SUMMARY:

• Professional wif over 5 years of experience in implementation, administration/change requests, L2/L3 Design, support/escalated ticket resolution, monitoring/analysis and troubleshooting of various technologies that includes proficiency in switching, routing, wireless and datacenter technologies.
• Designed L2/L3 solution utilizing Cisco Catalyst 3850s, Cisco 2960s, Cisco WLC 5020, ISR 2221, Digi, UPS, and a Raritan.
• Managed Solarwinds, using this tool to monitor teh IDFs, MDF, APs, & WLCs of teh distribution centers before, during, and after teh upgrade.
• Configured Cisco Catalyst 3850s, Cisco 2960, and Cisco WLC 5020. Utilizing ACLs, Vlans, AAA, SSH, Port Channels, and STP.
• Implemented L2/L3 solution remotely wif onsite halp from teh onsite support technician.
• Supported upgraded site for 2 weeks troubleshooting any issues that arose.
• Created and administered Local VLANs based on department function, and configured ports wif static VLANs for data and voice along wif both dynamic and static 802.1Q trunks. Managed VTP, mostly transparent mode, to control VLANs.
• Managed RSTP/STP on Cisco and Juniper switches and priority for root election. Managed portfast, bpdu guard, UDLD.
• Created and administered portchannels statically and using LACP, Etherchannels on catalyst and LAG on Juniper.
• Managed Stackwise, VSS on Catalyst, VPC on Nexus, and MLAG on Juniper for device redundant portchannels.
• Configured SVIs for VLANs wif IPv4/IPv6 addresses wif HSRP and VRRP for gateway redundancy on dist. switches.
• Implemented port - profiles in NX-OS for multiple ports and port-types to reduce errors and improve readability.
• Implemented secure access such as SSH, AAA, Radius, TACACS+ to vty and console ports along wif SNMP and NTP.
• Implemented a wireless network infrastructure providing access to wired LANs to increase mobility and productivity on Cisco WLC, Cisco Catalyst and Meraki switches, Cisco and Meraki APs. Created wireless LANs and configure interface association, security parameters, and radios used. Managed wireless via teh WLC web GUI and Meraki Dashboard.
• Configured port security, DHCP snooping, IP ARP inspection, ipv6 RA guard for access switchport hardening.
• Managed an IPSec Site-to-Site VPN between Cisco ASA5500s at Main Office and Cisco branch ISR including Implemented VPNs for IKE Policy using DES and SHA for encryption and authentication, access-lists to define VPN traffic, transform set using esp-des esp-sha-hmac to traffic protection, crypto-map to configured elements to a peer, and application of teh crypto map to appropriate interface or VPN endpoint.
• Implemented of Zone-Based Firewall on teh Cisco branch ISR for three zones, applying class-maps as traffic crosses a zone-pair, policy maps to apply action to teh class-maps’ traffic, zone-pairs, and application of policy to zone pairs.
• Deployed SSL VPN (WebVPN) to allow users to establish a secure, remote-access VPN tunnel to teh Cisco ASA 5500 series using a web browser. Generated a general purpose RSA key-pair for authority identification, configure authority trustpoint for teh WebVPN using self enrollment, and configure CA trustpoint interface association.
• Utilized Cisco ASA 5500 Modular Policy Frame-Work to configure and manage layer 3/4 interface service policies, apply inspection and connection limits to services, apply inspection and QoS policing to HTTP traffic.
• Configure HTTP inspection policy to block restricted sites and file downloads.
• Administered both single area and multiple area OSPF routing. Also implemented totally stubby areas to lower teh system resource utilization of devices. Implemented hub and spoke network between three sites wif teh main office as teh hub for redundant connections utilizing MPLS VPNs and GRE tunnels using IPSec.
• Implemented EIGRP routing on Cisco ISRs and ASAs. Prevented neighbor adjacencies forming and sending/receiving routing updates on unnecessary interfaces. Implemented EIGRP MD5 between sites to prevent unauthorized insertion of routes into teh domain. Implemented manual EIGRP route summarization to reduce demand on CPU resources, memory, and bandwidth used to maintain teh routing tables.
• Implemented backup and recovery of Cisco IOS Images. Perform password recovery on Cisco IOS routers/switches and a Juniper devices to restore administrative access.
• Configured eBGP & iBGP peering using directly connected networks and loopbacks, ebgp-multihop. Managed BGP Peer groups and PREFIX-LISTs, ROUTE-MAPs, ACLs and neighbor statements to filter route updates to and from neighbors. Utilized show commands to provide routing information wif debugging diagnostic commands to monitor BGP events.
• Managed SNMP, AAA, TACACS+, Radius, Netflow, Syslog, NTP for authentication, logging and management.
• Utilized Nagios XI (customized dashboard, SolarWinds Orion NPM, CACTI monitoring and graph traffic.
• Used teh Wireshark tool to analyze HTTP, telnet, and SSL traffic
• Implemented Unity Voicemail on teh Cisco Unity Express Network Module. Configured dial-peer on a Cisco 2811 ISR to define attributes of packet voice network connections to Cisco Unity Express Network Module. Enabled call forwarding on busy/no answer. Implemented Message Waiting Indicators and Voicemail access via SMTP.

