|
Namon
Sloan
Experience Summary:
I have over 15+ plus
years of professional experience in Network Design, Support and
Security. Through my experience I’ve obtained a broad knowledge in
network infrastructure technologies with expertise in customizing solutions
that have specialized requirements. The clients I have supported are
the following, DOD Army (Fort Knox) via I3MP project, Army (Fort Belvoir)
via AKO project, DHS (TSA) via ITIP project, Department Of Justice (DOJ) –
Federal Bureau of Investigation (FBI), Commercial Financial customers GE
Capital, GM/GMAC and IBM Mainframe datacenter customers (Amtrak, Michelin,
JC Penny’s, etc.). I currently hold an active DOD TS clearance with
SCI.
Work Experience:
ICS-NETT- Washington, DC (02/2015 – Present)
Principle Network Engineer – Department of Justice
(DOJ) - Federal Bureau
of Investigation – (FBI)
Responsibilities:
As
a Principle Network Engineer, I provide operations support for Enterprise
Infrastructure services along with Network Engineering. I’m a subject
matter expert for Enterprise load balancing. I also support Firewall
security technologies and Datacenter. I manage the following
technologies and vendors
Application Delivery Controller (ADC)/Load Balancer
(SME)
·
F5 Local Traffic Manager (LTM)
·
F5 Global Traffic Manager (GTM)
·
Cisco ACE 4K series and ACE Module 6509 blades
Security:
·
Juniper SRX/Netscreen firewalls
·
Cisco ASA firewall – 5500 & X series
·
Taclane KG-175A & KG-175D
L2/3 Switch & Routers
·
Cisco 2900, 3700, 4500 series switches
·
Cisco 4500, 6500-E, 6500-VSS switches, 7200 Routers
Datacenter
·
Nexus Datacenter Enterprise Infrastructure
·
Nexus TOR, SPINE and LEAF series switches (9K
Architecture)
·
Datacenter CLOS Technology for cloud clusters
·
VPC, Peer-Switch, etc
Xcelerate Solutions - Fort Belvoir, VA (01/2014 –
02/2015)
Senior Network Architect/Engineer - US Army (AKO)
Responsibilities
As
a Senior Network Engineer, I provide Network Architecture, engineering and
operations
support for datacenter infrastructure services. I manage the
following
technologies and vendors.
Security:
·
Juniper Netscreen firewalls
·
Cisco ASA firewall – 5500 Series
·
Cisco ACS 5.x
·
Cisco NAC
·
Taclane's KG-174A & D, KIV-7M
Load Balancer
·
F5 LTM & GTM 11.x version, irules, specialized load
balancing methods, along with custom health monitors.
L2/3 Switch & Routers
·
Cisco 2900, 3700, 4500 series switches
·
Cisco 6500, 7600 L3 switches
·
Cisco 2900 routers
Dynamic routing protocols, BGP, OSPF, EIGRP,
Standard and Extended ACL’s,
Cisco L3 switching SVI's and VRF’s
Datacenter Virtualization
·
Cisco Nexus 7K
·
VMware Vcenter 4.x, 5.x
·
VMware ESXi Hypervisor 3.x, 4.x, 5.x
·
Cisco UCS – Fabrics and Chassis
Server Administration
Sun, Oracle, Red hat, DNS, rsyslog, tftp, etc.
Microsoft AD 2008R2 administration (DNS,DHCP, etc)
Computer Science Corporation – (CSC) – Arlington,
VA (04/29/13 – 01/2014)
Senior Security Engineer – TSA (Transportation
Security Administration)
As an Engineer, I provide operation and
maintenance support of security infrastructure devices.
-
Cisco ASA Single & Multimode
Firewalls (5500 Series)
o Remote
(Anyconnect) & Site to Site administration
o ACL,
Static/Dynamic Translation administration
-
McAfee (Web Washers) Web Proxies
(Forward & Reverse)
-
Symantec Antivirus
-
IBM ISS HIDS & NIDS
-
Sourcefire NIDS
-
F5 Load Balancers (LTMs)
-
Cisco ACS, Ciscoworks, CSM
administration
-
Solarwinds monitoring and management
Booz Allen and Hamilton, Mclean, VA, USA
Associate – Cyber Security Architect (06/2011 –
04/29/13))
As an Associate, provide technical expertise in
developing cyber technology solutions for new commercial and DOD
customers. This includes gathering customer requirements, conducting
analysis and testing solutions.
