SUMMARY

 Seasoned hands - on Network Engineer/Architect with 24 years of experience in telecommunications and information technology services. Strong background in supporting, implementing, and designing secure mid-size and large-scale enterprise infrastructures, data center transformations/relocations, etc. Passionate about moving enterprises forward with today’s technology, and adding value to new and existing networks. Possess the skills and experience to provide highly secure and available networks for even the most adaptive enterprises.  

PROFESSIONAL EXPERIENCE

• Focused around understanding existing business requirements and creating detailed design and implementation strategies to meet these business challenges
• Provide high level consulting support for large enterprise clients/customer organizations requiring troubleshooting, performance tuning, network optimization, traffic engineering, policy control across multiple vendor platforms and technologies
• Provide detailed network assessments to include best practice design solutions, security concerns, high availability design, and application performance metrics base-lining
• Responsible for the end to end design, migration, implementation, maintenance, and support of end customer unified voice network environments
• Integrate highly resilient routing and switching solutions to ensure mission critical success
• Engineer and migrate network security systems on Juniper (Netscreen, EX,) /F5 BigIP GTM-LTM/Bluecoat/Checkpoint R75/Cisco IOS,IOS-XR/NX-OS/ASA 5500X/FWSM/IDS/IPS platforms
• Expand and migrate EIGRP/OSPF/BGP MPLS VRF, DMVPN, LAN/WAN/MAN datacenter connectivity from initial proof of concept design to implementation and support phases for high availability and secure environments
• Provide network application load balancing with 9.x 10.x 11.x F5 LTM/GTM/ASM configurations within virtual servers, nodes, pools, iRules, BigPipe, and health monitors via CLI/TMOS
• Migrate network application load balancing from Cisco ACE and Citrix Netscaler to F5 LTM/GTM 8900/VIPRION hardware for designs and configurations
• Create and provide detailed enterprise documentation for policy control and procedural operations of network connectivity required for business auditing, reference, and control
• Utilize ArcSight SIEM for event correlation
• Responsible for the overall wireless network design and deployment within enterprise organizations that include Cisco Wireless Controllers, LWAPP AP, Guest Access, and NAC
• Provide Level 4 escalation support for network/firewall break/fix problems and issues
• Responsible for the end to end design, migration, implementation, maintenance, and support of end customer unified VoIP and Video network environments
• Design and model L2/L3 LAN/WAN QoS Policies for classification, marking, policing, congestion control and trusts delay sensitive applications and services
• Responsible for the end to end design, migration, implementation, maintenance, and support of end customer unified voice network environments
• Responsible for daily management and engineering within Cisco Unified Call Manager 4x thru 8.x, Cisco Unity Connection, Cisco Unified Contact Center Enterprise
• Drive Unified Voice transformations for global/international enterprise organizations
• Responsible for the overall datacenter network design, deployment, migration and support within enterprise organizations that include Cisco Nexus 7K, 5K, 2K, VDC/VPCs, 2K Fabric Extenders, OTV, Cisco ASR1K platforms
• Develop backend AAA methods with the use of RADIUS, TACACS, ACS, and Cisco ISE/PRIME
• Plan and integrate firewall and other security solutions into existing network infrastructures in order to mitigate network based attacks.
• Provide network troubleshooting assistance regarding VPCs, routing, STP, fabric connectivity, and layer 4 - 7 content services
• Respond to events and provided proactive monitoring for CPU/MEM/DISK issues
• Support and manage Cisco ASA 55xx Firewalls
• Utilized Riverbed SteelHead and Cisco WaaS for WAN optimization/acceleration
• Perform detailed security assessments and remediation plans for PCI and SOX compliance
• Provide Network Consulting services to clients such as Confidential, Confidential, Confidential, ATT, Accenture Federal, CSC, etc.

Confidential

Senior Network Engineer/Architect

Responsibilities:

• Perform Data Center transformations and relocations
• Perform Data Center discovery and documentation
• Handle circuit procurement, test, and turn up
• Engineered Infoblox and IPAM implementation
• Perform compliance testing and fail-over testing
• Provide network support for Voice relocation projects
• Environments include F5 LTM appliances to be migrated

Confidential

Network Engineer

Responsibilities:

• Performed datacenter network discovery and engineering tasks for several data center transformation projects
• Vendors included Cisco, Checkpoint, F5 and Citrix
• Authored Engineering Work Orders, cable audit requests, and rack space requests
• Engaged with customer stakeholders to gather project requirements

Confidential

Wireless Design Architect

Responsibilities:

• Implemented and managed Cisco wi-fi at customer sites utilizing Cisco 2500 and 5500 Wireless LAN Controllers
• Managed cabling vendors and local technicians
• Performed wireless site surveys and created heat maps

