KEITH J WIGGINS

301-440-8240

 

EDUCATION:

B.S. in Internetworking Technologies from Strayer University

A.A in Marketing Management from PGCC

A.A. in Computer Technology from Excelsior College

 

CERTIFICATIONS:

CompTIA Security +

Cisco Certified Network Professional (CCNP)

Cisco Certified Network Associate Security (CCNA)

Cisco Certified Network Associate Voice (CCNA)

ITIL Foundation – IT Service Management

VMware Certified Professional 4

 

 

SECURITY CLEARANCES 

TS/SCI/SI W/NSA Ploy

 

WORK SUMMARY

I have been working in the Computer/Networking field for over 25 years, utilizing my in-depth knowledge of routing and switching technologies in the implementation of secure networks.

 

OTHER DUTIES ASSIGNED

Over the past fifth teen years I have assist several programs with their Certification and Accreditation process by building networks that meet the requirements and specification of TS. I coordinated and interacted with various departments/vendors (i.e. Eagle Alliance, Fiber Plus, Verizon & TS) throughout the agency to provide cost estimates for services render. Also provided systems information to ISSM’s in order to maintain up to date SSP’s. Provided the customer with weekly status reports and attend meetings to ensure the work flow was on schedule.

 

PROFESSIONAL EXPERIENCE

04/14 – Present, Itility LLC, Herndon, VA

Sr. Network Engineer

Manage and maintained an Enterprise network that consisted of the following devices and technologies. Cisco 6500s, 3700s, 4500 and ASA 5540s & 5555x. The Enterprise network also consists of several McAfee firewalls. The ASA 5540 provided remote access to allow telecommuter to access the VPN via the Anyconnect client. The McAfee firewalls provided another layer of security. They are used to filter and tunnel traffic on the network. Create network objects and services ports used to apply rules and filter traffic bi-directional with in the McAfee firewalls. The 6500s are distribution and access devices that are integrated with SUP II and 10 Gig modules. Configured the 6500s for Hot Standby Router Protocol (HSRP) this allow redundancy between the distribution devices. Setup port-channel (LACP) L2 – L3 on multiple interfaces to increase the bandwidth across several links. Configured static and default routes to manage traffic. Implemented OSPF (Broadcast) in a single area using loopback addresses to indentify the Designated Router (DR). Created route-maps to direct traffic and manage traffic through the network. Implemented BGP on the core router (ASR) using a single Autonomous System to route traffic across the campus network. Setup both the ASA 5540 outside and inside interfaces with the proper security levels. Created multiple networks/VLANs on the inside interface for scalability.  Created access control list (ACL) to manage traffic and ports. Configured active-standby failover between multiple ASA 5540s for redundancy. Configure AAA server on all network devices. Add network devices in ACS 5.4 for authentication, accounting and authorization capabilities. I also perform IOS upgrades on all devices in the enterprise network.

 

PROFESSIONAL EXPERIENCE

10/11 – 4/14, REDD Communications, Silver Springs, MD

Installed, Configured and managed VMware vSphere, which consists of VMware ESXi4/5 and VMware vCenter Server to support the transition of all Remote Network Management Servers on both Windows and Linux platforms. Managed and Configured the fronting KG-240 and KG-175D's using GEMX 4.1. I Installed and configured the Common Haipe Manager (CHM) to manage all the KG-245's encryptors in the enterprise network. I also Trained tier 2/3 personnel on how to use the Network Managers to manage all the encryptors locally and remotely. I also configured the virtual switch on each host and created port groups and private port groups to separate virtual machines. Configured ISCSI NAS storage device to allow virtual machines to communicate with external storage. Created multiple VLANs and added them to the OSPF or EIGRP routing protocols. Implemented 802.1q trunking and configured switchports to allow network devices to communicate across the campus network. Setup EtherChannel between the distribution switches to increase the bandwidth. Implement port security on all access layer switches. Check ARP & MAC tables to confirm network devices are on the network. Use the following commands to troubleshoot and resolve communication issue across the enterprise network: Ping, Show, Traceroute, CDP, Netstat, Tcpdump and NSlookup. Troubleshoot and implement changes; diagnoses hardware and software problems; work with team members and vendors to resolve all technical anomalies.

 

PROFESSIONAL EXPERIENCE

4/09 – 10/11, SAIC, Columbia, MD

Sr. Network Engineer

Manage and maintained an Enterprise Data Center (EDC) that consisted of the following devices and technologies. Cisco 6500s, 3700s, Firewall Service Modules (FWSMs) and ASA 5540s. The data center also consists of Sidewinder G2 firewalls. The 6500s are distribution and access devices that are integrated with SUP II and 10 Gig modules. The 3700s handled all the management traffic.  The FWSMs were used to separate the customer traffic and the various classifications. The ASA 5540 is the security device used to keep the management traffic separate from the regular network traffic. It also provided remote access to the management devices via the VPN. The G2s provided another layer of security. It protected the classified traffic and data from the campus network. I also was responsible for maintaining and supporting the F5’s 8900 Load Balancers deployed across the Enterprise network. I added physical and virtual machines to the network, configured both inbound and outbound interfaces using NAT, setup Round Robin load balancing, upgraded software code and renewed expiring licenses. Used Nagios monitoring tool to status all the F5’s in the network. I also logged trouble tickets/cases with the vendor to resolve F5 issues. Configured the 6500s for Hot Standby Router Protocol (HSRP) this allow redundancy between the distribution devices. Setup EtherChannel (LACP) L2 – L3 on multiple interfaces to increase the bandwidth across several links. Implemented layer 2 trunking to access devices by encapsulating dotq.1. Configured static and default routes to manage traffic. Implemented OSPF (Broadcast) in a single area using loopback addresses to indentify the Designated Router (DR). Created route-maps to direct traffic and manage traffic through the network. Implemented BGP on the core router (2821) using a single Autonomous System to route traffic across the campus network.  Configured the FWSMs for multiple context mode, created the new contexts and administer the contexts by adding IP addresses and interface names. Configured the ASA 5540 outside and inside interfaces. Created multiple networks/VLANs on the inside interface for scalability. Configured Static NAT in order to translation private IP addresses to global addresses. Created access control list (ACL) and object-groups to manage traffic and ports. Configured active-standby failover between two ASA 5540s for redundancy. Use HP Network Automation (HPNA) to discover and manage network devices remotely. Configure AAA server on all the network devices. Installed TACACS+ on Windows 2003 server (VM) and added network devices for authentication.

