Lammy D. Le

***** ***** ***** *****

Aldie, VA **105

advm8s@r.postjobfree.com

571-***-****

EXPERIENCE:

United States Department of Labor, Washington D.C. Senior Network Engineer (Contractor under MindPetal), June 2020 - April 2021 Senior Network Engineer (Contractor under Spectra Infosystems Inc.), September 2019 – May 2020

• Performed network operations, administration, maintenance and management services to the U.S. Department of Labor’s (DOL) enterprise network infrastructure in the areas of L2 and L3 routing/switching, virtualization, network assurance, security, automation, and architecture

• Administered, configured, implemented and managed 8021.X/ISE in the areas of authentication/authorization policy enforcement, wired/wireless 802.1X network access, Central Web Authentication (CWA) and guest services, end- point profiling services, and network access device administration

• Administered, configured, implemented and managed Cisco wireless and mobility solutions in the areas of endpoint connectivity to AP, AP connectivity to WLC, WLC connectivity to ISE, 802.1X-Radius-EAP-TLS integration, WLANs, and FlexConnect

• Planned, deployed, and monitored upgrades of the enterprise wide-area network (WAN) circuits and networking hardware and services

• Performed automation of network hardware’s software image and configuration management; monitored/reported network fault/performance/availability; generated diagrams and documentation of network discovery and mapping

• Provided up to tier 3 network OA&M support involving but not limited to the following protocols, hardware, and ser- vices:

IPv4/IPv6, OSPF, EIGRP, BGP, STP, FabricPath, StackWise, CAPWAP, WCCP, SSL/TLS/AnyConnect VPN, 802.11, 802.1X, EAP-TLS, RADIUS/TACACS, PKI, VoIP, QoS, ACL, NAT Light Weight Access Points (LAP), Cisco 8540 Wireless LAN Controller (WLC), Cisco Identity Service Engine (ISE), Cisco 5585 Adaptive Security Appliance (ASA), Cisco 3850/4500/6500/9300/9500s Catalyst Switches, 2000/5000/7000 Nexus switches, Cisco ISR routers, and Riverbed SteelHead appliances, Cisco DNA Center, So- larwinds, Splunks, and Cisco Web Security Appliance (WSA) Verizon Communications, Ashburn, VA

Principal Network Engineer, September 2017 - March 2019

• Acting Principal Network Engineer of Verizon’s Government Network Operations and Security Center (GNOSC) team that provided tier 3 network operational service to over 25 federal government agencies and over 10 commer- cial customers’ any-to-any WAN IP connectivity over Verizon’s global MPLS-based IP VPN service

• Acting Principal Network Engineer under Verizon’s Advanced Technical Service (ATS) team that provided tier 3 net- work operational service to over 25 federal government agencies’ Internet connectivity with cybersecurity compli- ance via Managed Trusted Internet Protocol Services (MTIPS) program and Verizon’s Trusted Internet Connections

(TICs) service

• Managed and remediated network/security incident and problem events involving but not limited to performance, routing/security policies, quality of service (QoS) and service-level agreement (SLAs), hardware and software man- agement, protocols and application connectivity services, cross-functional communication and collaboration

• Reviewed and assessed vulnerability scanning reports and security advisories; adhered to security compliance and governance by implementing required software patches/updates, workarounds, and recommenced fixes; applied router and switch hardening for protocols and network services

• Provided supplemental support and services such as but not limited to report and documentation production, manu- al network discovery and network diagram publication, design/configuration review and recommendation, cus- tomer’s site turn-up, network/security standardization deployment, technical training and knowledge transfer, code/ configuration review and testing

• Provided tier 3 network operational support to a network infrastructure size of over 2,000 routers with protocols and services comprising but not limited to MPLS, BGP, OSPF, EIGRP, VRF, Spanning-tree, FabricPath, SIP, IPsec, QoS, multicast, DMVPN, GRE, mGRE, IPv4/IPv6

Time Warner Cable, Herndon, VA

Senior Network Engineer, September 2015 – January 2017 Senior Network Engineer (Contractor under Apex Systems), December 2014 – September 2015

• Acting Senior Network Engineer and technical lead of Time Warner Cable’s Enterprise Network Engineering team that provided design, testing, deployment, and implementation support of three network data centers to the Enter- prise Network Operations team

• Performed manual discovery and reverse-engineered undocumented data center networks’ user service, applica- tion delivery, ethernet infrastructure, storage infrastructure, compute connectivity, network security and published discoveries into documentation and network diagrams

