SUMMARY:

• Senior IT professional with over 10 years of experience in planning, analyzing, and implementing organizational objectives. Excel at providing comprehensive secure IT/network design, systems analysis, and full lifecycle program management for various network technologies for medium to global enterprise environments which includes proficiency in routing, switching, security, voice, wireless, data center technologies.
• Proven strength in overall overseeing the troubleshooting, configuring, architectural design and re - engineering of infrastructure environments; incorporating convergence, virtualization, security, routing/switching, multicasting, remote access, VoIP, and firewall solutions.
• Highly qualified with outstanding verbal/written communication and leadership skills to effectively resolve problems and promote a positive work environment with a record of s in administering programs, improving employee relationship and motivating others to ensure streamlined operations, improved processes and increased efficiencies.
• Implement trunk ports and implement granular control of VLANs and VXLANs using NX-OS to ensure virtual and flexible subnets that can extend further across the network infrastructure than previous generation of switches.
• Implement port-profiles as part of the NX-OS command structure that allows for configuration of multiple ports and port-types via inherited configurations applied via a single command that reduces administrative error and allows for better configuration readability.
• Implement a virtual version of Nexus: Nexus1000v into VMWare to extend Nexus capabilities directly adjacent to virtual machines so that they benefit from Cisco switching capabilities and network topology consistency ensuring VMs maintain their subnet/VLAN relationships during failover.
• Implement secure privileged administrative access to the Cisco IOS system. Enable the encryption of system passwords to prevent unauthorized users access to passwords in the system configuration.
• Implement secure access to the console and vty ports, and set the interval that the EXEC command interpreter waits until user input is detected on the Console and vty ports. Also, configure the console and vty ports log messaging to not interfere with active device configuration.
• Implement VLAN Trunking Protocol to reduce administrative overhead. Enable secure sharing of VLAN information to prevent the introduction of rogue devices from affecting the VLAN database. Shutdown unused switchports following Layer 2 security best practices.
• Create and manage Local VLANs based on department function, and configure ports with static VLAN assignment, static 802.1Q trunks, and dynamic ISL trunking using PAgP for layer 2 forwarding. Utilize VLAN Spanning-Tree in conjunction with PVST+ for compatibility between Cisco and Juniper switches. Configure edge ports for fast-transitioning into the forwarding state to fix workstation startup connectivity delays. Modify spanning-tree parameters for manual root bridge assignment. Implement ether-channels between each switch using PAgP for negotiation. Modify ether-channel load balancing method.
• Implement WAN links between sites using frame-relay point-to-point and multipoint connections to establish connectivity between each of the four sites as required. Establish frame-relay point-to-point connections three of the sites creating a full mesh. Implement hub and spoke network between three of the sites with the main office as the hub for redundant connections.
• Implement EIGRP routing for point-to-point and Non Broadcast Multi-Access networks. Ensure that the spoke routers are receiving routing information about each other from the hub. Configure EIGRP unequal-cost load balancing to also use the lower capacity multipoint links when routing packets.
• Prevent neighbor adjacencies from being formed as well as the sending and receiving of routing updates on unnecessary interfaces. Implement EIGRP MD5 Message Authentication between sites to prevent unauthorized insertion of routes into the domain. Implement manual EIGRP route summarization to reduce routing protocol demand on CPU resources, memory, and bandwidth used to maintain the routing table.
• Implement OSPF routing with multiple areas for networks between sites. Implement totally stubby areas to lower the system resource utilization of routing devices for the network. Implement NSSA area to allow injection of external routes into the area and propagation into the OSPF domain.
• Implement backup and recovery of Cisco IOS Images. Perform password recovery on Cisco IOS routers/switches and a Juniper EX2200 Series switch to restore administrative access. Backup and Restore startup-comfit file for disaster recovery.

