Data Center Network Engineer
Resume:
ANTONIO LOPEZ
ad5cur@r.postjobfree.com 915-***-****
Best Time to reach: 10-12 pm MST
SUMMARY
IT Professional with over 15 years of experience in engineering, administration, escalation support, change management., analysis and troubleshooting for various network technologies for medium to global enterprise environments which includes proficiency in routing, routing protocols, switching, security, firewalls, voice, wireless and data center technologies and over 7 years experience with CISCO IOS and 10+ years in network installations (physical layout) and systems engineer (VMware, software development and file server installations). Also more than 15 years of experience in Sotfware Develpoment projects from business applications, government projects and IOT/Manufacturing software for twin plants like FORD, SHURE & Construction companies.
TECHNICAL CERTIFICATIONS & SKILLS
Cisco Certified Network Professional – Routing & Switching CCNP –R & S
Cisco Certified Network Associate – Routing & Switching CCNA – R & S
Cisco Certified Network Associate – Security CCNA - Security
Cisco Meraki Network Associate CMNA
Certified WAN Professional/Certified WAN Enterprise Administrator CWP/CWEA
Cisco Security Administrator / Data Center Administrator CSA / CDCA
Cisco Voice Administrator / Wireless Technician CVA / CWT
Certified Network Engineer WGNA-Acellus
Cisco AMP for endpoints
Cisco Stealthwatch
Cat 5 cable certification
TECHNICAL SKILLS DETAIL
Security/Firewalls Technologies - Cisco Security Manager Suite, Cisco ASA 5500 series firewalls, Cisco FWSM, Cisco IPS/IDS, Cisco ACS, Advanced Firewall Manager (AFM), Cisco ASA 1000V cloud firewall, Checkpoint Firewall, Juniper SRX series, Palo Alto, Protocols & Standards - AAA, TACACS+, RADIUS, SSH, VPN, IPSec, SSL/IPSec, Data Loss Prevention, Data Management Zone, Pretty Good Protection (PGP), Public Key Infrastructure (PKI), Internet Key Exchange Policy, Port Security, MAC Address Filtering
Routing/Switching Technologies - Cisco Routers (3900, 2900, 1900, 800 Series), Cisco Catalyst Switch (6500, 5500, 4900, 4500, 3750, 3560-X, 3100), Cisco Nexus 1kv, 2k, 5k Series, Juniper and HP Routers & Switches - WAN, LAN, TCP/IP, Cisco IOS, Spanning Tree Protocol, BPDU, CDP, ACL, NAT, PAT, RIP, RIPv2, OSPF, OSPFv3, EIGRP, BGP, MPLS, VTP, SNMP, SMTP, ARP, TCP, UDP, Static Routing, Stub Routing, VLAN, VLAN Trunking, VXLANs, Multicast routing, HSRP, SVI, CEF, Etherchannel, Portfast, VSS, VPC.
