We provide IT Staff Augmentation Services!

Network Engineer Resume

SUMMARY:

  • A professional wif progressive IT experience in engineering, deployment administration, integration, configuration, installation and troubleshooting of various technologies which includes proficiency in routing, routing protocols, switching, security, firewalls, voice, wireless and data center technologies.
  • Implement trunk ports and implement granular control of VLANs and VXLANs using NX - OS to ensure virtual and flexible subnets dat can extend further across teh network infrastructure TEMPthan previous generation of switches.
  • Implement port-profiles as part of teh NX-OS command structure dat allows for configuration of multiple ports and port-types via inherited configurations applied via a single command dat reduces administrative error and allows for better configuration readability.
  • Implement a virtual version of Nexus: Nexus1000v into VMWare to extend Nexus capabilities directly adjacent to virtual machines so dat they benefit from Cisco switching capabilities and network topology consistency ensuring VMs maintain their subnet/VLAN relationships during failover.
  • Implement secure privileged administrative access to teh Cisco IOS system. Enable teh encryption of system passwords to prevent unauthorized users access to passwords in teh system configuration.
  • Implement secure access to teh console and vty ports, and set teh interval dat teh EXEC command interpreter waits until user input is detected on teh Console and vty ports. Also, configure teh console and vty ports log messaging to not interfere wif active device configuration.
  • Implement VLAN Trunking Protocol to reduce administrative overhead. Enable secure sharing of VLAN information to prevent teh introduction of rogue devices from effecting teh VLAN database. Shutdown unused switchports following Layer 2 security best practices.
  • Create and manage Local VLANs based on department function, and configure ports wif static VLAN assignment, static 802.1Q trunks, and dynamic ISL trunking using PAgP for layer 2 forwarding. Utilize VLAN Spanning-Tree in conjunction wif PVST+ for compatibility between Cisco and Juniper switches. Configure edge ports for fast-transitioning into teh forwarding state to fix workstation startup connectivity delays. Modify spanning-tree parameters for manual root bridge assignment. Implement ether-channels between each switch using PAgP for negotiation. Modify ether-channel load balancing method.
  • Implement WAN links between sites using frame-relay point-to-point and multipoint connections to establish connectivity between each of teh four sites as required. Establish frame-relay point-to-point connections three of teh sites creating a full mesh. Implement hub and spoke network between three of teh sites wif teh main office as teh hub for redundant connections.
  • Implement EIGRP routing for point-to-point and Non Broadcast Multi-Access networks. Ensure dat teh spoke routers are receiving routing information about each other from teh hub. Configure EIGRP unequal-cost load balancing to also use teh lower capacity multipoint links when routing packets.
  • Prevent neighbor adjacencies from being formed as well as teh sending and receiving of routing updates on unnecessary interfaces. Implement EIGRP MD5 Message Autantication between sites to prevent unauthorized insertion of routes into teh domain. Implement manual EIGRP route summarization to reduce routing protocol demand on CPU resources, memory, and bandwidth used to maintain teh routing table.
  • Implement OSPF routing wif multiple areas for networks between sites. Implement totally stubby areas to lower teh system resource utilization of routing devices for teh network. Implement NSSA area to allow injection of external routes into teh area and propagation into teh OSPF domain.
  • Implement backup and recovery of Cisco IOS Images. Perform password recovery on Cisco IOS routers/switches and a Juniper EX2200 Series switch to restore administrative access. Backup and Restore startup-comfit file for disaster recovery.
  • Configured and verified internal BGP peering using directly connected networks.
  • Configured and verified internal BGP peering using loopbacks by using an interior gateway protocol (OSPF) to provide routing information.
  • Configured and verified external BGP peering using directly connected networks.
  • Configured and verified external BGP peering using loopbacks and ebgp-multihop.
  • Configured and verified internal BGP peering using a Route Reflector.
  • Used debugging diagnostic commands to monitor BGP events.
  • Configured and verified MPLS manually and using automatic configuration via OSPF.
  • Configured and verified virtual routing and forwarding (VRF) instances wif route-targets and route descriptors.
  • Configured and verified MP-BGP to send VRF traffic in an MPLS VPN.
  • Redistributed provider edge networks into MP-BGP.
  • Verified end-to-end connectivity over teh MPLS VPN.
