IT professional with over 15 years of experience in network design, implementation, administration and maintenance using analysis, engineering, escalation support, troubleshooting and project management for various technologies for medium to global enterprise environments including proficiency with Cisco IOS, routing, ACLs, NAT, security, switching, voice and wireless.
Technical Skills Detail
- Network Hardware: Cisco Routers 3900, 2900, 1900, 800 , Cisco Catalyst Switch 6500, 5500, 4900, 4500, 3000, 3100 , Cisco Nexus 5k and 7k Series, Cisco ASA 5500 Series, Cisco WLC, Alcatel GPON/BPON 7342, 7340 and CPEs and Alcatel Switches 7450 , Overture ISG 1400, 6000 and CPEs 45, 45 , 34 , Juniper E, M, MX, T Series.
- Routing/Switching: WAN, LAN, TCP/IP, Spanning Tree, BPDU, CDP, Frame-relay, PPP, ACL, Network Address Translation NAT , Port Address Translation PAT , Access Control List, RIP, OSPF, EIGRP, BGP, MPLS, VTP, SNMP, SMTP, ARP, TCP, UDP, Static Routing, Stub Routing, VLAN Trunking, Multi-Area OSPF, VLAN, VTP, HSRP, SVI, CEF, Etherchannel, Portfast.
- Security Technologies: AAA, IPS/IDS, TACACS , RADIUS, SSH, VPN, Cisco ACS, Data Loss Prevention, IPSec, Data Management Zone, Pretty Good Protection PGP , Public Key Infrastructure PKI , Internet Key Exchange Policy, Port Security, MAC Address Filtering, IPS/IDS.
- Voice Technologies: Computer Telephony Integration CTI , VoIP, CUCM, QoS, PoE, H.323, SIP, MGCP, RTP, SCCP, SRTP, UCCM, UCCX, VoATM, TDM/PCM, GSM, SS7, ATM, ISDN-PRI/BRI, ISUP, IS41, CAS-R1, CAS-R2.
- Wireless Technologies: IEEE 802.1x 802.11 a/b/g/n, WLAN, WAP, AP, SSID, LWAPP, CSMA/CA, Bluetooth, HomeRF, MMDS, LMDS, Aironet, CCK, DSSS.
- Monitoring Tools/Hardware: Linux, RedHat, HP-Unix, Sun SolarisFinisar, Wireshark, Remedy, Openview, Cacti, Nagios, VMware, Solarwinds, F5, Cisco Works, LogicMonitor, Cisco Security Manager Suite, DNS Servers, DHCP Servers, NTP Server, TFTP Server, Exchange Server, Blade Servers, Web Servers, Syslog, FTP, SFTP, Simple Soft Simulator, Jira, SVN, TOAD, Clear Case, OWL, GDB, Alcatool TCL , Overture's OBAG, Cyclone, Working knowledge: Overture's OPAL
- Programming Languages: Working knowledge: C, C , Java, .NET, C
Professional Experience Detail
Lead Quality Assurance Engineer
Company Overview Confidential is a company that designs, manufactures, and markets networking and telecommunications equipment. They service more than 450 service providers and network operators in 45 countries worldwide utilizing complex global network infrastructure. Responsibilities handled:
- Lead to a team of professionals responsible for development, implementation, analysis, administration, provisioning, and troubleshooting various LAN/WAN technologies located within complex network infrastructure.
- Technical responsibilities include, but are not limited to test case development, design, provision, implementation, administration, analysis, and troubleshooting of various LAN/WAN technologies such as such as Ensemble Network Controller, Overture Management System, and ISG series.
- Professional responsibilities include, but are not limited to, documentation for technical design process, enhance/develop scripts and tools to support customer network, change management, following company policies and procedures, and schedule as needed reports to management.
- Specific technical responsibility includes, but not limited to, execution of AAA/Radius test for ISG1400, interoperability test for ISG1400 and ISG6000 utilizing ISG 5100 as Layer 2 switch, provisioning and bidirectional layer 2 traffic test for ISG 1400
- Additional responsibilities and activities included but not limited to 2nd level support for general systems administration, as needed technical support/training of new technical professionals, 2nd/3rd level support of various LAN/WAN issues.
Lead Quality Assurance Engineer
Confidential Multinational Corporation that designs, manufactures, and sells networking equipment. Confidential. has a global presence in every country and territory in the world servicing millions of enterprise and multinational business corporations on six continents utilizing a complex global network infrastructure. Responsibilities handled:
- Lead to a group of professionals responsible for test case development, execution and cross functional collaboration for Cisco Network Pulse Services for releases 1.0, 1.1, 1.2, and 1.3.
- General technical responsibilities included implementation, analysis, administration, support, troubleshooting, plan and case development of various mission-critical technologies, software resolutions, technical training of end-users as required, including new requirements and changes.
- Professional responsibilities included collaboration with product management, interdepartmental communications and coordination, timely reporting to appropriated groups, documentation, administration, following company policies and procedures, and project management.
Network System Engineer
Confidential communications, providing products and innovations in IP and cloud networking as well as ultra-broadband fixed and wireless access to service providers and their customers, enterprises and institutions throughout the world. Alcatel has a complex global sized LAN/WAN infrastructure supporting sites in over 130 countries worldwide. Below will be a list of responsibilities personally handled:
- Lead to a group of professionals responsible for supporting worldwide multi-million dollar clients by tracking, prioritizing, and coordinating the resolution of client-reported problems and to ensure client LAN/WAN network infrastructure.
