SUMMARY:
. Twenty plus years of experience with Networks and Network Security
Architecting.
. Adept design and engineering skills with routing and switching
methodologies and technologies (i.e. Border Gateway Protocol (BGP),
Enhanced Interior Gateway Routing Protocol (EIGRP) and Open Shortest
Path First (OSPF).
. Strong Java skills in which programming projects were on supporting
network centric utilities. Utilized Java to implement the Data
Encryption Standard (DES & 3DES), Advance Encryption Standard (AES),
Secure Hash Algorithm (SHA-1/SHS) all based on the National Institutes
of Science and Technology (NIST) Federal Information Processing
Standards (FIPS).
. Worked on the implementation of BGP based on RFC 1771 & 4271 as well
as EIGRP and developed an implementation of the Cisco IOS operating
system with the JAVA programming language.
MAJOR PROJECTS AND ACCOMPLISHMENTS:
DOJ Next Generation WAN
. Developed architecture for the DOJ Next Generation WAN that includes
2000+ sites, Optical Transport Networks, Firewalls, Intrusion
Detection Systems, Routing and Switching components.
o Produced reference architecture and presented to leadership along with
third party auditors.
o Conducted market analysis with vendors and carrier/service providers.
o Developed Network and Security Requirements, CONOPS and business case.
Amazon Web Services and Microsoft Azure Cloud
. Developed Security and Network Architecture for Amazon Web Services &
MS Azure Cloud Infrastructure as a Service (IaaS).
o Produced reference architecture and presented to executive leadership
o Lead meetings with DOJ JMD staffs to instantiate the architecture to
an enterprise services and production environment.
o Responsible for building Cloud Access Point prototype that allowed for
secure transport between DOJ and Cloud providers.
o Utilize Ansible and Terraform to develop Infrastructure as Code (IaC)
to produce networking as a service utilizing Cisco Cloud Service
Routers (CSR) and dynamic multipoint virtual private network (DMVPN)
technologies.
Accomplishments:
. Lead the Routing and Switching Team-Operated the DOJ Trusted Internet
Connection Access Point that included network, security and load
balancing systems.
. Designed and coordinated the upgrade for the Data Center's core
network infrastructure using Cisco Nexus 7K Routers.
. Led the network security infrastructure for executive management
upgrade that included 64 network access points along with two core
network systems to be replace with new hardware and design.
. Designed and implemented DOJ a federated Video Telecommunication
Communication infrastructure that linked most of DOJ components using
SIP and H.323 protocols over an IP network while maintaining a strong
security posture and providing Internet access through the TIC.
. Designed and implemented the Grants Management network security
infrastructure for the Office of Justice Programs (OJP).
EXPERIENCE:
08/09 - Present
WFR Technologies/WINS - Washington, DC
Solutions Architect
Department of Justice-JMD
. Meet with components to gather requirements, provide guidance and
network design support, and develop solutions with mission essential
applications and systems.
. Designs, implements and test complex infrastructure in support of
customers' needs.
. Lead the network routing team to isolate, analyze and resolve issues.
. Provides expert technical assistance and guidance to the network
routing team with high-level systems.
. Maintains the design and integrity of internal networks.
. Designed the Next Generation WAN Reference Architecture.
. Developed Security and Network Architecture for Amazon Web Services
and MS Azure Cloud Infrastructure as a Service (IaaS), Software as a
Service (SaaS) and Platform as a Service (PaaS).
Department of Justice-OJP
. Designed and implemented the routing and switching infrastructure
utilizing Nexus 5K and Cisco Virtual Switching System technologies for
the OJP Grants Management System. Also designed the security
architecture utilizing FortiNet's Fortigate firewalls and Breach Web
Defend reverse proxy as well as Cisco ASA firewall.
. Supported Cisco Firewall Services Module in a multi-context
configuration.
. Supported the Data Center's infrastructure and TICAP environment.
. Deployed and designed the Video conferencing solution for JMD using
Cisco Tandberg Video Communication Server, MSE 8000, ISDN Gateway and
MCU bridge units. Implemented TMS for management of the codec systems
and MOVI clients. Supported both SIP and H.323 calls and created dial-
plans to support on and off net calling.
