James Baird
Wakefield, MA, *****
acqtwf@r.postjobfree.com
Qualifications
- Strong technical skills across all facets of network and security
hardware and software
- Long and varied experience in organizations of all types and sizes, from
multinational
corporations to local government to startups - as well as customer focused
roles both in vendor and consulting capacities.
- Hold current CCIE written, CCNP, CCNA-S (Cisco) and FCNSP (Fortinet)
certifications, as well as Cisco specializations such as Data Center
Storage and Rich Media Communications.
Skills
Server Platforms: Windows, Various versions of Unix (Linux, OS X) -
includes user administration, performance analysis, shell scripting and
server maintenance/installation.
Cloud Platforms: Amazon AWS, including both automated deployment and
interconnection to physical networks with VPN links.
Network Topologies and Protocols: Ethernet, Wireless, TCP/IP (v4 and 6),
WAN technologies including MPLS and DMVPN.
Routers: Cisco (primarily 3800 and 3900 series), including OSPF, EIGRP,
BGP, HSRP/VRRP, QOS, Frame Relay, route maps, VRF.
Network Management/analysis: Solarwinds, Sniffer, Ethereal/Wireshark
Security Platforms: Cisco Pix and ASA, IOS Firewall feature set,
Fortigate, Sonicwall. IPsec (site-to-site and remote access) and SSL VPNs
as well as general firewall maintenance (ACLs, NAT, UTM) and IPS/IDS.
Cisco ISE and ACS for wireless and wired 802.1x authentication.
Switches and Hubs: Cisco Catalyst (6500 series, 4948 and 3750 layer 3
switches, 2960 access switches) and Nexus (7K, 5K, 2K), HP, and Brocade.
Includes VLANs, complex Spanning Tree configurations, and port
aggregation (Etherchannel and Cisco Nexus VPC)
Other Network Hardware: Cisco ACE and F5 BigIP load balancers, Packeteer
packet shapers, Riverbed Steelhead WAN accelerators.
Scripting and Programming Languages
Python, Bash
Work Experience
Presidio Networked Solutions, Woburn MA
2013-Present
Network Engineer
. Network engineer responsible for designing and implementing networks
based on best practices and customer requirements.
Projects:
Market Analytics, Boston MA
Installed both an internal Cisco ISE solution to allow for differentiated
access for wired and wireless network users based on AD group and an
SSLVPN solution.
Key Components:
. Cisco ISE
. 802.1x EAP-TLS
. Cisco ASA
. Anyconnect VPN
Pharma, Cambridge MA
Helped a startup pharmaceutical company integrate their physical data
center with their Amazon AWS VPC environment via site to site VPN.
Key Components:
. AWS
. Cisco ASA
Insurer, Boston MA
Lead Network Engineer on a project to add a new data center connecting to
the existing Boston DC via dual 10Gbps layer 2 links. A key requirement
was to allow for seamless movement of workloads via vMotion as well as
full Internet redundancy (both inbound and outbound) via BGP peering. In
order to allow both 10Mbps links to be active simultaneously without
bridge loops or spanning tree blocking, Cisco's FabricPath technology was
used to allow for true "layer 2 routing" and equal cost multipath
switching. Enhanced vPC was used with Nexus 2000 fabric extenders to
allow downstream devices to connect via active/active links to the Nexus
Core.
Key Components:
. Nexus 5548, Nexus 7010
. Fabric Extenders
. Internet BGP Peering
. FabricPath
. vPC
Consultant
Greenpages/Logicsone, Kittery, ME
3/2011- Present
. Supported nationwide customer accounts for a Premier Cisco and
Fortinet Partner.
. Performed top-to-bottom network and security assessments and present
recommendations to IT directors and staff.
. Led several rollouts of Cisco Nexus based data center upgrades,
including VPC and dual-attached FEX architectures as well as both
layer 2 and layer 3 configurations.
. Install and support Fortinet, Cisco and Sonciwall firewall solutions
including IPsec and SSL VPN and UTM (IPS/IDS, web and spam filtering,
AV).
Senior Network Engineer
Mirror Image Internet, Tewksbury, MA
9/2010 - 3/2011
. Responsible for the design, implementation and support of network and
security systems for a Content Distribution network consisting of a
worldwide collection of load-balanced data distribution sites.
. Supported 6509 platforms running BGP, and implemented a migration to
full internet routing for faster customer response.
. Implemented a Cisco DMVPN network linking all colocation facilities
to the corporate HQ. Rolled out a new ASA-based VPN offering both
IPsec and SSL remote access.
Network Engineer
4/2008 - 9/2010
Progress Software, Bedford, MA
. Installed, configured and supported network hardware and software for a
large international software company, including multiple data centers
at its headquarters campus and a 40+ site worldwide MPLS WAN.
. Implemented a VLAN-over-WAN extension using a point-to-point
implementation of a L2TPv3.
. Rolled out data center upgrade to a Cisco Nexus based 10Gig backbone.
. Supported Cisco-based campus wifi networks using 802.1x RADIUS based
authentication.
. Maintained current network diagrams using Visio.
. Implemented QOS for VOIP phones accessing Nortel phone system.
. Supported security and VPN solutions including Cisco PIX and ASA,
including working with external vendors and customers to implement site-
to-site IPsec VPNS .