Wireless/Voice Technologies - Cisco WLC, IEEE 802.1x & 802.11, WLAN, WAP, AP, SSID, LWAPP, Aironet, Bluetooth, Avaya, AURA - Voice Over Internet Protocol (VoIP), VoIP/SIP, CUCM, UCCM, UCCX, MGCP, RSTP, SCCP, STP, Quality of Service (QoS), PoE, MMDS, LMDS, CCK, DSSS Monitoring/Data Center Technologies/APPS - Wireshark, Remedy, Cacti, Nagios, VMware, Solarwinds, Cisco Security Manager Suite, Server, Sniffer, Ethereal, Orion - VMware, F5 Big-IP load balancing (GTM/LTM), Cisco AnyConnect VPN mtg, Cisco Prime, Cisco IPS/IDS, Meraki cloud.based - Splunk Enterprise, SNMPv2c, SNMPv3, DNS, DHCP, FTP, Telnet, HTTP(S), SMTP, tunneling protocols, PTP, SFTP, RDP. Other Technologies – Software development, FOXBASE, DBASE, CLIPPER C+, Windows server 2000, 2003 and 2008, Windows 95, 98, ME, XP, 7, 8, Novel server 3.1 and 4.0, Phone systems (Panasonic & Meridian), Payroll clock system setup. SUMMARY OF PROFESSIONAL EXPERIENCE
Cisco Systems, Inc. Pre-Sales Network Engineer 2016-2024 SunGard AS Cloud Network Engineer 2016–2016
LUJAN Systems Network Engineer 1998-2016
Municipio De Juarez Consultant 1995–1997
Datamark De Mexico SA System Administrator 1993-1995 Asenco Software Engineer 1985-1993
EDUCATION
Certified WAN Professional Program LANWAN Professional Bachelor of Science in Computer Science Systems Option University of Texas PROFESSIONAL EXPERIENCE DETAIL
CISCO Pre-Sales Network Engineer Oct 2016 –Present Cisco Systems, Inc. (known as Cisco) Is an American multinational technology conglomerate headquartered in San Jose, California, in the center of Silicon Valley, that develops, manufactures and sells networking hardware, telecommunications equipment and other high-technology services and products. Through its numerous acquired subsidiaries, such as OpenDNS, WebEx, Jabber and Jasper, Cisco specializes into specific tech markets, such as Internet of Things (IoT), domain security and energy management. Responsibilities handled:
Member of a team of network engineers responsible for enterprise networking design, BOM and presentations for partner and customers.
Assist with technical questions or concerns during the sales process and frequently participate in the initial portion of the project specification process.
Customer engagements for Smartnet renewal and CSPC Collector deployments.
End of life analysis and custom report and BOM for future replacement of hardware.
Responsibilities included engineering projects, management, administration, documentation, following corporate policies and procedures and scheduling as needed reports to management.
VMware Data Center/VSphere usage for ASAv deployment, configuration and installation.
Customer presentations or Demos on different Cisco products,
Training provided to partner engineers and customers on CSPC collector, Meraki hardware and Viptela SD-Wan.
Zendesk & Q2E ticketing systems.
SunGard AS Cloud Network Engineer Mar 2016 – Sept 2016 Company Overview –SunGard Availability Services is a global technology service organization with over 270 enterprise level data centers strategically located globally. They provide end to end infrastructure services ranging from routing, switching, security to include firewall, IPS, load balancing for corporate clients ranging from professional businesses to Fortune 100 companies and multinational corporations. Responsibilities handled:
Member of a team of network engineers responsible for enterprise upgrades to include routers, switches, firewalls and VPN’s in a mission critical 24 by 7 deployment and upgrades for major corporations for SunGard.
Responsibilities include technical discovery, client staging, technical migration based on SLA and compliance and post migration, deployment, implementation and validation analysis.
Specific technologies handled by the team include but not limited to Cisco and Juniper routers, Juniper Net Screens Firewalls, Cisco ASAv Firewalls, Cisco ACS, load balancers, MPLS, BDP, DNS.
Responsibilities included engineering projects, management, administration, documentation, following corporate policies and procedures and scheduling as needed reports to management.
VMware Data Center/VSphere usage for ASAv deployment, configuration and installation.
View Point Ticketing system
LUJAN Systems Network Engineer 1998-2015
Company Overview –LUJAN Systems is a consulting company who offers a variety of system related services to small to medium companies. Responsibilities handled:
Responsible for various consulting services to include scheduled upgrades, installation, configuration, set-up, day-to-day administration and maintenance of the IT infrastructure to include onsite administration and support and troubleshoot activities for networks and computers.
Technologies handled by the team include but not limited to phones, cameras, firewalls, switches, routers, routing protocols, internet access, cabling, software/hardware setups, server and enterprise applications and desktop technologies in a variety of LAN/WAN infrastructures did use Cisco unmanaged equipment and PIX firewalls.
Professional responsibilities included engineering projects, management, administration, documentation, following corporate policies and procedures and scheduling as needed reports to management. As well as Windows Server & Active Directory installation and administration.
