PROFESSIONAL SUMMARY:

Self - inspired and results-driven network / security / architect / engineer with extensive experience in designing, creating and managing multi-platforms focusing on LAN/WAN/Security systems, leading people and meeting goals. Managed project teams, implemented and supervised technology programs, administered multi-million dollar budgets, always staying focused on achieving results and ROI. An experienced network / security / architect / engineer who combines creative design and solutions thinking with excellent interpersonal skills -- efficient, well organized and accurate.

TECHNICAL SKILLS:

OPERATING SYSTEMS: HP3000, HP9000 Version 10.10, 10.20, 10.30 and 11.0, IBM AS400, SYSTEM 38, 3 MVS/XA, 3090 DOS/ESA, 3090 DOS/SP, 4381 DOS/SP, 9672 VSE/ESA, IBM 4680 FLEXOS/2, 4690 FLEXOS/2, IBM PC-DOS, OS/2 2.1, Warp, Warp Connect, Warp Connect Server, IBM LAN Server 3.0 and 4.0, Windows NT 3.1, 3.5, 3.51, 4.0, 2000 Professional, Server, Advanced Server, 2003, 2008, Windows 95, 98, ME, Windows 2000 Professional, Windows XP, Vista, Windows 7, Novell 4.11 IBM AIX 3.2.4, 4.1.4

SOFTWARE DEVELOPMENT LANGUAGES: COBOL, COBOL II, MICRO FOCUS COBOL, BASIC, Visual Basic, 4680 CBASIC 4680 COBOL/2, CICS, RPGII, RPGIII, FORTRAN, ASSEMBLER

EMPLOYMENT:

Confidential

Intrusion Analyst

Responsibilities:

• Analysis of IDS packet captures.
• Generate trouble tickets and install new IDS signatures.

Confidential

Security Engineer

Responsibilities:

• My primary responsibilities were problem analysis for the Security Team.
• I worked on production issues on the F5, Checkpoint, and Blue Coat systems.

Confidential, Omaha, NE

Sr. Network Engineer

Responsibilities:

• I was tasked to evaluate to the condition and states of our hardware and software for the Global Network Services team
• My primary objective of this project was to bring about a cultural change to the team. We needed to shift our processes from reactive to proactive.
• I started by migrating the many different NMS systems into two products, Spectrum and Cisco Works. Once I started to scan and base line the Network I found that the Old version of Spectrum was missing 800+ devices and did not provide any device backups.
• I also found that the inventory and Cisco contract controls had been ignored for the past 4 years resulting in hundreds of thousands of dollars wasted on decommissioned EOL/EOS hardware. In order to correct the contracts, missing audit trails and backup problems I deployed Cisco Works and Cisco ACS.
• With their deployment, we were able to reduce our expenses and remove EOL/EOS equipment as well as identify any PCI and security issues related to the IOS code running on the devices. Confidential 's main functions are providing VOIP over our Global network.
• We support over 65,000 IP Phones making us one of the largest private VOIP networks in the world. Our also have an outsourcing division where we connect customers via local connections into our Data Centers Business Process Zones.
• Within the private connection we tunnel VOIP back to their telco switches and use our citrix servers to host their applications.
• My system responsibilities included the engineer, deployment, maintenance, implementations and upgrades to the following systems: Checkpoint Nokia IP390’s, IPSO upgrades for 3 HA clusters and CheckPoint upgrades.
• It was my responsibilities to teach team members how to analyze problems, audit traffic and write efficient rules. It was my responsibilities to all tcpdumps of the firewall whenever needs were required
• Firemon used for PCI audit trails and rule usage analysis. Using Firemon I was able to eliminate 20% of rule base and optimize running code to reduce 30% of cpu load extending the life of our IP390’s.
• Cisco Wlse Wireless Server, used to control our wireless guest access for vendor meetings
• Fluke Visual Uptime Server, used to capture packets and statistics for our voip traffic.
• Fluke NetFlow Tracker appliance, used to analyze traffic patterns and link capacity
• Fluke NetAlly for VOIP and IPSLA testing, used to pre-certify links for voip readiness
• Fluke ASE, WGA, OPTIVEW, protocol analyzers deployed to trouble shoot voip traffic
• Cisco NAM’s, used in our smaller routers to analyze packets
• Cisco SSM 10 and 20, configured, maintained signature updates and automated code upgrades
• Deployed Cisco Security Manager for ids signature upgrades, configurations, multi-mode backups of ASA’s 5510, 5520, 5540, PIX 515, 515E, 535 and FWSM’s
• Deployed Cisco ACS server 4.2 and 5.0 appliances for tacacs and radius support to meet pci standards for audit controls. Integrate ACS into AD for single signon.
• CiscoWorks LMS for monitoring Cisco Specific errors on our 3500+ devices, implemented host specific snmp read write access of our devices. Use LMS to log all firewall access for audit trails
• Cisco Works NCM for PCI Auditing, Firewall backups, Code and software distributions.
• Blue Coat reporter, used to track all internet access, built custom reporting down to the subnet level for management review
• Blue Coat proxy server, using wccp we route specific subnets through the proxy server to limit and control internet access upon client request and contract needs.
• MARS administration, configurations, remediation and upgrades to all local and global controllers across the enterprise.
• GIGAMON’s configurations and deployments, for all call recordings and screen pops, setup spans and rspan to route all mpls traffic to the gigavue 420 and MP units.
• Responsible for all Core Taps and configurations of span and rspans
• Responsible for all customization of CA Spectrum Network Monitoring System including graphing, alerts, user security, network scans, device backups and code pushes.
• VOIP Customer implementations and analysis, with the use of Fluke Tools I was able to discover a COS design flaw in our dhcp configurations. The flaw allowed our ip telephones to transmit voip traffic outside the predefined Real time queue/ It also uncovered our mls qos issue where we were ignoring and dropping COS headers.
• Integrations of Call Recording Servers and SIP trunks, designing and implementing switch configurations to integrate out Avaya equipment
• Modifications to DHCP Server configurations for Avaya IP phones
• Pre-implementation Voip testing of all circuits installed globally
• Customer interactions on trouble shooting call bridges to determine source of outage and contract responsibilities to limit charge backs against SLA’s.

