SUMMARY:

• Over twenty - five (25) years of technical and analytical expertise in the IT industry, with emphasis on system/network administration.
• Background in supporting various IT infrastructures in the areas of Cisco network administration, UNIX system administration, software/hardware installation, software/hardware testing, documentation, and customer support.
• Directly responsible for assuring the integrity of large, multimillion-dollar TCP/IP systems and client/server based computer networks.
• Technically and functionally interact with customers and effectively maintain customer relationships.
• Decipher and logically resolve technical issues while tactfully managing customers in a fast-paced environment.
• Utilize judgment and decision making to analyze problems and develop logical solutions.
• Take initiative to learn/apply new software and hardware technology.
• Acknowledged for professionalism, enthusiasm, versatility and outstanding organizational and leadership skills.
• Excellent oral and written communication skills.

TECHNICAL SKILLS:

Platform/Operating System: Sun Solaris 10, 9, 8, 7; Red Hat Linux 6.2, 7.2, 9.0; Irix 6.5; HP/AIX 11.x; Windows 3.x, 95, 98, NT; IBM PC-LAN/DOS; VAX/VMS; and IBM/MVS.

Hardware/Storage: Sun Servers, Sun Workstations Sun Storage ArrayCisco Nexus, Cisco Routers, Cisco Switches, Cisco ASA Firewalls, Palo Alto Firewalls, Cisco Wireless, Aruba Wireless KG-175 TACLANE, T3 Storage Array, Plasmon Jukebox, HP, Brocade, Juniper, F5 Big IP, Cisco CUCM, Unity, UCCX.

Application Software: Veritas Volume Manager, and Sun Volume Manager, Veritas Cluster Server, HP Openview, CiscoWorks, NIS+, NFS, and FTP, DNS, Weblogic, Websphere.

Scripting Languages: Bsh, Csh, Ksh, Sed/Awk, Nawk, Python

Database Products: Sybase, Oracle, SQL and Microsoft Access, Visio.

PROFESSIONAL EXPERIENCE:

Senior Network Engineer

Confidential

Responsibilities:

• Responsible for the design, implementation and maintenance of the Confidential network which contain over 35,000 network devices.
• Upgraded CORE network from Cisco 6509’s to Nexus 9500’s.
• Upgraded Aggregation and access switch environment to Nexus 9300’s and Cisco 4500’s.
• Successfully configured and installed Cisco 3650 switches.
• Coordinated and lead the successful migration of Stern Business School onto the NYU Global network.
• Implemented vlan translation/mapping, a service provider data center technology, to successfully migrate the Stern Business School datacenter to NYU Global network.
• Migrated the Stern Business School wireless onto the NYU Global network wireless.
• Provided both high - level (HLD) and Low-level (LLD) designs which outlined the network flow and configuration of both the Stern current and migrated network
• Configured VRF’s, VDC’s, peer-links and keep-alive links on the Nexus 9000 series switch
• Configured DMVPN (Phase 2/3) to allow secure network traffic to the remote site.
• Responsible for the IOS upgrading of all Cisco equipment to include routers, switches, wireless controllers and ASA firewalls as part of the equipment refresh project.
• Configured security contexts on the Cisco 5500 ASA firewalls within an active/active failover configuration.
• Utilize Solarwinds network monitoring tool for proactive warning of any issues with network nodes.
• Provided direction to network administrators in the configuration and implementation of network migration project.
• Configure and support MPLS-VPN (CE/PE), VRF, and MPLS ICI peering
• Configure L3 protocols (IP, BGP, OSPF, EIGRP, IGRP, RIP, ISIS, HSRP), redistribution, summarization, Filtration (using distribute list, route map, prefix list, access list)
• Daily tasks include resolving change management request tickets.

Senior Network Engineer

Confidential

Responsibilities:

• Responsible for the design, implementation and maintenance of the Maryland Affordable Healthcare Act network.
• Documented design via Microsoft Visio which depicted network flow and overview.
• Installed and configured Cisco 5500 wireless controller and Cisco Aironet 3600 Access Points (AP) providing wireless network connectivity.
• Configured HSRP failover capability on Cisco ASR 1000 series router implementing high availability.
• Configured multi-homing on the Cisco ASR 1000 series routers to allow for uninterrupted internet connectivity in the event of an ISP failure.
• Configured Cisco 6500 Core Switches with HSRP failover capability resulting in minimal to no downtime in the event of equipment failure.
• Configured Site-to-Site VPN tunnels to allow network and wireless connectivity to the remote users.
• Responsible for the upgrading of all Cisco equipment to include routers, switches, wireless controllers and ASA firewalls.
• Assisted in the re-design of the current network infrastructure to the Nexus series switches for Core, Distribution and Access layer.
• Configured MP-BGP on Cisco Router enabling the routing of both IPv4/IPv6 traffic.
• Configured VLAN’s to easily administer and separating departmental network traffic.
• Configured DHCP to allow for address assignment for network equipment and associated devices.
• Configured Cisco 5500 ASA firewalls within an active/active failover configuration.
• Configured Palo Alto PA-5020 firewalls for Panos-HA Active/Active cluster.
• Configured clientless SSL VPN on the Cisco ASA 5500 firewall implementing rules, profiles and group policies.
• Upgraded CORE network from Cisco 6509’s to Nexus 7000’s, Cisco 4500’s to Nexus 5000/2000.

