John Kiehnle CCNP R&S W / CCSP / CCDP

CISCO CERTIFIED NETWORK, DESIGN, WIRELESS, & SECURITY PROFESSIONAL

Duvall, WA - Email me on Indeed: indeed.com/r/e98f9756a77fcba0

WORK EXPERIENCE

Senior Network Analyst

PUGET SOUND ENERGY - Bellevue, WA - 2009 to Present Pacific Northwest Gas & Electric Utility Company Principal architect of both the Cisco Unified Wireless Mobility and the Cisco Trust and Identity Management Solution Architectures at PSE Key Highlights: Initiated the integration of voice and data configuration on a single router at each remote location saving the company hundreds of thousands of dollars as Cisco IP Telephony technologies are rolled out to remote sites in the region. Introduced the Cisco IP Communicator (softphone) for use in the new multi-million dollar Bothell call center which saved PSE well over four hundred thousand dollars. I received an award for my involvement in this project. Cisco Wireless Mobility Architecture - Responsible for research & design as well as leading the enterprise wide implementation of Cisco's Unified Wireless Mobility Architecture according to Cisco validated design and best practice guidelines including; Unified Wireless Site Survey, Advanced Mobility Services, Advanced Wireless Security, Unified Wireless Voice, and a pseudo-OOB management network including Cisco Prime NCS management software to support the new integrated mobile wireless infrastructure. Cisco Trust and Identity Management Solution Architecture - Responsible for research & design as well as leading the enterprise wide implementation of the 802.1X framework according to Cisco validated design and best practice guidelines including; Cisco Secure ACS 4.2 & 5.2 policy servers, AAA framework, Cisco Wireless LAN Controllers, Cisco NAC Profilers, Collectors, and the Cisco NAC Guest Server. Cisco Security Control Framework - Ongoing process of continuous development to incrementally improve the security posture of both the wired and wireless infrastructure architectures to address current key threats and to identify, track and defend against new and evolving threats. Responsible for proposing and implementing the initiatives to improve total visibility and complete control including identify, monitor and correlate system wide events, harden devices, strengthen the infrastructure and enforce security policies.

Voice / Data Senior Network Engineer

Tailored Technology Solutions - Puyallup, WA - 2008 to 2010 IT solutions provider and consultancy firm Uncovered an additional revenue stream via the introduction of a new innovative business model using Cisco networking technologies. Proposed and coordinated the project to implement remote access and site-to-site VPNs for the T2Sigma program to support management of the geographically dispersed independent Allstate agent networks. Troubleshoot and resolve security and telephony related issues. Ensure the optimal performance and security of the voice and data networks. Key Highlights: Designed and implemented the company's voice and data infrastructure including Cisco WAN, VPN, and VoIP technologies.

 Upgraded Cisco routers with Advanced Integration Module (AIM-VPN/EPII-PLUS) for dedicated hardware cryptographic acceleration. Module supports scaling up to 1000 site-to-site IPSec VPN tunnels to T2Sigma customers. Upgraded Cisco routers to support Cisco Unified Communications Manager Express (CUCME) Facilitated routing between the hub & spoke networks using Cisco routers at each customer location. Completed Cisco remote access IPSec VPN including split tunnel and Xauth for administrative staff and developers' access to the Tailored Solutions network from anywhere in the US or Russia. Configured IPSec VPN network access control with PEAP protocols and CSACS 4.2. Configured Cisco IOS Zone-based Policy Firewall (screened subnet) to support e-commerce web development projects. Designed and implemented a multi-site distributed call-processing voice network from the ground up for the customer service call center and tech support engineers

Senior Network Engineer

Building Knowledge Networks - Mukilteo, WA - 2007 to 2010 Providing innovative building systems management for the 21st Century Helped facilitate the creation of a brand new business entity from an innovative idea to proof of concept working prototype, then helped BKN achieve 3 years of consecutive growth as well as position the company favorably for sale. BKN was acquired by Avista subsidiary, Advantage IQ in January 2011. Key Highlights: Proposed, designed, and implemented both the remote access and site-to-site VPN network infrastructures used by BKN engineers to access their proprietary building systems applications from around the country. Configured Cisco AAA framework and policy based access control for all device and network access using both RADIUS and TACACS and the Cisco Secure ACS 4.2 access control server. Configured Cisco IOS Zone-Based Policy Firewall (ZFW) to help protect customer web access and mission critical infrastructure services in a screened subnet (DMZ). Designed and configured redundant routed access infrastructure in the data center according to Cisco data center 2.0 validated design and best practice guidelines. Delivered cost savings by using Linux, Apache, MySQL, & PHP (LAMP) open source technology solutions to build the network monitoring / network management system.

Instructor / Network Engineer

STRATEGY COMPUTERS - Bellevue, WA - 2006 to 2010 The leading technical education and certification training company in the Puget Sound Responsible for teaching Microsoft MCSE series, Cisco associate and professional level certification curriculum including; CCNA, CCNA Voice, CCNA Security, CCNA Wireless, CCDA, CCNP, CCSP and the ISC2 CISSP exam preparation series. Designed and configured Cisco policy based access control framework to control, monitor, and archive all student access to the school lab equipment. Key Highlights: Played a pivotal role in helping boost revenues from Cisco certification training over 5000% by expanding the company's popular Cisco exam preparation series. Grew class sizes from 1 student in 6 months to approximately 12 students each month. Implemented 802.1X network access control to the student lab by re-designing and re-configuring the existing network infrastructure. Configured remote access control via RADIUS and device access control via TACACS + using Cisco Secure ACS 4.2 and 5.0 servers. Proposed and coordinated the purchase of new Cisco hardware to support the existing curriculum including (6) new L3 switches, (6) new L2 switches, (6) new Integrated Service Routers, (2) ASA 5510s (1) 2106 Wireless LAN Controller & Wireless Control System software and (2) Cisco Secure ACS 5.0 appliances.

 Designed and presented the solution to replace a single PIX firewall with redundant ASA 5510s configured with multiple virtual contexts to support Active/Active failover for the NOAA Fisheries Service's NWFSC Montlake Research Center.

Senior Network Engineer

SATCOM SYSTEMS INC - Sandpoint, ID - 2002 to 2004 Key Highlights: Designed and deployed much of Satcom's wireless Internet service including 2.4 GHz client access, 5 GHz Motorola Canopy Backhaul, and public access wireless hotspots throughout the downtown Sandpoint area. Built and configured server farm using VMWare and Linux to host required network services including DNS, web, e-mail, and network monitoring and management services. Continued to contract with Satcom after moving to Seattle to help maintain their network for several years up through 2009 when the company was sold. Authored the original code that facilitated some of the earliest pre-paid and pay-as-you-go public wireless hotspots providing a new unattended revenue center. (google john kiehnle & RADIUS)

Network Engineer
APPLIED RESEARCH, INC - Spokane, WA - 1993 to 2000 Conceived the vision, started the company and grew the business, positioning the company favorably for sale. Company was acquired in July 2000 by Wind Wireless, Eastern Washington's largest wireless Internet Service Provider.

EDUCATION

Bachelors in Business Administration

Gonzaga University - Spokane, WA

ADDITIONAL INFORMATION Areas of expertise include: Cisco Unified Wireless Mobility Architecture Cisco Self-Defending Network Architecture - SecureX Cisco Security Control Framework - Validated SAFE Design Cisco Trust & Identity Management Solution Architecture - TrustSec