Engineer Network
Resume:
JOEL HOPKINS
Professional Summary
. Senior network engineer and security system engineer with over
fifteen years working in an enterprise environment for Fortune 500 and
financial services companies.
. Installed and managed complex security systems resulting in
over three years of uninterrupted, breach-free service, managing 242
sites.
. Built one of the country's first and largest installs of Cisco
Content Delivery.
. Expert in Cisco and Juniper networking equipment working in a
multi-protocol environment, including BGP, EIGRP, OSPF, IP and
Multicast.
. Proficient on Linux and Microsoft Operating Systems, and
Checkpoint, Juniper, Fortinet and ASA/PIX firewalls.
. Extensive knowledge of Cisco Secure platforms, including IDS,
ACS, NAC and VPN
. Knowledge of security protocols including IKE, Kerberos, 3DES,
ISAKMP, and AES.
. Knowledge of security standards and best practices such as HIPAA, PCI
and SANS and CERT
. Strong communication skills, and a key team player, team
leader, and mentor.
Professional Experience
eGistics, Inc. thru Matrix (February 2013- Present)
Network Architect
. Architect and configure cloud based multi-customer data center,
compliant with PCI and HIPAA standards.
. Architect and deploy Juniper SRX for site to site and 3rd party
VPN.
. Architect and build network for new campus including firewalls,
switching and WAN connectivity.
. Install, configure and monitor of Cisco IPS modules in Cisco
ASA.
. Architect and deploy Fortinet 620B firewalls for multi-customer
segmentation.
. Configuration of Cisco routers and switches, including 6500,
4500, 3750 and 2950.
. Monitoring and configuration of Snort IDS solution with Snorby
front end.
. Patched and upgraded Cisco ACS appliance, configured network
devices for AAA.
KBM Group (December 2011-July 2012)
Sr. Network Engineer/Security Engineer
. Install of Solarwinds NCM and NPM.
. Installed and configured of Cisco ISE.
o Configured user switches for port authentication using RADIUS
o Developed access and guest policy in Cisco ISE appliance.
o Installed Apple and Windows agents.
o Tested access using native supplicants.
. Configuration of Cisco routers and switches, including 6500,
4500, 3750 and 2950.
. Monitored and configuration of Checkpoint firewalls R75.
. Patched and upgraded RSA SecureID appliance.
DMSP thru Matrix (September 2011-December 2011)
Sr. Network Engineer
. Diagram and discovery of as built network.
. Configured Cisco Nexus switches, 7k, 5k, 1kv.
. Configuration of Cisco ASA and Firewall Service Module (FWSM).
CompuCom (April 2011-November 2013)
Network Security Engineer
. Firewall builds for outsource customers.
. Monitored and responded to security incidents
. Troubleshot firewall related incident tickets for multiple
customers.
. Completed change requests on customer behalf.
. Configured IDS/IPS on Cisco, Checkpoint and Fortinet Firewalls.
. Diagnosed and corrected network problems.
Kosmos Energy (August 2009-September 2011)
Network Security Consultant
. Installed Juniper NSM and IDP 75.
. Install and configuration of Fortinet 310B, 620B and
FortiAnalyzer 1000B
. Migration of multiple MPLS networks to single service provider.
. Traffic analysis and forensics with Niksun NetDetector.
. Installed and configuration of Alert Logic Threat Manager and
Log Manager.
. Redesign of campus network, including re-architecture of
international connectivity.
. Developed and advised on security policies and change
management program.
. Installed of Juniper Network Security Manager.
. Architect and configure of Juniper IC-4500 Infranet
Controllers.
o Develop enforcement policy for LAN access.
o Configuration of Cisco switches for 802.1X authentication,
host remediation and guest VLAN assignment.
. Installation, configuration and maintenance of DNS using BIND9
on Linux.
. PCI audits and remediations.
Brinker International (October 2008-June 2009)
Sr. Network Engineer
. Installation of Juniper SSG350's between WAN and Corporate
networks.
. Implementation of Juniper Infranet Controllers and Universal
Access Clients for NAC and dynamic role enforcement.
