Engineer Security
Resume:
P. Isiah Thomas
Skills Summary and Objective
Key Skills and Knowledge
Mr. Thomas industry’s most reputed networking credentials including the coveted CCIE
and other industry certifications (CCIE R/S, Written CCDP, CCDA, CCNA WAN, CCNP,
Datacenter Expertise &
CCNA, CCIP, and Sun Competency Certifications) with over 15 years of diverse
Solutions
experience in IT industry.
Cisco Network and Security
Infrastructure Solutions * Visionary, resourceful hands on multiple Cisco hardware and IOS with specialty
Cisco Datacenter Design expertise and proven success innovating state-of-the-art solutions on time and under
Cisco Nexus budget.
Cisco Self Healing Network *A CCIE level individual with advanced Security, Data Center, Routing & Switching, and
Design Telecom expertise.
Cisco Next-Gen Datacenter * Architect, designed, and implemented networks and data centers for some of the
Design
most demanding enterprises and service providers in the US and Asia.
Cisco Iwan Design
Mr. Thomas provides technical solutions for enterprise clients in his Cisco network and
security architecture practice with a key focus on Cisco datacenter and enterprise
Server Operating Systems
design from the edge network to the network core following Cisco best practices for
Red Hat Linux
datacenter design and self-defending networks, enterprise security architecture from
Sun Solaris
SSL VPN, IPSEC client VPNs, site-to-site VPN’s, QOS, voice and video network
CentOS Linux
engineering and implementation. He is a Cisco Architect with extensive experience
SUSE
Yellow Dog Linux securing, designing, implementing, and supporting large Cisco and Juniper
BSD Linux environments.
Windows Server 2008
Mr. Thomas offers value through enterprise analysis, design, and implementation with
Windows Server 2003
focus on redundancy and no single points of failure. He has an exceptional ability to
Windows 2000 Server
quickly troubleshoot and resolve problems using personal experience and available
Windows NT 4.0 Server
resources when needed. Mr. Thomas is able to prioritize tasks based on business needs
Networking Protocols and explain technical information and concepts to non-technical senior management.
TCP/IP
Senior Architect specializing in Datacenter and Enterprise design and implementation
DNS
requiring experience creating Best Practices networks using Defense in Depth, and
DHCP
tiered visualization models. Providing both functional and scalable solutions to the end
WINS
NetBEUI client. Managing the client relationship and navigating the design, and implementation
IPX/SPX process to successful conclusion.
Project Experience
Routing & Transport
Safeway INC • Public Sector Retail
Technologies
Sr. Data Center Architect
BGPv4,OSPF,ISIS,EIGRPRIPv2
September 2012-Present
MPLS, SONET/SDH Dense
I serve as the senior technical point of contact for all datacenter design,
Wavelength Division
engineering and escalation functionaries.
Multiplexing (DWDM), Gigabit
Ethernet, FDDI, OC-192, OC-
I serve as Technical team lead in the design, engineering and implementation of
48, OC-12, OC-3, DS3, T-3, T-
Safeway’s new Datacenter Zone Virtualization Datacenter.
1, DS0, DSL, OTV, Spine-Leaf
I created Safeway’s new “Next-Gen” Datacenter standard, including all engineering
documents and configuration templates for all core network and security equipment.
Software Firewalls
Key Contribution
Microsoft ISA Server 2006
• Select and recommend the appropriate components, technologies and
Microsoft ISA Server 2004
Internet Security and products.
Acceleration (ISA) Server
• Design and drive the development, specification and communication of the
architecture plans
Cisco Hardware
• Set the strategy for enterprise information across the new infrastructure.
Cisco Switches (3750, 3560,
• Effectively participate in business transformation projects.
2900, 3500, 4500, 5500,
6000, 6500)
Cisco Routers (2500, 2600, • Identify opportunities to provide innovative solutions.
2800, 3600, 3800, 4000,
• Communicate with the high-level decision makers.
7200, 7500, 7600)
DC-NET • Consultant
Cisco PIX Firewall ( 501, 505, August
506, 515e, 525, 535) 2010 – September 2012
Cisco ASA Firewall (5510,
Government Sector Data Center Architect
5520, 5540, 5580)
I provided these and related services to the end client(s)
Cisco IPS/IDS (4215, 4240,
4255, 4260, 4270) Implementing new Data Center technologies: IE: Power over Ethernet, blade servers,
Cisco Nexus 7010 grid computing and virtualization, development of a new Data Center network
Cisco ASR 9k technology roadmap/strategy and the establishment of reference architectures and
standards
Juniper Hardware
Juniper Routers (m40, m7i, • SME knowledge of how the industry uses IT to address business challenges
m160, j2320, j2350) using, for example, technical standards and infrastructure, cross-industry trends
Juniper Firewall (NetScreen
that impact IT investment, industry-specific roadmaps, and IT enablers.
