Summary of Professional Skills

As a Manager and Engineer, I provided hands-on installation, support and maintenance for IT/IS Enterprise Infrastructures including, specification, design, vendor management/procurement, security, and administration of data, voice, and video network as a consultant, network/systems/security engineer and manager. As a principle network systems engineer and systems administrator for clients like Thomson Learning/Financial, Mitchell International, Sandpiper Assets Management, Sandia National Laboratories, CalOptima, Caltrans, Indian Health Services, and SAIC, I was responsible for the daily installation, configuration, deployment, security and maintenance of internal/internet network hardware/software for their Transactional e-Commerce based networks. I setup, maintained, and virtualized their production web and other real/virtual servers to provide client access to their products/services with 99.99 uptime. I utilized industry standard methodologies ITIL, etc. , architectures, and configuration to deploy high-availability network and server hardware/software platforms for client's development, production, and transactional backbones and data centers which included security administration, network monitoring, Internet monitoring, and other routine network administration procedures/processes. Performed as the technical expert in the administration and configuration of networking hardware server technology to achieve and maintain 24x7x365, high availability enterprise network architectures by configuring firewalls, VLAN's, wireless networking, remote access, VPN's, IDS/IPS sensors, pen testing, risk assessments, vulnerability assessments, log reviews, and other network security services as required in data centers/NOC's. Responsible for the daily monitoring of network services in a 24x7/365 production environments, including the troubleshooting and reporting of issues and resolutions to senior IT and executive management.

Key Skills:

• Directly involved with the project planning, design, procurement, implementation, operation, administration, training, securing, and maintenance of Cisco, 3Com, Juniper and Foundry networking equipment, switches, routers and firewalls in a 24x7, high availability 99.99 uptime production R D environment utilizing network monitoring tools and services including SNMP, RMON, CiscoWorks, HP Openview, What's up Gold, Tivioli, Solarwinds, and others, as an engineer and manager.
• Strong understanding and experience with installing debugging networking protocols IOS 12.x, EIGRP, RIP, and OSPF , switching technologies VLANs, 802.1d trunking, and spanning tree protocol , firewall configuration PIX/ASA, NAT/PAT, Access Lists, VPN, IDS , proxy services, voice over IP VOIP telephony, wireless networking technology 802.11 x , AP's, Client configs , WAN technologies including ATM, T1, DS3, optical carrier, Sonnet, Ethernet topologies including 10/100/1000BaseT/Tx/Fx/FDDI on Cisco and other vendor hardware
• Provided analysis, development, and deployment of computer/network policies/procedures/practices based on ITIL and other standards/frameworks, as well as updating/ redesigning, and developing feasibility studies and policies/procedures Change/Configuration Management, Event/Incident Handling, Knowledge Management, Security, and Problem Management for production, development and R D environments
• Provided security audits, reviewed IDS/IPS/Firewall logs/sensors, and utilized other analysis/change management tools, then processed the data to develop security strategies for ecommerce and other business models, and develop new systems/risk assessment and strategic analysis for all clients based on industry/SANS best practices
• Provided ongoing development/analysis of organizational IT and security policies/procedures, daily use, backups/recovery, systems continuity, user/group security policies, forensics for incidents, and network security design/usage in Development, R D, and Production Enterprises.
• Provided support for organizations bound by SOX, HIPPA, PCI, FDCC, USCGB, FISMA, FIPS-199/200, 800-53, sp800-137, Etc. policies and controls performed audits, vulnerability scanning, penetration testing, user/data compliance testing/GPO's, server systems analysis support, syslog consolidation analysis, and developed training/user documentation.
• Installation/development of secure LAN/WAN/WLAN networks, desktop/laptop/server support with industry standard tools like anti-virus, encryption, spyware/malware and other security scanners, sniffers, IDS/IPS sensors and other desktop/laptop security software, and server technology for e-commerce and other clients
• Proven success delivering LAN/WAN/Wireless LAN backbones running cabling , security systems/peripherals, and multi-platform design/installation of production Internet e-Business/e-Commerce and Engineering client/server/database-related infrastructures for 5 users to 1500 users
• Experience gathering customer/business requirements and translating them into effective project/operational plans and successfully completed projects on-time and on budget utilizing CPI/SPI and Earned Value methodologies for Financial, Engineering, and e-Commerce clients

