Security Engineer Call Center
Resume:
JON BACHA
SUMMARY
I have over ** years of experience as a network and security engineer/ administrator with advance knowledge of both Linux and Windows environments. I have extensive hands-on experience working with Cisco routers and switches. 10 years’ experience administering and building out enterprise level LAN and WAN networks with 8 years configuring and building out WLAN networks. 2 years working with HIPPA and PCI Compliance and standards. Ability to architect large-scale networks. Configured Routing protocols such as RIP, EIGRP, OSPF, BGP, static routing and policy-based routing. Experience with converting WAN routing from EIGRP/OSPF to BGP (OSPF is used for local routing only) which also involved converting from Point-to-point circuits to MPLS circuits.
TECHNICAL SKILLS
Firewalls: Firepower appliance 4100 &2100 .ASA 5585, Palo Alto 3050 & 2060, Panorama Firepower appliance 4100 &2100 .ASA 5585,, Checkpoint Firewall FW-1 & VPN-1, Cisco ASA-x 5555x with FTM, Pix Firewall, Juniper SRX 550
Networking: Cisco Nexus 9500 ACI Spine n N9300 leaf, Catalyst 9500, 9300, 4500xN7713 & FI 6248, N5548, CSR 1000, Juniper SRX & MX 400
Load balancer: F5 BigIP LTM & GTM, Cisco ACE, and Citrix NetScaler
Routing: Cisco Nexus 7000 IOS-XE, ASR1006, ISR4351 Catalyst 6509 & 6513, 4948-10G, BGP, OSPF, EIGRP, PfR, IS-IS
Security: Cisco ISE, NAC, posturing and profiling TACAS, radius, ACS, Cisco SourceFire, Firepower, Fortinet SEIM, Splunk, RSA SecureID & ACE,
OS: Linux -Redhat, Ubuntu, Windows2016, 2012R2, 2008 & 2003, LBSD, Solaris, VMWare
VoIP: ShoreTel, Asterisk, Cisco UCS & Call Manager 10.8, Unity, Call Center Express
Operating Systems: CentOS, Debian, Redhat Enterprise and cluster, Microsoft server 2012 r2, 2008 r2
Storage Area Network: NetAp, Pure SSD, Brocade fibre channel, HP Left Hand P4000, P2000, Compellent,
Hypervisors: VMware 6, 5.5, 4.1, MS Hyper-V 3, Citrix Applications:
Monitoring/Data Center Technologies/ APPS - Service Now, Wireshark, Solarwinds, Cisco Security Manager Suite, Sniffer, Ethereal, Orion, Remedy – VMWare, F5 Big-IP LB (LTM), Cisco AnyConnect VPN/Secure Client, Cisco Prime, Meraki Cloud-Based, SNMPv2c, SNMPv3, DNS, DHCP, FTP, Telnet, HTTP(S), SMTP, PTP, SFTP, RDP.
Security: SolarWinds
DevOps: Puppet & Chef, Nagios, Cacti, Jenkins, GIT.
Programming: Python, Ruby, java script, Drupal, PHP, Flash 10, ASP.NET, Ruby on Rails, C#, Objective C, iPhone API, ASP.NET, VB, UNIX Shell Scripting, C++, HTML, Perl and Python.
Database: MySQL, MS SQL 2008 & 2012, Salesforce SQL
Protocols: IPv4, IPv6, BGP, OSPF, IS-IS, VOIP, HSRP, GLBP, SNA, Cisco ACS, PKI, SSH, DECnet, Banyan, IPX/SPX. HTTP/HTTPS, SMB, NFS, SMTP, IMAP, DNS, NTP, SSL
Monitoring: Solar Winds 12, Nagios, Zenos, HP open-view, HP Insight Manager,
PROFESSIONAL EXPERIENCE
Ai River . Rpseville March 2024= Present
Network / Artificial intelligence Engineer
Design scale out GPU cloud for MS Azure link via 800 G infiniband
Provided Escalation Support for BGP and OSPF neighbor and route issues using Traceroute, Show and Debug commands along Protocol Analyzers such as wireshark
Palo Alto Network Firewall, Checkpoint Firewall, Cisco ASA, Tenable(Nessus), Net scope, Imperva, Akamai and F5 WAF, McAfee IDS/IPS, F5 Big-IQ/IP
Segra, North Carolina Sept 2022 to Feb 2023
Network Engineer
Migrated ASA firewall rules to PaloAlto FW permeter and segregated pod in ACI, built remote VPN for Splunk monitoring system to 3rd party’.
