Please contact me if you would like to retain my professional services. I specialize in networking and system administration. Below is a brief resume of some of my skills.

Network Engineer
• Maintained all aspects of networking, including switch replacements and software upgrades.
• Oversaw the upgrade of all IOS software across 12 remote locations using trivial file transfer protcol (TFTP) and secure shell (SSH) from a centralized management location.
• Reviewed and refined firewall configurations including cleanup of access control lists (ACL) and network address translations (NAT) rules.
• Configured outbound access control lists at all egress locations to limit the possibility of data ex filtration.
• Implemented route maps and local access control lists for ATM network security and isolation.
• Setup route maps for redundant network configurations across remote sites.
• Enhanced the network security by replacing switchport port security with 802.1x
• Managed the configuration and deployment of 802.1x certificate based network access control across 12 sites.
• Managed and implemented dynamic host configuration protocol (DHCP) snooping on all network switches to prevent rouge DHCP servers from being added to the network.
• Managed and implemented dynamic address resolution protocol (ARP) inspection on all switches to prevent ARP poisoning.
• Configured and maintained vendor site to site VPN tunnels for essential services, and configured redundant tunnels for high availability.
• Coordinated with vendors for remote services and 3rd party network integration.
• Implement WhatsUp Gold for network monitoring and reporting of all switches, firewalls and routers.
• Trained IT staff on how to perform basic network tasks, such as interface virtual LAN (VLAN) modifications and port security exceptions.
• Developed Powershell scripts to automate the configuration of many common network tasks such as the setup of switchport port security and ARP inspection exemptions.
• Developed Powershell scripts to automatically manage windows configurations, including the automation of Windows Unified Write Filters.
• Developed Powershell scripts to automate the configuration of Windows port URL ACLs and port Certificates for use with custom software requirements.
• Trained IT staff on how to manage endpoints with Ivant LANDesk Endpoint Management.
• Support help desk staff with advanced problems that are beyond help desk qualifications in complexity.
• Work with internet service providers to ensure that IP service level agreements are met, and notify ISPs when service is down.
• Manage and maintain VMWare’s software defined wide area network (SDWAN) solutions at each site to work in a hub and spoke configuration.
• Manage and configure SDWAN network business priorities and exemptions for optimal VOIP connectivity.
• Configure switches, routers and firewalls for voice over IP (VOIP) network traffic prioritization.
• Maintain and update the routing tables across the organization, including the use of network address translations (NAT) only subnets.
• Investigate and troubleshoot why endpoints cannot access the internet, or when expected connectivity is not working as intended.
• Configured and automated the archiving of networking equipment configurations to a central backup server for disaster recovery.
• Configured all network equipment to use Remote Authentication Dial-In User Service (RADIUS) authentication for user login and accountability.
• Setup open shortest path first (OSPF) network routing between remote sites using secure OSPF configurations.
• Configured port channels for multi interface connectivity to key networking equipment including ISCSI storage and ESXi hosts.
• Set spanning tree primary and secondary switches for a reliable spanning tree fail over in case of a switch failure.
• Configured hot standby router protocol (HSRP) and gateway load balancing protocol (GLBP) for critical network interfaces to ensure 100% up time.
• Configured SNMP monitoring with ACLs for network monitoring using WhatsUp Gold for easy reporting on network alerts and changes.

