SUMMARY

• 18 + years extensive experience coordinating, integrating and directing complex, multi - site projects, efforts and initiatives supporting thousands of users across a full-range of IT, network, security and telecommunications-related disciplines within a variety of data-intensive, high-transaction, fast-growth industries for Fortune 500, enterprise and SMB’s.
• “Hands-on” network architect, data center and security architect with a proven ability to lead high-performance teams, establish a cooperative climate across multiple departments/divisions and work in unison with cross-functional business partners. A natural and articulate communicator and presenter with tactical foresight, keen bottom-line focus and a proven record of reducing costs, upholding fiscal integrity and achieving margins on project delivery through the execution of value-added programs, systems and procedures.
• Data Center and Campus LAN Networking upgrade:.I created a blue print to move Guidewire to a three tier data center to a flat fabric based network. I architected the next generation of the data center network fabric Presented and debated with architects from storage and server farm teams. Collaborated with vendor and partners including: Cisco, Arista, Juniper, and Brocade. Set up POC and demonstrations for project stakeholders
• I architected and implemented MPLS WAN migration at Gensler for their entire wide area network.
• At SFMTA we built a green field data center at the new facility in San Francisco. My role involved architecture, implementation, and operation of this new data center involving 10 Cisco 6509E switches, Cisco 72XX and ISR routers, and Cisco ASA firewalls.
• As a CCIE in security technologies, I worked on a number of security initiatives involving security policy drafting policy enforcement rule analysis and firewall operations.
• Nexus 7010 core and aggregation implementation- I’ve designed and architected several data center migrations from legacy Cisco Catalyst 6500 to Cisco Nexus 7k/5k/2k fabrics
• Software Defined Networking (SDN) Currently I’m involved in several projects to help clients understand the value proposition of SDN offerings. I’m conducting research and analysis data.
• WAN Edge infrastructure redesign and refresh - Technical lead for domestic and international wide area network upgrade/refresh.
• I have written operations documents, technical architectures, standardization documents, as well as blogging on existing issues in the networking world and emerging solutions.
• Spearheaded the development of a network security strategy adoption for Fortune 10 financial institution, thereby mitigating threat/attack landscape and the attack events by more than %50
• VPN redesign- Successfully engineered and deployed full mesh enterprise wide VPN solution for 100 + domestic and international sites
• Revitalized technology upgrade for 1,800 work stations across 12 sites to achieve project deliverables, restore client relationships, and initiate a strategic partnership for future engagements
• Reduced IT spending/network operating costs by %25 by proposing, designing and implementing new architecture for corporate WAN network utilizing 10 gig and MPLS for all US and international offices.
• Technical/Business Skills
• Hands on experience installing, designing and administering a variety of security systems including firewalls, IDS/IPS, anti-virus, anti-malware and NAC solutions.
• Hand’s on experience installing, designing and administering identity access management solutions, cloud security, network security, application whitelisting, vulnerability management and endpoint security control systems.
• Program development experience working on compliance and regulatory projects for HIPPA, ISO 27000, NIST and SOC standards.
• Demonstrated project management skills and ability to track and report progress against established milestones, metrics and deliverables.
• Excellent written and verbal communication skills, the ability to write with purpose, clarity, and accuracy to both technical and non-technical audiences.

PROFESSIONAL EXPERIENCE

Confidential, San Francisco, CA

Senior Network Engineer/Security Architect

Responsibilities:

• Lead network/security engineer responsible for various aspects of driving business including: hands on greenfield deployments, making recommendations to clients to optimize infrastructure platforms, network + server environments, data center access, security policy development.
• Developed network architectures/designs to align with enterprise IT strategies across various domains including: networking, network security and data center products and solutions ( Cisco/Dell/HP )
• Working on project team responsible for driving audit/compliance requirements including: HPPA and PCI
• Partnering with information security leadership to promote adoption of enterprise security best practices related to implementing enterprise security solutions.
• Conducting technical/vulnerability and network assessments to ensure optimal critical resources stability and availability
• Hand’s on engineering of cloud infrastructure solutions including: Amazon Web Services (AWS), Microsoft Azure, Vmware vcenter, Openstack
• Hand’s on network engineering, configuration, troubleshooting and deployment of LAN/WAN and security devices including: Cisco IOS, Cisco NX-OS, Cisco ISR, Cisco ASA devices.
• Implemented data center solutions Cisco Nexus/Cisco UCS platforms to enhance business productivity for mission critical data center environments.
• Network Architect expert in Cisco ACI, ACI integration, cloud center provisioning
• Network Architect experience with Cisco 9k, Cisco 4500, Cisco NX-OS, Cisco Nexus 7k,5k, 2k, Cisco UCS
• Network Security Architect expert with Cisco Cloudlock, Cisco AMP, Cisco umbrella
• Security operations centers procedures and process adoption

Confidential

Senior Security Architect

Responsibilities:

• Creation of Incident Response Procedures
• Architecture and deployment of security systems
• Development Security Operations Center (SoC), Daily Runbooks
• Hand’s on engineering of cloud infrastructure solutions including: Amazon Web Services (AWS), Microsfot Azure, Vmware vcenter, Openstack
• Server orchestration and hardening
• Architecture and PoC testing of Mobile Device Management and MD
• Development of Security Architectures and standards
• Secure application programming, code reviewing, and penetration testing web based application
• Managed a team of white-hats across various global regions - provide consultancy & advice to managers across the product development, engineering & operations teams
• Help to improve documentation: IP addressing schemes, VLAN design, physical cabling, data center rack connectivity documents, network diagrams.
• Recommended security enhancements and communicated reasoning to appropriate leadership, developed and executed plans effectively
• Network Architect expert in Cisco ACI, ACI integration, cloud center provisioning
• Network Architect experience with Cisco 9k, Cisco 4500, Cisco NX-OS, Cisco Nexus 7k,5k, 2k, Cisco UCS
• Network Security Architect expert with Cisco Cloudlock, Cisco AMP, Cisco umbrella
• Security operations centers procedures and process adoption

Confidential

Systems Network Security Architect

Responsibilities:

• Developed design/architecture for 50+ offices + 3 data centers in support of high availability improvement projects. internet to MPLS carrier failover: BGP to OSPF integration, DMVPN for WAN backup
• Created, published and update related IT status communications and documentation
• Evaluated current state network design and provided recommendations for improvements in the areas of fault tolerance, high availability and network security implementation.
• Hand’s on engineering of cloud infrastructure solutions including: Amazon Web Services (AWS), Microsfot Azure, Vmware vcenter, Openstack
• Maintained strong vendor relationships and oversight to ensure the success of outsourced services and implementations.
• Communicate corporate requirements and stay abreast of new technology and product enhancements.
• Defined standards and procedures for networking equipment upgrades/refreshes/replacements
• Coordinating and leading cut overs for data center/WAN deployments/integrations
• Provided hands on implementation, configuration and troubleshooting duties with routing protocols including: OSPF, EIGRP, BGP, IPSEC, MPLS, DMVPN.
• Hand’s on operational/configuration support for LAN/WAN and data center security devices including: Cisco ASA, IPS/IDS systems, URL-filtering gateways.
• Executed enterprise wide security assessment, provided recommendations for improvement to senior level IT staff and management.
• Network Architect expert in Cisco ACI, ACI integration, cloud center provisioning
• Network Architect experience with Cisco 9k, Cisco 4500, Cisco NX-OS, Cisco Nexus 7k,5k, 2k, Cisco UCS
• Network Security Architect expert with Cisco Cloudlock, Cisco AMP, Cisco umbrella
• Security operations centers procedures and process adoption

Confidential, San Francisco

Network Security Architect

Responsibilities:

• Hand’s on configuration and implementation skills with Meraki cloud controller and related solutions.
• Hand’s configuration, operational and implementation experience with Cisco Nexus data center solutions including 5k, 7k and Cisco UCS management systems.
• Hand’s on configuration, troubleshooting and operational experience with protocols including: BGP, OSPF, EIGRP, STP, MPLS, SD-WAN.
• Authored standards and guidelines for IT best practices
• Escalation point for managed services team driving resolution of complex network technology/connectivity issues.
• Hand’s on engineering of cloud infrastructure solutions including: Amazon Web Services (AWS), Microsfot Azure, Vmware vcenter, Openstack
• Communicated status of technology project plans and progress to managerial and executive teams.
• Partnered with IT services practice leadership develop network engineering lab solutions to support vendor initiatives
• Proposed next generation unified/converged fabric to improve and optimize provisioning of critical data center network services for Fortune 100 customers
• Proposed adoption of solutions to reduce configuration provisioning errors through standards-based approaches
• Deployed identity access management solutions to enhance overall security posture.
• Network Architect expert in Cisco ACI, ACI integration, cloud center provisioning
• Network Architect experience with Cisco 9k, Cisco 4500, Cisco NX-OS, Cisco Nexus 7k,5k, 2k, Cisco UCS
• Network Security Architect expert with Cisco Cloudlock, Cisco AMP, Cisco umbrella
• Security operations centers procedures and process adoption

Confidential

Network Security Architect

Responsibilities:

• Network Security lead design consultant for data center and campus networks.
• Project Lead and network architect for enterprise WAN/MPLS rollout
• Escalation tier 3 network operations support for network devices across all sites: Cisco catalyst, Cisco Nexus, Dell switches, Cisco ASA, Juniper SRX, Cisco UCS operations support.
• Interviewed and selected Carriers for MPLS service providers for globally.
• Hand’s on engineering of cloud infrastructure solutions including: Amazon Web Services (AWS), Microsoft Azure, Vmware vcenter, Openstack
• Designed and configured Wireless LAN deployment for Corporate networks and standards.
• Worked with Air defense and Cisco on deployment.
• Worked with CIS teams to maintain compliance for IS policies and procedures and PCI compliance initiatives.
• Configured DMVPN for extranet build out, MPLS & WAN encryption, and to support services such as VOIP, multicast and QoS.
• Network Architect expert in Cisco ACI, ACI integration, cloud center provisioning
• Network Architect experience with Cisco 9k, Cisco 4500, Cisco NX-OS, Cisco Nexus 7k,5k, 2k, Cisco UCS
• Network Security Architect expert with Cisco Cloudlock, Cisco AMP, Cisco umbrella
• Security operations centers procedures and process adoption

Confidential

Senior Network Architect

Responsibilities:

• Overseeing and coordinating projects on security architecture improvements, design, policy development, risk management and compliance for customers.
• Hand’s on engineering of cloud infrastructure solutions including: Amazon Web Services (AWS), Microsoft Azure, Vmware vcenter, Openstack.
• Partnering with sales and marketing executives to help drive Confidential 's business and technical value proposition.
• Hand's on implementation and network engineering of network/security technologies including: Cisco ASA firepower services, SD-WAN, SDN, Cisco ACI SDN, Viptela, Cisco wireless networking, Cisco ISE
• Wrote scripts in multiple languages - Python, Ruby, Perl, Bash
• Prepared and delivered end-to-end audit prep / compliance ownership in HIPPA and PCI projects
• Conducted penetration testing overseeing multiple urgent projects simultaneously
• Network Architect expert in Cisco ACI, ACI integration, cloud center provisioning
• Network Architect experience with Cisco 9k, Cisco 4500, Cisco NX-OS, Cisco Nexus 7k,5k, 2k, Cisco UCS
• Network Security Architect expert with Cisco Cloudlock, Cisco AMP, Cisco umbrella
• Security operations centers procedures and process adoption

