Network Engineer
Resume:
STEPHEN WOODS
acyvat@r.postjobfree.com 678-***-****
SUMMARY
IT Professional with over 15 years of experience in implementation/deployments, administration/service requests,
Tier 2/3 escalation support/ticket resolution, design, analysis, and troubleshooting various network technologies
for medium to global enterprise environments which includes proficiency in routing, routing protocols, switching,
security, firewalls, voice, wireless and data center technologies.
TECHNICAL CERTIFICATIONS & SKILLS
CCNP R & S
Cisco Certified Network Professional Routing & Switching
CWP/CWEA
Certified WAN Professional/Certified WAN Enterprise Administrator
CSA / CDCA
Cisco Security Administrator / Data Center Administrator
CVA / CWT
Cisco Voice Administrator / Wireless Technician
CCNA Security
Cisco Certified Network Associate Security
CCNA R & S
Cisco Certified Network Associate Routing & Switching
TECHNICAL SKILLS DETAIL
Routing/Switching Technologies Cisco Routers (3900, 2900, 1900, 800 Series), Cisco Catalyst Switch (6500,
5500, 4900, 4500, 3750, 3560 X, 3100), Cisco Nexus 1kv, 2k, 5k Series, Juniper and HP Routers & Switches
WAN, LAN, TCP/IP, Cisco IOS, Spanning Tree Protocol, BPDU, CDP, ACL, NAT, PAT, RIP, RIPv2, OSPF,
OSPFv3, EIGRP, BGP, MPLS, VTP, SNMP, SMTP, ARP, TCP, UDP, Static Routing, Stub Routing, VLAN,
VLAN Trunking, VXLANs, Multicast routing, HSRP, SVI, CEF, Etherchannel, Portfast, VSS, VPC.
Security/Firewalls Technologies Cisco Security Manager Suite, Cisco ASA 5500 series firewalls, Cisco
FWSM, Cisco IPS/IDS, Cisco ACS, Advanced Firewall Manager (AFM), Cisco ASA 1000V cloud firewall,
Fortinet, Checkpoint Firewall, Juniper SRX series, Palo Alto, Protocols & Standards AAA, TACACS+,
RADIUS, SSH, VPN, IPSec, SSL/IPSec, Data Loss Prevention, Data Management Zone, Pretty Good Protection
(PGP), Public Key Infrastructure (PKI), Internet Key Exchange Policy, Port Security, MAC Address Filtering.
Wireless/Voice Technologies Cisco WLC, IEEE 802.1x & 802.11, WLAN, WAP, AP, SSID, LWAPP, Aironet,
Bluetooth, Avaya, AURA Voice Over Internet Protocol (VoIP), VoIP/SIP, CUCM, UCCM, UCCX, MGCP,
RSTP, SCCP, STP, Quality of Service (QoS), PoE, MMDS, LMDS, CCK, DSSS.
Monitoring/Data Center Technologies/APPS Wireshark, Remedy, Cacti, Nagios, VMware, Solarwinds, Cisco
Security Manager Suite, Server, Sniffer, Ethereal, Orion VMware, F5 Big IP LB (GTM/LTM), Cisco
AnyConnect VPN mtg, Cisco Prime, Cisco IPS/IDS, Meraki Cloud Based Splunk, SNMPv2c, SNMPv3, DNS,
DHCP, FTP, Telnet, HTTP(S), SMTP, tunneling protocols, PTP, SFTP, RDP.
SUMMARY OF PROFESSIONAL EXPERIENCE
SageNet / LANWAN Professional Sr. Network Analyst / Engineer 2015 Present
AT&T Network / System Analyst 2003 2015
I B M Global Services Network / System Administrator 1998 2003
PROFESSIONAL EXPERIENCE
SageNet / LA NWAN P rofessional Sr. Networ k
A nalyst / Engineer 2015 P resent
Company Overview SageNet designs, implements and manages fast, secure and reliable networks that empower
organizations to achieve their core business objectives. SageNet offers a uniquely broad and deep understanding
of local and wide area networks, backed by a proven track record of deploying customer focused technology
solutions. SageNet manages communications at more than 160,000 locations for many of the nation s leading
retail, healthcare, financial and energy companies, as well as public utilities, state lotteries and government
agencies. LAN/WAN Professional is a nationwide membership organization of LAN/WAN professionals
including administrators, engineers, consultants, analysts, architects located throughout the continental United
States. Responsibilities handled:
Member of a team responsible for escalation support, administration, client relations, configuration, maintenance,
analysis, documentation and troubleshooting of various IT enterprise infrastructures.