Security Administrator
• Installed and configured ZScaler URL web filtering for all users using active directory federation services (AD-FS) and Group Policy.
• Setup site-to-site internet key exchange version 2 (IKEv2) tunnels for Zscaler web filtering, and configured network address translation (NAT) rules to route selected traffic to Zscaler.
• Configured and applied extended access control lists for secure ATM network across multiple remote locations.
• Identified and resolved VLAN performance issues by manually mapping the spanning tree layout and adjusting the spanning tree root resulting in a substantial improvement in network throughput.
• Modified and added firewall rules that exercise the best practices of least privilege.
• Spearheaded the implementation of port security at all sites creating a substantially more secure network.
• Configured all sites for Velocloud SD WAN using BGP and static routes to help simplify and unify network connectivity.
• Disabled the use of all dynamic trunking protocols in favor of static access and trunk configurations.
• Configured and implemented network equipment access control lists to restrict access by source IP address.
• Deployed windows patches across all platforms using Ivanti LANDesk endpoint management.
• Retired the legacy Windows Server Update Service (WSUS) platform in favor of Ivanti LANDesk which resulted in saving terabytes of disk space, and greatly simplifying patching across the business.
• Developed and deployed automated Powershell scripts to use Windows Unified Write filters (UWF) across all Windows 10 desktops.
• Developed Powershell scripts for use with custom Ivanti LANDesk patches.
• Disabled legacy security protocol and hashes in favor of newer security protocols including TLS 1.2 and AES.
• Centralized automated reporting of UWF status each day for all computers on the domain.
• Improved the security of the Nagios reporting tool used by adding passwords and encryption to endpoint monitoring.
• Created custom Nagios notifications using remote scripts on endpoints to ensure all vital services work functional.
• Configured group policies to enhance computer security through the enforcement of strong passwords and password age requirements.
• Trained employees on how to handle the most common computer threats such as phishing and social engineering attacks.
• Developed scripts to automate the security settings of switches saving the department time.
• Added several important configuration changes to all IOS configurations including auto archiving, NTP time resolution and increased logging buffering.
• Customized Windows Preboot (WINPE) images for OS deployment. This included the addition of drivers and preboot network customization.

System Administrator
• Built, configured and deployed Windows Servers using VMWare to meet business needs.
• Standardized a Windows Server template for quick and easy deployment of new servers.
• Installed, updated and configured ESXi hosts, including the configuration of storage and virtual switches.
• Deployed Windows 7 and 10 desktop images using Sysprep and LANDesk provisioning to rapidly replenish inoperable devices.
• Deployed remote server automation tools for use across the organization thus saving administrator time by centralizing and automating usual administrative tasks.
• Programmed standard query language (SQL) queries to generate PDF reports from LANDesk to provide essential system health information.
• Served as the department go to for all Linux related support, including support with CentOS and Debian.
• Installed and updated CentOS and Debian installations to the latest version, and updated custom software to work with the new updates.
• Configured server storage arrays using redundant array of independent disks (RAID) 10 for redundant storage that remained highly available in case of emergencies.
• Modified switch interfaces as necessary for 802.1q trunking for server VLANs connections.
• Load balanced servers across multiple ESXi hosts for optimal performance for users.
• Monitored and reported on hardware utilization and over provisioning.
• Replaced older HP storage arrays with newer Dell storage, and configured ESXi hosts to use the new storage arrays.
• Investigated and fixed servers that had problems running antivirus software.
• Configured group policies to optimize and configure the windows end user experience.

System Administrator
• Maintained multiple Windows Server 2008 and 2012 installations using VMWare.
• Configured and applied group policies to better meet organization needs. Managed and maintained more than 50 VOIP phones and users.
• Assisted the IT Director with writing essential policies including the acceptable use policy, security incident response procedures, and documented the IT domain.
• Worked with end users to resolve IT related problems affecting software, computers, networking equipment and phones.
• Developed and maintained a golden Windows 7 image for Windows Deployment Services (WDS). Maintained a catalog of all drivers for hardware platforms and peripherals related to the computer systems.
• Setup and used Spicework ticketing to track end user issues providing much needed reporting and automation. The setup included configuring a webserver and email routing.
• Tailored group policy configurations to standardize and automate various computer functions.
• Worked with court staff to recover the fractured court database that was deleted by a previous employee. This recovery took weeks, and included the restoration of the SAN storage pools.
• Reconfigured the court’s network routing to properly route traffic to auxiliary buildings over a site to site VPN tunnel using IKEv2.
• Replaced legacy WYCOM thin clients with Windows 7 installations, and standardized the deployment of Windows 7 installations.
• Updated printer firmware to fix printing issues.
• Maintained and updated active directory users for network share access and folder permissions.

