SUMMARY

• An accomplished IT Professional wif 15 years of technical and Network Engineering experiences, including 8 years of IT management positions in various industries and high profile enterprises.
• An effective manager who can handle a wide variety of responsibilities ranging from enterprise resource planning, infrastructure and system design, service implementation, project management, technical team development, and customer services.
• A visionary, proactive, task - oriented, and result-driven individual who can sense the proper course of action, determine the appropriate resources, and understand the complexities of today’s domestic and global market for outstanding IT services.
• A dedicated leading Engineer wif broad technical noledge and proven records troubleshooting skills, particularly in the topics of infrastructure design and implementation, WANs and LANs networking, information security, Cisco routers configuration, Storage Area Network and Data Replication using Fiber Channel over IP.
• Accomplished IT Professional wif outstanding technical abilities at Network Infrastructure & Service Provider, Information Security, excellent troubleshooting skills, great ability to learn and excel.
• A team player appreciated for integrity, dependability, flexibility and decisiveness.
• Layer 3 MPLS-IP-VPN, VPRN, VRF, Layer 2 MPLS/VPLS.
• Voice over IP / Voice Gateways and Gatekeepers, Proxy, SIP, MGCP, SCCP and QoS.
• Internet Service Provider IP-Backbone wif BGP and OSPF.
• Customer's last mile reach including DSL DSLAMs/PPPoE, VPLS peers, MetroEthernet inner/outer VLAN tagging (8100TT/9100TT) over SONET OCx, TDM or dry copper pairs.
• Business continuity and disaster recovery sites and real-time data replication using EMC Storage Area Network disk subsystems & Fiber Channel over IP using Cisco MDS-9216/IPS Director Class Switches & Brocades Fiber Channel Switches.
• Successfully designed and built several Service Provider Class Networks and implemented security using Checkpoint and PIX Firewalls, Radius/TACACS+ server, AAA on Cisco Routers, IDS/IDP.
• Extensive experience wif F5 Big IP Load Balancer, Juniper DX3650, Juniper SSL-VPN, Cisco ASA 55xx SSL-VPN.
• Extensive firewall experience wif Cisco ASA 5550, PIX 515, Netscreen 500, ISG200, Nokia IP-530/Checkpoint NG FW-1.
• Cisco routers, IP, IPX, X.25, and various routing protocols for each including MPLS, IS-IS, OSPF, RIPV2, EIGRP, and BGP.
• LAN MultiLayer Switching, ISL, 802.1q, Spanning Tree, WANs, Frame Relay, DSx, Packet over SONET, Satellite Communication, and WIFI.
• Extensive noledge wif the standards of external auditors (E&Y, PriceWaterhouseCooper, OCC, Deloitte, KPMG) for Sarbanes-Oxley Section 404 compliance. Internal controls under the COSO/COBIT framework using inquiry/observation tests, substantive and compliance testing and compliance testing and computed assisted audit techniques.
• Extensive noledge of IT security governance framework such as ISO1779/BS779,CISSP,SANS Institute.

TECHNICAL SKILLS

• Cisco Systems - Cisco CCNA, CCDA, CCNP
• Microsoft - MCP+Internet, Microsoft Certified Professional
• ISACA- CISA (Certified Information Systems Auditor)
• Juniper/NetScreen FireWalls- NetScreen Firewall Boot Camp
• Juniper Network- Juniper SSLVPN Boot Camp (Previously non as Neoteris)
• Juniper Network- Juniper Service Routers
• Bellcore / Telecordia- Digital Data Services - Provisioning DS3, ATM, Packet over SONET OC192
• Marconi / Fore System- Public ATM and FORE Thought / Frame Relay
• RedBack Networks- Installing and Configuring Redback SMS-1800 DSLAMs
• CheckPoint FireWall- VPN-1/FireWall-1 NG, Management I, II, III
• SANS Institute- SANS Security Essentials and Intrusion Detection In-Depth
• ArcSight- ACSA-ArcSight Certified Security Analyst
• Deloitte- Oracle ERP - Enterprise Resource Planning security deployment and auditing
• IIA-Institute Internal Auditors- IIA Control Self-Assessment certification

PROFESSIONAL EXPERIENCE

Confidential

Senior Network Architect

Responsibilities:

• Designed and published deployment plan for Carrier Class Voice over IP and TDM Voice (PRI/CAS) muxing/aggregation to SIP trunks utilzing Cisco AS5400 Universal Voice Gateways along wif Adtran Total Access 9xx IADs.
• Published POC for Voice over IP/Voice Gateways/IADs and SIP Trunking.
• Designed and published deployment plan for layer 3 MPLS-IP-VPN, VPRN/VRF IP Core Backbone.
• Architecture for Carrier Class Voice over IP/Voice Gateways/IADs and SIP Trunking. Designed and published deployment plan for Carrier Class Voice over IP and TDM Voice (PRI/CAS) muxing/aggregation to SIP trunks utilzing Cisco AS5400 Universal Voice Gateways along wif Adtran Total Access IADs.
• Designed and implemented multiple class of services QoS, H-QoS, network QoS utilizing PHB Diffserv/DSCP, CoS/PCP priority bits, and MPLS-LSP-EXP bits utilizing Alcatel SR7750's QoS/H-QoS features.
• Designed and published deployment plan for Channelized OC12 MUX to TDM (DS3/DS1) and migration of all existing DS1/T1s from Cisco GSR12008/12416 to Alcatel SR7750-CHOC12 IOM/MDAs.
• Designed and published migration plans for Internet Service Provider IP-Backbone wif BGP and OSPF utilizing a combination of Alcatel SR7750 Service Routers, Cisco GSR 12008/12416 and Brocade/Foundry Switches,
• Logical network provisioning job write up for customer's last mile reach utilizing VPLS peers, Metro Ethernet inner/outer VLAN tagging (8100TT/9100TT) over SONET OCx, TDM, or Ethernet over dry copper pairs utilizing Overture Networks HN6100/4000/408 and HN508 for Ethernet over T1 bonding.
• Layer 2 MPLS/VPLS for Metro Ethernet EVCs aggregation using Alcatel, Brocade/Foundry XMR, Adtran TA5000, Hatteras/Overture Networks 6100/408/508.
• Published POC and deployment plan for AAA Cisco TACACS+/RADIUS HA cluster for centralized authentication.

Confidential

Sr. Network Engineer, Sr. Security Analyst

Responsibilities:

• Managed a team of Junior/Senior Network and Voice Engineers wifin the Network & Voice Infrastructure team
• Managed projects for Network Access Control (NAC) deployment to perform network port security
• Managed projects involving the migration of TDM-PBX to VOIP systems.
• Managed projects involving network and voice infrastructure deployment for new constructions and remote sites.
• Work wif external auditors on HIPAA/PCI and other regulatory compliance and findings remediation.
• Initial planning for data center design to utilize Cisco latest Nexus 7000, 5000, and 2000 series switches.
• Performed upgrades of Solarwinds and What’s UP Glod network management tools
• Assisted wif the implementation and troubleshooting of Cisco Voice over IP and SRST gateways
• Architecture design and planning of MPLS core backbone utilizing VRFs for network virtualization
• Worked on the initial design for DHCP services migration.
• Worked on Network infrastructure refresh and migration to routed access for faster voice convergence.
• Implementation of Cisco Catalyst 65xx, 45xx-E, 3750, 4948 and all various Cisco routers 3845, 7206VXR
• Architect and project lead for the migration of the VPN Endpoints to an IPS environment
• Project lead for the planning of Unified Treat Management (UTM) system using SSG-Firewalls for the physicians’ offices
• Project lead for Cisco SSL-VPN and AnyConnect implementation
• Architect and project lead for Juniper SSL-VPN cleanup and migration to latest version of firmware.
• Operation support of the Juniper SSL-VPN, Netsceen 500 VPN, Juniper SA-6000 SSLVPN
• Responsible for the Juniper IDP 500 Intrusion Protection Services
• Designed and setup HA redundancy for the PACS imaging network for reliable video streaming.
• Lead support of the Cisco ASA 5550 /PIX535 Firewalls, Juniper Netscreen ISG-2000, NS500, SA-5000 SSLVPN
• Lead architect for 90+ LAN-to-LAN IPSEC VPN tunnel implementations wif various Enterprise vendors
• Worked on project plan for ISP eBGP Peering migration from one vendor to another
• Contributed to the deployment of the VoIP project and assisted wif VOIP QoS planning
• Contributed to Microsoft Active Directory and LDAP structure management and troubleshooting
• Implemented centralized management of 20+ firewalls using Netscreen Security Manager (NSM)
• Operation support of F5 Big IP Load Balancer, Juniper DX3650 Load Balancer
• Administration of RSA-ACE and troubleshooting token issues
• Deployed a major CISCO IOS upgrade to multiple core and distribution routers and switches
• Responsible for the TON (Top of the Net) Firewalls and backup for the Internet Peering Routers
• Contributed to the MPLS design and implementation for the Research Institution and Physicians network
• Conducted TON Firewall Internet Peering migration and assisted wif BGP cutover
• Setup VPN tunnels and worked wif SunGuard on disaster recovery testing
• Assisted wif the setup of WebSense Network Agent and latest version upgrade
• Worked on a VLAN isolation and aggregate project using policy base routing for guest access network to Cisco BBSM.
• Setup Enterprise Web Proxy server using Microsoft ISA technologies
• Implemented redundant connectivity utilizing Cisco1400 Wireless Bridge for the warehouse distributing center
• Pilot testing of clean access project using the Cisco NAC (CAS/CAM) for segregating the physicians’ offices
• Conducted QoS validation testing for video multicasting to remote locations

