SUMMARY:

IT professional with over 10 + years of experience in engineering, analyze, implementation, design, installation, configuration, documentation, support and troubleshooting of various network technologies for professional to global enterprise environments which includes proficiency in routing, routing protocols, switching, wireless, security, firewalls, voice and data center technologies.

TECHNICAL SKILLS DETAIL:

Routing/Switching Products: Cisco Routers (7600, 7200, 3900, 2900, 1900, 800), Cisco Catalyst Switch (6500, 5000, 4900, 4500, 3100, 3500, 3000, 2950x), Cisco ASR 9k, Cisco GSR 12k, Cisco Nexus 2k, 5k 7 7k Series, Meraki, Juniper Routers & Switches, Palo Alto Routers & Switches, HP Routers & Switches, Alcatel/Lucent Routers, Alcatel/Lucent Multilayer Switches. R/S Protocols & Standards - WAN, LAN, TCP/IP, Spanning Tree, BPDU, CDP, IMP,NAT, PAT, RIP, RIPv2,OSPF, OSPFv6, EIGRP, BGP, MPLS, VTP, SNMP, SMTP, ARP, TCP, UDP, Static Routing, Stub Routing, VLAN, VLAN Trunking, VXLANs, multicast routing, HSRP, SVI, CEF, Etherchannel, Portfast. VSS, vPC.

Security/Firewalls Technologies: Cisco Security Manager Suite, Cisco ASA 5500x series firewalls, Cisco FWSM, Cisco IPS/IDS, Cisco ACS, Cisco Prime, Palo Alto Firewalls, Fortinet, checkpoint, Advanced Firewall Manager (AFM), BlueCoat /policy, Sonic Wall Router/Firewall combos, Cisco ASA 1000V cloud firewall, Juniper vSRX & SRX series, Cisco AnyConnect VPN management, Riverbed WAN Optimization device management, Cisco IPS/IDS, Meraki cloud based, Rackspace private cloud or public network cloud, VXLANs - Protocols & Standards - AAA, TACACS+, RADIUS, SSH, VPN, IPsec, SSL/IPSec, Data Loss Prevention, IPSec, Data Management Zone, Pretty Good Protection (PGP), Public Key Infrastructure (PKI), Internet Key Exchange Policy, Port Security, MAC Address Filtering.

Monitoring/Enterprise Technologies: Zenoss, Finisar, Wireshark, Remedy, OpNet, Cacti, Nagios, VMware, Solarwinds, Riverbed, Cisco Works, LogicMonitor, Cisco Security Manager Suite, Server, Sniffer, Ethereal, Solarwinds, SNMPv2c, SNMPv3, RMON, Syslog, tcpdump, DNS, DHCP, FTP, Telnet, HTTP(S), SMTP, tunneling protocols, point-to-point, SFTP, VMware VSphere, VCenter Server Appliance, VMware ESXi Hypervisor, F5 Big-IP load balancing (GTM/LTM/ASM), 10G/40G Ethernet, FCoE, SAN, Port-channels, vPC Port-Profiles, Routing Profiles and Service Profiles, SFP+, NAS, RDX, DB.

Voice/Wireless Technologies: Cisco WLC(5520, 2500), Aironet, Aerohive (Hive Manger, AP330), Ruckus (Zone Director), Meraki MR42, Aruba, CUCM, UCCM, UCCX, Avaya, AURA Comm Mgr, Avaya Definity, Avaya IP Office, Shoretel

Protocols & Standards: VoIP, VoIP/SIP, MGCP, RTP, SCCP, SRTP, QoS, PoE, ACL, CUC, IEEE 802.1.xx, WLAN, WAP, AP, SSID, LWAPP, CSMA/CA

Other Tools/Platforms: AD (Active Directory), LAN Manager, IIS Checkpoint Firewall Norton Firewall and Ghost, Mcafee IPS, Norton Virus Protection Utilities, WINTEL (Windows 95 /NT/2003 /3.x), iPhone, Blackberry.

