Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

James Holder

Frederick,MD

Summary

Manager of Network and VoIP Infrastructure / Senior Network Engineer with 30 years of experience. Areas of expertise include management, staff recruitment, budgeting and development, project management, design, deployment, and troubleshooting across all areas of infrastructure, including LAN/WAN, wireless, VoIP, and security. Expertise in Azure Cloud Infrastructure, migrating from on-premises to cloud, and transitioning from MPLS to SD-WAN. Proficient in multifactor authentication (MFA). Motivated Network Manager / Senior Engineer with 30 years of solid experience managing large-scale projects at all levels, including budgeting and administration. An effective leader and problem-solver with advanced Level 3 network skills and a strong work ethic. Seeking to leverage expertise and extensive experience in network management to take on a challenging new role with a growing team.

Overview

31
31
years of professional experience
1
1
Certification

Work History

Lead Network Engineer

Cava
04.2024 - Current
  • Assist in building, maintaining, and optimizing a 500+ restaurant chain connected via Meraki's SD-WAN Solution.
  • Configure and maintain 500+ Meraki SD-WAN MX Devices, 945+ Meraki MS Switches, 531 Meraki MR WAPs, and 950+ Dual Internet circuits, with various carriers, including backup Cellular, 5G/LTE
  • Assist in planning and building multiple virtual/cloud networks for restaurant services/applications using Azure and AWS.
  • Design, implement, monitor, and maintain network implementations for a multi-site enterprise
  • Maintain network and security standards, documentation, processes, and procedures.
  • Serve as a technical mentor to others and guide less experienced engineers and technicians in resolving complex problems.
  • Configure, monitor, and troubleshoot enterprise (IT) and manufacturing (OT) network equipment to support day-to-day operations.
  • Analyze, monitor, and maintain capacity & performance requirements by regularly reviewing KPIs
  • Ownership of patching/upgrade testing, and installation for network hardware and appliances
  • Design and deploy new platforms and enhancements to existing network equipment, including routers, switches, access points, and controllers.
  • Work with carriers to configure/troubleshoot Internet, Broadband, SD-WAN, Cellular, and other WAN circuit types and equipment.
  • Created multiple VPN IKE2/IPSec infrastructures to allow for secure remote connections for partners’ branch offices and users. Site-to-Site and Remote Access
  • Review technical requirements, assist in the planning, level of effort estimates, budgeting, and project management of approved projects.
  • Work within established ITSM procedures to ensure awareness, approval, and success of changes made to the network infrastructure, and publish knowledge base (KB) articles as needed
  • Assist with root cause analysis for outages and deliver SOPs
  • Assist with Vendor Management
  • Act as a liaison between vendors and other IT personnel for problem resolution
  • Collaborate with IT Security teams to implement Network Access Control (NAC), access control lists (ACLs), firewalls, intrusion detection systems, intrusion prevention systems, etc.
  • Perform other related duties and projects as business needs require, under the direction of management.
  • Maintain current knowledge and understanding of security and networking best practices to offer the best solutions and protection to company systems.
  • Manage timeline expectations within and across teams, and deliver on our responsibilities accordingly

Lead Network Engineer

Total Wine & More
12.2022 - 04.2024
  • Assist in building, maintaining and optimizing a 260+ Retail stores chain all connected via Meraki's SD-WAN Solution.
  • Configure, maintain 589 Meraki SD-WAN MX Devices, 945 Meraki MS Switches, 3730 Meraki MR WAPs and 1086 Dual Internet circuits, with various carriers
  • Assist in planning, building out multiple virtual/cloud networks for retail services/applications using Azure and GCP (Google Cloud Plattform)
  • Recommend network security standards and upgrades to management.
  • Assisting in managing, maintaining the following core equipment Palo Alto Firewalls, Cisco 4500-X, 4510s and Nexus 5K Switches.
  • Troubleshoot complex multi-vendor network service provider issues.
  • Assist with implementation and support of network monitoring tools.
  • Provide network support services for devices such as switches, wireless APs, firewalls, routers, and other hardware.
  • Created multiple VPN IKE2/IPSec infrastructure to allowed for secure remote connections for partners branch office and users. Site-to-Site and Remote Access
  • Provide complete end-to-end engineering and installation of route-based IP network solutions using BGP and OSPF.
  • Collaborate with vendors to identify best options for optimizing network performance.
  • Monitor network capacity and performance to diagnose and resolve complex network problems.
  • Implement WAN and LAN designs in multi-datacenter configurations.
  • Provide detailed network diagrams and procedural guidelines.
  • Provide detailed information on hardware and software products so that appropriate stakeholders could make suitable purchasing decisions.
  • Review technical specifications from clients and vendors to confirm adequacy, accuracy and functionality.

