CAREER SUMMARY:

• I have been exceptionally successful in the field of Information Technology with over 25 years of experience.
• Providing technical support, planning, implementation, and integration of various multi - vendor and multi-protocol networks in medium to large corporate environments.
• I have an extensive background working with various software applications, operating systems, and hardware platforms.
• I have a heavy background in systems security best practices, vulnerability and risk management.
• It would be a pleasure to work for an organization that allows me to in corporate my technical expertise working with Juniper, Checkpoint, F5, PulseSecure, Symantec, HP/Aurba, Fortigate, Cisco, Nortel/Bay and/or Microsoft products.
• I work well individually, unsupervised and excel highly within group environments promoting a team player environment.
• I have produced exceptional results as a technical leader.
• Being remarkable with Windows based hardware and software as well as several variants of UNIXces and associated hardware.
• I am especially effective at creating solutions, problem solving and trouble-shooting tasks, generously exceeding prescribed goals, on time and under budget.

TECHNICAL SKILLS:

Software, Network OSs, and Protocols: Checkpoint 4.1 through R80, Microsoft Windows Servers, Active Directory, MS Exchange 2k3/2k10, EMC Cellara Manager, MS SMS 2003, MS IIS Server, Various Linux flavors. SQL Server and Oracle support various OTS applications, Cisco IOS/IOS-XE/NX-OS,RIP, OSPF, EIGRP,BGP,TCP/IP and sub-protocols (DNS, DHCP, HTTP, SMTP, and WINS), Cisco WCS/NCS/Prime/DNA, SolarWinds Orion NPM,APM, NTM, IPSLA and NCM, Netscout/NetworkGeneral and Wireshark Sniffer, VMware.

Hardware Platform: Cisco Firbre Channel switching equipment MDS 9100, ASR and ISR series routers. Cisco ASA, Juniper SRX, Checkpoint NGX based firewalls (IPSO/GAiA), Palo Alto Firewalls with Panorama, HP-Aruba SD-WAN and switching solutions. Cisco 2960X, 3560, 3850X, 4500, 6500, 6800, ME3400, MDS 9100, Nexus 2K/3K/5K/7K/9K DC switches, Cisco WLC 4400/5508/VM with various models of APs, Meraki Wireless

WORK EXPERIENCE:

Confidential

Sr. MSP Network Engineer / Team Lead

Responsibilities:

• Cisco NXos and IOS configuration:
• BGP - Route policy management utilizing prefix-lists/BGP-communities/route-maps
• VRF - VRF configuration for logical infrastructure separation of customer’s environments
• Multicast, VxLAN, vPC configuration
• Cisco 9K spine-leaf architectures supporting multi-tenant environments
• FEX deployment and configuration
• ASR/ISR/Xr series router configuration
• Managed SD-wan solutions
• On-prem cloud deployment (VMware) vManage, vBond and vSmart controller
• Managing over 200 branch locations with Cisco ISR 1/4k (IOS-EX 16.x) and Viptela vEdge routers across 3 different MSP customers
• Multiple vEdge cloud router deployment within AWS
• Incident triage and problem management of network resources
• F5 - LTM administration and troubleshooting
• Deployment and administration of multiple virtual and physical firewall platforms
• Juniper / Fortigate / PaloAlto 6.x-8.x/ Cisco / Sonicwall / ScreenOS
• IDP/IPS management
• Policy and Route based (VTI) IPSEC configuration
• Cisco ASR / Cisco ASA / Fortigate
• Redhat Linux - tool for Cisco IOS image repository utilized router/switch IOS upgrades and jumpbox services
• Used for ssh connectivity (jumpbox) to for router/switch management and IOS upgrades
• SSH/SCP
• File management (mv, cp, chown, mkdir, etc)
• Nano - script editing
• Platform for Python scripting development for automation
• SFTP server configuration
• Wireless network support
• Meraki, Aruba and Cisco
• Client SSLVPN - PulseSecure and AnyConnect
• IPAM - Solarwinds & ManageEngine OpUtils
• Cisco LiveAction - QOS/Netflow VoIP management, monitoring and reporting.

