AngelMedina

SENIOR NETWORK ENGINEER  ·  SECURITY  ·  AUTOMATION

summary.amedina.net — ssh angel@10.0.0.1
CompTIA A+ Network+ Security+ CIOS CSIS CCNA AWS CCP CCNP ENCOR CCNP ENARSI
view experience → ↓ resume LinkedIn GitHub
show status
experience calculating...
network scale multisite / 14,000 users
certifications CCNA / Sec+ / AWS CCP
automation Python / Netmiko / APIs
monitoring SolarWinds / 7Signal / CCC
ticket resolution #1 dept / top 5 university
ENCOR exam Apr 18, 2026

CAREER

Experience

Senior Network Engineer Pace University Sep 2025 – Present
  • Leading enterprise infrastructure modernization, replacing legacy Catalyst 2960X/S with standardized 9300 stacks, validating golden images, and executing minimal-downtime migrations
  • Primary escalation point for outages, conducting root-cause analysis and driving long-term stability improvements
  • Assisting with Cisco ACI operations including APIC upgrades, controller lifecycle tasks, fabric discovery via LLDP, and multi-pod connectivity validation
  • Producing Visio documentation for physical rack layouts, L2/L3 topology, WAN interconnects, and site-to-site connectivity to support audits and troubleshooting
  • Performing advanced wireless optimization using 7Signal and AirMagnet, identifying RF gaps and improving coverage across high-density buildings
Catalyst 9300/9400/9500 Cisco ACI / APIC Firepower FTD/FMC AirMagnet / 7Signal Microsoft Visio Root Cause Analysis
Network Engineer Pace University Apr 2023 – Aug 2025
  • Managed network infrastructure for 14,000+ students across 3 campuses: 9800 WLCs, 1,835 APs, 260 switch stacks (~1,000 switches), Cisco ISE/802.1X, Firepower 9000, and Catalyst Center
  • Led multi-campus AP refresh replacing legacy 2602/2702 models with 9120/9130/9164/9166 across all sites
  • Developed Python/Netmiko automation reducing deployment time by 70%+, including bulk compliance checks, AAA standardization, config backups, and Jinja2-templated switch deployments
  • Built production Python scripts querying the Cisco Catalyst Center API for device inventory, user data, and compliance reporting across all campuses
  • Designed VLAN configurations in collaboration with departments to meet business needs and security policies
  • Presented network performance, security, and availability reports to senior leadership with actionable recommendations
Cisco 9800 WLC ISE / 802.1X Firepower 9000 Catalyst Center OSPF / BGP / VRF Python / Netmiko Jinja2 Templates CoPP / SISF
Technical Support Specialist Pace University Sep 2022 – Mar 2023
  • Ranked #1 in ticket resolution across Westchester and Haub Law campuses
  • Participated in on-site client meetings to analyze and diagnose hardware and software issues, delivering expert troubleshooting and effective solutions
  • Collaborated with management to create disk images for Windows and Mac, implement security initiatives, establish departmental workflows, and manage projects
  • Provided ongoing monitoring and support for classrooms and labs using Active Directory, Group Policy, and SCCM
SCCM JAMF Active Directory Group Policy Technical Docs
Desktop Support Specialist Pace University Oct 2021 – Aug 2022
  • Provided advanced technical support for administrative and academic users covering hardware, software, and peripherals both in-person and remotely
  • Partnered with Help Desk and IT staff to diagnose and resolve client problems using a collaborative approach
  • Deployed new desktops and laptops with focus on data integrity, security compliance, and proper asset management
  • Meticulously documented all technical support procedures and maintained accurate customer records
Hardware Troubleshooting Asset Management Active Directory Documentation

WORK

Projects & Labs

bash — lab-environment
</>
Network Automation Scripts

Python/Netmiko scripts for enterprise switch compliance checks, TACACS server updates, and Catalyst Center API queries. Deployed in production across 1,000+ switches.

● production / github
Device Lookup Tool

Internal web app built on the Cisco Catalyst Center API. IT staff and helpdesk can look up any device by MAC address or IP to retrieve user info, connected switch, port, and location replacing manual CLI lookups across 1,000+ switches.

● complete / pending deployment
ENCOR CML Topology

Multi-domain CML lab covering all ENCOR domains: OSPF multi-area, EIGRP (named mode), BGP (iBGP/eBGP, route reflectors, confederations), SDA, NETCONF/RESTCONF, and EEM automation.

● active / CML
EVE-NG Labs

Supplemental ENCOR lab environment in EVE-NG covering SD-WAN, SDA fabric design, QoS, and multicast requiring additional vendor images beyond CML's default library.

