLS w ISP DMVPN backup to 100Mb Single MPLS ISP DMVPN backup
• Replaced 6 Access layer switches with Cisco 2960s
• Added 8 Cisco 4000 series Industrial Switches to shop floor for machine connectivity
• Replaced 2 Distribution layer switches with 3850s
• Replaced 45 Access layer switches with Cisco 2960-Xs
• Replaced Cisco Routers with 4451s
• Conducted research and reverse engineering of different network sites.
• Used information gathered to provide standards and guidelines for future builds
• Created & documented wiring and network diagram.
• Creation of Health Monitors
• Deployed an ASA 5515X to restrict rogue traffic on the network.
• Non-standard build required the ASA to properly filter appropriate traffic
• Expanded backup datacenter in the Grand Rapids area
• Established new circuit and configured IPSec tunnels back to the head-end
• Reconfigured BGP relationships with dual ISP design
• Engineered BGP routing attributes (Route map, AS-path, MED, local preference) to load balance between multiple links
• Configured BGP with different attributes like Weight, Local Preference, MED, AS-path, Community, Origin, Next-Hop
• Leveraged the existing fiber optic local loops owned by GE for access into the sites current data center.
• Configured QOS involving policing, shaping and queuing towards Core and towards CE and PE routers on VzB MPLS network.
• Designed and Implemented a BGP/MPLS VPN for the service provider to the enterprise network.

Confidential, Franklin TN

Network Engineer & Security Specialist II

Responsibilities:

• Updated 1,500+ ACLs and NAT rules for Checkpoint and Sourcefire migrations.
• Designed and configured 1,200+ new ACLs, NATs, Objects, and Policies.
• Monitored and maintained a proactive approach to all LAN based devices in Confidential ’s North American sector and performed troubleshooting to resolve all issues.
• Analyzed weekly utilization reports to determine the best path for an optimized network.
• Maintained operational oversight over Confidential ’s MPLS network managed by Verizon.
• Used Service Now to coordinate and resolve all level 1/P1 ticket issues which are considered the highest.
• Installed LANs including network servers, routers, workstations, printers, and other peripheral devices.
• Operated and maintained local area networks, tracked significant problems, monitored performance, and performed upgrades to hardware and software as required.
• Installed and/or modified existing installations of network hardware, software, and other components relating to Cisco platforms.
• Maintained documentation regarding network configuration, operating procedures, and service records relating to network hardware and software.

Confidential, Baltimore, MD

Network Consulting Engineer - R&S/Security

Responsibilities:

• Installation of Cisco CSM for Firewall Management and Reporting
• Implemented eBGP with Dual Carriers and OSPF as IGP with Redistribution
• Provisioning of ACLs on Cisco ASA 5500 series Firewalls
• Provisioning of Cisco 2811s for remote customers for B2B IPSEC as CPEs
• Configuration and implementation of HSRP across Data Center core for redundancy and failover
• Configuration and implementation of TACACS+ for network device authentication
• Assisted with DR team to assess current failover risks and redesign for dynamic failover using IP SLA and fully redundant environment
• Reviewed and performed QA on various network design changes
• Evaluation of DMZ Distribution blocks to assess scalability and performance
• Designed and documented operator instructions for NOC team on upgraded environments and new protocol rollouts
• Assisted with configuration implementation on campus and branch site builds to conform to network standards
• Performed initial security audit of management/data plane and made recommendations based on Cisco best practices