PROFESSIONAL EXPERIENCE:

Confidential

Data Security Operations Manager

Responsibilities:

• Designed, configured, and tested Cisco ISE migration to a new four - node deployment, and integrated Cisco ISE with Intune MDM for secure network access of managed mobile devices.
• Designed, configured, and deployed 8 new Cisco VPN Firewalls to increase remote user capacity when all the company started working from home because of Covid-19. Configured new DMVPN routers for use by key infrastructure teams working remotely.
• Migrated Cisco AnyConnect user authentication from RSA and LDAP to SAML with Azure AD MFA and tested and deployed a new Cisco AnyConnect client to 2,000 remote users.
• Migrated 20 IPSEC tunnels for business partners from legacy ASA firewalls to new ASA firewalls.
• Led the buildout of the corporate network in the new Alpharetta-Avalon office for 450 users, to include installing routers, switches, Riverbeds, Wi-Fi, SBCs; ordering circuits; and working with cabling, electrical, cooling, and circuit vendors.
• Managed projects with vendors to upgrade F5 load balancer hardware, migrate Cisco ASA Firewalls in the Data Centers to Cisco Firepower, and deploy 20 new Cisco Firepower FTD’s in branch offices.
• Worked with the Axis architecture team to implement Firewalls on our Azure Express Route and in the Azure private peering server environment.
• Migrated services to an Axis Data Center after acquisition of a new company. Designed and configured routing over two separate MPLS networks and configured new firewall rules and IPSEC tunnels.
• Configured F5 Application Security Manager (ASM) policies for our Internet-facing websites to add an extra layer of protection from web application attacks.
• Migrated the Axis Data Center network connections for the SWIFT financial network to new VPN appliances.
• Configured MPLS router, firewall, and backup VPN tunnel for a third-party hosting Data Center.
• Wrote SOPs with Visio Diagrams for the network support teams to provide better understanding of the technical details and traffic flows for F5, Firewalls, SWIFT, and B2B IPSEC tunnels.

Confidential

Senior Network Engineer

Responsibilities:

• Provided senior level network support for 20 branch offices and 3 Data Centers (Americas, Europe, Asia).
• Configured and troubleshot BGP routing on MPLS routers, and EIGRP routing on routers, switches, and ASAs, using route redistribution to inject BGP routes into EIGRP. Configured and troubleshot Cisco routers on the Internet to provide Zone-Based Firewall inspection of Internet traffic, redirect browser traffic to a cloud-based proxy service, and connect to a DMVPN network to use for WAN backup.
• Configured and troubleshot Cisco ASA firewalls in three Data Centers, providing security and NAT policies for Internet-facing applications, IPSEC tunnels for business partners, and AnyConnect for corporate user remote access.
• Configured and troubleshot F5 virtual servers, pools, SSL offloading or bridging, and global load balancing on GTM. Installed and configured a virtual F5 LTM for testing F5 configurations for Disaster Recovery.
• Configured and troubleshot Nexus switch trunks and port-channels to HP Blade Chassis and NetApp iSCSI Storage. Increased 1G and 10G port capacity in the Data Centers by installing and configuring new Nexus 5000/2000 switches.
• Designed and presented network changes to the change review board, and implemented and tested the changes for routers, switches, firewalls, ISE, wireless, and F5s.
• Assisted in branch office and Data Center Disaster Recovery exercise failover/failback activities.

Confidential

Senior Network Engineer

Responsibilities:

• Installed, configured, and troubleshot Cisco routers, switches, and ASA firewalls in small Data Centers as new installs, or for network refresh projects. Configured MPLS routers with BGP/iBGP routing, and route redistribution and filtering with BGP, EIGRP, and OSPF on routers and ASA firewalls. Updated Checkpoint firewall policies and routing for the new Data Center networks.
• For the corporate campus network refresh project, migrated the campus Layer 2 trunked network to Layer 3 with EIGRP routing, and POE and QOS for VOIP, using Cisco 4500 switches and 3750 switch stacks.
• For the migration of Legacy PBX to Cisco VOIP, worked with the network architect to install new SIP trunks on Cisco CUBE routers and migrated DIDs from the local LEC to the SIP service provider to achieve telecom cost savings. Replaced 700 legacy phones with new Cisco IP phones throughout the campus. Administered phone and voicemail accounts on Cisco Unified Call Manager and Unity.
• Migrated a 40-agent call center from legacy TDM PBX to Cisco Call Manager/UCCX/SIP trunks.

Confidential

Senior Network Analyst

Responsibilities:

• Designed, purchased, configured, installed, and troubleshot Cisco routers, switches, PIX and ASA firewalls, and VPN 3000 Concentrators.
• Designed, configured, and troubleshot IPSEC VPN tunnels to business partners on Cisco routers and PIX/ASA firewalls.
• Assisted with implementing production websites. Created Internet DNS records, configured Checkpoint Firewall policies and NAT, and configured the F5 Load Balancer VIPs, pools, iRules, and SSL certificates.
• Configured and troubleshot ether-channel, VLANs, 802.1q trunks, VTP, and Spanning Tree on 6509 switches in a meshed network configuration at our 24/7 Data Center.
• Configured and troubleshot BGP and OSPF routing and redistribution on the WAN. Upgraded software on routers, switches, and Pix firewalls.
• Migrated twelve sites on the corporate WAN network from frame relay to MPLS and implemented a second MPLS network with a different service provider at all sites for redundancy.