Gabriel Benjamin
Ellicott City,MD
Summary
Responsible for configuring small to medium LAN environments. Most infrastructure environments consisted of Cisco systems technologies. Duties include, setting up more efficient routing and advanced technology concepts such as MPLS, EIGRP, and Dmvpn; switching concepts such as setting up Vlans, STP, and VLSM; as well as security practices for servers, switches, and routers alike. Skill set also includes tcp/ip, port addressing, and subnetting; specifically finding better subnets so that address space is used in the most effective way utilizing both IPv4/IPv6. I work frequently with CUCM (Cisco Unified Call Manager) more specifically the configuration of voice gateways, IP phones, Cisco collaboration applications such as Cisco Spark and Jabber/Webex, LDAP and active directory integration and performance Qos meeting IP SLA’s. I am Familiar with T1 PRI circuits and how they incorporate into a Voice environment. I am able to demonstrate excellent cable management and LAN closet cleanup. I am familiar with wireless networks, Cisco 2500/5500/9800 series controllers, and AP’s/Airtight as well as 802.11/802.1x schemes. In many of these scenario’s, the configurations were completed in a virtual or remote environment which has increased my familiarity with virtual and hosting software such as VMware, Hyper-V, PuTTY connection manager, and Cisco CLI analyzer. In addition to the configuration aspect, I have worked with several network monitoring softwares such as Solarwinds, Cisco prime, and Netbrain some which I have installed personally and incorporated into an enterprise network. With that, I have applied Tacacs, ACS server, ISE server configs to provide user and server access to network devices along with the necessary ACL’s and Nat translations needed to allow access. I am very security saavy and have used tactics such as Hardening and hardening guidelines in order to assist in combating malicious cyberattacks. Tasked with creating detailed documentation including rack diagrams, physical/logical Visio diagrams. I have also used packet tracer software like Wireshark/Dynamips to identify network and call latency. I have experience implementing application firewall access rules and object zones mostly using Cisco ASA 5500 series and ASDM GUI manager. Along with ASDM GUI, I have utilized Cisco ACI (application centric networking) and SDN (software defined networking) as the future moves towards more graphic and virtual networking. I have worked with F5 Big IP load balance networks, round robin one arm and two arm configurations, Pool, Node, and VIP interface creation. Along with that I was able to become efficient working with DNS/DHCP configuration using Infoblox/BlueCat. Worked with industry professionals such as Presidio, Netcraftsmen, and CDW on various intensive network development projects. Worked with systems/cloud engineers to migrate CISA gateway and on-prem network into AWS hosted GovCloud.
Overview
18
18
years of professional experience
1
1
Certification
Work History
Sr Network Engineer
TEKsystems
Bethesda, MD
09.2025 - Current
- Led design and implementation of complex network infrastructures for diverse client needs.
- Streamlined troubleshooting processes, reducing incident resolution time across multiple projects.
- Mentored junior engineers, enhancing team capabilities and knowledge-sharing practices.
- Developed strategic network solutions aligned with organizational goals and client requirements.
- Experience supporting a nationwide mid to large Federal agency enterprise
- Advanced knowledge and experience with Cisco ISE/NAC.
- Configure ManageEngine OPManager or equivalent network management and monitoring systems, IPAM, DHCP, DNS, VPNs, firewalls, network analysis tools, as well as implementation of multi-gigabit ethernet equipment and systems.
- Utilize protocols such as TCP/IP versions 4 and 6, BGP, OSPF, HSRP, network access control systems, hybrid cloud network, Tenable Nessus and Risk Management Framework (RMF).
- Design, engineer, implement, and maintain complex network solutions and perform complex technical/engineering analysis.
- Create standard operating procedures and network diagrams.