TECHNICAL SKILLS:

Routing/Switching Products: Cisco Routers (3900, 2900, 1900, 800 Series), Cisco Catalyst Switch (6500, 5500, 4900, 4500, 3750, 3560-X, 3100), Cisco Nexus 1kv, 2k, 5k Series, Juniper and HP Routers & Switches - WAN, LAN, TCP/IP, Cisco IOS, Spanning Tree Protocol, BPDU, CDP, ACL, NAT, PAT, RIP, RIPv2, OSPF, OSPFv3, EIGRP, BGP, MPLS, VTP, SNMP, SMTP, ARP, TCP, UDP, Static Routing, Stub Routing, VLAN, VLAN Trunking, VXLANs, Multicast routing, HSRP, SVI, CEF, Etherchannel, Portfast, VSS, VPC.Security/Firewalls Technologies - Cisco Security Manager Suite, Cisco ISECisco ASA 5500 series firewalls, Cisco FWSM, Cisco IPS/IDS, Cisco ACS, Advanced Firewall Manager (AFM), Cisco ASA 1000V cloud firewall, Checkpoint Firewall, Juniper SRX series, Palo Alto, Protocols & Standards - AAA, TACACS+, RADIUS, SSH, VPN, IPSec, SSL/IPSec, Data Loss Prevention, Data Management Zone, Pretty Good Protection (PGP), Public Key Infrastructure (PKI), Internet Key Exchange Policy, Port Security, MAC Address Filtering

Data Center Technologies VMware, F5 Big: IP load balancing, Riverbed, Cisco IPS/IDS, 10G/40G Ethernet, FCoE, SAN, Port-channels, VXLANs, vPC Port-Profiles, Routing Profiles, and Service Profiles, SFP+, NAS, RDX, DB

Wireless/Voice Technologies: Cisco WLC, IEEE 802.1x & 802.11, WLAN, WAP, AP, SSID, LWAP, Aironet, Bluetooth, Avaya, AURA - Voice Over Internet Protocol (VoIP), VoIP/SIP, CUCM, UCCM, UCCX, MGCP, RSTP, SCCP, STP, Quality of Service (QoS), PoE, MMDS, LMDS, CCK, DSSS

Monitoring/APPS Wireshark, Cacti, Nagios, VMware, Solarwinds, Riverbed, Splunk, Cisco Works, LogicMonitor, Cisco Security Manager Suite, Server, Sniffer, Ethereal, SNMPv2c, SNMPv3, RMON, Syslog, tcpdump, DNS, DHCP, FTP, Telnet, HTTP(S), SMTP, tunneling protocols, point-to-point, SFTP.

Other Technologies: Mulesoft ESB SaaS operation, ITIL, GFImax, tripwire, Rapid 7 Nexpose Pentration, Jira, confluence, Windows 2003, 2008, 2012, Linux Ubunto, CentOS.

PROFESSIONAL EXPERIENCE:

Confidential

Network Manager/Consultant

Responsibilities:

• Lead implementation programs for improved network security, including segmentation, perimeter and in-depth monitoring, and active response.
• Responsible for the overall hands-on management of an enterprise network consisting of over 2,500 network devices that included all routing, switching, wireless, security (firewalls, VPN), load balancing at both corporate and branch locations.
• Weekly meeting with director on project updates and timelines
• Conduct maturity assessments and technology gap analysis for network security.
• Design and develop technical requirements, security solutions, and implementation planning for network security architecture.
• Weekly meeting with team and vendors on various network upgrade projects including Nexus core switch cutover from catalyst, Cisco firepower implementation, enable multicast in environment, update all data center documentations
• Specific projects/major tasks handled included VPN and firewall corrections/updates, layer 3 switching integration, VLAN reconfiguration, Wireless upgrade/changes, video conferencing implementation, DNS/DHCP, multi-location routing restructuring, network monitoring updates including establishing/modifying alerts and baselines to name a few.
• Other projects handled included server upgrade and network hardware rack and stack in data center, rack power load
• Design and architect enterprise monitoring tool Solarwinds Suite NPM, NCM, Netflow and syslog.
• Ensure all network devices are in best practice and PCI, HIPPA compliance.
• Manage AVPN MPLS migration including upgrades and documentations

