SUMMARY

Highly proficient Certified Cisco Network Associate Engineer with more than 20 years of Information Technology experience. A self-starter and team player with hands-on experience in large to mid-sized networks, that includes routing and switching, firewall security, VLAN configuration, IPsec, and IPv4 subnet design, and is mandarin self-taught. I took a leave of absence to support my older brother bed-ridden with a severe stroke, now I am back in the market

SECURIty CLEARANCE

·   DoD Security Clearance - 1993-1995 - inactive

·   US Department of Transportation Federal Aviation Administration Public Trust (PIV) EQIP – 2008 - inactive

·   Internal Revenue Service (IRS) MBI – 1999 – inactive

·   Interim Secret Security Clearance – Lockheed Martin February 22, 2016

TECHNICAL Experience

·   Cisco Hardware: IPS, ASA 5520, 3825 series router, 2960G/3560/6509E 720 and 2T supervisor engine switches

·   Network Technologies: Infoblox DNS-DHCP, Microsoft Active Directory, Cisco IOS, IPv6, Routing

·   Protocols: BGP, TCP/IP, EIGRP, OSPF, 802.1Q, STP, PVST+, QoS, 802.11, NAT, AAA, SNMP, HSRP

·   Security: Cisco: ASA, IPS; Check Point, ACLs, switchport port security feature, IOS commands, Sophos

·   Cryptography: VPN IPSec, 3DES, MD5, IKE, Sha-1

Education/Certification

·   Bowie State University, Bachelor of Science in Political Science - 1979

·   Check Point Certified Security Administrator, CCSA 4.1 - 2001

·   Check Point Certified Security Expert, CCSE 4.1 – CP0000011371 – December 2002

·   Cisco Certified Network Associate, CCNA – CSCO10064274 – November 2002

Professional Experience

·   During my leave of absence I have kept the professional focus by purchasing some Cisco e-books to for CCNP exam.

·   Since going to Lockheed Martin I am security focused and is studying to obtain CCNA Security.

Lockheed Martin - Network Engineer, Maryland                                                       March 2016 – June 3

·   Teamed with other engineers to learn layer 3 MPLS VPN and BGP peer-to-peer in DoD secured environment.

·   Understand basics of virtual routing forward (VRF) lite and how it is used in MBGP, and firewall location.

·   Visio diagramed firewalls, routers and switches in MPLS BGP environment

·   Lockheed surprisingly informed me to commute to Springfield VA. I terminated my employment after  two months.

LRS Consulting/BridgeStone Tires -  Network Engineer, Maryland                        October 2014 – October 2014   

·   Short-term temp assignment to apply patch management of new Cisco IOS layer 2 switches and IPS signature files.

·   Reconnect Cisco switches, SFP (small-factor pluggable transceiver), trunk ports, CAT5e, computers, and printers.

·   I took this position knowing full well it was a short term assignment, including others below.

University of California DC (UCDC) - Network Engineer, Washington DC          November 2008 – April 2014

·   The first week on the job at UCDC I identified a security hole in the Cisco ASA enterprise firewall. Requested and was given permission to insert a stealth rule to protect the firewall.

·   Applied Check Point best practice procedure configuring Cisco ASA change management standalone environment placing frequently used rules at the top of the rule-base above lease used rules. 

·   Signature-tuned Cisco AIP-SS20 IPS frequently to ensure that the alerts received are real, actionable information.

·   Segment Cisco 6509E 720 supervisor engine switch, L3(3560) and L2(2960) via VLANs and trunk (802.1q) to core.

·   Demonstrated know-how designing networks and positioning a firewall and IPS within the network IP address scheme.

·   NAT RFC1918 private space address on the firewall behind the University bloc of public address one-to-one

·   Harden network security on all Cisco networking devices by downloading the most recent IOS file updates

·   Tested the University perimeter security by pinging outward to DMZ to obtain !!!!. From DMZ ping inward for ….

·   Blocked ports deemed susceptible from the outside FTP, NetBIOS (135-139), SNMP (161-162).

·   Used access-list to support tightening internal security, and the IEEE port security features on all Cisco switch ports.

·   Implemented the industry standard best practices prohibiting spanning tree to dynamically elect the root bridge, instead configure the core switch with lowest priority to select the root switch.

·   Hierarchical widen the scope of the wireless private class C IP address /21 (8 Cs) to support more than 4,000 devices.