Specific Technologies handled include but not limited to Cisco Router 2621; Cisco 891, 1841, 2801, 2851 Integrated
Services Router; Cisco Catalyst Switches 3500, 3550, 4500; Cisco ASA 5505, 5510; Cisco Nexus 1k, 2k, 5k; Juniper
EX2200 C Switch; F5 Big IP Version 11.6.0; Cisco Unified Communications Manager Express Version 8.6; Cisco Unity
Express Versions 7.0.6; Cisco 2106 Wireless LAN Controller; Cisco Aironet 11x Access Point; Palo Alto PA 2020
Firewall, Nagios, Solar Winds Orion, Cacti, Wireshark.
Technologies in network environment include but not limited to routers, switches, security firewalls, voice, wireless and
related technologies along with various server/application administration, system reimaging, and remote setup.
AT& T Network / System Analyst 2003 2015
Company Overview A T&T is the l argest telecommunications company in the world by
Company
revenue. As of 2017, it is also the 18th-largest mobile telecom operator i n the world, with 135
m illion mobile customers. Responsibilities handled:
Member of a team responsible for installation, configuration, escalation support using a ticketing system, maintenance,
vendor/client relations, analysis, documentation and troubleshooting of various IT enterprise infrastructures.
Daily responsibilities include but not limited to security administration, escalation support, analysis, and troubleshooting
hardware/software issues and in the IT infrastructure that delivers the Content Relationship Management solution for
Solutions Representatives.
Technologies in network environment include but not limited to routers, switches, security firewalls, voice, wireless and
related technologies along with various server/application administration, system reimaging, and remote setup.
I B M Global Services Network / System Administrator 1998 2003
Company Overview I BM Global Services, a d ivision of I B M, is the world's largest business
and technology services p rovider. I t employs over 190,000 people across more than 160 countries.
Responsibilities handled:
Member of a team responsible for maintenance, administration, installation, documentation, escalation support/ticket
resolution, management and troubleshooting for all IBM accounts at GE Capital Data.
Daily responsibilities include but not limited managing datacenter and disaster recovery technologies through proper
change management procedures in a proprietary automated ticketing system so that service level agreements are met and
reported to management to showing various IT infrastructure metrics.
SUMMARY OF TECHNICAL ACCOMPLISHMENTS
Routing & Nexus & Catalyst Switching
Implemented trunk ports to control VLANs and VXLANs using NX OS to ensure virtual and flexible subnets that can
extend further across the network infrastructure than previous generation of switches.
Implemented port profiles as part of the NX OS command structure that allows for configuration of multiple ports and
port types via inherited configurations applied to reduce errors and allows for better configuration readability.
Implement a virtual version of Nexus1000v into VMWare to extend Nexus capabilities directly adjacent to virtual
machines so that they benefit from Cisco switching capabilities and network topology consistency ensuring VMs
maintain their subnet/VLAN relationships during failover.
Implemented secure privileged administrative access to the Cisco IOS system. Enabled the encryption of system
passwords to prevent unauthorized users access to passwords in the system configuration.
Implement secure access to the console and vty ports, and set the interval that the EXEC command interpreter waits
until user input is detected on the Console and vty ports. Also, configure the console and vty ports log messaging to not
interfere with active device configuration.
Implement VLAN Trunking Protocol to reduce administrative overhead. Enable secure sharing of VLAN information to
prevent the introduction of rogue devices from affecting the VLAN database. Shutdown unused switchports following
Layer 2 security best practices.
Security
Implement an IPSec Site to Site VPN between the Cisco ASA5505 at small office location and Cisco 1841 ISR with a
security IOS image at the main office. Implementation of the VPN includes the following configurations: Internet Key
Exchange Policy using DES and SHA for encryption and authentication, access lists to define VPN traffic, transform set
using esp des esp sha hmac to define how the traffic is protected, crypto map to associate the previously configured
elements to a peer, and application of the crypto map to appropriate interface or VPN endpoint.
Implementation of Zone Based Policy Firewall on the Cisco 1841 ISR with the following components: three zones,
class maps specifying traffic that must have policy applied as it crosses a zone pair, policy maps to apply action to the
class maps traffic, zone pairs, and application of policy to zone pairs.