PROFESSIONAL EXPERIENCE DETAIL:

Confidential

Sr. Network Engineer

Responsibilities:

• Responsible for various consulting services to include architecture technical support, implementing, configuration, administration and troubleshooting on various network infrastructures and enterprise applications such as Cisco router, switches, wireless, F5 load balancers and VoIP systems
• Lead on projects that included but not limited to client/vendor’s relationships, administration, engineering and project management including any aspect of a home or business networks.
• Additional responsibilities included desktop support to ensure proper functionality by engaging with the customer’s teams or one-on-one in these activities to ensure proper implementation.
• Specific projects include design, implement and support of network environments and training on use of various applications.
• Support film entertainment, video distribution and broadcast business.
• Support and install surveillance system.(Axis,Hikvision,Sony,Dahua)

Confidential

Network Engineer

Responsibilities:

• Member of a team of professional responsible for designing, implementation, installation, configuration, maintenance and troubleshooting various LAN/WAN infrastructures where they respond to and troubleshoot malfunctions of network hardware /software applications, telephones and security systems to resolve operational issues and restore services.
• Responsible for various consulting services to include designing, installing, configuring, and administering complex IT infrastructure; Windows Server Local and Cloud installations, configurations, and administration of VMware ESX for Cloud servers, Cisco Firewalls, VPN Concentrators and Security appliances; resolving escalated Trouble Tickets performing as-needed configuration and installation for F5 reverse-proxy load-balancers.
• Technical responsibilities are maintaining multi-site network Local Area (LAN) and (WAN) technologies operations and software applications, operating systems and regular maintenance with both private and public facilities.
• Specific technologies include but not limited to Solar Winds, Network Performance Monitor, Net Flow Traffic Analyzer, VPN, working in the data center and the Cloud environment, wireless (802.1x) implementation and troubleshooting, and support for Ruckus, Cisco Meraki MR34, Cisco WLC (5520)and Aerohive wireless.
• Professional responsibilities included administration, RSA SecurID implementation and implementing IT security best practices PCI Compliance, following corporate policies and procedures and scheduling as needed reports to management

Confidential

Network Analyst

Responsibilities:

• Member to a team of professionals responsible for the day-to-day maintenance of the IT infrastructure to include onsite administration, support, configuration, installation and troubleshoot activities for healthcare applications.
• Technologies handled by the team include but not limited to local area network (LAN) technologies, wide area network (WAN) technologies, server and enterprise applications and desktop technologies.
• Professional responsibilities included administration, following corporate policies and procedures, documentation, and scheduling as needed reports to management.

Confidential

Field Engineer

Responsibilities:

• Primary activities included contributing to critical solutions, consulting, resolving hardware problems daily, providing scripts, repair and troubleshooting for business and personal needs.
• Resolved escalated Trouble Tickets performing as-needed configuration, installation, testing, provisioning, implementation, and troubleshooting of on-site computer services which includes Store Associates and Assets Protection.
• Specific activities include being committed to helping and providing solutions to clients.

Confidential

Network Analyst

Responsibilities:

• Primary activities included contributing to critical solutions, consulting, resolving hardware problems daily, providing scripts, repair and troubleshooting for business and personal needs.
• Specific responsibilities include working with the staff to manage their contact center, including training, administration, Service Level Agreements (SLAs) and responsible for sourcing, screening and placing associates in existing help desks and contact centers.

Confidential

Sr. System Administrator

Responsibilities:

• Member to a team of professionals responsible for administration, design, setup, installation and maintenance for various technologies within LAN/WAN network infrastructure.
• Technologies handled by the team include but not limited to classrooms, local area network (LAN) technologies, wide area network (WAN) technologies, server, enterprise applications and desktop technologies.
• Responsibilities included documentation, migration, maintenance, training, managing accounts, following corporate policies and procedures, and scheduling as needed reports to management.

Confidential

Citrix Administrator

Responsibilities:

• Team member of professionals responsible for the day-to-day maintenance of the IT infrastructure to include onsite and remote users and applications, Citrix administration, support, installation, configuration and troubleshoot activities.
• Technologies handled by the team include but not limited to local area network (LAN) technologies, wide area network (WAN) technologies, server and enterprise applications and desktop technologies.
• And Citrix based technology
• Professional responsibilities included daily backups, system monitoring, administration, publishing Apps and following corporate policies and procedures.