Professional Experience

Confidential

Network Specialist

• Provided advanced vulnerability, compliance, and systems support/analysis of the Indian Health Services 42,000 systems with Symantec RAS or Secure Fusion, Tenable Security Center, Nmap, metasploit, penetration testing, protocol analysis, and other security software platforms
• Performed daily scans of the IHS network to determine if any connected devices don't follow the configuration protocol outlined by IHS policy/procedure and Federal mandates USGCB,FDCC, FISMA, HIPAA, SP800-53, etc.
• Provided senior level network engineering/administration, compliance and vulnerability analysis/reporting, as well as tracking of mitigation plans/POA Ms.
• Provided mechanisms to ensure the protection of sensitive personal information - both health records and personally identifiable information that could be used for identity theft and entails a high level of public trust
• Provided state-of-the-art knowledge, troubleshooting, and utilization of Microsoft operating systems, desktops, tablets, servers 2000-2012, XP-windows 8.1, and complete Microsoft catalog of software
• Provided senior level knowledge, troubleshooting, and utilization of Active Directory, Group Policy Objects, logging, event correlation, regedit, PS tools, and other capabilities within Microsoft products.
• Provided basic knowledge, troubleshooting, and utilization of various Linux variants for servers, desktop systems, and vulnerability scanners
• Provided advanced utilization of VMware 5.1 virtualization to create Microsoft Linux servers for Scanners, Secure Fusion, etc.. Creating/deploying testbed hosts and other related systems
• Provided cutting-edge skills for patch management with Symantec Endpoint Management, WUSUS, Shavlik, Big Fix systems.
• Provided user training for patching, removal of vulnerabilities, and related issues to securing systems to federal standards
• Performed in depth analysis of Federal NIST USGCB, FDCC, and 800-53 requirements against HIS GPO's for compliance, determined where compliance is not met and what GPO's require creation or waiver to ensure 100 compliance.
• Provided Vendor relations to ensure Vendor products in use at IHS meet federal security compliance. Worked with Abbott Laboratories to modify their glucose metering software and Mitel Phone Switch software to make their products compliant
• Provided senior level reporting, analysis, and evaluation of various security topics as related/required by the Continuous Diagnostics and Mitigation program from DHS/HHS: Hardware/software inventory management, Configuration setting management, Vulnerability management, Network/physical access control management, Trust-in-people granted access access control management , Security-related behavior management, Quality management, Credentials and authentication management, Privilege management, Prepare for incidents and contingencies, Respond to incidents and contingencies, Requirements, policy, and planning, Operational security Generic audit/monitoring

Confidential

Sr. Systems/Network/Security Engineer IT/IS Architect

Accomplishments:

• Managed 5 direct reports, managed teams of 2-10 individuals for clients as a 1099 contractor or W-2 employee. Provided leadership/mentorship to client employees/teams on various network, server, and desktop infrastructures with 1000-2 users. Acted as adjunct instructor at local college and taught Windows 7 Server 2008 admin/installation, ethical hacking, and computer forensics to classes of 20 students
• Provided hands-on technology support desktops, laptops, peripherals, blackberries/iPhones, video conferencing, T-1 installation/support, VOIP, etc. and vendor management IT/IS and construction trades for the Executive Chairman of the Board of Cengage Learning formerly Thomson Learning and Other CEO's in the San Diego Area
• Provided high-level enterprise network/security support on site and remotely: Resolved problems and provided technical lead to answer questions related to the network/systems/security, utilized vendor and carrier support when necessary to resolve network problems and/or outages, that were not internal in order to recover systems as quickly as possible pen testing, vulnerability monitoring, IDS/IPS, and deep packet analysis
• Provided security functions for all employers for networks, servers, desktops, and other systems, which include the following functions/specialties:
• Access control, user accounts, AD, TACACS, Radius, Secure ID, etc.
• Telecommunications and network security, Cisco, Juniper, Microsoft/UNIX, etc.
• Information security governance and risk management, CDM, Vulnerability Analysis-Symantec RAS, Big Fix, Tenable Security center, etc.
• MS Software security scanning/updates, IIS security/hardening, signed applets, certificates, etc.
• Cryptography, VPN, PGP, etc.
• Security architecture and design based on Cisco AVVID, SANS, ITIL, US CiberSecurity, etc.
• Operations security, ISSO, Waste fraud and abuse auditor, QA auditor, etc.
• Business continuity and disaster recovery planning, High availability nets, multiple data centers, etc.
• Legal, regulations, investigations and compliance, HIPPA, SOX, FISMA, USCGB, CDM, etc.
• Physical environmental security, key card systems, security guard, locks, etc.