Implement a Clientless SSL VPN (WebVPN) to allow users to establish a secure, remote access VPN tunnel to the Cisco
ASA 5505 using a web browser. Prepare the Cisco ASA with necessary configurations to self signed certificate
generation. Generate a general purpose RSA key pair for certificate authority identification, configure certificate
authority trustpoint for the WebVPN using self enrollment, and configure CA trustpoint interface association.
Configure Syslog on the Cisco ASA 5505 with logging to a host and internal buffer. Forward all logging to an internal
Syslog server for monitoring and management. Configure and manage Syslog output generation using custom message
lists. Implement FTP backup of internal buffer when it is exceeded.
Implement Basic Threat Detection, Advanced TCP Intercept, and Scanning Threat Detection. Simulate attacks on
network to manage threat detection rates and verify Syslog generation.
Utilize Cisco ASA 5505 Modular Policy Frame Work to configure and manage layer 3/4 interface service policies, apply
inspection and connection limits to services, apply inspection and QoS policing to HTTP traffic. Configure HTTP
inspection policy to block restricted sites and file downloads.
Configuration and troubleshooting of high availability pairs of F5 BIG IP devices via a GUI and CLI to provide a virtual
web server utilizing round robin selection to balance traffic on several web servers.
Voice
Implemented local voice network using Cisco 2811 ISR (VoIP) with a Cisco Unity Express Network Module (NM CUE),
Cisco Communications Manager Express, Cisco 3550 Switch with Power over Ethernet. Created and managed Data and
Voice VLANs, and configure ports with static VLAN assignment and 802.1Q trunks for layer 2 forwarding. Configure
edge ports for fast transitioning into the forwarding state to fix workstation startup connectivity delays.
Configure Fast Ethernet main and sub interface assignments as required for inter VLAN routing. Implement static
routes for local connectivity. Implement NTP server, DHCP server, and TFTP server for support of the VoIP network.
Modification of system level parameters including max phones, max directory numbers, display format for date and
time, and setting the Time Zone.
Implement Unity Voicemail on the Cisco Unity Express Network Module. Configure a dial peer on the Cisco 2811 ISR
to define the attributes of the packet voice network connection to the Cisco Unity Express Network Module. Enable call
forwarding on busy or no answer. Implement Message Waiting Indicators and Voicemail access via SMTP. Daisy chain
PCs to VoIP phones to reduce network cabling costs. Utilize PoE ports for VoIP phones to reduce power infrastructure
costs.
Wireless
Implement a wireless network infrastructure providing access to wired LANs to increase mobility and productivity
utilizing the following network elements: Cisco Wireless LAN Controller (WLC) 2106, a Cisco 3550 switch, a Cisco
1130AG series Access Point, and a Cisco 1121G series Access Point. Create wireless LANs and configure interface
association, security parameters, and radios used. Utilize the Wireless LAN Controllers web GUI to configure and
manage the wireless network. Configure internal DHCP scopes for WLANs.
Prepared infrastructure for AP registration on same subnet as management VLAN and for AP registration on different
subnet. Configure AAA AP policies to allow Self Signed Certifications for APs shipped without a Manufacturer
Installed Certificate. Implement AP Grouping to ensure WLAN SSIDs are only broadcast by the APs desired.
Data Center
Configured VLANs and access ports connecting virtual machines using the NX OS CLI on a Cisco Nexus 1000v virtual
machine and VMWare vSphere Client networking.
Configured routing policies and service profiles for separate levels in an organizational hierarchy using a Cisco Prime
and the Cisco IOS 15.4 CLI. Network Services Controller virtual machine. These policies and profiles were applied to
Cisco Cloud Service Router 1000v (CSR 1000v) virtual routers.
Monitoring/Management
Used the Cisco Configuration Professional GUI to configure interfaces, passwords, hostnames, DHCP, EIGRP, and
SNMP on a Cisco router. Used the CCP monitoring tool to monitor traffic from that router.
Configured the Nagios XI monitoring tool to monitor routers and switches and customized its dashboard.
Configured SolarWinds Orion NPM and used it to monitor traffic on a network.
Configured the CACTI tool to graph traffic from a router and to generate alerts based on a threshold traffic level.
Used the Wireshark tool to study HTTP, telnet, and SSL traffic.
Contact this candidate