SUMMARY:

• Strong consulting, team and project management skills, ability to design, develop and deploy technical solutions for various clients
• 23 solid years’ experience in designing and implementing IT data, security, wireless and voice network, hands - on experience on various platforms.

TECHNICAL SKILLS:

WAN: TCP/IP, RIP, EIGRP, OSPF, ISIS, BGP, FR, ISDN, ATM, MPLS, VOIP, PIM, VRF

LAN: VLAN, STP, TRUNK, LAN SECURITY, 802.1x, Multicast

NETWORK PLATFORM: Cisco Nexus 77/7k, 9k/5K&2K, ASR 9k/1k, VSS 6500,7200,4500,3600,3850,2600, 3750 PoE, 2960 PoE, Enterasys (Cabletron) SSR8600/2200, Switch6000, Riverbed, Cisco waas, Juniper EX, HP Procurve

NETWORK SECURITY: Palo Alto Firewall, Panorama, CheckPoint MDS Provider-1, MLM, Smart Event, Check Point FW/ VPN/Gaia, Nortel VPN, Cisco PIX/ASA VPN/SSL VPN, FWSM, IBM/ISS IPS/IDS Proventia, Internet Scanner, Radius, Tacacs+, NAT PKI, Cisco Wireless Security, Nokia, Cisco NAC, PCI compliance, ISO 17799, Juniper SRX, Cisco Firepower, Cisco ACS, Aruba Clearpass and 802.1X Auth 3DES, AES, SHA, IKE

NETWORK MANAGEMENT: HP Open View, Open NMC, Cisco Works, MRTG, Wireshark, NI Observer, Ethereal, Observium, Netflow, SMART, Xena,, SolarWinds, NetScout, ServOne, Netbrain

LOAD BALANCING: F5 LTM/GTM/APM/ASM, Cisco ACE 4700, CSS11501, Nortel Alteon, Checkpoint ISP solution, F5 BigIQ

WIRELESS: Cisco wireless Controllers & WISM, WCS, Aruba Wireless Controller, ClearPass, Airware

VOICE: Cisco CUCM8.6, Unity Connection, IPCC/UCCX, SIP Voice Gateway, VG 224, Cisco Presence, Meeting Place / Webex, UCS, CME, Cisco IP Phone, Nortel CS1000, BCM, singling server, Nortel IP Phone, SIEMENS PSTN, PBX

APPLICATION: Microsoft Active Directory, IIS, DNS, Novell E-directory, SYSLOG, SNMP, NTP, SMTP

SERVER: MS XP/ 2000/2003/2008/2012, HP UNIX, Sun Solaris, SCO, Linux

PROFESSIONAL EXPERIENCE:

Network Architect

Confidential, Gaithersburg, MD

• Provided consult services and architectural direction with respect to network and Information Security for global network refresh project for two data centers upgrade including Cisco Nexus 7710, 9K, and WAN link upgrade (BGP)
• Engaged in Checkpoint MDS R80.10, MLM and Smart Event upgrade
• Designed Checkpoint Firewall ISP solution for dual Internet links load sharing in Headquarter
• Deployed F5 LTM on i5800 to replace existing devices, and deployed F5 BigIQ to manage F5 devices

Network Security Architect

Confidential, Celebration, Fl

• Provided strategic and architectural direction with respect to network and Information Security for the customer Data Network, including WAN, LAN, MAN, Wireless, Internet, MPLS, Data Center
• Reviewed Design Requirement Documents for various projects, analyzed the design, provided the technical/design advices, and signed on finalized DRD. And built a list of tasks, labor hours(WBS/BOM) and supported Project Managers and built SOW for various projects: Data center refresh, Firewall migration ( Cisco FWSM/ASA, CheckPoint/PaloAlto, CheckPoint/Juniper SRX), PCI MPLS overlay, third party/PSP WAN and Firewall upgrade
• Interacted with the customer and vendors to gather requirements, solutions to meet emerging business needs
• Designed, developed and oversaw implementations that meet the customer’s requirements and maximize availability of those systems
• Interfaced directly with the customer’s Strategic planning Team, Designed Data Center refresh including Nexus 7K,5K,2K, Juniper SRX 5800, F5 Viprion
• Designed and Lab tested Visitor Access for global enterprise networks including 4 major Data Centers, built MPLS/Logical overlay, Palo Alto Firewall, HP/Aruba Clearpass, Cisco Wireless Controller, F5 Viprion, Cisco switch 802.1x. Provided knowledge transfer to engineer teams to deploy the solution
• Engaged an urgent task as a lead to solve the network/security migration issue in a Data Center(Cisco Nexus, Checkpoint Firewall and F5 LTM), and eventually avoided multimillion Dollars financial penalty and meet PCI compliance
• Designed and deployed Palo Alto Firewall 5060 for Internet Firewall with Active/Active and BGP solution
• Provided technical advices for Audit process and worked along with customers, Internal Audit and engineers to review the standards and laid out the remediation plan
• Lab tested new codes on new devices from features, function to performance and compared current design and configuration standards ( CheckPoint Provider-1 / Firewall R70.20, Palo Alto 7050 version 6.1.10, and SNMP version 3)
• Be in Architect team as top technology resource, and provided technical advices to senior mgmt. for various requirement

