OBJECTIVE:

To obtain a challenging position and to expand my experiences in the fields of LAN, WAN, Wireless, VoIP, Storage Area Networks (SANs), Network Security, and customer support services.

SUMMARY:

• Highly skilled professional dedicated to optimizing efficiencies through continuous process improvement and automation. Over 20 years’ experience planning, designing, implementing and operating Information Technology solutions. Proven success building team environments and fostering open communication with peers, employees and vendors.
• ITIL: Reorganized service support structure. Implemented Incident Management, Problem Management and Change Management processes. Focused on holistic Service Design. Improved IT department morale, eliminated “Fire Fighting” and created a culture of controlled operations. Standardized internal customer communications. Eliminated combative relationships with internal customers. Implemented improved ticket tracking system.
• Network: Managed WAN MPLS transition to Confidential & Confidential, Level 3 Communications dual ISP, with internet security as a vendor managed service. Upgraded enterprise network equipment. Implemented Cisco Nexus Data Center Switches, and ASA55xx Next Generation of firewalls.
• Virtualization: Designed and implemented upgrade to VMWare ESXi and iSCSI EqualLogic SAN. Fiber Channel EMC eVNX and HP 3Par SAN. Improved capacity, performance, and DR capabilities. Implemented VMWare solutions including vCenter, VCOPS, and Veeam backup/restore. Managed physical server consolidation into virtual environment.
• Cloud: Utilized Amazon AWS and Rackspace cloud infrastructure to provide services to China and US. Developed Open Source Linux solutions. Managed corporate website infrastructure. Configured Amazon AWS environment and security. Developed global file synchronization process.
• Routing Protocols: RIP, RIP II, IGRP, EIGRP, BGP, IGP, OSPF
• Cisco IOS: NX - OS 10.x-13.x different models of hardware for (Switches, Routers, PIX Firewall, VoIP, and VPN)
• Cisco VoIP (Call Manager, Unity, IPCC version 5.x/6.x/7.x/8.x).
• Cisco Wireless (Cisco 4400/5500 series, Wireless LAN Controllers (WLC), and wireless intrusion prevention system (IPS) with Cisco Control System (WCS)), And Cisco Meraki Cloud based solution.
• Firewalls (Cisco ASA 55xx, Checkpoint IP282/295/395, Juniper J2320/J2350/SA700/SA1000/IDP250) management.
• Network Management Software: Computer Associates (Spectrum, eHealth, NetIQ), Nagios, HP OpenView Network Node Manager, Network General Distributed Sniffer Systems, CiscoWorks/Prime.

PROFESSIONAL EXPERIENCE:

Confidential, Irvine, CA

Responsibilities:

• Upgraded and converted legacy Cisco Core/Access layer (C6500/3500/C3750/2960) switches with Juniper EX8200/6200 / EX4500/EX4200 for campus core, MDF/IDF, and aggregation layers Per Confidential business requirements.
• Replaced and upgraded from legacy Cisco ASA5520 firewalls to new Juniper SRX5400 as HA-Pair and Failover as Security Gateway, IPS, AppFirewall, SSL Proxy, and UTM Per Confidential business requirements.
• Managed, upgraded multiple Juniper WLC wireless controllers, WLANS, RingMaster servers, WLA 522/532/632 (wireless access points) and supported the main campus and remote medical facilities wireless infrastructure for Confidential .
• Optimized, and monitored up to Juniper 700 WAP 2.4/5GHz channels, and legacy 802.11a/b/g/n networks, including the VoIP services for Confidential Medical facilities with Ring Master Juniper Monitoring software. Captured real time traffic, rogue access points, probe attacks, configured reports, and notification alarms for the service desk ticketing system.
• Applied Confidential security standard for network access control NAC by configuring and managing remote access for the VPN, and mobile end device users via AirWatch.
• Configured and supported AirWatch MDM server, secure content locker to different mobile PKI devices, compliance policies, (win-surface-tables, iPads), and updated user profiles. iOS certs, for role based access to various EMR/Pharm and App access.
• Configured new SNMP monitoring tool NAGIOS-XI the enterprise version for systems (VmWare-vSphere, Microsoft,, servers, other IP based services, and integrated with the service desk BMC Remedy app.
• Applied Confidential security practices for end user logging, authentication and authorization forms and templates.
• Developed a global network (LAN/WAN) topology for entire enterprise environment which included U.S.A, Canada, Australia, APAC, South America.
• Upgraded and supported legacy Cat6500/4500 switches with Nexus 7K/5K/3K for the Core Network segments (MDF-IDF).
• Implemented and upgraded Perimeter and Edge Infrastructure Network nodes in the Data Center and MetroE point to point Link.
• Upgraded Cisco VoIP from ver7.x to 8.x with Cisco Call Manager and Unity (Publisher and Subscriber), UCX, Paging Server, and Voice Gateway VG320, and SPA8000 telephony gateways.
• Configured multiple templates, files for SCCP/SIP phones (79xxG), calling search space, partitions, and device pool groups and associated local route groups for auto registration within CCM.
• Consolidated and created new dial plans with sites templates with each Voice Gateway, the Communication Manager for centralized deployment (CAC) call admission control from multi sites to the centralized site for calls to and from remote sites.
• Integrated Cisco Unity with Unified Communications Manager (SCCP) modified the configurations and supported the Unity voice messaging ports for dialing out, WMI, and messaging system for both the publisher and subscriber.
• Designed and applied a new call searching space, call flow center through Cisco UCX version 9.x for Customer Support Services and Sales departments.
• Troubleshoot and improved the QoS for VoIP and reduced the latency, echoes, and jitters on the MPLS transmission circuits by applying packet classification, marking and prioritizing by applying different IP precedence and DSCP values.
• Proposed and presented new Global VoIP solution for North America, APAC, Australia, Hawaii, and Europe for 7x24x365 as primary and secondary call center for customer support services and merchandizing business requirements.
• Worked with different Telecom Carriers and substituted old PSTN and PRI lines for SIP trunks in multiple locations to the data center with IP MPLS VPN cloud and resulted an annual of $750K in cost savings.
• Updated CCM route lists, route patterns, hunt groups, attendant console for local and global directory,
• Maintained, configured and supported multisite CME Call Manager Express VoIP Gateways C2800, and C2900 routers
• Provisioned SRST fallback mode for all remote sites ephones through the CME Call Manager Express Gateways
• Consolidated POTS lines, DIDs, Confidential & Confidential Business Direct BMIS Internet circuits for Branch and Retail offices in various locations locally and globally.
• Implemented new Cisco Meraki cloud based wireless access points (MR32/MR34) all over U.S.A in the Corp office, remote branches, and all retail stores.
• Implemented and supported MPLS- Internet failover through IPSec VPN tunnel with Meraki MX-64 and MX-100 between the Corp Office to Data Center, and the all retail stores in North America.
• Monitored and ensured adherence to company standards, SLAs, objectives and security procedures for network access logins, OS patching, remote logins through Secure VPN client basses.
• Implemented and configured SNMP monitoring and reporting (Cisco Prime) for all Cisco IP based nodes.
• Rolled out new ticketing system “Service Now” for the service desk and PMO office to track daily end user requests and quarterly IT and Business requirement projects.
• Created status reports for security and bandwidth capabilities for the entire infrastructure, and provided recommendations for high and medium risk issue resolutions.
• Provided on line documentation (CMDB), and resolved service desk issues with level-1, level-2 NOC.

Confidential, Santa ANA, CA

NETWORK ARCHITECTURE ENGINEER

Responsibilities:

• Managed multiple vendors (ISP/VAR/Data Center) for Colo-Data Center Migration and Managed Services.
• Guided several project team members from application developers, QA, hardware-software vendors to meet the business requirement needs, company security policies, and timeliness for completion of various projects within IT budget limits.
• Documented and validated the (SOW) Statement of Work Order, BOM (Bill of Materials) to include the entire necessary design requirement for the new disaster recovery data center.
• Planned and created new IP Addressing plan for the new Layer2/Layer3 infrastructure design, configuration and implementation planning phases.
• Consolidated, and optimized new data center switches with Cisco Nexus 7k/5k/3k NX-OS by connecting VMs server farms and segmenting form the SAN LAN
• Managed and implemented WAN (multiple-ISPs) from branch offices to centralized data center for MPLS/OSPF/BGP and VPN for failover redundancy.
• Implemented new wireless solution with site surveys for the Corp Site, and Remote Offices with Cisco and for Mass360 MDM.
• Provisioned, configured, and supported Cisco WLC 5520 wireless link controllers for Cisco Access Points AP 1600/2700/3600 , (802.11a/b/g/n/ac/u/w, AP with Encryption WEP/AES with IEEE 802.1X AAA), WiFi receivers by mapping out Corp/Remote office floor plans.
• Configured and managed Cisco Prime for Wireless LAN Controllers (WLC), Cisco access point devices for client monitoring and generated utilization stream metrics reports, alarms, and email notification.
• Assessed network capacity and planning for single point of failures, built and migrated old generation of ASA5510 to ASA5585X with SSP-20 redundant firewalls, transferred, migrated and applied the old NAT-ACL-VPN rules from old ver.8.2 to ver.9.1, that included C3850 (App-DMZ Zones), and redundant links for HA.
• Implemented Cisco IPS (Intrusion Prevention Systems) between the Corp and Branch offices WAN router interfaces for data inspection and to protect internet attacks, DDoS (denial of service attack), and IP App Services.
• Managed and configured Citrix NetScaler Load Balancer with high availability for SQL and web application load balancing, and secure remote access gateway for SSL VPN.