Manager of Network & Voice Infrastructure (Sr Eng)

American Public University System
12.2017 - 10.2022
  • Provide oversight of datacenter network hardware, access and management for all maintenance windows related to the infrastructure
  • Directly responsible for all network and telecommunications for 16 Sites, which includes a primary and backup datacenter in VA and TX
  • Provide connectivity between On-Prem Datacenter and Azure Cloud
  • MPLS to SD-WAN migration
  • Directly responsible for managing, deploying, licensing and maintaining a 150+ Cisco Switches, 40 Cisco ASA Firewalls/VPN (IPSec, Site-to-Site, Remote Access), 500+ Wireless Access Points, 16 McAfee IPS/IDS, Multiple F5-Load-Balancers, Cisco ISE 3.0, etc
  • Developed, Implement, and Maintain Networking SOPs and document Network Environment Documentation via Visio
  • Directly responsible for bringing new sites online as a result of an expansion or an acquisition
  • Provide oversight, guidance and/or coordination for network project initiatives
  • Managed a team of 6 Network and Voice Engineers. Hire, Manage, mentor and cross-train for an effective, robust and very reactive/proactive team
  • Worked with my team in performance management and career development activities
  • Worked with Senior Management to forecast and budget network and VoIP requirements; worked with our VARs. The budget also included IT training.
  • Manage all network infrastructure equipment for the following: annual inventory deployment, Operation, refreshes and life cycle
  • Manage External Service Providers, such as AT&T, Verizon, CenturyLink, Frontier, Cyxtera, Cisco, F5, FatPipe, McAfee, SolarWinds, GoDaddy, Windstream, ePlus, etc
  • Produce Monthly, Annual reports on network performance metrics to Senior Management, which include SLAs, availability, capacity management, and performance. These reports allowed me to justify to Senior management the procurement of new hardware and software for opportunity to improve in degraded areas of the infrastructure.
  • Responsible for all licensing renewals for all network, VoIP-related software, and hardware
  • Prioritizes escalation requests via Remedy Ticketing Systems. Manage network and VoIP via ITIL change management processes
  • Provide technical leadership during critical outages and provide Root Cause Analysis (RCA) to Senior Management
  • Work with the Legal department on all new and renewals contract/MSAs

Senior Network Engineer

American Public University System
09.2013 - 12.2017
  • Designed and deployed company LANs, WANs, and wireless networks, including servers, routers, switches, Firewalls, VPN, IPS/IDS and other hardware
  • Design and Deployment of a pair Cisco Catalyst 6807-XL Core Switches in a Highly redundant configuration, including using VSS (Virtual Switching Systems) in a Quad Supervisor Engineer. This was done for both Primary and backup Datacenters
  • Worked on various line cards and configure for a Multi-Gig backbone (10GB/25GB/40GB)
  • Configuring networks to ensure their smooth and reliable operation for fulfilling business objectives and processes
  • Worked on the Dell embed switches (9116, 5148s, 6220) for configuration, upgrades and their racking and stacking
  • Used the monitoring tool SolarWinds to provide the alerts with network issues on devices. Added all the network devices under SolarWinds and push the config and backup config remotely
  • Worked on Upgrades and configuration on network devices and well assisted in renewing license.
  • Worked on Various model of F5 load-balancers (6900, 3600, i7800, Viprions, etc) to configure Multiple VCMP guests for different Environments as per the design
  • Planned, configured, deployed and operated Cisco ASA Firewalls (5525-X,5545-X, 5555-x 5585-X, 2100 FTD, 4100 FTD) using ASDM and CLI to configure and pushing the firewall policies/Rules (ACL, NAT, etc). Worked on the firewall monitoring to analyze the packet inspection
  • Deployed, Configured and Maintained Cisco 2951/3945/4331,4351,4100 Router in various functionality (Internet, MPLS Routers). Configured routing protocols OSPF
  • Deployed, Configured and Maintained Cisco Catalyst 6807-XL, 6513, 4507R-E+, 3650-X, 9300 (in a stackwise configuration) switches
  • Deployed, Configured and Maintained Cisco 5508/5520 Wireless Controllers with 3500/3700 Access Point. Meraki Cloud Wireless MR34, 43, 44s
  • Deployed, Configured and Maintained Meraki Wireless Cloud Wireless Solution using MR34 and MR42 Access Points
  • Deployed, Configured and Maintained McAfee IPS 5200 Sensors and Management Console
  • Deployed, Configured and Maintained Riverbed WAN Accelerators
  • Worked on MPLS Network Design and Deployment from scratch and architecting for all WAN Solutions
  • Configured Layer 3 VPNs and Traffic Engineering to meet all customer requirements on all remote offices and Site-to-Site VPN with our partners who is on Amazon WS and Microsoft Azure
  • Migrated our Cisco IPSec VPN to Cisco AnyConnect SSL VPN client
  • Troubleshoot issues with network connectivity and issues related to neighbor relationship and peers
  • Monitoring network performance and troubleshooting problem areas as needed
  • Collaborated with executive management and department leaders to assess near- and long-term network capacity needs
  • Ensured network connectivity of all servers, workstations, telephony equipment, fax machines, and other network appliances
  • Implemented TACACS Server configuration on the network devices and setup the AAA procedures on the servers
  • Actively involved in Switching technology Administration including creating and managing VLANS, Port security- 802.1x, Trunking 802.1Q, RPVST+, Inter-VLAN routing, and LAN security on Cisco Catalyst Switches 4507R+E and 6513-E
  • Migrated from Cisco ACS Server to Cisco ISE
  • Implemented, Administered Cisco ISE for Identity management for Users and Device Management
  • Developed, implemented and maintained policies, procedures, and associated training plans for network administration, usage, and disaster recovery
  • Conducted research on network products, services, protocols, and standards to remain abreast of developments in the networking industry
  • Involved in Troubleshooting during Bridge Escalation calls to resolve the Issues. Worked on Data center design documents in Visio to update the Documentation to follow the guidelines
  • Involved in Bubble Test ( Disaster Recovery Testing) every Month to Ensure the Connectivity between the data centers
  • Provided Hands on support physically to move cables, replacing the network modules, network devices
  • Documented, implemented and maintained processes and procedures related to network service delivery via standards, policies and procedures. Change control, BOMs, TIDs, Visio network topologies, and SharePoint document reserve
  • Worked with vendors to procure quotes, RFI, RFQ for capital projects

