Upgrade Post project
Profileimage by Kevin Liere 100%-Remote Network Engineer | Extreme Networks | Watchguard | OPNsense | PfSense from FortLauderdale

Kevin Liere

Fort Lauderdale
available

Last update: 21.01.2024

100%-Remote Network Engineer | Extreme Networks | Watchguard | OPNsense | PfSense

Company: Abroadpeer LLC
Graduation: Apprenticeship IT Specialist System Integration (Final grade: 1,3)
Hourly-/Daily rates: show
Languages: German (Native or Bilingual) | English (Full Professional) | Spanish (Elementary)

Keywords

Attachments

CV-January-2024-Kevin-Liere-DE_210124.docx
CV-January-2024-Kevin-Liere-DE_210124.pdf
CV-January-2024-Kevin-Liere-EN_210124.docx
CV-January-2024-Kevin-Liere-EN_210124.pdf

Skills

IT-Skills – Networkadministration
LAN / WLAN / WAN
Extreme Networks (EXOS)
  • Complete migration of any existing network infrastructure to Extreme Networks
    (redesign, consulting, conceptual design, architecture, documentation and practical implementation)
  • Switches (X440-G2/X450-G2/X460-G2 / aggregations/core switches X620, X670-G2, X690)
  • XMC/Netsight/Extreme Management Center (updates/upgrades and automated backup of switch configurations)
  • EXOS patching (firmware patch management/backups)
  • ExtremeCloud IQ APs (AP510C/CX, AP305C/CX)
  • ExtremeCloud IQ Private PSK – PPSK
    (Cloud Config Groups (CCG) / User-Profiles (UP) / User-Groups (UG) /
    Classification Rules (CLASSRULES) / Assignment Rules (ASSIGNRULES)
  • ExtremeCloud IQ WPA-2/3-Personal
  • ExtremeCloud IQ Captive Portal (Guest WLAN)
  • OOB (Out-of-Band)-Management
  • ACL (Access-Control-List) – OSI-Layer2/3 Security
  • Certificate handling – SSH (Private-/Public-Key)
  • ExtremeXOS License Management
HPE / Aruba
  • Switches (1910/1920, 2530/2540/2930F, CX6100/6200/6300)
  • WLAN APs (Aruba AP 505)
  • Aruba AirWave
Bintec Elmeg
  • WLAN APs (W2022ac, W2022ac-ext, W2022ax, W2044ax)
  • WLAN Management Controller – Router (RS123, RS123w, RS353a, RS353aw, RS123w-4G)
Ubiquiti
  • UniFi AP's (AP AC HD, AP AC PRO)
  • UniFi Network Controller Windows Server
  • Captive Portal (Guest network)
Zyxel Networks
  • Nebula Cloud (myZyxel)
  • Switches (GS1900-24, GS1920-24v2)
  • Router (NSG50, USG FLEX 50)
TCP/IP – OSI-Layer
Protocols
  • IPv4 / DHCP (+Snooping) / DNS / NTP / RSTP / LACP / LAG / SSH / VLAN /
    (T)FTP / (S)FTP / SNMPv3 / HTTP / HTTPS / POP3 / SMTP / IMAP / NAT /
    VRRP / MLAG / non-ethernet Stacking / LLDP / CAPWAP / STP / ELRP /
    SMBv1-v3 / SSDP / LLMNR / BROWSER / NBNS / WPAD / mDNS
Hardware
Cable management and OSI layer1
  • Transceiver / GBICs / DAC (SFP / SFP+ / SFP28 / QSFP+ / QSFP28)
  • OM4 / OS2 fiber optics (Shortrange (SR) / Longrange (LR))
Monitoring
Network tools
  • CheckMK (Open Source – Nagios Core Fork)
  • PRTG Network Monitor
  • Datadog
Security
Firewall Watchguard
  • Static/Dynamic-NAT / Firewall Policy Rules / Port Forwarding / Multi-WAN /
    Firecluster / LAGG / LACP dynamic/static / DynDNS / Static Routing
  • Watchguard Logserver
  • Watchguard Server Center
  • Watchguard System Manager
  • Firewalls (M370, M470, M670, M690 +Legacy XTM models)
  • Watchguard SSL-VPN Client
  • Mobile VPN (Route-All/Split-Tunneling OpenVPN SSL-Client-to-Site VPN)
  • Branch Office VPN (IPSec Site-to-Site VPN IKEv1 and IKEv2)
  • Access / User-Management
Firewall OPNsense / PfSense
  • Static/Dynamic-NAT / Firewall Policy Rules / Port Forwarding / Multi-WAN /
    Link-Aggregation / LACP dynamic/static / DynDNS (DDNS) / BIND / DNSCrypt /
    Traffic Shaping / Dnsmasq DNS / Unbound DNS / Static Routing
  • Access / User-Management
  • Local certificate authority (CA-Trust)
  • HA-Cluster (CARP / pfSync / XMLRPC sync)
  • Deciso: OPNcentral
  • GitHub and GitLab Git – Configuration traceability
  • Captive Portal (Guest VLAN network)
  • Mobile VPN (Route-All/Split-Tunneling OpenVPN SSL-Client-to-Site VPN)
  • Branch Office VPN (IPSec Site-to-Site VPN IKEv1 and IKEv2)
Microsoft
Windows
  • Windows Server (2012 R2 / 2016 / 2019)
  • Exchange Server 2013
  • Exchange Online
  • Pleasant Password Server (KeePass rollout / Authorization concepts)
  • 1Password Password Manager
  • LAPS (Local Administrator Password Solution)
  • IIS Hardening (HTTP Response Headers / Session Cookies / HTTPS Redirect / IISCrypto)
  • Fine-Grained Password Policy via PSO (Objects) inside Password Settings Containers (PSC)
  • On-Prem AD FS Single-Sign-On (SSO) for Orginio as Relying Party Trust via SAML (Organigram)
  • Microsoft (IPAM) IP Address Management
  • PDQ Deploy / Matrix42 Deployment
  • AD DS / LDAP / DC / GPO's
IT Service Management
(ITSM) Tools
  • Atlassian-Confluence / MS Planner / Asana
  • Atlassian-JIRA / Freshservice / osTicket / BMC Remedy / Cherwell / OTRS
  • Teams / Outlook / Excel / Thunderbird / Slack / Innovaphone
  • MS Visio / Diagrams.net / Miro
  • Portable PuTTY / Pageant / Wireshark / Nmap
Digital Signage
CMS
  • Scala Enterprise Content Manager
  • ZetaDisplay Engage+

