OBJECTIVE:

• To obtain a position in network engineering or network security to provide services for clients that will utilize my knowledge,, and experience working with various US agencies and firms to effi Confidential ously manage and improve network enterprise performance.

SUMMARY:

• 20 years as an information technology professional with over twelve years of senior systems or senior network engineering experience.
• 16 years of experience designing, implementing and configuring the various government and commercial network and security infrastructures consisting of Cisco routers and switches, firewalls, and encryption technologies.
• Over 13 years installing, managing, and using network testing and monitoring tools. Tools include Splunk, HPOV, WhatsUP Gold, Forescout, Nagios, MRTG, SolarWinds, IXIA, RedSeal, Chariot, Cisco Works, and Health Check.
• Experience leading complex projects across multiple disciplines and working with an array of professionals. 8 years of this as a senior systems integration and communication engineer.
• Excellent communication and interpersonal skills. 6 plus years writing technical documents such as transition plans, configuration guides, change management plans, and system upgrade procedures.
• 6 years direct military experience and 13 years total supporting or working with military.
• Familiarity and experience with STIG, HIPAA, ITIL, and NIST 800.

PROFESSIONAL EXPERIENCE:

Sr. Network Security Engineer

Confidential, MD/Morgantown, WV

Responsibilities:

• Utilizing tools such as Cisco ISE, Splunk, and Forescout to analyze network topology, security policies, SNMP, logs, and security events across the network.
• Updating network segments and policies for NAC solutions.
• Participate in network review boards in architecting viable network solutions that follow best practices.
• Reviewing and updating switch configuration for ASR9Ks, 3850, 3750, and 6500 series switches.
• Updating change management controls in place to document network activities.
• Analyzing configuration to ensure viability and meeting best practices and having current STIG updates.
• Conducting network updates during authorized outages and documenting network changes on SharePoint.
• Updating network maps after using network tools and site surveys to depict actual logical and physical topology.
• Installing and racking network hardware and running related fiber and copper lines in the data center as part of a large scale network refresh.

Sr. Network Security Engineer

Confidential, Fairfax, VA

Responsibilities:

• Part of small team supporting Initiative 6 for Confidential which is cyber security.Converting, transferring, and updating Juniper SRX to Cisco ASA firewalls.
• Utilizing tools such as Red Seal, Splunk, WireShark, and Forescout to analyze network topology, security policies, SNMP, logs, and packet data across key security zones.
• Reviewing hit count data on ACLs to eliminate config lines not in use and to determine to what level an ACL needed to be expanded or tightened pertinent to the network range. Also eliminating redundant ACLs for better performance and easier troubleshooting.
• Analyzing configuration to ensure viability and meeting best practices or NIST guidelines.
• Working with customer to determine best times for authorized outage windows to upgrade infrastructure and implementing command line changes along with determining potential impacts across the network.

Sr. Network Security Engineer

Confidential, Fairfax, VA

Responsibilities:

• Performed tasks to monitor, update, configure, and install key infrastructure equipment such as routers, switches, and firewalls.
• Led a review of updating SolarWinds to have the proper level of license support for added interfaces and nodes. Unlimited license for NPM, CM, and IPAM used to manage and monitor close to 10,000 total nodes and interfaces throughout the infrastructure.
• Updated ACLs and general configurations for allowed and blocked traffic for ASA 5520 and ASA 5585 firewalls.
• Utilizing tools such as Red Seal, Splunk, WireShark, and Forescout to analyze network topology, security policies, SNMP, logs, and packet data across key security zones.
• Coordination of completion of the RMA process with Cisco TAC to replace or update any and all failed modules or equipment.
• Updating firmware code for all Cisco devices with old code such as the 6509, ASA 5585, 2845 routers, and various catalysts switches in the 2900 and 3700 series family.
• Power, cable and patch management in the data center.
• Review and update of existing technical documentation on Excel and Visio.

Sr. Network Engineer

Confidential, Washington, DC

Responsibilities:

• Performed a variety of tasks to monitor, update, configure, and install devices on a production network to support the network infrastructure for Disney, ESPN, and ABC News.
• Ensured networks met ITIL standards for operation, transition, and service.
• Managed incoming problems and change management through Service Center and ServiceNow.
• Network inventory management for all network related devices in production and in storage for ABC News and Disney at the DC location.
• Performed tasks daily to handle customer support staff needs to manage and support port and VLAN assignments.
• Primary network devices monitored and configured included Catalyst switches (3750, 3750G, and 2900 series switches). Work included trunking, port security, ACLs, SNMP traps, VLAN management, and troubleshooting. Other primary devices managed and installed include 2900, 3800, and 3900 series routers and 4500R series switches.