- Technical responsibilities included, but are not limited to implementation, design, testing, administration, deploying, installation, configuration, analysis, upgrade, software resolution and troubleshooting for large scale LAN/WAN network infrastructure including network components, software, and voice technologies such as: routers and switches, voice gateway, and servers.
- Professional responsibilities include project management, escalation support, interdepartmental communications and collaboration, coordination, following corporate policies and procedures, documentation and scheduling as needed reports to management.
- Core technologies handled include: Alcatel GPON/BPON 7342 and7340 and Alcatel Switches 7450
- Multiple awards received for excellent coordination to ensure 100 on-schedule to meet challenging project completion deadlines.
- Configure secure privileged administrative access to the Cisco IOS system. Enable the encryption of system passwords to prevent unauthorized users access to passwords in the system configuration.
- Configure secure access to the console and vty ports, and set the interval that the EXEC command interpreter waits until user input is detected on the Console and vty ports. Also, configure the console and vty ports log messaging to not interfere with active device configuration.
- Configured and administrated VLAN Trunking Protocol to reduce administrative overhead. Enable secure sharing of VLAN information to prevent the introduction of rogue devices from affecting the VLAN database. Shutdown unused switchports following Layer 2 security best practices.
- Configured VLAN Trunking Protocol to reduce administrative overhead. Enable secure sharing of VLAN information to prevent the introduction of rogue devices from affecting the VLAN database. Shutdown unused switchports following Layer 2 security best practices.
- Administrated Local VLANs based on department function, and configure ports with static VLAN assignment, static 802.1Q trunks, and dynamic ISL trunking using PAgP for layer 2 forwarding. Utilize VLAN Spanning-Tree in conjunction with PVST for compatibility between Cisco and Juniper switches. Configure edge ports for fast-transitioning into the forwarding state to fix workstation startup connectivity delays. Modify spanning-tree parameters for manual root bridge assignment. Implement ether-channels between each switch using PAgP for negotiation. Modify ether-channel load balancing method.
- Integrated WAN links between sites using frame-relay point-to-point and multipoint connections to establish connectivity between each of the four sites as required. Establish two frame-relay point-to-point connections between a central site and two remote sites. Configured multipoint connections between three of the sites forming a full-mesh.
- Configured EIGRP MD5 Message Authentication between sites to prevent unauthorized insertion of routes into the domain. Integrate manual EIGRP route summarization to reduce routing protocol demand on CPU resources, memory, and bandwidth used to maintain the routing table.
- Configure and administrated OSPF routing with multiple areas for networks between sites. Implement OSPF MD5 Authentication between each OSPF enabled subnet to prevent unauthorized insertion of routes into the domain.
- Integrated static NAT/PAT to provide access to services located on a server in the private network to the public network. Implement standard and extended access-lists to filter network traffic.
- Configured backup and recovery of Cisco IOS Images. Perform password recovery on Cisco IOS routers/switches and a Juniper EX2200 Series switch to restore administrative access. Backup and Restore startup-config file for disaster recovery.
- Configured and administrated an IPSec Site-to-Site VPN between the Cisco ASA5505 at small office location and Cisco 1841 ISR with a security IOS image at the main office. Implementation of the VPN includes the following configurations: Internet Key Exchange Policy using DES and SHA for encryption and authentication, access-lists to define VPN traffic, transform set using esp-des esp-sha-hmac to define how the traffic is protected, crypto-map to associate the previously configured elements to a peer, and application of the crypto map to appropriate interface or VPN endpoint.
- Configured and administrated Zone-Based Policy Firewall on the Cisco 1841 ISR with the following components: three zones, class-maps specifying traffic that must have policy applied as it crosses a zone-pair, policy maps to apply action to the class-maps' traffic, zone-pairs, and application of policy to zone pairs.
- Installed Cisco 2811 ISR VoIP with a Cisco Unity Express Network Module NM-CUE installed, Cisco Communications Manager Express, a standard Cisco 3550 Switch, and a Cisco 3550 switch with Power-over-Ethernet. Create and manage Data and Voice VLANs, and configure ports with static VLAN assignment and 802.1Q trunks for layer 2 forwarding. Configure edge ports for fast-transitioning into the forwarding state to fix workstation startup connectivity delays.
- Configure Fast Ethernet main and sub-interface assignments as required for intervlan routing. Implement static routes for local connectivity. Configured NTP server, DHCP server, and TFTP server for support of the VoIP network. Modification of system level parameters including max phones, max directory numbers, display format for date and time, and setting the Time-Zone.
- Integrate Unity Voicemail on the Cisco Unity Express Network Module. Configure a dial-peer on the Cisco 2811 ISR to define the attributes of the packet voice network connection to the Cisco Unity Express Network Module. Enable call forwarding on busy or no answer. Implement Message Waiting Indicators and Voicemail access via SMTP. Daisy-chain PCs to VoIP phones to reduce network cabling costs. Utilize PoE ports for VoIP phones to reduce power infrastructure costs.
- Administrated a wireless network infrastructure providing access to wired LANs to increase mobility and productivity utilizing the following network elements: Cisco Wireless LAN Controller WLC 2106, a Cisco 3550 switch, a Cisco 1130AG series Access Point, and a Cisco 1121G series Access Point. Create wireless LANs and configure interface association, security parameters, and radios used. Utilize the Wireless LAN Controllers web GUI to configure and manage the wireless network. Configure internal DHCP scopes for WLANs.
- Prepare configuration for AP registration on same subnet as management VLAN and for AP registration on different subnet. Implement option 43 for DHCP where necessary. Configure AAA AP policies to allow Self Signed Certifications for APs shipped without a Manufacturer Installed Certificate. Implement AP Grouping to ensure WLAN SSIDs are only broadcast by the APs desired.