Clients - Projects
Treasury Departmental Office (DO) – Office Of
Financial Resource (OFR)
(Network SME Architect/Engineer) – 10/01/12 -
06/2011
·
Manage Ciscoworks Prime 4.x and Cisco ACS 5.x VMware
& appliances to support infrastructure.
·
Designed and Implemented Cisco MAB solution for OFR and
other DO bureaus.
·
Managed Cisco Nexus 4KI and Security Enclave for OFR
organization.
·
Experience with Nexus 4Ki, 5K and 7K in datacenter
environments with Treasury (Designed, Configured, first deployment of
Enterprise QoS for DO infrastructure)
·
Managed Router ACL’s for Security Enclave for OFR
organization.
·
Designed and Implemented QoS solution for DO enterprise
to support VOIP infrastructure. Also to support enterprise
applications for OFR and other bureaus.
·
Modified design and configured ASA 5580-40 for a
security enclave proposed design.
Client – Projects continued
Defense Acquisition University (DAU), Fort Belvoir
(F5 SME Architect/Engineer) – 05/01/12 - 10/01/12
Roles/Responsibilities
·
DIACAP Certification and Accreditation of Atlas
Application
·
F5 Load Balancer Subject Matter Expert (SME)
Brocade Communication Systems, San Jose, CA
(Network Architect/Engineer) 10/01/10 – 06/24/2011
Strategic Business Systems - (A Brocade Company -
Professional Services), Herndon, VA (Network Architect/Engineer
Consultant) 02/08/10 - 10/01/10
As a Brocade Resident Consultant, Mr. Sloan was
responsible for the design and support of Brocade (Foundry) Infrastructure
for DOD customer (Fort Knox NEC).
He assessed customer requirements and network
infrastructure on future architect design upgrades. He replaced
Extreme Network core with brocade high-end routers and switches. He
maintained DISA network security STIGs for Brocade layer 2 & 3
switches. Also maintained server security STIGs for Sun Solaris and
Windows 2008 servers.
Strategic Business Systems experience (contd)
DISA STIGS are the guidelines he used to test,
assess, and evaluate technologies deployed within the infrastructure.
He scanned windows & Unix applications to verify if services are
secure. He evaluated the security of the network
protocols used by the application with sniffers.
Application and Equipment Testing:
Brocade Switch/Router configuration
Cisco Switch/Router configuration
Cisco VOIP – Call Manager/Unity & IP Phone
Unix & Windows Server operating systems
Brocade Iron view Network Manager (INM)
application
Computer Associate (CA) Spectrum Monitoring System
application
Avaya VOIP infrastructure – CLAN & IP Phone
connectivity
Unisys – Reston, VA
Network Architect 10/15/07 – 02/08/10
As a Network Architect, Mr. Sloan was responsible
for supporting and designing DHS/TSA infrastructure. His initial
focus when starting on the TSA project was as a subject matter expert (SME)
for F5 load balancers products. He designed and tested new F5 Local
Traffic Manager (LTM) solution to upgrade old
F5 load balance WEB, Application, and backend
database tiers. He also worked with the Unisys SOC to review the
current IDS/HIDS infrastructure for compliance against customer
requirements. This lead to an upgrade to replace the current
Sourcefire IDS and IBM ISS NIDS. He also took the lead as the
AirDefense engineer on designing and testing Wireless Intrusion Detection
System (WIDS) to protect the customer’s first wireless WI-FI Protected
Access 2 (WPA2) AES-128 certificate based supplicant wireless system
infrastructure. He reviewed customer security requirements to update
documentation on new architecture. He evaluated requirements and new
designs in a lab environment while documenting the as-builts for technical
references in support of certification and accreditation. Assisted in
Cisco VOIP administrative tasks and upgrades for internal and remote
customer locations.
Amtrak – Washington, DC
Network Architect/Senior Network Engineer (Full
Time) 07/11/07 – 10/15/07
As a Network Architect, Mr. Sloan was responsible
for designing all IT environments within the Amtrak Enterprise, with a
heavy focus on the datacenter. He reviewed customer requirements to
evaluate the current infrastructure, and then designed solutions for IBM to
fulfill current and future requirements.