Manager of Networking
Sheppard Pratt
09.2023 - 08.2025
- Manage 10000 user network over multiple sites in the Maryland DC and Virginia metro
- Configure 802.1x auth for Enterprise wireless solution utilizing Cisco ISE server
- Utilize Cisco DNAC DNA center to manage configurations, push IOS updates, manage nodes, check utilization and status
- Utilize Solarwinds to mange non cisco network equipment
- Use tools such as FortiAnalyzer, Fortimanager, FortiAuth, EMS to manage hybrid Cisco/Fortinet environment
- Meet with vendors to implement network enhancements negotiate hardware and software sales, camera solutions buildouts, upgrade/replace primary circuits
- Manage a variety of projects and challenges within the infrastructure setting and meeting deadlines, organizing tasks and schedules using Jira and Kanban, meet with PMOs to determine progress and set expectations
- Utilize Jira service desk to manage end user requests, projects, change requests
- Work with Security team on user based PC mac authentication using MAB protocol utilizing Identity service engine
- Configure a combination of IPsec tunnels, static routes, and BGP to create mesh network to new Colocation Data center
- Assist server and DevOps teams with network migration and replication to Colocation center
- Configure nexus switches for data center storage server, IDRAC, SAN, ICSII connectivity
- Monitor and oversee network systems, validate end of life end of support on aging devices, check for CVE vulnerabilities, stay abreast of recent and necessary IOS upgrades for router, switches firewalls, and network applications
- Configure and manage Fortinet switches and firewalls, Cisco 9300/9400 series catalyst switches and Nexus 3K,5K,7K,9K switches
- Utilize ISE for user VPN authentication
AWS Network Engineer
MDThink
05.2023 - 09.2023
- Standup and configure AWS console for Maryland social services divisions
- Configure new department and division additions utilizing existing cloud infrastructure
- Setup DNS, name forwarding, application directory, Cnames, reverse proxies utilizing route 53 suite
- Configure policy, zones, route filtering, policy routing, SD wan zones using Palo alto Panorama
- Configure and manage Cisco catalyst switches for end user and edge connectivity
- Set up Direct connect to new CoLo data centers
- Configure BGP with Eigrp/Ospf underlay to redistribute AWS environment to Local LAN offices
- Cutover/ migrate IPv4 networks into IPv6 using ::48 netblocks
- Configure dual stack functionality so networks can communicate on both IPv4 and IPv6
- Work with systems team to standup network infrastructure to support new local domain
- Work with DevOps teams and systems engineers and vendors on new initiatives and network architectures
- (Supporting Health Social Services departments for State of Maryland)
Security DNS Engineer
GDIT
05.2022 - 05.2023
- NIH Hostmaster responsible for handling all DNS and DHCP related requests
- DNS reservations for both Internal and external DNS
- Configure Cname alias for domains subdomains for DNS suffix
- Configure A records or host records and associated PTR reverse DNS records using ipv4 and ipv6
- Configure DNS/DHCP host using Infoblox and Bluecat DNS servers
- Configure DNS forwarders for both internal and external facing zones
- Set up authoritative zones, forward zones, stub zones
- Set up Grid member, IPAM management for host IPv4 and IPv6 address allocation
- Configure vlan subnet and address management
- Zone file config and migration using csv
- Set up for recursive DNS and DNS sinkhole
- (Alta IT Contractor Supporting NIH)
Sr. Network Security Engineer
Redstream Technologies
08.2021 - 05.2022
- Develop IP scheme for new GeneDx networks
- Jira Kanban Agile SCRUM workflows
- IPv4 to IPv6 vlan intergration
- Migrate existing DNS/DHCP scope from Bioreference Infoblox servers on to new GeneDx Infoblox servers using Zone file
- Create and implement subnet range to allocate for various network components including new wireless network, azure cloud services, Aggregate network switches, local LAN rollout
- Use Forti packet capture to troubleshoot traffic flows on firewall interfaces
- Devise action/implementation plan to cutover users/network during series of maintenance windows in order to move GeneDX onto new network configuration
- Utilize IPAM in Bluecat to assign and manage CIDR space and user static IP as well as DCHP leases UltraDNS
- Manage company enterprise Firewall using Fortigate 201E/301Fs
- Create and apply firewall rules, acls, whitelisting, one to one or one to many IP Natting
- Manage F5 load balancers and VIPs for corporate applications
- Build and maintain VPN Firewall using Fortinet Fortigate
- Use Forticonverter to migrate acls and firewall configs
- Set up remote access VPN tunnels for Customer access
- Configure FortiNet Fortiswitches for aggregate edge network
- Set up SSL VPN for user site access
- Configure and manage SDN solutions ACI and NSX
- Configure access rules and policies using ACI APIC controller
- Use iperf commands to determine network latency bandwidth and speeds in real time
- Configure Azure cloud Expressroute using BGP
- Manage AWS console and VPC networks
- Set up inline cloud security for AWS using Palo Alto firewall
- Configure access list and policy using Palo Alto cloud firewall
- Use packet tracing software WireShark to trace capture inspect packets to determine ping success packet loss, etc.