• Produced technology design and solution design guides in order for the Enterprise Network Operations team to configure and deploy data center, upgrade and migrate legacy data center networkings, application delivery, ether- net infrastructure, storage infrastructure, compute connectivity, network security

• Built and managed network lab to test solution design, command-line configuration, code upgrade, code function, hardware compatibility and performance

• Acting network engineering lead throughout the life-cycle of large projects to build new enterprise data center and to upgrade legacy data centers which involved but not limited to migration from classical spanning-tree to FabricPath protocol, hardware migration from Brocade switches to Cisco Nexus switches, local migration of hosts/servers from legacy to new network infrastructure, remote migration of hosts/servers from legacy to new data centers, ameliora- tion of redundancy, bandwidth, and convergence between network-to-network and network-to-host connectivities

• Provided tier 3 assistance to the Network Operations team with network/security incident and problem events re- mediation involving but no limited to routing, switching, host/server connectivity, application delivery, performance, routing and security policies

• Provided network engineering support and services involving but not limited to the following protocols, hardware, and services:

500+ Cisco switches (Cisco Nexus 7000s, Nexus 5500s, Nexus FEX 2000s, etc.), 50+ Juniper SRX3600 firewalls, F5 Load Balancers, BGP, OSPF, FabricPath IS-IS, vPC/vPC+, Spanning-tree, IPsec, data center interconnect with MPLS VPWS/vPC

Pennsylvania Office of Administration, Harrisburg, VA Network Engineer / Security Analyst (Contractor under IDC Technologies), July 2014 – October 2014

• Worked with Pennsylvania Office of Information Technology management to validate network and security designs submitted by vendors

• Worked with Pennsylvania Office of Information Technology staff at all levels to assist with the adaptation of the policies and standards associated with implementing a new network infrastructure

• Researched and evaluated emerging IT technologies and practices and develop strategies and implementation plan for large enterprise data centers

Navy Federal Credit Union, Vienna, VA

Information Security Analyst / Senior Network Engineer, November 2005 – November 2012 Senior Network Engineer (Contractor), August 2000 - June 2002

• Member of the Incident Handling team on detecting, responding, and resolving information security incidents, in- trusions, and threats by analyzing and correlating events data from but not limited to McAfee IDS system, Blue- Coat ProxySG web gateway, FireEye malware system, NetFlow & network traffic, and ArcSight SIEM

• Reviewed vulnerability and penetration testing assessments in order to define strategic procedures for enhancing or adding security controls, fortifying network and system design or operation, and security awareness training

• Designed, deployed, and administered ArcSight ESM, ArcSight Logger, and ArcSight Connector appliances in the area of Security Information & Event Management (SIEM); developed use cases and designed event correlation rules in order to strengthen security posture and mitigate security risks; installed and configured SmartConnector agents across enterprise systems; managed event collection flows, assets/classification, filtering, and reporting & alerting

• Administered and managed Blue Coat ProxySG system (reverse and forward proxies) for web requests and re- sponses; managed enterprise policy controls and web access; ensured content filtering and detection of malicious payloads (malware & virus); managed session’s authentication and authorization with Windows Active Directory; filtered malicious and suspicious sites

• Designed, deployed, and managed Imperva SecureSphere system for agent-based and network database activity monitoring; conducted risk analysis and applied appropriate configurations to secure sensitive data; audit and monitor database privilege level access; streamlined compliance requirements and event collection across multi- vendor databases

• Provided assistance to administering and tuning the IDS’s performance; co-authored IDS rules and crafted packets for rule parsing; evaluated and analyze IDS’s signature rule parsing capabilities against known vulnerabilities and exploits; investigating and remediating false positives and false negatives

• Integrated and administered Cisco routers and switches with CiscoWorks system for inventory management, con- figuration management, reporting, syslog monitoring and troubleshooting

• Integrated and administered Cisco routers and switches with Cisco ACS system in conjunction with TACACS+ for centralized auditing and device management in the areas of authentication, accounting and authorization

• Coordinated and collaborated with firewall and security engineers and various IT departments to resolve data con- nectivity issues or to define new connectivities with emphasis on access controls and threat prevention

• Implemented router-to-router GRE over IPSec VPN and L2TP over IPSec VPN across the Enterprise WAN and Internet for protecting IP communication sessions by ensuring data origin authentication, data integrity, and data confidentiality

• Proactively monitored and enhanced the alerting process for detection of network faults, performance degradation, security anomalies, and intrusions; produced analysis reports on discoveries in order to provide recommendation on capacity planning, network optimization and mitigation of security risks