Contract work with large corporation like Delphi (GM Motors) 3 sites around 5,000 Nodes, AeroMexico Airline ticketing agency, Diesel Recon (CUMMINS) and UACJ University of Ciudad Juarez, Chih, 5 sites about 3,500 nodes. Municipio De Juarez Consultant 1995–1997
Company Overview –Municipio De Juarez is a government organization in Mexico. Responsibilities handled:
Team member in a group of professionals responsible for installation, configuration, networking, maintenance, repair, hardware/software, development, project management, analysis, support and troubleshooting activities for various enterprise applications and networks.
Technologies handled included firewalls, switches, routers, routing protocol, cabling, racking, file servers, phones, and software/hardware upgrades, development of different systems in a LAN /WAN network environment which also included servers and enterprise applications and desktop technologies.
Responsibilities included administration, following corporate policies and procedures, documentation, and scheduling as needed reports to management.
Supported communications on 10 Sites across the city with around 50 servers and 2,000 nodes, which included CISCO UCM for VoIP, cabling and file servers for department of public work, street maintenance. Datamark De Mexico SA System Administrator 1993-1995 Company Overview –Datamark De Mexico SA is a consulting company who offers a variety of system related services to small to medium companies. Responsibilities handled:
Manager responsible for installation, configuration, setup, administration, maintenance, support and troubleshoot activities for enterprises.
Responsibilies were at Juarez and El Paso, but they had 3 Sites which included India. They had around 1,500 nodes and virtual Server where it included phones, file servers, desktop support and production line equipment.
Technologies handled file servers (that never went down), firewalls, switches, routers, routing protocols, cabling, PBX phones, setup and repairs of file servers, development software, electrical re-wiring, payrolls, Data Center (setup, support and maintenance) in a LAN/WAN environment which includes 12 servers and enterprise applications and 400 desktop computers.
Professional responsibilities included backup plans, work under pressure, documentation, administration, following corporate policies and procedures, documentation, and scheduling as needed reports to management. Asenco Software Engineer 1985-1993
Company Overview – Asenco is a company what dealt with servicing small to medium businesses networking and software training. Responsibilities handled:
Team Leader of professionals responsible for development, administration, software/hardware, project management, maintenance, analysis, client/vendor relations, support and troubleshooting activities for various networks.
Technologies handled Unix, ticket center, switches, routers, routing protocols, cabling, racking, and network setups for LAN/WAN technologies, server and enterprise applications and desktop technologies.
Responsibilities included training, writing software, administration, following corporate policies and procedures, documentation, and scheduling as needed reports to management.
Software engineer where my clients were State Housing Authority (IVIECH) using a mini-computer HP-9000UX with 500 nodes spread around Chihuahua MX state; Federal Housing Authority (INFONAVIT) MX federal, supported Contractor network for estimate & payment control for federal projects and did contract work for CONTINENTAL SPRAYERS (American company in MX) supporting Token Ring Network, desktop appliances and develop software for quality control, inventory and production. Also worked with point of sale which includes restaurants, pharmacy shops, small retail stores and markets.
Aeromexico complete branch installation from layer one up to layer seven, including cabling, equipment rack mount, server & firewall installation. Also Panasonic phone system and provided software training and installation to employees. SUMMARY OF TECHNICAL ACCOMPLISHMENTS
Security
Implement an IPSec Site-to-Site VPN between the Cisco ASA5505 at small office location and Cisco 1841 ISR with a security IOS image at the main office. Implementation of the VPN includes the following configurations: Internet Key Exchange Policy using DES and SHA for encryption and authentication, access-lists to define VPN traffic, transform set using esp-des esp-sha-hmac to define how the traffic is protected, crypto-map to associate the previously configured elements to a peer, and application of the crypto map to appropriate interface or VPN endpoint.
Implementation of Zone-Based Policy Firewall on the Cisco 1841 ISR with the following components: three zones, class- maps specifying traffic that must have policy applied as it crosses a zone-pair, policy maps to apply action to the class- maps’ traffic, zone-pairs, and application of policy to zone pairs.