- Configure and manage Cloud VPN for Mulesoft API appliance and assists developers with application connection and flows
- Set up Core routing and MLAG for Enterprise Organization
- Implement VM cluster environment using Fabric switches
- Configure radius server authentication for all network equipment using Fortiauthenticator Server
- Install configure and manage company Enterprise wireless using Extreme cloud solution
- Set up 802.1x authentication for devices
- Monitor Network applications, uptime, Cpu, latency, etc, using Orion solarwinds appliance running snmpV3
- Monitor SSL VPN forward traffic logs, provision user access and scout for foreign and suspicious activities
- Work with Service Providers Lumen/Centurylink, Level 3, Zayo, on new circuits and infrastructure
- Work with Vendors on security camera, temperature monitors, and other vendor equipment that rely on network security to operate
- (Contractor Supporting GeneDx)
Network Cloud engineer
VariQ
07.2020 - 08.2021
- Strategize, plan, and implement migration of on-prem CISA gateway network into AWS cloud and GovCloud
- Work with Project Coordinator’s and systems engineers to decide which Cloud hosting service/solution best fits the Organizational needs (IaaS, PaaS, SaaS.)
- Work with TIC (Trusted Internet Connection) to formulate strategy for tunnel encapsulation between on-prem gateway and AWS Govcloud
- Configure Tunnel gateway using BGP/static routing in order to create secure connection between on –prem network and AWS utilizing TIC
- Stand up Amazon VPC/VPG which are necessary requirements in order to complete AWS cloud migration
- Build IPsec/GRE VPN tunnel to integrate network into AWS as well as provide secure public to private connection between users and corporate systems
- Daily standup Agile Scrum meeting to discuss project progress, roadblocks, deliverables
- Create detailed documentation displaying the purpose of the migration, necessary components, cost effectiveness, potential risks, configurations guidelines, etc.
- Work with systems engineers, application engineers, Firewall security team in order to collaborate full network implementation into Cloud
- Work with Cisco Contiv and Juniper Contrail for SDN network solution
- (Supporting Department of Homeland Security)
Tier III Network Engineer
Perspecta
06.2018 - 07.2020
- Responsible for replacing end of life hardware and decommission of old systems
- Replace 4507 and 4510 R-E edge/distribution switches with 4510 R+E catalysts
- Replace configure 6509 distros with 6807 VSS pair
- Scan and upgrade enterprise wide network equipment to latest and least vulnerable IOS softwares
- Make necessary config changes when required by customer
- Upgrade 3900 series router to 4351 ISR for all field sites
- Provide tier III support for all network related incidents for FDA, HHS, NIH government agencies utilizing the ServiceNow ticketing system
- Weekend/night nightly installs and maintenance procedures
- Provide SOWs/RFC to CCB board and provide justification for network task and changes
- Support NOC for FDA, HHS, NIH government agencies
- Implementation, decom, configuration and support for Data center level network APC UPS 1.5k, 2.2k, 5k, 6k series
- Troubleshoot Network Circuits T1/PRI as well as Dark Fiber and work with providers to restore links
- Manage, develop, Implement application access/rules in F5
- Build and configure policy based routing, macros, and class maps
- Use Infoblox DNS server to search available IPs, assign IPs, resolve IPs, and create IP scheme
- Perform vulnerability scans using Nessus vulnerability software and search/ implement recommended IOS release via vendor
- 24/7 oncall network support rotation
- Build and review SOP documentation for routers/switches alike as well as F5 load balancing and AWS migration