TECHNICAL SKILLS

Routing & Security Technologies: - Cisco ISR 2800/2900/4300/4400, Cisco ASA 5500 Series, Meraki MX 64/100, Juniper SRX240/550, Palo Alto, SSH, IPSecVPN, SSLVPN, AAA, TACACS+/RADIUS, 802.1x Authentication, ACLs, OSPF, BGP, EIGRP, Route-maps, IPv4/6, ARP, TCP, UDP, NAT/PAT.

LAN/Switching Technologies: - Cisco Catalyst 2960X/3750X/ 3850/6500/6800, Meraki, Nexus, Juniper, VPC, VSS, StackWise, HSRP, VRRP, VLAN Trunking, SVI, Portchannel, STP, DHCP, CDP, SFP+.

Wireless Technologies: - Cisco APs, Cisco WLC 5500 Series, Cisco Meraki MR 42/33/18 APs, TACACS+/RADIUS, 802.1x Authentication, 802.11, WLAN, WAP, SSID, CAPWAP, LWAPP

Data Center, Monitoring & Voice, Systems: - SolarWinds, Wireshark, Cacti, Nagios, Remedy, SNMP, DNS, SSH, FTP/SFTP, SMTP, VoIP/SIP, QoS, CUCM, UCCX, AWS, Cisco Meraki Cloud-based Dashboard, UPS & PDUs, Windows Servers, Active Directory, desktop pc, laptops, printers.

PROFESSIONAL EXPERIENCE:

Confidential

Network Engineer

Responsibilities:

• Implementation Engineering role wif escalation support engineering also. L2/L3 Design, Implementation & Support of Distribution Centers.
• Developed support documentation for existing and new technical solutions.
• Diagnose and troubleshoot Infrastructure issues (Routing, Switching, QoS, WAN Optimization, DNS/DHCP, Network Load-Balancing, and 802.11a/b/g/n Wireless) quickly and efficiently.

Confidential

Engineer/Analyst

Responsibilities:

• Member of a team of professionals responsible for day to day management and support of a complex company wide network that includes corporate, data center and remote locations along wif WAN.
• Specific Technologies proficient in includes Cisco ISRs/Meraki MX, Cisco Catalyst/Nexus Switches Cisco ASAs, Juniper EXs, Cisco Wireless LC, Cisco Access Points, Nagios, Solar Winds, Cacti, Wireshark, VMware,Cisco Unified Communications Manager & Cisco Unity.

Confidential

Onsite Support/Analyst

Responsibilities:

• Member of a team responsible for day to day support/analysis of clients including handling various service activities including implementing services and handling as needed tickets.

Confidential

Onsite Support/Analyst

Responsibilities:

• Member of a team responsible for day to day support/analysis of clients including handling various service activities including implementing services and handling as needed tickets.