Post Job Free
Sign in

Network Engineer Access Control

Location:
Manhattan, NY, 10019
Posted:
July 28, 2024

Contact this candidate

Resume:

ELYON F. RABBEYAH

*********@*****.***

CAREER SUMMARY

Skilled and resourceful IT professional providing innovative enterprise-wide network solutions that include engineering, administration and security that meets with business requirements. This experience covers budgeting, vendor management, disaster recovery, LAN/WAN networking, routing and switching, voice, wireless, virtualization, storage, and security, as well as Windows and Linux server domain administration and support. I’m a dedicated team player with the ability to work effectively, the motivation to keep informed of evolving technology, and the ambition to grow within the company.

PROFESSIONAL EXPERIENCE

12/23 – 7/24 Sysco Corporation Vernon, California

Sr. Network Design Engineer (remote project work)

Global network support, including routing, switching, security, monitoring and troubleshooting

Global design and deployment of Eutelsat OneWeb Satellites for 150 remote offices

Aruba Silver Peak SD-WAN support and administration

MPLS operations support and troubleshooting

Topology design and presentation with MS Visio

Coordination with AT&T and other team for MPLS, ISP and Satellite deployment, configuration and testing

3/22 – 11/23 State Street Corporation Irvine, California

Sr. Network Engineer (remote project work)

Global Network Support, including circuitry and routing

LAN Support – Upgrade, Configuration and Administration of Cisco routers, Catalyst switches and Palo Alto Panorama managed firewalls; OSPF/EIGRP;

PAN Firewall / Panorama Upgrades

Configured, maintained & troubleshot hundreds of secure, controlled access connections to extranet portals for third parties (vendors, suppliers, partners customers, etc.,) via IPSec S2S VPN on the Cisco ASA platform

Managed Palo Alto firewall security policies and access control

SolarWinds/InfoSim Monitoring;

Use of monitoring applications AppView, and ThousandEyes,

Network Access Control and support with Cisco ISE, Cisco DNAC, and SD-WAN/Access

Postue compliance; created policy sets and authorization policies; configured identity stores; AD

Configured global ISE network authentication, authorization and accounting parameters

Device role assignment; Fabric Overlay deployment

Data Center Support – Cisco Routing and Nexus Switching, DMZ, Architecture; multiple locations

WAN Support - MPLS, Cisco Viptela SD-WAN

Internet Circuit Support, BGP Peering

9/20 – 9/22 City of Hope National Medical Center Duarte, California

Sr. Network Engineer

Turn up new ISP circuits on Cisco ASR routers; upgrade other circuits to 10Gb

Upgrade Aruba Wireless Infrastructure with Mobility Masters and 14 Controllers, 1500 APs

Cisco DNAC integration with Cisco ISE for centralized network management

Cisco Digital Network Architecture (DNA) cluster deployment for network segmentation, upgrades, policy-based automation, zero-touch provisioning, end-to-end visibility, and orchestration; policy, provision, design, assurance and platform workflows;

Cisco Identity Services Engine (ISE) deployment and configuration across enterprise infrastructurefor network access control, AAA, posturing and profiling; enforced endpoint compliance via client provisioning within 802.1x environment; support for discovery, profiling, policy-based placement, and monitoring of endpoint devices on the network; Enabled consistent policy in centralized and distributed deployments for service delivery; security group access tags and ACLs; MAC Authentication Bypass

Use of Software-as-a-Service (SaaS) for multiple applications with ease of accessibility, scalability, rapid deployment, maintenance and support

Aruba Airwave Monitoring and Aruba ClearPass Network Access Control for Wireless

Juniper Mist Wireless deployment

NetScout and ThousandEyes with probes to monitor network paths, analyze traffic, and provide monitoring of network and application performance, availability, and potential issues to ensure the optimal delivery of applications and services

InfoBlox implementation for IP address management, including DNS Zones, Static IP and DHCP Services, subnet management, DNS Security; Used in conjunction with Cisco ISE to provide context and enhance security response accuracy and timeliness

eBGP configuration & peering with multiple ISPs / iBGP configuration with internal peers

Cisco FirePower / ASA Firewall upgrade and administration; routing, policies and access control; multi-vendor IPSec VPN connectivity

Panorama for Palo Alto Firewall management and administration, including HA, logging, troubleshooting, OS upgrade, AV and threat protection, IPSec VPN, Global Protect, FIPS compliance, zone policies

Palo Alto Firewall deployment, configuring App-ID and FW security policies, virtual routing, L2, TAP and VLAN interfaces; Wildfire, PAT/NAT, L2/L3 Zoning and Segmentation

MS Azure Network configuration, with ExpressRoute setup and configuration, with dual BGP peering, VNet peering, and IPSec backup tunnel; including VNets, Subnets, vNICs; BFD and QoS; implemented VNet security groups;

Implemented Azure Traffic Manager and Load Balancing; Deployed application gateway

VXLAN configuration and implementation between Campus and Data Center

Migration from Ubiquiti wireless network to Aruba (Clear Pass, 802.1x, Mobility Master)

