PROFESSIONAL OBJECTIVE

Challenge-seeking Lead/Senior Network Engineer position with 20 years of experience working with Windows, Linux, VMware, and Cisco products to design and implement solutions for corporate challenges in information security, high availability, disaster recovery, and risk mitigation. Diversified skill sets working with Cisco products, Windows Enterprise Infrastructure, PKI Infrastructure, IDS and node monitoring systems, storage systems, virtualization infrastructure including VDI. Possess experience with layer 2 and layer 3 network designing, in-depth defense strategy, IPS, IDS, security policies and SOPs to implement security controls, standards, and an overall strong security posture.

PROFESSIONAL EXPERIENCE

Confidential

Program Account Manager/Project Engineering DOD DCPAS Contracts

• Currently working in dual role for Hewlett Packard HP as a Senior Network Engineer on the Department of Defense Civilian Personnel Advisory Service DCPAS contract and serving as a Program Account Manager managing 3 contracts
• Currently managing an Oracle/Sharepoint contract for DOD DCPAS that consist of 7 employees, 5 HP direct employees and 2 sub-contractors and a Helpdesk Network Services contract for DOD DCPAS that consist of 8 employees 15 employees total
• Plan, conduct and brief Government Client/Senior Managers on contract task and projects
• Prepare project plans, hardware lifecycle management plan and network diagrams
• Manage firm fixed price and time material contract hours and comp time for my staff
• Manage contract budget forecasting for each contract along with approving invoices
• Work on contract bids/sole source contracts, create technical proposals, create position descriptions, conduct interviews and staff new contracts that are awarded.
• Establish goals, mid-year performance reviews and end of year performance reviews for my staff
• Ensure yearly internal Hewlett Packard training curriculum classes are completed for all HP direct employees
• Approve and sign timesheets bi-weekly for HP direct employees and weekly for HP sub-contractors.
• Pursue new business and present innovative ideas to customers.

Confidential

Senior Network Engineer DOD DCPAS Contract

Network Engineering:

• As team lead/engineer lead to the Network Operations/Server team for Defense Civilian Personnel Advisory Service. Perform Tier 3 support for network operations.
• Migrated Department of Civilian Personnel Advisory Services DCPAS Headquarters in Arlington, VA to the new Mark Center, Alexandria, VA. I have migrated 174 network servers, both physical and virtual, to the new Mark Center Building where all servers are currently virtual residing in a VCenter environment on IBM blades chassis's.
• Designed, installed and configured an all Cisco network device backbone infrastructure for DCPAS Headquarters in Arlington, VA, 10 Remote-site locations and COOP Site/Hotel Conference Business Center in Southbridge, MA.
• Installed, configured and deployed 2 Cisco 6509 backbone catalyst switches, DCPAS Headquarters and COOP Site/Hotel Conference Business Center in SouthBridge, MA.
• Installed, configured and deployed4 Cisco 2851 routers, 10 Cisco 2801 routers and 3 Cisco 5510/5540 Adaptive Security Appliance ASA VPN and Firewall during FY2009 - 2011.
• Configured and installed/deployed 96 Cisco Catalyst 3560 and 2560 Switches during FY2009 - 2011.
• Network management for all network communication devices: Cisco backbone 2 , routers 13 , switches 96 , firewalls 1 and adaptive security appliance/VPN 3 .
• Upgrade latest IOS on all Cisco network devices addressing security vulnerabilities according to Defense Information Security Agency DISA /Joint Task Force JTF mandates via Security Technical Implementation Guidelines STIG's .
• Daily Administration of network security access control lists ACL's for all Cisco routers.
• Monitor network devices and servers using SolarWinds, Big Brother and WhatsUpGold network tools, notification received when a device loses connectivity, services stop abruptly or power is lost.
• Monitor access of web/internet data request for the DCPAS end-user community using Bluecoat SG8100 and Barracuda SpyWare appliance.
• Monitor inbound/outbound email delivery using Barracuda SPAM 300 Firewall appliance.
• Responsible for the Avaya VoIP phone Unified Communications systems.
• Development of contingency plans to ensure continuous availability and accessibility of network resources in the event of disaster recovery/emergencies.
• Responsible for monthly contract deliverables, updating all network documentation and diagrams.
• DCPAS/DOD Authority-To-Operate ATO is up for renewal. Currently conducting an information assurance network inspection on all network devices, scanning for all vulnerabilities. All vulnerabilities have to be reported and remediate for an ATO can be approved for another 3 years.
• Manage IT hardware for all network infrastructure and server farm asset life cycle.
• Manage IT software asset life cycle.
• Manage the maintenance of IT hardware.
• Manage the disposal of all IT hardware and software
• Assisted in the procurement of IT equipment and services

Server Administration:

• Designing and installed Symantec Enterprise Vault for Exchange 2003/2007/2010.
• Designing and planning new Exchange 2010 Email Infrastructure for rollout prior to BRAC.
• Designing and planning new Windows Server 2008 R2 Active Directory Smartcard/CAC Infrastructure for rollout prior to BRAC.
• Manage create/modify/delete/troubleshooting Active Directory group policy objectives for network servers, users and client workstations security provisioning and standardization domain wide.
• Designed, installed and administered a Dell server farm consisting of 155 Windows/Linux based servers at 12 different locations.
• Designed, installed and configured Microsoft Windows 2008 Enterprise Active Directory Domain.
• Configured Active Directory domain for Smartcard/CAC login authentication/PKI Infrastructure.
• Designed and configured Symantec Corporate Server at 7 sites that updates all Symantec clients with the latest client software and the latest virus definitions.
• Created and maintained 13 internal Windows 2008 Active Directory Domain Name Servers DNS .
• Maintained 2 external RHEL Bind Domain Name Servers DNS .
• Perform BIND DNS migration from RHEL 5 to RHEL 6 to remediate vulnerabilities.
• Created and maintained virtualization server farm using VM Ware ESX v5.x and higher. Currently consolidating and migrating physical network servers to virtual server farm using Dell R900 PowerEdge servers. 130 physical servers have been migrated to virtual servers with VM Ware using Plate Spin software.
• Redundancy environment created to ensure and eliminate signal point of failure using high availability and Vmotion.
• Designed, installed and configured Microsoft Exchange 2003/2010 Email Infrastructure.
• Administer and maintain a 10Microsoft Exchange 2003/2010 Dell Server Farm at 7 different locations.
• Designed, installed and configured Blackberry Enterprise Server 4.1.6Infrastructure.
• Daily Administration 221 Blackberry handheld devices.
• Monitor email message transfer using the Barracuda SPAM 300 Firewall appliance.
• Created new end-user network/email accounts and personal/public network shares.
• Prepared automatic Outlook mail profile, drive mappings and network printers using scripting application Desktop Authority/ScriptLogic application.
• Installed and configured network printer servers that maintain over 120 network printers/copiers/scanners.
• Designed, installed and administer 6 Dell EMC Fiber Channel SANS
• Administered PKI infrastructure creating 2048bit Private Keys domain controllers, SSL public facing websites and VPN devices.
• Custom configuration of Acronis Imaging on every Windows based network server for disaster recovery. Each server is imaged nightly, stored on a SANS and backed up to tape.
• Installed and configured 37 new Windows 2008 64bit Servers.
• Installed and configured 7 eEye Digital Retina network scanner software which scans for vulnerabilities of all network devices routers, switches, servers, desktops, laptops and printers .
• Administer patch deployment using HFNetChk patch pushing application to deploy Microsoft critical updates, patches, service packs and 3rd party application updates adobe, flash, real player, etc for over 500 computers and 250 laptops.
• Responsible for hardware updates bios, firmware, and driver for all network servers, printers and tape libraries.
• Responsible for deployment of DISA GoldDisk STIGS to all network servers, desktop and laptops. Responsible for the remediation of all vulnerabilities.
• Responsible for Retina eEye network scans for network servers, desktops and laptops for reporting vulnerability findings to DISA Vulnerability Management System website.
• Development of contingency plans to ensure continuous availability and accessibility of network server resources in the event of disaster recovery/emergencies.
• Provide new hardware and software technology solutions according to approved budget that would improve customer daily operations.
• Responsible for lifecycle management of all network devices, servers and desktops.
• Responsible for soliciting vendors for pricing each year for renew of maintenance contracts ArcServe, Barracuda, Blackberry, Bluecoat, Cisco, Dell, Script Logic/Desktop Authority and Symantec .
• Responsible for monthly contract deliverables, updated server documentation and diagrams.

Telecommunications:

• Coordinated and prepared telecommunication service request TSR for submission to DISA that upgraded DCPAS NIPRNet connection from 5megabytes to 45 megabytes.
• Prepared all telecommunication service requests for submission to DISA and coordinating frame-relay circuit installation/upgrade with Sprint for 10 sites to a T1/1.544mb circuit and DSL installation for 5 sites.
• Responsible for reviewing monthly bandwidth utilization reports.
• Project lead for migration of all 10 remote-sites from Sprint frame-relay circuits to Verizon MPLS circuits. DCPAS Headquarters is the current hub. We are moving our entire data center to the new Mark Center campus in Alexandra, Virginia which will be our new hub. I prepared all 11 TSR's for the 10 remote-site locations and the new hub site at the Mark Center. A DS3/45mb circuit will be installed at the hub site and a 3.088mb 2xT1 or a 6.176mb 4xT1 at each of the 10 remote-site locations.