Network Protocols and tools used:

• Protocols
• BGP
• OSPF
• Multicast
• VxLANs
• Netflow
• VRF/HSRP/QOS configuration
• MPLS and VPLS
• IPSEC VPN site-to-site connectivity
• SSL client-based VPNs (PulseSecure v6 - v7 MSSP, v8 SE / Anyconnect)
• Tools:
• Cisco Prime
• ServiceNOW
• NetMRi
• VMwareNSX
• Gigamon
• Python scripting
• Linux (Redhat/Ubuntu)
• JunosSpace
• Forti-Manager & Forti-Analyzer
• Solarwinds’ Orion
• Efficient iP - DDI
• Visio
• WireShark
• Kibana
• VMw LogInsight

Confidential

Sr. Network Engineer

Responsibilities:

• Upgrade of ACS platform to ISE for TACACS+ (AAA)
• Wireless LAN refresh and branch deployment utilizing Cisco 5508 WLCs and various Cisco model APs (3800i/e multi-gigabit)
• Support of lab environment for multiple project POCs
• Refresh project for 3900 ISR to 100x ASR equipment for Datacenter, internal branches and 3rd party MPLS connectivity. 20+ sites HA with diverse carriers
• F5 - LTM and GTM administration and troubleshooting
• Deployment of WAN connectivity for branches and vendors (3rd parties)
• MPLS
• IPSEC
• VPLS
• Datacenter 3rd party cross-connects
• Network monitoring, capacity and configuration management utilizing Cisco Prime and Solarwinds Platform (NCM, NPM, IPSLA, NTA modules)
• Qualys PCI Compliance configuration management
• BlueCoat v6 Secure Gateway and PAC file administration
• Assessment of existing QOS policies for all branches
• Datacenter NX-OS and Branch IOS/IOS-XE annual upgrade block-point.
• Incident management and triage of network connectivity
• Redhat Linux - tool for Cisco IOS image repository utilized router/switch IOS upgrades and jumpbox services
• File management (mv, cp, chown, mkdir, etc)
• SFTP server configuration
• SSH/SCP
• Linux containers
• Vendor Management
• Solarwinds
• Cisco
• Gigamon
• Network Protocols and tools used within environment

• Protocols
• BGP
• OSPF
• EIGRP supporting DMVPN connectivity
• VxLAN configuration
• Netflow
• QOS/VRF/HSRP configuration
• MPLS and VPLS
• IPSEC site-to-site connectivity using Cisco ASA5585/5525
• IPSLA
• Tools:
• Cisco Prime
• ServiceNOW
• Splunk
• Visio
• Python scripting
• Linux (Redhat)
• Cisco vManage
• NetMRi
• Gigamon
• Solarwinds’ Orion
• VMware NSX
• Cisco WLC/Prime
• Netscout

Confidential

Sr. Network Engineer

Responsibilities:

• Three datacenter core upgrades from Cisco Catalyst platforms to NX-OS
• Two Datacenter ACI implementation
• Router EOL refresh project - 10 vpls sites iWAN/DMPVN deployment for Bank ATM network connectivity
• High availability iSCSI switch fabric implementation
• Distribution/Access layer switch upgrade and refresh (10/100 to 1G/10G)
• Cisco ASA w/ Firepower implementations and multiple image upgrades
• Large scale switch deployment supporting video surveillance for school district
• Major Customer Projects:
• Multiple datacenter (Core/Distribution) network switch design
• Cisco NEXUS 3Ks, 5000, 7000, 9500s, 9300s/93128 and 2k series fabric extenders vPC, FEX, FCOE, OTV, VDC and FabricPath
• Cisco ACI fabric deployment using 9k switches and APICs
• 4500-X with VSS deployment
• Network access layer design and refresh
• Cisco Catalyst 2960X, 3850, 3650s
• Cisco router configurations for MPLS, VPLS and DMVPN topologies
• Cisco 2900/3900 ISRs
• Network security policy management utilizing Cisco ASAs, SonicWALL, PaloAlto and FortiGate firewall platforms with P2P IPSEC VPNs

Confidential

Network Engineer

Responsibilities:

• High availability WAN configuration for remote offices
• Operational Support
• Fortigate 400d and 200d firewall administration.
• SteelHead CX and SteelHead mobile WAN accelerators
• Cisco Catalyst switch management
• CUCM 8.0 call manager administration

Confidential

Sr. Network Engineer

Responsibilities:

• Global wireless deployment utilizing Cisco and Ruckus wireless LAN controllers and access points
• Deployment of Solarwinds NMS (NPM, IPSLA, NCM and NTM) for centralized network monitoring, router/switch configurations management and Netflow metrics for EMEA, NAM and APAC regions
• VOIP and DATA WAN capacity planning and review
• Large DMVPN deployment for client with over 200 locations
• Operational Support
• Primary senior network support for APAC and NAM regions
• F5 LTM/GTM 12.x and KEMP load balancers in HA pair
• Checkpoint FW policy management and engineering (R75/R77 IPSO and GAiA) and Cisco ASA 55xx firewalls in an global environment of more than 100+ site to site IPSEC VPNs to various clients and vendors for service desk and asset management delivery services
• IDS/IPS policy management with Checkpoint FW IPS blade
• Cisco router configuration (900/3800/3900 series) for Internet connectivity and MPLS environment utilizing BGP, OSPF and EIGRP routing protocols
• Ubuntu and Suse Linux
• Cisco DMVPN (GRE) configuration utilizing Cisco 2900 and 3900 series routers.
• Cisco Nexus (7k/5k/2k) and IOS L2/L3 switch configuration in a mult-Vlan environment
• Cisco switch configurations 49xx/3850/3750x with QOS tagging for traffic shaping.
• PaloAlto FW PA-3020(HA), PA-2020 appliances with Panorama management stations and autonomous VM-200 firewall instances for S2S VPNs within a VMware environment.
• Fortigate FW 100/300 appliances with S2S VPN configurations
• Cisco ASA 5520 and 5505 configurations for S2S VPN connectivity, security policy enforcement and client based VPN connectivity
• MS NPS (Radius) policy configuration for AAA
• RSA server administration for 2 factor authentications
• Logical network documentation and pre-design utilizing MS Visio
• CA Service desk and ServiceNOW tools for Service Request, Incident, and Problem management tracking and metrics.
• Netflow monitoring for data/voice circuits within a MPLS environment for capacity planning and reporting.

Confidential

Network Systems Architect

Responsibilities:

• Cisco ACE/CSS migration to F5 LTM loadbalancers
• Datacenter Core/Distribution layer refresh (Catalyst 6500 to Nexus 7000)
• VCE VBLOCK refresh
• DNS migration
• Level 3 LAN/WAN support for network infrastructure
• Operational Support and Architecture
• Cisco’s Data Center Product Line: Nexus Products (N7K, N5K, N2k, N1kv)
• Provisioning and implementation of Cisco ACE 4710 and F5 BigIP LTM 10.x /11.x load balancing services in a large global infrastructure. Providing access to (GEN3/GEN4) ONSTAR backend applications/services.
• Experience configuring Cisco hardware 37XX, 450X, 650X, MCS7800 Servers, IP phones, Voice Gateways and associated modules such as VWIC, DSP farm, FXO, and FXS
• Cisco UCM and Exchange integration
• Provisioning and troubleshooting of WAN technologies such as T1/T3 circuits, frame relay, MPLS, HDLC, PPP and ISDN PRI/BRI.
• Experience with various VoIP technologies and protocols including: QoS Traffic-shaping, H323 and SIP. Troubleshooting and configuration of TCP/IP, EIGRP, OSPF, BGP, 802.1Q, NAT/PAT/ DHCP.
• VOIP Cisco Unified Communications Manager (UCM) / Call Manager 7.x/8.x, UNITY Connection 8.x, and E911 telecommunication systems as well as related network hardware and software, including design, installation, configuration, support, optimization and administration of associated corporate telecommunications systems and applications.
• Detailed understanding of telecommunication practices as applicable to both traditional and VOIP configurations

Confidential

Sr. Network Engineer

Responsibilities:

• Converted 50+ sites from ATM to MPLS network for WAN communications using various Cisco series routers and switches using OSPF (for Opti-WAN/MAN circuits) and BGP (AVPN circuits) for route table convergence.
• Access switch upgrade - Upgraded over 50 sites from Nortel/Bay switches to Cisco 3560s
• Enterprise Wireless - Design and implementation of an enterprise wireless solution using Cisco 1140 APs and 4402/5508 Cisco Wireless controllers. Cisco WCS/NCS management and monitoring.
• Installation and management of Solarwinds Orion NMS utilizing Solarwinds' NPM, NCM and APM modules for systems and network monitoring. These tools Detailed network documentation utilizing MS Visio representing various aspects heterogeneous network environment.
• Operational Support
• Network Support
• Responsible for the implementation, maintenance, planning and capacity management of all production networks.
• Assist in the planning of all aspects of Network and Telephony related projects.
• Assess utilization trends and make appropriate design and implementation recommendations to scale the architecture
• Firewall management of Juniper and Checkpoint firewalls. Security management of security policies for multiple firewall entry points and VPN tunnels between locations
• CoyotePoint, Cisco ACE and F5 Load balancing appliances
• Nortel switch and router management of 86xx, 55x0, ARNs,
• Cisco switch configuration and troubleshooting of VLANs, Port-channels and 8021.q trunks using Cisco 29xx, 35xx/37xx access series, Cisco 4506s and 6509s core and Nexus 5k datacenter switches
• Cisco IOS configuration and troubleshooting for various series routers for multipoint T1 connectivity
• Radius/MS NPS policy management 802.1x port authentication
• Cisco access-list creation to implement network based access control
• Mult-routing protocol management and troubleshooting using OSPF, RIP and BGP in a MPLS/AVPN/Point2Point WAN
• HSRP configuration for high availability
• Network troubleshooting using Wireshark and Netscout Sniffer for packet analysis
• VMware Virtualization
• Windows 2003/2008r2, Linux and Appliance VMs, performing various administrative tasks including (but not limited to) P2V, Snapshot management, DRS resource group management, drive volume management
• HP 460 G5-6 and 7000 Chassis blade servers environment
• VLAN configuration for Vswitch and HP Virtual Connect for blade servers physical host
• Cisco MDS 9124/9148 Multilayer Fabric switch configuration (Aliases, Zoning, VSAN, etc.) for connectivity between EMC CX4i SAN and VMware ESXi hosts

Confidential

Sr. Network Engineer

Responsibilities:

• Firewall upgrade/migration from R54 NG SPLAT to R65 NGX UTM-570
• Court Room Video Conferencing
• Operational Support
• Firewall Administrator
• Internet connectivity for users at all 3CC locations (Penobscot, CAYMC, FMHJ, LHJ and Mediation)
• Remote connectivity via VPN allowing users to work remotely from any location via the Internet. This also includes the provisioning of access and removal of access per management.
• VPN user management using Local and Active Directory authentication
• Maintains backups of all firewall Regular review of 3CC’s DMZ network in regards security
• Implements/enforces court written policy via the Checkpoint Firewall’s rule base. Explicitly allowing or deny certain types of network communications via the Internet and extranet entities (Various State, County and local law enforcement)
• Secured and protected access to external resources (i.e. / Odyssey / Email) resources via the public Internet
• Network Infrastructure
• Implements, operates, troubleshoots and maintains the various routers, switches and servers (MS Windows and Linux/Unix platforms) that provide network services supporting all of 3CC’s applications.
• Provides level 3 type technical support to desktop team regarding all connectivity issues with PCs, printer and application servers
• Resolves network connectivity issues for all 3CC’s locations
• Documents network environment
• Monitors the entire 3CC network infrastructure uptime and performance using industry standard monitoring tools.
• Upgrades infrastructure as directed to support new applications
• Equipment and Applications
• Checkpoint Firewall NG/NGX (R54 R60 R65), SPLAT and UTM-1 570
• CISCO 5505 ADSM v5.2 Firewall/VPN
• Cisco VPN Concentrator 3005
• PFsense 1.22
• Linux
• Management and maintenance of multiple Fedora/Redhat Linux servers providing DHCP, DNS and OPENNMS (Network Monitoring)