Sheldon C. Pope, Master CNE, CCNA Security, CCNP, CCDP and CCIE Written

DoD 8570 IAT Level I & Level II

TS[DOD]\SCI[DOJ]

7648 Bear Forest Rd

Hanover, Maryland 21076

mailto:scpope1@gmail.com

 

 

Objective:        Seeking a challenging and responsible technical position as a Senior Network Engineer /Senior Project/Implementation Manager (LAN/WAN) offering an opportunity to exploit my managerial and technical skills.

 

Strengths: Over sixteen plus years of progressive internetworking experience, Enterprise Network Management and Project Management experience, with twelve years being at the enterprise level.  I have strong communication and analytical skills. I also possess real world skills with business continuity, network security and disaster recovery. I am skilled in applying NIST requirements for Government networks. I am skilled in providing security and risk assessment using syslogs or security network tools. I am also highly skilled in network troubleshooting, network implementation and network design.

 

Operating Systems: Windows XP, Windows Vista, Windows 7, Windows Server 2003 - 2008, Novell and mid-level Linux/Unix administration.

 

LAN technology: Ethernet 802.X, TCP/IP, 802.11 Wireless, Fast Ethernet, 10 Gig- Ethernet, FC, FCOE, VSS, VPC, VDC, Fibre Channel and STP.

 

WAN technology: PPP, HDLC, Frame Relay, ATM, TLS and ISDN.

 

Protocols: RIP, IGRP, EIGRP, BGP, OSPF, STP and MPLS.

 

Network Hardware: Cisco (All) switches, Cisco Nexus (7k, 5K, 2K) switches, Cisco (ASR) routers, PIX\ASA Firewalls, and Juniper routers.

 

Network Security: Viastat HAIPE Type 1, IDS\IPS, Cisco Secure ACS, Cisco ISE, Cisco ASA 55XX firewalls, Cisco  Mars, Checkpoint NGX65 firewalls, Juniper ISG 2000, SSL VPN, remote access VPN, site to site VPN, DMVPN, GetVPN, Operating Systems Hardening, 802.1X and Anti – Virus protection.

 

Network Tools: Ciscoworks, HP Openview, Solarwinds Orion, Cisco Security Manager and protocol analyzers.

 

Network Design: The ability to design, implement and troubleshoot large networks with all routing protocols, STP, standard QOS settings, network redundancy, load balancing and security installations.

 

Experience:Cambridge International Systems, July 2014 - Present

Lead IP Engineer – DISA

-          Tasked to lead the re-design, implementation and sustaining for DECTK (Mobile Secure Voice and Data travel kit) and remote gateways to the SIPR network. The solutions consist of ASA firewalls and Cisco routers creating a L2L ipsec transport for HAIPE encryption between SIPR devices.

-          Tasked to design a multi-level (SCI, TS and Unclass) IP non propriety network to carry VOIP traffic to replace existing TDM voice network. I created a network design using Type 1 encryption running OSPF to create a multi-access to eliminate the use of gre tunnels. On the PT side of the encryption devices, I utilized VLANs and VRF- Lite to create virtual IP security domains.

 

Convergent Solutions, November 2013 – July 2014

Senior PMO Engineer – Air National Guard

-          Act as SME for PMO team in matters pertaining to Network Design, Network Processes, Network Installation Procedures and Network Operations Procedures

 

 

Intelligent Decisions, MD December 2011 – November 2013

Senior Network Operations Engineer\JMD-CITP

-          Configured routers and switches for the deployment team to use for connecting remote sites to the network.

-          Responsible for troubleshooting connectivity issues on the WAN an LAN.

-          Responsible for updating firewall rules on a Cisco ASA platform.

-          Installed and setup Solarwinds to monitor network devices and or network configuration management.

Senior Network Architect\USTP, May 2012 to March 2013

-          Reported to the GS-15 to assist and managing several projects that included; Data Center Design and implementation identify QOS for Cisco VTC, Network Management and Network Security.

-          Standardized the switch and router Configurations using Cisco best practices for security, STP and QOS for Cisco Tele-Presence. The switch configuration adhered NIST security guidelines.

-          Configured Nexus 5596UP for a fibre channel SAN solution.

-          Identified 802.1x Solution (Cisco ISE) and tested in lab environment to success based on USTP security teams criteria.

-          Created BOM for HQ (CAT4500, CAT6500 and Wireless Solution) and for Data Center (Nexus 5k modules and Nexus 2K switches).

-          Created a network design that allowed for the use of the VSS for HQ’s network and VPC for network redundancy and network load balancing using Nexus 5K and 2K platforms for the Data Center.

-          Configured Cisco Prime LAN 4.1 solution for switch management, logging and configuration management.

-          Created an 802.1X solution utilizing Cisco LMS Prime, VMware, Cisco ISE, Microsoft CA Server, DNS and RADIUS. The allowed for the use of 802.X as an authentication method to secure network access at the switch level,

-          Created a network design that allowed for the use of VPC for network redundancy and network load balancing.