Network Security Engineer

Confidential, Fairfax, VA

Responsibilities:

• Worked on short term contract as Corp to Corp to support a small local business assessing their network infrastructure and providing guidance on the most effective and secure means to monitor their network and configure their network infrastructure equipment.
• Updated firmware code on Cisco routers, switches, and firewall appliances. This was to ensure corrective measures on security holes and improve efficiency within the network.
• Gave an updated matrix of network inventory for all network related devices in production and in storage and d necessary steps to stay current while having sufficient backups in case of equipment failure.
• Minimized potential downtime and devices being over used by utilizing load balancing and failover technology.
• Created AS - IS and To-Be network infrastructure assessments to provide direction on creating a current, more secure, more efficient, and cost-effective solutions based on white papers, best practices, and personal experience.

Network Engineer

Confidential, Fort Belvoir, VA

Responsibilities:

• Performed a variety of tasks to monitor, update, configure, and install devices on a production network to support the network infrastructure for a DoD client till contract end date of July 31, 2014.
• Network Inventory Discovery Assessment with tools like Forescout and network usage analysis with MRTG and Solar Winds.
• Primary network devices monitored and configured include Nexus 2000, 5000, and 7000 series switches. Work included trunking, port security, ACLs, SNMP traps, VLAN management, and troubleshooting. Other primary devices managed and installed include ISR 2900 and 3900 routers and 4500 series switches.
• Basic configuration of Cisco ASA 5500 series firewall devices and use of Cisco ASDM to manage and configure them via GUI.
• Performed tasks daily to handle customer support staff needs to manage and support port and VLAN assignments along with updating port security settings.
• POC and lead engineer for implementing a plan to introduce Cisco 9971 VoIP phones. System was configured and updated with Cisco Unified Communications Enterprise License Manager. Phones were put on development VLANs from the switch side and administrated from a web GUI on a secure connection.
• Use of Cisco ACS daily for Cisco access management. Frequently utilized ForeScout with CounterACT for network access control.
• Became familiar with DoD STIG requirements and implemented updates across the network on all manner of devices according to DISA stipulations.
• Used Wireshark to capture and inspect packet data across the network and SolarWinds for basic network management and obtaining performance and availability data.

Confidential, Atlanta, GA

Sr. Systems Engineer

Responsibilities:

• Systems integration and network engineer with duties that primarily consisted of analyzing existing enterprise and producing formal recommendations for improving existing hardware, software, and general design to improve performance and maintain proper security throughout the client’s infrastructure.
• Coordinated and reviewed business models and methodologies to enhance workplace efficiency and proficiency. Coordinating major move events and assisting in the removal and destruction of antiquated equipment and systems in accordance with DOD and NGA regulations. Knowledge used requires knowledge of the complexities of NGA’s diverse enterprise along with current and future demands to meet formal, long term requirements and short term needs in an ever-changing environment
• Provided design and implementation strategies for systems and circuits for satellite communications implemented and used by NGA for geospatial intelligence and GPS Data.
• Required knowledge of engineering principles pertinent to satellite communications and understanding strengths and limitations of satellite for providing data.
• In late, led team of 6 for major review of ASP/ISP infrastructure and resource across many organizations and groups that promulgated events that led to network infrastructure changes that exist today.
• Evaluated current practices against ITIL models for information security (ISO/IEC 27001) and service transition.
• Managed networks with Cisco routers (7600, 4400, 3900, 3800, and 2900 series) andbCisco switches (7000, 6500, 6000, 5000, 4900, and 4500 series).
• Provided strategies on panel team to increase redundancy and failover of existing critical systems.
• Member of UAS (User Access Services) that performed system integration functions assessing infrastructure, coordinating activities and TEMs (technical exchange meetings), and coordinating milestone activities.
• Assisted in the development and integration of operational sustainment and support technologies and staff. Operated as liaison to the network operation center staff and trainer for Tier 2 and 3 personnel with troubleshooting network performance and operations. Utilized network device and monitoring tools like HealthCheck, CiscoWorks LMS 3.2 and 4.0, HPOV, and NetScout. Access to interfaces connected via SSH2 and/or telnet to make necessary modification in or off production.
• Key member of small team that led the consolidation effort for the entire ECI (Enterprise Controlled Interface). Hundreds of entities and multifarious systems were reviewed in place with coordination activities to properly transition consolidation of security domains across all three domains. This included the production of detailed diagrams (As-Is and To-Be), transition documents, coordination with security and the entities themselves, vetting checklists, presenting at formal board reviews, and tracking time lines while maintaining existing system requirements and performance.
• Key component of Decommission and Disposal effort essential for the secure and documented removal of over 200 systems that involved many thousands of pieces of hardware, software, and other related items. This required maintaining accountability, tracking resources, meeting deadlines, and presenting to the Engineering Review Board for compliance and final review.