  • Implement an IPSec Site-to-Site VPN between teh Cisco ASA5505 at small office location and Cisco 1841 ISR wif a security IOS image at teh main office. Implementation of teh VPN includes teh following configurations: Internet Key Exchange Policy using DES and SHA for encryption and autantication, access-lists to define VPN traffic, transform set using esp-des esp-sha-hmac to define how teh traffic is protected, crypto-map to associate teh previously configured elements to a peer, and application of teh crypto map to appropriate interface or VPN endpoint.
  • Implementation of Zone-Based Policy Firewall on teh Cisco 1841 ISR wif teh following components: three zones, class-maps specifying traffic dat must have policy applied as it crosses a zone-pair, policy maps to apply action to teh class-maps’ traffic, zone-pairs, and application of policy to zone pairs.
  • Implement a Clientless SSL VPN (WebVPN) to allow users to establish a secure, remote-access VPN tunnel to teh Cisco ASA 5505 using a web browser. Prepare teh Cisco ASA wif necessary configurations to self-signed generation. Generate a general purpose RSA key-pair for authority identification, configure authority trustpoint for teh WebVPN using self enrollment, and configure CA trustpoint interface association.
  • Configure Syslog on teh Cisco ASA5505 wif logging to a host and internal buffer. Forward all logging to an internal Syslog server for monitoring and management. Configure and manage Syslog output generation using custom message lists. Implement FTP backup of internal buffer when it is exceeded.
  • Implement Basic Threat-Detection, Advanced TCP Intercept, and Scanning Threat-Detection. Simulate attacks on network to manage threat-detection rates and verify Syslog generation.
  • Utilize Cisco ASA5505 Modular Policy Frame-Work to configure and manage layer 3/4 interface service policies, apply inspection and connection limits to services, apply inspection and QoS policing to HTTP traffic. Configure HTTP inspection policy to block restricted sites and file downloads.
  • Configuration and troubleshooting of high availability pairs of F5 BIG-IP devices via a GUI and CLI to provide a virtual web server utilizing round-robin selection to balance traffic on several web servers.
  • Implement a local voice network wif teh following network elements: Cisco 2811 ISR (VoIP) wif a Cisco Unity Express Network Module (NM-CUE) installed, Cisco Communications Manager Express, a standard Cisco 3550 Switch, and a Cisco 3550 switch wif Power-over-Ethernet. Create and manage Data and Voice VLANs, and configure ports wif static VLAN assignment and 802.1Q trunks for layer 2 forwarding. Configure edge ports for fast-transitioning into teh forwarding state to fix workstation startup connectivity delays.
  • Configure Fast Ethernet main and sub-interface assignments as required for intervlan routing. Implement static routes for local connectivity. Implement NTP server, DHCP server, and TFTP server for support of teh VoIP network. Modification of system level parameters including max phones, max directory numbers, display format for date and time, and setting teh Time-Zone.
  • Implement Unity Voicemail on teh Cisco Unity Express Network Module. Configure a dial-peer on teh Cisco 2811 ISR to define teh attributes of teh packet voice network connection to teh Cisco Unity Express Network Module. Enable call forwarding on busy or no answer. Implement Message Waiting Indicators and Voicemail access via SMTP. Daisy-chain PCs to VoIP phones to reduce network cabling costs. Utilize PoE ports for VoIP phones to reduce power infrastructure costs.
  • Implement a wireless network infrastructure providing access to wired LANs to increase mobility and productivity utilizing teh following network elements: Cisco Wireless LAN Controller (WLC) 2106, a Cisco 3550 switch, a Cisco 1130AG series Access Point, and a Cisco 1121G series Access Point. Create wireless LANs and configure interface association, security parameters, and radios used. Utilize teh Wireless LAN Controllers web GUI to configure and manage teh wireless network. Configure internal DHCP scopes for WLANs.
  • Prepare infrastructure for AP registration on same subnet as management VLAN and for AP registration on different subnet. Configure AAA AP policies to allow Self Signed s for APs shipped wifout a Manufacturer Installed . Implement AP Grouping to ensure WLAN SSIDs are only broadcast by teh APs desired.
  • Configured VLANs and access ports connecting virtual machines using teh NX-OS CLI on a Cisco Nexus 1000v virtual machine and VMWare vSphere Client networking.
  • Configured routing policies and service profiles for separate levels in an organizational hierarchy using a Cisco Prime Network Services Controller virtual machine. These policies and profiles were applied to Cisco Cloud Service Router 1000v (CSR 1000v) virtual routers.
  • Configured a CSR 1000v router using teh Cisco IOS 15.4 CLI.
  • Used teh Cisco Configuration Professional GUI to configure interfaces, passwords, hostnames, DHCP, EIGRP, and SNMP on a Cisco router. Used teh CCP monitoring tool to monitor traffic from dat router.
  • Configured teh Nagios XI monitoring tool to monitor routers and switches and customized its dashboard.
  • Configured SolarWinds Orion NPM and used it to monitor traffic on a network.