IBM (International Business Machines) – Manassas,
VA
Senior Network Engineer (Full Time) – (Amtrak Account)
03/21/05 – 07/11/07
As a Senior Network Engineer, Mr. Sloan was
responsible for the design, implementation and management of network
infrastructure for the Amtrak Datacenter and other campus network locations
throughout the enterprise. His responsibilities were to monitor and
maintain datacenter switches, routers, firewalls, Dynamic Host
Configuration Protocol (DHCP), Domain Name System (DNS), Simple Mail
Transfer Protocol (SMTP) servers, Cisco and F5 Load Balancers. He
worked with third party financial service vendors to maintain their
connectivity to the Amtrak IBM mainframe. He worked heavily with UNIX
and Windows administrators on day-to-day requests, projects and
issues. He trained contractors to build a dedicated datacenter network
team for maintaining daily operations and weekend maintenance updates. He
managed the network personnel and on-call rotation. He maintained
network security for the Amtrak datacenter using the following
technologies.
Products:
Cisco Secure Access Control Server (ACS)
Microsoft Windows Radius Server
Steel belt Radius Server
Cisco firewalls: PIX 525, Firewall Service
Module (FWSM), ASA 5510
Checkpoint firewalls: Nokia, NG FP3 software
Cisco Routers: 2600, 3600 series
Cisco Switches: Cat 4000, IOS 2900, 4006,
3700
Bluecoat Proxy Firewall
Products: Continued…
Cisco local director
F5 Load Balancers: Local Traffic Manager
1500, 3500
F5 Fire pass & Application Security Manager
(ASM)
.
Financial Projects for Amtrak:
Project 1 – Quick tracks and Zappi Redesign
-
Re-designed and supported IBM
Mainframe z/OS connections to the datacenter LAN to provide secure
financial application communication. These connections were for the
Amtrak Kiosk’s across the United States to process financial transactions
through F5 load balanced applications servers, then to F5 load balanced
Microsoft Host Integration Servers then through FWSM to mainframe.
IBM (Amtrak) continued…
Project 2 – Internet Booking Internet & DMZ
Distribution Redesign
-
Re-designed and supported Amtrak
Internet booking frontend with F5 Load Balancers and F5 Application
Security Manager (ASM) from threats across the world. The common
hacks were SQL injections and website modification Crawlers. The F5
ASM appliance served as an application layer firewall to protect the
customer web, application and database data from hacking attempts.
IBM (International Business Machines) – RTP, NC
Network Management Professional (Full Time)
06/01/01 – 03/21/05
(COOP to Full Time)03/02/01 – 06/02/02
As a Network Management Professional, Mr. Sloan
was responsible for managing and troubleshooting E-business, IBM Internal,
and Commercial customer account environments across the US and
overseas. He also monitored customer environments via Tivoli Netview
or through E-business operation techs to detect network down issues for
customer accounts. He supported all IBM US-wide network Local
Area Network (LAN)/Wide Area Network (WAN) infrastructure and managed
Research Triangle Park (RTP) network infrastructure. He was
responsible for vendor management consisting of System Network Architecture
(SNA), Transmission Control Protocol/Internet Protocol (TCP/IP)
connectivity on the LAN/WAN for internal and commercial accounts within the
IBM infrastructure. He maintained network security for all IBM
Internal datacenters, e-business, and commercial customers.
Products used:
Cisco firewalls: PIX 515E, 525, 535,
Firewall Service Module (FWSM)
Cisco Routers: 2600,2800, 3800, 7200 series
routers
Cisco L2/L3 Switches: Cat 2900xl, Cat
4000, 3500, 3700, 4006, 4500, 6509 series switches
Cisco VOIP infrastructure LAN support
Checkpoint firewalls: Nokia, NG software
Cisco CSS load balancer
Alteon load balancers
Financial Projects for IBM:
Project 1 – GE Capital Financial Services
-
Maintained secure LAN IBM mainframe
communication throughout the GE capital datacenter by Data Layer Switching
(DLSW) on perimeter routers. This merged the token-ring to Ethernet
environments together for interoperability with secure IP/SNA
communications. ACL’s where also used as additional layer of
protection.
IBM
(Financial Projects) continued…
Project
2 – GMAC and GM Financial Services
-
Managed Checkpoint firewalls in a
Multi-enterprise customer environment where datacenter to company
communication was controlled heavily. Push firewall rules and
troubleshoot proposed network related issues.
Education
BS
Electronics & Computer Tech, North Carolina A&T State University,
6/2001
|