SUMMARY

Over thirteen years experience in network design, implementation, and support for commercial and government clients.

TECHNICAL PROFICIENCIES

• Platforms: Cisco IOS, Cisco CAT, Cisco Nexus, Juniper OS
• Tools: Microsoft Office Suite, Visio, TrackIT, SolarWinds
• Networking: Juniper MX960, MX480, MX240 / Cisco 941 / 2811 / 2821 / 2950 / 3750 / 3760 / 3800 / 4000 / 4506E / 6509 / 6509E / 7206 / Nexus 1000v, 2K, 5K, 7K / ASA 535 / 5520 / Cisco CSS / Cisco ACE / Radware LinkProof
• Protocols: OSPF / BGP / EIGRP / RIP / Static routes
• Software Configuration: STP, SSL VPN, ACLs, NAT, PAT, Routing, NFS High Availability / LACP / PAgP / ACE Virtualization
• Circuits: T1 / DS3 / 10GB Dark Fiber / Verizon TLS / E3

CAREER EXPERIENCE

Confidential

Network Consultant

• Studied theConfidential Trade Administration ITA global network infrastructure with two data centers and 42 world wide remote offices. Responsible for the new design and implementation using the Amazon Web Services AWS, Virtual Private Clouds VPCs . Created a MS Visio representation of the requirements from ITA. Studied the complexities of the Checkpoint firewall, Cisco CSR 1000v and AWS VPCs for IPSEC tunnels from four VPCs to communicate seamlessly.
• Presented a design with the CSR1000v to use a 250Mbps standard license to handle the VRF Lite routing and NATing needed for the four AWS VPCs. Then to send all traffic to the Checkpoint firewall for VPN termination on one interface/subnet.
• Created a MS Visio network diagram for the implementation of Nexus 5k and 2K in the main data center. Created a quote for a Cisco routing daughter card for the Nexus 5k to complete the design. Created a MS Visio diagram for the DC main office as well for mapping out infrastructure future growth. Assisted a mid - level engineer with a infrastructure refresh project, replacing Cisco 2800 and SonicWalls with a Cisco 2900 and ASA IPSEC tunnels. Researched the ASA licensing to accommodate 42 IPSEC tunnels.

Confidential

WAN Support Engineer

• Studied the Amazon Web Services, AWS, global network infrastructure with eleven points of presence located located in eight countries. Responsible for maintaining ninety routers. These routers consist of Edge, VPN, and customer site routers Juniper models MX960, MX480, and MX240 . These devices are configured with BGP, MPLS, VRFs, and static routes.
• This network was previously supported by software engineers and therefore no standard network documentation was available. Created a network Concept overview and global map using MS PowerPoint. Also created a MS Excel spreadsheet containing the relevant information needed for support and maintenance Router DNS names, IOS version, 32 or 64 bit bus size, model number, and serial number . IP addressing was not included as it is managed by another internal LAN team.
• Presented industry standard network document examples as a reason for utilizing MS Visio. MS Visio was subsequently approved and procured. Began documenting each Amazon location in detail. Downloaded Juniper stencils and loaded them into Visio. Documents will be used to train newly hired WAN support engineers. Documented that edge devices had two to four backup routers, one to two VPN aggregate routers, and customer site routers had two routing engines as backups. This Wide Area Network had a total of 92 routers I supported in day-to-day activities.
• The software engineers did not consider traffic patters when accessing the network devices and found that Linux could bypass the routing shell and used FTP to communicate directly with with the Unix kernel. Demonstrated to the software engineers the security risks associated with FTP and provided a trace of the traffic pattern to show that they were using the client cloud for all router changes which was causing latency in the customer cloud . Assisted with development of scripts for the Linux terminals to ensure the management traffic would pass through the terminal servers and changed their access method to SFTP.
• DARYL scripting is imbedded in the change management system. Quickly learned DARYL scripting techniques to create and trouble-shoot the changes. Changes in the AWS WAN occurred every five minutes and locking the configuration with the command edit exclusive was needed for most changes.
• Amazon utilizes a proprietary device named Blackfoot to change Layer 2 information on a Layer 3 interface. I created a backup LACP channel on the Juniper MX960 to fix the problem when one of the interfaces went down. This allowed the interface going down to move to another LACP channel and to update the monitoring software that could immediately disable the interface and prevent a data sink.

