SUMMARY

• Ability to absorb new ideas and concepts quickly.
• Proven expertise in supporting and troubleshooting hardware, software, and networking issues.
• Ability to prioritize and execute tasks in a high - pressure environment.
• Organized, take - charge professional with exceptional follow-through abilities and detail orientation, able to plan and oversee projects from conception to successful conclusions.
• Outstanding communication skills; interfaces effectively with upper management, vendors, staff, and users.
• Strong technical background with a solid history of delivering outstanding customer service. Genuine commitment to quality and customer satisfaction.
• Senior network engineer with over 12 years of technical and project management skills.
• Extensive experience in architecture, design, capacity planning, information security policies, network security design and implementation, Cloud Technologies.
• Excellent leadership and communication skills, experienced with customers and technical support.
• Solutions - oriented IT Professional with proven success implementing and integrating cost-effective, high-performance technical solutions to meet challenging business needs.

TECHNICAL SKILLS

Hardware: Desktops, Servers, laptops, Modems, Network Cards, Mother Boards, Printers, Scanners, Hubs, Cisco catalyst 2950 Switches, Cisco nexus 2k series, Nexus 9336PQ, 9508, Cisco PIX firewall 525,535, ASA 5550, Palo Alto, Checkpoint, Cisco FWSM, Juniper MX960,240 series routers, Juniper SRX 240,220 firewalls. Dell Force Z9000 series switches F5 BIG IP 3600,6400,6800 HP Blade server G6, SAN, IBM X series 345, Dell PowerEdge 2550, IronPort c360 email security appliance.

Protocols: EIGRP, BGP, VRRP HSRP, NAT, IPSEC, IGMP, PIM.

LAN Media: Ethernet, Gigabit Ethernet, 10 Gigabit Ethernet

WAN Media: MPLS, ATM, Frame-relay, T1, T3, DS3, OC3, ISDN, PSTN, Leased Lines, Cable Modem.

Network management: Cisco Works, HP Open View, Concord, Tivoli, Netview6k, SolarWinds Orion

Traffic Generator: Spirent.

Security: PIX, FWSM, Juniper SRX, Checkpoint, TACACS/RADIUS, RSA SecurID, Nessus, Snort, Metasploit, BurpSuite. Windows system hardening, super scan, routers, and switches hardening.

Operating System: Windows 2003, 2008, Windows/XP, Windows VISTA, VMware, UNIX, Linux.

Client/Server Application: Microsoft Outlook, Microsoft Exchange Server

PC Experience: Software Installation, Hardware Configuration.Enterprise Networking, Workstation Troubleshoot, Server Troubleshooting.

Software: Microsoft & Office Products. Adobe Acrobat and Reader, Norton, and McAfee antivirus software. SmartStart array and IBM raid manager.

PROFESSIONAL EXPERIENCE

Confidential, BALTIMORE MARYLAND

Senior Security Engineer/Cloud Engineer

Responsibilities:

• Design and configure a redundant solution of F5 BIG IP using 3900,4000 and 6400 series, configure VIPs, Pools, HTTP profiles, SSL profiles, Irules Health monitor.
• Design and configure a redundant solution of firewalls in a multi-vendor firewall environment using Checkpoint R77, Palo Alto and 5060 and ASA 5585-X
• Created firewall security policies in a multi-vendor firewall environment to meet security and company policy requirements.
• Troubleshoot and resolve complex connectivity issues using tools like TCP dump, Wireshark, traceroutes, Ings etc.
• Install and configure datacenter switches, FEX 2248, Nexus 5596s and 7010s configure VPC, Fabric path, OTV to extend Layer 2 domains across datacenters.
• Configure WCCP for traffic redirect.
• Install and configure riverbed for traffic optimization.
• Communications and networking needs between Cloud and on premises data Centers, Cloud, and Internet (VPN) users.
• Enable continuous monitoring and track security-related defects and the status of their resolutions.
• Identify specific areas of concern related to securing sensitive data in both the cloud and a data center environment.
• Migrating from On-Premises infrastructure to AWS Cloud.
• Focusing on Resiliency, High-Availability, fault tolerance, and Auto Scaling.
• Developed strategy for cloud/virtualization migration and implementation best practices.
• Developed enterprise architectural blueprints, along with descriptive documentation for all stakeholders.
• Selecting the appropriate AWS service based on data, computing, database, or security requirements.
• Set up controls using preventive and detective guardrails in Control Tower for unauthorized actions and detected security weakness such as unencrypted EBS volumes.
• Reviewed and established metrics and alarms for tracking based on KPI to use computing resources efficiently to meet system requirements.
• Configured mandatory tagging of EC2 instances, EBS volumes and security groups through automation with Amazon CloudWatch and AWS Lambda
• Leveraged S3 storage classes to store and managed objects based in access patterns, configured S3 lifecycle policies to transition and archive files in S3 Glacier
• Scheduled regular backups by leveraging EC2 Lifecycle Manager to create snapshots of EBS volumes and define retention period as a cost-saving measure.
• Implemented network firewalls at all layers using security groups, NACL, and AWS WAF, Advanced Shield against DDoS attacks and common web exploits.
• Participated in designing and implementation of disaster recovery and failover plans with best RPO and RTO as applicable.
• Experienced in network equipment: VPC, subnet, route table, internet Gateway, NAT gateway, VPC Endpoint, AWS Direct Connect, VPG, VPC peering and Bastion Host.
• Configured and monitored alerts for important events through system integration with SNS to send emails and SMS notifications that enabled traceability and timely interventions.
• Performed deployments, upgrades, configurations in controlled pre-production and production environments while minimizing down time.
• Deployed web applications on AWS Elastic Beanstalk
• Deployed, managed and scale containerized applications using Docker Containers on Amazon ECS, Fargate, ALB with dynamic port mapping.
• Monitored existing infrastructure and architectural frameworks for performance and made changes when necessary.
• Estimating AWS costs and identifying cost control mechanisms.
• Configured and managed various AWS Services including EC2, RDS, VPC,S3, Glacier, Cloud watch, CloudFront, and Route 53.
• Design of high-quality architectures that meet customer requirements and are consistent with enterprise architectural standards.
• Monitored and reported project status to management on a regular basis.