Confidential, Omaha, NE

Sr. Network Engineer /Sr. Security Engineer

Responsibilities:

• As a Senior Network Engineer of a highly fluid environment, my Duties cover an extensive range from personnel, project management, to network design and management.
• They also include circuit and route analysis, statistically reporting, new company purchase integration, New Datacenter build out, MAN and WAN network design and Business Contingency Planning. It also includes circuit redundancy, and trouble resolution, Openview, Ciscoworks, Cisco Secure ACS, MRTG, Web Content management, load balancing both Cisco Arrow Point and F5 LTM, Lucent Vital QIP dns/dhcp management, wireless infrastructure, intrusion detection, Cisco PIX and Checkpoint clustered firewalls.
• Support all of VPN our connectivity using F5 Firepass and Cisco 3030 hardware. Some of my most recent projects have included the upgrade and replacement of our Checkpoint firewalls using Nokia IP380’s to Checkpoint’s Splat using Dell 2800 servers and the conversion of Cisco PIX 535's to Checkpoint 9070's power appliances.
• The installation and implementation of our wireless network using Cisco’s WLSE solution and Cisco's Wireless Controller using AP1100’s and 1200's with s. Installation and upgrade to our internet OC3’s to OC12.
• The installation and integration of Lucent LitalQip 7.1 DNS/DHCP Solution into Windows 2003 Server Active Directory. I was responsible for upgrades our 6500 and 7600 switches to native IOS from CATOS.
• My primary Security responsibilities at InfouGroup were the design, deployment, and architecture our Check Point Firewalls, Intrusion Detection, Penetration testing and PCI remediation. I was responsible for the design and build out of an eight node multicast firewall design for our 2 Super Bowl ad campaigns.
• Using Checkpoint SPLAT as the base OS, I had to predictt the traffic volumes and built an 8 node multicast system that was financially responsible and provided the best throughput performance.
• During the running of the Ad’s, our 8 node firewall cluster was able to maintain 1.6 million concurrent connections per second load balanced equally across each node. We peaked out at 60% across the cluster and with the theory of scaling wide we were able to successfully defend multiple DOS attacks against the cluster and provide excellent performance throughput for all the Super Bowl web and database servers. When we searched for a replacement firewalls for our PIX 535 cluster, my first choice was CheckPoint 9070 Power appliances running SPLAT. Replacing the 535’s resulted in a 400+ Percent throughput increase for our mail servers and allowed us to expand our business accordingly.
• I led design and implementation project for our F5 Firepass VPN solution as a replacement for our aging EOL/EOD Cisco 3030 VPN.
• I lead the PCI two factor authentication project selecting, designing, and implementing RSA’s Secure Id with tokens.
• I led the Cisco WLSE replacement project using Cisco Wireless Controllers with s and existing Cisco wireless AP’s . I was responsible for Cisco ACS authentications integrating them into Microsoft AD, and LDAP.

Confidential, Griswold, IA

Owner

Responsibilities:

• Using Microsoft ISA Firewall, Checkpoint @home and @ work products, IIS, Front Page, and Exchange Server, and DSL I provided secure internet connectivity and web presence for my customers.
• Because of my broad background, I also provide any additional 3rd party software, and server or pc support my customers asked for.