Project history

08/2023 - 02/2024
Nordland Systems GmbH - Ensuring web display troubleshooting in Cittadino branches
Nordland Systems GmbH (Internet and Information Technology, 10-50 employees)
  • 100% remote 1st-3rd level support administration of Cittadino's 1000+ digital signage advertising displays in over 150+ locations
     
  • Troubleshooting and network analysis of the Zyxel Nebula Cloud infrastructure as well as management and documentation of the switch and router configuration
10/2022 - 03/2023
Fielmann AG - Ensuring web display troubleshooting in Fielmann branches
Fielmann AG (Consumer goods and retail, >10.000 employees)
  • 100%-Remote performed testing and troubleshooting of digital signage 
    (web display) incident reports in over 700 branch offices using
    Aruba AirWave network analytics in 3rd-Lvl support
     
  • Coordination of service providers and in a leading role mainly responsible
    for the coordinated troubleshooting of mass faults
     
  • Support contact for the rollout of the new Engage+ software
    to 700+ sites distributed across Europe
05/2022 - 07/2022
Chal-Tec Fulfillment GmbH - Network migration and hands-on implementation
Chal-Tec Fulfillment GmbH (Internet and Information Technology, 50-250 employees)
  • 100%-remote performed network migration from a network based on D-Link and STP
    without VLANs, to a network based on Watchguard M670 fireclusters,
    Extreme Networks X690 core, X670 aggregation and 40+ X450/X460-G2
    access switches with VLANs, VRRP and MLAG without noticeable interruptions (<30 minutes)
     
  • Planning, documentation and project management with Asana, MS Teams,
    MS OneDrive Cloud Storage and Draw.io/diagrams.net
11/2021 - 02/2022
Berlin Brands Group - Network redesign, IT procurement and hands-on implementation
Berlin Brands Group (Internet and Information Technology, 1000-5000 employees)
  • 100%-remote performed complete network redesign, IT procurement and hands-on implementation
    of two warehouse network infrastructures using Watchguard M670 Firecluster,
    Extreme Networks X690 Core, X670 Aggregation and 50+ X450-G2 Access switches
     
  • Planning and project management with Asana, MS Teams and MS Outlook
07/2019 - 11/2021
Berlin Brands Group - Network redesigns
Berlin Brands Group (Internet and Information Technology, 1000-5000 employees)
  • Sole project responsibility for network redesigns of all 10+ sites and rollout of split-tunneling OpenVPN
    to achieve remote work within 2 weeks due to COVID-19 pandemic.
     