- Splunk/AWS training more specifically how to incorporate splunk into AWS cloud hosting
- Migrate on-prem systems from a Software as a Service Microsoft Azure non-prod environment to a Platform as a Service AWS Govcloud Production Environment
- (Supporting Food and Drug Administration)
Network Telecom Engineer II
Inovalon
05.2017 - 06.2018
- Work through service request dealing with Developers, Users, Vendors alike
- Make firewall rule changes and port modifications for various purposes mainly involving application access across enterprise network
- Firewall rules changes using Cisco ASA ASDM application firewall, FIREpower
- Utilize Infoblox/BlueCat DNS/DHCP host configuration server to assign, manage, and resolve IP addresses
- Install and implement Network monitoring tools Cisco Prime, Solarwinds, Netbrain
- Add/manage all enterprise hardware within network monitoring tool
- Configure all applicable devices for SSH/Telnet, Vty, SNMP, ACL access for all Network application tools
- Daily upkeep and monitoring of Inovalon enterprise network using Solarwinds Netbrain and Cisco Prime to detect issues in down links, network latency, end of life support, update configurations, retrieve network diagrams, etc
- Configure Big IP F5 VIPs for HA application traffic
- Troubleshoot large enterprise network issues dealing with Provider circuits, MPLS/Dmvpn failures, application and network latency
- Work with fellow engineers to derive plans for network hardware upgrades and IP scheme refresh
- Service corporate App demands for firewall Nat and port access to allow communication between internal corporate applications as well as external company access
- Stand up Cisco ISE in POC lab environment in preparation for corporate rollout
- Incorporate Cisco ISE in wireless guest/internal implementation
- Configure and support enterprise voice system for 5000+ user environment using extension mobility, translation patterns, dial peers, base sets, etc on Cisco Call manager version 11.x
- User add/change/delete modifications using Cisco Call Manager version 11.x
- Handle user migrations, bulk imports, cluster collapse and expansion
- Rollout and support of Cisco Jabber/Spark softphone clients
- Modified policy and architecture in Cisco ACI SDN controller
- Configure Cisco Nexus 3k,7k,9k switches for fabric leaf and spine topology
- Manage policy in APIC as well as utilize Nexus infrastructure to build ACI fabric interconnect
Network Voice Engineer
Versa Integrated Solutions
06.2011 - 05.2017
- Oversee trouble calls and tickets for local sites
- Provide service center ticket support for FDA White Oak campus and Field Sites using HP service manager, Peregrine ticketing system, ServiceNow, etc.
- Create/review documentation for all infrastructure BOM, SOW, Network diagrams
- Standup local/remote office networks in LAN and WAN environments
- Build and support Cisco Collaboration software including Cisco Jabber, IPcommunicator, Webex
- Handle user migrations, bulk imports, cluster collapse and expansion
- Administer network and voice systems regularly to check for incidents, QoS, degradation, etc. using Solarwinds monitoring tool
- Conduct mass user imports in Call manager using Bulk administration tool
- Configure Voice gateways using Cisco routers, MGCP/H.323 protocol or VG200 series analogs
- Responsible for upgrading IOS images to current standards as well as hardware refresh when end of life support approaches
- Manage T1, Pots, PRI circuits for provider voice traffic
- User add/change/delete modifications in Call manager and Unity Connection
- Plan with installation and support
- Support end user networks which can include but not limited to Vlan access changes, user port activations, physical desk assignments, security camera/door access configurations, etc.
- (Supporting HHS, FDA, NIH, Air Force, USPS)
IT/VoIP Support Specialist
RTBS, Inc.