·   Troubleshoot network routing using the TCP/IP stack, Cisco IOS show commands, debug, and wire shark.

·   Modified BGP remote AS statement on edge router. Very knowledgeable of EIGRP and OSPF.

·   Tasked to researched new DNS-DHCP server, recommended Infoblox enterprise networking, assist with the server design, configuration to lease IPv4 request and translate the URL to DNS fully qualified domain name.

·   Designed, tested, and troubleshoot Aruba 802.11 wireless access-points connection to the controlling device.

·   Documented the University network using MS Visio to display snippets of networking devices and IPv4 layout.

AMTI - Network Engineer FAA, Washington DC                                             June 2008 – August 2008

·   Racked HP and Dell servers, and configured Cisco PIX behind Federal Aviation Administration intranet.

·   Installed MS SQL, Norton ISA servers, configured VMware ESX and Windows 2003 cluster servers.

·   Configured VLANs on Cisco 4006 switch, assist with F5 load balancer configuration

TEK System – Deployment, Howard University, SAIC, DELL, Blackboard - Washington DC June 2007 – May 2008                                                        

·   Migrated legacy systems, configured desktop images, and deployed new PC.

·   Upgraded desktop RAM (random access memory), DVD, monitors, and OS (operating system).

·   Configured windows server, added workstations to the network.

Isymmetry - Accenture Network Support, Virginia                                           August 2006 – December 2006      

·   Supported DoD classified environment configuring RSA card to enhance end user secure login.

·   Configured Sonic firewall to close ports deemed a security risk.

·   Installed windows server 2003, configured active directory, IIS, created user accounts and GPOs.

·   Troubleshoot PC problems using ping, ipconfig, netstat, traceroute, DNS/SHCP, and network cabling.

·   Advised and assisted end users to backup PST files, and make file size no larger than one gigabyte.

·   Configured RSA cards to enhance secure login, and implemented policy to lock-away unsecured laptops.

Self Employed                                                                                                        March 2005 – July 2006

Alionscience – Network Administrator, Maryland                                            October 2003 – February 2005

·   Managed local area network, PBX, backup user data, troubleshoot computer issue from desktop to wiring closet.

·   Configure Microsoft servers, connect user desktop to local area network and support issue w

·   Advised users and department’s heads about computer brands, specification, and pricing.

Laid off after 911                                                                                             September 2001 – September 2003

Digex Corporation – Firewall Engineer, Maryland                                          January 2000 – September 2001

·   Used Provider 1 to manage more than 300 Check Point firewalls, Configured Checkpoint VPN and secure remote.

·   Configure static routes, VRRP, used routing table, firewall logs, tcpdump troubleshoot and track firewall real-time data.

·   Used Visio to diagram and support the verification of switches and servers in the DMZ.

Alionscience – Network Administrator, Maryland                                          July 1999 – December 1999

·   Working for the IRS customers document, design, set up, and configured, and support local area networks.

·   Installed various computer applications in support of user request for testing.

·   Upgrade Cisco router, configure routers in support of DNS testing, use Visio to diagram network modification.

Virtualogic – IT Support, Maryland                                                               August 1998 – May 1999

·   Supported Health Human Services HRSA MIS department’s network risk assessment.

·   Inspected network configurations, servers, location of peripherals, and documented information.

·   Tested and tweaked Kane Security Analysis software based on best practices to audit NT and Novell servers.

·   Used Kane security software to audit government servers at HRSA.

·   Developed documentation summarizing the project and provided recommendations to further improve security.

Computer Aid Inc. – Desktop Support Marriot, Maryland                             April 1997 – July 1998

·   At Marriott International provided end users with COTS, in-house software and hardware support.

·   Installed COTS applications, hardware drivers, and troubleshot break/fix problems.

·   Configured, installed and connected individual end user workstations to network servers and domain.

 Kajax Engineering – Sr. Network Technician USDA, Maryland                   October 1995 – March 1997

·   Managed the delivery of quality network support to end users and department directors at USDA FSA division.

·   Provided back-up to junior technicians troubleshooting LAN/WAN and break/fix issues.

Orkand Corporation – Network Administrator Pentagon                         June 1992 – September 1995

·   At the Pentagon migrated ACSIM department local area network, configured CSU/DSU, Microsoft and Novell servers.

·   Troubleshoot end user break-fix problems: printers, desktops, network connections, email, and cabling.