TECHNICAL SKILLS

• FabricPath, vPC/vPC+, Spanning - Tree (STP), network address translation (NAT), BGP, OSPF, VRF, IPsec, routing and firewall policies, high-availability and load-balancing
• Cisco Nexus 7000s, Nexus 5500s, Nexus 2000s fabric extenders, Cisco ASR9000s, Juniper SRX 3600 and SRX1400 services gateways, Juniper MX edge routers, F5 load-balancers
• Deployment of new data centers; data center interconnects using MPLS VPWS and vPC

PROFESSIONAL EXPERIENCE

Confidential, Herndon, VA

Network Engineer

Responsibilities:

• Served as a liaison between Network Operations and various organizations in delivering network engineering, design, testing, and problem resolution services operating across three geographically dispersed data centers
• Collaborated wif Network Operations and various technical organizations to deploy and configure new multi - tier multi-layer enterprise data centers in order to accommodate Internet/Extranet/Intranet connectivities while providing high availability, scalability, and security
• Coordinated wif Network Operations and stakeholders to integrate legacy network infrastructures wif new enterprise data centers and to migrate from legacy protocols and hardware to new network infrastructures; planned and executed servers and platforms migration from legacy networks to new network infrastructures
• Conducted evaluations and provided recommendations for various network designs, concepts, performance and features of network devices in teh lab for integration into a standard network topology
• Provided network solutions and designs supporting multiple systems/platforms, including configuring firewall elements and integrating wif load-balancing architectures
• Collaborated wif Network Operations and/or application stakeholders to troubleshoot and resolve persistent and escalated issues, especially those related to National Data Center platforms
• Published network deployment, configuration, and operational guides for delivery to Network Operations in support of new and existing products and services
• Delivered network engineering support involving but not limited to teh following protocols, hardware, and services operating across three, geographically dispersed enterprise data centers:

Confidential, Fairfax, VA

Information Security Analyst / Network Engineer

Responsibilities:

• Worked wif Pennsylvania Office of Information Technology management to validate network and security designs submitted by vendors
• Served a leading role as a subject matter expert on network and security architecture on large, complex network deployments and infrastructure projects
• Worked wif Pennsylvania Office of Information Technology staff at all levels to assist wif teh adaptation of teh policies and standards associated wif implementing a new network infrastructure
• Researched and evaluated emerging IT technologies and practices and develop strategies and implementation plan for large enterprise data centers

Confidential, Vienna, VA

Senior Network Engineer

Responsibilities:

• Member of teh Incident Handling team on detecting, responding, and resolving information security incidents, intrusions, and threats by analyzing and correlating events data from but not limited to McAfee IDS system, BlueCoat ProxySG web gateway, FireEye malware system, NetFlow & network traffic, and ArcSight SIEM
• Reviewed vulnerability and penetration testing assessments in order to define strategic procedures for enhancing or adding security controls, fortifying network and system design or operation, and security awareness training
• Designed, deployed, and administered ArcSight ESM, ArcSight Logger, and ArcSight Connector appliances in teh area of Security Information & Event Management (SIEM); developed use cases and designed event correlation rules in order to strengthen security posture and mitigate security risks; installed and configured SmartConnector agents across enterprise systems; managed event collection flows, assets/ classification, filtering, and reporting & alerting
• Administered and managed Blue Coat ProxySG system (reverse and forward proxies) for web requests and responses; managed enterprise policy controls and web access; ensured content filtering and detection of malicious payloads (malware & virus); managed session’s authentication and authorization wif Windows Active Directory; filtered malicious and suspicious sites
• Designed, deployed, and managed Imperva SecureSphere system for agent-based and network database activity monitoring; conducted risk analysis and applied appropriate configurations to secure sensitive data; audit and monitor database privilege level access; streamlined compliance requirements and event collection across multi-vendor databases
• Provided assistance to administering and tuning teh IDS’s performance; co-authored IDS rules and crafted packets for rule parsing; evaluated and analyze IDS’s signature rule parsing capabilities against non vulnerabilities and exploits; investigating and remediating false positives and false negatives
• Integrated and administered Cisco routers and switches wif CiscoWorks system for inventory management, configuration management, reporting, syslog monitoring and troubleshooting
• Integrated and administered Cisco routers and switches wif Cisco ACS system in conjunction wif TACACS+ for centralized auditing and device management in teh areas of authentication, accounting and authorization
• Coordinated and collaborated wif firewall and security engineers and various IT departments to resolve data connectivity issues or to define new connectivities wif emphasis on access controls and threat prevention
• Implemented router-to-router GRE over IPSec VPN and L2TP over IPSec VPN across teh Enterprise WAN and Internet for protecting IP communication sessions by ensuring data origin authentication, data integrity, and data confidentiality
• Proactively monitored and enhanced teh alerting process for detection of network faults, performance degradation, security anomalies, and intrusions; produced analysis reports on discoveries in order to provide recommendation on capacity planning, network optimization and mitigation of security risks
• Managed IT projects from conception to completion which encompassed teh scope, baseline, roles/resources, milestone, deliverables, risk management, quality assurance, and communication
• Installed, configured, and deployed Catalyst 6500s, Catalyst 3500s, and Catalyst 2900s switches for teh CAMPUS and MAN infrastructure encompassing teh Core, Distribution, and Access layers
• Provided administration, operation, and maintenance of teh network lab for product evaluations, proof of concepts, configuration management control, and transition of pilot test deployment into production
• Configured Cisco routers and switches for CAMPUS, MAN and WAN network interconnectivity by applying but not limited to EIGRP, HSRP, 802.1D PVST, 802.1w RPVST, VTP, 802.1Q trunking, EtherChannel, and VLANs
• Integrated and supported connectivities for VMware vSphere virtualized data centers to Cisco Catalyst switches
• Deployed and configured perimeter routers for network interconnectivity between Internet service providers and internal or DMZ networks by applying but not limited to BGP and access control lists
• Procured networking infrastructure hardware and software for capacity planning, network expansions, upgrades, strategic projects, and hardware maintenance
• Engaged in tier me, II, and III network operation support for high level SLAs requirements and continuance of business functionality in a 24X7 environment covering LAN, CAMPUS, MAN, and WAN networks
• Worked wif teh NOC to deploy new installation, upgrades and/or decommissioning of network equipment, and servers; coordinated and collaborated wif technical groups and vendors for configuration management and troubleshooting while minimizing network interruptions and downtime
• Migrated Corporate’s wide IBM Token Ring networks running IPX/SPX protocol to Cisco GigabitEthernet\ FastEthernet networks running TCP/IP; teh projects life cycle spanned 5 years due to teh size and complexity of teh Corporate networks
• Architected, installed, configured, and deployed Catalyst 6500s and Catalyst 3500s switches for CAMPUS infrastructure encompassing teh Core, Distribution and Access layers
• Configured Cisco switches for CAMPUS network interconnectivity by applying but not limited to 802.1D PVST, VTP, 802.1Q trunking, EtherChannel, and VLANs
• Managed and administered essential network services and applications for DNS, DHCP, Windows 2000 Domain Controllers, Print servers, and File servers
• Engaged in tier me, II, and III network operation support for high level SLAs requirements and continuance of business functionality in a 24X7 environment
• Managed IT projects from conception to completion which encompassed teh scope, baseline, roles/ resources, milestone, deliverables, risk management, quality assurance, and communication

Confidential, Washington D.C

Consultant/ Network Engineer

Responsibilities:

• Inter-connected routers and switches using OSPF, ISL/802.1Q trunking, VLANs, EtherChannel and T1s during upgrades of remote sites
• Configured and implemented QoS on Cisco switches for VoIP
• Modified and edited security policies on teh PIX firewalls to deny or permit traffic in and out of teh DMZ
• Provided troubleshooting and assessment of routers and switches’ operations, functions, and connections
• Monitored, analyzed, and managed all aspect of teh network infrastructure by employing CiscoWorks and SNMP
• Member of teh NOC team to deploy new installations, upgrades and/or decommissioning of network equipment; Coordinated and collaborated wif technical groups and vendors for configuration management and troubleshooting while minimizing network interruptions and downtime
• Member of teh NOC team engaged in providing tier me and II operational support of LAN and MAN switching networks
• Deployed and upgraded access layer Cisco switches for network expansion and high performance requirements
• Performed Cisco IOS software upgrades and provisioning for all switches and routers in teh LAN and MAN networks
• Applied 802.1D PVST, VLANs, VTP, 802.1Q trunking protocols for Layer 2 switching connectivity
• Conducted proof of concept for testing remote dial-up connectivity to Cisco routers
• Developed and composed documentations and diagrams for all levels of teh network infrastructure and operation
• Installed and ran copper and fiber cables for teh interconnection of routers, switches, servers and various networking equipments