  • Configured teh CACTI tool to graph traffic from a router and to generate alerts based on a threshold traffic level.
  • Used teh Wireshark tool to study HTTP, telnet, and SSL traffic.
  • Implement trunk ports and implement granular control of VLANs and VXLANs using NX-OS to ensure virtual and flexible subnets dat can extend further across teh network infrastructure TEMPthan previous generation of switches.
  • Implement port-profiles as part of teh NX-OS command structure dat allows for configuration of multiple ports and port-types via inherited configurations applied via a single command dat reduces administrative error and allows for better configuration readability.
  • Implement a virtual version of Nexus: Nexus1000v into VMWare to extend Nexus capabilities directly adjacent to virtual machines so dat they benefit from Cisco switching capabilities and network topology consistency ensuring VMs maintain their subnet/VLAN relationships during failover.
  • Implement secure privileged administrative access to teh Cisco IOS system. Enable teh encryption of system passwords to prevent unauthorized users access to passwords in teh system configuration.
  • Implement secure access to teh console and vty ports, and set teh interval dat teh EXEC command interpreter waits until user input is detected on teh Console and vty ports. Also, configure teh console and vty ports log messaging to not interfere wif active device configuration.
  • Implement VLAN Trunking Protocol to reduce administrative overhead. Enable secure sharing of VLAN information to prevent teh introduction of rogue devices from effecting teh VLAN database. Shutdown unused switchports following Layer 2 security best practices.
  • Create and manage Local VLANs based on department function, and configure ports wif static VLAN assignment, static 802.1Q trunks, and dynamic ISL trunking using PAgP for layer 2 forwarding. Utilize VLAN Spanning-Tree in conjunction wif PVST+ for compatibility between Cisco and Juniper switches. Configure edge ports for fast-transitioning into teh forwarding state to fix workstation startup connectivity delays. Modify spanning-tree parameters for manual root bridge assignment. Implement ether-channels between each switch using PAgP for negotiation. Modify ether-channel load balancing method.
  • Implement WAN links between sites using frame-relay point-to-point and multipoint connections to establish connectivity between each of teh four sites as required. Establish frame-relay point-to-point connections three of teh sites creating a full mesh. Implement hub and spoke network between three of teh sites wif teh main office as teh hub for redundant connections.
  • Implement EIGRP routing for point-to-point and Non Broadcast Multi-Access networks. Ensure dat teh spoke routers are receiving routing information about each other from teh hub. Configure EIGRP unequal-cost load balancing to also use teh lower capacity multipoint links when routing packets.
  • Prevent neighbor adjacencies from being formed as well as teh sending and receiving of routing updates on unnecessary interfaces. Implement EIGRP MD5 Message Autantication between sites to prevent unauthorized insertion of routes into teh domain. Implement manual EIGRP route summarization to reduce routing protocol demand on CPU resources, memory, and bandwidth used to maintain teh routing table.
  • Implement OSPF routing wif multiple areas for networks between sites. Implement totally stubby areas to lower teh system resource utilization of routing devices for teh network. Implement NSSA area to allow injection of external routes into teh area and propagation into teh OSPF domain.
  • Implement backup and recovery of Cisco IOS Images. Perform password recovery on Cisco IOS routers/switches and a Juniper EX2200 Series switch to restore administrative access. Backup and Restore startup-comfit file for disaster recovery.
  • Configured and verified internal BGP peering using directly connected networks.
  • Configured and verified internal BGP peering using loopbacks by using an interior gateway protocol (OSPF) to provide routing information.
  • Configured and verified external BGP peering using directly connected networks.
  • Configured and verified external BGP peering using loopbacks and ebgp-multihop.
  • Configured and verified internal BGP peering using a Route Reflector.
  • Used debugging diagnostic commands to monitor BGP events.
  • Configured and verified MPLS manually and using automatic configuration via OSPF.
  • Configured and verified virtual routing and forwarding (VRF) instances wif route-targets and route descriptors.
  • Configured and verified MP-BGP to send VRF traffic in an MPLS VPN.
  • Redistributed provider edge networks into MP-BGP.
  • Verified end-to-end connectivity over teh MPLS VPN.
  • Implement an IPSec Site-to-Site VPN between teh Cisco ASA5505 at small office location and Cisco 1841 ISR wif a security IOS image at teh main office. Implementation of teh VPN includes teh following configurations: Internet Key Exchange Policy using DES and SHA for encryption and autantication, access-lists to define VPN traffic, transform set using esp-des esp-sha-hmac to define how teh traffic is protected, crypto-map to associate teh previously configured elements to a peer, and application of teh crypto map to appropriate interface or VPN endpoint.