UC Davis – High performance Computing Facility Oct 2021 to July 2022
Network Engineer
Integrated 7 clusters into InfiniBand MPI fabric and bridge to Ethernet management network, integrated secure shell for VPN to batch schedulers.
Lead engineer on Real-time ticker project created an Multicast, Mellanox, and InfiniBand technology configurations inside entirely net new setup with the Data Center.
Independent Consulting Service - May2021 to Oct 2021
Regional network deployments Wan projects
Intel/Hynix memory divesture project isolating lab network
Integrated 7 clusters into InfiniBand MPI fabric and bridge to Ethernet management network, integrated secure shell for VPN to batch schedulers.
Leveraged cloud and GPU computing technologies for automated machine learning and analytics pipelines, such as AWS, GCP
Firewalled Intel IP from Hynix resources, isolated security Active director
Alluma Dec2020 to April 2021
Healthy Arizona – Migration to Cloud
Migrated Arizona insurance system to azure cloud including configuring Palo Alto firewalls and load balancers.built out Azure infrastructure for secure private access through VPN.
Independent Consulting Network/Engineer July 2019 to March 2020
MindBody migration datacenter to AWS infrastructure
Geographic DR site buildout for Sutter Health migrated ASA firewall rules to DR operations . iPS applisnce config on Firepower firewalls.
GDT, Irvine, CA Feb 2019 to July 2019
Consulting Network/Engineer
Designed new MPLS BGP VPN on Cisco 9500 and ASR for large enterprise
Upgraded datacenter core, extranet and security for cloud services
Implemented multi VRF BGP for network isolation and consolidation
Cisco, Costa Mesa, CA Feb 2018 to Dec 2018
Consulting Network/Engineer
Secured multi-tiered security levels and Internet facing DMZ with ASA 5585-x and 5555-x firewalls
Implemented IPS appliances including WSA-300.
Cisco Nexus 9500 ACI spine n leaf with APIC controllers
Cisco UCS & Nexus switch fabric Flexpod
NetApp 8060 FAS Storage
Catalyst switches 9500, 6509 VSS, 3850 smart stack.
Global WAN with VPN Cisco SD-WAN 40 site
Cisco ISE posturing & profiling, 802.1x
Firepower firewalls 4200 & 2100 and Sourcefire
New Age Creations, Santa Monica, CA Sept 2016 to Jan 2018
Consulting Network/Engineer
Palo Alto firewall and application filter deployments for client’s web farm builds.
Migrating datacenters
Lead engineer on the Real-time ticker environment project involving low latency infiniband technology design phase and implementation phases.
Cloud integration AWS and Azure
Lead engineer on EWDC migration project the team successfully designed, planned and built new data center and performed migration within 12 months’ time frame. Technology included Internal BGP routing, multicast IP routing, low latency DMZ InfiniBand, Cisco ACI Data Center Core Spine/Leaf configurations, Virtual Fortinet
Firewalls multiple VDOMs. EBGP routing to WAN ASR Routers with full redundant WAN Diversity.
Container and continuous deployment implementations
BJ’s Restaurants, Huntington Beach, CA May 2016 to Sept 2016
Network/Security Engineer
Palo Alto NG 3050 Firewall upgraded, Panorama
Cisco Flexpod infrastructure including Cisco UCS – 5108 and 6248
NetApp – Fiber Channel, Ontap 8.2 2 HA racks, Pure SSD 2 clusters
Cisco Nexus 5548 and 6248 core
Cisco ACS and ISE
200 site MPLS WAN Cisco and Fortinet protection
Spearheaded meetings & discussions with team members regarding network optimization and regarding BGP issues.