Designed and configure three-tier infrastructure using Arista Layer 3 Switches

Configuration of Palo Alto Firewalls

Switch refresh migration from Foundry/Brocade to Aruba, HPE and Arista

Setup new branch office, and refreshed/maintained current branch offices

Configuring the Fortinet Security Fabric; Fortigate Content Inspection

Configuring Static and SD-WAN FortiGate Routing; NAT/PAT

Configure IPSec L2L VPN, SSL remote access; policy/template configuration on Fortigate Firewall

2/19 – 2/21 USC ISI Viterbi School of Engineering Marina Del Rey, California

Sr. Network Engineer

VXLAN-EVPN Spine/Leaf configuration and implementation in Data Center

Migration from Ubiquiti wireless network to Aruba Wireless network

Configuration and support of Aruba/HPE switches in each IDF for node access

Designed and configure three-tier infrastructure using Arista Layer 3 Switches

Administration of network access control using Aruba Clear Pass, 802.1x

Deployed Aruba wireless controller / mobility master for central management

Configuration of Palo Alto Network Firewalls – HA, IPSec, remote access using Global Protect, configuration backup and restore, conversion into FIPS mode, set policies for zones, NAT, routing configuration with virtual routers, etc

eBGP peering configuration with ISP

Switch refresh migration from Foundry/Brocade to Aruba, HPE and Arista

Troubleshoot wireless, bottlenecks, and access issues

Configuration of SNMP, Netflow and Syslog for event monitoring

Establish 100G layer 2 link using dark fiber between campus and data center

Configure 10G / 40G links between floors throughout infrastructure

Configure MLAG, LACP and trunk links

FortiGate Firewall administration, including L2/L3 networking and IP routing, IPsec VPN, SSL Remote Access Web/Tunnel Mode, Trunking, VLAN interfaces, HA, Link Monitoring, NAT/PAT

2/18 – 1/19 4Over Business to Business Printing, LLC Glendale, California

Sr. Network Engineer

Setup Branch offices on East Coast

oDesigned Branch topology and infrastructure

oDeployed Cisco routers, switches, firewalls, wireless controllers and access points

iBGP client configuration for multiple ISPs, transit systems, and route filtering

MPLS Configuration and Full Mesh Redesign

DMVPN / EIGRP Configuration and Hub and Spoke Redesign

Core Router and Switch Configuration

OSPF design and configuration for local area network

Cisco Firepower 2100 Series Firewall Configuration and Deployment

Palo Alto 5020 Firewall Configuration and Deployment

Cisco ASA 5500 Series Firewall Configuration and Administration

Deployed Cisco ISR 4431 routers, 9300 series switches, 3504 Wireless Controllers for infrastructure refresh

Work with 3rd party telecom providers to plan and manage leased lines and WAN circuits at all branch locations

Created new schema for VLANS, Wireless, subnets, scopes and IP address management

Worked with management to document approved network change control for all projects, tasks and information security requirements

Big IP F5 2200 Series Load Balancers Administration

Use of SolarWinds for monitoring capabilities across the enterprise

Develop documentation of current as well as planned network

Lead network availability incidents with customers as required, keeping them informed on incident progress, and pending change or outages

10/16 – 2/18 Atos/The Walt Disney Company Burbank, California

Sr. Network Engineer – Global Projects Team

Responsible for Data Center Refresh Projects Globally

Created work plans and conducted peer reviews for all changes

Worked w/architecture team to deploy new routers, switches & firewalls in DCs worldwide

Palo Alto Panorama use for worldwide central management of firewalls

Configuration and Deployment Cisco 6880-X-LE L3 switches

Configuration and Deployment Palo Alto Networks 5060 Firewalls

Configuration and Redeployment of Big IP F5 2200 Series Load Balancers

Configuration and Deployment of Cisco 9372 TX/PX Switches

Modified and updated BGP and EIGRP routing protocols

Layer 3 VRF routing segmentation; Layer 2 VLAN switching segmentation

Configured port channels; trunks and vPCs

Troubleshoot connection issues between hop links

Configured Cisco ASR 9000 Switches for new gear brought online

Refresh of L2 3570 access switches with 2960 XR and 3850 models

4/16 – 10/16 Marina Del Rey Hospital Marina Del Rey, California

Sr. Network Engineer

Responsible for architecture and design for migration from one data center to another for new parent company

Used Visio Drawings for demonstration and documentation

Documented process and details of project procedures for future reference or troubleshooting

Upgrade / Configuration of Cisco ACS appliances for network and device access control

Retired legacy Cisco Routers; moved networks to Nexus 7010 under OSPF process

Upgrade and configuration of ASA 5520 / 5555 / 5585 Firewalls with new rules, routes, VPN and failover in active\standby high availability; Migration of IPsec tunnels/RA VPN

Configured backup IPsec Tunnel from DC to local MDF for 10GB L2 primary fiber link

Installed and configured SolarWinds as a tool for network monitoring and visibility

