SUMMARY

• Experienced, results - driven network/cloud architect IT professional, accomplished in analysis, planning, design and implementation of internetworking systems and solutions, including hybrid cloud based technologies end environments.
• Extensive IT industry experience that spans a variety of LAN, WAN, VPN, WAN acceleration, cloud systems and virtualization hardware, software, protocols, operating systems; management, testing and monitoring tools.
• AWS, Cisco, Microsoft, HP and VMware Certified. Constantly pursuing newer knowledge and IT certifications.
• Fluent in English and Spanish. International experience working with WAN carriers in all continents.

PROFESSIONAL EXPERIENCE

Confidential

Senior Network Engineer

Responsibilities:

• As a Senior Network Engineer, I was a member of a solid team responsible for the overall design and strategy of Signet's enterprise network. Some of the primary responsibilities and activities I was tasked with are listed below:
• Design, build and optimize Signet's LAN/WAN infrastructure, including datacenter, corporate and retail footprint. Partnered with solution delivery teams to accelerate business value realization. Leverage broad technology experience to identify creative solutions to complex business technology opportunities.
• Provided hands on support with cloud services providers, including AWS and Azure. Used my valuable AWS certifications and knowledge to test, troubleshoot and enhance a multi - VNet, multi region cloud systems deployment in Azure, including Dev, Test, Perf and Prod environments.
• Created new network diagrams to depict existent Azure VNets deployed for various business units. Including current and future states.
• Worked with Cloud support team to troubleshoot, enhance and harden CreditHub, a business-critical application deployed in the Azure cloud. It spans multiple regions, encompassing various non-prod environments.
• Worked with vendors and solution partners to identify emerging technologies and determine fit for the company.
• Worked with ADC platforms, including F5 and Citrix Netscaler. Assisted in deployment, testing and overall operational status of web technologies and protocols. Serviced and implemented SSL/TLS enabled services.
• Assisted the network systems with hardware and software upgrades, IOS bug identification and fixes, as well as HA testing functions.
• Created custom Dashboards on SolarWinds monitoring platform, allowing a single pane of glass view of 8000+ store iPAD s VPN connectivity and current up/down status, as well as key VPN device s operational status.
• Worked closely with members of the Infrastructure Engineering team, Infrastructure Operations team, and Solution Delivery team to deliver business value
• Provided technical support on corporate wide LAN/WAN routing & switching technologies and products. Supported various routing protocols, including EIGRP and BGP, as well as working with carriers for DIA, MPLS and PtP services.
• Assisted supporting MPLS, VXLAN and other overlay technologies. Provided hands-on assistance in network virtualization, including VRF on range of platforms.
• Provided hands-on support with next-gen firewalls, including Palo Alto and VMware NSX. Utilized security best practices and experience dealing with PCI compliant environments.
• Offered support with IPSec VPN and other tunneling protocols. Used my experience and understanding of security controls, including packet filtering, IDS/IPS, content filtering and malware detection.

Senior Network Engineer

Responsibilities:

• As a member of the Network Services team at The OCC, I was primarily involved in engineering, configuring, and deploying its hybrid cloud architecture infrastructure. This hybrid cloud spanned redundant on - premises data centers and AWS cloud services in two regions. The hybrid cloud infrastructure used highly redundant 10 Gbps direct connect links to four AWS US locations, using diverse AWS APN partners and entrance facilities at each data center.
• Working closely with AWS APN partners Century Link and Zayo, I completed three direct connect circuit turn ups, testing and IP connectivity validation via BGP peering with AWS routers.
• Performed design, implementation and testing of redundant public and private VIFs. Implemented local-preference BGP community tags to influence traffic path selection, on both public and private VIFs.
• Designed, implemented and tested multiple direct connect gateways, using redundant private VIFs to link AWS VPCs with on-premises data centers, in a multi-tenant data center infrastructure, based on Cisco ACI switches.
• Assisted in deploying multiple VPC cloud resources for test, dev, prod and DR environments in two AWS regions.
• Deployed shared services VPCs with dedicated direct connect gateways, linking them to on-prem data centers.
• Deployed VPC peering services, PrivateLink services, VGW routing tables configuration, security groups, on-prem BlueCat DNS system and Route53 integration.
• Configured alerting and monitoring solutions using Cloud Watch, Logic Monitor and Splunk systems.
• Used AWS CLI, Cloud Formation and Terraform tools to deploy AWS cloud resources.
• Actively involved in various other network engineering functions:
• Perform communications systems upgrades, and network infrastructure design, analysis and support.
• Design and deliver robust solutions for innovative large-business technologies within the data center.
• Assist in setting up large, robust and highly redundant data centers.
• Work within a highly regulated/regulatory environment.
• Install and support complex network infrastructure including routers; switches; circuits; MPLS/DMVPN connectivity; Cisco voice over IP phone systems; F5load balancers; CheckPoint firewalls; VPN; DNS; IPAM; Sniffers; tapping; NAC; NTP; NetScout-Arbor DDoS mitigation; proxies; network management tools; and call recording infrastructure.
• Perform network design & analysis of new architectures, new routing and restoration approaches; developing systems specifications, planning small to medium sized projects, technical implementation plans and coordinating complex installation projects with clients and vendors.
• Work with vendors, common carriers and various teams in identification and resolution of complex network problems.
• Provide tactical and strategic input on overall network planning and related projects.
• Ensure network performance and network security standards are met.
• Support and troubleshoot IP communications
• Plan and assist in network changes and new infrastructure deployments.
• Install equipment and extend, or make cabling connections.
• Document network changes, policies and procedures and drawings.
• Manage/lead multiple projects of various sizes and schedules.