5gt, NetScreen 204,
• Incorporate “best practice” design elements and vendor’s technical roadmap
NetScreen 208)
plans.
• Identify (and address, if possible) any potential and real risks associated with
F-5 Hardware
BIP-IP project(s).
3DNS
• Update management on all aspects of the design process & seek assistance (as
G.T.M
appropriate).
FIREPASS
Viprion Wal-Mart • Consultant
January 2010 - November 2010
Remote Control Software
Public Sector Enterprise Architect
Symantec pcAnywhere
Microsoft Terminal Server In this role: I provided these and other functions
Client/RDP Liaises with ISD Global IS&D leaders to understand Wal-Mart’s Global technology and
Microsoft NetMeeting Remote technical architecture standards.
Desktop Sharing
Developed NEXT-GEN datacenter design, providing 90 msec data sync strategies, and
Funk Software Proxy &
creates ways to enable the business strategies using technical architecture
Carbon Copy
Lead the identification and analysis of enterprise business drivers to derive useful
RealVNC
business context
RAdmin
Developed a Technical Architecture Strategy for ISD identifying architecture governing
principles and target architectures
Virtual Private
Networking (VPN) Partnered and consulted with business owners, projects, key vendors, Industry
IPSec information technology teams and information systems teams
SSL VPN
Biogen Idec • Consultant
PPTP
January 2009 – January 2010
L2TP
RRAS Public Sector, Enterprise Architect
• Instrumental in driving a next generation multi datacenter strategy.
Professional • Provided subject matter expertise in the area of IP, MPLS, and VPN technologies.
Training • Senior team member responsible for mapping technologies to user benefits as
CCDA Boot Camp well as applicability to customer revenue / operational models.
CCENT e-Camp • Created Detailed Network architecture diagrams and dataflow blueprints
CCNA Boot Camp
• Responsible for developing best practice standard design and configurations
CCDP e-Camp
across all F5 Technologies for new Global Datacenter.
CCNP e-Camp
CCIE Routing and • Design and configuration overview of Cisco Nexus deployment and
Switching Mock Labs Boot implementation.
Camp
• Provided technical services for transit, connectivity and network presence
CCIE Routing and
across multiple data centers, carrier exchanges
Switching Prep Boot Camp
• Supported VSS and VPLS capable (67xx) blades for campus and Metro Ethernet
CCIE Security Boot Camp
Firewall Intrusion switching environments.
Prevention Systems
U.S. Department of Treasury • OCC, Consultant February
Firewall Service Module
05/2007 – December 2008
Firewall Specialist
Government, Chief Enterprise Architect
Implementing Cisco
• Projects include design of tiered data center designing BGP WAN failover and
Intrusion Prevention
Hot datacenter disaster recovery. including lifecycle replacement and capacity
Systems v6.0
upgrades throughout the network.
Cisco Network and Host IPS
• Design and implement new defense in depth security policy and procedures..
Cisco Router Security
Cisco Secure Virtual • Provide leadership and Technical oversight for all datacenter security and
Private Networks v4.0 network build configurations and designs.
Cisco Security Accelerated • Lead Engineer for datacenter and Enterprise Disaster Recovery solution..
• Senior Technical business and technical interface for client.
• Provides reports regarding effectiveness of penetration tests and risk
assessments and makes recommendations for risk mitigation.
• All network and security devices configuration oversight and builds.
• Providing enhancements establishing performance and technical standards for
the infrastructure and overall technical architecture, developing written
engineering practices, and methodologies
U.S. Department of Defense • NMCI, Consultant
Public Sector, Sr. Principal Architect
February 2006 – May 2007
• Projects include enhancements to existing BAN/LAN core, designing BGP load
sharing and failover capability, as well as various lifecycle replacement and
capacity upgrades throughout the network.
• Design and plan network engineering modernizations for the enterprise
network.
• Provide specifications and detailed schematics for network architecture.
• FIPS compliance documentation and best practice designs
• Ensure that all projects include engineering solutions that meet current
architectural standards, responsible for maintaining and raising our technical
standards by mentoring and reviewing the work of other engineers.
• Lead Engineer for Riverbed WANX design and network implementation.
• Provides reports regarding effectiveness of penetration tests and risk
assessments and makes recommendations for risk mitigation.
• Interface with COI-user community to defining end security.
• Provided Tier iV engineering support for 24/7 NOC and served as as onsite lead
engineer for all datacenter connectivity, security, and infrastructure support.
U.S. Department of Homeland Security • Transportation Security
Administration, Consultant Public Sector, Sr. Enterprise Architect
January 2004 – February 2006
• Projects include, US-VISIT, Electronic Security Surveillance, Alien Flight Student
Program, and Threat Imaging Projection also HHS and “ESS” ITSC network
integration design.
