Information Security Data Center
Resume:
Reginald Knox
*****.******@*****.*** 704-***-****
Summary
IT professional with multiple years of professional and progressive technical experience in:
Design/project implementations
Administration/service requests
Escalation support/ticket resolution
Analysis and troubleshooting of various technologies
Includes proficiency in routing, routing protocols, switching, security, firewalls, voice, wireless and data center technologies.
Education
Bachelor of Science Network and Information Security 2019 ECPI University Charlotte, NC
Certifications
Technical Skills
WAN/Routing Technologies - BGP, MPLS, OSPF, EIGRP, Route-maps, Prefix-lists, ACLs, Static Routing, Stub Routing, IPv4/6, ARP, TCP, UDP, NAT/PAT, Cisco ASR 1004/1002-HX/1001-X, ISR4451/3845/2851, Cisco IOS XRv, Meraki MX 450/100, Juniper SRX 340/210, Juniper vSRX, Cisco IOS XE, JunOS.
Datacenter/Core Switching Technologies –VPC, VXLANs, VSS, Stack Wise, HSRP, VRRP, VLAN Trunking, SVI, Port channel, STP, VTP, Port fast, BPDU Guard, UDLD, F5 Big-IP load balancers, LTM, Nexus 9K/7K/5K/3K/2K, Catalyst 6500/4500/3850/3750X, Meraki 410/210/220, Juniper EX4200/2200, DHCP, CDP, ACL, QoS, SFP+, QSFP, NX-OS, IOS XE, JunOS, SolarWinds, Wireshark, Cacti, Nagios, Remedy, SNMP, DNS, SSH, FTP/SFTP
Security/Firewall Technologies - Cisco ASA 5555-X/5508-X/ASAv/5510, Meraki MX 450/100, Cisco IPS/IDS, Cisco ISE, Juniper SRX 340/240, Juniper vSRX, Palo Alto 850/220/VM, ACLs, SSH, IPSecVPN, SSLVPN, MPLSVPN, AAA, TACACS+/RADIUS, 802.1x Authentication, Port Security.
Wireless/Branch Technologies - Cisco WLC 5500/3504, Cisco vWLC, Cisco 3702i/1852i/3602i/1142 APs, Cisco Meraki MR 42/33/20 APs, Cisco ISE, TACACS+/RADIUS, 802.1x Authentication, 802.11, WLAN, WAP, SSID, LWAPP, SMTP, VoIP/SIP, QoS, CUCM, UCCX, AWS, Cisco Meraki Cloud-based Dashboard, UPS & PDUs. Technical Accomplishments
Security/Firewall
Configured ISE to provide AAA services to enterprise network, 802.1X authentication for wired and wireless access to networks. RADIUS server implementation.
Access switches, WLAN controllers configured as 802.1X authenticators to relay endpoint credential information on to ISE for processing, including the use of a various VLANs based on business needs.
Viewing connection logs in ISE. Ticket resolution and change requests; more extensive changes require scheduling during periods of low network utilization, and users will need to be informed in advance if they will experience a change in behavior.
Deployed and Maintained Cisco ASA 5500 series firewalls including Security Levels, Zones, NAT, ACLs, and Active/Standby HA. Also, implemented NGFW features such as URL filtering and other IPS/IDP functions.
Managed an IPSec Site-to-Site VPNs between Cisco ASA5500s at Main Office and Cisco branch ISR specifying IKE Policy, encryption and authentication protocols, access-lists to define VPN traffic, transform sets and crypto-map. Have used both Certificates and Pre-shared Keys.
Deployed Zone-based Firewalls on Juniper SRX along with IPS/IDS features and on Cisco ISR.
Configured port security, DHCP snooping, and IP ARP inspection for access switchport hardening.
Deployed SSL VPN (WebVPN for secure, remote-access VPN tunnel to the Cisco ASA 5500 series for clients. WAN/Routing
Deployed and Supported eBGP & iBGP peering using directly connected networks and loopbacks, ebgp-multihop for MPLS and BGP Multihoming. Managed BGP Peer groups, PREFIX-LISTs, ROUTE-MAPs.
CCNP - R&S Cisco Certified Network Professional – Routing & Switching
CCNA - HO Cisco Certified Network Associate – Hands-On
CCS - EAII Cisco Certified Specialist - Enterprise Advanced Infrastructure Implementation
Security+ CompTIA Security+ ce
FSE / EWS Firewall Security Engineer / Enterprise Wireless Specialist
Implemented both single area and multiple area OSPF routing. Also implemented stub areas to lower system resource utilization of devices. Utilized link and area authentication to improve security for OSPF neighbors.
Provided Escalation Support for BGP and OSPF neighbor and route issues using Traceroute, Show and Debug commands along Protocol Analyzers such as Wireshark.
Deployed WAN infrastructure Branch to HQ and Datacenter utilizing MPLS and IPSec VPNs.
Implemented EIGRP routing on Cisco ISRs and ASAs. Implemented EIGRP MD5 between sites to prevent unauthorized insertion of routes into the domain.
Implemented manual EIGRP route summarization to reduce demand on CPU resources, memory, and bandwidth used to maintain the routing tables.
