SUMMARY:

Results oriented Networking and budding security professional with extensive experience in the administration and support of information systems, with extensive experience in designing, implementing and troubleshooting network infrastructures, wireless and security.

TECHNICAL SKILLS:

Hardware: Cisco IOS/Catalyst based switch (3500, 3700, 3800, 4000, 5500, 6500, 6800 series), Cisco Router (2600, 3600, 3900, 4500, 4700, 7200, 7500, and 8500 series), Cisco Access Server (5200/5300), Cisco integrated Access Device (IAD2400), Cisco MGX 8800 Cisco VPN Concentrator, Cisco Wireless Aironet 350 series, Cisco 500 series Content engine, Cisco Single/Dual Ethernet Switch Probe, Cisco ASA 5500 Firewall, Citrix Netscaler Application Switch, Alcatel, Brocade.

Software: Clarify, Solarwinds, Cisco Configuration professional, Visio Professional, Citrix Metaframe, CiscoWorks, Cisco ACS, Cisco VPN Client, Cisco TFTP Server, Microsoft Office suite, Infoblox, Cisco Prime, Cisco ASDM, Serv One, Python, F5, Checkpoint, Nimsoft, service now.

Tools: Kali linux, Metasploit, Parros, Burpsuite, Nmap, Nessus, Openvas, wireshark, ncat, google hacking, bash & python.

Methodology: Information gathering (passive & active), service and port enumeration, vulnerability scanning, fuzzing leading to buffer overflows .

Operating Systems: Cisco IOS, Windows 2003/XP/ Vista/ 7&8, Windows 2000 Professional, Windows Server 2003 & 2008, RHEL 6, Centos 6.

PROFESSIONAL EXPERIENCE:

Confidential,Duarte, CA

Senior Infrastructure Engineer

• Support and troubleshooting multiple vBlock infrastructures for Epic Project spanning multiple datacenters
• Administration and troubleshooting of Nexus 3k, 5k, 7k, 9k switches
• Administration of Cisco UCS compute, network, and storage components within vBlock infrastructure
• Administration and troubleshooting of VMware Hosts, clusters, and server VM’s in VMware
• Monitoring of network using vRealize tool and LogInsight
• Managing of Citi of Hope environment infrastructure devices
• Collaboration with multiple teams to ensure Epic requirements are met
• Patch deployment of mission critical servers
• Created SNMP naming convention
• Enhanced monitoring of over 450 infrastructure devices with Solarwinds
• Updated network documentation for entire CoH environment
• Automated automatic patching of epic related devices
• Configured and upgraded mission critical switches
• Configured & Upgraded Cisco ASA 5585 Security appliance vblock security hardening hardening of ESXi hosts configuring remote suslof configuring NTP time synchronization configuring persistent logging configuring minimum privileges for the VM ware vCenter server database enabling VMware ESXi firewall vmware vSwitch and VDS networking isolation of network traffic setting policies disabling Managed Oject Browser
• VMware vCenter server enabling SSL for network file copy ensuring that vpxuser passwors changes meet policy
• Management virtual machine hardening set parameters to harden the management of vms configuration lockdown
• Cisco Nexus 1000v hardening management plane hardening control plane hardening data plane hardening
• Cisco UCS security comunicaiton management logging timezone management user management authentication services

Confidential, CA

Senior Infrastructure Engineer

• Troubleshooting of Fortigate 800C and other Fortinet 800D Firewalls
• Configured site to site VPN tunnels policies on FW
• Created FW rules which provided access to users /appliances with specific services and ports
• Disabled FW rules which were no longer in use
• Analyze logs and events from the solution and provide threat analysis reports
• Installation, configuration, and troubleshooting of Enterasys Core and Distribution Switches
• Managed network configuration though Cisco Prime
• Created and managed change requests
• Created email filtering profiles
• Blocked mail from users
• Enable email filtering at the network edge for all types of email traffic.
• Monitoring and optimization though Solar Winds
• Designed and updated of all network closets in all CVHP facilities through VISIO
• Monthly inventory assessment, tracking and recording
• Prepped and Provisioned Aruba Access points to be installed
• Wireless AP configuration, burn - in and setup
• Troubleshooting of Network wireless issues
• Interacted with the Aruba Networks TAC to troubleshoot and diagnose cases
• Troubleshooting of network connectivity issues
• Managed tickets though the use of HelpStar ticketing system
• Configured and deployed both Aruba local controllers A and local controller B to support numerous internal and guest SSID
• Configured virtual routing router protocol (VRRP) for redundancy and fail-over.
• Configured, installed and troubleshot Aruba Wireless LAN Controller 3000 series, 6000 series, 7000 series
• Configured, installed and deployed Aruba wireless access points 225, 224
• Decommissioned access point 65,105, 135
• Performed security risk and vulnerability assessment
• Performed patch management to ensure all patches are up to date
• Segmented all backups of data off the network

