SUMMARY

• Network professional with over ten years’ progressive experience supporting commercial clients, Nongovernmental Organizations, and Government clients, including network security enterprise management of Local/Wide Area Networks, installations, testing, maintenance, management and documentation.
• Excellent written and verbal communication skills with the ability to build productive relationships, resolve complex issues, and win customer loyalty.

TECHNICAL SKILLS

Enterprise Firewalls: Cisco Pix, Cisco ASA 5580, Juniper Netscreen, Check Point Firewall - 1

Load Balancer: F5 BigIP Local Traffic Manager 6900

Switches: Cisco Nexus 2248, 3524, 3560, 5548, 7018, Cisco Catalyst 3560X, 4506, 6509, Extreme Summit X480, Extreme Summit X450

Routers: Cisco 2900, 7304

VPN Concentrators: Cisco 3000 series

Wireless Bridges and Access Points: Cisco Aironet 350 and 340 Series

WAN Optimization: Citrix NetScaler 10.5, Cisco WAAS

Operating Systems: Cisco NX-OS and IOS, Linux, Solaris, Windows Server 2003, Windows Server 2008

Routing Protocols: OSPF, EIGRP, BGP

Server security software and tools: IBM Proventia, IBM Realsecure, Symantec ESM, Nessus

Content Filtering: Websense EIM, Blue Coat Proxy SG

Protocols: DHCP, MPLS, TCP/IP, DNS, NAT, PAT, HSRP, VRRP, VLANs, VTP, IPSec, SNMP, Syslog

Applications and tools: Microsoft Office 2010, Visio 2007, Remedy Help Desk, Service Now, Wireshark, Netflow, CiscoWorks 2000, Solarwinds Orion, SevOne, Cisco TACACS+

PROFESSIONAL EXPERIENCE

Senior Network Design Engineer

Confidential

Responsibilities:

• Deliver quick resolution for a variety of internal network problems relating to Cisco Nexus 2248, 3524, 5548, 7018 switches; Catalyst 3560X and 4506 switches; F5 Big IP LTM; and security related issues for Cisco ASA firewall.
• Develop security solutions for high - availability multiple-context Cisco ASA 5580 firewalls: routing configuration, NAT/PAT, access control list (ACL) administration, policy auditing, and log file and packet analysis.
• Build pools and VIPs in F5 BigIP Local Traffic Manager load balancers for continuous application availability. Create iRules.
• Troubleshoot connectivity and SSL issues using tcpdump and Wireshark. Act as point of escalation for team. Analyze vulnerabilities and apply remediations to ensure PCI compliance.

Network Engineer

Confidential, Fort Worth, Texas

Responsibilities:

• Supported B2B VPN infrastructure on Juniper Netscreen platform and maintained PCI-compliant vendor network.
• Built pools and VIPs in F5 BigIP Local Traffic Manager load balancers for continuous application availability.
• Maintained inventory of fully patched cold standby hardware.
• Utilized Netflow to analyze network performance issues for Ethernet and wireless local area network.

Information Security Officer

Confidential, Washington DC

Responsibilities:

• Responsible for information security, vulnerability discovery, penetration testing, application security of Confidential Group Windows, UNIX, and Linux servers.
• Certified server compliance with Symantec Enterprise Security Manager and Nessus, and worked with system owners to remediate vulnerabilities.
• Administered IBM Site Protector and RealSecure Server Sensor/Proventia Server firewall/HIPS on Windows, Solaris, Linux and AIX platforms: rule base administration, log file and packet analysis, and signature tuning.
• Wrote detailed technical documentation for installation and administration of IBM RealSecure, IBM Proventia, and ArcSight ESM Manager and Database.

Network Engineer

Confidential, Washington DC

Responsibilities:

• Provided second and third tier LAN/WAN infrastructure support Confidential U.S. Department of Education.
• Administered twenty-seven high-availability pairs of Cisco PIX and ASA firewalls: routing configuration, NAT/PAT, access control list (ACL) administration, policy auditing, and log file and packet analysis.
• Completed complex migration from Symantec Enterprise Firewall to Cisco 5500 series ASA firewall including translation of cryptic undocumented text files into ASA configuration file.
• Configured and troubleshot Cisco 7300 routers and 6500 switches (CatOS and IOS): OSPF and BGP routing, VLAN configuration, router hardening, and IOS updates.
• Reviewed alerts in NIST National Vulnerability Database, made recommendations for mitigating identified risks and remediated systems.
• Analyzed FISMA findings and provided justification of risk or remediation of system.
• Represented team Confidential Change Control Review Board, Technical Review Board, and other meetings with client.

Project Planner

Confidential, Washington DC

Responsibilities:

• Coordinated Technical Review Board meetings and project activity for new system development life cycle initiatives Confidential U.S. Department of Education.
• Developed and expanded scope of role to include oversight of testing in development network, documentation, requirements management, support plans
• Memorandums of Understanding, Certification and Accreditation, Section 508 accessibility testing, load testing, and security testing in accordance with NIST SP .
• Updated Technical Review Process Guide to reflect process improvements initiated to improve consistency of system implementations and to reflect CMMI standards.
• Recorded meeting minutes and tracked action items to completion.