Confidential

Network Architect

Responsibilities:

• As a Network Architect at TCB, I was involved in developing and maturing its networking strategy and roadmap. I actively participated in transforming its information systems to deliver superior customer service, information insights, and analytics to its members. As a key member of the IT Architecture team, I brought expertise and provided input to help shape future voice and data communications.
• Subject matter expert in data communications, responsible for the design, implementation and delivery of effective and secure network systems, infrastructure and related technologies. I was also responsible for leading design, implementation, day - to-day operations, and troubleshooting efforts.
• Participated in the planning, design and requirements gathering efforts to migrate on premise applications into Azure and AWS cloud service providers.
• Served as key subject matter expert in the field of TCP/IP based data communications; maintaining a deep understanding of voice, video, and data network convergence in client enterprise network, storage and data network convergence, including client data centers and remote offices as well as integration with external private and public cloud providers.
• Provided technical support to ensure the ongoing efficient, secure, and reliable operations of related client network systems and infrastructure.
• Proactively developed and maintained a strong knowledge of client network systems and their related components and made recommendations to improve the reliability, scalability, performance, and security of these systems as appropriate.
• Assisted with software configuration and upgrades of the Riverbed SteelHead appliances deployed throughout company locations and data centers.
• Leveraged technology to automate manual tasks, improving efficiency wherever practicable and appropriate.

Confidential

Senior Network Engineer

Responsibilities:

• Responsible for overseeing routing, firewall rules, load balancer dependencies, IP addressing changes, forward proxy and reverse proxy services, internal and external DNS services for customer’s server and application moves to redundant new datacenters.
• Project scope involved migrating 500+ physical servers and 1200+ applications running on multi OS platform environment, including but not limited to: Windows, Unix, AIX, Linux, VMware, Mainframe, and Solaris platforms, onto a SaaS provider’s cloud infrastructure on the East coast.
• Assessment and verification of IP connectivity between servers of an application echo-system. Validation of firewall ports and rules. Validation and revision of F5 load balancers configuration in legacy environments.
• Responsible for pre-migration assessment of various network services, verification of routing in a multi-VRF MPLS environment, bandwidth availability assessments, validation of various other network services availability before, during and after application and server moves.
• Providing third level technical support after migration. Troubleshooting routing, firewalling, load balancing, WAAS operation, application performance testing, and other network services related issues.
• Created alternative network design solutions for legacy applications, whose legacy coding did not allow them to comply with the architectural build out of the new Verizon Strategic Internet Gateway (vSTIG) sites. The vSTIG infrastructure comprising tiered zones of Cisco ASA Firewalls, Cisco ASR Internet routers, F5 GTM load balancers, external DNS servers, and IPSec VPN concentrators in the red zone. F5 LTM load balancers, Juniper SSL VPN concentrators, Bluecoat reverse proxy servers, Cisco Catalyst 6500 L2/L3 core switches, and Cisco ASR 1000 series routers running multi-VRF environments in the yellow zone. Cisco ASA as access firewalls, Bluecoat forward proxy servers, F5 LTM load balancers, and internal DNS servers in the green zone.
• Responsible for testing and troubleshooting client/server applications across VPN and MPLS global links.