. Supported a worldwide WAN incorporating MPLS and DMVPN connections with
Packeteer Packet Shapers (for QOS and traffic prioritization) and
Riverbed SteelheadWAN accelerators.
. Supported corporate Web environment, including Cisco ASA firewalls and
ACE load balancers.
. Spearheaded a project to redesign the WAN to redistribute routes from
the MPLS BGP to local OSPF processes. This allowed for the replacement
of previous, hard-to-manage and non-robust static routes with a more
seamless and reliable dynamic routing architecture.
Independent Network and Unix Consultant
1/2005 -3/2008
. Provided design and administration consulting to several clients in the
Boston area and nationally.
. Provided network consulting consisting of evaluation of network
performance issues and troubleshooting of same related to installation
of software vendor's museum ticketing application.
. Installed and support on an ongoing basis Linux (Fedora)-based servers,
as well as provide general technical support (including consultations
on server and client hardware and software purchasing decisions) for
small office environments.
Independent Commodities Trader
1/ 2005 - 3/2008
. Developed, ran, and traded a trend-based commodity trading system
using a mySQL-backed Python application and other proprietary tools.
Research Assistant and Graduate Student
9/2002 - 12/2004
University of Massachusetts Department of Economics
. Studied economics, concentrating in Macroeconomic Theory with
particular focus on monetary systems.
. Created an Excel model to organize and analyze data for Professor
investigating U.S. State tax and spending patterns and their
relationship to current State fiscal crises.
Network Engineer 9/2000
- 1/2001
GetThere.com, Menlo Park, CA
. Performed network design and implementation for corporate travel
services company.
. Implemented redundant backend administration network (using ISDN dial-
on-demand routing to maintain access to remote access routers (2500 to
4500 class) and other hardware when main connection failed)
. Implemented fault-tolerant vendor and client connections over multiple
ISP connections using BGP.
Network and Security Engineer
2/2000 - 9/2000
Quios, Inc., San Francisco, CA
. Responsible for Network and security infrastructure for growing e-
commerce site.
. Installed and maintained Foundry router/switches and maintained
security policies on Checkpoint Firewalls.
. Implemented a BGP-based load balanced, redundant Internet connection
for corporate website.
. Used Foundry Server Load Balancers to implement a redundant, load
balanced web server architecture.
. Deployed BigBrother network monitoring package.
IT Consultant
8/1998 - 10/1999
Charles Schwab, Inc., San Francisco, CA.
. Worked in network design department of major national brokerage firm.
. Designed network infrastructure for wireless trading project. This
was a project to allow then-current wireless devices such as
PalmPilots to link with Schwab's systems to allow quotes and trading
for Schwab customers. Involved implementing a separate network that
connected to both Schwab internal networks and an external wireless
vendor (with router access list to separate internal networks from
vendor's), with massive redundancy for switches and routers using
switch trunking and spanning trees for switches and HSRP for routers.
. In consultation with network security, designed router access lists
for other vendor connections.
IT Consultant
1/1998 - 6/1998
Bank of America, San Francisco, CA.
. Worked in router operations for major national banking operation.
. Performed day-to-day operations support of 500+ router, 1600+ hub
network running IP and IPX, both under EIGRP (at the time, one of the
largest installations of EIGRP in the world).
. Included 3rd level support for helpdesk troubleshooting, using router
debug commands, packet sniffers (including Network General Remote
Sniffers and Unix tcpdump) and Netview/6000 network management
software.
. Performed final review and installation of router changes, including
access list additions and deletions, addressing changes, and interface
additions and deletions.
Technical Support Engineer
3/1996 - 5/1997
Cabletron Systems, Inc., New York, NY.
. Provided hardware support for customers in the New York metropolitan
area. Included implementing high-reliability spanning tree switched
networks (as well as attempts at Securefast, Cabletron's early attempt
at layer-3 switching) for financial institutions.
. Provided support for Cisco routers (4500 and 2500 class) incorporated
as blades into Cabletron hubs.
. Performed pre-sales analysis and design of switched and routed
networks.
. Worked with Cabletron and Cisco hardware, including Ethernet, Token-
Ring, FDDI, and ATM hardware, Cabletron's own Spectrum and other
network management platforms, and diagnosed network problems using
Network General Sniffers.
Applications Consultant
7/1993 - 3/1996
Town of Manchester, Manchester, CT.
. Primary designer for townwide frame-relay network incorporating town
offices and schools.
. Configured and deployed Cisco routers (including 4500 and 2500 models)
and designed IP addressing scheme for 20+ site network of 300+ nodes.
. Used EIGRP to enable VLSM division of multiple class C addresses.
. Implemented basic security on Internet access router using Cisco
Access Lists.
. Administered Netware and NT servers, Internet connection, and Internet
servers mail and WWW.
Network Technician
1/1990 - 7/1993
University of Connecticut Computer Center.
. Installed hardware and software for campus network of Token Ring,
Ethernet, and SNA nodes.
. Participated in rollout of TCP/IP software (making the then separate
IP, IPX, and SNA (3270) software load properly without conflicts) on
PC workstations.
. Designed and maintained Borland Paradox database of campus network
connections in order to implement pre-DHCP manually configured IP
addressing scheme.
Education
May, 1993 University of Connecticut, Storrs, Connecticut. B.A., History