Confidential, Cedar Rapids, IA

Sr. Network Engineer

Responsibilities:

• My primary responsibilities were the designing, monitoring and trouble-shooting a sophisticated and complex data communications environment - particularly as an “new-technology”, and “on-call” specialist working in the Network Technical Center, I also provided second and third-level support for all users.
• The majority of my work included the management of all network circuits, ISDN backup circuits, routers, and switches.
• Other duties included the monitoring, and trouble-shooting of all SNI, NDM, VPN, and FTP types of data transfers.

Confidential, Omaha, NE

Senior Systems Engineer

Responsibilities:

• Primary responsibilities included the design and implementation of local and wide area networks in a mainframe, client/server environment.
• The network topology included 10/100/1000 Meg switched Ethernet, 4/16 Meg token ring, 10 Meg TLS Ethernet.
• Replaced leased-line networks with our redundant frame-relay network using Cisco 2513, 2514, 2621, and 3640 routers to create a stable and efficient WAN.
• Designed, installed both ATM / DS3 and frame-relay networks to support data, voice/PBX integrations, video, SNA traffic - reducing monthly line costs 37% while providing free interplant long-distance phone services.
• Redesigned WAN to create a fully meshed frame-relay network with automatic failover to virtually eliminate any down time to the remote locations.
• Responsible for designing, installing, and maintaining Internet / Intranet sites, servers and firewall systems.
• Responsible for all server, mainframe, and satellite communication throughout the enterprise.
• Responsible for HP-Unix, SCO UNIX, Oracle databases, RF scanning equipment, IBM AS400 and mainframe VSE/ESA systems.
• Responsible for analysis, design, and implementation for all Internet, Intranet, Web, NT, Router, VPN, Firewall and intrusion detection Security systems.
• Responsible for Migration of 50 NT 4.0 servers to Windows 2000 and Windows 2000 Advanced Server with Active Directory structures and Enterprise and Group Policies.
• Installed Cluster services on Oracle Database servers and Network load balancing on Web server farm.
• Converted all mainframe printing to use Microsoft SNA 4.0 and HP LaserJet Printers.
• Responsible for all traffic protocol analysis SNA, TCP/IP, IPX, Token Ring, Frame-relay, and ATM. Through the use of HP Openview Network Node Manager, SMNP Mibs, 685 Fluke LanMeter, and MRTG.
• Responsible for the data-exchange infrastructure between NT, Unix, and mainframe.
• Through the use of Cisco Policy Manager and Cisco Secure Scanner, developed a system to detect policy infractions and open ports throughout the entire network, analyzed intrusion attempts, and recommended corporate policy changes to the Corporate Internet Policy Committee.
• Installed and maintained the following software products: SNA Server 2.11, 3.0 and 4.0, Proxy Server 1.0 and 2.0,ISA Server, IIS Server 2.0, 3.0 and 4.0, SMS 1.1, 1.2, 2.0, SQL Server 6.0, 6.5, 7.0, MS-Mail 3.5, Exchange Server 4.0, 5.0, 5.5, Novell Gateway Services, MAC file services, and ArcServe 6.0, 6.5, Oracle 7.2, 7.3, 8.05, 8i, FAX SR. 2.6, 3.0 and 3.01, FrontPage 97,98 and 2000, and Site Server 3.0 E-commerce edition, Windows 2000 Advanced server using Cluster services and Network Load BalancingPAMIDA INC. Omaha, NE

NETWORK ADMINSTRATOR

Confidential

Responsibilities:

• design / implementation of all local and wide area networks; topology included 10/100 base-t switched Ethernet and 4/16 Meg token ring.
• Corporate backbone was 100 Meg, fiber-optic, Ethernet.
• Wide Area Network used Cisco 2501, 2513 and 4000 routers.
• Responsible for all programming and problem analysis of the Cisco routers.
• Responsible for the installation / upgrades to the server software
• Responsible for Microsoft Back Office on all NT servers - including: SNA Server, SMS Server, Mail Server, Internet Information Server, Network Monitor tools, and SQL Server.

SR. PROGRAMMER ANALYST

Confidential

Responsibilities:

• system/data integrity and quality assurance. Duties included: all phases of for IBM 4683 cash registers, IBM 8580 PS/2 computers, and communications setup and installation for Store and Help-Desk personnel.
• Provided software documentation of user applications and manuals.
• Responsible for all software upgrades to PS/2 computers and registers.
• Functioned as project leader for conversion from Version 1 OS to Version 2 OS and installation of Electronic Draft Capture.

Confidential, Omaha, NE

TECHNICAL CONSULTANT

Responsibilities:

• Through the use of RMCOBOL 85, created the communications script files needed to support Confidential communications to Prime 9550. Trained customer support staff in operations and configurations.