Confidential

Senior System Administrator

Responsibilities:

• Member to a team of professionals responsible for the support, design, implementation, maintenance, administration, installation, configuration, monitoring tools and troubleshooting activities.
• Technologies handled by the team include but not limited to VoIP phones, SAN, ESX servers for workstations and SAN’s, servers, firewalls, switches at the data center and virtual environments, routers, VPN, network security, and companywide systems for various LAN/WAN technologies, server and enterprise applications and desktop technologies.
• Responsibilities included daily backups, disaster/operational recovery, system monitoring, administration and following corporate policies and procedures.

Confidential

Senior System Engineer

Responsibilities:

• Professional lead responsible for the support, design, integration, planning, product evaluation, production, maintenance, migration, administration, installation, configuration, client/vendor relations and troubleshooting activities.
• Technologies handled by the team include but not limited to switches, routers, network security, and companywide systems for various LAN/WAN technologies in and out of warehouse, server AS400 and enterprise applications and desktop technologies.
• Professional responsibilities included daily backups, supporting traffic, administration and support for getting the driver out on-line with routing info.

Confidential

Senior System Engineer

Responsibilities:

• Professional lead responsible for the support, design, integration, planning, product evaluation, production, maintenance, migration, administration, installation, configuration, client/vendor relations and troubleshooting activities.
• Technologies handled by the team include but not limited to switches, routers, EMC SAN solution FC4700 and NAS solution Network Appliance F820, local and remote servers, network security, and companywide systems for various LAN/WAN technologies, server and enterprise applications and desktop technologies.
• Professional responsibilities included daily backups, supporting traffic, administration and following corporate policies and procedures and updating management.
• Configure trunk ports and implement granular control of VLANs and VXLANs using NX-OS to ensure virtual and flexible subnets that can extend further across the network infrastructure than previous generation of switches.
• Configure port-profiles as part of the NX-OS command structure that allows for configuration of multiple ports and port-types via inherited configurations applied via a single command that reduces administrative error and allows for better configuration readability.
• Integrate a virtual version of Nexus: Nexus1000v into VMWare to extend Nexus capabilities directly adjacent to virtual machines so that they benefit from Cisco switching capabilities and network topology consistency ensuring VMs maintain their subnet/VLAN relationships during failover.
• Configure secure privileged administrative access to the Cisco IOS system. Enable the encryption of system passwords to prevent unauthorized users access to passwords in the system configuration.
• Configure secure access to the console and vty ports, and set the interval that the EXEC command interpreter waits until user input is detected on the Console and vty ports. Also, configure the console and vty ports log messaging to not interfere with active device configuration.
• Configured and administrated VLAN Trucking Protocol to reduce administrative overhead. Enable secure sharing of VLAN information to prevent the introduction of rogue devices from affecting the VLAN database. Shutdown unused switches ports following Layer 2 security best practices.
• Administrated Local VLANs based on department function, and configure ports with static VLAN assignment, static 802.1Q trunks, and dynamic ISL trucking using Pap for layer 2 forwarding. Utilize VLAN Spanning-Tree in conjunction with PVST+ for compatibility between Cisco and Juniper switches. Configure edge ports for fast-transitioning into the forwarding state to fix workstation startup connectivity delays. Modify spanning-tree parameters for manual root bridge assignment. Implement ether-channels between each switch using Pap for negotiation. Modify ether-channel load balancing method.
• Integrated WAN links between sites using frame-relay point-to-point and multipoint connections to establish connectivity between each of the four sites as required. Establish two frame-relay point-to-point connections between a central site and two remote sites. Configured multipoint connections between three of the sites forming a full-mesh.
• Configured EIGRP MD5 Message Authentication between sites to prevent unauthorized insertion of routes into the domain. Integrate manual EIGRP route summarization to reduce routing protocol demand on CPU resources, memory, and bandwidth used to maintain the routing table.