Confidential

Network Systems Administrator/Network Engineer DCPAS Contract

Network Engineering Server Administration:

• Network management for all network communication devices: Cisco Routers, Switches, VPN and RAS.
• Installing, configuring, and administering of network security with Cisco routers and ACLs.
• LAN/WAN management of networking equipment including Cisco routers and switches.
• Monitoring of network with Cisco Works 2000, Cisco Routed WAN Management, Cisco Secure ACS and HP Network Node Manager.
• Monitor email message transfer using the Barracuda SPAM appliance.
• Monitor access of web/internet data using the Barracuda SPYWARE appliance.
• Responsible for Network/Server documentation and diagrams.
• Network Server Support for over 500 users, both on-site and remote sites.
• Provide technical support and maintenance on 70 Windows 2003/2000/NT v4.0 servers and 3 Linux server spanning 11 sites.
• Build and configure Windows 2003 network servers with appropriate hardware and software.
• Backup network servers on a daily basis using BrightStor, both on-site and remote sites.
• Setup, administer and provide maintenance to MS Exchange Mail server and Linux SendMail gateway server.
• Setup, administer and provide maintenance/support for the BlackBerry Enterprise software.
• Setup, administer and provide maintenance/support for Impromptu/Cognos Power Play software.
• Setup, administer and provide maintenance/support for Symantec Corporate Antivirus users.
• Monitor VPN authentication logs via the Cisco Secure software.
• Perform BIND DNS migration from RHEL 5 to RHEL 6 to remediate vulnerabilities.
• Update and maintain DNS DHCP via Cisco Network Registrar/BIND.
• Provide requirements analysis on system hardware and software performance and stability.
• Provide/recommend hardware and software requirements for yearly budget.
• Using ScriptLogic Desktop Authority, write and modify logon scripts, time update and mail log scripts.
• Built, configure and maintain Windows 2003 print servers for over 130 printers throughout the agency including remote sites.

Confidential

Network Systems Administrator CPMS Contract 1

Network Administration:

• Network management for all network communication devices: Cisco Routers, Switches, VPN and RAS.
• Installing, configuring, and administering of network security with Cisco routers and ACLs.
• LAN/WAN management of networking equipment including Cisco routers and switches.
• Redesigned CPMS LAN infrastructure to provide a 100mb-switched environment to the desktop, with a gigabit backbone plane between floors.
• Monitoring of network with Cisco Works 2000, Cisco Routed WAN Management, Cisco Secure ACS and HP Network Node Manager.
• Responsible for Network/Server documentation and diagrams.

Network Server Administration

• Network Server Support for over 500 users, both on-site and remote sites.
• Provide technical support and maintenance on 35 Windows NT v4.0 and 1 Linux server spanning 11 sites.
• Build and configure Windows 2003/2000/NT 4.0 Network servers with appropriate hardware and software.
• Backup network servers on a daily basis, both on-site and remote sites.
• Implemented and designed Microsoft Exchange Mail System.
• Implemented and designed Microsoft Systems Management System.
• Administer and provide maintenance to Microsoft Exchange Mail server and Linux SendMail gateway server.

Technical Expertise

• Hardware: Dell PowerEdge Servers, Dell EMC SANS, Dell PowerVault Tape Libraries, Dell PowerVault Storage Array, Dell Optiplex Towers, Dell Latitude Laptops, IBM Lenovo Laptops, Blackberry Handheld Device, Avaya VoIP Phone Unified Communication Systems
• OS Software: Windows XP, Windows 7, Windows Server 2003, Windows Server 2008, Windows Server 2008/2008 R2 Active Directory, Forefront Identity Manager, Redhat Fedora, Redhat Linux 5/6, VMware ESXi, Cisco IOS 12.x higher, Cisco ADSM, Bind 9.3.6 and higher, WebAdmin, Microsoft Office 2007/2010/2013, Microsoft SQL 2005/2008/2008 R2, Desktop Authority Script logic, PKI Certificate Infrastructure, Microsoft Project 2010, Microsoft Visio 2007/2013
• Networking: Cisco 6509 Catalyst Switch, Cisco 2851 Multifunction Router, Cisco 2801 Router, Cisco 3560G/3560/3750 Catalyst Switch, Cisco 2960 Catalyst Switch, Cisco 5540/5510 Adaptive Security Appliance, Barracuda SPAM 300 Firewall, Bluecoat 8100G Web Filter Appliance, Bluecoat Antivirus Appliance, Brocade SSL Web Accelerator
• Virtualization Technology: VMware ESXi 4.0, 5.0 5.5, Hyper V
• Security Tools: Cisco ACS, Barracuda SPAM 300 Firewall, Bluecoat Antivirus, GFI LanGuard v10, GFI LanGuard SMTP Email Antivirus, Symantec Exchange Mail Security, Symantec End-Protection 12.2, McAfee Antivirus 8.8, McAfee EPO, Host Based Security System HBSS , Symantec Guardian Edge Encryption, WhatsUpGold Monitoring Tools
• Patch Deployment: Windows SUS Patch System, VMware Shavlik Patch Deployment, Microsoft SCCM
• Monitoring System: SolarWinds Network Tools, Big Brother Server Monitor, Mailscape Exchange Reporting Tool, HP Insight Manager, DameWare Utilities
• Backup Technology: CA BrightStor Backup v15, ComVault Enterprise Backup, VM Ware Snapshots and Disaster Recovery
• Storage: EMC CX300/320 SANS, Dell PowerVault 3000i
• Email Systems: Exchange 2003/2007/2010, Blackberry Enterprise Server v5.x, Linux Send Mail 8.2 higher
• Telecommunications: Frame Relay/MPLS installation and configuration with Cisco Adtran Routers creating end-to-end hub spoke topology