Objective:To obtain a position in management when I may utilize my skills, experience, and abilities to improve the company's operations and profitability.

Professional Skills:

• Cisco Network Design
• Cisco Wireless Design
• Cisco Nexus Design and installation
• System Compliance PCI, SOX, etc.
• DMZ Security Design
• Help Desk Administration
• Telephony Design
• MS Server 2000, 2003, NT Operating System Administration
• Network Security and Risk Assessment Planning
• Project Management
• Budget Planning
• Disaster Recovery Planning
• Mentor and Trainer for Cisco Network and server administration

Technical Skills:

Hardware:

• Cisco Catalyst Switches: 6500, 6000, 4500, 4000, 3700, 3500, 29xx series
• Cisco Nexus Switches: 7000, 5000, 2000, 1000V
• Cisco Routers: ASR1000. 7200, 3900, 3800, 2900, 2800, 1800, 1700 series
• Cisco Firewalls PIX 535, 525, 515, 506, 501
• Cisco ASA Security Appliance Firewall,VPN,IPS modules
• Cisco VPN Concentrator 3000 series
• Cisco Prime Infrastructure
• Bluecoat Web Proxy SG400, SG800
• McAfee NSM/Intrushield IPS
• McAfee Foundstone
• McAfee DLP Host/Network
• McAfee ePo
• Network Intelligence Engine EnVision / RSA EnVision
• NetCordia NetMRI Security Analyzer
• Iron Port Spam Filter Appliance
• Server hardware brands Dell, IBM, Sun, HP
• Virtual Tape Library

Software:

• MS Server NT, 2000, 2003, Active Directory
• Windows 2000 Professional
• Windows XPProfessional
• Cisco NX-OS
• Cisco IOS/CatOS

Applications:

• Microsoft Office 2000, 2003, XP, 2007
• Microsoft Exchange 2000, 2003 Standard and Enterprise
• Microsoft Internet Authentication Service RADIUS
• Microsoft Certificate Server CA Services
• Microsoft Server Components
• Infoblox DNS, DHCP, and IPAM
• Cisco Prime Infrastructure LMS and NCS
• Cisco Access Control System ACS 3.x, 4.x, 5.x
• CiscoWorks LAN Management Suite LMS
• SolarWinds Orion Network Performance Monitor
• SolarWinds Engineers Toolset
• ManageEngine Netflow Monitor
• ManageEngine OpManager
• Altiris Deployment Solution
• Altiris Client Management Suite
• Altiris Helpdesk Solution
• Altiris Security Expressions
• Nessus Network Vulnerability Scanner
• eEye Retina Network Vulnerability Scanner
• Prism EventTracker viewer
• Kiwi Syslog viewer
• Ethereal
• Veritas Backup Exec multiple versions

Protocols:

• TCP/IP
• DHCP, WINS, DNS
• PXE, Wake on LAN WOL
• IGRP, EIGRP, OSPF, BGP
• RADIUS, TACACS
• ISAKMP/IPsec

Experience:

Confidential

Senior Network Security Engineer

• Redesign entire Cisco Wireless Infrastructure
• Increased coverage at all store locations
• Implemented a open guest wifi
• Added Cisco 5508 and 7500 series wireless controllers
• Implemented Cisco WIPS using the Cisco MSE
• Implemented location based services using Cisco MSE
• Redesigned wireless authentication
• Oversee design and implementation of Cisco VoIP
• Replacement of NEC PBX system with Cisco VoIP
• Migration from NEC voicemail to Unity
• Add 160 VoIP sites
• Redesign Cisco Wan Accelerator implementation/Riverbed
• Redesign Core network architecture
• Redesign VTP, STP, and routing
• Redesign and install warehouse networks
• Redesign routing
• Design the access and core layers
• Design and Implement Cisco Nexus 7000/5000/2000 Switches
• Manage Infoblox DNS/DHCP/IPAM systems
• Managed the Infoblox/Trinzic Grid appliances
• Create junior admin mentorship program
• Redesign eBGP/iBGPand implement interior routing EIGRP
• Design, implement, and administer Cisco Access Control System Cisco ACS
• Redesign network security for PCI, HIPPA, and external audit compliance
• Design and implement network redundancy and load sharing from internet access layer to core layer
• Install and configure Cisco Prime Infrastructure, NCS, and LMS
• Install and manage power and kvm connectivity
• Install Avocent DSView software
• Research, test, implement rack UPS
• Research, test, implement rack PDU
• Install, design, and administer the Radware Linkproof appliances.

