SUMMARY:

A seasoned IT professional offering over 20 years experience with security voice and data projects. Projects and resources managed involved L2 L3, firewalls, IPS/IDS,DLP, wireless, Data Centers, VoIP, content switches, servers, data bases, data centers, thin clients and multiple Unix / Linux operating systems. Thoroughly understand the OSI model and its interaction with the flow of data..

SUPERIOR KNOWLEDGE IN THE FOLLOWING AREAS:

• Penetration / Analysis
• Firewalls / Load balancers
• IP Refresh / Subnetting
• SOP’s / Documentation
• VoIP / Wireless
• L2 / L3 expertise
• DLP / SIEM / MARS
• Architect / Troubleshoot
• CNE / MCSE

TECHNICAL PROFICIENCIES:

L2 - L7: Cisco Nexus NX-OS, IOS OS 2800-7200 routers, F5, Cisco 11000, SANs, Nortel Passport, BCN’s, Juniper, Ciena and Extreme

Protocols: BGP, OSPF, EIGRP, SIP, DHCP, TCP, UDP, PIM, STP and HTTP

Firewalls: Cisco ASA 55xx, PIX, Checkpoint, Netscreen, Sonic Wall and Barracuda

OS/Servers: MS 2012 & 2007 Exchange, AD, Unix, GAiATM, Splat, Linux,and MAC OS X

VoIP: Cisco Unified Communication, Avaya, PBX and Nortel

WAN: VPN’s, EPL, MPLS and PTP

LAN: VLANS, VRF, VDC, VPC, DWDM, Spanning tree, 1-10 Gig E

Redundancy: VRRP, HSRP, PAGP, LACP, ECMP, SMLT 802.3ad

Management: LINUX, ACL’s, TACACS, MAZU, Solarwinds, Hp Node Mgr Cisco Works and Net Cool

Wireless: 802.11(B, G and N), Meru Aerohive Cisco controllers, WAP and access points

Tools: /Analyzers: Wireshark, Snort Sourcefire, Loglogic, IDS/IPS, Sniffer, TCP dump and NetScout, Analyze Log Logic, NAC, Riverbed, Websense, Tippingpoint

PROFESSIONAL EXPERIENCE:

Senior Network Architect

Confidential, Bristol, Pennsylvania

Responsibilities:

• Provide security audits for PCI compliance obtaining information utilizing barracuda IDS/IPS and ASA / Checkpoint Firewall rule sets.
• Design security network for all 345 retail stores throughout the US and abroad.
• Design private VRF s for compliance and security concerns.
• Interpret Wireshark traces determining application and or network issues
• Utilize extensive knowledge of OSI model to assist with application issues.
• Provide counseling for Cisco Nexus / 6500 Core focusing on application support and enhancement.
• Provide Linux/ Unix support for corporate applications
• Re Engineer both guest and corporate 4402 Cisco wireless controllers and WAP s
• Provide Third tier 24X7 support for day to day operations concerning the network infrastructure.
• Re Design and audit Cisco ACE 11000 load balancer to migrate all data to the F5
• Review and customize all logs with log Logic to mitigate false positives and improve reporting.

Senior Network / Architect

Confidential, Wayne, Pennsylvania

Responsibilities:

• Convert CAT-OS 6509 EOL core to nexus NX-OS 7000 series including migrating from EIGRP to OSPF NX-OS
• Troubleshoot CUCM, call manager, unity, create routed dial peers and patterns.
• Engineer and implement Aerohive wireless 802.b fully secure wireless solution
• Convert a ASA 55.xx to 5585 ASA, for the VPN. Designed context including access and business to business, with a DMZ
• Covert core from 4500 base to FEX dual homed access with device teaming
• Upgrade, monitor and design Cisco NAC, IPS / IDS utilizing Websense, create policy’s and mitigate false positives and false negative access.
• Work with ASA DMZ for a newer secure server infrastructure
• Convert outsourced DNS to in house.
• DLP expert, Log Logic expertice

Senior Security Specialist/Architect

Confidential, Indianapolis, Indiana

Responsibilities:

• Designated Project Lead responsible for technical deliverables such as process documentation, change control updates, tracking sheet and all project specific customer communications for a 1.5 million dollar infrastructure upgrade.
• Designed and implemented a Cisco 5585 ASA from a PIX 3000 concentrator and 20,000 ACL’s.
• Designed and implemented various Checkpoint GAiATM and Cisco site to site VPN’s utilizing expertise in Phase one phase two IPSEC implementation and root cause analysis.
• Designed and scripted diverse network traffic using NAT, route maps, static’s and ACL’s for the Infrastructure.
• Provided security audit including an IP Refresh and subsequent implementation of recommendations to primary and third party customer’s multi vendor’s firewalls and related security devices including BYOD and malicious content data matching utilizing Log Logic.
• Engineering Lead for the Lilly DMZ Project responsible for the design and deployment of the new 2 million dollar infrastructure for the US based Data Centers