Senior Network Analyst/Engineer

Confidential

• Designed and rebuilt two data centers and deployed Cisco Nexus and ASR and utilized BGP, EIGRP, VRF and IPsec tunnels to provide fully redundant services for Fortune 500 financial clients
• Designed and deployed next-generation Palo Alto Firewall and IPS and upgraded Checkpoint Firewall software and hardware for enterprise networks
• Prepared and provided network and security proposes to financial institutes and won the bid and hosted and provided data center solutions including advanced F5 load balancing solution (LTM/ GTM/ APM/ASM), Firewall, Nexus.
• Replaced legacy PBX with full set of Cisco UC solutions with Cisco CUCM, Unity Connection, UCCX, Presence, Meeting Place/Webex, SIP and Analogy gateway and UCS
• Designed and deployed Aruba wireless and wired solutions with 802.1x for enterprise networks including Aruba controller, ClearPass and Airwave
• Tech support on complex financial environment with SLA and managed all network devices including Cisco Nexus. R/S, ASA, Voice System, Check Point, Palo Alto, F5, Aruba wireless, RSA token and their advanced technologies

Security Architect

Confidential, Celebration, Fl

• Interfaced directly with the customer’s Strategic planning Team
• Oversaw the customer’s future Security Network Engineering strategy as well as ensured ACS’s strategy is in line with Disney’s going forward
• Provided strategic and architectural direction with respect to Information Security for the Disney Data Network, including WAN, LAN, MAN, Wireless, Internet, MPLS and others
• Interacted with the customer and vendors to gather requirements, solutions to meet emerging business needs
• Designed, developed and oversaw implementations that meet the customer’s requirements and maximize availability of those systems
• Set corporate direction for a multi layered business organization
• Created BOM for various projects and responded RFP

Senior Solution Integrator

Confidential

• Lead to design and deploy various projects including data center, security, wireless and voice integration solutions for financial, government, health, education, and private sector’s clients
• Be a major role to demo Cisco Security Solutions( Desktop, IOS, VPN, FW, IPS, ACS, NAC and MARS) for obtaining Cisco Master Security Specialization for Cisco partners
• Designed and deployed a set of Cisco solutions for a college including Cisco VSS, NAC, ASA, IPS and Wireless solutions
• Designed and deployed network evergreen projects for one of the largest Canadian Pension Company and two hospitals to replace North switches with Cisco data center solutions
• Lead network and security assessment for Mutual Fund Companies, law firms, Mortgage, Insurance and Media and broadcast Companies
• Deployed various Cisco voice solutions including CUCM, Unity Connection, IPCC, CME and Voice gateway for ISP, hospitals and worldwide consultant firms

Senior Network Specialist

Confidential

• As a team lead, responsible for developing strategic plan for network architecture, operations, scaling, processes, cost, security and disaster recovery to serve the mid to long term goals
• Responsible for the evaluation, design and implementation of national WAN (46 branches and 20 business partners links) including cost reduction, network optimization, routing design, route determination, vendor management and product evaluation from ISDN/FR/ATM, VPN to MPLS
• Designed and deployed Internet access redundant solutions and WAN circuits recovery solutions for fail over in the event of a disaster at the primary or secondary data center, including Nortel and F5 solution
• Designed and deployed Nortel VOIP solution over MPLS across routers, switches, ASA, including Cisco network gears, and Nortel VoIP solution
• Designed and deployed LAN network, layer 3 routing switch and optimized LAN operation, including Etherchannel, trunk, STP load balancing
• Responsible for initializing, designing and deploying network infrastructure security to meet PCI, and performed security assessment of existing infrastructure, coordinated security audits, remediation and design, including Firewall, IPS/IDS, Desktop security, Cisco NAC, MARS
• Responsible for security incident response, including hacking, virus spread
• Designed, evaluated, deployed and managed security products, including Check Point FW, Cisco ASA, IBM/ISS IPS/IDS, VPN, SSL VPN, Radius, wrote security policy, and implemented DMZ, LAN security, system hardening, NAT
• Designed and deployed Cisco Wireless solution a/n,bg/n for the buildings, including security design for PCI, Employee/Guest/admin VLAN, utilizing WCS
• Designed and deployed load balancing solutions, using Nortel Alton and F5 link controller for Internet Links, Cisco ACE 4700 for content switch
• Administered and maintained enterprise network with various network management tools, HP Openview, OPEN NMS, MRTG
• Provided leadership and mentoring to junior staff, and documented the configurations and procedures.

Network Engineer

Confidential

• Responsible for the global analysis, design and implementation of an international Voice over Frame relay private telecommunication network including 16 countries based on Cisco switches and routers
• Participated in strategic and tactical planning processes, worked in a team to conduct audits of the technology environment and created and maintained technology models that meet the needs of Voice over Frame Relay network
• Designed, documented and lab tested a high availability network architecture to meet the QoS requirement of voice over frame relay from routing protocol, router/switch platforms, to Unix nodes, telecom equipments
• Performed level 3 technical support and diagnosis on Cisco routers, switches, network Unix nodes and Frame relay circuits, T1/E1 circuits, used Remedy ticket system
• Administered Cisco PIX Firewall, and internal office network with Cisco routers and switches. Set up remote access server for dialup users and configured BGP to communicate ISP for Internet connection

Switch/Network Engineer

Confidential

• Responsible for building, designing, implementing and supporting enterprise LAN network
• Set up network management center and used x.25 circuits to connect telephone switch systems in Local Telco Central Offices for operation and maintenance.
• Assisted R&D dept. to maintain SNA environments for IBM mainframe
• Evaluated customer needs and proposed solutions for those needs, and provided technical and sales support for Telco PSTN Network
• Designed and set up lab networks to test functionality between Centrex PBX and voice messaging system
• Worked with R&D division, and implemented the compatibility test of SS7 with other vendors (AT&T, Nortel, NEC, Alcatel, Ericsson), and used traffic generators and protocol analyzers to verify the test result according to ITU-T recommendation