• Designed and built Multi-Client interconnecting network for both government
and commercial clients. Construed security operating guidelines and security
zone matrix.
• Lead Network Engineer for the Electronic Security Surveillance project
consisting of designing and implementing digital electronic surveillance
systems utilizing Network Digital Video Recorders (NDVRs), Brocade SAN Fibre
Channel Switches and storage solutions with requirements supporting 50 to 75
terabytes of stored data.
• Developed and implemented the security infrastructure and field deployment
solution for the Electronic Security Surveillance project designed intrusion
prevention systems develop solutions for Cisco LANs/WANs, server hardening,
penetration testing.
• Designed accepted firewall solution and configuration for the US-VISIT pilot
site, using Sidewinder G2 and Cisco PIX technologies.
• Provide application security polices architecture, implementation guidance,
compliance, and process definition.
• Engineered load balancing architecture using BIG IP “F5”, designed SSL offsite
web-based VPN architecture using F5 Firepass.
• FIPS and INOS accreditation documentation
I Technologies Inc., Consultant
Commercial, Cisco Solutions Architect January 2003 –
December 2003
• Support all aspects of WAN network infrastructure in a 24 x 7 NOC
environment.
• Configured and managed Cisco access layer routers, Lucent CBX switches, and
Juniper M40 core routers.
• Responsible for continuous availability of data network services, including
training and serving as Lead Support point.
• Designed and implemented point-to-point WAN Frame Relay over ATM access
and multiple VPNs using TCP/IP.
• Created, developed, and deployed NetScreen, SonicWALL, PIX and Linux-based
firewall solutions for various clients.
• Created internal security group, developed working procedures, and developed
security templates for network routers.
• Provided mentoring and training to the network-operating center “NOC”
engineering community.
I Technologies Inc., Consultant
Commercial, Cisco WAN Engineer January 2002
– January 2003
• Support for all aspects of managing and maintaining corporate LAN/WAN
environment.
• Developed performance-monitoring solution with Inter-exchange IP network.
• Configured Cisco (7200, 7500, 4000, 2600) routers, Cisco (6500, 2550, 2900)
switches and Cisco PIX (515, 520, 535) firewalls.
• In this role evaluated multiple vendor products specific to enterprise and WAN
network requirements for multiple datacenter sites.
• Provided feedback and purchase recommendation to upper management.
• Conducted performance monitoring for all portions of network infrastructure
devices and ensured proposed network designs and implementations met with
security policies procedures.
• Designed, implemented, and developed security solutions for network WAN
architecture, Implemented network design for regional data centers.
• Created and maintained all network architecture technical documentation;
developed security policies and Standard Operating Procedures.
Fujitsu Company LLC, Consultant
Commercial, Cisco Solutions Engineer January
2001 – January 2002
• Network monitoring and troubleshooting of networks from layer one (Frame,
Point-to-Point, ATM, SONNET), to layer three (routing with OSPF, EIGRP, BGP
Protocols).
• Ensured that the site network and network management environment are
reliable and all performance exceeds that of contracted service levels.
• Preformed monitoring of multi-customer ISP network, event notification
acknowledgement, and correlation, providing on-site customer training for
client(s) field engineers.
• Team Lead performing accurate evaluation of the level of security weighs
business needs against security concerns and articulate issues to
management.
Level3 • Global Services, Consultant
Commercial, Sr. Cisco Engineer
February 1999 – January 2001
• Configured, implemented and maintained POP equipment including CM
DSLAMs, AC120 switches, CE200 CSU/DSUs, and Cisco routers.
• Managed Linux based firewalls, including rule creation, network security
evaluation and Cisco PIX security policy management.
• Provided IP protocol management for frame-relay and frame over ATM
networks IDS configuration and management
• Responsible for monitoring the backbone network, and related security devices
though HP Open view, Micomuse and ensuring proper network performance
and fault identification and remediation.
• Performed network maintenance upgrades to support network stability and
growth. Configured DS1, DS3 and OC3 circuits.
• Performed remote DS1 and DS3 testing and fault isolation.
• Monitored and reviewed all security related logs including syslogs, firewall
logs, proxy logs, and IDS/IPS logs.
Education
1991 Barnes Business School, Denver, Colorado - A.S. Business Management
1999 University of Colorado, Denver, Colorado - Computer Information Systems
Professional Certification Previously held
2001 Cisco Certified Network Associate (CCNA)
2001 Cisco Certified Design Associate (CCDA)
2003 Cisco Certified Network Professional (CCNP)
2003 Cisco Certified Design Professional (CCDP)
2004 Cisco Certified Security Professional (CCSP)
2004 Cisco Certified Internetwork Professional (CCIP)
2004 Cisco Certified Internet Expert Written (CCIE)
2005 Certified Information Systems Security Professional
(CISSP)
Contact this candidate