Sr Infrastructure Architect Resume
Ashburn, VA
SUMMARY:
- Broad based, forward thinking Infrastructure Engineer/Architect and experienced professional.
- Excellent interpersonal skills, mediation and negotiator.
- Experienced in large scale global architecture, design, planning and strategic deployment of IT cloud infrastructure in support of critical US government international operations.
- Researched and directed implementation VMWare/KVM/RedHat/CentOS and Openstack environments.
- Expert in creating an IT vision, planning, budgeting, and implementing global IT services.
- Experienced, hands on infrastructure ‘go to guy’ supporting global web presence via multiple datacenter and international IT environments.
- Infrastucture implementation with large enterprise, ISP and IaaS experience.
- Wrote custom software to manage 1500 network elements and hundreds of servers in global ISP infrastructure.
- Expert at network security, management and tool development in Perl,shell and other languages.
- Lead, direct and mentor junior staff and have taught unix/linux to faculty, students and staff at the Confidential .
- Expert in unix/Linux sever administration, security and networking.
- Experience implementing datacenter network and system deployments, installation of multiple operating systems in multiple data center/ISP environments and providing backup strategies.
- Strong security focus. Strong team leadership and technical mentoring experience.
- Currently supporting clients in production KVM, public and private cloud environments.
- Designed and Implemented private cloud ( OpenStack/Proxmox) solution(s) for clients
- OpenStack Essex, Diablo ( Configuration of Glance, Nova, KVM, Libvirt, RabbitMQ, Cinder,Ceph)
- Designed/Implemented Ansible as well as Puppet classes and automations for use with and without Chef.
- Cfengine deployments including development of custom automation tools written from scratch.
- Designed and Implemented VMWare ESXi 3.x,4.1 Infrastructure
- Designed and implemented Linux R&D Beowulf computing cluster
- Implemented Linux backup strategy
- Setup and configured host intrusion detection system
- Setup and configured accounts for users and developers
- Wrote programs on an as needed basis to support Linux server infrastructure
- Setup and configured NFS, Samba, Apache, OpenSSH, X11, NTP
- Recompile kernel on an as needed basis
- Installed and maintained email server implementation (Sendmail,Postfix,IMAP,POP,SpamAssassin
- Documentation Experience
- Developed Network and Computer Security Policy
- Developed Server Disaster Recovery Procedures
- Documented off site storage records
- Developed Server Room Physical Maintenance Guidelines
- Database Experience
- MySQL 5.x, MariaDB 5.5, MongoDB, Galera 5.5
- Master w/ Multiple MySQL Slaves, Percona/InnoDB
- Installed and configured Oracle 8.1.7 and 9
- Wrote C/C++ software to interface with Oracle backend databases
- Configured enterprise level application to store archival records in Oracle database
- Host Intrusion Detection
- Designed and implemented host intrusion detection system for unix servers and campus network management system.
- Designed and configured access control filters to block traffic from unwanted sources.
- Removed all unnecessary processes/services on hosts.
- Design and implement NIDS for ISP datacenter
- Configured network infrastructure components (core, distribution and access layers) to centralize the collection of security alerts.
- Performed routine analysis of tcpdump output from campus DNS servers
- Configured SPAN ports to view traffic on secure networks.
- Performed penetration testing of critical administrative network for campus PBX.
- Performed routine scans of hosts identified by customers and outside companies to gather information and identify remote vulnerabilities.
- Performed scans of network infrastructure routers, switches and wireless access points to locate and identify known vulnerabilities as identified by security advisories from CERT (Computer Emergency Response Team) and other security groups.
- Designed and implemented campus virtual private network
- VPN provides access to central network components for network administrators
- VPN encrypts traffic for users of the campus wireless network
- Designed and implemented mult - datacenter, multi-site, international network.
- Project Manager for UMD Network Management System (NMS)
- Worked with engineers, technicians and management to build NMS requirements
- Interfaced with vendors to circulate NMS requirements documentation
- Coordinated visits and presentations by NMS vendors
- Coordinated engineer and management visits to vendor site for product demonstration
- Gathered input and feedback from technicians and engineers regarding various network management products (Big Brother,XYMON,HPOV,CIC/Netcool,CiscoWorks,CA Unicenter,Fidelia,Concord Network Health,MRTG,Smarts,SolarWinds,Aprisma,SMARTS,BMC Patrol and Panacya).
