SUMMARY

• A Solid Confidential Certified (Routing, Switching and Security) Network Engineer with experience in installation, design, administration, configuration, and troubleshooting of LAN/WAN infrastructure and security using Confidential ASA, and Confidential routers.
• Function as Lead in 24/7 LAN/WAN enviroment, and proficient with MS Visio for documentation of Layer 2 and Layer 3 infrastructure.
• I have solid hands - on experience with Internet Web Security on ubuntu 12.4, 14.04, Solaris 8/9/10, Windows W2K2, W2K8, Windows 2012, Windows XP, VISTA and Windows 7 in enterprise and workgroup environments.
• Worked in several industries including Aerospace, Dot-Com, Banking, Civil and Insurance industries and Financial.

TECHNICAL SKILLS

Confidential Routers: (2900, 2811, 7200, 7100, 6400, 4500, ASR 10001)

Confidential Meraki Cloud Devices: MX64, MS P

CSU/DSU: Kentrox 656/658 DataSmart

Switches: Confidential (Catalyst 3550, 4500, 5500, 5000, 6500, 8500)

Switches: Confidential Nexus 2000, 9000

Dell: Force10 C300

Firewalls: Confidential ASA 5510, 5520, 5525-x Confidential PIX 515/520, CheckPoint Smart1 Appliances

Juniper: SRX 1400, 240, 210HE2

Palo Alto: 5060, 5050

LoadBalancing: F5 Networks 1600, 1800 (C102), version 11.5.2, (Round-Robin, Least Connection and Weighted) LTM/GTM

WAN Acceleration: Riverbed SteelHead CX

WAN Acceleration: Silverpeak VX-7000

Confidential IPS ASA: 5520, 5520-x

SSL/VPN: F5 Networks Firepass, Confidential ASA (SSL/IPSec)

Proxies: BlueCoat ProxySG 6.2, 6.3 6.5

Workstation Tools: Exceed, Citrix clients

Operating Systems: Ubuntu 12.04, 14.04, Solaris 8,9,10, Confidential IOS software 12.1/12.2/11.3/11.2/11.1 , Confidential NXOS 5.3, Linux 6.2, Windows XP/VISTA/7/8/10W2k, W2K8, W2k12, Apple OS X 10.6 (Snow Leopard), 10.7 (Lion), 10.8 (Mountain Lion). Apple OS X Server 10.6

Network Security/Monitoring Tools: Confidential Intrusion Detection System, Confidential Intrusion Prevention, Confidential Netflow SNMP Monitoring, Solarwinds, Confidential ACS 4.6, 5.6,6.5, RSA 7,8, Safenet/Gemalto Authentication Solutions, Stealthwatch 6.9.2, Confidential ISE 2.1

Application Software: Google Authenticator, MS Server 2003, 2007,2010,2012 MS, IIS 6,7,7.5, Outlook Web Access/IMAP/POP3/ LDAP, MS SQL Server 2000, 2005, 2007, 2012, Visio 2000, 2007, MS -Office 2007,2010, Citrix XenDesktop 6, Cixtrix XenApp 6.5

Protocols: , TCP/IP, NetBEUI, PPP, HTTP, HTTPS, Ethernet, DLC, Fast Ethernet, FTP,SSH,SMTP/POP3/IMAP/LDAP, SNMP, Telnet, WINS, RMON,DHCP, DNS, ICA, Frame relay, OSPF, iBGP, RIP2, EIGRP.

PROFESSIONAL EXPERIENCE

Network Engineer/Security Engineer

Responsibilities:

• Migration of Confidential ASA context(64), into the Palo Alto 7080 model, version 8.1.2 firewalls in Alhambra and Irvine Data Centers.
• Configuration and Support of 6 Virtual Palo Alto devices,(VM300, VM500), in the Microsoft Azure.
• Support of Global Protect and migration from Checkpoint VPN solution to Palo Alto Global Protect client solution.
• Cloud for the support of migration of SCE Customer Logon pages .
• Support of Confidential ISE 2.1 to support all offices, and Network Access Device profiles, and Client Profiles for secure posture of network access.
• Support of HP Tipping point for IPS monitoring and configuration.
• Partisipation in ITIL Change Managemt Advisory board for (Change requests) or request for change, including change proposals.
• Configuration on Nexus 7K MTU Jumbo frames on Skype for Business path to Microsoft Edge.
• Configuration and Management of Imperva Web Applcation Firewalls in On-prem and Azure Cloud environements.
• Configuration and support of BGP Peering with Azure Palo Alto and Microsoft Azure Gateway for vNet traffic to Internet and On-Prem services.
• Troubleshoot technical issues on LAN/WAN and remote branch locations, including application and security related issues.
• Responsible for providing Network diagrams using excel 2010, Visio 2007
• Daily meeting with Sr. Architech’s on schedules and designs for on-going projects.