Guidewire Software

Senior Network Engineer/Security Operations lead

Responsibilities:

• Conducted network and security assessments
• Developed Risk Mitigation and Risk analysis strategies and programs
• Help to lead Forensic Investigations on data leak and compromise issues
• Worked in partnership with CISO and IT executives on Enterprise Risk Management, Team Leadership, Security, ISO 27000, Incident Response, Computer Forensics, and Project Management

Confidential

Senior Network Engineer

Responsibilities:

• Day to day operations network support of campus, LAN and data center networks
• Performed complex troubleshooting of network and security protocols
• Lead data center network upgrade refresh to Cisco Nexus/NX-OS environment
• Developed incident procedures and threat mitigation strategies and solutions
• Lead network engineering efforts for opening of new headquarters

Confidential

Principal Network Architect/Security Architect

Responsibilities:

• Overseeing and coordinating projects on security architecture improvements, design, policy development, risk management and compliance for customers.
• Partnering with sales and marketing executives to help drive Confidential 's business and technical value proposition.
• Hand's on implementation and network engineering of network/security technologies including: Cisco ASA, firepower services, SD-WAN, SDN, Cisco catalyst, Cisco wireless networking, Cisco NAC.
• Expert in scripting, in multiple languages - Pyhton, Ruby, Perl, Bas
• Driving projects for end-to-end audit prep / compliance ownership in HIPPA and PCI projects
• Penetration testing overseeing multiple urgent projects simultaneously
• Network Architect expert in Cisco ACI, ACI integration, cloud center provisioning
• Network Architect experience with Cisco 9k, Cisco 4500, Cisco NX-OS, Cisco Nexus 7k,5k, 2k, Cisco UCS
• Network Security Architect expert with Cisco Cloudlock, Cisco AMP, Cisco umbrella
• Security operations centers procedures and process adoption

Confidential

Senior IT Security Consultant

Responsibilities:

• Provided security assessments and high level Risk/Gap analysis to Gensler's information security executive team
• Responsible for conducting high level analysis based upon the ISO 17799 and its controls internal security policies to review their vendors policies and architecture to ensure a level of compliance and to cite any Risk/Gaps between the vendor and SFDC .
• Traveled to several vendor sites throughout the United States and Canada for on sight reviews of their facilities and security procedures
• Physical review of the facility, an interview of the vendor’s “C” level management and technical team and producing a report provided to the BU and the VRM member assigned to the vendor reviewed.
• Assisted in the development and of this process to consulting team for the audit project.
• Conducted several high level technical reviews of SFDC vendors as a senior member of the Site Review Team.

Confidential, Pleasanton, CA

Network Engineer/Architect

Responsibilities:

• Provided senior level configuration development, operations, implementation troubleshooting for networking/security protocols pre and post deployment: OSPF, EIGRP, STP, BGP, IPSEC VPN, HSRP, VPC.
• Presenting ideas and solutions to streamline network operations and influence SLA metrics.
• Hands on configuration changes for Cisco/Palo Alto firewalls including: security rule additions/deletions, configuring NAT and access-lists, troubleshooting VPN and access connectivity across networks

Confidential, San Jose, CA

Senor Network Architect/Lead/Network Security Engineer

Responsibilities:

• Hands on troubleshooting, configuration and implementation of network security protocols: IPSEC, VPN, DMVPN, ASA/PIX firewalls, IPS/IDS systems, router security.
• Defined standards and procedures for networking equipment upgrades/refreshes/replacements
• Coordinating and leading cut overs for data center/WAN deployments/integrations
• Provided hands on implementation, configuration and troubleshooting duties with routing protocols including: OSPF, EIGRP, BGP, IPSEC, MPLS, DMVPN.
• Hand’s on operational/configuration support for LAN/WAN and data center security devices including: Cisco ASA, IPS/IDS systems, URL-filtering gateways.