Use of InterMapper as a tool for network monitoring and visibility

Upgrade of 3750-X Stack Switches

Check Point UTM-1 configuration of separate vendor network for data/image backups

Data Center Migration with Fabric Path using Nexus 7010 / 56128P / 2248 FEX

Sophos Email / Web reconfiguration and move to new Data Center

Upgraded and configured cluster of Cisco WLC 5508 / Load Balanced APs

Assisted with the VBlock System 200 Converged Infrastructure migration between Data Centers, with Cisco 1000v, UCS, Nexus, EMC VNX 5300, and VMWare reconfiguration

Layer 2 expansion of VLANs from LAN to remote Data Center

9/15 – 4/16 Sony Pictures Entertainment Culver City, California

Sr. Network Consultant

F5 BIG-IP Load Balancer Administration

Infoblox DHCP, DNS and IPAM (DDI) Administration, including automation of routine network tasks and streamlining network operations

Cisco Switch Configuration and Support (Catalyst/Nexus)

BGP, EIGRP and Static Routing Administration, Redistribution and Support

L2, L3, L4 best practices configuration and support (STP, VLAN, VRF, ZONES, etc)

Use of SolarWinds for Network Monitoring and Management

Firewall Administration using Cisco ASA 5585 and Palo Alto Networks PA-5060, including configuration, deployment and troubleshooting

4/15 – 8/15 Fenwick & West, LLP Mountain View, California

Sr. Infrastructure Engineer

Cisco Meraki Z1 / MX100 Appliance – Provide remote L2L connectivity for home user, as well as wireless services for branch offices

Cisco ACS Server Clusters – for Device Administration and Network Access

Cisco UCS Servers – Manager / Central – 5108 Chassis, B420 M3, 6248UP FIC

Cisco Nexus configuration 2200 / 5000 / 5600 / 7000 Switches – vPCs VDCs, VLANs, Port Security, Routing

Cisco Catalyst 3850 Stacks / 4500-X VSS clusters / 6500 Switches deployment

Cisco ASA Firewall 5500-X Clusters / Multi-contexts, Edge / Internal Security, VPN; IPS / IDS; WCCP

Palo Alto Firewall Edge Deployment for External Security

Cisco Wireless LAN Controller 5508 Cluster / 55 3206i APs / 3 WLANs

Cisco ASR 1002-X / 7206-VXR / 2951 Routers – (Border, Internet, OSPF ABR, WAN)

Cisco CUCM, CME, Unity Connection for VoIP management, v10.5

Cisco CUBE integration with CUCM and SIP trunk on Cisco IOS software

Cisco M170 Content Security Management Appliance

Dynamic Routing / Static Routing, VRF zones; P2P IPsec VTI with OSPF

Cisco OTV / LISP and VMware SRM for replication and disaster recover at colocation

Use of SSL Certificate profiles for VPN connection with Cisco Phones from the Internet

Use of network monitoring tools such as Solar Winds and PRTG Enterprise

RSA Authentication Management 8.1

Infoblox DHCP, DNS and IPAM (DDI) Administration

03/08 – 4/15 TIBCO Software, Inc Palo Alto, California

Sr. Network Engineer

Global support of remote office networks (switches, routers, firewalls, circuits)

Cisco Nexus 7K/5K/2K switch configuration and support (vPC, VDC)

Migration from Checkpoint to Cisco ASA 5585-X Firewalls in multi-contexts

Migrated Cisco Distribution switches from Cisco 6509 to 4509R+E

Setup and maintain global site-to-site IPsec VPN tunnels with Cisco ASA

Designed and implemented global DMVPN solution with hub ASRs and Spoke ISRs

SSL / IPsec Remote Access configuration & support on Cisco ASA with various security parameters and policies, including mobile and tablet support

Configuration of static & dynamic routing

Riverbed SteelHead for management and optimization of network and application performance

Wireless LAN Controllers & Access Points setup and support

Multiple integration projects of acquired companies

Support replication infrastructure from HQ site to DR site

Implemented VoIP w/auto QOS using Cisco Phones through Cisco switches

Setup VoIP Gateways on Cisco 2951 Routers

Setup of Cisco Sourcefire FirePOWER 3D8140 Appliance for IPS/IDS protection

Full infrastructure management, include mentorship and management of Jr admin

Complete re-architecture and design of network infrastructure

Cisco ASA 55XX Firewall & VPN Solutions; Migration from Juniper Junos Pulse SA-4000

Cisco Switches 3560G/4510R+E (VLANs/Port Channeling/Routing/Security)

Cisco Aironet 1250 Wireless APs / 2106 Wireless LAN Controller

Co-location setup for AD and Exchange database replication via site-to-site VPN

PROFESSIONAL ACCREDITATIONS AND CERTIFICATIONS

Cisco Certified Network Professional – 2015 (Routing and Switching)

Cisco Certified Network Professional – 2016 (Security)

Cisco Certified Internetwork Expert – In Progress (Enterprise Infrastructure/Wireless)



Contact this candidate