Confidential

Responsibilities:

• Capacity and bandwidth management at FBI HQ and data centers utilizing Riverbed and OpNet platformsHelped the customer “right-size” their WAN links
• Led QoS project matching application to queues
• Implemented multi-VRF solution to eliminate redundant circuits resulting in large telco cost savings

Confidential

Senior Network Engineer

Responsibilities:

• Configured data/voice/IPTV networks based on requirements utilizing Cisco and Juniper platforms
• CSC/ Confidential Office of Special Investigations

Confidential 

Security Architect

Responsibilities:

• Designed and built configurations needed for VPN connectivity (IPSec, GETVPN, DMVPN, SSL)
• Lead in strategic planning sessions for developing highly available network design solutions at data centers
• Utilized EIGRP, OSPF, BGP MPLS VRF, L2/L3 VPNs, VRF, Firewall Context Zones, Global/Local load balancing, and various other network protocols/services
• Provided level 3/4 escalation network troubleshooting support for mission critical outages with SLA response to management, directors, and C-Level Execs
• Worked in a fast paced setting with prompt resourcefulness and quick response times to meet business challenges and demanding project timelines/deliverables
• Worked with management to respond to network, security, and load balancing incidents and conducted configuration changes based upon business requirements
• Delivered executive level summary resolution and coordinated firewall change management
• Developed and documented network security policies and procedures to define and restrict user and vendor connectivity requirements for large commercial enterprise deployments
• Provided MPLS network configurations and implementation of datacenter and WAN connectivity for business center, vendors, and client relations
• Determined root cause analysis of network and firewall connectivity issues and problems
• Managed all Check Point firewalls, which consisted of NG and NGX, running on Nokia
• Managed with Provider-1 and Smart Dashboard
• Managed Juniper firewalls
• Implemented rule changes, performed upgrades, and performed connectivity troubleshooting throughout the multiple campuses and with vendors.
• Managed Cisco 6500s and 7200s in the core and in multiple DMZs

Confidential

Network Manager

Responsibilities:

• Responsibilities included managing a staff of four engineers
• Architected and deployed a corporate campus network.
• Procurement and delivery of circuits, Avaya IP Office phone system, Cisco routers and switches (2821, 3750), Check Point firewall (NGX), file servers, and workstations.
• Designed and deployed a Windows 2003 domain, file and print services, a disaster recovery solution, et al.

Confidential

Senior Infrastructure Architect

Responsibilities:

• Lead engineer and data network architect of a multi-national company with offices in the US, Canada, and Asia.
• Responsibilities included architecting data center build out, including mainframe connectivity (IP and bridged).
• Changes to the infrastructure, turning up and monitoring WAN circuits (MPLS, Frame Relay, Leased lines).
• Monitoring the health of the local LANs, implementing new equipment, and upgrading IOS.
• Hardware platforms include Cisco 6509s with IOS/CatOS at the core, Cisco 36xx and 37xx as WAN routers, and Cisco 3750 switch stacks, as well as various other Cisco switches at the access layer.
• Administration of Check Point NG firewalls, Websense content filtering, and remote access solutions.
• Deployed and leveraged Solar Winds Orion as a network management platform

Senior Infrastructure/Security Engineer

Responsibilities:

• Confidential. Network Operations and Security Center (NOSC) Cisco/Microsoft network
• Modeled fault tolerant, redundant, and secure networks for maximum uptime and data integrity with the use of VLANs, intrusion prevention services, and virtual firewalls
• Implemented Cisco core and distribution layer campus design to meet the challenges of a new highly secure Windows 2003 Active Directory forest wide schema deployment
• Responsible for designing scalable network traffic points to ensure critical bandwidth availability and provided firewall high availability load balancing configuration support
• Maintained server farm connectivity and supported SSL, firewall, and server load balancing
• Delivered technical documentation information for the Confidential network policy
• Utilized CiscoWorks 2000, Confidential OpenView Network Node Manager, and NetIQ to manage Cisco infrastructure consisting of 7200 and 7500 series routers and 6000, 5500, 4500, and 3500 series switches.