Confidential

Senior Network Engineer/Network Lead

• Studied the USMINT network infrastructure of two data centers and six remote sites and stabilized the support level of the Data Network staff to meet the Service Level agreement. Completed a partial installation of Cisco Network Admission Control NAC 4.6.1 out-of-band virtual gateway solution. I documented the entire agency-wide deployment, then finished the installation site-by-site for 6 sites.
• Upon completion I upgraded the NAC system to 4.8.0, then to 4.9.1 to take advantage of MicroSoft Windows 7 support. Fixed many switch configurations to increase the speed of the NAC Client, these included turning off Dynamic Trunking Protocol DTP as recommended by Cisco in 2011. Also solved a major routing issue at one of the NAC sites as NAC 4.9.1 included a requirement of traffic passing through NAC CAS before hitting the regular gateway. Created a BGP 4.0 redundant active-active failover solution for the 2 data centers with Policy Based Routing.
• Researched the USMint Network Intrusion Detection IDP and found issues with massive amount of scripts that were active, but not configured correctly and not being used. Implemented a project for benchmarking the 44 user switches at six locations. Gave the client the option of different security standards. The client chose CIS security standards for this project.

Confidential

Network Consultant

Setup a Cisco ASA 515 Firewall for a small home network, setup an old MS windows workstation for another home internet use, and converted another home to private ip addressing using a Z router that included a Firewall.