11/08 - 08/09
Dewey & LeBoeuf - Washington, DC
Senior Network Engineer
Major Projects: Corporate Wireless / Disaster Recovery Network.
. Implemented Cisco Wireless LAN Controllers for the NYC Campus and WAN
locations utilizing WiSM and 4402 controllers. Also built and managed
Cisco Wireless Control System to manage corporate wide wireless access
points, controllers and clients.
. Built DR network infrastructure with elements including Cisco
firewalls, content switches, routers, switch/routers and switches.
. Configured routers with DMVPN technology leveraging the Internet for
WAN connectivity and maintained EIGRP routing topologies.
. Developed/deployed a wireless authentication web access page for guest
surfing and designed and implemented WPA 802.1x authentication and
dynamic encryption key generation, utilizing AES, for secured wireless
clients using Cisco Secure ACS with Active Directory pass-thru.
6/07 - 11/08
Computer Science Corporation / WINS - Washington, DC
Lead Network Engineer / Network Consultant
Department of Justice (DOJ/JMD & OJP)
. Responsible for supporting Network Operations including upgrading and
maintaining the Cisco infrastructure.
. Performs planning and implementation of new customers joining the
network.
. Conducts site surveys, provides equipment recommendations to
configuration and implementation of the hardware and transitions users
and groups onto the network.
. Modifies and configures Cisco switches, routers, and firewalls to
provide connectivity to the added groups and users.
. Supported and configured routing protocols including BGP, OSPF and
static routes.
. Troubleshoots various routing topologies.
08/05 - 6/07
BT INS / IAP Worldwide Services - Baltimore, MD
Senior Network Engineer
U.S. Securities and Exchange Commission
. Completed assessment of the SEC Enterprise IP Network and complied
findings into a Visio network map.
. Designed and implemented a wireless infrastructure utilizing Cisco
1131 LWAPP Access Points and Cisco 4402 Wireless LAN Manager.
. Managed Network Engineering Analysis & Research (NEAR) Lab; designed
MPLS backbone simulations for MPLS studies with VoIP, Video and Data
services.
. Engaged in resolving MPLS latency issue for the SEC WAN.
. Simulation of IPv6 of backbone testing with XP, some longhorn testing,
tested OSPF version 3, Routing IPv6, case studies with native vs.
tunnel IPv6.
. Produced lab environments of Cisco 7200s, 6500 & 4500 switch routers,
3750s switches and 3745s routers
Deutsche Bank.
. Worked with the Americas Deployment Team to support upgrades to the
network technologies within the corporate offices throughout North &
South America.
. Deployed Cisco 2800 series routers and 3750 EMI/SMI switches,
utilizing multi-VLAN configurations, QoS with LLQ and Cisco IPT.
Kaiser Permanente
. Responsible for the management and oversight of the data network
infrastructure that included Cisco routers, Cisco (L2-L3) switches,
CSU/DSU, and hubs for the Kaiser Permanente enterprise.
. Responsible for assisting the Performance Manager in troubleshooting
complex network issues.
. Responsibilities included identification, analysis and documentation
of incidents affecting network availability.
o Worked closely with KPIT organizations, clients, vendor partners
and OEM Technical Assistance Centers (TAC's) to analyze and
document problem events.
o Provided analysis of data to the Engineering or Network
Integration groups for permanent solution identification and
implementation.
o This includes hardware, software, firmware and configuration
recommendations ensuring that network standards were adhered to
for all solutions.
04/05 - 08/05
Unisys, Inc. - Reston, VA
Senior Network Engineer
Department of Health and Human Services
. Designed a MPLS solution for a major HHS OpDivv that allowed for
minimal latency and provided optimal routing.
. Provided continual support and design solutions for the HHS enterprise
email systems' network connectivity.