Engineering Team Lead

Responsibilities:

• Provided network-engineering expertise at confidential's site in Suitland, MD in a leadership role.
• Responsibilities included management of all ground systems workstation connectivity
• Team member scheduling and assignment, task reporting, etc.
• Member of Active Directory Working Group
• Collaborated with Government personnel and other contractors to determine long and short-term computing needs.
• Provided Cisco router and multilayer switch remote monitoring, alarm troubleshooting, and diagnosis of network traces for traffic congestion problems
• Troubleshooting PIX, VPN connections, and NAT translations
• Implemented policy changes and new ACLs according to documented change control procedures and policies

TECHNICAL SKILLSET

Operating Systems: Windows 9x, Windows NT4, Windows 2000 Suite, Windows XP, Windows Server 2003, Server 2008, VMWare ESX 2.x 3.x, Virtual Center 1.x 2.x, Cisco CATOS/IOS 12.4, Linux, Juniper JUNOS/SCREENOS/NSM, Nokia Check Point NGX VPN-1

Network Hardware: Cisco Catalyst Switches 1900/2900XL/29xxG/3550/3750(EMI,SMI)/4x00/5x00/6x00/8500/MSFC (CAT, Native and Hybrid IOS)/SUP32/SUP720-2T(VSS)/FWSM/IDSM/CSM/WLSM/ACE

Nexus 2K/3K/5K/7K: Cisco Series Routers 700/800/1000/1600/1750/2 x00/3x00/AS5x00/7x00/ASR1K/ASR9K

Cisco Unity and Call Manager Voice Platforms: Wireless LAN Solution Engine/ Wireless LAN Controllers/ WCS/ Aironet (LWAPP/CAPWAPP)

Cisco VPN Concentrator 3000 Series: Cisco Intrusion Detection/Prevention 4200 Series Sensors

Cisco Content Services Switch 11150: Cisco ACE 4710/GSS

Cisco 500 Series Content Engines (ACNS Software): Cisco NAC Appliance (Cisco Clean Access)

Cisco Security Agent (CSA): Cisco Security Monitoring, Analysis, and Response System (MARS)

Wide Area Application Services (WAAS): Confidential /Compaq and Dell Workstations / (iSCSI) Servers

Juniper M series, T series, J series routers and EX 3200/4200 Switches: Juniper Netscreen/SSG Firewall/ISG2000/ IPSEC VPN platforms

F5 Big-IP LTM Load balancers: Messaging and Collaboration Servers

Microsoft Exchange Server 2000/2003/2007 Enterprise Edition: Microsoft Live Communications Server 2003/2005 Enterprise Edition

Firewalls and Caching: Microsoft Internet Security and Acceleration Server (ISA) 2000/2004, Bluecoat Systems Proxy SG, Cisco PIX PDM, IOS FW, Adaptive Security Appliance 5500 (ASA/ASDM), Netscreen/SSG/ISG/SRX, Check Point NGX VPN-1

BackOffice Servers/Software: MS SQL2000, IIS5/6, Active Directory, MS Office, MS Visio, Remedy, Clarify, Vantive, Cisco AVVID, CS MARS, Cisco Clean Access, CSA

Virtualization: VMWare ESX 2.x 3.x, VI Center Update Manager, VI Client, VI Web Access, LPAR Configuration, Microsoft Hyper-V, MS Virtual Server 2005

Network Protocols: TCP/IP, IPv6, IPX/SPX, OSPF, OSPFv3, IGRP, EIGRP, RIPv1v2, RIPng, MPBGP, iBGP, eBGP, IS-IS, TDM, SMDS, VoIP, Confidential /SNA, PPP, HDLC, SDLC, IGMP, PIM, HSRP, VRRP, QoS, WCCP, SIP, Wireless 802.11(i), RTP, H.323, MGCP, MPLS VPNs

Network Topologies: LAN/WAN/MAN, (Gig) Ethernet, Token Ring, FDDI, SONET, (B) ISDN, xDSL, SS7, (SF/ESF) DS1/DS3, E1/E3, OC3/OC12, HSSI, DDR, CEF, FEC, MPLS VRF, DMVPN, GET VPN, Frame Relay, ATM (LANE/PNNI), CESoIP, Wireless Mesh, VSS

Network Tools: Ethereal, NetMon, Syslog, E-Health, Sniffer, Confidential Open View, CiscoWorks 2003, Cisco ACS Secure, Confidential NetView, Netsh, Wireshark, Cisco Debugging, Netflow, Solar Winds, NetQOS, Nessus, IOS IP SLA, Packetyzer, Confidential Opsware/ITG, ITILv3 framework

Network Security: PKI, IKE, IPSec, IP/MPLS VPNs, PPTP, L2TP, SSL/TLS, EFS, DMZ Hosting, Firewall/IDS, Kerberos, RADIUS, AAA, TACACS+, 3DES, SHA/MD5, ACLs, NAT/PAT, VLANs, DDoS, PAP/(MS)CHAP/(P)EAP, Proxies, 802.1x, RSA, AES, NAC Clean Access, Cisco MARS

SECURITY CLEARANCE: Department of Defense: Inactive Top Secret