. Replacement of PIX 535 with Juniper 550 firewalls.
. Configured BGP peering with multiple ISP's for load balancing
and redundancy.
. Installed new Cisco ACS appliances.
. Installation and configuration of HP Opsware NA.
. Wrote and implemented automation scripts for day to day network
functions within Opsware.
. Designed and implemented 20 Gigabit core network between
multiple data centers.
Capgemini AOS (September 2007-October 2008)
Sr. Network Engineer
. Installed Uplogix network monitoring
. Designed and installed PEAP authenticated wireless LAN.
o Configured AP's to authenticate against Cisco ACS and
Windows AD.
o Configured Windows supplicants for machine authentication.
. Supported multiple clients in multi-VRF MPLS environment.
. Designed of multiple vendor extranet.
. Implementation of Cisco FWSM for multiple customers in MPLS
cloud.
. Designed and installed multiple sites, multiple ISP internet
footprints.
. Implementation of multinational MPLS based call center network
w/ end to end QoS.
EXCO Resources, Inc. (July 2007-August 2007)
Network Consultant
. Installed SolarWinds network monitoring.
. Began set up and configure of StoneGate Firewalls and IPS.
. Intergration of CS-MARS into network security posture.
. Planning and architecture for implementation of 802.1x port
security network wide.
. Architecture of redundant internet access.
. Wrote security policies for incident handling, and edited other
policies for SOX compliance.
PerotSystems (July 2006-July 2007)
Sr. Network Engineer
. Network engineering for Data Center Migrations.
. Provided firewall support and configuration on PIX 515, 525 and
Checkpoint R55.
. Network configuration and troubleshooting on 7200, 6500 and
Cisco/HP blade server chassis.
. Provided routing updates to MPLS network.
MCI (October 2005-June 2006)
Test Engineer
. MCI Data Networks Engineering lab.
. Extensive security and reliability testing using Agilent
NetPressure.
. Testing on Cisco FWSM and Cisco WebVPN module in 6500 and 7609.
Texas Capital Bank (March 2004-August 2005)
Network Manager
. Installed and configured CiscoWorks2000 and Cisco ACS servers.
. Rebuilt, manage and maintain Cisco Catalyst 6500, 3550 and 3524
switches.
. Managed and maintained frame relay and point to point network
w/ 3600 and 2600 series routers.
. Architected and implemented secure and redundant offsite vendor
access.
. Completed comprehensive network documentation and best
practices package.
CTX Mortgage (May 2000-December 2004)
Senior Network Engineer/Security Engineer for CTX Mortgage
. Architected and implemented Cisco powered campus and wide area
network.
. Evaluated new networking and security products and services.
. Maintained network security, including firewalls, IDS, access
listing virus and content filtering.
. Beta tested both Cisco IDS 3.1 and 4.0 platforms.
. Provided 36 continuous months with 100% core network
availability during production hours covering 242 sites.
. Insured zero successful security breaches through thorough IDS
and firewall monitoring, also ensured limited downtime from virus
outbreaks with careful access listing techniques.
. Installed and managed VPN (Cisco).
. Architected, implemented, and documented Disaster Recovery
facility and procedures.
. Installed first and largest Cisco ACNS 5.0 content delivery
system, and worked through resolution with Cisco on found software
defect.
. Installed and beta tested Proficient Network BGP optimization
engine.
Bank of America (August 1998-January 2000)
Network Engineer/Consultant
GCIB
. Integral to the Bay to Cisco router migration.
. Key team member on architecture and implementation of dual
fabric, redundant backbone network.
. Maintained all system and project documentation and diagrams.
Accubanc
. Managed and maintained frame-relay wide area network.
. Improved vendor relations with data services provider
(WorldCom).
. Maintained LAN for multi-building campus.
Chancellor Media: Built data center from ground up, including network and
servers.
. Installed email, frame relay, routers and campus switches,
database and web servers.
. Hired and managed help desk and installed tracking software.
. Selected equipment for purchase by organization.
FDIC (June 1996-January 1998)
Network Admin
Certification
MCSE
CCNA
CCNP
Contact this candidate