Summary

• Redesigned to Cisco best practices and led team in implementation of full MPLS encryption using DMVPN technology across 10 sites connected via both MPLS and ISP.
• Security Engineer experience implementing C&A and hardening network to comply with client’s security policy.
• Strong Experience in medium/large sized LAN/WAN design/configuration & implementation with primarily CISCO equipment, wireless network design/configuration & implementation, Windows 2003/2007 server administration with Active directory, MS Exchange server administration, VMware and data center tiered security routing and switching.
• Expertise in design, configuring, and troubleshooting of enterprise networks including routing, encryption, firewall, switching, and wireless e.g. EIGRP, OSPF, BGP, route redistribution, VRF lite, ipsec, nhrp, DMVPN, VLAN implementation, STP, VTP, 802.1x, L3 Switching, trunking and LACP, 802.11a/b/g/n.
• Professional Experience in designing wired and wireless networks, network cabling Ethernet & fiber. Design, installation and configuration of LAN, WAN and wireless networks with active components such as firewalls, IDS/IPS, routers, switches, NAC and TACACS.
• Professional Experience in managing and troubleshooting Cisco VoIP systems using both H.323 and MGCP.
• Superior troubleshooting and communication skills. An IT team player with business understanding, focused on the bottom line for the company.
• B.S. Geology, CCNP, CCNA, MCP certified along with 7+ years of professional experience. CISSP course work completed.
• Experience with C&A, Penetration & Vulnerability testing, as well as familiar with various compliance requirements (HIPPA, SOX, PCI)
• Experience as Network Engineer, and also System Administrator and IT Support. Supported clients including JP Morgan, Sony, Mutual of Omaha, Indymac Bank, Palmer Chiropractor, governmental agencies: US Navy and Army, SAIC, Stanley Associates, CGI Federal, and The SI Org, Inc.
• Previously held Security Clearance TS/SCI (currently inactive and not in scope)

Professional Experience

Confidential Senior Network Engineer
Night and evening shifts for 24/7 NOC operation requiring Sr level engineer coverage for after-hours shifts. Performed detailed root cause analysis of interface errors led to finding overloaded receive buffers for ASIC, recommended distributing load over multiple ASICS in switch by creating port channel and properly assigning ports controlled by distinct ASIC chips. Provide Data Center and WAN monitoring for all 1000 device network including 6500 switches, Nexus 7k and 5k as well as other access layer switches. Monitoring software including What's up Gold, Nagios, Cacti, SwitchMap, QIP, NeDI.. (Herndon, VA)

Strong team player making widely accepted recommendations regarding DMVPN, guest network with capture page, wireless solution and initial implementation of TACACS.NET server. Developed and tested reliable config to bundle multiple ports while also trunking multiple VLANS between inter-vendor links between ExtremeXOS and Cisco IOS devices. Researched and prepared briefings/documentation for upper management review and decision making to drive internal IT policy regarding complete redesign of both a guest net and wireless solution, focusing on ease of implementation, scalability and adherence to security requirements. Led research team to find suitable wireless solution for a client site, including product selection and wireless network design. Set up virtual lab for WAN using GNS3 as well as utilizing physical gear for proof of concept prior to design implementation for various projects. Thoroughly tested and redesigned DMVPN solution to encrypt sensitive company data over entire MPLS cloud as well as public internet, minimizing down time and encrypting guest network packets across the wan completely separate from internal network. Researched and influenced decision to implement Tan open source tacacs server, as well as installed tacacs server and implemented on necessary network devices. Streamlined and tweaked configuration settings on WUG monitoring solution to provide more meaningful alerting. (Chantilly, VA)

Network Administration: Set up and initial configuration for variety of Cisco routers 871, 881, 2801, 3500, Cisco Wireless Access Points 1121, 1231, and 1250 and Managed Switches Cisco 2950, 3560, Dell 3448,3548 and completely configured for optimal network security and performance. Managed Cisco firewalls to control traffic to and from networks and between internal VLANs, maintaining excellent security policies. Troubleshoot various types of Network Infrastructure, wireless deployment, Active Directory, large business copier, and desktop issues. Set up and configured and troubleshoot VPN tunnels of all types, hardware, software, PIX, ASA, Linksys, Netgear, and Zyxel. Configured Cisco ACE 4710 network load balancers to provide server redundancy and SSL termination for a website with 3 separate URL aliases. Managed key IT accounts generating over $30,000 in monthly revenue, providing excellent customer service. Consistently set up networks in fewer than bid hours, including configuration of WAN connection, installation, configuration, application of security patches for Windows Server 2003 and SBS, termination of cable run at patch panel and set up of all workstations, and backup configuration. Upgraded IOS and system files for various network devices, including but not limited to Routers, Switches, and Application Control Engines. Removed and replaced outdated network devices, minimizing network down time and impact to end user. Setup, configured, and tested PolyCom video conferencing equipment. Recovered from password loss on Cisco Routers, and WAPs. Maintained and configured new users for Cisco Call Manager, Unity and Presence system, troubleshooting when necessary to provide excellent service.
System Administration: Performed Exchange and Active directory migration from Windows SBS server to Windows server 2003. Managed complex projects including ISP migration with conditional BGP configuration, Exchange server migration, and Active Directory Primary Domain Controller from legacy Windows 2000 server to Windows server 2003. On both servers and individual PCs, installed, configured and maintained Trend Micro corporate anti spam and anti virus solution across multi site network. Facilitated network access for software and hardware vendors for clients and provided support and advice to client’s management team to minimize end user impact. Recovered PCs from spyware infection and other performance issues using system restore and other methods, backed up and restored client data to prepare for reinstallation of OS. Upgraded and reinstalled drivers to re enable various peripheral devices on end user workstations. Installed, configured and monitored networks using Wireshark and PRTG to track individual types of packets and analyze network traffic usage based on end users applications and network

Technical Skills

Networking: Firewall, routing and switching configuration, traffic management and troubleshooting.

Operating Systems: All flavors of Windows from NT to Win7, Windows Server OS from 2000 to 2008 (including SBS), experience with VMware, Linux, MacOS X

Software: Veritas (now Symantec) BackupExec 10 and 11, BackupExec Remote Agent, Acronis True Image, Microsoft Exchange and Outlook.

Hardware: Cisco, Extreme, Juniper, F5, Hewlett Packard, IBM-PC & Compatibles, Linksys.