-          Also saved USTP over $200k by re-using Catalyst 6500 in new HQ network design, eliminating the need for tacacs by using Radius on the Cisco ISE and by doing due diligence when selecting new HQ hardware.

-          Evaluated Riverbed for wan optimization.

-          Documented new network design by creating “User Guildlines” for cisco equipment and Visio drawings to document network layout.

 

Senior Network Operations Engineer, Department of Justice Datacenter, December 2011 – May 2012

-          Handled firewall request for the Data Center Enterprise on a Cisco FWSM multi-context platform. I worked with individual team members to expedite and streamline the process so the change request would be issued correctly the first time and if not work quickly to correct any errors.

-          Handled VPC and port assignments for storage solutions in a Nexus 5548 and Cisco Nexus 2K environment.

-           

Allegis Group, Hanover, MD

Senior Network Engineer/Designer, April 2011 – September 2011

-          Designed a lab environment that consisted of Cisco and Juniper equipment utilizing MPLS, VRF and VRF-Lite to mimic the production environment.

-          Designed remote office installation using MLPPP for the Wan connections and VSS for the distribution layer infrastructure.

-          Daily trouble-shooting of the Enterprise network.

 

Indyne, Inc, NASA Headquarters, Washington DC,

Senior Network Engineer, January 2011 – April 2011 (Contract end is 2011)

-          Daily duties include “Move, Add and Changes” for users in a Cisco Catalyst     6500 switched environment.

-          Duties also included “Move, Add and Changes” for security policies in the Checkpoint Firewall policy databases.

-          Duties also included “Move, Add and Changes” for security policies in the Juniper ISG 2000 policy databases.

-          Wrote statement of work for the upgrading of the Cisco network devices to support IPv6.

-          Wrote the Change Management Packet for the upgrade the Checkpoint Firewalls from NGX65 to NGX70. Based work done on actual lab environment equipment using exact copy of network database security policy.

-          Upgraded ASA 5580 in a high availability configuration.

-          Worked on the IPv6 address scheme.

 

 

University of Maryland College Park, College Park, MD

Sr. Network Engineer/Architect, September 2009 to January 2011

-          Daily duties are to provide Tier III/ IV support for the University of Maryland enterprise network. The network consists of Cisco 6500 catalyst switches running STP, EIGRP, BGP and HSRP.

-          Implemented and managed a Solarwinds Network Configuration Management Server to monitor network configuration changes and bandwidth.

-          Created test VSS network to test the Virtual Switching System capabilities on Cisco Catalyst 6500 switches.

-          Worked as Lead Network engineer for the University of Maryland disaster recovery exercise. Duties included creating a VPN network between the main campus and the disaster recovery site and support the system administrators in troubleshooting any connectivity or network issues.

-          Worked with Voice over IP in implementing Qos\Cos for their Avaya equipment.

-          Implemented the Cisco Mars 110 6.x for the Security team

 

SRA International, Fairfax VA (Senior Network Engineer)

                          Lead Network Engineer\Team lead, November 2008 to August 2009(Contract)

-          Created SLA procedure for Tiered environment.

-          Redesigned STP switching protocol for a loop-free environment.

-          Support Tier I and Tier II staff.

-          Standardization of Catalyst 6500 switches configuration, working with STP, VTP, HSRP and EIGRP in a multi-switch environment.

-          Designed and implemented the Primary, Secondary and Tertiary BGP routing paths configurations for the enterprise.

-          Updating, configuring and/or implementing network tools such as HP. Openview, Cisco Network Compliance Manager and Cisco Secure.

-          Problem resolution and root cause analysis of network problems.

 

 

AT&T, Government Markets, Oakton VA (Senior Consultant)

Senior Network Consultant, September 2000 to November 2008

-          Lent high-level support to Tier I, Tier II, Tier III and network development teams. Responsibilities included maintaining and upgrading 200 Cisco routers/ 70 Fore/Marconi switches in a wide area (ISP) ATM networked environment. This ATM network runs OSPF and BGP. Projects include upgrading router to Cisco IOS to version12.x, assisting with Cisco GSR12000\Marconi 4000 and BGP Route-map statements.

-          (Lead Implementation Engineer) Implementation and Routing Design Engineer for a large scale (up to 1900 router and 70,000 remote access users) IPSEC VPN network. Implementation includes Cisco routers (w/3Des), Cisco VPN Concentrator and RADIUS configurations. Also responsible for IPSEC tunnel management, Network management and NOC staffing/training.

-          (Lead Implementation Engineer) Designed a gateway network 100+ sites for large customer that provided integration between two different telecommunications carriers and two different routing protocols. This design was critical for saving a large account.

-          (Lead Implementation Engineer) Implementation and Routing Design Engineer for a medium sized OSPF/MPLS private backbone for customer to include Cisco version of MPLS AToM. Also responsible for NOC training and network Management.