  • Implementation of Zone-Based Policy Firewall on teh Cisco 1841 ISR wif teh following components: three zones, class-maps specifying traffic dat must have policy applied as it crosses a zone-pair, policy maps to apply action to teh class-maps’ traffic, zone-pairs, and application of policy to zone pairs.
  • Implement a Clientless SSL VPN (WebVPN) to allow users to establish a secure, remote-access VPN tunnel to teh Cisco ASA 5505 using a web browser. Prepare teh Cisco ASA wif necessary configurations to self-signed generation. Generate a general purpose RSA key-pair for authority identification, configure authority trustpoint for teh WebVPN using self enrollment, and configure CA trustpoint interface association.
  • Configure Syslog on teh Cisco ASA5505 wif logging to a host and internal buffer. Forward all logging to an internal Syslog server for monitoring and management. Configure and manage Syslog output generation using custom message lists. Implement FTP backup of internal buffer when it is exceeded.
  • Implement Basic Threat-Detection, Advanced TCP Intercept, and Scanning Threat-Detection. Simulate attacks on network to manage threat-detection rates and verify Syslog generation.
  • Utilize Cisco ASA5505 Modular Policy Frame-Work to configure and manage layer 3/4 interface service policies, apply inspection and connection limits to services, apply inspection and QoS policing to HTTP traffic. Configure HTTP inspection policy to block restricted sites and file downloads.
  • Configuration and troubleshooting of high availability pairs of F5 BIG-IP devices via a GUI and CLI to provide a virtual web server utilizing round-robin selection to balance traffic on several web servers.
  • Implement a local voice network wif teh following network elements: Cisco 2811 ISR (VoIP) wif a Cisco Unity Express Network Module (NM-CUE) installed, Cisco Communications Manager Express, a standard Cisco 3550 Switch, and a Cisco 3550 switch wif Power-over-Ethernet. Create and manage Data and Voice VLANs, and configure ports wif static VLAN assignment and 802.1Q trunks for layer 2 forwarding. Configure edge ports for fast-transitioning into teh forwarding state to fix workstation startup connectivity delays.
  • Configure Fast Ethernet main and sub-interface assignments as required for intervlan routing. Implement static routes for local connectivity. Implement NTP server, DHCP server, and TFTP server for support of teh VoIP network. Modification of system level parameters including max phones, max directory numbers, display format for date and time, and setting teh Time-Zone.
  • Implement Unity Voicemail on teh Cisco Unity Express Network Module. Configure a dial-peer on teh Cisco 2811 ISR to define teh attributes of teh packet voice network connection to teh Cisco Unity Express Network Module. Enable call forwarding on busy or no answer. Implement Message Waiting Indicators and Voicemail access via SMTP. Daisy-chain PCs to VoIP phones to reduce network cabling costs. Utilize PoE ports for VoIP phones to reduce power infrastructure costs.
  • Implement a wireless network infrastructure providing access to wired LANs to increase mobility and productivity utilizing teh following network elements: Cisco Wireless LAN Controller (WLC) 2106, a Cisco 3550 switch, a Cisco 1130AG series Access Point, and a Cisco 1121G series Access Point. Create wireless LANs and configure interface association, security parameters, and radios used. Utilize teh Wireless LAN Controllers web GUI to configure and manage teh wireless network. Configure internal DHCP scopes for WLANs.
  • Prepare infrastructure for AP registration on same subnet as management VLAN and for AP registration on different subnet. Configure AAA AP policies to allow Self Signed s for APs shipped wifout a Manufacturer Installed . Implement AP Grouping to ensure WLAN SSIDs are only broadcast by teh APs desired.
  • Configured VLANs and access ports connecting virtual machines using teh NX-OS CLI on a Cisco Nexus 1000v virtual machine and VMWare vSphere Client networking.
  • Configured routing policies and service profiles for separate levels in an organizational hierarchy using a Cisco Prime Network Services Controller virtual machine. These policies and profiles were applied to Cisco Cloud Service Router 1000v (CSR 1000v) virtual routers.
  • Configured a CSR 1000v router using teh Cisco IOS 15.4 CLI.
  • Used teh Cisco Configuration Professional GUI to configure interfaces, passwords, hostnames, DHCP, EIGRP, and SNMP on a Cisco router. Used teh CCP monitoring tool to monitor traffic from dat router.
  • Configured teh Nagios XI monitoring tool to monitor routers and switches and customized its dashboard.
  • Configured SolarWinds Orion NPM and used it to monitor traffic on a network.
  • Configured teh CACTI tool to graph traffic from a router and to generate alerts based on a threshold traffic level.
  • Used teh Wireshark tool to study HTTP, telnet, and SSL traffic.