Lead Network Engineer

Confidential

Responsibilities:

• Responsible for the design, implementation and maintenance of an integrated legal research and business support company network.
• Configure Call manager and Cisco Unity enabling voip access to 1000+ users company wide.
• Configured voice gateway routers to allow VOIP communications.
• Configured Session Initiation Protocol (SIP) to allow for both voice and video.
• Configured QoS policies to ensure voice traffic was priority.
• Installed and configured Cisco 7940 and 7960 VOIP phones utilizing the Cisco Call Manager utility.
• Installed and configured Cisco 2500/5500/7500 wireless controller and Cisco Aironet 1040,1140,3600 Access Points (AP) providing wireless network connectivity.
• Configured and installed Aruba 3000/6000 wireless controller and Aruba 100/130 series Access Points.
• Configured Cisco routers with HSRP failover capability to accommodate redundancy limiting the amount of downtime within the datacenter.
• Implemented the Cisco Nexus switches within the infrastructure running parallel to replace the current enterprise environment.
• Configured Cisco 6500 Core Switches with HSRP failover capability resulting in minimal to no downtime in the event of equipment failure.
• Configured multi-link point-to-point (MLPPP) circuits to provide larger bandwidth for remote site customers.
• Configured newly acquired remote sites routers with BGP allowing connectivity for customers to the network.
• Configured VPN tunnels routing EIGRP routes to allow network and wireless connectivity to the CORE HUB.
• Upgraded the Cisco Wireless IOS on the Wireless Service Module (WiSM2) located on the Cisco 6509 CORE Switch.
• Configured and installed Nexus 7000/5000/2000 series switches as Core, Distribution and Access layer switches.
• Configured MPLS on Cisco Router enabling the routing of voice traffic from remote offices back to the central office.
• Configured VLAN’s to easily administer and separate network traffic for the various internal departments of the company.
• Configured DHCP to allow for address assignment for network equipment and associated devices.
• Created subnets to allow for both present and future network expansion and addressing for both IPv4 and IPv6 network devices.
• Installed and configured Cisco 5500 ASA firewalls within an active/active failover configuration resulting in minimal to no interruption in the event of failure.
• Configured clientless SSL VPN on the Cisco ASA 5500 firewall implementing rules to allow/deny specific access.
• Installed and configured RSA 250 appliance providing two-factor authentication along with the Cisco ASA 5500 firewall.
• Configured smart-tunneling on the Cisco ASA 5500 to allow clientless SSL VPN (WebVPN) based client’s access to TCP based applications.
• Configured routing protocols EIGRP, OSPF and BGP routing on Cisco 1800, 2600, 3800 & 7200 series routers.
• Configured route maps and ACL’s to allow for screening and re-distribution of network traffic.
• Configured Site-to-Site and Remote Access VPN’s allowing for encrypted highly secure remote connectivity for both voice and data traffic.
• Configured Network Access Translation (NAT) rules on the Cisco ASA 5500 appliance in routed mode for egress traffic.
• Configured etherchannels on Cisco 6500 series switch with LACP allowing the formulation of a single logical channel.
• Installed and configured Cisco Secure ACS (TACACS+) server for network device authentication by users.
• Installed SSL VPN licenses on the Cisco 5500 ASA redundant pair enabling numerous SSL VPN clients to access the network.
• Installed RSA soft/hard token licenses on the RSA 250 appliance enabling two-factor authentication for numerous users.
• Installed and configured virtual load balancers for both web and proxy servers in DR mode to address and eliminate ARP issues.
• Upgraded the software images of all Cisco network devices to include routers, switches and ASA firewalls.
• Prepared and maintained SOP’s and technical documentation and network diagrams.
• Adhered to weekly and monthly maintenance schedules to service network devices and associated equipment.