Network Infrastructure Engineer

Confidential, Reston, VA

Responsibilities:

• Functioned as a senior communications analyst. Main function was to make recommendations based on analysis of traffic flow, traffic type, capacity needs, existing hardware, peak times, and transaction logs. Additional duties were to update firmware and IOS code as necessary to facilitate any needed changes in the network.
• Performed updates and changes to type 1 encryption devices. This included TACLANE and FASTLANE devices.
• Followed ITIL listed practices for continuity and change management in the infrastructure.
• Monitored and tested satellite communication links at communications center. Also performed measures to optimize network to include QoS.
• Functioned as team lead for a team of 5 and generated reports based on team’s input illustrating network operability and performance metrics.
• Written work defining requirements and performing analysis to develop LAN/WAN architectures and interfaces. Also generated engineering documentation, project plans/schedules, and engineering design documents.

Sr. Network Engineer

Confidential, Washington DC

Responsibilities:

• Primary duty consists of maintaining continuity between tier2 and tier3 teams as a technical liaison while supporting the normal operations of both tier groups on TCP/IP, ATM, Gigabit Ethernet, and LAN/WAN networking resolutions.
• Researched and development to improve network performance and higher-level troubleshooting is performed for the tier 3 group. personnel and assisting in specialized areas with the tier 2 network group is done while passing on technical updates from tier 3 to the second group.
• Responsibility was to proactively pass on updates pertinent to network related issues to both teams and address any changes for the middle tier group passed on from the upper level support unit.
• Network maintenance and troubleshooting is done on a Cisco based network that features TACLANE and FASTLANE crypto units. Cisco products were primarily in the 6500, 4500, 4000, 7200, 2900, 2600, and 1700 series families. Peregrine is the trouble ticket system for network problems/updates with HPOV and WhatsUpGold as the primary network monitoring platforms.
• Conducted development and test projects typically involving technologies such as multicasting, QOS, and encryption software and hardware.
• Demonstrated effective use of mixed environment of Cat OS and IOS command line, EIGRP and OSPF routing, and ATM and Ethernet technologies.

Senior Network Engineer

Confidential, Herndon VA

Responsibilities:

• Involved in reviewing and correcting engineering orders for engineers that remote sites will use to implement solutions to enhance or upgrade network capabilities. This typically includes procedures to facilitate increases in WAN bandwidth and network throughput.
• Performed requirements analysis, architecture assessments, readiness and transitions evaluations, schedule and risk assessments for multifarious projects that included SIPRNETJWICS, GIG BE modifications. Reviewed and verified satellite communication network strategies and implementations.
• Analyzed network request and created or modified solutions utilizing various routers and switches (Cisco 3550 EMI/SMI switches, 2600 series routers, 2900 series switches, and
• Marconi ASX 1000, 1200, and ESR 5000 switches), cryptologic devices (KG-250, KIV-19and KG-75), and an array of network hardware (media converters, hubs, etc.). Knowledge of
• WAN links (OC-3, DS3, T-1, fractional T-1, etc), the interfaces, and the media types associated with those technologies has also been demonstrated in performing everyday tasks.
• Provided guidance for junior and middle level engineers on the process of generating engineering orders and assisting in site survey reviews.
• Monitored service center updates and provided network recommendations based on the needs of the customer was performed.
• Part of a small deployment team that configures and troubleshoots all aspect of layer two and three processes for imagery circuits across the US (30% travel) following pre-stage testing and development at a primary test site. This usually consists of routing with OSPF and RIP. Access lists (standard and extended) also configured and applied to applicable interfaces to provide a measure of security and prevent network traffic from flowing to unauthorized sites or mission partners.
• Network equipment monitored and managed included the Cisco 3550 (EMI/SMI), 4000, 4507, 6509, 8540 MSR switches, and the 7206 router. Marconi equipment included the ASX 1000, 1200, and the BXR 5000 (some sites). All installations featured a KG-75 or KG-175. Troubleshooting usually consist of monitoring the OSPF and routing tables, ping and extended ping commands, ACL activity, trace routes, debugging, and use of the IXIA to check frame, packet, and cell activity.