Confidential,CA

Senior Network Engineer

• Designed and integrated medium and large networks throughout Los Angeles School district.
• Integrated multiple networks on a weekly basis
• Cisco Wireless implementation prior to back bone infrastructure upgrade
• Installed network devices such as access and core switches
• Verified network connectivity for users throughout entire site
• Trouble shoot site post implementation in the event issues arose
• Network verification and quality assurance with client
• Configured Alcatel Core and access layer switches
• Configured SNMP traps on all the installed devices
• Performed SNMP sweep post install to verify all the devices are on the network
• Configured and troubleshooting of routing protocols such as OSFP
• Configured Cisco 2900 & 3900 series routers to communicate with Alcatel core
• Used FortiClient endpoint IPS scanning for protection against threats that get into the network.
• Configured anti spam protection

Confidential

Managed Services Security Engineer

• Monitored multiple customers networks through the use of Solar Winds and Nimsoft
• Issued and decommissioned IP addresses for multiple devices
• Stored key device configurations
• Investigated root cause of issues which exceeded device thresholds
• Checkpoint & Cisco ASA
• Blacklisted multiple IP ranges which were involved in over 22,000 attacks on primary customer network in two week period
• Created FW rules which provided access to users /appliances with specific services and ports
• Disabled FW rules which were no longer in use
• Pushed FW rules during specific maintenance window
• Fortinet
• Used NTP to synchronize time on the FortiGate and the core network systems, such as email servers, web servers, and logging services.
• Configured specific security profiles for the rule that will use antispam
• Enable log rules to match corporate policy.
• Performed security risk and vulnerability assessment
• Built secure site to site VPN tunnels
• Reset tunnels when users had issues
• Ripped down tunnels when it was no longer needed
• Investigated network intrusions and violations
• Through the location of user through the use of their IP address
• Blacklisted users IP address range
• Created report of incident through cisco prime and alerted necessary authority
• Supported helpdesk through the troubleshooting of network connectivity issues for multiple vendors
• Investigated L1 - L3 issues in various environments
• Access point connectivity issues
• Various sites, which were reporting hard down status in U.S, UK, Africa and Asia
• Updated key documentations and created step by step documents to improve team knowledge base
• Opened & followed up with incident reports with issues which were beyond our network infrastructure
• Communicated with users and ISP to resolve any pertinent issues in a timely manner
• Reviewed and upgraded software information on devices within various datacenters
• Configured and troubleshoot of routing protocols such as EIGRP, OSPF and HSRP
• Configured, installed and troubleshot Wireless LAN Controller Cisco 5500, 4400
• Configured, installed and deploy Lightweight access point such as AIR-LAP113AG-A-K9
• Configured switch ports to either trunk or access for wireless access point
• Monitored and troubleshot access point through Wireless LAN Controller Cisco 5500, Wireless Controlled system (WCS)

Confidential, NY

Network Security Engineer

• Data Center Co location
• Performed all necessary backup of existing configurations
• Disconnected and removed Cisco hardware and Dell servers
• Inventoried all proprietary devices at multiple data centers throughout the NY tri state-area
• Installed and Configured servers and other equipment such as Catalyst 6500 and 3750 switch
• Completed post-implementation test procedures validating successful installations
• Completed system configuration and related inventory documentation
• Configured Access Control Lists to only allow certain users use of DOE authorized sites and applications
• Performed security risk assessment
• ASA security appliance
• Installed and configured ASA 5510 and 5505 to site specification
• Troubleshooting of VPN tunnel issues
• Capacity planned and designed the installations of local area networks (LANs) and (WANs).
• Installed and configure network equipment such as Cisco routers and switches to meet client specifications.
• Developed the testing environment for equipment testing.
• Troubleshoot layer 2 and 3 switches and routers to find root cause of possible network issues.

Confidential, NY, NY

Network Engineer

• Interacted with business owners, doctors, and managers of small and medium medial offices
• Worked on-site with the client
• Surveyed various client sites to assess general hardware requirements for their practice
• Designed and implemented technical solutions for a wide range of small and medium sized medical practices
• Designed and installed and configured remote site LAN to join NYUMC’s WAN
• Configured Switches and routers with intervlan routing,
• Created access control lists (ACL)
• Troubleshooting of network connectivity issues post site implementation
• Configured Cisco Wireless Access Points
• Network monitoring for 2 week period prior to handing over to network operations
• Conducted risk assessments and collaborated with clients to provide recommendations regarding critical infrastructure and network security operations enhancements.

Confidential

Network Engineer

• Design technical solutions to meet client requirements.
• Worked on-site with the client
• Planned and designed the installations of local area networks (LANs).
• Created Bill of Materials (BOM) and quotes
• Installed and configure network equipment such as Cisco routers and switches to meet client specifications.
• Developed the testing environment for equipment testing.
• Configured routing protocols such as EIGRP
• Configured VLANs, DHCP and DNS server

Confidential, MD

Helpdesk/ Network Support

• Used Cisco works and Solarwinds to monitor the network
• Served as the Principle Network Technician and worked in a team of 5 engineers
• Coordinated between team and upper management through documentation and communication of issues, solutions, and timelines for projects.
• Configure Cisco devices & Resolved and escalated trouble tickets and conducted scheduled changes within the environment.