Scheduled, upgraded, and maintained recommended SW/firmware for IOS and JunOS devices. Datacenter/Core Switching
Managed Stack Wise &Stack Power, VSS on Catalyst, VPC on Nexus, and MLAG on Juniper for Device Redundancy. Implemented Switching utilizing VLAN & trunking using 802.1q.
Managed VTP with transparent mode, Managed RSTP/STP on Cisco and Juniper switches and priority for root election. Managed port fast, bpdu guard, UDLD. Implemented SVIs for VLANs with HSRP, GLBP and VRRP for gateway redundancy on dist. switches.
Implemented Datacenter focused Nexus Switching utilizing NXOS with features including, vPC, Fabric Extenders (FEX), Fabric Path and VXLANs. Familiar with SFP, SFP+, QSFP and Optical and copper-based cabling. Implemented F5 Big IP Local Traffic Manager (LTM) for load balancing Web based applications. Wireless / Management / Monitoring
Implemented Wireless network infrastructures utilizing Cisco WLC with Flex connect as well as Cisco Meraki APs using Cloud based Dashboard. Deployed 802.1X port authentication for Wireless utilizing Cisco ISE.
Implemented secure access such as SSH, AAA, Radius, TACACS+ to vty and console ports along with SNMP. Managed SNMP, AAA, TACACS+, Radius, NetFlow, Syslog for authentication, logging and management.
Utilized Nagios XI, SolarWinds Orion NPM, CACTI monitoring and graph traffic. Widely used Wireshark for troubleshooting and analyzing traffic flow including HTTP and other network traffic. Professional Experience
Blue Cross Blue Shield Nov 2020- Present
Network Engineer
Viptela SD-WAN Deployment. Team lead for deployment, worked with the team of network engineers to design and implement industry leading SD-WAN infrastructure to provide secure, carrier-independent WAN connectivity across the enterprise.
Responsible for gathering information, analyze information and troubleshoot various network problems
Configuration and troubleshooting of IPSEC site-to-site VPNs
Certificate Renewal using Venafi to push certificates via Venafi for all devices in our Network
Troubleshooting issues F5 big IP, Palo Alto, NetScaler, Solar Winds, nexus switches, catalyst switches, Cisco etc Lowes Feb 2020 – Oct 2020
Network Engineer
Team member to a professional team responsible for escalation support, planning, implementation, configuration, maintenance, testing, ticketing and support
Troubleshooting for various LAN/WAN network infrastructures and administered Cisco switches, routers and firewalls, Palo Alto, F5 Big-IP, Cisco ISE and Ansible
Visualization and documentation skills using Ansible
General responsibilities included but not limited to all design/implementation of all network technologies, day to day senior administration, tier 2/3 escalation support and proactive network analysis and timely communications with relevant technical and non-technical teams, management and third-party venders and has a strong understanding of Layer 3 protocols (MPLS, EIGRP, BGP)
Professional responsibilities include documentation, software, vendor relations, following corporate policies and procedures and scheduling as needed reports to management. CompuCom Aug 2019 – Dec 2019
Network Engineer
Member of a global technical team responsible for day to day management of 24/7 mission critical technologies including scheduled and as needed administration, escalation support and troubleshooting
Additional responsibilities proactive monitoring, planning and implementation, technology research/analysis and acting as tech/project lead on key activities/tasks based on mandated change management process and SLA. Velocitor Solutions Feb 2018 – Aug 2019
Junior Network Engineer
Member of a team of professionals responsible for administration/service requests, Tier 2/3 escalation support/ticket resolution.
Troubleshooting in an enterprise LAN/WAN environment for datacenters, corporate, and WAN links.
Planned and implemented large scale deployments and technologies in network environment include but not limited to Cisco routers, switches, security firewalls, Palo Alto, voice, wireless, Layer 3 protocols (MPLS, EIGRP, BGP) and related technologies along with various server/application administration, and remote setup. AT&T Jan 2001 – Aug 2016
Network Administrator
Member of a team responsible for administration and support of 24/7 mission critical technologies that include but not limited to installation, configuration, escalation support and troubleshooting
Implemented F5 Big IP Local Traffic Manager (LTM) for load balancing Web based applications
Deployed 802.1X port authentication for Wireless utilizing Cisco ISE
Deployed and Maintained Cisco ASA 5500 series firewalls, routers and switches including Security Levels, Zones, NAT, ACLs, and Active/Standby HA
Additional responsibilities included conducting root cause analysis on key technical issues and project planning to determine key activities, performance metrics and deadlines.
Technologies in network environment include but not limited to routers, switches, security firewalls, Palo Alto, voice, wireless and related technologies along with various server/application administration, and remote setup and Layer 3 protocols (BGP, EIGRP, MPLS)
Project: 5G Mobility Network Support
7x24x365 NOC environment
Troubleshoot, diagnose and repair transport providers
Report issues to various carriers through ticketing systems and phone
Support routed networks including hardware, software, protocols, provisioning and troubleshooting
Utilize enterprise tools for day-to-day operations (AOTS-M, CM)
Technologies: Fiber transport systems, SFPs, Telco Transport systems (DWDM), RAN transport, OSPF, BGP, IS-IS, Juniper, Core Networks, TIRKS, Word doc, Granite
Contact this candidate