Confidential

Senior Network Consultant

Responsibilities:

• Design, deploy, and manage network technologies compliant to Dept of IT.
• Member of a senior consulting team responsible for network stabilization project topic includes network infrastructure features, security, sustainability, interoperability and flexibility based on department budget and operational goals.
• Conduct maturity assessments and technology gap analysis for network security.
• Design and develop technical requirements, security solutions, and implementation planning for network security architecture.
• Projects includes the design/acquisition and implementation/deployment of redundant network core, access layer LAN/WAN infrastructure technologies to include routers, multilayer switches and related networking technologies.
• Perform assessments for metropolitan area network/lan that also include cloud wireless solution. POC Meraki and Aruba IAP.
• Special project included evaluation, compare analysis, design and implementation of various enterprise monitoring tools including Nagios, Zenoss and Solarwinds.
• Design and implement Solarwinds suite (NPM, NCM, Netflow, IPSLA, LEM, IPAM and VMmon) to manage all network devices including routers, switches, firewalls, WLC, Riverbed.
• Major project on Network Data Center Rack consolidation where we had over 12 racks and we successfully consolidated into 3 racks. Data Center was moved which included compliance, power, cooling, devices, environmental concerns and implemented 30 minutes uptime when the environment goes down. Network/compute/design with SAN/Storage, top of rack switches and Cisco Nexus.
• Tracking and managing all network devices EOL and EOS, routers and switches and other related network technologies.
• Develop, test disaster recovery network for all 12 sites.

Confidential

Network Manager/Technical Lead

Responsibilities:

• Managed a team of network professionals that is part of a larger team responsible for the end to end administration and support of Weight Watcher’s global network including the corporate offices, Data Center and branch locations.
• Management/Lead responsibilities included handling project management, overseeing the change management, monitoring, analysis and optimization using enterprise network monitoring tools Solarwinds, Wireshark servers and Niksun. Using the PPDIOO Lifecycle Approach to Network Design and Implementation.
• Technical Responsibilities include technical lead/level 3 support which included Cisco WAN Network Core, Distribution, and Access Layer, Bluecoat, F5 load balancer, Raritans, Riverbed, netbotz, and APC Enterprise Manager, configuration and installation of Cisco routers using standard routing protocols, configuration and installation of Cisco Catalyst switches, supporting Cisco ASA 5500 and Checkpoint firewalls, Cisco IOS upgrades and troubleshooting for various LAN/WAN network infrastructures.
• Additional responsibilities include development and implementation WAN network designs, review and conduct internal IT security audits, HIPAA and PCI compliance projects, Data Center cabling, rack layout designs, installation and managing client /vendor relationships.
• Additional responsibilities included mentoring junior techs, managing and supporting clients and participating in new hire selection process including interviewing and assessing qualified candidates for new hires.

Confidential

Network Administrator

Responsibilities:

• Member to a team responsible for network configuration, design, implementation, installation, escalation support, documentation and troubleshooting for various LAN/WAN network infrastructures which include Cisco routers, Cisco switches, Cisco ASA 5505 firewalls, monitoring and Logmein pro and GFImax remote management systems.
• Technologies handled by the team include but not limited to local area network (LAN) technologies, wide area network (WAN) technologies, server and enterprise applications and desktop technologies.
• Professional responsibilities included documentation, network issues, change management, client /vendor relationships, backup configurations and network designs.
• Additional responsibilities included mentoring junior techs, managing and supporting clients and participating in new hire selection process including interviewing and assessing qualified candidates for new hires.

Confidential

Escalation Support (HD)

Responsibilities:

• Member to a team of professionals responsible for the highest level client / vendor relationships, analysis, support and troubleshooting of various enterprise infrastructures.
• Technologies handled by the team include but not limited to local area network (LAN) technologies, wide area network (WAN) technologies, server and enterprise applications and desktop technologies.
• Professional responsibilities included repeat business and referral to increase overall revenue.