Confidential, Orange, CA

Infrastructure IT Manager

Responsibilities:

• Managed several Clients (St. Jude Hospital, St. Joseph, and CHOC) projects simultaneously with different vendors, VARS within the clients groups and stayed within the IT budget, planning phases of the project life cycle and timelines.
• Developed SOW/RFP for the Corporate and received different bids for the Cisco VoIP/MPLS rollout project.
• Developed site surveys which included circuit provisioning, cabling, facilities assignment, as well as maintenance and management of Network Operations center and Collocation Center.
• Designed, and migrated old legacy AVAYA and NEC PBX systems to new Cisco UCS200 phone system.
• Managed and implemented Cisco VoIP UCS/CCM/Unity ver 8.6/ IP Fax for site to site over MPLS/QoS network.
• Provided technical analysis for Cisco network systems, LAN/WAN communications, network nodes, switches, and various transmission systems.
• Configured and managed Cisco Prime for Wireless LAN Controllers (WLC), AP(s), user accounts management, rogue devices, alarms-email SMTP notifications, monitored end point devices and generated utilization reports.
• Implemented and managed IP-Camera surveillance systems for the corporate office and remote locations.
• Performed end-to-end trouble isolation and repair on physical layer services, including directing internal and third-party resources in the testing and repair of circuits.
• Maintained accurate logs of trouble isolation for SIP Trunks, repair efforts and escalated/communicated issues to management and LECs/ISPs/Account teams as needed.
• Provided end user, multi-tiered operational issues, IT-Support 7x24x356 operations support environment for multiple sites and live auctions.
• Installed and configured Cisco IP phones for remote offices and centrally managed all MPLS connectivity issues, and VPN network policies through Cisco ASA5510.
• Applied new network secure policies, conducted analysis and prepared LAN/WAN and WEBSENSE (web content filtering) reports.
• Managed and improved the response time by implementing and managing the failover (F5 BIG-IP 3600/3900/6900 ) WebAccelerators for .NET-ASP web based application, MS-Sharepoint and fast access to applications and IT resources
• Applied host based encryption for remote and local clients directed for enterprise application access with PGP/SSL/IPSec/AES and Disk encryption software tools.
• Implemented and supported NetApp-iSCSI SAN with Cisco 3750 switches for Ms-SQL/WebSersers/Exchange) clustered nodes, multiple volumes, shared data, and resource groups for 24/7 daily backups in server farm environment support.
• Developed technical standards and network documentation associated to SOP (Standard operating procedures), SOX (Sarbanes-Oxley), and Confidential for the IT daily processes and operations.

Confidential, Torrance, CA

Sr. Systems Analyst

Responsibilities:

• Supported NOC environment 7x24 and on call rotation with SLAs.
• Supported multiple accounts as part of the west coast team such as Washington Mutual Bank, Pacific Health Care, Toyota Financial Services, NIG, and Honeywell.
• Upgraded and supported Ms-Win2k to Ms-Win2k3/2k8 with different DHCP scopes and DNS multiple zones.
• Administrated and monitored online disk backups, volume storage, data growth and data retention with NetBackup Storage Migrator Ver-4.5 and Vertitas NetBackup in UNIX Solaris environments.
• Deployed and supported VMWare 2.x/3.x servers with Red Hat Linux servers including creation (Perl and C) shell scripting to cover system admin tasks to perform routine database administration such as backups, achieving, system patching and application upgrades.
• Administrated, configured, and supported centralized policies for backups with SAN (EMC) storage units to Win2k/VmWare clustered nodes for multiple volumes, shared data, and resource groups with Cisco MDS 9500 Multilayer Directors and NX-OS software fiber channel switches to EMC storage units
• Implemented and supported Cisco 9100 MDS Fiber Channel Blade Switch for Confidential BladeCenter and HP Blade System for internal connections to the servers and external connections to SAN.
• Administrated and supported EMC (Disk Library 3000,CLARiion CX-3/CX-4 series with Navisphere Management, Powerpath and SnapView. Centera Compliance Edition Plus with Centera Backup and recovery module. Symmetrix DMX-4 with SRDF software), centralized policies for backups with SAN (EMC) storage units to Win2k-SQL clustered nodes for multiple volumes, shared data, and resource groups with Fiber Channel integrated for 24/7 daily backups and recovery in Win2kX server farm support.Migrated web based financial applications from Confidential SAN/Shark platform and connected to EMC Symmetrix, PowerPath, and Clariion platforms.
• As a SME subject matter expert documented the upgrade procedures and the new configurations for the clients based ITIL practices and CMDB configuration management database processes.