Confidential

Acting Manager of Network Engineering / Network Engineer

• Identified a number of management issues in the Route/Switch R/S team and communicated these to the Director of Internetworking INET Group: nonstandard project plans, insufficient testing of delivered services, underutilization of staff, and poor relationships with the Security Team as well as other IT Departments. I solved these by instituting project plan standards, requiring that the correct IP addresses/required resources be tested before delivery to clients, setting new objectives for the entire staff, and instructing staff to treat everyone as a customer.
• Implemented a number of changes to increase productivity including removal of project management functions from the R/S team, implemented a new priority system, and used staff input to design the team meeting structure. Ensured all staff had appropriate duties from senior staff to interns to help determine the proper staffing needs. Started the development of interdepartmental relationships to ease the burden of sudden high priority requests.
• Presented the Manager of Technical Services Group TSG with a high level overview of private IP addressing and possible conflicts with our Largo networks to aid our efforts of gathering requirements for the Largo Computer Management CMIT lab. Redesigned the lab based on the new requirements the night before the class started.
• Assisted the web development team in evaluating a product designed to accelerate access for a Contact Management software. Found upon further technical analysis that this product would actually have led to disruption of services due to their discovery daemon . Recommended utilization of the CISCO ACE Application Control Engine Module instead.
• Researched a PeopleSoft connection problem for the following remote sites: Europe, Asia, and Largo. Found the Cisco CSS load balancer sticky table was incorrectly configured to use a first in, first out FIFO table refresh policy. Sticky connections were staying open for nine days and rejecting new connections for this application. Added a sticky connection inactivity timeout statement to the configuration for these users to mitigate the issue until implementation of the Cisco ACE.
• Recognized flaws in a course provided by Radware for their LinkProof Wide Area Load Balancer. Designed and implemented LinkProof to be used when the failover issues were resolved. UMUC used LinkProof to manage two data centers, it is similar to F5 but LinkProof includes traffic mapping. Redesigned the training material to include consistent naming conventions on user programmable objects. Created a block diagram to demonstrate the hierarchical nature of the object oriented configuration. Created IP address and port conversation diagrams. Trained the UMUC Network engineers, Security engineers and Senior Manager on Radware LinkProof.
• Assisted the Director of INET Group with a possible security venerability relating to power. Reasoned that a signal from a power source using power cords with unused wires could be used to corrupt our network devices as the chips inside the Cisco switches will process data from any source. A signal could be created using two unused wires in the power cord to oscillate across the power spike protection of the Cisco devices.
• Introduce a Juniper EX 3200 48 port Layer 3 switch along with a Juniper bootcamp for the senior staff and asked the engineers to read the standard RFCs before designing complex solutions. This tactic enabled the successful testing of a redundant ISP backup solution using BGP between two data centers. Previous attempts by a Cisco only engineer failed.
• Implemented the high level design for a new building in Largo building utilizing a Cisco 6509-E, Cisco 4506-E, Cisco 3750G-POE, Cisco 3750G, 3650G, Cisco 7606, Cisco 1941, switches and routers. Aruba Wireless and Cisco ASA firewalls. Utilize the following protocols: BGP, OSPF, HSRP, Cisco DHCP, and NAT. After the high level design of the data center was finalized. Created the build of materials BOM with lead time and delivery dates of all equipment types and quantity. Included the Smartnet Maintenance data. Utilized American Power PDUs in each rack to meet environmental requirements for energy consumption.
• Ordered the racks and associated screws for the Largo data center and closets. Worked closely with the maintenance engineers and expressed redundant power requirements in Amps for the data center and closet rack placement.
• Used MS Visio to develop rack elevations diagrams for the rack elevations installation. Marked the position of the racks with blue electric tape on the floor of the data center to mark the position of the racks. Also worked closely with Verizon for WAN access making sure the customer point of takeover was positioned correctly in the data center.
• Implemented Aruba Wireless and Cisco ASA firewalls. Utilized the following protocols: BGP, OSPF, HSRP, Cisco DHCP and NAT. I installed the Cisco 6000 power supply and the Fiber adapters after the switches were installed in the rack to minimize any damage to these devices.
• Assisted in the design of the new data center plan for Nexus 7K, 5K and 2K by designing the virtualization of the Cisco Nexus 7K and the new Cisco ACE. This design was built to minimize CAT6 cabling and reduce issues with patch panel design. The Cisco 2K switches placed strategically in each row of racks allowed for fiber connectivity to the network core and kept all CAT 6 inside the server racks. Received formal training in the Cisco ACE.
• Met fluid deadlines in building/documenting the Disaster Recovery DR site and the Largo network infrastructure. Installed all hardware, cabling, and labels in order to implement these projects within the desired timeframe.
• Designed and implemented the Cyber Security Lab a very high profile degree and certificate program - in Largo on time and within budget. Changed the design several times due to lack of technical ability by the vendor for Radware Linkproof.
• Worked with the security team to trouble-shoot Cisco ASA 5510 with Network Intrusion detection Module IDP .
• Redesigned the Largo OSPF implementation within minutes during production to solve a major design flaw. Implemented OSPF Totally Stub Areas to the Largo network. This was to proactively protect users from possible network issues. Also implemented OSPF Security to the design as well.
• Maintained team relations through open communication and mutual respect. Gained confidence and developed rapport with Largo Help Desk, Telecomm, TSG, and Facilities. Designed, implemented and supported the main data center, the DR, and Largo datacenter using EIGRP, OSPF, static routes, HSRP, VRRP and BGP.
• Recommended adding firewalls at both ends of the five UMUC Verizon TLS circuits due to the lack of security of shared media. This was subsequently implemented. Trained junior Network Engineers on IP addressing, VLANs and IP dynamic routing.

Confidential

Network Engineer

• Improved network performance by twenty percent by eliminating unnecessary broadcast traffic found by a network analyzer Wireshark and segmenting the network using VLANs, HSRPs and subnets on Cisco 6509, 2801, 4003 and 4506 for three world wide locations and two data centers in an Active/backup scenario.
• Solved a complex BGP issue to properly route traffic in a multi-homed network by prepending AS numbers in the AS List and increasing the Local Preference on the preferred route.
• Setup a Wireless Network using Cisco Wireless Control System WCS to manage three Cisco Wireless LAN Controllers WLC which controlled thirty-two Cisco APs over three locations. Provided detailed instructions for configuring the wireless WAP2 SSID and key codes for staff and guests.
• Developed network topology maps and rack elevations using MS Visio, These documents carried different levels of detail for coworkers and consultants.
• Created a centralized location of configuration files/drawings and developed a systematic procedure for change management.
• Designed, configured and installed Routers/Switches/MS Servers as the network grew.
• Used RIPv2 and Rapid Spanning Tree for the LAN as well as BGP over MPLS for the international WAN.
• Installed, tested, and configured VMWARE for virtual MS Windows servers to save cost and space.