• Configure and administrated OSPF routing with multiple areas for networks between sites. Implement OSPF MD5 Authentication between each OSPF enabled subnet to prevent unauthorized insertion of routes into the domain.
• Integrated static NAT/PAT to provide access to services located on a server in the private network to the public network. Implement standard and extended access-lists to filter network traffic.
• Configured backup and recovery of Cisco IOS Images. Perform password recovery on Cisco IOS routers/switches and a Juniper EX2200 Series switch to restore administrative access. Backup and Restore startup-comfit file for disaster recovery
• Configured on BIG IP (F5) load balancers and load also monitored the Packer Flow in the load balancers.
• Configured and administrated an IPSec Site-to-Site VPN between the Cisco ASA5505 at small office location and Cisco 1841 ISR with a security IOS image at the main office. Implementation of the VPN includes the following configurations: Internet Key Exchange Policy using DES and SHA for encryption and authentication, access-lists to define VPN traffic, transform set using esp.-des esp-sha-hmacto define how the traffic is protected, crypto-map to associate the previously configured elements to a peer, and application of the crypto map to appropriate interface or VPN endpoint.
• Configured and administrated Zone-Based Policy Firewall on the Cisco 1841 ISR with the following components: three zones, class-maps specifying traffic that must have policy applied as it crosses a zone-pair, policy maps to apply action to the class-maps’ traffic, zone-pairs, and application of policy to zone pairs.
• Configure Cisco 2811 ISR (VoIP) with a Cisco Unity Express Network Module (NM-CUE) installed, Cisco Communications Manager Express, a standard Cisco 3550 Switch, and a Cisco 3550 switch with Power-over-Ethernet. Create and manage Data and Voice VLANs, and configure ports with static VLAN assignment and 802.1Q trunks for layer 2 forwarding. Configure edge ports for fast-transitioning into the forwarding state to fix workstation startup connectivity delays.
• Configure Fast Ethernet main and sub-interface assignments as required for intervlan routing. Implement static routes for local connectivity. Configured NTP server, DHCP server, and TFTP server for support of the VoIP network. Modification of system level parameters including max phones, max directory numbers, display format for date and time, and setting the Time-Zone.
• Integrate Unity Voicemail on the Cisco Unity Express Network Module. Configure a dial-peer on the Cisco 2811 ISR to define the attributes of the packet voice network connection to the Cisco Unity Express Network Module. Enable call forwarding on busy or no answer. Implement Message Waiting Indicators and Voicemail access via SMTP. Daisy-chain PCs to VoIP phones to reduce network cabling costs. Utilize PoE ports for VoIP phones to reduce power infrastructure costs.
• Administrated a wireless network infrastructure providing access to wired LANs to increase mobility and productivity utilizing the following network elements: Cisco Wireless LAN Controller (WLC) 2106, a Cisco 3550 switch, a Cisco 1130AG series Access Point, and a Cisco 1121G series Access Point. Ruckus (Zone Director) and Aerohive (Hive Manger, AP330), Create wireless LANs and configure interface association, security parameters, and radios used. Utilize the Wireless LAN Controllers web GUI to configure and manage the wireless network. Configure internal DHCP scopes for WLANs.
• Prepare configuration for AP registration on same subnet as management VLAN and for AP registration on different subnet. Implement option 43 for DHCP where necessary. Configure AAA AP policies to allow Self Signed Certifications for APs shipped without a Manufacturer Installed Certificate. Implement AP Grouping to ensure WLAN SSIDs are only broadcast by the APs desired.
• Set up VLANs and access ports connecting virtual machines using the NX-OS CLI on a Cisco Nexus 1000v virtual machine and VMWare vSphere Client networking.
• Configured routing policies and service profiles for separate levels in an organizational hierarchy using a Cisco Prime Network Services Controller virtual machine. These policies and profiles were applied to Cisco Cloud Service Router 1000v (CSR 1000v) virtual routers.
• Configured a CSR 1000v router using the Cisco IOS 15.4 CLI.
• Configured the Nagios XI monitoring tool to monitor routers and switches and customized its dashboard.
• Configured SolarWinds Orion NPM and used it to monitor traffic on a network.
• Configured the CACTI tool to graph traffic from a router and to generate alerts based on a threshold traffic level.
• Used the Wireshark tool to study HTTP, telnet, and SSL traffic.