Confidential, San Diego, CA

Network Engineer III (Consultant)

Responsibilities:

• Supported NOC environment 7x24 and on call rotation with SLAs.
• Replaced and upgraded the Raptor Firewall with Firewall-1, Checkpoint 3.x/4.x and continuously added new network security and VPN policies for central and remote offices.
• Upgraded, managed, monitored, and set up SLA’s (Service Level Agreements) with automated reports over forty thousand network nodes through Spectrum and Concord e-Health.
• Installed and configured Application Vantage Compuware to monitor the performance of MS-SQL and ORACLE databases across the enterprise (LAN-WAN) bases hosts and IIS-Applications.
• Configured and automated Concord Network Health Reports through Apache Web Server and DNS clustering for NPOC (Network Person of Contact).
• Configured fail over support for critical IP-based applications and services that require scalability and availability for Web-IIS 5.0 and supporting Applications such as Cold Fusion with F5 Iron switches.
• Performed Network Trend reporting, analysis, traffic shaping for the LAN-WAN usage with Concord eHealth and BMC software for Cisco Switches and Routers.
• Developed Cisco Router and Switch Configuration Templates for new deployments .Installed and configured Cisco 800/1700/2600 XM/ 3600/2851/2851 with Confidential -1 provisioning Voice Interface Card (VIC), high density analog voice/fax network modules (NM-HAD) modules for remotes and satellite offices.
• Installed and configured Cisco Call Manager ver-4.x VoIP for Trunk configuration, Cisco Unity-IPCC, Gatekeeper-H.323, SCCP, IP phone configuration and registration, device-endpoint monitoring and reports generation.
• Setup MPLS Logic Channels (LCN’s) between the Label Switch Controller (Cisco 720x) and the BPX switch. Setting up trunks (OC-3, DS3, Frame, and ATM) between MGX/BPX switches and remote sites.
• Installed and Configured CiscoWorks2000 (RME (Resource Manager Essential), LMS (LAN Management Module), and RWAN (Routes Wan Management Module), Cisco ACS-TACACS+, for configurations version controls for all of the Cisco routers, switches, and NAS (network access servers).
• Developed procedures and templates for NOC-I and NOC-II (Network Operation Center) for network troubleshooting (NT2000 client/server/DHCP), fault isolations, and LAN/WAN router switch upgrades.

Confidential, Irvine, CA

Network Engineer

Responsibilities:

• Traveled 80% percent of time for product demonstration, support, installation, different networks monitoring and troubleshooting.
• Conferred with customers and site engineers to assess equipment needs, determined system requirements, and deliverables dates.
• Planned, and modified product configurations in the sales cycle to meet customer needs.
• Submitted many forms of RFP with different proposals to vendors, suppliers, existing and potential new clients for hardware-software application tools, new projects, and annual contract service agreements with technical specifications, terms and conditions.
• Installed and configured Enterprise Network Management Solutions Spectrum 5.0 and HP Openview Network Node Manager for the GNTS regional and national customers.
• Coordinated between different IT departments and vendors and installed Network Management Servers with HP Openview Network Node Manager, Net IQ, Concord e-health, and Cisco Works 2000.
• Configured Smart Switch Router (8000/8600) with (SFVLAN) SecurFast VLAN with (ISMP) InterSwitch Message Protocol Implementation.
• Configured new models of Confidential Switches-Routers VLANS with Spectrum VLAN Manger which provided enterprise management services for all SSR switches in the Secure Fast VLAN network.
• Provided new solution plans and configured new Internet-DMZ segments with Cisco PIX-525-TACACS+, and Intrusion Detection Systems 4200 series devices for enterprise customers.
• Defined and developed Network Security Policies and procedures for VPN and NAS for medium size business.
• Integrated third party applications and sold as an enterprise MOM solutions in SNMP and RMON based products such as BMC Patrol, Opticom (Iview), Matrix (Win watch), Concord, Attention, Dirig, Net Sight, IIS Web Servers, Unix Apache Web Servers with Spectrum 6.0, and Concord Network Health to monitor network nodes, applications, Oracle databases, and WAN service level agreements throughout the western states.