SUMMARY:

• IT professional with over 15 years of professional and progressive technical experience in design/project implementations, senior administration/service requests, Tier 2/3 escalation support/ticket resolution, policies and procedures, analysis and troubleshooting of various technologies which includes proficiency in routing, routing protocols, switching, security, firewalls, voice, wireless and data center technologies.
• Proven background and experience in reviewing design documents and implementing/deploying technologies including provisioning, deploying, configuration, validation and documentation in a timely and proficient manner based on following internal policies and procedures and mandated compliance.
• Strong proficiency with administration and support including handling change requests, Tier 2 and 3 escalated tickets based on service level agreements (SLA) and documentation administration.
• Work well independently and in a team environment including verbal and written communications with technical and non - technical professionals, third party vendors/service providers and clients.
• Proven skills as subject matter expert (SME) to both technical and non-technical professionals including acting as advisor/mentor for various technical, professional and operational activities.

TECHNICAL SKILLS DETAIL:

WAN/Routing Technologies: OSPF, BGP, MPLS, EIGRP, Route-maps, Prefix-lists, ACLs, Static Routing, Stub Routing, IPv4/6, ARP, TCP, UDP, NAT/PAT, Cisco ASR 1004/1002-HX/1001-X, ISR 4451/3845/2851 , Cisco IOS XRv, Meraki MX 450/100, Juniper SRX 340/210, Juniper vSRX, Cisco IOS XE, JunOS.

Datacenter/Core Switching Technologies: VPC, VXLANs, VSS, StackWise, HSRP, VRRP, VLAN Trunking, SVI, Portchannel, STP, VTP, Portfast, BPDU Guard, UDLD, F5 Big-IP load balancers, LTM, Nexus 9K/7K/5K/3K/2K, Catalyst 6500/4500/3850/3750 X, Meraki 410/210/220, Juniper EX4200/2200, DHCP, CDP, ACL, QoS, SFP+, QSFP, NX-OS, IOS XE, JunOS, SolarWinds, Wireshark, Cacti, Nagios, Remedy, SNMP, DNS, SSH, FTP/SFTP

Security/Firewall Technologies: Cisco ASA 5555-X/5508-X/ASAv/5510, Meraki MX 450/100, Cisco IPS/IDS, Cisco ISE, Juniper SRX 340/240, Juniper vSRX, ACLs, SSH, IPSecVPN, SSLVPN, MPLSVPN, AAA, TACACS+/RADIUS, 802.1x Authentication, Port Security.

Wireless/Branch Technologies: Cisco WLC 5500/3504, Cisco vWLC, Cisco 3702i/1852i/3602i/1142 APs, Cisco Meraki MR 42/33/20 APs, Cisco ISE, TACACS+/RADIUS, 802.1x Authentication, 802.11, WLAN, WAP, SSID, LWAPP, SMTP, VoIP/SIP, QoS, CUCM, UCCX, AWS, Cisco Meraki Cloud-based Dashboard, UPS & PDUs.

PROFESSIONAL EXPERIENCE DETAIL:

Confidential

Network Engineer

Responsibilities:

• Member of a team of professionals responsible for design, administration/service requests, escalation support/ticket resolution and analysis in an enterprise LAN/WAN environment for data centers, corporate, WAN links, and branch offices.
• Technical operations responsibilities including acting as technical lead for network implementation & deployments, handling high-level change requests and tier 2/3 escalation support with a focus on providing root cause analysis while maintaining the companies strict SLA requirements.
• Additional responsibilities include implementing new policies and procedures, MOP’s and thorough documentation to end clients of the organization.

Confidential

Network Administrator

Responsibilities:

• Member of a regional enterprise engineering team responsible for deployment, administration and support of 24/7 mission critical technologies that include but not limited to routing, switching, VOIP and wireless technologies for both residential and business customers.
• Performed complex analysis and research of network security architecture, information security administration and policies to identify possible network security threats.
• General responsibilities included but not limited to analysis and implementation of all network technologies, day to day administration, tier 3 escalation support and proactive network analysis and timely communications with relevant technical and non technical teams, management and third party vendors.