Implement a Clientless SSL VPN (WebVPN) to allow users to establish a secure, remote-access VPN tunnel to the Cisco ASA 5505 using a web browser. Prepare the Cisco ASA with necessary configurations to self-signed certificate generation. Generate a general purpose RSA key-pair for certificate authority identification, configure certificate authority trustpoint for the WebVPN using self enrollment, and configure CA trustpoint interface association.
Configure Syslog on the Cisco ASA5505 with logging to a host and internal buffer. Forward all logging to an internal Syslog server for monitoring and management. Configure and manage Syslog output generation using custom message lists. Implement FTP backup of internal buffer when it is exceeded.
Implement Basic Threat-Detection, Advanced TCP Intercept, and Scanning Threat-Detection. Simulate attacks on network to manage threat-detection rates and verify Syslog generation.
Utilize Cisco ASA5505 Modular Policy Frame-Work to configure and manage layer 3/4 interface service policies, apply inspection and connection limits to services, apply inspection and QoS policing to HTTP traffic. Configure HTTP inspection policy to block restricted sites and file downloads. Routing & Nexus & Catalyst Switching
Implement trunk ports and implement granular control of VLANs and VXLANs using NX-OS to ensure virtual and flexible subnets that can extend further across the network infrastructure than previous generation of switches.
Implement port-profiles as part of the NX-OS command structure that allows for configuration of multiple ports and port-types via inherited configurations applied via a single command that reduces administrative error and allows for better configuration readability.
Implement a virtual version of Nexus: Nexus1000v into VMWare to extend Nexus capabilities directly adjacent to virtual machines so that they benefit from Cisco switching capabilities and network topology consistency ensuring VMs maintain their subnet/VLAN relationships during failover.
Implement secure privileged administrative access to the Cisco IOS system. Enable the encryption of system passwords to prevent unauthorized users access to passwords in the system configuration.
Implement secure access to the console and vty ports, and set the interval that the EXEC command interpreter waits until user input is detected on the Console and vty ports. Also, configure the console and vty ports log messaging to not interfere with active device configuration.
Implement VLAN Trunking Protocol to reduce administrative overhead. Enable secure sharing of VLAN information to prevent the introduction of rogue devices from affecting the VLAN database. Shutdown unused switchports following Layer 2 security best practices.
Create and manage Local VLANs based on department function, and configure ports with static VLAN assignment, static 802.1Q trunks, and dynamic ISL trunking using PAgP for layer 2 forwarding. Utilize VLAN Spanning-Tree in conjunction with PVST+ for compatibility between Cisco and Juniper switches. Configure edge ports for fast- transitioning into the forwarding state to fix workstation startup connectivity delays. Modify spanning-tree parameters for manual root bridge assignment. Implement ether-channels between each switch using PAgP for negotiation. Modify ether-channel load balancing method.
Implement WAN links between sites using frame-relay point-to-point and multipoint connections to establish connectivity between each of the four sites as required. Establish frame-relay point-to-point connections three of the sites creating a full mesh. Implement hub and spoke network between three of the sites with the main office as the hub for redundant connections.
Implement EIGRP routing for point-to-point and Non Broadcast Multi-Access networks. Ensure that the spoke routers are receiving routing information about each other from the hub. Configure EIGRP unequal-cost load balancing to also use the lower capacity multipoint links when routing packets.
Prevent neighbor adjacencies from being formed as well as the sending and receiving of routing updates on unnecessary interfaces. Implement EIGRP MD5 Message Authentication between sites to prevent unauthorized insertion of routes into the domain. Implement manual EIGRP route summarization to reduce routing protocol demand on CPU resources, memory, and bandwidth used to maintain the routing table.
Implement OSPF routing with multiple areas for networks between sites. Implement totally stubby areas to lower the system resource utilization of routing devices for the network. Implement NSSA area to allow injection of external routes into the area and propagation into the OSPF domain.