Confidential Texas

IT Audit Manager II

Responsibilities:

• Setup BindView modules for Active Directory, SQL Server, Oracle, Unix in order to meet security compliance
• Served as an IT consultant for the process owners to provide recommendations for the improvement of the Infrastructure
• Conducted a router and switch configuration consultation to provide recommendation for monitoring and security of networking devices
• Provided consultation for the improvement of the Enterprise Infrastructure pertaining to both LAN and WAN
• Provided consultation for computer operations, active directory schema, network architecture
• Performed regulatory compliance self certification, Risk Management, Audit Remediation Management, Risk Analysis.
• Evaluate the bank’s system of internal controls under the COSO/COBIT framework using inquiry/observation tests, substantive and compliance testing and compliance testing and computed assisted audit techniques.
• Extensive noledge of IT security governance framework such as ISO 1779/BS779 and SANS Institute CISSP
• Performed required audit procedures for the assigned operational, financial and compliance audits wifin the established time budget for each audit.
• Interacted wif all levels of IT management & staff to identify the existing internal controls in areas under review.
• Conducted special investigations on potential regulatory violations.
• Extensive hands-on experience in Sarbanes-Oxley compliance and operating effectiveness.
• Deployment consultation and security assessments of Oracle ERP (Enterprise Resource Planning) system

Confidential

Senior Network Engineer

Responsibilities:

• Designed and implemented Disaster Recover and Business Continuity Plan
• Designed, implemented, tested, and improved disaster recovery procedures and system designs for 24/7 operation.
• Built a remote Hot Site data center from ground up utilizing FC over IP for semi-real time replication of the SAN.
• Developed strategies dat will increase reliability, availability, and 24/7 uptime monitoring.
• Set up redundant high-availability firewalls and VPN concentrators
• Network Infrastructure Design and Cisco Router and Switch Implementation wif high availability and redundancy
• Developed a security infrastructure design wif firewalls (Cisco PIX 515 and Checkpoint NG cluster firewalls)
• Implemented real-time incident response intrusion detection system (Cisco WS-X6381-IDS, Cisco Secure, SNORT)
• Setup VPN Infrastructure using Cisco VPN Concentrators 3030, 3003 and Nokia CheckPoint NG VPN-1
• Implemented Storage Area Network and high-availability redundant clustering system using EMC and StorageTek
• Manage Storage Area Network and Designed Redundant Fiber Channel Topology using Cisco MDS-9216/IPSM
• Worked on Storage Area Network using Brocade Silkworm switches for HBA connectivity.
• Manage Network Systems, Data Centers monitoring using HPOV, What’s UP Glod, Cisco Works 2000
• Manage Active Directory and ITS infrastructure
• Forecast and manage capacity of systems and services
• Implemented network system servers monitoring for performance and maintain environment according to industry “best practices”
• Created a set of practices, polices, and control recommendations essential for effective business protection.
• Coordinated wif external auditor KPMG to achieve regulatory compliance wif GLBA (Gramm-Leach-Bliley Act).
• Conducted onsite audits wif TruSecure to be meet federal regulations and obtain ecommerce security certification.
• Implemented real-time incident response and intrusion detection system.