- Performed analysis of products and provided recommendation and reasoning to engineers and senior management
- Worked with senior management and financial personnel during the procurement process
- Designed and implemented $250,000 network management system
- Provided technical leadership to engineers, technicians and select systems administrators to bring them on board with the new network management system
- Provided technical assistance and guidance during the turnover of the network management system to line engineers
SELECT SKILLS:
Security: OPSEC 1300 Certified,BS7799,VPN,netcat,nmap,intrusion detection, host security, firewalls, acls, incident report writing, backups, awareness training,Tripwire,ipfw,viruses,log review
System Administration: Ubuntu,CentOS,FreeBSD, Linux,Unixware, Solaris, Root Name Server support on both c.rootservers.net and d.rootservers.net, DNS
Programming Languages: C/C++, Java, Perl, Prolog, PHP, Javascript,Python
Network Management: Experience with many open source and commercial NMS tools and software (Cisco Info Center/Netcool, Visionary, WebTop, ISMs, Omnibus, Reporter, Cisco Works, HPOV, MRTG, Concord, Fidelia, Nagios (NetSaint)),xymon/big brother
Telecom: Avaya G3, Definity Network Management,Asterisk/VOIP monitoring
Operating Systems: Cisco IOS,Cisco SanOS, CatOS, JunOS, FreeBSD, Red Hat Linux, Ubuntu, CentOS,Solaris, Windows,VMWare, Xen/Xen Cloud Platform, Vyatta 6.2
Databases: Percona, MySQL, Oracle
Protocols: OSPF, BGP, HSRP, VRRP, SNMP, DHCP, TCP/IP, DNS,SMTP,HTTP, HTTPS, FTP, SSH, IPSEC, CDP,NTP,NNTP, Ethernet, 10GigE, GigE, FastEthernet, CSMA/CD,STP,802.1q,802.11,VTP
Network Hardware: Cisco Nexus 7k,5k,2k, Cisco ASR Series Routers, Cisco ASA5585-X w/ IPS, Cisco 6509E,VSS720 sups,Juniper M160, Cisco Routers (7000, 2600,3550), Cisco Catalyst Switches (1900, 2820, 2900, 3500, 3750,4000,5000, 6000,6500), Cisco wireless access points,Cisco VPN 3005-3080, F5 LTM 3900/2900, Checkpoint 12200/12400
Wiring: Cat 3,5,6 UTP (extensive wiring experience)
Tools: Fluke wire testing tools (Enterprise LANMeter, LAN Vision Suite )
Backups: Veritas NetBackup 5.x, 6.x,6.5.x, Amanda,dump,restore,rsync, rsnapshot
Configuration Management: CVS, Subversion, git
EXPERIENCE:
Confidential, Ashburn, VA
Sr Infrastructure Architect
Responsibilities:
- Provided Infrastructure support and guidance to R&D, Manufacturing and Commercial IT groups to ensure that IT implementations (network, storage and compute) aligned with scientific and business requirements .
Confidential, Frederick, MD
Cloud Engineer
Responsibilities:
- Provide input and support of global server infrastructure and datacenter environments
- Upgrade production Redhat KVM environment and implement custom tools as needed to manage over 2000 servers.
Confidential, Ashburn,VA
Network Architect/Engineer
Responsibilities:
- Provided input and support of critical global datacenter cloud network and system architectures including Juniper,NetApp, F5, Cisco UCS, Cisco ASA firewall and Cisco Nexus 7k technologies.
- Upgraded production datacenter edge BGP circuits and peering.
- Migrated client from legacy Cisco firewalls to ASA 5545/5585 models.
Confidential, Reston,VA
Network Architect
Responsibilities:
- Developed and authored the Confidential Datacenter Network Reference Architecture
- Worked with cross - functional Confidential teams (i.e., network engineering, operations, platform and security) to develop long-term datacenter network reference architecture.
Confidential, Chantilly, VA
Sr Infrastructure Engineer
Responsibilities:
- Designed, Implemented and Manage multi - site, multi-datacenter, national and international cloud.
- Led team of engineers to build physical and cloud platforms to support global Ruby on Rails based web service.
- Recommended and implemented network management system to monitor all services
- Provided budget based recommendations for network infrastructure and server equipment
Confidential, Herndon, VA
Sr Unix Administrator, Lead
Responsibilities:
- Developed company wide IT Tools platform for use by network engineering, NOC and Abuse staffs
- Designed and implemented network and host intrusion detection system
- Designed and implemented global backup strategy including fiber SAN
- Provide hands on support for global network management system
- Develop web applications and command line tools as needed
Confidential, Potomac, MD
Network and Computer Security Consultant
Responsibilities:
- Designed and Implemented Computing Infrastructure for local businesses
- Provided recommendations for corporate backup and restore
- Design and maintenance of scientific computing cluster
Confidential
Network Administrator/Programmer
Responsibilities:
- Architected and implemented company network and vpn
- Architected and implemented R&D Linux cluster
- Provide computer and network security monitoring
Confidential, College Park, MD
Network Engineer
Responsibilities:
- Advanced Initiatives and Architecture
- Architected and implemented campus wide network management system
- Designed and implemented campus virtual private network service
- Provided security recommendations to senior management
- Provided intrusion detection capabilities for network and unix cluster
- Configured Cisco and Juniper network elements