Worked extensively with Infiniband technologies including OpenSM, Pkeys (parition keys), ib over ip, multicast groups, and all that emcompass supporting the architecture.
Responsible for designing and maintaining BGP and EIGRP Wan Protocols for Network Infrastructure.
Upgraded Solar winds monitoring NPM, Net flow, snmp. SQL database migration
VMware upgrade to vSphere 6 migration
Windows Server upgrades and MSSQL administration
New Age Creations, Santa Monica, CA July 2013 to April 2016
Network Systems Engineer
Customized Solar winds monitoring NPM, Net flow, SNMP, custom MIB
Network install and support of Cisco switch and router infrastructure. IWAN deployment and Voice QOS.
Cisco UCM suite, Unity, Presence, Call Center Express on UCS mini.
Experience with manipulating various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
Working with OSPF as internal routing protocol and BGP as exterior gateway routing protocol.
Secured network with Cisco firewalls and intrusion detection. Administered Linux and VMware infrastructure for fault tolerance and load balance.
Chef automation integrated into operations.
Customized VPN secure links between sites and implemented load balancing on BigIP LTM and GTM.
WestCoast Dental, Los Angeles, CA Sept 2012 to May 2013
Network Administrator
Deployed Solar winds monitoring NPM, Net flow, snmp, custom MIB, replaced Zenoss
Managed 30 site MPLS WAN conveying integrated VOIP and database applications.
Generated server infrastructure for Data Mining for patient data and production. Managed email system and spam filtering. Generated email/IM marketing server. Migrated windows and Linux servers to vSphere 5.1.
Hosted on UCS Blades.
Implement OSPF routing with multiple areas for networks between sites. Implement stubby areas to lower the system resource utilization of routing devices for the network. Implement NSSA area to allow injection of external routes into the area and propagation into the OSPF domain.
Shared storage on HP Left Hand SAN OS. Upgraded to Cisco Nexus 5548 core and 2248 FEX top of rack config with 4924 routing MPLS regional WAN.
Splunk data mining implementation.
Cisco ACS - network security
New Age Creations, Santa Monica, CA July 2011 to Sept 2012
Network Systems Engineer
Ecommerce high volume networks support and design. Network with Cisco 6509 cores.
UCS Blade servers and VoIP admin, Nexus 6248
Involved in the redistribution into OSPF on the core ASA firewall.
Performed redistribution with OSPF, EIGRP to enable communication with backbone.
Performed RIP and OSPF routing protocol administration.
Implemented various OSPF scenarios on networks
United Layer Los Angeles, CA Oct 2010 to July 2011
Network/Facilities Technician
Monitored with Nagios and maintained tier 1 peering Cisco network and implemented IPv6 dual stack throughout internal and customer facing IPv6 networks.
Cisco UCM suite on UCS via VMware hypervisor
Operated Cisco 10Gigabit backbone on 6509 and 4548x switches layer 3 with 10Gigabit East and West Coast peering exchanges. Maintained F5 Big Ip & Foundry load balancers, for geographic dispersed hosts. Operated multi-site collocation facilities and managed server products at the Los Angeles datacenter.
Responsible for Linux system administration for internal systems and managed server support. Provided technical support for cooling (CRAC) system and set up monitoring system in Nagios and Cacti. Integrated Salesforce into corporate operations.
Created and tested Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs.
Configuring RIP, OSPF, EIGRP and Static routing on Juniper Routers
Cisco ACS.
All Tech Industries Santa Monica, CA Jan 2007 to Oct 2010
Technology Engineer
Upgraded to Cisco Nexus infrastructure for 10G.
Built and administered Redhat and Windows server infrastructure in VMware.
Designed nation wide area networks with ISR, with tier 1 carriers secured via IPSec VPN.
Managed several client data services and network infrastructures.
Led development of commercial internet presence utilizing ASP.net and AJAX interface to database driven content.
Designed Flash based interactive brochures and movie players.
Built PHP based surveys and dynamic searches technical based resources.
Developed MySQL database storage of user data and match for searches. Secured network against intrusions and maintained service uptime.
