Resume

Sign in

Senior Network Infrastructure Engineer

Location:
Phoenix, Arizona, United States
Salary:
$115,000/year
Posted:
November 13, 2018

Contact this candidate

Resume:

Senior Infrastructure Engineer

SKILLS

ROUTING AND SWITCHING

Cisco IOS routers and switches, Cisco Nexus 7k/5k/2k, ASR, ISR, 4500X, 2960X, 6500, Cisco IOS, IOS XE, and Catos routers and switches, Juniper routers, Arista switches, Force 10 switches, Foundary switches, BGP, OSPF, EIGRP, policy routing, spine and leaf architecture, Aruba wireless controllers and access points, implementing changes, out-of-band management, cloud, Azure and Amazon Web Services, redundancy, QoS, Solarwinds, multi-vendor password updates, configuration management, automation of configuration verification, complex network troubleshooting, network documentation, troubleshooting tools, ping, traceroute, TCPtraceroute, WinMTR, Wireshark packet analysis, tcpdump, B&W scanner, port scanners, cron jobs, SSH, telnet, MTU, VDC, VPC, Fex, HSRP, VRRP, SNMP, STP, TACACS, syslog, ACL

SECURITY AND FIREWALLS

Cisco ASA, Radware, Sonicwall, Netscreen firewalls, Palo Alto, Checkpoint, firewalls, Top Layer IPS, Tipping Point IPS, McAfee Intrushield, Cisco Pix firewalls, ArcSight SIEM, NetForensics, Clearpass, VPN, IPSEC tunnels, ACL, Access control, NBAR, SNMP, TACACS, Windows, Redhat, Linux, UNIX, FreeBSD, Solaris, TP Link, IT network consulting, enforcing network security, configuring network security, vulnerability remediation, anti-DDoS, security device evaluation

DESIGN AND PLANNING

Network design, capacity planning, capacity item remediation, determining business drivers and goals, PCI compliance, aligning IT projects with business goals, documentation, IP addressing, Visio diagrams, asset inventory. Prioritizing business critical applications, managing IP address space, redundancy & DR planning, incident response, test planning, lab testing, performance testing, report writing, Approved Products List, managing WAN links, TCP/IP performance tuning, automation & scripting, Perl, Expect, C, Visual Basic, HTML, JavaScript, Ajax, Apache, SQL, PHP, Excel, Word

CERTIFICATIONS: CCNA, CCNP, CCFE, CHFI, CEH, and I-Net+

PROFESSIONAL EXPERIENCE

Network Consultant 5/2015 – current

Network Engineering, Architecture, Design, Implementation and troubleshooting for 5 clients: Preferred Home, Circle K, American Airlines, and Axon.com/Taser International, and International Cruise & Excursions(ICE)

Company website: www.cybertomorrow.com

Identified business drivers, goals, and policies to improve business return on investment and proper prioritization of critical applications.

Determined, documented, and prioritized business critical applications

Responsible for network equipment PCI compliance & upgrading code on Cisco devices

Created network documentation, before & after diagrams, Visio network diagrams, gap analysis, inventory spreadsheets, and design documents

Rolled out IP addressing standards, and configuration standards

Performed network capacity planning, analysis, and remediation of capacity problems for eBay, Inc. data network

Designed small & medium sized business networks & deployed firewalls, routers, switches, VPN, and security features

Configured and installed Cisco network hardware: Nexus 7K, 5K, 2K ASA, ASR, ISR, 6500, 4500x, 4451, 2960/x, 2901, 2811, and 891

Configured and installed Juniper routers and switches, Arista switches, HP switches, Sonicwall, Solarwinds

Installed Aruba wireless access points

Worked with circuit vendors on WAN circuit selection, configuration, and troubleshooting

Wireless troubleshooting

TelePresence troubleshooting

Can lead the fight for improved reliability and redundancy

Installed redundant WAN links and devices at critical locations

Organized the company Cisco.com account

Troubleshot and restored over 100 TACACS problems

Implemented QoS

Designed and implemented an application network testing lab

Configured netflow & network monitoring with Solarwinds and Logic Monitor

Increased the security with best practice configuration changes

Troubleshot advanced networking problems

Troubleshot remote office/store connectivity issues

Configured IPSEC VPN tunnels on multi-vendor equipment, including redundant cloud connections to Azure and Amazon Web Services

Configured dynamic routing, EIGRP, OSPF, BGP

Configured features: VSS/vPC, vRF, vDC, netflow, SNMP, NAT, AAA, SSH

eBay, Inc – Phoenix, AZ 12/2005 – 3/2015

Senior Network Engineer – Full Time

Performed network capacity planning, analysis, and remediation of capacity problems for eBay, Inc.