As Senior Network Security Engineer

Confidential

• Develop policies and procedures to meet PCI Compliance Standards
• Actively monitor all traffic for anomalies and threats
• Install, configure, and maintain McAfee DLP Reconnex
• Monitor McAfee DLP for breeches and improper business practices
• Install and configure RSA enVision for log collections with all network devices
• Create custom signatures for enVision for devices not natively managed
• Configure and monitor McAfee Network Security Manager/Intrushield
• Design installation of IPS Sensors
• Upgrade manager and sensor Intrushield software
• Configure and maintain McAfee Foundstone MVM vulnerability scanner.
• Design device standards of security baselines for the Microsoft and Cisco environments.
• Create router and switch baseline security configuration
• Manage McAfee ePolicy Orchestrator
• Install and configure McAfee HIPS, SolideCore, and VSE8.8
• Streamline SolidCore to protect the POS endpoints.
• Install and configure McAfee endpoint Encryption.

Confidential

Network Design Consultant

• Redesign the CBP networks at all major airports and border stations.
• Design a redundant network to ensure system operability despite multiple failures.
• Create job proposals for all network installs

Confidential

Network Security Consultant

• Designed the placement and roles of the firewalls Pix, ASA, and Checkpoint
• Installed and administered Cisco Network Security Manager
• Managed the RSA SecurID systems
• Developed a token distribution and assignment system to distribute over 8000 tokens.

Confidential

Network Consultant

• Serviced new/current customers providing consulting services
• Designed Cisco ASA implementations replacing various firewalls
• Redesigned site-to-site and remote access VPN solutions
• Performed core device upgrade from a Cisco 4500 to a Cisco 6509
• Redesigned Cisco wireless controller to perform rogue AP detection
• Performed research and upgraded Cisco IOS on routers, switches, and firewalls
• Installed Cisco Access Control System ACS Integrating with MS Active directory for authentication/authorization
• Supported MS Exchange 2007 installation
• Created new VLAN's for local and remote networks
• Configured and installed new Cisco switches
• Troubleshoot Blackberry services including Blackberry Enterprise Server
• Designed and installed Solarwinds Orion platform with NetFlow and VoIP modules
• Installed IDS-2 module for Cisco 6500 IPS solution
• Maintain and re-design Windows Active directory system

Confidential

Technical Director

• Designed DMZ network to reduce security vulnerabilities
• Developed IT Disaster Recovery Plan
• Developed IT Security Plan
• Integrated security/compliance scanning and reporting
• Integrated a DMZ security model for internet accessible applications and services
• Design/perform security assessment
• Audit firewall settings and logs to remove vulnerability holes
• Create/implement complex password policy
• Create physical security measures for IT area, server room, and network closets
• Designed WAN security model
• Designed wireless WebAuth for segmenting publicly accessible student traffic from the college's faculty/staff network traffic.
• Designed WLAN rollout schedule to increase the wireless hotspot areas.
• Redesigned VPN remote connectivity
• Migration from Microsoft VPN access to Cisco VPN Cisco ASA
• Creation of site-to-site VPN connection for vendors as needed
• Managed/Team member of IT projects
• Wireless rollout project
• Password policy rollout
• Migration to IronPort Spam Filter from GFI Mail Essentials