Senior Network Engineer

Swisscom Hospitality
06.2010 - 09.2013
  • Design and implement technical solutions for the hotel industry with a strong focus on PCI DSS compliance and 802.1x
  • Designed and deployed company LANs, WANs, and wireless networks, including servers, routers, switches, Firewalls, VPN, IPS/IDS and other hardware for various Hotels
  • Research, evaluate and recommend security solutions based on hoteliers requirements
  • Evaluate current hoteliers Network Infrastructure with a focus on integrating better security controls
  • Design and test a CAF (Central Access Framework) prototype using RADIUS/TACACS Server and Active Directory for remote access and logging of hotel network equipment
  • Assist in the written response to multiple RFPs (request for proposal), with my responses focused on recommending various network infrastructure and security components
  • Build network labs to evaluate various network and security controls (IPS/IDS, Firewalls, RADIUS Server, VPN and Syslog
  • Build configuration templates, based on best security practices, for field engineers and NOC to implement
  • Troubleshoot issues with network connectivity and issues Hotelier customers network and wireless connectivity. Monitoring network performance and troubleshooting problem areas as needed
  • Responsible for the following key projects: Lead a team of engineers and system developers to become certified against Marriott’s “ClearSky Net” certification program, which consisted of a custom solution using various security controls: 802.1x (wired and wireless), PEAP, dynamic VLANs, client/port isolation (wired and wireless), RADIUS/TACACS and syslogs servers.