 

 

03/07 – 04/09, SAIC, Columbia, MD

Sr. Network Engineer

Based on detailed knowledge and hands-on experience with Cisco routers and switches (i.e. 7200, 3845 & 3550) Designed and implemented a network solution that will allow OSPF and multicast traffic to traverse a GRE tunnel via point-to-multipoint routing. Configured a site-to-site VPN between two PIX (525) firewalls utilizing IPSEC. Installed Cisco PIX Device Manager to securely configure and monitor the firewalls. Installed the VPN client on workstations to allow remote users access to the network. Created global network address translation (NAT) pool for all inside host behind the firewall. Setup the DMZ ports on the firewall to allow outside traffic access to the DNS and Web servers. Put access-list (ACL) and object groups in the proper format to manage traffic between the different security levels. Setup a syslog server to review alerts and error messages on the firewall. As a result the customer was able to transmit data securely.

 

06/99 – 03/07, SAIC, Columbia, MD

Sr. Network Engineer

Performed Network Engineering for two major projects (i.e. IOTC & ASPEN) Designed and implemented a Gigabit Ethernet infrastructure consisting of a Cisco’s 6506 and several 6509’s integrated with Route Switch Modules. Configure the routers with VLANs running Cisco’s ISL trunking  protocol. Configure the VTP Domain in both server and client mode, so interconnected switches could receive their updates. Setup the Cisco VPN Concentrator 3000 to allow remote users to access internal resources behind the firewall. Configure internal IDSM to view traffic traversing the network via CSPM. Configured NAT to allow address translation between the private and global network. Setup the PIX 525 firewall to filter traffic for certain ports and protocols. Also utilized the DMZ interface to allow outside users to access our internal Web and DNS servers. Install and maintain the Flute Optview network management system to status network utilization and to isolate and solve data communication problems. Used Visio software to design and document the devices being used on the network. As a result, the customer’s network was operating in a private enclave.

 

04/98 - 06/99 - Lockheed Martin

Sr. Network Engineer

Provide ATM and Legacy engineering to an Enterprise Network to ensure optimal

performance. Verify Power hub 7000 configurations that routes IP, IPX & AppleTalk. Utilize OC3 Flute LAN meter to confirm that signaling (UNI or NNI) and ILMI is active. Install and maintain ATM devices and switches (i.e. 3810, 200BX & LE 155's). Perform software upgrades over the network using TFTPBOOT server. Create VLAN's on 3810 and assign ports to the correct broadcast domain. Utilize Spectrum (NMS) to status ATM & Legacy devices on the network. Also setup Network General Protocol analyzer to isolate and solve data communication problems. As a result, the network infrastructure was seventy-five percent ATM

 

03/97 - 04/98 - Logicon, Inc

Network Specialist

Manage and maintain an enterprise network that is integrated using both Novell and Windows NT servers. Install and configured the following clients, Win95, Windows NT 4.0. Verify trust relationships among the domains establish and maintain network printing, download software from various servers, and add/remove users and workstations to the correct domain. Perform system backups. Also responsible for the administration of MS Mail, which consist of recovering mail files, running exports/imports, rebuilds, creating and moving accounts, plus recovering passwords. Assist network users with every day routine system problems. As a result the transition from Novell to Windows was on schedule.

 

10/94 - 04/97 - Lockheed Martin

Network Analyst

Manage and evaluate the performance of three Network topologies (FDDI, Ethernet & Star). Utilize Spectrum (NMS), which consist of Sun Sparc 20 workstations and servers, Cabletron hubs (MMAC), Cisco, Wellfleet, & NSC routers. Ensure the serial, Ethernet, & FDDI interfaces are up. Confirm the following protocols are active. PPP, OSPF, RIP & TCPIP, reset IRM's and FDDMIM's. Also knowledgeable and familiar with Windows NT for Workgroups and Server 3.51, which I attain through hands - on training. Installed Netware 3.x - 4.x in a ten user environment, and performed all system administration functions while working toward my CNE. As a result, problems that accrued within the network were resolved with minimum downtime.

 

05/91 - 10/94 - General Electric

Network Administrator

Routine maintenance of Ethernet LAN (DecNet) and PC's; serve as direct interface for all system users to diagnose and resolve hardware and software anomalies; troubleshooting and resolution of complex networking and communication problems; monitor, evaluate and coordinate system and database resources to ensure optimal performance. As a result, network resources were readily available.

 

 

 

CUSTOMERS (IF APPLICABLE)

Ft. Meade

 

REFERENCES

Upon Request