Lead Systems Engineer

Confidential

Responsibilities:

• Lead engineer responsible for the installation, configuration, administration and design of a CISCO/SUN/Windows TCP/IP based networked environment.
• Responsible for the design, implementation and testing of a satellite prototype network incorporating failover scenarios, redundancy, IPv4/IPv6 dual-stack and intrusion detection (IDS).
• Configured MPLS on Cisco 3600 series routers to simulate ISP provider within a test lab prototype network environment.
• Designed and tested IPv6 to IPv4 conversion via MPLS ISP cloud within a test lab environment prior to implementation.
• Configured MPLS on current routers configuration and inserted new routing configuration for implementation into the MPLS cloud routing scheme.
• Configured both GRE and IPSEC tunnels as a failover within the IPv6 to IPv4 conversion test lab environment.
• Configured Cisco routers with HSRP failover capability to accommodate redundancy limiting the amount of downtime within the datacenter.
• Configured Cisco Service Control Engine (SCE) to provide network deep packet inspection (DPI).
• Created system design and network architecture diagrams providing Layer 2 & Layer 3 view of the network.
• Configured IPv6 routing within BGP incorporating address-family to effectively route both IPv6 and IPv4 networks.
• Configured Fortinet Firewall parameters setting up BGP, Virtual Domains, Protocols and Policies effectively providing network security and intrusion detection.
• Configured Juniper SSG series firewall adding polices, intrusion detection, High Availability(HA) and VPN configurations.
• Configured ServerIronXL Firewall Load Balancer (FWLB) with failover.
• Configured F5 Big IP load balancer redundancy implementing active/passive mode for device failover, configuring controllers for both public and private ip addressing, employing SNAT for internal addressing security.
• Attended weekly meetings with government customer to provide project briefings.
• Implemented IPv6 addressing scheme throughout network test environment utilizing RA for dynamic address assignments.
• Configured routing protocols EIGRP, OSPF and BGP routing on Cisco 1800, 2600, 3800 & 7200 series routers.
• Configured and installed Cisco 6506 with Transport Lan Service (TLS), provided by Verizon, to upgrade the current frame-relay infrastructure.
• Configured and installed Cisco 3845 router for frame-relay routing with two PVC sub-interfaces for redundancy
• Implemented and managed QoS providing packet priority by defining traffic through class and policy maps.
• Configured Alcatel 6000 series and Extreme 450E switches as Core and Access layer switches within an enterprise configured network.
• Ensured Information Assurance Vulnerability Alerts (IAVA’s) were adhered to by implementing the essential patches for IAVA compliance.
• Hired as the Subject Matter Expert (SME) to engineer the successful transfer of over 300+ applications from the current SCIF to a newly constructed datacenter for the Dept of Homeland Security.
• Configured the Cisco ASA 5510 for VPN/firewall enhancing network security via authentication and acess-lists/rules.
• Configured Juniper Netscreen adding and administering policies for authentication and IDS prevention.
• Configured F5 Big IP for web server load balancing providing uninterrupted load balancing and failover capabilities.
• Configured and administer network routing protocols BGP, EIGRP, OSPF, TLS over a multicast traffic TCP/IP network.
• Configured and installed the Cisco WRT54G wireless-G broadband router to allow controlled wireless access to internal employees.
• Configured and installed Cisco phones on the network via Cisco PoE switches administered via Cisco Call Manager.
• Configured and installed Bluecoat packeteer wan optimization and web filtering tool to provide efficient bandwidth performance and prevent malware threats.
• Provided a detailed stenciled diagram of the current network displaying rack and associated equipment per rack.
• Configured and administered the TACACS server for both user and network node authentication.
• Utilize Solarwinds network monitoring tool for proactive warning of any issues with network nodes.

Senior Systems Engineer

Confidential

Responsibilities:

• Set up Router VPN tunnels to allow encrypted traffic to flow across the CENTRIXS systems utilizing SIPR tunnels being routed to remote via KG-175 Taclane.
• Set up BGP, EIGRP and OSPF routing on Cisco 2600, 3800 & 7200 series routers.
• Performed network traffic analysis i.e ip sniffer applications, Cisco NAPA application performance monitoring tool with alerts to detect application performance issues.
• Configured HSRP on Cisco routers setting the standby ip, preempt and priority to provide failover capability.
• Installed and configured Cisco 2950, 3550, 3560 and 3750 switches for data and voice VLAN on both SIPR (secure) and NIPR (non-secure).
• Set up etherchannels on Cisco 6509 Core Switch enabling multiple port traffic to flow through a single channel thereby reserving bandwidth.
• Successfully migrated a tactical network consisting of multiple trunked switches allowing a single point of failure to a redundant fiber ring consisting of two Cisco 6509 MCN’s, 6 Cisco 6509 ADN’s’ and numerous independent EUB’s comprising Cisco 3560 and 3750 switches.
• Set up OSPF routing protocol for both internal and external router to router connectivity establishing communication within the local site and between remote sites.
• Configured Hot Standby Routing Protocol (HSRP) to provide network redundancy and failover capability to Cisco gateway routers.
• Performed the IOS upgrade of over 600 switches which encompassed the NIPR and SIPR network.
• Installed and configured over 1000 Cisco 7940 and 7960 VOIP phones utilizing the Cisco Call Manager utility.
• Configured Quality of Service (QoS) on Cisco routers providing VOIP priority.
• Resolve tickets issued through the Remedy Change Management Request system used to fix system anomalies and perform upgrades