-          Assisted NOC leadership team with staffing, future employee profiling and a segway program for career pathing and growth

-          Worked with Sales team in a pre/post sales network design/implementation engineer. Help win over $500+ millions of new business in 2004-2008.

-          Implementation and Routing Designs. Highlighted projects include: saving over $1.1 million dollars of the projects with BGP filtering saving resources on routers and created a tftp disaster recovery plan for the Fore/Marco switches.

-          Developed a training ATM training lab using Cisco and Fore/Marconi equipment. Also training Tier support on basics of routing with BGP and OSPF. Developed a simple MRTG intranet site.

-          Created Lab demos to support pre and post engineering solutions.

-          Worked on creating a standards and practice for new Enterprise Network Center (NOC). Created security measures and processes for existing equipment and future network installs. Facilitated the creation on NOC DNS, MAIL, TACACS+ and PKI security for network personnel.

-          Created MPLS/VPN/IP Multicast network consisting of Cisco equipment to facilitate proof of concept for existing customers and future projects. Lead engineer in connecting customer WAN to TEST WAN for creation and testing of customer application across MPLS (w/Multicast) enabled BACKBONE.

-          Designed Solutions for IBGP with load sharing, VPN implantation and Management on Cisco platform, Websense implementation and solutions for private line management.

-          Configured 6PE routers for Pilot IPV6 government customer program utilizing Cisco equipment.

-          Developed a multicast lab environment using Cisco equipment testing dual home failover scenarios.

-          Assisted in the configuration developed of a Private MPLS network utilizing CCC using Juniper M-series equipment.

-          Cisco pseudo wire implementations (L2VPN and L2TPv3)

-          Design and implementation of a Dynamic Multipoint VPN (DMVPN) AES encrypted management network.

-          Design and implementation of a Dynamic Multipoint VPN (DMVPN) AES encrypted network with Multicast.

-          Design and implementation of an IPSec over GRE with AES encrypted network with Multicast.

-          Design and implantation of a Group Encrypted Transport VPN (GetVPN) AES encrypted network with Multicast.

-          Design and implementation of a Cisco PIX-to-Pix point to point IPSEC network.

-          Security assessment and compliance testing for Enterprise Management NOC and customer contracts.

 

Logistics Management Institute, McLean VA (Senior Consultant)

Senior Network Consultant, September 2000 to 2008

-          Develop hardware acquisition and network implementation plans for a government web server-hosting platform.

-          Responsibilities include hardware procurement, network design/implementation and network security policy implementation/enforcement.

-          Also help LMI management procure new business by being technical point of contact when responding to Federal Government RFP’s.

 

Department of Commerce, Fedworld, Springfield VA (Senior Consultant)

Senior Network Consultant, December 1999 to April 2001

Redesign of network bandwidth, network security and network capabilities, for the Internet Service Provider and Web Hosting Center. Responsibilities included network access-list control (with Cisco IOS). Set up parameters to protect web servers (ex. www.irs.gov) against denial of service attacks and network hackers. Responsibilities also included setting up queuing and switching mechanism (with Cisco IOS) for user traffic.  Also monitored the network traffic and throughput. Also helped redesign the network infrastructure to allocate more network bandwidth to critical applications. This was done by redesigning the network to bypass the existing FDDI ring and critical networks were placed on Fast Ethernet. Also used Fast- Ethterchannel technologies. Also was responsible for the router setup and install at second and third site for global load balancing web service for the primary site. Equipment consisted of Catalyst 4000, Cabletron 6000 and Cisco 7507/VIP4.

Itworkshop.com, Baltimore, MD (Principle)

Senior Network Trainer, October 1999 to March 2002

Train mid-to-upper level network engineers in Cisco operation. Also prepare these network engineers for CCNP certification and CCIE Written exam. Also prepare entry-to-first level engineers on Cisco operation by creating labs that consist of X.25, Frame-Relay and routing protocols. Labs consist of 8-10 routers. Also prepare these engineers for CCNA/CCNP certification.

 

Department of Defense, Madentech, Inc., Alexandria VA (Consultant)

Enterprise Network Consultant, June 1999 to December 1999

I redesigned the existing network from the top down from a mixed vendor infrastructure to a single vendor to allow for the addition of “3500 nodes” bringing the total to “7000 nodes” across a wide area network.  I designed the Frame-Relay layout, gigabit Ethernet backbone, remote access solution and VPN.  I also designed a two-site “network operation centers” solution with one being in Alexandria, VA and other in Ft. Hood, Texas. Management tools used were HP Openview at the core and Ciscoworks and the distribution layer and local management. Set guidance for network policy, network security, network scalability and career-pathing for staff. I also managed a staff of 17.

 

Military:United States Air Force Reserves, Andrews Air Force Base

Aircraft Technician, Honorable Discharge

 

Education:University of Maryland University College

Bachelors of Science, Computer Information Technology