Cisco ACS
Whittier Presbyterian Hospital, Whittier, CA Jan 2006 to Aug 2008
Network Security Engineer
Provided troubleshooting for Cisco Call Manager suite and 5000 VoIP phones network. Conversion from terminal to web interfaces to medical resources.
Utilizing C# and ASP.net connecting with MSSQL data process billing calculations. Maintained Two factor remote access system for doctors and remote sites.
Maintained the RSA SecureID authentication system for VPN. Maintained Cisco Concentrator 3000 cluster for ACL and group policies.
Configured centralized Wireless Area Networks access control list and user management system.
Computax, Torrance, CA Aug 2005 to Jan 2006
Network Security Engineer
Implemented two factor remote access system for developers. (RSA) Created web interface to financial calculations. Maintained the firewall security and VPN access.
Maintained the RSA SecureID authentication system for VPN. Maintained Cisco Concentrator 3000 cluster for ACL and group policies.
Configured dynamic ACL and streamlined access with ACS.
Handled transition of firewall and router infrastructure to new datacenter.
Configured centralized Wireless Area Networks access control list and user management system. Maintained Cisco catalyst switches and configured VLAN’s for readdressing entire enterprise network.
Utilized routes summarization to accommodate new subnets into the core environment.
Conexserv, Santa Monica, CA Feb 2003 to Aug 2005
Network Security Engineer
Environment: Cisco, CAD, VPN, MS SQL
Engineered fault tolerant networks for schools and hospitals. Led teams on infrastructure installations and designed configurations to meet customer expectations.
Small Project management of several the installations and maintenance of Windows network systems and desktops.
Configuring and supporting Microsoft Office suite, Visio and AutoCAD. Constructed and configured Intel and AMD workstations for high-performance computing and AutoCAD design.
Maintained VPN access on Checkpoint using ACE RSA authentication via two factor SecureID and secured network with PIX firewalls for legal practices and real estate management firms.
Administered and designed internet-based commerce services for retail stores. Securing purchasing process and credit card verification using SSL and incorporating extranet VPN for suppliers.
Installed print server for user groups on Cisco switches and AP’s.
Designed MS SQL and ASP.NET programming for IE browser-based interface.
Multiple contracts providing comprehensive remote and on-site support for domestic and international clients.
Provided network design documentation on Visio and RFC for new implementations. Designed inventory database for Film storage vault.
LA Unified School District Los Angeles, CA Aug 2002 to Feb 2003
Network Engineer
Led team on implementing 'fiber to desktop' project district wide. Cisco switch infrastructure implemented including 500 stackable multi-layer switches. Models: Cisco 6509 & 2950
EarthLink, Pasadena, CA Feb 2001 to Aug 2001; Aug 2000 to Feb 2002
Network Engineer
Lead team on operational support of very Network monitoring large internet service provider access network with Netcool snmp agent. Cisco Coded PHP and Perl scripting of monitoring and maintenance enterprise equipment. Mentored technical team in troubleshooting and monitoring network infrastructure in ISP setting. Maintained very large Oracle customer database. Oracle Designed and implemented customer call- center support procedures and customer network design strategy for sales and marketing teams. Maintained largest west coast datacenter with over 1 million dial access and broadband users. Supported Nortel and Cisco access servers. Installed and supported multi-homed BGP peering with all tier 1 carrier over OC 48 at OC3 and DS1 levels.
Mahoning County Commissioners, Youngstown, Ohio Jan 1997 to May 1999
Network Engineer Infrastructure Liaison
Obtained federal/state grants to fund internetworking several agencies and local law enforcement. Installed data wiring and switch equipment to handle sharing criminal database via Windows network. Project manager for VPN linked database of law enforcement records agencies for sharing criminal history data on MS SQL server.
EDUCATION
Bachelor of Arts Geographic information systems, University of California Santa Barbara, Santa Barbara, California – (Graduated)
CERTIFICATIONS
CCNP (In progress)
Cisco Certified Network Associate
VMware Certified Professional
Microsoft Certified Solutions Expert
Contact this candidate