Confidential

Director - Principal Network Engineer/ Information Security

Responsibilities:

• Principal management role in the architecture and planning of a service provider IP backbone wif 35+ global POPs.
• Implementation of Data Satellite Link utilizing HSSI Interfaces on Cisco 7206VXR
• Developed a security infrastructure design to protect the company’s assets wif firewalls (Cisco PIX-515) and IDS
• Setup L2TP/IPSEC VPN Tunnels, GRE, MPLS-VPN, Remote Access Servers (Cisco AS5300)
• Developed and implemented network security including setting up a centralized security authentication wif Cisco Secure ACS TACACS+/RADIUS
• Designed and implemented a DSL Aggregation Network for Microsoft MSN Broadband using Redback SMS-1800
• Managed and Implement IP Backbone using Cisco GSR 12416, Catalyst 6500, 7206 VXR
• Designed a Metro Gigabit Ethernet and Metro Fiber Network Solution using Juniper M-Series Routers
• Designed plan for Voice over IP solution using Cisco Voice Gateway IOS and Call Manager
• Developed plan for migration to a MPLS Core Backbone and IS-IS and MPLS-VPN using Cisco GSR 12416
• Configured and Secured Cisco Aironet 802.11b Wireless Access Point

Confidential

Senior Technical Solutions Consultant

Responsibilities:

• Project lead wif ICG Communications to expand MSN and AOL’s Backbone
• Evaluated the compliance status against regulatory security standards including Visa CISP and HIPAA.
• Health Insurance Portability and Accountability (HIPAA) regulatory compliance consultant.
• Responsible for ongoing security monitoring, vulnerability assessment, intrusion detection, incident response and computer forensic analysis.
• Design planning for Voice over IP/DSL/Frame Relay/ATM
• Installation of Cisco 7206VXR/AS5800/5200/2511 Access Server Routers, DS1/DS3 and Digital Modem Pools
• Installation of Cisco Catalyst 6509/5509/2924XL Multi-Layer SwitchesExxon Mobile, Contractor
• Setup centralized security using Cisco Secure ACS network security suite for ExxonMobile’s Enterprise Network.
• Setup Cisco Secure ACS (TACACS+) Network Security for client’ Enterprise Network
• Delivered strategic security solutions to manage the risks involved wif technology applications

Confidential

Sr. Technical Trainer II

Responsibilities:

• Conducted training on Cisco Routers, Windows NT Server, Novell Netware IPX/SPX, TCP/IP
• Conducted training for the Network Management Center (Cisco Works and HP Open View experience)
• Cisco PIX Firewalls and other Firewalls/Proxy Servers
• Setup Security using Cisco Access-Lists, Cisco Switches - Catalyst 5500, 7000
• Conducted training for Cisco, Confidential, Morgan Stanley, and Bell Atlantic and Cisco Lab Setup

Confidential

Cisco System Engineer

Responsibilities:

• Established the Cisco TAC (Technical Assistance Center) in Houston
• Installed and setup Cisco Works / Cisco Secure Radius/TACACS/VPN using IPSEC
• Troubleshoot Cisco related issues wif various Routers and Switches
• Assisted Customers calling into the Cisco TAC on Configurations / Designs / Technical Problems
• Developed training curriculum for the TAC and trained over 80+ Cisco System Engineers
• Setup Security using Cisco Access-Lists and various PIX Firewalls / Radius / TACACS
• Worked wif the NMC (Network Management Center) to setup Cisco Works Release 3.1-1, What’s Up Glod, SMNP protocols
• Setup Virtual Training Lab for internal employees to conduct self study for Cisco Certifications

Confidential

Quality Assurance-Senior Technical Analyst III

Responsibilities:

• Troubleshoot various Hughes Satellite products such as VSAT, DirectPC Internet Satellite Products
• Troubleshoot Hybrid Gateways for IP Tunneling VPN via Wireless Network and Satellites
• Applying security using encryption over wireless network
• Training on X.21 digital signaling interface for DTE/DCE physical interface and HDLC Encapsulation