Keith Paredes

• Perform end-to-end certification testing across IOS XE, IOS XR, and NX-OS, mastering platform architecture, control-plane behaviors, data-plane forwarding, and feature interactions to validate hundreds of cybersecurity and multi-vendor interoperability requirements.

• Collaborated with cross-functional engineering teams to drive feature enhancements that strengthen platform resilience and align with emerging cybersecurity frameworks across IOS XE, IOS XR, and NX-OS, delivering capabilities such as OSPFv3 IPsec authentication, RADSEC, and Secure NTP using FIPS 140-3–approved algorithms.

• Developed official hardening and deployment documentation by configuring IOS XE, IOS XR, and NX-OS platforms to meet stringent cybersecurity and interoperability standards, validating those configurations through formal testing, and translating complex system behavior into clear, field-ready guidance.

• Map DoD cybersecurity control requirements to real-world IOS XE, IOS XR, and NX-OS configurations, validating compliance through structured STIG/SAR testing and identifying gaps requiring feature development or documentation updates.

• Manage end-to-end test program planning by tracking software and hardware lifecycles, forecasting certification needs up to a year in advance, procuring systems and optical/cabling resources, and aligning test execution with parallel engineering initiatives and external deliverables.

• Manage technical risk by identifying test blockers, assessing platform readiness, escalating gaps to engineering teams, and adjusting schedules to ensure on-time delivery of certification milestones.

• Engineer dynamic routing and management protocol configurations to interoperate seamlessly with multi-vendor networks, resolving default behavior mismatches and tuning protocol settings to ensure stable adjacency, secure management access, and consistent end-to-end functionality.

• Engineered an enterprise solution to manage authentication, authorization, and accounting (AAA) for over 100 devices across the globe in a centralized location on a secure network with redundancy and dynamic failover capabilities.
• Establish site to site communication policies for vCenter management traffic across multiple Areas of Responsibilities (AOR) in a global environment.
• Coordinate with multiple Army Regional Cyber Centers (RCC) and Network Enterprise Centers (NEC) to build the layer two infrastructure for over two hundred datacenter nodes and integrate into existing layer three infrastructure for inter-site communication.
• Work with Cisco vendors to test NX-OS upgrades within authorized lab space and schedule Authorized Service Interruptions (ASI) to maintain compliant with security requirements in the infrastructure.
• Create and document hardening process for network devices resulting in over 600 vulnerabilities closed across over 200 devices within the first quarter of assuming the network team lead position leading to a 68% more secure posture.
• Direct technicians through troubleshooting equipment in their locale by instructing what commands to input and being provided the output.
• Generate rack elevation, high level, low level, and transport diagrams using Microsoft Visio.
• Enhance deployment guide for a more streamlined deployment when worked by junior technicians following the deployment guide.
• Integrated with Network Enterprise Technology Command (NETCOM) Operational Engineering Division (OED) for the design and implementation of Cisco 5k and 9k switch configurations to stand up 219 remote sites across the globe.
• Design, implement, and troubleshoot switching technologies such as Virtual Port Channel (VPC), Link Aggregation Control Protocol (LaCP), and Hot Standby Router Protocol (HSRP) to increase redundency and throughput throughout the network.
• Train junior network administrators on basic networking skills and specific technologies used within the networking environment.

• Work with customers to troubleshoot inter-connectivity between over 100 remote sites across the United States, encompassing over 400 devices, using network monitoring tools such as SNMPv3, Netscout, and Schnozz to consistently meet service level agreements
• Investigate Cisco ASA, Juniper, and Netscreen firewalls for policy and routing issues to include static, eBGP, and iBGP
• Troubleshoot pre-existing Remote Access Virtual Private Networks and Site to Site Virtual Private Networks
• Resolve issues involving point to point traffic in a highly complex joint environment containing hundreds of Virtual Routing and Forwarding tables
• Routinely configure sub-interfaces on Cisco devices to include HSRP, VRF, helper-addresses, and account for MST at layer two
• Configure, maintain, and troubleshoot Access Control Lists, prefix-lists, and prefix-sets
• Participate in on-call rotations during holidays, weekends and overnights to handle emergency network situations
• Work with BMC Remedy 7.6, 8.1, and 9.1 on a daily basis to accurately document detailed troubleshooting procedures and resolve issues in a timely manner

• Managed over 50 Cisco devices including 3725 Routers and Catalyst 3560, 3750, 3850 Switches to support Voice / Data communications over SIPR / NIPR networks.
• Performed joint site surveys with project engineers to design and implement customer specific technical network requirements.
• Motivated eight personnel during 24 hour operations at customer service desk to provide immediate technical support to customers.
• Trained subordinates on link-state and distance-vector routing protocols, First Hop Redundancy Protocols (FHRP), port-security, DHCP, active directory, and Windows 7 operating system.
• Supervised eight personnel in a long term high intensity austere environment ensuring they maintained a strong mental and physical well being.
• Configured ASA Firewalls, KG-175D microtaclanes, TACACS+, virtual call manager via ESXI, STP, DNS, DCHP, OSPF, BGP, EIGRP, Access Control Lists (ACL), Port-security, and Simple Network Management Protocol (SNMP).
• Conducted routine maintenance to include pruning Virtual Local Area Networks (VLAN), bounce Err-disabled ports, baseline computers, update network map using Microsoft Visio, and update IP address scheme spreadsheet.
• Completed overhaul of network to eliminate possible switching loops, routing loops, and hsrp failovers.
• Maintained daily data communication transactions, customer issues, and remedial actions taken to create a remedy book.
• Interfaced with Commanders and senior leaders routinely in order to foster a positive working relation and ensure the Commanders requirements and customers needs are met.

• Trained eleven subordinates outside of their specialty to become compliant with corporation standards resulting in increased organization readiness.
• Developed mIRC and Microsoft Excel macros to automate inventory and reporting. Presented the project to executive level management, and was implemented across the organization.
• Responsible for security, organization, and destruction of classified material, resulting in zero serious incident reports during tenure.
• Consistently met deadlines while managing multiple communication and war projects under pressure resulting in excellent remarks from executive level leadership.