10/04 - 04/05
InfoStructures, Inc. - Washington, DC
Senior Network Engineer
. Smithsonian Institutes
. Provided technical support of the Smithsonian campus routing,
switching and VoIP environments (i.e. Internet BGP routing, content
switching for Smithsonian web farm, Voice Gateway routers and EIGRP
inter-campus routing).
. Provided Novell administration support for all network enterprise
users, utilizing tools e.g. "Console One" and "NW Admin".
. Supported VPN technologies (e.g. IPSec tunnels and Cisco VPN
Concentrator).
. Implemented Security policies on Cisco PIX firewalls.
01/04 - 10/04
Apogen Technologies, Inc. - Washington, DC
NOC Supervisor / Senior Network Engineer
United States Department of Agriculture (USDA/OCIO)
. Managed "day-to-day" operational issues pertaining to Cisco routers
and switches, Checkpoint Firewalls, Network Monitoring and email
systems.
. Provided direction and leadership to a team of nine IT specialists,
while maintaining the integrity of the USDA infrastructure.
. Managed the implementation of the USDA DMZ upgrade, Server farm
upgrade, Net Junction Email upgrade and Tumbleweed Spam / virus
scanning upgrade.
. Encouraged and promoted teamwork and customer care within the USDA
Network Operations Center and interface with USDA senior management
team to provide vision and direction for future expansion.
05/03 - 01/04
SRA International, Inc. - Rockville, MD
Senior Network Engineer
National Institutes of Health (CIT/DNST).
. Delivered support in deploying, maintaining and designing wireless
solution throughout the entire NIH campus.
. Maintained the NIH off-campus network, which encapsulates a wide array
of technologies (e.g. Wireless, Frame Switching and Routing).
. Provided input in regards to the deployment of BGP within NIH multi-
homed Internet environment, troubleshot, and resolved various day-to-
day network issues.
12/99 - 05/03
SunTrust Bank, Inc., Richmond, VA
Senior Network Planning Engineer
. Designed and planned the implementation of the SunTrust Internet
connectivity.
. Designed and engineered the BGP routing protocol for a multi-homed ISP
environment.
. Utilized BGP communities, AS-path padding, route-reflectors and the
Cisco proprietary weights.
. Conducted feasibility studies for QoS and designed a QoS strategy for
the entire corporation.
. Utilized the CB-WFQ mechanism and the WRED within each queue.
. CB-WFQ provided a very legible configuration script and provided the
desired manageability for the SunTrust environment.
. Designed a $5.6 million Frame Relay Network consisting of 492 bank
branches.
. This design utilized the EIGRP routing protocol, EIGRP distribution-
list and EIGRP summary routes to control EIGRP queries.
. The HUB routers maintained a neighbor limit of 198 nodes with the
possibility of growth up to 254 nodes, which would be under the
recommended neighbor limit of 300 nodes.
. Developed and published a solution for Mid-Atlantic slow response time
issue within the MAN routed network.
. Static route redistributed into EIGRP affected the traffic flow from
the Mid-Atlantic region to the Atlanta and Florida Region; due to the
automatic calculation of the EIGRP metrics.
. The solution required the manual calculation of the desired EIGRP
metrics and manually setting the metrics on the respective routers.
. Designed and implemented an Intranet E-Business environment.
. This infrastructure consisted of F5 Load balancers and Nokia 650 and
330 Firewalls, the infrastructure provided connectivity for
applications modeling a three-tiered architecture (www, application
and database servers).
08/99 - 12/99
Bank of America, Inc., Richmond, VA
Network Analyst III
. Designed and implemented Cisco Fast-Ethernet Data Center switches for
the metropolitan area.
. Setup 10/100-MBps Ethernet ports and Ethernet channels on Catalyst
switches.
. Optimized the switched network by adjusting spanning tree parameters,
such as bridge priority PVST instance on Cisco Catalyst switches for
load balancing and optimized convergence time by adjusting BPDU
maximum age timers and forward delay timers.
. Designed network access connectivity for various Lines of Business
(LOBs); determining, based on the requirements, if the connectivity
would terminate at the policy layer routers or concentration routers.