Implement backup and recovery of Cisco IOS Images. Perform password recovery on Cisco IOS routers/switches and a Juniper EX2200 Series switch to restore administrative access. Backup and Restore startup-comfit file for disaster recovery.
Configured and verified internal BGP peering using directly connected networks.
Configured and verified internal BGP peering using loopbacks by using an interior gateway protocol (OSPF) to provide routing information.
Configured and verified external BGP peering using directly connected networks.
Configured and verified external BGP peering using loopbacks and ebgp-multihop.
Configured and verified internal BGP peering using a Route Reflector.
Used debugging diagnostic commands to monitor BGP events.
Configured and verified MPLS manually and using automatic configuration via OSPF.
Configured and verified virtual routing and forwarding (VRF) instances with route-targets and route descriptors.
Configured and verified MP-BGP to send VRF traffic in an MPLS VPN.
Redistributed provider edge networks into MP-BGP.
Verified end-to-end connectivity over the MPLS VPN. Voice
Implement a local voice network with the following network elements: Cisco 2811 ISR (VoIP) with a Cisco Unity Express Network Module (NM-CUE) installed, Cisco Communications Manager Express, a standard Cisco 3550 Switch, and a Cisco 3550 switch with Power-over-Ethernet. Create and manage Data and Voice VLANs, and configure ports with static VLAN assignment and 802.1Q trunks for layer 2 forwarding. Configure edge ports for fast-transitioning into the forwarding state to fix workstation startup connectivity delays.
Configure Fast Ethernet main and sub-interface assignments as required for intervlan routing. Implement static routes for local connectivity. Implement NTP server, DHCP server, and TFTP server for support of the VoIP network. Modification of system level parameters including max phones, max directory numbers, display format for date and time, and setting the Time-Zone.
Implement Unity Voicemail on the Cisco Unity Express Network Module. Configure a dial-peer on the Cisco 2811 ISR to define the attributes of the packet voice network connection to the Cisco Unity Express Network Module. Enable call forwarding on busy or no answer. Implement Message Waiting Indicators and Voicemail access via SMTP. Daisy-chain PCs to VoIP phones to reduce network cabling costs. Utilize PoE ports for VoIP phones to reduce power infrastructure costs.
Wireless
Implement a wireless network infrastructure providing access to wired LANs to increase mobility and productivity utilizing the following network elements: Cisco Wireless LAN Controller (WLC) 2106, a Cisco 3550 switch, a Cisco 1130AG series Access Point, and a Cisco 1121G series Access Point. Create wireless LANs and configure interface association, security parameters, and radios used. Utilize the Wireless LAN Controllers web GUI to configure and manage the wireless network. Configure internal DHCP scopes for WLANs.
Prepare infrastructure for AP registration on same subnet as management VLAN and for AP registration on different subnet. Configure AAA AP policies to allow Self Signed Certifications for APs shipped without a Manufacturer Installed Certificate. Implement AP Grouping to ensure WLAN SSIDs are only broadcast by the APs desired. Data Center
Configured VLANs and access ports connecting virtual machines using the NX-OS CLI on a Cisco Nexus 1000v virtual machine and VMWare vSphere Client networking.
Configured routing policies and service profiles for separate levels in an organizational hierarchy using a Cisco Prime Network Services Controller virtual machine. These policies and profiles were applied to Cisco Cloud Service Router 1000v (CSR 1000v) virtual routers.
Configured a CSR 1000v router using the Cisco IOS 15.4 CLI. Monitoring
Used the Cisco Configuration Professional GUI to configure interfaces, passwords, hostnames, DHCP, EIGRP, and SNMP on a Cisco router. Used the CCP monitoring tool to monitor traffic from that router.
Configured the Nagios XI monitoring tool to monitor routers and switches and customized its dashboard.
Configured SolarWinds Orion NPM and used it to monitor traffic on a network.
Configured the CACTI tool to graph traffic from a router and to generate alerts based on a threshold traffic level.
Used the Wireshark tool to study HTTP, telnet, and SSL traffic.
Contact this candidate