  • Configuration of the ExtremeCloud IQ instance for 70+ access points and the necessary config templates via provisioning.
06/2019 - 07/2019
DKB Service GmbH - Connecting hardware and network documentation
DKB Service GmbH (Banks and financial services, 1000-5000 employees)
  • Connecting hardware and network documentation of two data centers
06/2017 - 06/2019
Chal-Tec GmbH - IT design, budget planning, procurement
Chal-Tec GmbH (Internet and Information Technology, 500-1000 employees)
  • Sole project responsibility for IT design, budget planning, procurement and subsequent system connectivity, documentation
    and administration of 6+ sites (offices, warehouses, data centers) in Germany, Slovakia and China using 20+ Watchguard Firewalls
    and 100+ Extreme Networks switches for 800+ employees.
     
  • Implemented VLANs and link aggregation LACP bonds in the warehouse based on
    HP 1920 and HPE 2540 switch hardware resulting in over 90% reduction in incident-tickets
09/2014 - 06/2017
Deutsche Telekom AG - Corporate operation: 2nd Lvl APS-Helpdesk
Deutsche Telekom AG (T-Systems Workplace Services) (Internet and Information Technology, >10.000 employees)
  • Captive Portal (WLAN guest) conceptual design and rollout of the OPNsense firewall appliance
    for the replacement of the EoL M0n0wall appliance
04/2016 - 05/2016
Deutsche Telekom AG - Language travel: 1st Lvl WLAN Helpdesk
Sosmatic S.L. (Telecommunications, 10-50 employees)
  • Technical customer support for WiFi malfunctions in public places for all devices
    and operating systems (Android / Apple / Linux)
     
  • Resolving internal faults via e-mail and telephone
     
  • Multicultural/multilingual work environment

Certifications

„DEKRA IT-Spezialist Profil IT Administrator“
DEKRA Certification GmbH
2017
Exam Pass „Implementing Cisco IP Routing (ROUTE)“
Cisco
2017
„(ESC) / Unternehmerführerschein (UF) Modul UP“
InnoCert Deutschland GmbH
2016
„telc English B2 University (Council of Europe level B2)“
telc GmbH - The European Language Certificates
2016
„Working in Europe (WIE)“
European Commission
2016
„Cisco Certified Network Associate Routing & Switching (CCNA)“
Cisco
2016

Local Availability

Only available for remote work
• Available from Monday - Sunday (At any time of the day or night). (Even at short notice in case of emergencies).
• More than 8 hours of work per day is also perfectly fine if certain deadlines must be met.
• No willingness to travel available (Only Full-Remote).
In 2024, I think, initial training periods needed for any kind of IT support, 
CLI/SSH configurations on the network or, for example, web configurations on the firewall
must also work fully remotely thanks to VPN.

Other

• Mailo professional liability insurance available.
• Invoicing is done by my US company "Abroadpeer LLC".
• Bank transfers are also possible via any other currency by arrangement.

Recommendations

Fielmann AG
Operations Manager - Digital Products (Marek Hausmann)
"Meinerseits die besten Empfehlungen für die Zusammenarbeit mit Kevin.
Sowohl fachlich als auch persönlich ist Kevin sofort Teil des Teams geworden. Vertraut und Proaktiv konnten wir so die komplexeste Phase unserer Digital-Signage Transformation bewältigen. Kevin hat durch seine Expertise aus den Bereichen Netzwerk/Firewall, Systemadministration und Support exakt unsere Lücke gefüllt.
Vielen Dank und beste Wünsche für die weiteren Projekte."
Chal-Tec Fulfillment GmbH
IT-Operations (Tobi & Dominik)
"Die Zusammenarbeit mit Kevin verlief auf einem sehr angenehmen und professionellen Niveau. Wir haben uns gut beraten gefühlt und alle Ziele an das Projekt wurden allesamt zu unserer Zufriedenheit erfüllt. Trotz eines straffen Zeitplanes konnten alle Anforderungen aufgrund seiner Flexibilität erfolgreich umsetzt werden.

Auch zu Nachfragen gab es immer eine schnelle professionelle Rückmeldung. Eine weitere Zusammenarbeit können wir uns definitiv vorstellen."
Berlin Brands Group
Head of IT-Operations (Manu)
"Kevin verfügt über ein hervorragendes und auch in Randbereichen sehr tiefgehendes Fachwissen,
welches er in unser Unternehmen stets in höchst gewinnbringender Weise einbrachte. Besonders hervorzuheben
sind seine durchweg sehr guten IT-Kenntnisse, insbesondere im Erarbeiten
von Problemlösungen und deren Implementierung, im Überwachen und Pflegen der Systeme.
Kevin ist in ganz besonders hohem Maße zuverlässig."
Profileimage by Kevin Liere 100%-Remote Network Engineer | Extreme Networks | Watchguard | OPNsense | PfSense from FortLauderdale 100%-Remote Network Engineer | Extreme Networks | Watchguard | OPNsense | PfSense
Register