Performed capacity related network changes to backbone routers and inside datacenters, on Cisco IOS, Nexus, Arista, and Juniper routers

Primary point-of-contact network engineer for eBay in 2014 for capacity & network readiness

Upgraded network devices, added fiber links, added high speed modules, and upgraded code to support increased traffic loads for peak season

Primary Engineer for day-to-day management of eBay border ACLs; changes made in a secure and reliable way to protect eBay resources

Automated (Perl) the ACL update & ACL management processes at eBay, for reliability, speed, and more functionality

Configured & assisted in deployment of anti-DDoS protections

Automated (Perl) reviews of Cisco IOS and Catos configuration files

Automated (Perl, Expect) the process of updating passwords on over 3,500 multi-vendor network devices: routers, switches, Unix hosts, Cyclades, and wireless devices

IT project consulting

Requirements gathering, setting goals, working with time constraints

Verified environment: power, backup power, cooling, rack space, floor plans

Procured and installed network devices

Network Design & Network Management

Managed and tracked public and private IP address usage

Configured out-of-band management: Cyclades, VPN

Configured/added/removed WAN & ISP fiber links

Configured VLANs, port-channels, and load-balancing

Installed redundant & resilient network segments

Validated & signed off on other engineers’ installation projects

Documented procedures & lessons learned

Participated in disaster recovery exercises

Forecasted bandwidth utilization for application projects

Security & Vulnerability remediation: SSH, Telnet, SNMP, uRPF, Null routes, Bogons, ACLs, password management

SOX compliance

Performance tuning: assisting server administrators with tuning Windows, Linux, and UNIX (Solaris) hosts for peek network performance

Web design: created several minor but value added web based portals using HTML, javascript, ajax, and Perl

Cisco IOS: Configured Cisco IOS routers and switches

Installed Cisco IOS routers and switches

Upgraded IOS code

Replaced failed hardware (RMA)

Dynamic routing, BGP, OSPF

Static routing

Route redistribution

Configured SNMP polling, SNMP access lists

Pulled data from device MIBs

Extracted data from MySQL DBs using SQL query clients

TACACS security

Troubleshot IOS devices: packet loss, connectivity, routing, CPU, hardware failures, memory, errors, statistics, bugs, logs

Cisco Nexus: Configured Cisco Nexus routers

Installed Cisco Nexus routers

Replaced failed Cisco Nexus hardware

Dynamic routing OSPF

Static routing

Configured SNMP polling, SNMP access lists

Pulled data from device MIBs

Configured device security

Troubleshot Nexus routers: packet loss, connectivity, routing, CPU, hardware failures, errors, switchport failures, statistics, bugs, logs

Cisco Catos: Configured Catos switches

Upgraded Catos code

Replaced hardware

Dynamic routing (with MSFC, Layer 3 hybrid)

Static routing (with MSFC, Layer 3 hybrid)

Configured SNMP polling, SNMP access lists

Pulled data from device MIBs

Configured device security

Troubleshot Catos switches: packet loss, connectivity, routing, CPU, hardware failures, errors, switchport failures, statistics, bugs, logs

Juniper: Configured Juniper routers

Upgraded hardware, installed modules

Dynamic routing, BGP, OSPF

Configured device security

Configured border ACL (Firewall in JUNOS)

Troubleshot Juniper routers: packet loss, connectivity, routing, CPU, hardware failures, errors, switchport failures, statistics, bugs, logs

Arista: Configured Arista routers and switches

Installed Arista routers and switches

Replaced failed hardware

Dynamic routing, OSPF

Static routing

Configured SNMP polling, SNMP access lists

Pulled data from device MIBs

Configured device security

Troubleshot Arista routers: packet loss, connectivity, routing, CPU, hardware failures, errors, switchport failures, statistics, bugs, logs

Force 10: Configured Force 10 switches

Troubleshot basic Force 10 switch problems

Foundary: Configured Foundary switches

Troubleshot basic Foundary switch problems

Configured VPNs, point-to-point

Troubleshot VPN problems

Configured BGP

Troubleshot BGP problems, routing, neighbors, prefix-lists, large routing tables

Configured OSPF

Troubleshot OSPF problems, routing, adjacencies, cost preferences, type of route

Troubleshot QoS on Cisco IOS, Cisco Nexus, and Juniper routers

Radware: basic familiarity with Radware configuration and installation

IXIA lab testing, configuration & troubleshooting

IXIA lab testing, performance testing

Troubleshot Windows configuration, connectivity and resource problems

Troubleshot Linux configuration, connectivity, and resource problems

Troubleshot UNIX, FreeBSD and Solaris, configuration, connectivity and resource problems

General Dynamics / Signal Solutions – Sierra Vista, AZ 4/2004 – 12/2005

Network Security Analyst – Full Time

Evaluated network security products in lab for the US Army

Approved products were placed on the federal government APL (Approved products List)

IT project consulting

Wrote test plans, in light of determining product compliance with DoD regulations to include security, manageability, scalability, ease of use, ability to do what it claimed, and throughput performance

Performed site surveys to determine environment for upgrades: floor plans, power, rack space, cooling, and to assess server migration status

Provided technical assistance & configured devices on the DCL modernization project

Lab tested the TLA2 regional security layer design

Netscreen: Configured Netscreen firewalls

Configured VPN, point-to-point, Netscreen to Cisco PIX firewall

Configured VPN, host based, for OOB

Troubleshot Netscreen, configuration, connectivity, IPSEC, errors, statistics, logs