06.2008 - 07.2011
- Implementation of new HHS/FDA building phone systems from analog to VoIP using CUCM/Avaya systems
- Interface with customer and conduct user trainings on new advanced phone system
- Build, Implement, support enterprise level phone system for 10000+ user environment for the Food Drug Administration/Department of Labor
- Cucm Support trouble calls, service tickets
- Cisco Unity voicemail password resets, new/existing user phone set up in call manager
- New/existing user Jabber/IP communicator additions and support
- (Supporting HHS, FDA, DOL)
Education
Certified Network Professional - Information Technology
Skyline
Largo, MD12-2012
Computer Business Management
Stevenson University
Owings Mills, MD06-2011
Business Information Systems
Howard Community College
Columbia, MD05-2010
High School - Curriculum
Mt. Hebron High School
Ellicott City, MD05-2008
Skills
- Firewall management
- Intrusion mitigation
- Wireless network design
- Routing protocols expertise
- Switching configuration and optimization
- IP address management
Accomplishments
- Installed Netbrain/Cisco Prime network monitoring tools from ground up for large scale network and tasked to monitor network efficiency and troubleshoot using tool
- Completed IOS upgrades due to critical vulnerabilities for over 100 devices utilizing remote functionality of NetMRI and Nessus vulnerability scanner
- Fully implemented WLAN networks for multiple FDA local sites and travel to field locations
- Installed and supported Cisco unified software applications Jabber and IP Communicator for FDA
- Built VoIP networks for multiple government buildings in which tasks included racking switches and configuring network equipment and software (cisco ios, CuCM, UC, unity, etc.), Configuring cisco IP telephones (7965,7940,7937,8811, etc.), as well as physically situating those phones on user’s desks
- Conducted user trainings after rollout for cisco collaboration software and IP VoIP phone system
- Tasked to re-cable and dress improperly kept LAN closets
- Provide documentation following all implementations i.e. (logical/physical Visio diagrams, rack elevations, floorplans)
- Upgraded end of life 4507 catalyst to 4510 R+E switches for multiple floors in FDA buildings
- Installed and configured Cisco 9410 switches for new remote site as well as upgraded 6807 VSS Core switches
- Installed Netbrain network monitoring tool from ground up for large scale network and tasked to monitor network efficiency and troubleshoot using tool
- Created new IP scheme and port/vlan mapping for network refresh initiative in preparation to cutover to SD WAN routing scheme
- Implemented Cisco Spark/Jabber rollout
- Carried out successful HA firewall cutover for production network
- Configured switch stacks for user migration to new floors in corporate office
- Configured multiple VIP’s for company product application HA traffic using F5 LTM
- Configured Sorenson Video phone for deaf Users to incorporate into private government network using DMVPN tunnel
- Restored multiple network devices that malfunctioned after reboot using ROMMON os
- Worked with Chenega contractor to set up camera security system for the Commissioner of the FDA using advanced switching and routing configuration
- Set up emergency hotline call center for United states Secret service and Public health commission for Covid-19 response team
- Successfully configured 8 GRE tunnels in two Data centers in order to provide high availability uplinks for DHS migration to cloud infrastructure
- Build the VPN connection between DHS on-prem network and AWS Govcloud utilizing TIC circuit and BGP dynamic routing
Certification
- CCNP CSCO12164159(Cisco Certified Network Professional)
- ANS-COO (Amazon AWS Certified Advanced Networking)
- CCNA CSCO12164159 (Cisco Certified Network Associate)
- CCNA Voice CSCO12164159 (Cisco Certified Network Associate Voice)
- CCENT CSCO12164159 (Cisco Certified Entry Networking Technician)
- CSE (Cisco Sales Expert)
- CxFF (Cisco Express Foundation for Field Engineer
Clearances
- U.S. Government Public Trust Classified Level 5,6
- DHS Suitability clearance
Languages
English
Native or Bilingual
Spanish
Professional Working
Timeline
Sr Network Engineer
TEKsystems
09.2025 - Current
Manager of Networking
Sheppard Pratt
09.2023 - 08.2025
AWS Network Engineer
MDThink
05.2023 - 09.2023
Security DNS Engineer
GDIT
05.2022 - 05.2023
Sr. Network Security Engineer
Redstream Technologies
08.2021 - 05.2022
Network Cloud engineer
VariQ
07.2020 - 08.2021
Tier III Network Engineer
Perspecta
06.2018 - 07.2020
Network Telecom Engineer II
Inovalon
05.2017 - 06.2018
Network Voice Engineer
Versa Integrated Solutions
06.2011 - 05.2017
IT/VoIP Support Specialist
RTBS, Inc.
06.2008 - 07.2011
Computer Business Management
Stevenson University
Business Information Systems
Howard Community College
High School - Curriculum
Mt. Hebron High School
Certified Network Professional - Information Technology
Skyline