Confidential

Network Architect

Responsibilities:

• Responsible for design review, configuration and deployment of fully redundant call center infrastructure hardware in three datacenters. Hardware included Cisco Nexus 5500 series switches, Cisco ASR and ISR-G2 routers, Cisco UCS platforms, Gigamon GigaVUE data collection appliances, F5 load balancers and GTM appliances, Fortinet Firewalls and Cisco C-200 blade servers.
• Planned and directed user’s migration into the newly built datacenters. Assisted in the planning and architecting of data and voice applications migration into the new datacenters.
• Performed routing and switching configuration validation in a Multi-VRF network environment.
• Configured Nexus switches to support FCoE attached servers.
• Tested and performed troubleshooting session to find out sources of IP connectivity issues.
• Assisted server team with UCS and FCoE troubleshooting needs.
• Configured and tested Fortinet firewalls to comply with client/server business, HIPPA and PCI requirements.
• Updated logical and wiring network diagrams, VLAN addressing and IP addressing records.
• Supported UCS team with UCS Manager OS upgrades.
• Opened Cisco TAC support cases to solve Nexus CPU Utilization issues and TACACS authentication errors.
• Implemented TACACS, NTP, SNMP and Remote Access configuration on Cisco ASR routers and Nexus Switches.
• Configured redundant ASR routers for WAN interoperability with external carriers, in a Multi-VRF environment.
• Responsible for conceptual design, hardware sizing and technical overview of a data center upgrade, primarily based upon Cisco Nexus 7000 series switches, ASA Firewalls, Gigamon GigaVUE data collection appliances, Imperva web application firewalls, Cisco ACE load balancers, Cisco UCS Fabric Interconnects, Cisco UCS 5108 blade chassis, UCS 1010 virtual services appliances.
• Wrote various sections of the Enterprise Site Framework document, including technical specifications, hardware requirements, created network logical and wiring diagrams, VLAN mapping, IP addressing and routing protocol selection.
• Responsible for design review, validation and deployment remediation of Cisco routers, switches and Firewalls.
• In charge of network architecture review and implementation of a MPLS based global network in support of a new corporate cluster of SAP applications.
• Responsible for testing and troubleshooting client/server applications across VPN and MPLS global links.
• Prepared an Impact Analysis report for the deployment of SAP applications, deployed at an Applications Service Provider redundant site.
• Prepared technical recommendations for the deployment of WAN Acceleration solutions based upon Cisco WAAS products.
• Assisted in the design and deployment of a new pilot program for automated collection of remote data from electric meters.
• Lead VPN to MPLS migration for WAN links to ASP providing SAP hosting.

Confidential

Principal Consultant

Responsibilities:

• Responsible for design and deployment remediation of Riverbed Steelhead, Interceptors and Management console appliances.
• In charge of RiOS operating system upgrades and fine tuning on all Riverbed devices.
• Responsible for configuration and deployment of Steelhead Mobile Controller and clients.
• Review and remediate existing Riverbed Interceptor and Steelhead clusters.
• Evaluate and recommend Riverbed EOL device replacement.
• Design and Service Request Engineering Services for Latin America, Middle East and African Regions
• Member of the Design Engineering team providing WAN and LAN services for multiple global sites.
• Designed, tested, configured and implemented WAN acceleration solutions based on Cisco WAAS devices. Deployed a total of 80+ WAAS devices throughout the global corporation.
• Created device configurations, bill of materials, high and low level design documents for multiple sites, in preparation for their migration into the BT global MPLS network.
• Led MPLS site migrations teams and deployment of new solutions to multiple regional sites.
• Conducted testing and troubleshooting exercises to fix deployment issues during site migrations.
• Worked with various Cisco models of routers and switches, including: Catalyst 6500 and 6500E series at the core of gold and silver sites, Cisco 3550, 3650 and 3750 switches at the core/distribution and access layers, Cisco ISR router family, from 1801 through 3845 models, Cisco WAE and WAVE family of WAN acceleration platforms, and Juniper MX series routers.
• Network Engineering resource for Enterprise Technical Services and Platform Hosting Services Vertical
• Member of the Network Engineering team supporting two business units. Responsibilities involved planning, design, testing and deployment of network access, integration and operation solutions.
• Designed, tested and implemented VPN solutions to integrate partners and vendor’s intranet environments with business unit infrastructure.
• Responsible for testing, troubleshooting and monitoring network issues related to various zoned VLAN architecture environments comprising three data centers.
• Performed data capturing and application performance testing using TCP analysis in test and development environments.
• Responsible for design and review of IP address assignments for existing and new zoned VLAN environments.
• Worked with various vendor’s platforms and systems, including Cisco Catalyst 6500 switch series, 7200VXR series routers, Cisco ISR routers, F5 BigIP load balancers, HP Blade Server enclosures technology, and a mix of server operating systems including those deployed in virtual server environments using VMware software versions 2.5.3 thru 3.5.
• Led lab testing and pilot deployment of Cisco WAAS platforms and services.
• Performed lab deployment planning and testing of Cisco Nexus switches in conjunction with Big-IP, HP server enclosures and existing Cisco L2/L3 switches and routers.