OBJECTIVE:

To obtain a challenging position of a Sr. Network Engineer utilizing my technical expertise and 23+ years of experience to be an excellent leader in complex network environment

SUMMARY:

• More than 23 years of experience in designing, implementing and supporting large - scale, complex IP network, including data network, network security and voice.
• 11+ years of experience in Capital Markets network environment of Top 5 Canadian banks
• Excellent technical experience in variety of technologies, such as LAN, MAN, WAN, TCP/IP, OSPF, EIGRP, BGP, RIP, IP Multicast, QoS, VoIP, IP-Telephony, firewall, VPN, load balancer, MPLS, Clouds, ACI, Ansible, Bitbucket, and Python
• Expert in Cisco IOS, NX-OS, Juniper ScreenOS and JUNOS, PanOS and FortiOS
• Extensive experience in multi-vendor products from Avaya, Cisco, Nortel, Juniper, Mcafee, F5, Checkpoint, ISS, Nokia, Palo Alto and Fortinet
• CCIE (Cisco Certified Internetworking Expert) in routing and switching, CCIE#148xx since 2005
• CCIE voice and CCDE (Cisco Certified Design Expert) written
• Experience in various network management and analysis tools
• Distinguish Toastmaster with 10+ years of Toastmasters experience
• Excellent communication skills, excellent team player, customer-orient, problem solving and achievement orient, creative thinking, quick learner, multitasking, self-motivation, coaching and technical leadership

TECHNICAL SKILLS:

Protocols: IPv4/IPv6 TCP/IP, SIP, SCCP, BGP, OSPF, EIGRP, RIP, IS-IS, and IP multicast

Services and technology: 10/40/100GB Ethernet, Sup 720/2K, FlexWAN, GBIC, SFP, SFP+, PoE, WCCP, QoS, HSRP, VRRP, GLBP, SNMP, CA Server, DSL, DWDM, SONET, wireless, VTP, and STP, IPSec/MPLS/SSL/Easy VPN, Cisco AnyConnect VPN, DMVPN, L2TP Confidential, RADIUS/TACACS+, RSA ACE, SecurID/Token, 802.1X (dot1x), and SSH, Active Directory, DNS, BIND 9, LDAP, PSTN QSig, ISDN Q.931, SS7, G729, and G711, SBC, RTP, SRTP, RTCP, CMM, IPDR, MAS, PSAP, IP recorder and e911

Devices and applications: Cisco 12000/7600/7500/7200/4400/4300/3900/3800/2900/2800/1900/1800 and ASR1006-X/1004 routers, Juniper J2300/4300/MX480/MX240/M40e/M320/M5 routers, Cisco Aironet 3802I/ 3602/1240/1130 AG Series Access Point, Cisco Flex 8510 and 5508 WLC, Cisco Nexus 9K/7K/5K/3K/2K series, Catalyst 9400/6500E/ 4948/4500/3850/3750 X /3650/3560X and other series switches, Cisco ISE 2.4/ACS 4.2/5.4, Juniper Steel-Belted Radius, and RSA ACE/Server 6.1, CSS 11500/11000 and ACE 30 module/4710 Load balancer, and F5 BIG-IP 5250, v2000, i2800, and VIPRION 2400 Chassis with 2100 Blade, Cisco FirePower 9300, ASA 5585-X/ 5550/5520/5516- X, PIX 535/525, Concentrator 3000 series, Checkpoint NG Firewall and VPN, Nokia IP 1220/690/380/130 Firewall/VPN Appliance, Juniper NetScreen ISG 2000/SSG550M/SSG140 and JUNOS-based SRX 650/240/220/100 Firewall/VPN, Juniper SA 2500 SSL VPN, Nortel Contivity 2700, and Fortigate 3700D/1500D/1000C/100D/60D/E, and Palo Alto PA- 3250/3260/5220 , Juniper NSM(Network and Security Management) 2008/2010/2012 , Checkpoint Provide-1 Firewall Management system, and Cisco CSM (Cisco Security Manangement) 4.12, Fortinet FortiManager 5.4/5.6, and Palo Alto Panorama v 9.0.10 and v10.0.1, Avaya VoIP PBX System, Nortel MCS5200 and Nortel PC client, AudioCodes MediaPack MP-114, and Mediant 2000 Dual T1/E1 Span SIP Gateway, Cisco Unified CallManager CMM6, Unity VM/UM, Message store, CER(Cisco Emergency Responder) for e911, CRS(Customer Response Solution), MoH/XML servers, IPCC Express and Exchange

Tools: Cisco Works, HP OpenView, WhatsUP Gold, Concord eHealth, nGenius, Statseeker, CA Spetrum, CAPC and HPNA(Network Automation), Wireshark and Sniffer

OS: Windows 9x/NT/2000/XP/ 2003/2008/2012/7/8/10 , Sun Solaris 7/8/9/10, FreeBSD, CentOS and Redhat Linux

PROFESSIONAL EXPERIENCE:

Senior Network Consultant

Confidential

Responsibilities:

• Working on variety of projects in our big customer’s global environment, including design, implementation, support and troubleshooting of complex enterprise and carrier-level network
• Designing, deploying and troubleshooting Palo Alto Prisma cloud-based Global Protect VPN for more than 80K employees
• Designing, deploying and troubleshooting Dell Velo Cloud SD-WAN for more than 100 remote offices and headquarter offices
• Acting as Principal Network Engineer in Network Modernization Program to fix and optimize a few thousand network device monitoring issues based on AIM tools, including CA Spectrum, CAPC (Performance Center) and HPNA (Network Automation)
• Working closely with FIS Global Network and Security team to create, provide and optimize daily critical device reports in CAPC
• Cooperating with Worldpay UK network engineers and application support team to implement change requests via Automation Deployment Tool, and troubleshoot the issues in network environment with ACI, F5 BIG IP VIPRION 2400, Fortigate firewalls, Palo Alto firewalls, Cisco ISE and other Cisco legacy devices
• Leading partner-Ally network resiliency investigation and optimization project
• Working in a team to provide excellent services to our customers based on contractually obligated SLA

Network Analyst Advisory 2&Duty Manager

Confidential

Responsibilities:

• Responsible for design, implementation, support and troubleshooting of converged LAN, WAN and Internet gateways across worldwide network environment with data, security, and VoIP phone systems, as well as daily DCNS&GBMNS team management
• Provided the day-to-day network support, including technical troubleshooting, consultation and co-ordination to internal users and 3rd party vendors, including Trader Floors, Wealth Management, Corporate, Back Office, Waterous and so on
• Performed firewall change request risk analysis and assignment, as well as network change technical verifications
• Worked closely with business departments to design and deploy variety of complex projects
• Created and updated network support documents, including network configuration standards, hardware and software selection, DNS&DHCP, Data center VLAN and subnets standards
• Mentored the junior & medium team members on projects design, implementation, troubleshooting and support
• Coordinated team logistics, managed and responded to all incidents, and leading devices/circuits additions and cancellations
• Tested the new technology and provided the evaluation report before deploying it in the production
• Organized weekly knowledge transfer sessions to all network staff,
• Provided firewall rule implementation and troubleshot training to new staff and junior & medium team members
• Worked as duty manager of the 3rd level network support
• Working on many complex projects, and majority of ongoing and completed projects are as follows:
• 3rd party vendor from 40 King to Barrie migration
• Lync as a PBX project
• Office 365 Project
• India domestic WAN circuit upgrade
• Dubai WAN Optimization
• Cisco ASA, Juniper NetScreen/SRX, and Fortigate OS upgrade globally
• GBM OOB network redesign
• 3rd party Mumbai from Cisco PIX to Juniper SRX series firewalls migration
• Canada BGC Trader
• Reuters Migration-Elkon and Elektron
• Arrow Prod Vendor Connection Migration project
• Confidential Principal Protected Notes project
• Cisco 3560X and 3750X IOS upgrade Globally
• Migrate FI connection from Vendor VPN to leased line at Q9 100 Wellington
• Firewall Management Cycle project
• Multicast MSDP migration project
• Cisco 6500 series to Nexus 7K&2K migration project
• Consolidation of circuits from Scotia to TSX/MX project
• Softek T1 circuit migration project
• CSM (Cisco Security Manager) test and evaluation project
• Brazil Frontier office migration project
• Q9 Low latency project for critical trading applications
• TMX multicast market data project
• Global Juniper firewall ScreenOS upgrade and optimization
• West Mall 3rd party retrofit
• West Mall data center OSPF redesign
• London and New York 3rd party JUNOS-based SRX series firewall design and implementation
• Hong Kong VoIP setup with Avaya solution
• Hong Kong new trader floor setup, including data network and VoIP
• Etrade Canada network migration from 3rd party to Campus network
• Global End-of-Life hardware replacement: cisco routers and switches
• Variety of 3rd party vendor VPN deployment in Nortel Contivity VPN platform, including Alpha, JP Morgan, IRIS, LPMCL, IRON Mountain and so on.
• Dynamic failover remote branch Office VPN connections
• Server-based NSM to NSMXpress appliances migration and optimization
• Out-of-band network upgrade and optimization
• ScotiaFX-Wallstreet design and deployment in Customer Gateway eHealth monitoring system upgrade and optimization

Senior IT Consultant

Confidential

Responsibilities:

• Designed, configured and tested end-to-end QoS for Telepresence multimedia application with Cisco Telepresence solution
• Designed and upgraded Checkpoint/Nokia IP appliances in Internet gateway of MDC and TDC
• Optimized firewall policy in Checkpoint Provider-1 firewall management system
• Designed and implemented Rogers WAN upgrade project with two data centers, seven regional sites and hundreds of branches across Canada in Rogers’s data and converged network
• Presented high-level network solution and providing devices recommendation and cost estimation
• Ordered Cisco devices from Cisco online order tool based on projects requirements
• Cooperated with Rogers staff at each regional site and data centers to figure out all related information, including applications, cabling, power, rack units, and shipment
• Configured Cisco 7600 and 7500 routers, and 6509E switches with EIGRP, VLAN, VTP, STP, HSRP, and setup QoS on ATM, POS-OC3, HSSI, Fast-Ethernet, Giga and 10 Giga Ethernet interfaces
• Prepared the implementation schedule and implementation procedure documents for each regional site and data center before migration
• Created and provided detailed word and visio format support documents after each regional site and data center migration and IPT upgrade
• Worked in a team to provide excellent services to our customers based on contractually obligated SLA

Senior Technical Analyst

Confidential

Responsibilities:

• Responsible for designing, implementing and maintaining networks with IP-Telephony systems across worldwide enterprise network within more than 50 countries in Confidential
• Implemented and supported Scotia EI Salvador International Gateway with global and data center balancing, multi-homing, firewalls failover, and server-farm load balancing with CSM on C6509
• Designed, implemented and supported branches and offsite ABMs MPLS migration in Caribbean region, including Jamaica, USVI, Trinidad, Barbados, Dominican Republic, and Puerto Rico
• Designed and implemented data center and main branch networks with BGP, OSFP, QoS and redundancy technology
• Worked with telecommunication team to setup and optimize QoS, PBX Ethernet connection and SIP trunking for Acropolis Campus location
• Used Concord ehealth and nGenius Performance Manager to monitor and optimize production environment network
• Troubleshot production and project implementation issue by using Wireshark Network Analyzer/Sniffer and NAM module on Cisco 6509 switch to identify and correct service interruptions
• Created production network documentation and updated devices information in Visionael system
• Escalated trouble situations to team leader, manager, service providers and vendors in case of big outage and impairment
• Provided Level 3 support and participated in on-call rotation
• International Caribbean & Central America MPLS Network migration
• Scotia EI Salvador International Gateway
• Acropolis relocation—campus network with integrated data and IP-Telephony systems

Technical Specialist

Confidential

Responsibilities:

• Designed and implemented extranet using BGP protocol and Cisco redundancy solution with multi-path between Bruce Power and OPG networks
• Designed and implemented Confidential services for network access including network devices, remote VPN, dialup users, Windows workstations and servers, Cisco routers and switches and wireless AP, and Nortel switches based on Juniper/Funk SBR, 802.1X, and RSA ACE/Server technology
• Enhanced network security based on Nokia IP500/600 and Cisco PIX firewalls solution and removed asymmetric problems in multi-path networks
• Configured and optimized OSPF and BGP routing protocols, and HSRP for High Availability on Cisco 7206 and 3845 routers, Cisco 6509 and 3750 switches, and Nokia IP500/600 firewalls
• Worked with troubleshooting, performance tuning, monitoring data capacity and documentation
• Provided Tier 3 technical support and worked with escalations from Tier 2 engineers

Senior Network Engineer

Confidential

Responsibilities:

• Responsible for designing, implementing and maintaining converged network infrastructure for former Confidential
• Setup, tested and maintained hub-spoke topology of VPN network based on NetScreen remote access VPN and route-based Site-to-Site VPN
• Implemented and supported Catalyst 3750 switch stack technology for high availability
• Configured OSPF and BGP routing protocols on related routers and switches, and firewalls
• Provided Level 2-3 network support and technical guidance and expertise to the team for the diagnosis and resolution of complex network problems

Network Specialist

Confidential

Responsibilities:

• Responsible for designing, implementing and maintaining highly reliable network infrastructure for the college with more than 200 routers/switches/firewalls, 5,000 workstations and 20 locations worldwide
• Designed, implemented, tested and maintained Internet Gateway with multi-homing Internet access, two-layer firewalls, remote access and route-based Site-to-Site VPN, and server farm load balancing
• Administered fully redundant Cisco 6500 series Gigabit Ethernet backbone at two data centers
• Configured OSPF and BGP routing protocols on relevant Cisco routers and layer3 switches
• Configured and maintained Cisco CallManager cluster for VoIP services in college environment
• Designed, implemented and maintained high speed connection among data centers and domestic campuses with MPLS/VPN technology
• Performed network troubleshooting, performance tuning, projects costing, new devices recommendation, and network design documentation
• Provided technical training and tier III 24x7 network support, and participated in an on-call rotation

Senior Network Analyst

Confidential

Responsibilities:

• Worked in Internet-core team to implement and support IP backbone across the country in ISP environment
• Configured, and maintained Cisco GSR 12000/7500 routers and Cisco 6500 series switch with OSPF, BGP and MPLS VPN, MPLS TE, L2TP,and QoS configuration and troubleshooting
• Performed network hardware and IOS upgrading, troubleshooting, performance tuning, project costing and management to meet new IP services demands
• Provided Level 3 network support and participated in on-call rotation