Cisco IOS: Configured Cisco IOS routers and switches

Installed Cisco IOS routers and switches

Upgraded IOS code

Replaced failed hardware (RMA)

Dynamic routing, OSPF, BGP

Static routing

Configured SNMP polling, SNMP access lists

TACACS security

Troubleshooting IOS devices: packet loss, connectivity, routing, CPU, hardware failures, memory, errors, statistics, bugs, logs

Cisco Catos: Configured Catos switches

Dynamic routing (with MSFC, Layer 3 hybrid)

Static routing (with MSFC, Layer 3 hybrid)

Troubleshoot Catos switches: packet loss, connectivity, routing, CPU, hardware failures, errors, switchport failures, statistics, bugs, logs

Foundary: Configured Foundary switches

Troubleshot basic Foundary switch problems

Top Layer – Lab tested Top Layer IPS, for security, manageability, scalability, and performance

Configured Top Layer IPS

Wrote the evaluation report

Tipping Point – configured Tipping Point IPS

IXIA – configured IXIA packet generators

Performed throughput testing using IXIA generated traffic

Performed packet captures using Ethereal/Wireshark

Configured PRTG monitoring of WAN traffic

Wrote multiple low level DDoS packet generators in C

Used Nmap to generate unwanted traffic including portscans

Troubleshot network connectivity problems using tools: ping, traceroute, tcptraceroute, mtr, telnet, scapy, and netcat

ArcSight – Lab tested ArcSight security information correlation product for, security, manageability, scalability, usefulness, correlation capability, and performance

Configured ArcSight

NetForensics - Lab tested NetForensics security information correlation product for, security, manageability, scalability, usefulness, correlation capability, and performance

Configured NetForensics

Troubleshot Windows configuration, connectivity and resource problems

Troubleshot Linux configuration, connectivity, and resource problems

Worked on US Army classified projects, with Secret, and Interim Top Secret clearances

Used Excel spreadsheets in reports

ITT Systems Division – Camp Arifjan, Kuwait 2/2003 – 4/2004

Network Administrator – Full Time

Managed the routers and switches at Camp Arifjan, Kuwait

Implemented Network security policies

Updated the border ACL for Camp Arifjan’s networks

Cisco: Configured Cisco IOS and Catos routers, switches, and PIX firewalls

Installed Cisco IOS routers, switches, and firewalls

Upgraded IOS code

Dynamic routing, BGP, EIGRP

Static routing

Route redistribution

Configured SNMP polling, SNMP access lists

TACACS security

Troubleshot IOS devices: packet loss, connectivity, routing, CPU, hardware failures, memory, errors, statistics, bugs, logs

Websense – troubleshot and provided basic configuration of WCCP and NetCache engine with Websense

BGP – Configured and troubleshot BGP problems

EIGRP – Configured and troubleshot OSPF problems

Mac address port security, removal of unauthorized devices

Troubleshot network connectivity problems using tools: ping, traceroute, tcptraceroute, telnet, and LANTest cable analyzers

Troubleshot Windows configuration, connectivity and resource problems

Troubleshot Linux configuration, connectivity, and resource problems

Worked in high security areas. Secret security clearance

Provided tier II troubleshooting for critical applications

Used Excel spreadsheets in reports & IP address management

US Army – locations included Mesa AZ, and SWA 9/1997 – 1/2003

Sergeant – Mix active duty & reserves

Help Desk Support – provided tier I help desk support

Automation – Co-wrote a very large Perl script that automated the purchasing process at K2 (Karshi-Kahanabad) Airbase in Uzebekistan. The script had been used to process millions of dollars of base expenditures and was being used years after my unit left

Automation – Wrote a commander’s log application in Visual Basic which was used by the base command and his executive officers to keep track of projects

Web server – Installed and configured the first production Linux server in the SWA theatre.

Web design – Created web pages with Apache, Perl, PHP, HTML, and javascript

Troubleshot network connectivity problems using tools: ping, traceroute

Configured and installed my first Cisco access layer switch, at K2

Prior to IT training, I was trained in explosives and medical/respiratory therapy

Tech USA – Tempe, AZ 6/2000 – 9/2001

DSL Support Technician, LAN team – Full Time

Provided tier II technical support for Qwest (CenturyLink) DSL products

Cisco DSL routers: Configured Cisco 675 DSL routers, and remotely assisted with hundreds of DSL router installations.

Was promoted to working with DSL LAN team, where I assisted mostly small business owners with DSL router configuration & troubleshooting

Configured a few DSL routers with ACLs, first exposure to firewalls

Learned TCP/IP, ping and traceroute

Learned telephony analog signaling

Used Qwest’s telephone line test tool, MRT

EDUCATION

Associates Degree, Computer Information Systems, Glendale Community College

Bachelors Degree, Accounting, Michigan State University

Trade or Certification Schools/training:

IKON MS core technologies

WWT Juniper Intermediate routing

New Horizons BPG and Cisco troubleshooting

New Horizons Computer Forensics, and Certified Ethical Hacker

Infosec Institute, Computer Forensics

CONTACT INFORMATION

David Thelen Cell phone: 480-***-**** Email: ac7olk@r.postjobfree.com



Contact this candidate