SUMMARY:

• F5 LTM load balancing expertise and data center architect.
• CISSP and CCNA certified professional with over 15 years of experience as a Network Engineer, Network Security Engineer, and Network Infrastructure Engineer.
• Experience mentoring on packet capturing (sniffing), SNMP logging and NMS troubleshooting.
• Experience in configuration of esoteric applications/protocols for IT Security ( Confidential, SSL VPN, PKI, RADIUS, TACACS+, EAP, EAP - Fast, PEAP, CHAP, MS-CHAP), and authentication.
• Experience monitoring cryptographic applications, URL filtering, logging, and syslog reporting.
• Configuration of STP/MSTP and network ingress/egress points and network architecture.
• Experience designing TCP/IP networks, diagrams with Visio, documentation of security policies, and recording of data required for trouble tickets (Remedy, AOTS).
• Extensive use of routing protocols, such as OSPF, EIGRP, and BGP.
• Experience with of IPSec and SSL VPNs, terminated on various endpoints (CP FW-1, ASA, F5).

TECHNICAL SKILLS:

Primary: Cisco routers and switches; F5 Big-IP LTM Load Balancers; Cisco PIX/ASA and Checkpoint Firewalls; IPSec and SSL VPNs; OSPF, EIGRP, and BGP routing protocols; SNMP monitoring; Frame-Relay, ATM, MPLS; and Ethereal/Wireshark sniffers.

Secondary: F5 3DNS and Big-IP GTM Load Balancers, Juniper firewalls, UNIX/Linux, Solaris, Windows 2003/2008 Servers, DNS, VMware Server and Virtual Center Infrastructure.

PROFESSIONAL EXPERIENCE:

Confidential, Greeenville, SC

Data Center Support Analyst

Responsibilities:

• NOC support, making recommendations for setting of alarm thresholds, and monitoring of WAN.
• Monitoring and updating documentation in BMC Remedy for critical needs assessment based on the severity of trouble tickets and new customer complaints.

Confidential, New York, NY

Infrastructure Support Analyst

Responsibilities:

• Data Center move support, with switches and routers, static routing, gateways and firewalls inclusive; verifying server pool connectivity, speed and duplex for globally accessible services.
• Server building and troubleshooting, with focus on ticker financial data, X file structure, and updating the proprietary financial software (Priceserver-created by ILX).
• Monitoring of Thomson ONE workstations, data recording and Remedy trouble ticket monitoring and updating; and remediation of gapping in ticker reception.

Confidential, Atlanta, GA/New York, NY

Network Infrastructure Engineer

Responsibilities:

• F5 (LTM) troubleshooting of server pools, IPSec or SSL profiles, end point load balancing, point-to-point connectivity, and IPSec offloading.
• F5 LTM traffic monitoring, logging, farm load balancing, auditing, and accounting/reporting.
• Provided information to the engaged parties addressing compliance standards, management reports, and other KPIs.
• Assisted the Process Owners in identifying and prioritizing process improvements.
• Approved acceptable changes from Senior Management for Significant and Major changes.
• Facilitated Senior Management meetings for Major RFC reviews and/or endorsements
• F5 V.11.5 TMOS updates, iRule creation (with TCL), and administration via CLI or GUI.
• Running of F5 LTM 9.x/10.x qkview and files transferred for F5 Engineering support.
• Formulated test plans for “Proof of Concepts”, created Visio designs and architecture (Visio).
• VLAN configuration and coordination with disparate stake-holder groups for project controls.
• Troubleshooting of IPSEC/SSL VPNs, terminated on Checkpoint Firewall-1 or Cisco ASA.
• Troubleshooting switches, routers, and servers in the data center, with EIGRP dynamic routing, VLANs, F5 member speed/duplex verifications, and OSPF packet routing configuration.
• Design and configuration of data center hardware, including VMware Player, application per-VLAN configuration, subnetting, and server placement.
• Monitoring of cryptographic applications, URL filtering, alerting, Syslogs, and logging.
• Cisco ASA firewall administration ASDM utility, and NAT of secure application servers.
• Cisco PIX rule cleanup, verifying ACL usage, replacing hardware with ASA 5505/5510 firewalls.
• Auditing of software, and vulnerability scanning using NMAP against vulnerable machines.
• Cisco 2600/2800, and 7200 router configuration including static and OSPF dynamic routing.
• Configuration of esoteric security applications for IT Security ( Confidential, SSL, PKI, RADIUS, TACACS+, EAP, EAP-Fast, PEAP, LEAP, CHAP, MS-CHAP) and multi-factor authentication.
• Troubleshooting and isolation of connectivity issues and application communication working across load-balanced server pools (F5) with disparate back-end servers on isolated subnets.
• UNIX system administration, including various CLI tools and file manipulation (cat, vi, grep, passwd, kill, mv, mkdir, rmdir, chmod), TACACS administration, FW rules and PCI-DSS orchestration for financial services.
• Prepared DLP policies, managed workflows, performed remediation of vulnerabilities reported or projected, and running of reports and administration from the management console.
• Checkpoint Firewall-1 R70/R75 enforcement point installation (Secureplatform (SPLAT)).
• Checkpoint Firewall-1 R65 user administration, and site-to-multi-site SSL VPN configuration.
• Configuration of routers with OSPF router IDs and associated configuration (single area, occasionally with virtual links), interface IPs, and port/VLAN assignments.

