Systems / Network Engineer

David Lai

Top Secret Clearance, CCNA, Cisco Firewall Specialist, Cisco NAC Specialist

*** ****** *******, ******, ** 78108-3038

cell: 210-***-****

work: 210-***-****

**********@*****.***

Professional Summary

* Seeking Network / Firewall Engineering positions in Middle East or other OCONUS Danger Zones

* 9 years of experience in IT industry to include Network, LAN/WAN, Routing/Switching, Firewall, and VPN engineering

* Able to bring insight to provide pros and cons in network engineering decisions and projects

* Seeks to provide lasting solutions that solve core challenges and that scale with changing organizational needs and size

* Able to forge through and see to completion various network engineering projects in parallel

* Cisco Certified Network Associate (CCNA), Cisco Firewall Specialist, Cisco NAC Specialist

* Top Secret Clearance

Lockheed Martin

Brooke Army Medical Center (BAMC), Ft. Sam Houston, Texas, Apr 2007 – Present

Senior Network Engineer / Firewall Engineer

* Maintain security posture of the BAMC's network through engineering and daily administration of the hospital's Cisco Firewall Services Module, BlueCoat, and IronPort web proxy / filter, ultimately controlling all traffic between BAMC and other US military hospitals around the globe.

* Oversee operations of BAMC's Network Engineering Branch which provides networking services to Army's premier medical facility totaling over 8,000 networked devices and over 1 million square feet.

* Responsible for the integration of a total network including the planning, design, installation, maintenance, and management of the LAN/WAN.

* Establish configuration, design, engineering, and implementation best practices/policies/sop in accordance with operational requirements and consideration for future stability and scalability.

* Provide network engineering consultation to BAMC in medically-related IT implementation & integration projects, as well as BRAC-related network expansion projects.

* Provide forensic analysis to solve wide variety of issues to include general communications issues, access issues, and security-related issues through use of logs, packet sniffers, and protocol analysis.

* Conduct testing of network design and engineering solution in lab environment prior to implementation into production network.

* Manage BAMC’s “slash /17” public IP address space, its related subnets, and VLAN structure to facilitate hospital's IT expansion projects, while ensuring maximum stability and scalability.

* IP Multicast engineer for BAMC when engineering hospital's network to provide fully redundant multicast capability to support new Draeger patient monitoring systems (critical system).

* Proposed new network design solution & interim solution for BAMC's network to address limitations of the hospital's current “collapsed” Core/Distribution layer design (design has been approved by management & third party expert from Cisco).

* Research change proposals to determine potential effects on incumbent running infrastructure and services.

* Research and provide specific detailed information for hardware and software selection, implementation techniques, and tools for the most efficient solution to meet business needs, including present and future capacity requirements.

* Maintain technical expertise in all areas of network and computer hardware and software interconnection.

* Evaluate and report on new communications technologies to enhance capabilities of the network.

* Lead engineer in design and integration of Cisco NAC (Network Admission Control) with BAMC's network in wired, wireless, and VPN environments.

* Monitor the health of all mission-critical network components, servers, and applications via NMS systems and troubleshoot faults and issues as they arise.

* Mentor staff engineers on network engineering best practices and fault isolation / troubleshooting methodologies.

TEKsystems

Multimax, Camp Pendleton, CA, 09/2005 – 10/2006

Network Engineer

* Provided network engineering services to the Navy Marine Corp Intranet (NMCI) on Camp Pendleton Marine Corp Base.

* Supervised daily operations ticket queue. Prioritized and assigned tickets to field engineers while providing them with remote assistance, motivation, and on the job training.

* Prepared, configured, and installed Cisco multilayer switches while ensuring 100% functionality with existing network infrastructure, ie. ensuring no switching loops and correct root bridge assignment.

* Assisted EDS security group in tracking and locating IT assets flagged for nefarious activities.

* Surveyed sites and network closets for necessary Fiber and CAT-5 infrastructure required for successful implementation of new NMCI Cisco switches and workstations.

US Navy

03/2001 - 03/2005

Information Systems Administrator

* Administered ship's Windows NT domain controller, server, and Exchange email server.

* Responsible for ship's NIPRNET and SIPRNET networks.

* Responsible for ship's WAN connectivity via INMARSAT (international marine satellite) when underway at sea and via pier fiber when in port.

* Upgraded ship's network from daisy-chained hubs to a fully switched LAN.

* Performed maintenance and troubleshooting services for ship's LAN and all attached network devices.

* Administered all IAVA software security patches and configurations on ship's networked devices and networking devices.

* Provided training to staff on troubleshooting and fault isolation methodologies.

* Maintained ship's NIPRNET and SIPRNET Cisco 2600 routers running OSPF IP routing protocol

Technical Knowledge / Experience

* Cisco IOS, TCP/IP, Cisco PIX Firewalls, Cisco ASA Firewalls, Cisco Firewall Services Modules (NAT/PAT/ACLs), Cisco 6500/4500/2950/2960/3550/3560/3750 switches, Cisco 2600 routers, Cisco AAA TACACs Server, Cisco IronPort web security-gateway, BlueCoat web proxy, IPSec VPNs, SNMP, 802.1D, 802.1s MST spanning-tree protocols, 802.1q Trunks, HSRP, OSPF, EIGRP, RIP, IP Routing, ACLs, VRF-lite, route redistribution, route-maps, Wireshark Packet Sniffer, Fluke Optiview Packet Sniffer, NetFlow, WhatsUpPro, IP PIM Multicast Protocol, switches, Juniper Remote Access VPN, Cisco VPN, gateways, routers, bridges, IGMP Multicast, IPSec VPN, Layer 2, Layer 3, Layer 4, NIPRNET, SIPRNET, network monitoring systems (NMS), SolarWinds Network Monitoring, DS1, DS3, LAN/WAN, DHCP, DNS, VTP

Certifications

* Cisco Firewall Specialist, Cisco NAC Specialist

* Cisco Certified Network Associate (CCNA)

* Pursuing CCNP, CCSP, CCDP

Clearance

* Top Secret Security Clearance

Contact this candidate