Fortune 500 client to migrate from Netscreen to SRX

• Independent Consultant: Architect competitive BNG 1Gig fiber-to-home product for major US broadband ISP
• Independent Consultant: Long-term project to re-architect campus-wide network for 4-year university in TX
• Juniper Resident Engineer: Redesign security infrastructure for 5th largest school district in the United States
• IDNE Engineer: Compiled full distribution of Linux with heavily customized kernel, packages, and scripts

University of Miami - Cyber Security Program

Network Architect / Cyber Security Consultant / Risk ID & Mitigation M-Net Training & Consulting Svcs, Inc Provide data network assessment, design, and implementation supporting clients referred or contracted by network equipment vendors and training partners throughout the US, EMEA, and South America. Perform freeform and framework-based (PCI, HIPAA, TOGAF) assessments on existing network designs and security infrastructure, deploy new hardware, network equipment operating system updates, configuration changes, change controls, project management to support deployments, track routing, security schema, and data flow to verify optimal network performance, and document existing and proposed network hierarchy using Visio and other utilities. Evaluate existing customer router, switch, and firewall hardware capabilities against new products in the marketplace, perform ROI recommendations based on applicability, product pricing, flexibility, functionality, support offerings, market acceptance, availability of required skills in existing personnel, ramp-up time, and availability of skilled candidates in the job market, and other less obvious factors, then present those findings in writing and/or presentation to clients at all levels of management and engineering. Common networking vendors evaluated may generally include: Palo Alto, Cisco, Fortinet, Juniper, Citrix, Brocade, F5, Aruba, Arista, SolarWinds, Splunk, LogRhythm, McAfee, etc. Set up POC demonstrations as requested for short-listed products. Lead or assist with design and implementation of purchased hardware and software, educate IT staff on support resources, training opportunities, and process to open service requests with vendors as needed. Provide Day 1 configuration and troubleshooting training & assistance, as required.

M-Net Training & Consulting Svcs, Inc Provide classroom-based training, highly technical explanations, and real-world design and scenario application to students with varying degrees of expertise in networking for various training vendors throughout the US, Canada, and Central America. Required extensive knowledge of Juniper SRX, EX, MX and STRM platforms, as well as thorough knowledge and real world experience with supported protocols and supported design requirements. Classes included: Juniper JunOS, JunOS Security, JunOS Intermediate Routing, JunOS Advanced Routing, JunOS Switching, JunOS Advanced Switching, JunOS Advanced Security, Juniper Multicast, Juniper MPLS & VPLS, JunOS Service Provider Switching, JunOS Quality of Service, Juniper Contrail, JunOS Space, Juniper Intrusion Detection & Prevention, JunOS Subscriber Management, JunOS Security Threat Response Manager, and others.

Provide high- and low-level planning, architecture, implementation, and trouble support through Juniper Networks' Top-Of-Class Professional Services department on customer projects to include conversions and migrations to Juniper hardware, as well as new deployments of Juniper SRX, MX, vSRX (Firefly Perimeter / vGW), and EX platforms to include design and implementation of complex Layer 2, Layer 3, stateful, and stateless firewalls, MPLS/VPLS, logical systems in various stand-alone and clustered configurations, to provide very diverse services sets with unique security requirements. Role regularly required working alongside highly skilled customer and internal network and systems engineers/architects, software, and network hardware developers to develop customized solutions to meet the needs of each organization. Customer environments ranged in size and scope from multi-billion dollar financial services companies with a handful of employees to nationalized cable, telecom, and government-controlled wireless companies in APAC, supporting tens of millions of cable, broadband internet, and mobile voice and data customers.

(Contracted to Cellular South, Jackson MS) Responsible for developing and implementing project plan to redesign internal corporate network to increase stability and to introduce Cisco Best Practices across numerous areas of the network. Migrated network from EIGRP to OSPF to provide better handling of multiple paths, reduce routing tables, and increase network stability. Segmented large broadcast domain to reduce loss of network connectivity occasionally caused by spanning tree elections across many geographically diverse sites. Upgraded 2x production Cisco 6509 chassis from CatOS to IOS. Configured and deployed fifteen Juniper EX4200 chassis at new location, and integrated into existing network. Created Visio diagram of entire network, including approximately 275 network devices, 70+ sites, all connecting interfaces, network ranges, and servers. Corrected multiple issues with DHCP and updated thousands of interface descriptions. Platforms included Cisco 6500, 3750, ASA, ACS, 3560, 2811, 3845, 7206VXR, Juniper NAC, Juniper EX4200. Software platforms included Voyence Control, Nagios, PRTG.