Confidential, Oakton, VA

Network Engineer

Responsibilities:

• F-5 Big-IP LTM load balancer configuration with emphasis on WAN traffic control and balance.
• Troubleshooting (Visio) infrastructure with Wireshark, TCPDUMP, and other sniffer tools.
• Maintained LTM (F5 Local Traffic Manager) for load-balancing multiple server pools.
• Verification of firewall rules, and administration of Checkpoint Firewall-1, and the AOTS.
• LAN/WAN Data Center Infrastructure support, with MPLS connectivity and SNMP.
• Confidential, RADIUS, and other two-factor authentication mechanism support.

Confidential, Suwannee, GA

Senior WAN Engineer

Responsibilities:

• Data center connectivity with Cisco 6500 switches (Sup720) and 7600-S series routers (RSP720), and configuration of BGP attributes for WAN connectivity (routing with EIGRP or OSPF).
• UNIX (SunOS/Solaris) administration and troubleshooting for end-users across the enterprise.
• Multi-homed BGP inbound and outbound policy configuration including route-maps, as-path access-lists, filter-lists, as path prepending, and associated troubleshooting.
• Backbone network redesign planning, documentation, ISP selection and screening for MPLS/VPLS solution replacement supporting VoIP and jumbo frames with burst capability.
• Firewall administration (Cisco ASA, and Confidential ) for managed services).

Confidential, Oakton, VA

IP Security and Network Engineer

Responsibilities:

• Cisco (6513, 7609) and Juniper (M320) router configuration including load-balancing, route-maps, ACLs, OSPF single area configurations, call-flow troubleshooting, and BGP routing.
• Data center connectivity and end-to-end troubleshooting of server and workstations.
• Installation of VMware ESX server software and configuration of VLAN infrastructure.
• Cisco IOS scripting, VPN fast re-route operations, and change management documentation.
• Firewall ruleset changes to permit communication through ISP, direct connect, or VPN (AVPN).
• Cisco ASA 5500 firewall administration for site-to-site VPN customers (multiple contexts).
• Cisco CSS 11000 administration for HTTP web portal load-balancing operations.

Confidential, Norcross, GA

Network Engineer

Responsibilities:

• Data center redesign of including Cisco 6509 and 2960 switches, F5 Big-IP LTM load balancers, Checkpoint R65 Firewalls (Nokia IPSO), VLANs with VTP, and load-balanced ISP connectivity.
• F5 Big-IP LTM 3400 and 1500 load balancer design and configuration including upgrades to TMOS version 9.4, nodes, members, virtual servers and server pools, NAT, SNATs, and iRules.
• Cisco PIX 6.35 configuration including access-lists and multiple site-to-site VPNs.
• Repair WAN communications, firewall holes, and break-fix for trouble tickets.
• Suse Linux Enterprise Server 10 configuration with Cacti/Hobbit for network/server monitoring.
• Checkpoint Connectra R62CM SSL VPN with embedded Native applications and RADIUS.
• Cisco 6506 CatOS L2 configuration (VLANs, Etherchannel) and troubleshooting; replacement of Supervisor card and power supplies, and upgrade to Native IOS.
• Network troubleshooting and traffic optimization with tools such as TCPdump, Sniffers (Ethereal/Wireshark), Cacti (SNMP), and Kiwi Syslog Daemon (firewall logging).