IT Support Specialist
• Performed on call IT functions while studying at Humboldt State University. Being the sole IT administrator on call included 24×7 support to the school.
• Deployed Windows 7 images using CloneZilla and Sysprep to migrate to Windows 7 resulting in a near zero cost to convert all Windows XP installations to 7.
• Configured and deployed Chromebooks with enterprise management for secure testing.
• Setup and managed a google domain for Chromebook domain management and kiosk deployment to students.
• Repaired printers and other peripherals as necessary. Also ordered and installed printer rollers and other pieces.
• Helped the business Director determine IT budget needs and other hardware upgrade priorities for the school.
• Assisted the school to meet requirements for a Cyber security insurance contract.
• Upgraded the firewall and conducted a network analysis for a much needed upgrade from 10 MBPS to gigabit across the campus.
• Replaced all legacy switches and routers with updated Cisco enterprise gigabit switching and routing solutions. Installation of new equipment included the configuration of management interfaces, VLANS, and IP and routing tables.
• Coordinated and oversaw the recycling of legacy and broken IT equipment with local vendors.
• Assisted with the installation of a campus wide camera system to monitor the school.
• Updated and maintained multiple school websites that run on WordPress, and are custom coded to inform parents and staff.
• Migrated office staff to Google enterprise email services and setup Mozilla Thunderbird for use with Gmail accounts.

25B Information Technology Specialist
• Obtained the rank of Staff Sergeant and supervised several department sections including supply, maintenance and the motor pool.
• Configured and maintained all IT related equipment for the detachment. This included SINCGARS, handheld radios, computers, laptop, switches, hubs and routers.
• Regularly oversaw the installation and tracking of computer patches as well as service packs and major operating system updates.
• Installed network components where necessary including switches, cabling and routers.
• Installed and configured Windows XP and Windows 7 for use in accordance with the battalion standards.
• Managed and maintained the inventory of all IT assets in the organization with a zero percent loss of hardware over multiple years. Inventory equipment included all monitors, desktops, laptops, field equipment, antennas, and associated accessories.
• Installed all network hardware in new buildings when deployed to Iraq in 2004. This included building the network from the ground up and terminating at our designated network drop.
• Maintained and administered the unit active directory domain while deployed to Kuwait in 2006. Active directory maintenance included the management of new users and new computers, as well as the deletion of old users from active directory. User group access and permissions were also administered.
• Worked with other detachments to help with updating their endpoints and installing updates.
• During deployment to Iraq in 2004 setup network connectivity with another unit for site to site internet connectivity.
• Attended Microsoft System administrator training courses provided by the Army in Germany.

Education
Bachelor of Science in Computer Science.
Humboldt State University
• Awarded a Bachelor of Science in Computer Science.
• Studied several programming languages including Java, C++ and x86 assembly.
• Focused on programming algorithms and database design.
• Developed three tier websites including presentation tier, application tier and database tier.
• Received an A in Java programming, and B+ in Web Apps with Databases.
Associate degree in arts for University Studies: Social Science
Butte College
• Obtained an Associate degree in arts for University Studies: Social Science.
• Obtained an Associate degree in arts for Social and Behavioral Science.
• Successfully completed all undergraduate requirements for transfer to HSU.

Certifications
2024-10 Palo Alto Networks Certified Network Security Administrator
2023-09 Palo Alto Network Certified Cybersecurity Entry-Level Technician
2023-04 JNCIS-ENT – Enterprise Routing and Switching, Specialist
2022-06 Cisco Certified Network Associate 200-301
2021-08 ZCCA-IA Zscaler Certified Cloud Administrator
2021-06 JNCIA-SEC – Juniper Network Certified Security Associate
2020-12 Fortinet NSE 2 – Network Security Associate
2020-08 JNCIA-Junos – Juniper Networks Certified Associate
2019-04 Cisco Certified Network Professional SWITCH (CCNP SWITCH)
2019-01 Cisco Certified Network Associate Security (CCNA Security)
2019-01 Microsoft Technology Associate Networking Fundamentals
2019-01 CNSS 4011 Standard
2018-09 Fortinet NSE 1 Network Security Associate
2018-09 Cisco Certified Network Associate Routing and Switching (CCNA)
2017-10 Cisco Certified Entry Networking Technician (CCENT)
2017-05 ITIL Foundation in IT Service Management
2017-01 CompTIA Security+ (Recently re-certified. Valid until 2023)
2016-08 CompTIA Network+ (Recently re-certified. Valid until 2023)