Confidential

Network Consultant

Confidential

Restructured Senate Infrastructure to include subnets to reduce broadcast traffic. Supported entire Senate community with all desktop or server issues. Learned many popular desktop applications during trouble-shooting. Provided solutions within the one hour SLA.

Confidential

Supported 300 users for NOAA using XP and MS Windows server 2000 within five Organizational Units in Active Directory. Solved a major switch Cisco 6400 problem by isolating users to a new subnet. Solved many issues involving specialized applications for time, attendance and travel.

Confidential

Setup an Information Systems IS team for a new location using MS Windows XP, MS Windows Server 2000, and Active Directory. Planned the data structure of Active Directory to include easy management of the ever growing ethernet network infrastructure. Designed scripts Windows Scripting Host for Microsoft 2000 Server group policies and printers. Trained the IS team on problem solving techniques, customer service and team concepts. Developed new procedures for delivering and sharing IS related equipment. Increased service level of each team member through planning, training and customer feedback. Moved the IS team from a startup to a well-functioning support group.

Confidential

Senior Network Engineer/IT Planner

Developed concise plans for LAN/WAN projects for the Department of Commerce. Setup redundant collapsed backbone using Cisco 6400 and Cisco 4000. Configured OSPF and EIGRP using Cisco IOS 12.0. Researched technologies for LAN/WAN projects including a Veritas Enterprise Backup Server.

Confidential

Senior Network Engineer Consultant

Performed installation, maintenance, documentation and overall support of 15 Points of Presence POP sites in the Verizon IP infrastructure. Setup network infrastructure using Juniper M80, Cisco 6400 and Cisco 7200 for the entire south-east region. Configured static routes, OSPF, BGP using Juniper IOS 5.1, Cisco IOS 12.0 through ATM and DS3.

Confidential

• Instructor for several courses covering the implementation and configuration of router and switches. Setup training labs to accommodate secure remote training Virtual - Lab with six AXI 540 Edge routers, one ATM switch and nine Juniper core routers . Developed two new courses: Introduction to Networking and Routing Technologies and AXI 540 Installation Configuration .
• Supported and maintained a network with IP and ATM Core using Juniper MX80, MX40, Ericsson 540, and Cisco 3600. Configured OSPF, ISIS, BGP, EIGRP and RIP using Juniper IOS 5.1 and Cisco IOS 12.0. Solved OSI Layer 2 and 3 customer problems using onsite customer service lab.

Confidential

• Instructor for Cisco CCNA level classes. Developed content and updated the BNETSYS website. Provided networking consulting for various clients by stting up many networks using Cisco 5000, Cisco 3600, Cisco 2600, Cisco 2500, Cisco 4500, Cisco 4700, Cisco 7200, Cisco 7500, Cisco 1000 and modems.
• Configured RIP, IGRP, EIGRP, OSPF, ISIS, BGP, DVMRP and PIM using Cisco IOS 10.2 5 . Designed and maintained of the E-Lab network using Frame relay, ISDN, Routers and catalyst switches. Worked on various ISP and Enterprise projects routing and switching .
• Responsible for LAN/WAN operation and technical support for NT 4.0 using TCP/IP v4 and Ethernet.

Confidential

• Managed all information technology long and short range, strategic and business planning for the IS department with a very low IT budget. Enabled a small nonprofit organization to become a midsize multi-state organization.
• Turned a numerous isolated PCs into a company wide network by developing relationships with outside vendors. Enlisted the help of a classmate at George Mason University to configure the infrastructure.
• Worked with the Training department to develop Microsoft 3.0 and 2000 classes for staff. Trained staff, management team and executive team on Microsoft Office. Created a small IT team to design and support a new Intranet and provide help desk support. Worked with the spouse of a staff member over two years to develop a software to track student progress.
• Established standards, policies and procedures for design, acquisition and management of systems and resources for the new IS Department. Developed network maintenance, backup and disaster recovery plans.

Confidential

Helpdesk Engineer

Supported a national network of users on a IBM AS400.

Confidential

PC Sales Consultant