Principal Network Engineer

Confidential, Washington, DC

Responsibilities:

• Member of a small team involved in large-scale project to address scalability and performance issues for entire Confidential network nationwide, entailing the management for millions of dollars’ worth of large Cisco switches and highperformance routers. Provided analyses, system performance assessment, and design planning and implementation.
• Supported project at Confidential headquarters to design, configure, and install network composed of all manner of Cisco equipment including new products like the CE7305 and CE565 content engines.
• Researched and lab tested new IOS code to support desired security features like AES, and SHA. Large switch migration testing for Hybrid and Native mode also performed.
• SME for content design, configuration, and implementation of Cisco Content Engine.
• Monitoring and updating field office and core network Cisco 6509, 2924, 2620, 1760, 45077204, 7305, CE565, and 515E devices. Network engineering/integration support for communications and network systems for remote field offices and the network core. Also update aspects of the core design with effective use of ether channels and UDLD protocol.
• Properly allocated and addressed IP design issues to allow for proper size, scalability, and continuity of design. Network core design modifications for efficient L3 backbone and distributed network layout using Cisco best practices also accomplished. Gigabit Ethernet migration from 10/ /1000 performed, and ATM LAN/WAN technology utilizing variations of single and multimode fiber with SC and MTRJ connections.
• Monitored Confidential SBU networks with Envision, CMS, and CiscoWorks 2000. Updated ACS server for TACACS of new network devices.
• Test and troubleshooting of WAN and LAN connectivity between field office sites and headquarters. Also responsible for coordination of implementation and troubleshooting with Sprint and customer concerning all private line circuits. This includes scheduling necessary network outages (with approval), monitoring trouble ticket status and relaying the pertinent information to all the concerned parties, and providing Sprint the changes and additions for WAN interfaces, addressing, and all applicable routing.
• Updating security associations and keys for peering between PIX 515E and 7204VXR devices using dynamic or static crypto maps. Used TFTP for remote updating of network devices with older code.
• Defined requirements and performed analysis to develop LAN/WAN interfaces, generate engineering documentation, project plans/schedules, weekly reports, and engineering design documents to support a transition into an operational environment. Updated technical documentation using Visio2000 as well as updating Sharepoint with technical information for web access.
• Interface with customers at remote sites in a technical and professional manner assisting with

Confidential, Dranesville, VA

Responsibilities:

• Network Engineer in a system manager position for contract to monitor, troubleshoot, and support large networks using HPOV, MRTG, and UNIX. Functioned primarily as Tier 2 Network Operations Support.
• Duties include monitoring and troubleshooting OC-3 and OC-12 feeds, router and switch interfaces, network hubs, bridges, NT and UNIX terminals, and all related transmission media.
• Monitored and remotely restarted IDS devices (RealSecure and NetRanger).
• Statistical data was also compiled using performance monitoring tools and relayed to more senior engineers and placed in various reports.
• Assisted in the management of existing and new Windows 2000 account activation/deactivation, and permissions.
• Installed and configured Cisco 2900 series, 3550EMI, 3550SMI, and 4507R switched networks. Configured and managed 1760 and 2620 routers. Gigabit Ethernet migration performed transitioning from fast ethernet using 4507 switches also performed.
• Assisted in installation of new PC’s, fiber optic and Cat 5 cabling, fiber optic transceivers, and hubs on work site.
• Evaluation and necessary resync of various cryptographic devices.
• Used Remedy trouble ticket system, LanLog, and Access for technical documentation also and functioned as primary technical interface to customer for providing technical status of the network and all pertinent sensors monitored.

Network Administrator

Confidential, Fairfax, VA

Responsibilities:

• Provided field engineer level support to federal customer's T-1 through OC-3 circuits.
• General configuration and setup of Cisco routers and Catalyst switches.
• General configuration and setup of 3030 and 3060 CSU/DSU's.
• CX 1500 and 1540 ATM device configuration and installation experience.
• Administrative support of NT based computer systems (workstation and server).
• General knowledge and use of Fireberd test equipment for 530, 449, and RS-232 interfaces.
• Use of Visio for creation of technical network diagrams.
• Used Microsoft Office applications to document trouble cases, field site contacts and reports. Inventory of incoming/outgoing equipment also performed.
• Used and operated Clarify for trouble tickets/calls.

Confidential

Cryptologic Technician

Responsibilities:

• 6 Years working with electronics, networks, software installations and configurations, TEMPEST, and cryptologic technology for government and civilian agencies on both small and large scale projects (DIA, Confidential Corp., Confidential, etc.).ed Joint Commendation medal for services rendered with DIA as a CTM.
• 3 years experience supervising mid-level communication systems installation projects that included troubleshooting data and analog circuits, repairing communication lines, front and back-end support for onboard configuration changes.
• Performed as lead technician for shipboard projects for 2 to 6 man teams. ed Navy Medal and Flag Letter of Commendation for outstanding performance of technical support duties on USS Juneau and CINPACFLEET for troubleshooting and repairing mission critical primary and secondary communication circuits during Middle East peacekeeping operations afloat in 1997.Conducted site surveys on a vast array of ships for security, cabling, power needscryptographic gear, computer systems, flooring, and satellite locations were documented.
• Read wiring diagrams for fabrication of maintenance breakout panels and performed continuity checks.
• Performed system installations and demonstrations of classified automated computer systems for personnel in the Confidential, CIA, DIA, and military.