● active / EVE-NG

TECHNICAL

Skills & Tools

Routing & Switching
  • OSPF (multi-area, redistribution)
  • BGP (iBGP/eBGP, RR, confederations)
  • EIGRP (named mode, UCMP)
  • VLAN, VRF, STP, HSRP
  • PBR, QoS (lab)
  • Catalyst 9000 series
Wireless
  • Cisco 9800 / 8510 WLC
  • FlexConnect / Local Mode
  • AP series 9120/9130/9164/9166
  • Site surveys (NetScout AirCheck G2)
  • 7Signal sensors and agent monitoring
  • AirMagnet / RF optimization
Security
  • Cisco ISE (802.1X, MAB, TACACS+)
  • Firepower FTD / FMC
  • CoPP / SISF / TrustSec
  • Cisco ACI / APIC
  • Duo MFA with AnyConnect VPN
Automation & Dev
  • Python / Netmiko
  • Jinja2 templates
  • NETCONF / RESTCONF
  • Cisco Catalyst Center API
  • EEM / Guestshell
Management
  • Cisco Catalyst Center (CCC)
  • SolarWinds
  • Cisco Prime
  • Wireshark / Nmap
  • SCCM / JAMF / Active Directory
Labs & Study
  • Cisco Modeling Labs (CML)
  • EVE-NG
  • INE Premium / Skill Dive
  • Boson NetSim
  • GNS3
// CERTIFICATIONS — click to verify
CompTIA A+ ce NOV 2020 · exp Oct 2026
CompTIA Network+ ce NOV 2022 · exp Oct 2026
CompTIA Security+ ce OCT 2023 · exp Oct 2026
CompTIA IT Operations Specialist (CIOS) Stackable NOV 2022 · exp Oct 2026
CompTIA Secure Infrastructure Specialist (CSIS) Stackable OCT 2023 · exp Oct 2026
Cisco CCNA JUN 2023 · exp Jun 2026
AWS Certified Cloud Practitioner AUG 2025 · exp Aug 2028
Cisco CCNP ENCOR 350-401 scheduled Apr 18, 2026 SCHEDULED
Cisco CCNP ENARSI 300-410 target Jun 2026 IN PROGRESS

EDUCATION

Academic Background

M.S. Cybersecurity
Pace University - Seidenberg School
December 2023
B.S. Information Technology
Pace University - Seidenberg School
May 2022
A.S. Cybersecurity
SUNY Westchester Community College
2020

WRITEUPS

Blog & Notes

TROUBLESHOOTING
Diagnosing SISF CPU Spikes on Catalyst 9200L After CCC Provisioning

After provisioning Catalyst 9200L switches through Cisco Catalyst Center, we started seeing CPU hit 100% driven by the SISF-switcher process. The switches became sluggish and management was intermittently unreachable. These were among the only 9200L models in our environment, so it took a while to isolate.

Root cause: the default device-tracking policy was tracking every host it saw on every port — including AP trunk ports carrying broadcast traffic from hundreds of wireless clients and the uplink. The switch was trying to create binding table entries for everything, which hammered the SISF-switcher process.

Fix: created a new DT trunk policy with device-tracking policy DT_TRUNK_POLICY / device-role switch, applied it to all trunk/uplink interfaces. Also disabled IPv6 tracking across all DT policies since we don't run IPv6. CPU dropped immediately back to normal. Deployed the fix as a Day-N CLI template in CCC so all future 9200L provisioning gets it automatically.

APR 2024 · CATALYST 9200L · SISF · CCC DAY-N TEMPLATE
AUTOMATION
Building a Network Device Lookup Tool with the Catalyst Center API

Helpdesk tickets often come in with just an IP address or MAC and no other context. To speed up resolution, I built an internal web app using the Cisco Catalyst Center API that lets anyone on the IT team look up a device instantly — enter an IP or MAC and get back the connected switch, port, VLAN, device type, and user info. No CLI access required, no waiting on the network team for basic lookups. Built with Python on the backend querying the CCC REST API, with a simple web frontend anyone can use. Pending internal deployment.

2024 · CATALYST CENTER API · PYTHON · INTERNAL TOOLING
AUTOMATION
Standardizing 215 Switch Stacks with Netmiko — Security, STP, and VLAN Cleanup

Over time, network configs drift. VLANs get created and forgotten, security settings go stale, and STP best practices get skipped during rushed deployments. I wrote a Python/Netmiko script to audit and remediate over 215 switch stacks across our three campuses in one push.

Changes deployed: updated passwords and encryption to meet current security standards, removed legacy weak hashing, enabled login banners and hardened VTY lines. For STP, enabled Rapid PVST+, configured Root Guard on all downlinks, and enabled BPDU Guard on access ports. For VLANs, pruned all unnecessary VLANs from trunk uplinks — both legacy networks that no longer existed and new VLANs that had no presence on those switches.

What would have taken weeks manually was done in hours. The same script now runs as part of our standard switch onboarding process.

2024 · PYTHON · NETMIKO · STP · VLAN CLEANUP · 215 STACKS

GET IN TOUCH

Contact

Open to conversations about network engineering, enterprise security, or career opportunities. Drop a message or connect directly.

Message sent. I'll get back to you soon.
LinkedIn linkedin.com/in/angel-medina-us GitHub github.com/amedinaus Email angel.medina.us@gmail.com