Responsible for developing and implementing project plan to redesign routing and switching framework for 21 domestic and international data centers supporting a large call center outsourcing company across roughly 300 network devices. Tasks included renumbering IP schema of core, distribution, and access layer devices, redesign of OSPF (implementing backbone, stub, NSSA areas, costs, and influencing DR/BDR elections), BGP across redundant MPLS clouds (redistribution metrics, peer-groups, external peers, route-maps and distribution-lists), route aggregation, spanning-tree architecture (including port-channel grouping of redundant links, VTP pruning, root port/bridge selection), and tweaking of previously implemented QoS/CoS to support existing enterprise-wide VOIP deployment. Configured multiple IPSec VPNs on Cisco IOS firewalls as backup internet connectivity for customer and internal resources. Designed base configs for core, distribution, and access layer Cisco 37xx, 38xx, 65xx, and 72xx devices, as well as Juniper EX devices to reflect the global changes above, and created Visio diagrams to reflect architecture so that future network deployments would perpetuate Best Practices. Redesigned existing NMS architecture to produce usable data with SNMP and syslog message alerting and SNMP polling using SolarWinds Orion and Nagios, and configuration management with SolarWinds Cirrus. Performed testing on Juniper SRX firewall for evaluation purposes.

(formerly Cingular Wireless) Responsible for engineering plan development, resource allocation, inventory management, vendor management, and trouble resolution for 2 of AT&T Wireless's 4 national data centers for the upgrade and expansion of the largest and most diverse data network in the world, supporting SMS, cellular internet, and iPhone networks. Responsible for troubleshooting install-related issues and for engaging and working with vendors such as Cisco, Juniper, Netscout, Lucent, etc. Worked extensively with switching (spanning tree, VLANs, VLAN pruning, VTP, Port Channels, trunk capacity management), routing (BGP, OSPF, VRFs), and firewall (PIX, ASA) on platforms including Cisco 65xx, 75xx, 76xx, ESR10xxx, GSR12xxx, as well as Juniper Mxxx, Txxx, Juniper Netscreen, and Lucent Brick 1000, 1100, and 1200 series firewalls. On Cisco chassis, worked with GigE, CSG1, CSG2, NAM, FWSM, and various supervisor modules. Did extensive troubleshooting and development of MPLS, BGP, OSPF, power management, rack space management, IP addressing, O/S revision management, TACACS, and circuit troubleshooting (GigE, 10GigE, FracT1, T1, FracDS3, DS3, SONET/POS OC3, OC12, OC48, OC192).

While reporting directly to the Chief Technical Officer, was solely responsible for originally developing switching and routing infrastructure to support a 99.999% available network across 11 distinct physical networks at 4 sites, across more than 400 network devices with a fully meshed 10GigE backbone running between sites. Responsible for rack space planning and server/IP/bandwidth capacity planning, while managing a team of 1 network engineer and 7 junior network engineers for a large web hosting company (hosting 14,000+ nodes). Solely responsible for building initial schema and supporting configs for Cisco 76xx, 75xx, 7206VXR, 65xx, 45xx, 3548, 3550, 3750, 2960G, 2950, PIX 505/515, and ASA 55xx, HP ProCurve, Extreme BlackDiamond 6800. Manage routing advertisements to upstream providers and IP resource and VLAN mapping and planning. Work with vendors to ensure growth needs are met. Responsible for alerting customers of scheduled and unscheduled maintenance by posting to company web site and forums. Troubleshoot MPLS, Spanning Tree, EIGRP, BGP4, PIX/ASA rule sets, HSRP, and any other issues that might arise. Direct the daily duties of junior engineers as they set up customer-facing network changes (port turn-ups, individual IP address assignments, individual VLAN assignments, port-level troubleshooting, IPSec VPNs for lights-out network). Originally designed and deployed open-source TACACS+ server. Originally developed and maintained MS Visio diagrams for all network equipment and each rack. Responsible for annual reviews, originally developing on-call schedule, work schedules, vacation & holiday coverage, and balancing workloads. Originally developed internal training and ongoing education for network staff. Conducted interviews and made hiring decisions for candidates as well as new hire training as openings became available and were filled.

