SUMMARY:

• IT professional with over 10 years of professional and progressive technical experience in engineering, implementation, escalation support/ticket resolution and supporting various enterprise technologies which includes proficiency in routing, routing protocols, switching, security, firewalls, wireless and data center technologies.
• Implemented local voice network using Cisco 2811 ISR (VoIP) with a Cisco Unity Express Network Module (NM - CUE), Cisco Communications Manager Express, Cisco 3550 Switch with POE.
• Created and managed Data and Voice VLANs, and configure ports with static VLAN assignment and 802.1Q trunks for layer 2 forwarding.
• Configured edge ports for fast-transitioning into the forwarding state to fix workstation startup connectivity delays.
• Implemented Unity Voicemail on the Cisco Unity Express Network Module.
• Configured dial-peer on a Cisco 2811 ISR to define attributes of packet voice network connections to Cisco Unity Express Network Module. Enabled call forwarding on busy/no answer. Implemented Message Waiting Indicators and Voicemail access via SMTP.
• Implemented a wireless network infrastructure providing access to wired LANs to increase mobility and productivity on Cisco WLC 2106, Cisco 3550 switch, Cisco 1130AG and 1121G series APs. Created wireless LANs and configure interface association, security parameters, and radios used. Managed the wireless network through the WLC web GUI.
• Prepared infrastructure for AP registration on same subnet as management VLAN for AP registration on different subnet. Configure AAA policies to allow Self Signed s for APs shipped without a Manufacturer Installed .
• Used the Cisco Configuration Professional to configure interfaces, passwords, hostnames, DHCP, EIGRP, and SNMP.
• Utilized Nagios XI (customized dashboard, SolarWinds Orion NPM, CACTI monitoring and graph traffic.
• Used the Wireshark tool to study HTTP, telnet, and SSL traffic.

TECHNICAL SKILLS DETAIL:

Routing/Switching Technologies: Cisco Routers ASRs/ISRs, Cisco Catalyst/Nexus, Juniper, Citrix, and H3C Routers & Switches, WAN, LAN, TCP/IP, Cisco IOS, STP, BPDU, CDP, ACL, NAT, PAT, OSPF, EIGRP, BGP, MPLS, VTP, SNMP, SMTP, TCP, Static Routing, VLAN Trunking, Multicast routing, HSRP, SVI, CEF, Portfast, VSS, VPCs.

Security/Firewalls Technologies: Cisco ASA 5500 series firewalls, Cisco Security Manager Suite, Cisco IPS/IDS, Cisco ISE, Cisco ASA firewall, Checkpoint Firewall, Sonic Firewall, Juniper SRX series, Palo Alto, AAA - TACACS+/RADIUS, SSH, VPN, SSL/IPSec, Internet Key Exchange Policy, Port Security, MAC Address Filtering, pfsence, Sophos UTM.

Wireless/Voice Technologies: Cisco WLC, IEEE 802.1x & 802.11, WLAN, WAP, AP, SSID, LWAPP, Aironet - VoIP, VoIP/SIP, CUCM, UCCM, UCCX, MGCP, RSTP, SCCP, STP, Quality of Service (QoS), PoE.

Monitoring/Data Center Technologies: Wireshark, Cacti, Nagios, Solarwinds, Ethereal, Orion, Remedy, F5 Big-IP LB (GTM/LTM), Citrix Netscaler, Cisco AnyConnect, Cisco Prime, Meraki Cloud-Based, SNMPv2, PTP, SFTP.