• Managed IT projects from conception to completion which encompassed the scope, baseline, roles/resources, milestone, deliverables, risk management, quality assurance, and communication

• Installed, configured, and deployed Catalyst 6500s, Catalyst 3500s, and Catalyst 2900s switches for the CAMPUS and MAN infrastructure encompassing the Core, Distribution, and Access layers

• Provided administration, operation, and maintenance of the network lab for product evaluations, proof of concepts, configuration management control, and transition of pilot test deployment into production

• Configured Cisco routers and switches for CAMPUS, MAN and WAN network interconnectivity by applying but not limited to EIGRP, HSRP, 802.1D PVST, 802.1w RPVST, VTP, 802.1Q trunking, EtherChannel, and VLANs

• Integrated and supported connectivities for VMware vSphere virtualized data centers to Cisco Catalyst switches

• Deployed and configured perimeter routers for network interconnectivity between Internet service providers and internal or DMZ networks by applying but not limited to BGP and access control lists

• Procured networking infrastructure hardware and software for capacity planning, network expansions, upgrades, strategic projects, and hardware maintenance

• Engaged in tier I, II, and III network operation support for high level SLAs requirements and continuance of busi- ness functionality in a 24X7 environment covering LAN, CAMPUS, MAN, and WAN networks

• Worked with the NOC to deploy new installation, upgrades and/or decommissioning of network equipment, and servers; coordinated and collaborated with technical groups and vendors for configuration management and trou- bleshooting while minimizing network interruptions and downtime

• Migrated Corporate’s wide IBM Token Ring networks running IPX/SPX protocol to Cisco GigabitEthernet\ FastEth- ernet networks running TCP/IP; the projects life cycle spanned 5 years due to the size and complexity of the Cor- porate networks

Time Warner Cable, Herndon, VA

Network Engineer (Contractor), July 2005 – November 2005

• Architected, installed, configured, and deployed Catalyst 6500s and Catalyst 3500s switches for CAMPUS in- frastructure encompassing the Core, Distribution and Access layers

• Configured Cisco switches for CAMPUS network interconnectivity by applying but not limited to 802.1D PVST, VTP, 802.1Q trunking, EtherChannel, and VLANs

• Managed and administered essential network services and applications for DNS, DHCP, Windows 2000 Domain Controllers, Print servers, and File servers

• Engaged in tier I, II, and III network operation support for high level SLAs requirements and continuance of busi- ness functionality in a 24X7 environment

• Managed IT projects from conception to completion which encompassed the scope, baseline, roles/ resources, milestone, deliverables, risk management, quality assurance, and communication United States Department of Education, Washington D.C. Network Engineer (Contractor), February 2005 – July 2005

• Inter-connected routers and switches using OSPF, ISL/802.1Q trunking, VLANs, EtherChannel and T1s during upgrades of remote sites

• Configured and implemented QoS on Cisco switches for VoIP

• Modified and edited security policies on the PIX firewalls to deny or permit traffic in and out of the DMZ

• Provided troubleshooting and assessment of routers and switches’ operations, functions, and connections

• Monitored, analyzed, and managed all aspect of the network infrastructure by employing CiscoWorks and SNMP

• Member of the NOC team to deploy new installations, upgrades and/or decommissioning of network equipment; coordinated and collaborated with technical groups and vendors for configuration management and troubleshoot- ing while minimizing network interruptions and downtime United States Department of Agriculture, Washington D.C. Network Engineer (Contractor), December 2003 – February 2005

• Member of the NOC team engaged in providing tier I and II operational support of LAN and MAN switching net- works

• Deployed and upgraded access layer Cisco switches for network expansion and high performance requirements

• Performed Cisco IOS software upgrades and provisioning for all switches and routers in the LAN and MAN net- works

• Applied 802.1D PVST, VLANs, VTP, 802.1Q trunking protocols for Layer 2 switching connectivity

• Conducted proof of concept for testing remote dial-up connectivity to Cisco routers

• Developed and composed documentations and diagrams for all levels of the network infrastructure and services

• Installed and ran copper and fiber cables for the interconnection of routers, switches, servers, and various networking equipments

EDUCATION & CERTIFICATIONS:

CEH EC-Council Certified Ethical Hacker

CCNP Cisco Certified Network Professional – Routing and Switching ITILv3 Information Technology Infrastructure Library Strayer University, Studies in Information Technology Northern Virginia Community College, Studies in Information Technology Computer Learning Center, Studies in Microcomputer Systems and Electronic

Contact this candidate