Contractor (formerly MCI) Linux Systems development and deployment across global IP network for the purpose of monitoring SLA performance information. Required advanced knowledge of multi-vendor Linux, compiling kernels, drivers, and packages, and some shell scripting. Verify and correct VLAN port configuration on various Cisco switch models, including 2900, 2950, 3550, 6500, & 7600 series, and troubleshoot routing as appropriate. Configure MPLS, BGP, OSPF, and interface parameters on Cisco 10000 (ESR) and Cisco 12000 (GSR) series routers. Work with field telecom engineers to bring up Sonet, Frame, ATM, and direct-connect circuits, verify connectivity, routing, and access list permissions and denials. Independently built complete custom Linux distribution from source code, in self-made build environment, to remove all strong encryption in order to meet export requirements prior to shipping internationally. Designed Linux boot CD for the purpose of disaster recoveries, providing fully automated (zero-touch) internal storage health checks, failure autorecovery that included disk partitioning, drive imaging, and drive image restoration utilities. Product Engineer / Customer Operations

972-759-4000 Primary responsibilities included Network Configuration Management & system design, and development of RedHat Enterprise Linux 3.0 to support the Voyence Network Configuration Management application. Responsible for company's technical relationship for two of the world's largest Managed Network Service providers, as well as several smaller customers. Worked with senior customer MNS staff to resolve communications, threading, capacity planning, disaster recovery, and server/ service/ network resource issues for Voyence application and device servers. Developed compliance audit scripts for router and switch configurations, verified contexts and resolved router command syntax issues for config pushes to Cisco, Juniper, Extreme, HP, Ascend, and other main-stream router & switch models. Was primary skill source for Linux optimization and hardening. Defined LDAP support for Voyence application, to ensure cross-compatibility with MS Active Directory, and integration with existing customer MS AD and LDAP servers. Also was partly responsible for pre- and post-release QA validation, bug tracking and reporting, and development and documentation of internal and external technical procedures. Was primary technical point of contact for on-site Sales Engineers for POCs and demos.

214-697-1425 Contract-based consulting for various clients of the company. Duties ranged from basic administration of customer networks, application deployment, disaster recovery, deployment of new network servers (Win 2K, Win NT4) and workstations (Win2K Pro, NT WS, WinXP), development of LAN and WAN infrastructures using Cisco, Extreme, and HP routers and switches on Frame Relay, DSL, T-1, and occasionally T-3 circuits, as well as Active Directory administration and configuration. Worked with Visio Enterprise to create detailed network maps as requested or necessary. Configured router and server SNMP at multiple sites to provide real-time network monitoring capabilities with numerous monitoring packages. Also would inventory existing network equipment, make suggestions for equipment or OS upgrades, develop and deploy security policies and firewall architectures, and train client's personnel on usage of newly deployed solutions as needed.

Responsible for installation, management, and maintenance of all network hardware and servers for Tier-1 data center and 4 POPs. Configure and maintain various Cisco routers, ranging from the 2500 line to the GSR line, as well as Juniper M20/M40 routers, Ascend Max and Pipeline routers, Cisco Catalyst switches, Extreme Summit switches, HP switches, and Foundry BigIron switches. Configure new and troubleshoot existing WAN connections on frame relay, T-1, T-3, OC3, OC12, and OC48 circuits, and work with circuit providers while installing and testing the same. Troubleshoot tier-1 IP network problems involving BGP, IS-IS, RIP and OSPF. Responsible for the design and deployment of hot spares, and configuring HSRP fault tolerance. Manage vendor access for circuit terminations and maintenance. Plan for future installs of network equipment, based on growth and market trends. Designed large-scale cable plant and managed contractors during installation. Utilized Visio Enterprise to map Verio's Texas-based operations. Configured SNMP on 200+ network devices and servers for use with NOC's NetXpert real-time monitoring software, MRTG graphs, and Splunk. Secondary duties: Handled local IT responsibilities, including server and workstation support. Server role consisted of Windows 2K, RedHat Linux, FreeBSD, Windows NT4, and Sun Solaris operating systems. Designed site-level Active Directory structure and integrated the site into Verio's Active Directory forest. Migrated all Austin employees' workstations (about 200 employees) into the Active Directory domain, set up accounts, permissions, and shares. Responsible for administration of existing Windows2000/WinNT 4.0 network, creating user accounts, managing the site's Active Directory, shares, and maintaining data integrity. Was responsible for all on-call work for network engineering, local file servers, and corporate workstations within my region. Professional and Personal References and Additional Experience Provided Upon Request.