• Designed, installed, documented and maintained all customer production networks, while ensuring that the network designs conformed to SANS/NIST best practices for security configurations, wrote procedures, and created training materials Cisco Juniper hardware Microsoft servers/desktops/laptops/NAS for existing Financial, Engineering, and e-Commerce clients in client facilities in order to support/migrate to new or existing data centers utilizing ITIL methodologies, as an engineer and IT manager,
• Developed and monitored processes that ensured the ongoing secure configuration of the network architecture, and monitored/maintained network security related to application vulnerabilities and their output for indications of malicious activity with Tools like SCCM, WSUS, Shavlik, Big Fix, Risk Analysis Suite Secure Fusion , Tenable Security Center, and Scriptlogic
• Deployed, maintained, and upgraded Microsoft operating systems for organizations with 5-1500 users, utilizing COTS Anti-virus, malware, firewalls, system tools, patches, and other software to maintain user workstations in LAN/WLAN environments, and ensuring network optimization and efficiency through monitoring od Desktops, Laptops, Servers, and virtual systems
• Designed, installed, and supported Cisco/Foundry/Juniper/Linksys and other vendors wired/wireless switches/routers/firewalls/IDS systems on SMB and enterprise networks connected to Cable, DSL, ISDN, and T-1's, DS-3, and OC-12 ISP backbones, and provided detailed protocol analysis and troubleshooting of client networks onsite and remotely for small businesses to enterprise level clients
• Provided project/vendor management in order to design, install, and administer alpha/beta testing and R D facilities for various software development clients/companies utilizing feasibility studies, project plans, and project management.

• Designed, installed, administered, maintained, and documented internal/external client networks and data centers systems on a daily basis for clients with R D test beds, software development activities and production networks for Financial, Engineering, and e-Commerce facilities which contained as many as:

1. 12-IBM P-Series AIX servers, running AIX 5.3-6.1

2. 20-IBM X-series Windows servers, running Windows server 2003-2008 enterprise edition

3. 100-HP/Dell Windows servers, running Windows server 2003-2008 enterprise edition, converted to VMware 4.0 Guests

4. 10-IBM Linux servers, running OpenSuse Enterprise Linux

5. EMC Clarion, Compellant, NetApp, and Netgear SAN/NAS devices with Fibre channel iSCSI

6. 5-VMware ESXi hosts running 50 guests

7. 5-700 workstations/laptops, running Windows XP-win-7

8. Installed/maintained on the servers: VMware ESXi 3.5-4.1, Symantec/Veritas Backup, and other Microsoft server software Exchange, SQL, SCCM, etc.

• Designed, installed, administered, and documented various Cisco Juniper network backbones utilizing:

1. 1700/2600/3600/7200 series routers

2. Catalyst 3500, 2900, 5500, 6500 switches

3. Cisco/Linksys Wireless LAN's, 340 series to 1600 series

4. IDS sensors and vulnerability scanners

5. PIX/ASA firewalls, Riverbed Steelheads

6. Juniper j6350/2350/mx80 routers, ex-3200/4200 switches, isg/ssg firewalls

7. Fatpipe Load Balancers, Packet Shappers, HP IDS/IPS sensors

8. Websense v5000 appliances, Aruba Wireless, HP Procurve Switches

9. Solarwinds Orion, what's up gold, prtg/mrtg

• Developed and provided training for all users and clients to utilize new network and server systems. Provided end-user training for mail, office software, web, and other industry standard software packages
• Provided complete senior level network security services and computer security forensics Install Cisco PIX/ASA, Check Point, Sonicwall, and Juniper firewalls, network monitoring, vulnerability assessment technologies, developed/implemented security policies/procedures, and IDS sensors for Financial, Engineering, and e-Commerce clients as a layered security model based on SANS best practices.
• Provided senior level IT/IS project management, business analysis, and planning/technical support for existing and new/emerging technologies utilizing CPI/SPI and earned value methodologies for all clients
• Coordinated vendor selection, provided contract negotiations, and vendor interface on behalf of client as and IT/IS General Contractor/Facilitator with Cisco, Microsoft, and various other vendors

Confidential

Network Systems Analyst

Responsibilities:

• Provided project management for network designs, cost analysis, and implementation plans for a 300 user LAN/WAN/WLAN with a 2 million dollar budget. Gathered client/corporate specifications/requirements and translating them into project/implementation action plans utilizing earned value methodologies for their new E-commerce insurance production network, as an engineer, trainer and network manager. New Backbone replaced 3Com FIDDI network and concentrators with a Cisco high-availability e-commerce, development, and business network segments, with high end security systems and tactics
• Provided the skills as a tactician/strategic thinker in order to orchestrate the re-designed and implementation/installation of a new network backbone and a Network Operations Center in a new facility, brought up new backbone and collapsed the old network without any interruption to customers. Designed/installed the NOC to monitor internal and external systems onsite, and remotely VPN, IDS, etc. in order to meet the strategic and operations plans of the organization and customers with leading-edge technologies/security to provide on-line services to clients
• Provided senior level IT/IS support/troubleshooting, LAN/WAN/Wireless LAN installations, and network security for onsite and offsite business units in order to manage overall network backbone design and construction of large projects software development, QA, Trade Shows, M A of competitors, etc. including management of staff to best utilize manpower, monitoring projects and workloads as necessary to meet deadlines and schedules, and budgeting and monitoring of approved project funds for their R D, software development, and insurance e-commerce products
• Provided executive management the presentations, plans, and implementation of BPR to migrate from CD based products to eCommerce B2C, B2B digital mediums and complete documentation of the IT/IS infrastructure created internet/intranet web sites, servers and portals to inform their 42 insurance company clients, their investment bankers, and prospective financial based transactional clients in the collision/repair industry
• Provided high-level enterprise network support on site and remotely: Resolved problems and provided technical lead to answer questions related to the network/systems, utilized vendor and carrier support when necessary to resolve network problems and/or outages, that were not internal in order to recover systems as quickly as possible
• Designed, installed, documented and maintained all customer production networks, while ensuring that the network designs conformed to best practices for security configurations, wrote procedures, and created training materials Cisco Juniper hardware Microsoft servers/desktops/laptops/NAS for existing Financial, Engineering, and e-Commerce clients in client facilities in order to support/migrate to new or existing data centers utilizing ITIL methodologies, as an engineer and IT manager,
• Develops and monitors processes that ensure the ongoing secure configuration of the network architecture, and Monitors and maintains network security related applications and their output for indications of malicious activity pen testing, vulnerability monitoring, IDS/IPS, and deep packet analysis
• Deployed, maintained, and upgraded Microsoft operating systems for organizations with 5-1500 users, utilizing COTS Anti-virus, malware, firewalls, system tools, patches, and other software to maintain user workstations in LAN/WLAN environments, and ensuring network optimization and efficiency through monitoring

• Designed, installed, administered, maintained, and documented internal/external client network backbone and data center for R D, QA, Software Development, Business Departments, and the e-Commerce network. Provided ether-channel and other connectivity to:

1. 200 Compact Web and application servers, running Windows NT-2003 server

2. 1 Fibre channel EMC Clarion,

3. 500 workstations/laptops, running Windows 98-XP

• Designed, installed, administered, and documented Two Cisco network backbones Business and Client utilizing:

1. 10-1700/2600/3600/7200 series routers

2. 25-Catalyst 3500, 2900, 5500, 6500 switches

3. 25-Cisco/Linksys Wireless LAN's, 340 series to 1600 series

4. 3-IDS sensors and vulnerability scanners

5. 8-PIX/ASA firewalls, 1-Packet Shappers 2-Cisco IDS/IPS sensors.

6. 4-Local Director Load Balancers, CSS-1150, CSS-11502

7. Ciscoworks 2000, What Up Gold 6.0

• Provided training and knowledge transfer for IT/IS business unit staff, mentored two network engineers and the network manager to enable them to support the organization on its fast-track transition into the new e-commerce/transaction based online insurance product portfolio

Confidential

Senior Systems Analyst

Confidential

Network Analyst

Confidential

Cisco:

• ASA 5505, 5510, 5520, Pix Firewalls, 525, 520, 501, 515,
• Cisco 2500, 2600, 1700, 3640, 4000, 7206, 3102, AGS series routers
• Cisco Local Director Load Balancers, CSS-1150, CSS-11502
• Cisco Catalyst 6509,6506,3548,5000, 5505, 5509, 2820, 2924, 2916, 3750, 2960
• Cisco 1404 CDDI Concentrator, 500-CS Terminal Server
• Ciscoworks CWSI Network Management, Net Sonar, Net Ranger Software, Policy Manager, TACACS ACS Server
• VPN concentrator 3000 series and client software, site-to-site connectivity
• Cisco 340/350 and 1100-1400 Series wireless access points and network cards
• Network/Cisco protocols: HSRP, BGP, EIGRP, OSPF, RIP v2, Frame Relay, ISDN, High- Availability networks, stateful firewalls, load balancers, access lists, NAT/PAT, VPN/SSH

Miscellaneous Network Hardware Used:

• Juniper j6350/mx80 routers, ex-4200/3200 switches, isg/ssg firewalls
• Fatpipe Load Balancers, Packet Shappers, HP IDS/IPS Tipping Point Sensors
• Websense v5000 appliances, Aruba Wireless, HP Procurve Switches
• Coyote Point, F5 and Alteon Load Balancer
• Riverbed, SilverPeak, and Packeteer WAN Accelerators
• Cryptostore Tape Encryption devices
• IBM/Seagate/HP/Quantum Tape Libraries and various tape drives
• Proxim Range Lan 2 wireless, Cisco 340-1600 Linksys Wireless Access Points, Bridges, and PC card and PCI Wireless Ethernet Cards
• Connected Organizations to OC12-48, DS3, T-1, T-3, ISDN, Cable Modem, and DSL
• Installed Cat 3-6 cable, Single/Multi-Mode Fiber Cable, etc.

Provided Computer and Network Security Functions:

• Symantec Secure Fusion, Tenable Security Center, Tivoli-Big Fix
• Server and Workstation security audits, installed patches, SSH, C3, C2 technologies
• Firewall implementations and other related firewall and DMZ duties
• Utilize Webtrends Security Analyzer, deployed Radius and TACACS software
• Internet Security Systems ISS Safe Suite, Risk Assessment security scanners NMap Metasploit
• IDS Sensors from Cisco and Snort, Developed/Implemented Security policies/procedures
• Intel/Shiva/Cisco VPN Gateways, PGP and other forms of encryption WPA, etc.
• Worked with Secure ID and SecurID Servers, performed penetration testing/auditing
• Biometric FingerPrint security devices, card readers, etc.
• Computer Forensics: hard drive analysis, firewall and desktop forensics, risk assessments
• Installed/supported all anti-virus, malware, and security software

Protocol Analysis and Network Troubleshooting Tools: I own these devices

• FDDI, Ethernet, WAN, GIG, 10-GIG, and portable Protocol Analyzers Sniffers
• NetXray, WildPackets Wireless sniffer, ethereal/wire shark
• Fluke One Touch, EtherScope II
• Trend Aurora ISDN, T-1, PRI Analysis and Testing Equipment
• Wireshark

Installed and configured Enterprise Management Software for Data Network and Telecom Devices:

• OSI's NetExpert
• MicroMuse NetCool
• CA Unicenter TNG
• HP OpenView
• What's Up Gold
• Solar Winds Orion
• Scriptlogic
• Kiwi syslog server, PRTG, Solarwinds wmi and other monitoring tools

Setup/Repair/Evaluate/Utilize a Variety of Computer Equipment:

• PC Based Systems: HP, Dell, Compaq, IBM servers, desktops, and laptops
• Macintosh Hardware and Software, Laptops, Desktops
• IBM Pseries and Xseries servers
• Sun/Sparc Workstations/Unix IPX, Ultra 10-60, Enterprise 3000-5000, Sparc5 10
• VAX, Silicon Graphics, Mentor graphics workstations, POS systems
• Blackberries, iPhone/iPad, smart phones, Palm devices, Lucent and Panasonic Phone Systems

Software Utilization:

• VMware server and esxi , Vcenter, Vmotion, High-Availability, Netranger backup
• AIX 4.3-6.1, Linux RedHat, Opensuse, Fedora, BSD, Ubuntu , Solaris
• Microsoft: Office 95-2010, NT Wks, SERVER 3.1-2012 , Win-7,Vista, XP, 95-98, SQL 2005-2008, SMS/SCCM, IIS, BackOffice Enterprise, Small Business Server, Visio, Frontpage, etc.
• Citrix MetaFrame/WinFrame
• Ghost, Bounceback Professional, CloneZilla, Script Logic Backup, NT/Windows backup
• Mac: OS 6-10 most MAC hardware and software, apple networking
• Tools: TCPIP Tools, LAN Watch, ftp, telnet, etc.
• Web: Sambar server, Cold Fusion, Hot Metal Pro, HTML, Front Page, Hot Dog Pro, Dreamweaver, Fireworks
• Databases: Oracle, Filemaker Pro, Fox Pro, MS Access, Remedy ARS, SQL 2000-2008
• Graphics: Photoshop, Illustrator, Hyjack, etc.
• Mail: Exchange Server 3.1-2010, CC Mail Servers, Eudora, pop/smtp servers, Outlook
• Norton Utilities, Virus Scanners, Databases, Word Processors, Spreadsheets, etc.
• Enterprise Backup Software from Seagate, Veritas, IBM, and others
• Goldmine 6.7, MS Dynamics