Server and Other Technologies: Microsoft Server 2008/2012/2016 , Exchange, Active Directory, Ubuntu, Kali Linux, FTP, Telnet, HTTP(S), SMTP, RDP, DNS, DHCP, VMWare, Altaro Disaster Recovery, Virtualization, VMWare, Python Scripting

SUMMARY OF PROFESSIONAL EXPERIENCE:

Confidential

Network Engineer

Responsibilities:

• Member of a team of professionals responsible for enterprise LAN/WAN network including design, implementation, service requests, and escalation support for datacenters, corporate, and branch offices.
• Technical Responsibilities include, but not limited to Network Security and Administration, Voice, Monitoring (Remedy), support of LAN/WAN technologies, servers and enterprise applications and desktop technologies
• Specific technologies include, but not limited to routers, switches, security firewalls, voice, wireless and related technologies along with various server/applications.
• Implemented VLAN Trunking Protocol to reduce administrative overhead and to control VLANs and VXLANs using NX-OS to ensure virtual and flexible subnets that extend further across the network than previous generation of switches.
• Implemented port-profiles in NX-OS for multiple ports and port-types to reduce errors and improve readability.
• Enabled encryption of system passwords and privileged administration to prevent unauthorized IOS user access.
• Implemented secure access and EXEC command interpreter interval to the console and vty ports.
• Created and managed Local VLANs based on department function, and configure ports with static VLAN assignment, static 802.1Q trunks, and dynamic ISL trunking using PAgP for layer 2 forwarding. Utilized VLAN Spanning-Tree in conjunction with PVST+ for compatibility between Cisco and Juniper switches and for root bridge assignment.
• Implemented frame-relay point-to-point and multipoint WAN links between sites to establish connectivity between four sites. Established frame-relay point-to-point connections between three sites to create full mesh network. Implemented hub and spoke network between three sites with the main office as the hub for redundant connections.
• Implemented EIGRP routing for point-to-point and Non Broadcast Multi-Access networks. Prevented neighbor adjacencies forming and sending/receiving routing updates on unnecessary interfaces. Implemented EIGRP MD5 between sites to prevent unauthorized insertion of routes into the domain. Implemented manual EIGRP route summarization to reduce demand on CPU resources, memory, and bandwidth used to maintain the routing tables.
• Implemented multiple area OSPF routing and totally stubby areas to lower the system resource utilization of devices. Implemented NSSA area to allow injection of external routes into the area and propagation into the OSPF domain.
• Implemented backup and recovery of Cisco IOS Images. Perform password recovery on Cisco IOS routers/switches and a Juniper EX2200 Series switch to restore administrative access. Backup and Restore startup-comfit file for the DR.
• Configured e/iBGP peering using directly connected networks and loopbacks with OSPF, ebgp-multihop, and Route Reflectors to provide routing information with debugging diagnostic commands to monitor BGP events.

Confidential

Onsite Support

Responsibilities:

• Member of a global enterprise engineering team responsible for deployment, administration and support of 24/7 mission critical technologies that include but not limited to routing, switching and security technologies.
• General responsibilities included but not limited to supporting engineers, administration, escalation support, documentation and of end users while following corporate policies/ procedures and meeting strict SLA.
• Implement an IPSec Site-to-Site VPN between the Cisco ASA5505 at small office location and Cisco 1841 ISR with a security IOS image at the main office. Implemented VPNs for IKE Policy using DES and SHA for encryption and authentication, access-lists to define VPN traffic, transform set using esp-des esp-sha-hmac to traffic protection, crypto-map to configured elements to a peer, and application of the crypto map to appropriate interface or VPN endpoint.
• Implemented of Zone-Based Policy Firewall on the Cisco 1841 ISR for three zones, applying class-maps as traffic crosses a zone-pair, policy maps to apply action to the class-maps’ traffic, zone-pairs, and application of policy to zone pairs.
• Implement a Clientless SSL VPN (WebVPN) to allow users to establish a secure, remote-access VPN tunnel to the Cisco ASA 5505 using a web browser. Prepare the Cisco ASA with necessary configurations to self-signed generation. Generate a general purpose RSA key-pair for authority identification, configure authority trustpoint for the WebVPN using self enrollment, and configure CA trustpoint interface association.
• Utilized Cisco ASA 5505 Modular Policy Frame-Work to configure and manage layer 3/4 interface service policies, apply inspection and connection limits to services, apply inspection and QoS policing to HTTP traffic. Configure HTTP inspection policy to block restricted sites and file downloads.