Network Security Architect

Confidential, Whitehall, PA

Responsibilities:

• Responsible for designing and implementation of high availability network infrastructure increasing up-time to 99.98%
• Utilized F-5 BIG-IP for load balancing and maximum uptime.
• Implement network Intrusion Detection monitors. Analyze alerts for malicious network traffic.
• Configure and implement Checkpoint GAiATM VPN Remote Access Solutions.
• Installed and maintained network of Cisco 6500’s, 3550 switches and 3500 routers.
• Implemented firewall rules on Sonicwall and PIX to secure perimeter & DMZ.
• Configure Router to Router VPN and IPSEC connections.

Telecom/DataComm Manager

Confidential, Cranston, RI

Responsibilities:

• Responsible for security, networking and telecommunication technologies for corporate and retail stores.
• Tier three support for engineering and configuring the network infrastructure. Subject matter expert on S8700 PBX, VPS’s, MPLS, routing, L2 switch, firewall, servers, WEB and Email applications.
• Configured Avaya S8700 with site manager adding features, upgrade firmware, vectors, groups, trunks, members, ports, resolve errors/alarms and CMS reporting, call redirection and intuit voice mail maintenance.
• Enhanced designed and configured WEB and Big IP F 5000 email application load sharing and disaster recovery. Prioritized traffic utilizing QOS, Netflows, Checkpoint GAiATM Firewalls, DNS, NAT, BGP and CIDR.

Remote Systems Technician

Confidential, North Kingstown, RI

Responsibilities:

• Support hardware and software for 4,000 healthcare facilities including international locations.
• Utilized LogMein to remotely take control of servers and clients to locate viruses, bugs, repair SQL and OS issues. Ran tuners, patched OS, sync’d data and upgrade software.
• Interpret system logs and take appropriate actions with Sonic and external firewalls, VPN’s, All Microsoft OS’s and SQL issues.

Net Design Engineer

Confidential, Worcester, MA

Responsibilities:

• Collapsed a life critical 6507 and multi vendor L2 switches to a Cisco 6513/SUP32 for approximately 550 devices for operation rooms, triage, ICU, wireless and fetal monitoring.
• Designed network for critical applications for Marlborough Data Center.
• Implemented and troubleshoot Checkpoint GAiATM and Cisco ASA 5500 series firewalls.
• Implemented and configured Nortel and Cisco IP phones utilizing CUCM.
• Provided traffic usage and bandwidth analysis reports.
• Troubleshot layer 2 spanning tree and layer 3 network outages.
• Utilized Visio for detailed documentation of the network.
• Collected and interpreted Wireshark captures to determine network latency.

Senior Engineer Contractor

Confidential, Mansfield, MA

Responsibilities:

• Designed SONET ring, physically terminated and lit dark fiber, troubleshoot OSPF BGP integration issues.
• Implemented secure Vlan’s, DMZ’s and Checkpoint GAiATM R75 firewalls for the town municipalities and offices.
• Rack and stacked layer 3 switches throughout town offices.
• Created Visio documentation for entire network infrastructure.
• Co owned and operated a retail nutrition store that focused on weight loss, food allergies and supplemental products.
• Managed all aspects of accounting, merchandising, marketing and customer relations essential for the building of the business.

Global Manager

Confidential, Boston, MA

Responsibilities:

• Converted Nortel / Bay ARN's with Cisco L3 switches for the Global Infrastructure.
• Installed VLAN’s, VPN’s and Cisco wireless access points.
• Architect global network for Tokyo, Singapore and London with redundancy to support fail over for disaster recovery and continuous twenty four hour operation.
• Maintained budgets and created RFP’s for specific technology driven projects.
• Implemented policies and rules for Checkpoint and PIX firewalls to allow secure market data feeds such as Bridge, Bloomberg and Reuters access into the network.
• Reviewed security logs and protocol analyzers to mitigate network issues, determine false positive and external security threats.

Data Communication Manager

Confidential, East Providence, RI

Responsibilities:

• Managed multi million dollar projects for data communication while managing 40 employees and consultants with accountability for Rhode Island, Connecticut, New Hampshire and Massachusetts states.
• Designed Rule base for Checkpont Nokia Firewalls
• Reconfigured Nortel/BAY BCN’s ARN’s for the Connecticut and New Hampshire bank acquisition.
• Designed a private SONET backbone to service all of the Rhode Island office locations, branches and their applications. This elaborate implementation saved costs over 1 million dollars.