Confidential

Network Administrator

Responsibilities:

• Member of a team of professionals responsible for installations, configurations, ticket resolution, and troubleshooting in an enterprise LAN/WAN environment for data centers, corporate, and branch offices.
• Technologies handled by the team include but not limited to local area network (LAN) technologies, wide area network (WAN) technologies, VoIP, server and enterprise applications, desktop technologies.
• Technologies in network environment include but not limited to routers, switches, security firewalls, voice, wireless and related technologies, various server/application administration and remote access.
• Created and administered Local VLANs based on department function, and configure ports with static VLANs for data and voice along with both dynamic and static 802.1Q trunks. ManagedVTP, mostly transparent mode, to control VLANs.
• Managed RSTP/STP on Cisco and Juniper switches and priority for root election. Managed portfast, bpdu guard, UDLD.
• Created and administered portchannels statically and using LACP, Etherchannels on catalyst and LAG on Juniper.
• Managed Stackwise, VSS on Catalyst, VPC on Nexus, and MLAG on Juniper for device redundant portchannels.
• Configured SVIs for VLANs with IPv4/IPv6 addresses with HSRP and VRRP for gateway redundancy on dist. switches.
• Implemented port-profiles in NX-OS for multiple ports and port-types to reduce errors and improve readability.
• Implemented secure access such as SSH, AAA, Radius, TACACS+ to vty and console ports along with SNMP and NTP.
• Implemented local voice network using Cisco 2811 ISR (VoIP) with a Cisco Unity Express Network Module (NM-CUE), Cisco Communications Manager Express, Cisco 3550 Switch with POE. Created and managed Data and Voice VLANs, and configured ports with static VLAN assignment and 802.1Q trunks for layer 2 forwarding. Configured edge ports for fast-transitioning into the forwarding state to fix workstation startup connectivity delays
• Implemented Unity Voicemail on the Cisco Unity Express Network Module. Configured dial-peer on a Cisco 2811 ISR to define attributes of packet voice network connections to Cisco Unity Express Network Module. Enabled call forwarding on busy/no answer. Implemented Message Waiting Indicators and Voicemail access via SMTP.
• Configured port security, DHCP snooping, IP ARP inspection, ipv6 RA guard for access switchport hardening.
• Managed an IPSec Site-to-Site VPN between Cisco ASA5500s at Main Office and Cisco branch ISR including Implemented VPNs for IKE Policy using DES and SHA for encryption and authentication, access-lists to define VPN traffic, transform set using esp-des esp-sha-hmac to traffic protection, crypto-map to configured elements to a peer, and application of the crypto map to appropriate interface or VPN endpoint.
• Implemented of Zone-Based Firewall on the Cisco branch ISR for three zones, applying class-maps as traffic crosses a zone-pair, policy maps to apply action to the class-maps’ traffic, zone-pairs, and application of policy to zone pairs.
• Deployed SSL VPN (WebVPN) to allow users to establish a secure, remote-access VPN tunnel to the Cisco ASA 5500 series using a web browser. Generated a general purpose RSA key-pair for authority identification, configure authority trustpoint for the WebVPN using self enrollment, and configure CA trustpoint interface association.
• Utilized Cisco ASA 5500 Modular Policy Frame-Work to configure and manage layer 3/4 interface service policies, apply inspection and connection limits to services, apply inspection and QoS policing to HTTP traffic.
• Configure HTTP inspection policy to block restricted sites and file downloads.
• Administered both single area and multiple area OSPF routing. Also implemented totally stubby areas to lower the system resource utilization of devices. Implemented hub and spoke network between three sites with the main office as the hub for redundant connections utilizing MPLS VPNs and GRE tunnels using IPSec.
• Implemented EIGRP routing on Cisco ISRs and ASAs. Prevented neighbor adjacency forming and sending/receiving routing updates on unnecessary interfaces. Implemented EIGRP MD5 between sites to prevent unauthorized insertion of routes into the domain. Implemented manual EIGRP route summarization to reduce demand on CPU resources, memory, and bandwidth used to maintain the routing tables.
• Implemented backup and recovery of Cisco IOS Images. Perform password recovery on Cisco IOS routers/switches and a Juniper devices to restore administrative access.
• Configured eBGP & iBGP peering using directly connected networks and loopbacks, ebgp-multihop. Managed BGP Peer groups and PREFIX-LISTs, ROUTE-MAPs, ACLs and neighbor statements to filter route updates to and from neighbors. Utilized show commands to provide routing information with debugging diagnostic commands to monitor BGP events.
• Managed SNMP, AAA, TACACS+, Radius, Netflow, Syslog, NTP for authentication, logging and management.
• Utilized Nagios XI (customized dashboard, SolarWinds Orion NPM, CACTI monitoring and graph traffic.
• Used the Wireshark tool to analyze HTTP, telnet, and SSL traffic