SUMMARY:

A polished technology professional with extensive network and systems experience within the financial services marketplace. An effective communicator with skill sets in multiple practices: Network Engineering, Information Security, Data Center Design and Virtualization. Detail - oriented and resourceful with proven ability to successfully manage and deliver large-scale initiatives and projects.

TECHNICAL SKILLS:

• Confidential - 5100/5900, Flex Network - 3600/7500, Altoline 6900
• Juniper Switches EX3200, 4200, 4500, 8200
• Juniper Routers MX80, 240, 480, 960
• Juniper Firewalls SSG140, 320M, 520M, SRX 240, SRX650, SRX1400
• Juniper VPN - SA2500, SA4500, SA6500, MAG2600, 4600
• Cisco Routers- ISR 38xx, 39xx, 72xx series, 75xx series, ASR1000 Series
• Cisco Switches- 3500/4500/6500 , NetFlow/CEF/DCEF
• Cisco Nexus 1k/2k/4k/5k/7k, Cisco UCS
• Tenable Nessus, SecurityCenter, PVS
• Cisco Firewalls- PIX 525,515,535,FWSM, IOS
• Confidential - 39xx, 51xx, 50xx, FortiManager, FortiAnalyzer, FortiAP, FortiSandbox
• Palo Alto M100, 500, 3000, 5000 Series
• Check Point FW-1 / VPN-1/ NG / VSX-1
• Force10 C300, E600, E1200, S55, S4810
• Citrix Xen, VMware Vsphere, KVM, Cloudstack
• RSA ACE/Server, Authentication Manager
• Cisco Wireless 55xx WLC, WCS
• Aruba Mobility Controllers, IAP’s
• 802.11abgni- PEAP, TKIP, WPA2TCP/IP, WINS, DNS, DHCP, SNMP
• IPSEC, ISAKMP/IKE, TACACS+, GRE, NAT, DMZ, RSA, 3DES, DES, MD5, AHBGP, EIGRP, OSPF, RIP, HSRP
• Ethernet,GigabitEthernet, TenGigabit Ethernet
• Windows 2008 2012, Active Directory, Linux/Unix- Ubuntu 12.04, CentOS, NetBSD
• F5 Networks - LTM, GTM, APM, ASM
• HIPAA, Sarbanes-Oxley, 21 CFR Part 11, PCI
• ISO 27001, NIST 800-53, CyberSecurity Framework
• COBIT, ITIL

PROFESSIONAL EXPERIENCE:

Confidential, New York, NY

Lead Technical Consultant

Responsibilities:

• Lead Architect for Next Generation Network Interconnect Project intended to re-invent global remote branch office connectivity by migrating from legacy Cisco Nexus 5505 and Catalyst 6500’s to Confidential 6900 and FlexNetwork 7500.
• Redesigned global video delivery mechanism using Virtual Steelhead appliances and traffic engineering using Juniper MX80 routers
• Provides Juniper SRX 1400 and MX480 support to carrier IP and cloud based solutions. Subject matter expert in the areas of Mobile Security, Network Virtualization and Routing.
• Lead engineer on Juniper SRX deployments and architecture issues. Designed large scale perimeter infrastructure for WAN/MAN project using SRX 5800 firewalls and EX8200 switch fabrics. Used VPLS to virtualize Layer2 as well as created reference architecture for Flowspec to mitigate DDoS.
• Designed a high-availability security infrastructure using Fortigate 3700 firewalls and 1000D appliances. Deployment centralized policy and log management using FortiAnalyzer and Fortimanager.
• Subject matter expert and technical architect for the following infrastructure domains: Aruba Wireless, F5 3600/Viprion LTM/APM, Riverbed EX/HX WAN Optimizers, Arista Switches and Palo Alto Firewalls
• Troubleshot a highly complex network core of Nexus 5585 / Nexus 7010 switches, VPC trunking and OSPF routing
• Consolidated global Cisco ACS infrastructure that authenticated wireless, VOIP, SSL VPN, and network administration across 5,000 users . Project owner through entire lifecycle - inception, design, implementation and support
• Upgraded global F5 VPN infrastructure from legacy 10.x to 11.4
• Often presented to the business on emerging trends as well as how to capture market direction into the firm’s technology portfolio.
• Re-designed electronic trading network using Arista 71xx and 75xx switches and Confidential 3950 Firewalls. Implemented spine and leaf architecture to mitigate spanning tree and provide non-blocking 10Gig network fabric
• Optimized Multicast environment using by shortening Layer-2 paths and upgrading Feed Handler interfaces to 10-gig
• Migrated 1200 line firewall policy from Cisco ASA to FortiOS
• Designed a high-availability security infrastructure using Confidential 5140 blade firewalls and Confidential 5050 UTM appliances. Deployment centralized policy and log management using FortiAnalyzer and Fortimanager.
• Lead architecture for internal private-cloud virtualized network and systems infrastructure using Confidential Blade chassis's, HP E5400’s and HP 9500’s to consolidate financial service provider data. Deployed VMware ESX 5.1, Site Recovery Manager (SRM) and VMware VCenter to 10 Data Centers globally.
• Implemented BGP throughout the internal MPLS/VPLS network as well as at all Internet facing gateways.
• Subject matter expert in the areas of firewall engineering, systems administration and data center design. Communicated effectively with both senior management and technical personnel.

Confidential, New York, NY

Confidential Systems Engineer

Responsibilities:

• Highly proficient in the areas of Data Center Design, IP Routing and Unified Communications.
• Provided technical leadership to the Global Financial Services arena on Cisco solutions; High end design and architectures, proof of concept, requirements gathering, and business justification.
• Functioned as subject matter expert in the areas of Security Virtualization, Secure Market Data Extranets, and Firewall Consolidation.
• Collaborated with internal business units for product feature and focus based on customer demand.

Confidential, New York, NY

Vice President - Network Engineering

Responsibilities:

• Managed planning, implementation and support for the enterprise LAN/WAN of a $10bn, multi-strategy hedge-fund.
• Created a standardization model for the firm’s current and future data center buildouts. Worked with business leaders to identify all policies and infrastructure requirements surrounding high-volatility trading, low-latency IP Multicast and virtualization.
• Implemented a centralized security management solution using Cisco MARS, Netflow version 9, snort IDS, and Cisco ISR technology.

Confidential, Hoboken, NJ

Vice President

Responsibilities:

• Managed a global team of 10 highly technical engineers with diverse skill sets.
• Design and implemented a global strong authentication solution using RSA Authentication Manager, and Solaris 9.0 on V120 hardware.

Confidential, New York, NY

Global Network Architect

Responsibilities:

• Served as interim Global Infrastructure Architect. Engineered global WAN solution using the Cisco ISR platform and MPLS technology.
• Functioned as subject matter expert on security management tools as well as intrusion prevention devices. Worked with global network security teams to create a global standard for remote office intrusion management.

Confidential, New York, NY

Systems Consultant

Responsibilities:

• Served as team leader and subject matter expert for a group of (5) highly technical security engineers and (2) process oriented business analysts.
• Re-designed electronic trading network for “5 nines” uptime in response to more aggressive customer SLAs and various SEC/NYBOT audit requirements

Confidential, New York, NY

Network Manager

Responsibilities:

• Designed hierarchical routing policies, using OSPF and EIGRP using Cisco’s enterprise grade hardware. Responsible for implementing WAN connections and routing policies for new clients. Managed 100+ frame-relay, and T1 circuits that interconnect both local and national clientele.
• Implemented PERL based MRTG (Multi-Router Traffic Grapher) to monitor all critical network links and access point.