TECHNICAL SKILLS:

Routing/Switching Technologies: - Cisco Routers (3900, 2900, 1900, 800 Series), Cisco Catalyst Switch (6500, 5500, 4900, 4500, 3750, 3560-X, 3100), Cisco Nexus 1kv, 2k, 5k Series, Juniper and HP Routers & Switches - WAN, LAN, TCP/IP, Cisco IOS, Spanning Tree Protocol, BPDU, CDP, ACL, NAT, PAT, RIP, RIPv2, OSPF, OSPFv3, EIGRP, BGP, MPLS, VTP, SNMP, SMTP, ARP, TCP, UDP, Static Routing, Stub Routing, VLAN, VLAN Trunking, VXLANs, Multicast routing, HSRP, SVI, CEF, Etherchannel, Portfast, VSS, VPC.

Security/Firewalls Technologies: - Cisco Security Manager Suite, Cisco ASA 5500 series firewalls, Cisco FWSM, Cisco IPS/IDS, Cisco ACS, Advanced Firewall Manager (AFM), Cisco ASA 1000V cloud firewall, Checkpoint Firewall, Juniper SRX series, Palo Alto, Protocols & Standards - AAA, TACACS+, RADIUS, SSH, VPN, IPSec, SSL/IPSec, Data Loss Prevention, Data Management Zone, Pretty Good Protection (PGP), Public Key Infrastructure (PKI), Internet Key Exchange Policy, Port Security, MAC Address Filtering

Wireless/Voice Technologies: - Cisco WLC, IEEE 802.1x & 802.11, WLAN, WAP, AP, SSID, LWAPP, Aironet, Bluetooth, Avaya, AURA - Voice Over Internet Protocol (VoIP), VoIP/SIP, CUCM, UCCM, UCCX, MGCP, RSTP, SCCP, STP, Quality of Service (QoS), PoE, MMDS, LMDS, CCK, DSSS

Monitoring/Data Center Technologies/APPS: - Wireshark, Remedy, Cacti, Nagios, VMware, Solarwinds, Cisco Security Manager Suite, Server, Sniffer, Ethereal, Orion - VMware, F5 Big-IP load balancing (GTM/LTM), Cisco AnyConnect VPN mtg, Cisco Prime, Cisco IPS/IDS, Meraki (MX 80, MX 220, MX 64, MS 220, MS225, MS350, MS420 and MR32 ) cloud.based - Splunk Enterprise, SNMPv2c, SNMPv3, DNS, DHCP, FTP, Telnet, HTTP(S), SMTP, tunneling protocols, PTP, SFTP, RDP.

Other Skills & Technologies: - Languages C, C++, C Sharp, Java, Assembly Language; Web Matlab, HML, CSS, JavaScript, PHP, Photoshop, Illustrator, Flash, Dreamweaver, ICDL

PROFESSIONAL EXPERIENCE:

Confidential

Network Engineer

Responsibilities:

  • Member of a team responsible for onsite LAN/WAN support deployment and configurations of routers, switches, wireless, voice, firewalls and related LAN/WAN technologies.
  • Secondary responsibilities including general escalation troubleshooting support and general administration to included LAN/WAN configurations, logical/physical diagrams based on company standards and policies.
  • Additional responsibilities included provided timely and accurate updates/reports to technical leads/managers relates to tasks and responsibilities dat are assigned and act as subject matter expert on routing, switch related activities.

Confidential

Analysis

Responsibilities:

  • Team member responsible for design, implementation, installation, configuration, maintenance and troubleshooting for teh whole contest network wif high uptime.
  • Racking, stacking and cabling.
  • Professional responsibilities included providing teh design documentation, planning and managing teh network.
  • Projects consisted of ACM International Collegiate Programming Contest for two years where teh team of three designed, programmed, prototyped and modeled a smart optimization technique to solve complex programming problems.

Confidential

Enginee r

Responsibilities:

  • Member of a team responsible for implementation, development, support, installation, configuration, and providing level 1 troubleshooting.
  • Racking, stacking and cabling.
  • Responsibilities included administration, documentation, escalation, following policies and procedures and scheduling as needed reports to management.

Hire Now