Infrastucture Architect

IBM Corporation (MedImmune/Astrazeneca)
05.2008 - 06.2010
  • Develop technical solutions to meet business requirements
  • Work with Global Engineering to bring WAN/LAN/Voice and Wireless connectivity to multiple sites
  • Designed, implement and administration of Public Key Infrastructure (PKI) for various in-house certificate usages. (i.e. SSL, 802.1x, Secure LDAP and Remote Access, etc)
  • Assisted other Engineers in the Architect, design, testing and implementation of various security controls(i.e. Remote Access/IVE, VPN, SFTP, etc)
  • Assisted the Security team to ensure all LAN/WLAN devices were in compliance
  • Worked with Security and Application Team to ensure that all internal Web Servers were issued a Certificate for SSL
  • Reviewed the following Security logs: Syslog, Cisco ACS/TACACS , Firewall logs, Secure-FTP Server logs, Web-Filter and Active Directory logs to ensure compliance with company security polices
  • Responsible for advanced enterprise wireless administration of 22 Cisco Wireless LAN Controllers, 1 WCS and 540 Lightweight Wireless Access Points
  • Assisted in the transition of critical servers to IBM’s remote Data Center using various technologies (i.e. VMware, Citrix, Plate Spin)to ensure high availability
  • Worked with Server Team to ensure the availability all 450 Servers so that SLAs are met
  • Assisted other Engineers and ISPs in upgrading multiple WAN circuits for increased throughput for internet and site-to-site connectivity.
  • Responsible for deployment, configuration and administration of all Cisco LAN Switches throughout the enterprise
  • Assist in the deployment, configuration and administration of multiple Cisco firewalls, routers and IDS/IPS
  • Work with IT Change Management to seek the approval of all Systems, WAN/LAN and WLAN changes
  • Worked with Project Managers and various vendors to ensure the delivery of projects/services
  • Worked with Service Deliver Managers and Service Desk personnel to resolve escalations and level 3 issues by using native ticketing system.
  • Responsible for the following key projects: Assisted the planning, design, deployment and maintenance of the global rollout a SSL VPN solution (IVE) * Design and implement 802.1x protocol (EAP-TLS) for secure wireless; this project replaced the insecure LEAP protocol * Migrated all laptops to use the more secure Wireless Protocol of EAP-TLS * I developed this solution by using a combination of multiple components; extending AD Schema, GPOs, PKI and Microsoft’s Native Wireless client (WZC). Assisted other Engineers in the Planning architect and configuration 24 Cisco Catalyst Switches and 40 Wireless Access Points for Data/Voice/WLAN connectivity for MedImmune’s new 710,000 SQF State-of-the-Art manufacturing BLDG.
  • Assisted various business groups with document organization and dissemination during acquisitions.

Systems Engineer III

MedImmune LLC
09.2001 - 05.2008
  • A list of responsibilities can be furnished upon request

Network Administrator

Micro Stamping
08.2000 - 08.2001
  • A list of responsibilities can be furnished upon request

Network Administrator/Help Desk Technician

Barnes & Noble
03.1994 - 09.2000
  • A list of responsibilities can be furnished upon request

Education

Bachelor of Science - Cloud And Information Systems Security

American Public University System
Charles Town, WV
12-2026

Associate - Electrical, Electronics And Communications Engineering

RETS
Nutley, NJ
1990

Skills

  • Capacity Planning, Design, BoM preparation
  • Evaluation of New technology & products
  • MPLS, SD-WAN, VPN expertise
  • Azure Cloud Infrastructure/Azure MFA (IAM)
  • Remote Technologies (Cisco AnyConnect)
  • Vendor Relationship /Contract/SLA/MSAs/SOWs/RFP
  • IT infrastructure proficiency - LAN/WAN
  • Wireless - Design and Security
  • VoIP Infrastructure
  • Certified Information Systems Security Professional (CISSP)
  • WAN Acceleration Technologies (Riverbed)
  • Datacenter Network Implementations
  • Network Performance Analysis
  • Routing protocols expertise
  • Network monitoring tools
  • Network architecture design
  • Vendor relationship management
  • ITIL framework
  • Virtualization technologies
  • Cloud networking expertise (Azure, GCP, AWS)
  • Microsoft MCSE Certified
  • Python expertise
  • Project Management
  • Strong verbal and written communication
  • F5 and other Load Balancer Expertise

Certification

  • Certified Information Systems Security Professional (CISSP)
  • Microsoft Certified System Engineer (MCSE)
  • Cisco Certified Design Associate (CCDA) Design Track
  • Cisco Certified Network Associate (CCNA)
  • Cisco Certified Network Associate (CCNA) Security Track
  • Cisco Certified Network Associate (CCNA) Wireless Track
  • CompTIA Security+
  • CompTIA Linux+
  • ITIL Foundation 

Timeline

Lead Network Engineer

Cava
04.2024 - Current

Lead Network Engineer

Total Wine & More
12.2022 - 04.2024

Manager of Network & Voice Infrastructure (Sr Eng)

American Public University System
12.2017 - 10.2022

Senior Network Engineer

American Public University System
09.2013 - 12.2017

Senior Network Engineer

Swisscom Hospitality
06.2010 - 09.2013

Infrastucture Architect

IBM Corporation (MedImmune/Astrazeneca)
05.2008 - 06.2010

Systems Engineer III

MedImmune LLC
09.2001 - 05.2008

Network Administrator

Micro Stamping
08.2000 - 08.2001

Network Administrator/Help Desk Technician

Barnes & Noble
03.1994 - 09.2000

Associate - Electrical, Electronics And Communications Engineering

RETS

Bachelor of Science - Cloud And Information Systems Security

American Public University System

Similar Profiles

CREATE PROFILE