Confidential

Senior Infrastructure Engineer

Responsibilities:

• Designed two new data centers with 99.999% uptime, dual Cisco 6509s (Sup 720), HSRP/VRRP, OSPF routing with Virtual Links, F5 Big-IP Server Farms, and ASA 5500 series Firewalls.
• Design and installation of Load Balancing solution with F5 BIG-IP Local Traffic Management (LTM), with Web and Application Servers, iRules for code enhancement, and SSL offloading.
• Maintenance of legacy data centers with F5 1500 Load Balancers (130 server farms), dual PIX firewalls (6.3(5)) with multiple DMZ/security levels, Cisco 4509 cores running HSRP.
• Responsible for Radware Linkproof ISP Global Load Balancer design and administration.
• Site-to-Site VPN connectivity provided with Cisco PIX (6.3) and ASA (7.2) firewalls using the CLI or ASDM, in Active/Passive failover mode with NAT and/or PAT, IPSec.
• Troubleshooting of various Cisco switches and routers (1800, 2800, 2960, 3750, 4509, 6509).
• VMware ESX Server installations and administration with VirtualCenter Client 3.x.
• F5 BIG-IP 3400 OS upgrades, setup of VIP listeners (virtual servers), virtual forwarding servers, profile optimization, traffic analysis with TCPDUMP, and of system administrators.

Confidential

NSD Implementation Engineer

Responsibilities:

• Cisco 7609/JunOS M320 including Syslog, TACACS, VLANs, line cards, and PIC installation.
• F5 LTM Load Balancer configuration exports and network design planning with Visio.
• Routing protocol configuration including BGP peering sessions and OSPF troubleshooting.

Confidential

Network Engineer

Responsibilities:

• Cisco 3845, 4510, 6509, 7500, 7600; Juniper J2300, M-series, EIGRP, OSPF, BGP.
• Cisco PIX and ASA (Adaptive Security Appliance) VPN configuration with IPSec encryption (3DES, MD5, SHA) using command-line (PIX) and/or ASDM client.
• Checkpoint firewall-1 v4.1 administration and conversion to Watchguard Firebox SSL gateway.
• T1-T3 circuit and BERT testing, DSLAM configuration, and liaison with ILEC and IXC carriers for local ISP.

Confidential, West Caldwell, NJ

Network Security Engineer

Responsibilities:

• Infrastructure support of WAN: Cisco 7200s, 4500s, 6500s, F.R. mesh, VPN, VLANs, routing.
• Responsible for Checkpoint firewalls, Active Directory GPO’s, Snort IDS, vulnerability scanning with Nessus, Tiger Team report remediation, and logging of suspicious activity.
• UNIX (Solaris and Linux) support including general file maintenance and networking.
• Cisco PIX firewall configuration with NAT rules, IPSec VPN, failover, and multiple DMZs.
• Check Point Firewall NGAI configuration, NAT, DMZ, and monitoring with Smartview Tracker.
• Change control documentation in Remedy and network group rep. for change control meetings.
• SNMP/RMON probe monitoring and management with HP Openview, SolarWinds and MRTG.
• VPN configuration using Cisco 3000 Concentrator, Nortel Contivity gateways, Vircom RADIUS authentication, SSL s and/or IPsec VPNs with standard encryption (3DES, MD5, SHA).
• TCP/IP network design and documentation with Visio, documentation, and report writing.Troubleshooting T-1 lines, Wellfleet, Bay Networks, Synoptics routers, ISDN PRI racks, D-4 channel banks, PADs, and CSU/DSUs (Verilink, Northern Telecom, Confidential &T).
• Configuration of Cisco routers (IOS 11/12.x), access servers, and Catalyst switches with HSRP.
• Cisco PIX Firewall configuration (PIX v.4.x); VPNs, DMZ, rules, access lists and failover.
• CSU/DSU and Telco line configuration including Frame-Relay, X.25, HDLC, ATM, and TCP/IP.
• Configuration and troubleshooting of Windows NT/2000 Servers, DNS and DHCP servers.
• SNMP agents between RDC’s of BellSouth’s OSI Platform (BOSIP) with HP Openview.
• HP Openview with the data collector on SPARC workstation running Solaris 2.x in a NOC.
• Configuration of IIS Web Servers, NT 4.0 Servers and Workstations.