. Re-designed the connectivity for the "Mid-Range" data processing
environment for the Richmond Data Center, deployed Catalyst 5509
switches, Route Service Modules (RSMs) and configured multiple VLANs
to support this upgrade.
05/99 - 08/99
DMC University Labs, Detroit, MI
Network Field Engineer
. Installed Cisco 5500 ATM campus switches and built a Fast-Ethernet
campus network for the University, Receiving, Hutzel, Children's and
Harper Hospitals.
. Provided third-level support for the entire campus network including
Novell Intra-Netware server and Windows 95 client support.
. Supported Xyplex Terminal Access Servers and DEC Mainframe
connectivity.
01/99 - 05/99
Technology Services Corporation, Inc., Dearborn, MI
IT Consultant
. Designed a wide area network with ISDN backup, implemented several
Windows NT and Novell Netware 5 servers.
. Designed NOS file structure, installed network applications and
applied security policies.
. Trained, supervised, and develop work break down for several team
members.
. Produce project and training documentation for clients as well as
delivered formal training to client staff.
04/96 - 12/98
MCI WorldCom, Inc. Dearborn, MI
Field Engineer
. Configured and support various digital Customer Premise Equipment
(CPE) systems.
. Installed and configured T1 CSU/DSU, Cisco routers and network Hubs
for MCI Manage Services' customers.
. Supported MCI local voice services for the Metro-Detroit area
configured ground start, loop start, E&M wink, DID, DOD circuits.
. Supported and maintained the MCI local Switch site, completed MUX
messages and "nailed-up" circuits on the Siemens DXC 1/0 and DXC3/3
and initialized Nortel DMS-100 switch ports.
. Installed digital transport routes throughout the country by
configuring Nortel DXC 3/3, 3/1, 1/0 and Fujitsu M13. Tracked
installation orders and logged configuration task.
. Maintained a Netware 4.1 server for the MCI Network Operation's office
and provided Windows 95 desktop support for the Administrative
Assistants and Technicians.
06/95 - 04/96
Cable & Wireless, Inc. Detroit, MI
Telecommunication Technician
. Managed and maintained telecom switch site, retrieved status reports
for the switch, completed MUX messages and configured private line
circuits that routed through the DEY terminal.
08/94 - 03/95
Ameritech, Inc. Southfield, MI
Telecommunication Technician
. Managed connectivity for the Southfield campus worked with category 5-
cable plant and Synoptic Concentrators.
. Cabled Ethernet and Token Ring networks for seven facilities within
the Southfield campus.
INDEPENDENT CONSULTANT PROJECTS:
The following includes additional contracts that were done after hours
while maintaining full time employment listed above.
10/00 - 12/02
J.Sargent Reynolds Corporate Training, Richmond, VA
Cisco CCNA Instructor (full time nights)
. Developed the course agenda and determine the appropriate course
materials.
. Developed real world design scenarios to present to the students and
maintain the lab operation and configurations.
. Advised faculty on ways to increase the quality of service for the
program and ways to produce more revenue.
. Delivered presentations describing J.Sargent Reynolds' Cisco program
to interested students at the J.Sargent Reynolds IT Career Night.
EDUCATION & TRAINING:
. CISSP Preparation, University of Richmond, 2002
o Studied the requirements set out by the ISC2, reviewed security
techniques, laws, standards, specifications, risk management,
cost analysis, network security, system security, ISS Policy
definition and documentation.
. CPE, Installation and Maintenance, MCI Career Enhancement University,
1996
o Learned how to maintain and install all MCI supported CPE. The
course consisted of Basic Router configuration and Digital CPE
Installation and Maintenance.
. Network Administration Computer Learning Center, 1997
o Novell Netware Administration for Netware 4.1 and Window NT
Administration in support of Windows 95 in a client/Server
environment.
CERTIFICATIONS:
. CCIE Written for Routing and Switching
. CCNA - Certified Cisco Network Associate
. CNA - Certified Novell Administrator
. CPE - Customer Premise Equipment
. Cisco Network Design
. IP Routing & Switching
. LAN/WAN Communication
. WAN Technologies
. Asynchronous Transfer Mode (ATM)