SUMMARY

• Lead Network Design Engineer / Architect with 18+ years of hands - on experience
• Ability to design and implement Enterprise network - LAN, WAN, Security, Data Center, Wireless, and Voice.
• Strong hands-on experience in Routers, Switches, Data Center, Security, Wireless, Computing, SDN, and Virtualization. Have designed and implemented complex Multi-platform and Multi-protocol networks.
• Strong experience in working and leading core networking team that analyzes, designs, troubleshoots, and implement network architectures and solutions.
• Led design, development, and execution on a long-range technology architectural roadmap for the Cloud (AWS, Azure) domain based on established business needs and the enterprise technology strategy
• Created functional strategies and specific objectives for the sub-function and developed budgets / policies / procedures to support the functional infrastructure
• Ensured on going production by implementing the network structure to allow data centers to back each other up. Have built multiple data centers from ground up using VxLAN - BGP EVPN, Cisco ACI, NSX solutions
• Reduced installation time by 75% by automating network deployment using Python and Ansible
• Consistently reduced costs by improving network performance and eliminating unused and under-needed circuits.
• Directed a team of 5 to 9 engineers and senior staff members
• Researched and developed innovative network solutions and supported chronic complex problem resolution.
• Managed assigned regional projects, which include responsibility for planning; time and cost control; resource utilization and implementation.
• Conducted training for network engineers on various network technologies

TECHNICAL SKILLS

Routing: EIGRP, OSPF, BGP, MP-BGP, HSRP/VRRP, GLBP, NAT, Multicast, PIM, MSDP, IGMP/CGMP, Anycast, PBR, IP SLA

LAN: VLAN, Trunking, VTP, EtherChannel, RSTP, MST, 802.1Q, Port-Channel, PVLAN

WAN: MPLS, LDP, VRF, L3VPN, L2VPN, VPLS, LISP, QoS, NBAR, RSVP

Data Center: VDC, vPC, vPC+, FabricPath, VxLAN, OTV, EVPN Cisco ACI, Tetration Vmware NSX

Storage: FC, FCoE, iSCSI, DCB, NFS, CIFS

Security: RADIUS, TACACS+, IPSec VPN, DMVPN, SSLVPN, GRE, L2TP, PPTP, GETVPN, ZBF, IKEv1, IKEv2, SSL, TLS/DTLS, NAC - MAB, 802.1X, EAP-PEAP, EAP-TLS, EAP-TTLS, EAP-FAST, EAP- MD5

Virtualization: VMware NSX, VMWare VSphere 6/6.5, VMWare Networking, Routers, Switches, Software-based networking

Cloud: Microsoft Azure, AWS EC2, S3, ELB, VPC, RDS, DynamoDB

Operating System: Windows, Mac, Linux - CentOS, Ubuntu

Programming: Python, Java, C++ Data Structures with Python & Java

Other: Cisco IOS, NX-OS, IOS XR, JunOS

PROFESSIONAL EXPERIENCE

Confidential, Milpitas, CA

Network Architect

Responsibilities:

• Design, architect and deploy Global Campus Network switches solution - Cisco DNA (SD-Access, Tetration, etc)
• Design and deploy Aruba ClearPass NAC solution - Dot1x, MAB, On-Guard
• Design and architect Azure / AWS public/private cloud
• Network automation with Python
• Design, architect and deploy SilverPeak SD-WAN solution
• Design, architect and deploy Palo Alto Network Firewall with Global protect solution
• Design, architect and implement Data Center with VxLAN / spine-leaf design

Confidential, Fremont, CA

Staff Network Engineer / Network Architect

Responsibilities:

• Design and Architect LAN, WAN, WLAN, Network Security, Data Center
• Design and implemented Viptela SD-WAN (vBond, vSmart Controller, vManage, vEdge 1000, 2000). Created PoC on SD-WAN migration in the lab with multiple MPLS and Internet transport layer. Deployed Viptela SD-WAN in more than 100 sites with multiple VPN configs. Automated SD-WAN provisioning using Python and Asnible. Configured OSPF on LAN.
• Design and implemented ClearPass wired NAC 802.1x and MAB. Worked on PKI for dot1x deployment. Planned dynamic VLAN and DACL policies for multiple groups. Ensured seamless migration from NAC monitoring mode to Active mode.
• Designed and implemented Aruba Wireless Mobility Controller 7220 & 7240, IAPs at remote locations.
• Configured Cisco ISE for tacacs authentication.
• Design and implemented Palo Alto Networks firewall PA-5020, PA-3020 in Data Center and regional offices. Configured vsys, policies, etc
• Design and configured data center switches Nexus - 9500, 3500. Documented Nexus switches configuration VLAN, MSTP, VDC, VPC, FCoE, etc.
• Led the design, planning, and implementation of the F5 appliances utilizing best practices of F5 technology along with other aspects. Designed and configued the F5 LTM and ASM modules. Developed iRules and applied rules within the F5 appliances.
• Implemented OSPF in data center. Configured BGP with ISP. Created Active/Active Internet access
• Configured and deployed Juniper Switches EX2300, 4300, etc, Router and Firewall

Confidential, Fremont, CA

Sr IT Architect / Manager

Responsibilities:

• Defined and developed technical roadmap. Involved in technical discussions, being a subject matter expert, and had strategic influence
• Managed team of network engineers working to build, scale, deploy and support network systems for our global network infrastructure
• Helped network engineers develop their careers, assigning them to projects tailored to their skill levels, long-term skill development, personalities, and work styles
• Assessed network engineers’ performance, addressed under-performance, and recognized and promoted excellent performance
• Initiated new designs and architecture towards next generation IP platform. Initiated projects, process and technology for Network Operations improvements
• Analyzed history of network related incidents and performed preventive measures. Managed Network Change Requests via change control process
• Developed vision and strategy for service and solution enhancement, network augments and strategic initiatives. Developed and managed relationships with internal and external customers, vendors and departments to ensure cohesive and collaborative communication
• Designed and architected MPLS and DMVPN solution with BGP and OSPF
• Designed and architected Check Point Firewall (Gaia) for perimeter and DMZ.
• Designed and architected new Data Center using Cisco ACI solution - Cisco ACI fabric (policy groups, switch profiles, etc.), tenants - VRFs, Endpoint Groups, Contracts, etc.
• Designed AWS cloud with ELB, VPC, Direct Connect, etc., AWS Services - EC2, S3/EBS, etc.
• Designed and architect F5 LTM solution in Data Center (production & DR architecture)
• Worked with the team in Developing test plans, implementation plans, and project timelines for various projects including Nexus Data Center, MPLS, DMVPN, ASA migration, SIP trunks, etc.
• Conducted technical training sessions on MPLS, DMVPN, Cisco Wireless Controller, Cisco ACI, F5, etc.