Moriches, New York, United States
A performance-driven Network Engineer with 15 years of hands on experience in design, integration, testing, and managing IP network infrastructure and architecture. Exceptional analytical skills used to diagnose and troubleshoot technical problems and create logic based solutions effectively. Extensive interpersonal and communication skills that create a motivating work atmosphere for interoffice demands as well as large-scale client based projects. Currently hold a Cisco Certified Network Professional (CCNP) certification.
Lead network engineer for multiple product development labs and SmartLens sensing product. Daily responsibilities include network and server design and support for the labs and product. • Worked closely with the IT department on lab design to meet corporate security and our development team’s requirements. • Implemented captive portal to authenticate associates and vendors for access to the labs with IT’s LDAP environment. • Within the lab, designed, installed and currently maintain redundant Fortinet firewalls, Cisco MDF, Brocade IDF, Dell servers running Microsoft Hyper-V virtual environment, all VMs and hosted services such as DHCP, DNS, NTP. • Daily activity: Network & Server troubleshooting, firewall rules, network device configuration, IP address management, network & server documentation, licensing, ordering all software and hardware for the labs. • Network/Server design & support for all SmartLens customer deployments. • Support presales customer engagements by integrating the network and systems at customer site during pilots phase • Initiated and managed product security policy • Established communication between customer site Fortigate and IT with a site-to-site VPN • Exposure to Docker, Kubernetes, GIT/Gerrit
Design and support of production and disaster recovery data centers, back offices and 275+ branches. Daily responsibilities include network design for new application implementation, upgrading existing infrastructure and support tools, and escalated support resolution. • Technical lead in preparation for FDIC audit. Responsible for mitigating vulnerabilities throughout the network with 1000+ routers, switches, firewalls, IPSes, and management appliances. Detecting vulnerabilities with Nexpose network scans and Riverbed NetCollector/NetAuditor tools. Create hardening standards for each device to meet CIS benchmark standards. • Network Engineering lead for Online Banking project required to meet Payment Card Industry (PCI) compliance standards. Includes multi security zones to segment PCI and non-PCI, production and non-production zones, and connectivity into the internal core network. Inline IPS and F5 load balancers to balance all redundant applications. • Upgraded production Cisco ACE 4710 load balancers to the latest software version. Consisted of multiple virtual contexts, division of resources between each context, and all load balancing rules. Created additional server farms, probes and load balancing rules for new applications. • Supported Nexus 7k/5k/2k implementation at main production data center. Ongoing support and configuration of this system. • Currently working with F5 on a design to replace the existing Cisco ACE load balancers with F5 Local Traffic Manager(LTM) appliances for two production data centers. • Daily activity: firewall rules, load balancer and network device configuration, TACACS, RADIUS, ACS auditing, IP address management, documentation, network captures utilizing Wireshark, ASA & IPS packet captures, Riverbeds, and NetQoS Monitoring.
Accepted an ongoing assignment under the Chief Engineer as the Network Technical Lead to assess the current network design, configure and support all network equipment, and form a competent network team to support the program’s existing and future needs. -Serve as a liaison to the Navy customer and subcontractors for the ongoing design, integration, testing and troubleshooting of the network. -Create technical solutions to shift the network team off the critical path to meet program deadlines. -Manage and coordinate customer site network installations to meet the program’s aggressive schedule and deadlines. -Analyzed behavior of all UDP and TCP network traffic utilizing Wireshark for implementation of Quality of Service (QoS) policies that guarantee bandwidth for mission critical application greatly improving response times. -Utilize GNS3 for initial network configuration and verification prior to implementation on production networks minimizing equipment cost. -Configure, install, & troubleshoot all routers, switches, NSA Type I encryptors for terrestrial and airborne assets. -Optimized Maximum Segment Size (MSS) and Maximum Transmission Unit (MTU) Parameters in TCP/IP for Mutipoint GRE networks to avoid IP fragmentation resulting in increased application and network performance. -Designed and proposed a network development lab to represent the overall network architecture including multiple terrestrial and RF paths creating a realistic environment used to design and test future capabilities. -Acquired $1.5M of capital funding to create the network development lab for future program test capabilities. -Develop and maintain up to date network diagrams using Microsoft Visio for each project -Interface with customers in a collaborative capacity to define and customize technical solutions such as implementing QoS over Narrowband satellite links to guarantee flight critical data has higher priority over non flight critical data.
Lead for the design, implementation, and management of the Northrop Grumman’s FATE Lab used to define and develop future network-centric capabilities for the US government. Activities include research and procurement of all assets, install and configure routers, switches, and computers, network management, DNS, security, and documentation. -Network lead for NGC during joint coalition experimentation. Designed and configured the network infrastructure between an airborne asset and multiple air and ground platforms. -Network lead for redesign of the Cyber Warfare Integration Network which hosts intra and inter-site network communication events. -Designed & implemented a virtualization lab built on the Cisco UCS blade chassis system, VMWare, and NetApp data storage for a software development team. -Sole Architect of the network and systems design of the FATE Lab comprised of over 100 servers and supporting 50+ software developers utilizing Cisco Catalyst 4506 and HP Proliant server technology. -Managed a $1.3 million budget during the construction of the FATE Lab while collaborating with project leads ensuring functional, cost and schedule requirements were satisfied. -Designed and implemented a multi-VLAN configuration utilizing 802.1Q trunked ports and VTP to isolate simulation traffic between testbeds while still allowing enterprise traffic between all labs. -Managed the daily routines in the FATE lab including, Microsoft Active Directory servers, DNS entries, network configurations and hardware support. -Established a wireless network that utilized Expand performance enhancing proxies as the TCP acceleration device with SCPS-TP to optimize the network traffic and make more efficient use of the network bandwidth. -Designed and tested an airborne IP network with Cisco’s Mobile IP technology enabling a Navy aircraft to retain the same IP address and maintain existing communications while traveling from one link to another.
Managed daily routines in a volatile design laboratory environment, which consisted of over 200 Sun servers and PCs utilized by 109 design engineers. Activities included, time scheduling of systems, hardware and software configuration and support, system integration, DNS entries, power management, and system inventory. -Implemented a master/slave, multiple domain name configuration for the design laboratories, then integrated this configuration as a child to the company’s parent DNS server. -Based upon new IP-based product development, designed and implemented a new network utilizing Extreme Networks Summit 48 and Private address space to configure multiple vlans and restricted broadcast domains -Supported and repaired all laboratory equipment as needed. -Organized and managed equipment and knowledge transfer to new locations in Montreal, Texas, and Sweden due to plant shutdown. -Assisted in the internal department web design to help employees locate jobs after plant shutdown.
Verified software at a component level, utilizing telephony protocol specifications and simulation equipment. -Implemented function test scenarios to perform feature testing of a store-and-forward mobile text-messaging center. Features included simple mail transport protocol (SMTP) and short message peer-to-peer (SMPP). -Analyzed SS7 message traces according to IS-41C and IS-136 protocol specifications for verification of bit content.
Installed, integrated, and troubles software and hardware of voice and text messaging systems. Developed new ideas to improve quality assurance and product time to market, while continuing to establish a more efficient work environment by use of modern tools and ingenuity.