Confidential, Washington DC

Senior Network Engineer

Responsibilities:

• Using SP and SP document and manage risks based on the nine steps to evaluate the threats, vulnerabilities and security controls surrounding the Information System, and likelihood of an exploit and the impact it will have to systems operations.
• Responsible for designing and implementation of customers’ network infrastructure.
• Analyze and update System Security Plan (SSP), Risk Assessment (RA), Privacy Impact Assessment (PIA), System Security test and Evaluation (ST&E) and the Plan of Actions and Milestones (POA&M).
• Develop POA&M (Plan of Action & Milestones) document to take corrective actions resulting from ST&E (System Test & Evaluation).
• Prepare and review Authorization to Operate (ATO) packages (i.e., SSP, RA, CMP, ISCP, DRP, IRP and PIA) for over 1200 systems and facilities.
• Create standard templates for required security assessment and authorization documents, including risk assessments, security plans, security assessment plans and reports, contingency plans, and security authorization packages.
• Installed and configured F5 BIG IP, created virtual servers, pools and iRules.
• Implementation of TCP/IP & related Services-DHCP/DNS/WINS.
• Assess program and security controls using Organization IT Security Policy Handbook and NIST Special Publications to provide information necessary to determine their overall effectiveness.
• Implement Cisco IDS 4235, updated and created custom signatures to protect the network against attacks.
• Performs Contingency Plan Test and Training to ensure systems recoverability as defined in IT systems security requirements.
• Participate in the FIPS 199 process in which security categorization takes place, and select the technical, operational, and managerial controls using NIST SP guidelines.
• Participated in security team meetings and rendered other support to the IT Security office, which included ensuring appropriate steps are taken to implement information security requirements for all IT systems.
• Configure and implement Remote Access Solution: VPN, ISDN dial up, Fractional T1.
• Implement CiscoSecure Access Control Server (ACS 3.0) for Tacaacs+/ Radius.

Confidential, Washington DC

Network Administrator

Responsibilities:

• Responsible for routine backups, new server deployment, exchange server administration, server performance/uptime monitoring.
• Assisted in installing configuring active directory, DNS server.
• Monitor and manage network performance with 200 users.
• Installed and configured CISCO iron port c360 for email security anti-spam and mail filtering.
• Installed secured and managed print servers.
• Installed and configured Windows 2003 servers for Raid 1+0 and Raid 5 for fault tolerance.
• Created user accounts and provides appropriate permissions and rights to users.
• Installed and configured a two node Exchange 2003 cluster for fault tolerance and redundancy.
• Upgrade Exchange 5.5 to 2003 created routing groups, and multiple mailbox stores for fault tolerance.

Confidential

Network Technician

Responsibilities:

• Provided solutions for issues involving network, hardware, and operating systems windows 2003 Enterprise server.
• Assisted in installing configuring active directory, DNS server.
• Monitor and manage network performance with 200 users.
• Installed secured and managed print servers.
• Created user accounts and provides appropriate permissions and rights to users.
• Install and maintain network equipment, passive/active hubs, switches, and router.
• Troubleshoot network connectivity, servers, remote access, printers.
• Concurrently, responsible for administering, optimizing, and supporting internal.
• LAN infrastructure consists of windows 2003 Active Directory and more than 300 users.
• Installed and configured exchange server 2003/ multiple Routing groups. ffline defragmentation of the Information Store, Check database consistencies)
• Installed and configure DNS server, and Load Balancing
• Created exchange 2003 mailboxes, public folders, and distribution lists.
• Maintenance and support of the Exchange server and monitor the queues.
• Install, support Microsoft remote access service, Citrix, and terminal server.
• Researched, recommended, and implemented new hardware and software into the environment to increase efficiency.
• Monitored and supported internal network, including adding/deleting users.
• Analyze needs and determine types of Hardware most suitable to meet requirements of the company within the prescribed budget.