Ares Management Network Engineer

Responsibilities:

• Modification of Juniper SRX and Palo Alto FW rules supporting external, hosting and data base tiers in production and development environments.
• Configuration of Confidential APIC fabric, for Bridge Domains, VPC(Virtual Port Channels), and VLAN’s for production.
• Perform upgrades to SRX Juniper Firewalls to latest operating systems.
• Perform upgrades to Palo Alto Firewalls to latest operating systems.
• Perform IOS upgrades to Routers and Switches in all data centers and remote offices.
• Configuration and support of BGP/EIGRP/OSPF/RIP routes to remote sites around the globe.
• Support of IPSec Tunnels on SRX Firewalls for secure communication with our remote offices in the US, and European countires for financial data exchange.
• Support documentation of existing infrastrure, in accordance with existing polices and procedures.
• Installation and Support of Confidential ISE 2.1 to support all offices, and Network Access Device profiles, and Client Profiles for secure posture of network access.
• Installation and Support of StealthWatch 6.9.2 for support of ISE and custom notifications of device status on LAN/WAN networks.
• Partisipation in ITIL Change Managemt Advisory board for (Change requests) or request for change, including change proposals.
• Representitive for the Network dept for Technical Adsisory Board, involved in testing and recommendation for changes in Network and security posture.
• Functional grasp of ITIL principles and processes
• Troubleshoot technical issues on LAN/WAN and remote branch locations, including application and security related issues.
• Establish Network Security baslines for Router and Switch deployments.
• Communicate with IT groups for support, deployment and pre and post deployment issues.
• Support of VLAN Assignments for user polulation, configuration of Trunking of Layer 2 switchs Confidential 4510, 2960 and Dell C300.
• Monitoring of ManageEngine platform to monitor Network devices through SNMP
• Monitoring of Up/Down Bandwidth for Internet performance, and Establishing IP SLA notification for bandwidth thresholds.
• Suport of SSL\VPN with Palo Alo GlobalProtec solutions usertokens for OTP access through AD Infrastructure and 802.1x s.
• Responsible for providing Network diagrams using excel 2010, Visio 2007

Prudential Financial Network Engineer

Confidential

Responsibilities:

• Modification of Confidential ASA FW rules supporting external, hosting and data base tiers in production and development environments.
• Configuration and support of DMVPN with BGP/EIGRP environment for remote branch and customer locations.
• Support of MPLSVPN connections with Confidential customers for financial data exchange.
• Support documentation of existing infrastrure, in accordance with existing polices and procedures.
• Partisipation in ITIL Change Managemt Advisory board for (Change requests) or request for change, including change proposals.
• Representitive for the Network dept for Technical Adsisory Board, involved in testing and recommendation for changes in Network and security posture.
• Functional grasp of ITIL principles and processes
• Troubleshoot technical issues on LAN/WAN and remote branch locations, including application and security related issues.
• Establish Network Security baslines for Router and Switch deployments.
• Communicate with IT groups for support, deployment and pre and post deployment issues.
• Suport of Point-to-Point VPN access between branch offices Irvine Ca, Orlando FL, and New Jersy Headquarters.
• Support of VLAN Assignments for user polulation, configuration of Trunking of Layer 2 switchs.
• Installation of Solarwinds platform to monitor Network devices through SNMP
• Monitoring of Up/Down Bandwidth for Internet performance.
• Suport of SSL\VPN with Safenet/Gemalto usertokens for OTP access through AD Infrastructure.
• Responsible for providing Network diagrams using excel 2010, Visio 2007
• Configuration of F5 Big-IP LTM for support of Confidential .com hosting of financial products. Configuration of iRules for load balancing and specific client rules.

Confidential

Lead Network Engineer

Responsibilities:

• Document user requirements for network depolyments, establish BOM and submit quotes to 3rd party vendors to complete asset aquistion for project completion.
• Support documentation of existing and infrastrure, in accordance with existing polices and procedures.
• Develop policies and procedures in regards to network assets for LAN and WAN deloyments.
• Build and test potential network scenarios for use in LAN/WAN and branch locations.
• Troubleshoot technical issues on LAN/WAN and remote branch locations, including application and security related issues.
• Establish Network Security baslines for Router and Switch deployments.
• Communicate with IT groups for support, deployment and pre and post deployment issues.
• Installation of CA PKI Infrastructure (CA Windows 2012 R2), and Network Policy Server (Windows 2012 R2), for Based Authentication over 802.1x with 802.11x technologies for Staff and Guest Wireless.
• Configured and designed the implementation of Bluecoat ProxySG 6.5.51 and Bluecoat Reporter 9.4 for internet user experience.
• Suport of Point-to-Point VPN access between partnerships in New York, UK, Denver, and KALL Partnerships.
• Installation and deployment of Confidential Meraki Cloud Devices ( MX64, MS P.
• Configuration of VLAN Assignments for user polulation, configuration of Trunking of Layer 2 switchs.
• Migration of Solarwinds platform from Win2k3 to Win2k12
• Application of ACL’s for VLAN to VLAN filtering.
• Monitoring of Up/Down Bandwidth for Internet performance.
• Administration of SNMP traps for monitoring Network assets for reporting to Solarwinds and Dell SecureWorks.
• Designed and implemented Confidential SSL\VPN with, ACS 5.6, and Google Authenticator for OTP access through AD Infrastructure.
• Security and Maintenance patching on Linus and Windows Environments
• Responsible for providing Network diagrams using excel 2010, Visio 2007

Confidential

Sr. Network Engineer / Administrator

Responsibilities:

• Configured and designed the LAN infrastructure containing Secure and Classifed Networking Segments.
• Worked Internal Open Area customers in the Redondo Beach Space Park Campus with 8000+ seats(multiple InterVLAN Routing).
• Support of Classified Network Switches for 3500+ seats. Confidential 2900, Confidential 2600 series router, Confidential 3500, Switches, VPN 3000 Concentrator, PIX firewalls.
• Involment with ITIL change advisory board, for local and remote sites.
• Conducted process audits and provided process owner support.
• Collaborated with staff members in ITIL framework implementations.
• Suport of VPN access between Redondo Beach and multiple remote locations.
• Administration of SNMP traps for monitoring Network related incidents.
• MultiCast routing for streaming of Company announcments to WAN and LAN Clients. Enable MultiCast Routing and Enabling PIM Dense and Sparce modes.
• Installed and configured IIS6/7 Web Servers, installation of SSL Certs, Support for .asp, and HTML source codes, logging and troubleshooting.
• Installation and configuration of Netscaler v8, 8.1 MPX for SSL\ICA \WTS backend connectivity and LoadBalancing.
• Designed High-Performance Computing infrastructure on Confidential 3550 Catalyst Switchs using EtherChannel configuration.
• Designed and implemented F5 Networks SSL/VPN solution for Thin-Client environment.
• Automation of systems notifications for identified production services.
• Load Testing of IIS Web Services in High Capacity, High Traffic environment
• Support of Load Runner and Silk Performer for Online Stores and Host Events
• Suppor tofBluecoat Caching devices for Live Events
• MS Terminal Server 2k for Administration in UUNet Hosting Environment
• Support of Unix Solaris 6 /7 Environments for eCommerce solutions
• Security and Maintenance patching on Linus and Windows Environments
• Patching for MS scheduled patches
• Support of Alteon Load Balance switch for external assets
• Support of Citrix XenApp and Xendesktop Infranstructure with EtherChannel Configuartions for Identified VLANS.
• Designed and implemented F5 Network Big-IP GLB solutions for High-performance Engineering Server Clusters.
• Designed Firewall RuleBase for Remote Access to same Thin Client environment.
• Created and managed InterVLAN routing for multiple Customer Buildings.
• Extensive experience in administration & installation of Windows W2k, W2K8 Domain Controllers, File/Print/Database Servers, Active Directory Design & Architecture.
• Responsible for providing Network diagrams using excel 2010, Visio 2007 and Word 2010.

Confidential

Network Administrator

Responsibilities:

• Support of online Operations Network and Web Servers, in high traffic and high availability environment.
• Configuration Confidential Edge Routers for support of Web Gaming and online e-Commerce Web Sites.
• Support of BGP for ISP connectivity and OSPF for IGP network traffic.
• Load Testing of IIS6/7 Web Services in High Capacity, High Traffic environment Support by EtherChannel Configurations
• Support of Load Runner and Silk Performer for Online Stores and Host Events
• Installation of Windows W2k, with IIS6/7 for High Traffic and Spike Events(Drew Carey Live, and Who Wants to be a Millionaire, and Oscars.
• Support of Bluecoat ProxySG Caching devices for Live Events
• MS Terminal Server 2k for Administration in UUNet Hosting Environment
• Support of Unix Solaris 7, 8 Environments for eCommerce solutions
• Security and Maintenance patching on Linus and Windows Environments
• Patching for MS scheduled patches
• Support of Alteon Load Balance switch for external assets