SUMMARY:

• CCIE Network Engineer, AWS and Azure cloud Architect, passionate and hardworking with 8 years of experience in the IT industry with skills in the following areas:
• IP Routing Protocols: BGP, EIGRP, OSPF, RIP(in - depth knowledge of all)
• LAN/L2 Technologies: Inter-vlan Routing, Spanning-Tree, Etherchanneling, 802.1q Trunking, VRRP, HSRP, QoS
• IP sub netting
• In-depth knowledge of spanning-tree and its features
• Solarwinds monitoring
• WAN Technologies: Frame Relay, ATM and MPLS (in depth knowledge)
• Cisco Network Security technologies: ASA Firewalls, ACS,ISE and ACE(in-depth knowledge)
• VPN Technologies: Site-to-Site, Remote Access, EZVPN, DMVPN, GETVPN, GRE-over-IPSec VPN etc.
• Using splunk for log analysis
• Experience deploying Cisco firepower solutions
• Hands-on experience with the following equipment: Cisco 2600 series, Cisco 2800 series, Cisco 3600 series, Cisco 3800 series, Cisco 6500 Series, Cisco 6800 Cisco 7200 series, Cisco 7600 Series
• In-depth experience with Cisco Catalyst series Switches, Nexus 7000 switches, Nexus 9000 switches, Nexus 5000 Switches, Nexus 2000 Fabric Extenders
• Dell Sonic walls and dell access points
• Experience deploying Palo Alto Firewalls
• In-depth knowledge of Cisco ISE
• Experience deploying Cisco Wireless LAN Controllers
• Knowledge of Cisco firepower technologies
• Cloud computing with AWS and Azure
• Experience with Software Defined Networking
• Experience with Palo-Alto Panorama
• Experience deploying f5 Load balancers LTM and GTM
• Cross-platform between Junipers JunOS and Cisco IOS
• Experience with Infoblox
• Hands-on experience with Cisco ASR 9000 series in a service provider environment and in-depth knowledge of MPLS technologies including MPLS design, traffic engineering, carrier supporting carrier and Inter AS L3VPN technologies
• In-depth experience with Cisco ASR1ks and ISR4Ks
• In-depth knowledge and deployment of Cisco Viptella
• In-depth Knowledge of Cisco ACI
• Hands on experience with HP switches
• Hands on experience with Arista switches
• In-depth experience deploying fortigate firewalls in a datacentre environment
• Experience deploying Checkpoint Security Technologies
• Experience deploying Juniper srx firewalls, Juniper EX series Switches and MX Routers.
• Experience with VMware Technologies
• In-depth knowledge of terraform for automation in cloud envionments
• Experience with integration between VPC solutions and terraform as infrastructure as code.
• Intermediate knowledge of Kubernetes network models
• Working knowledge of security frameworks NIST
• Cloud technologies with focus on AWS. In depth knowledge of AWS technologies such as S3,EFS, EBS, SQS, EC2, VPC, ELB and Auto-scaling, Cloud Trail, Cloud formation for disaster recovery EC2, terraform for automation with AWS and Route53
• Experience creating redshift clusters for data warehousing
• Experience with Architecting solutions for Databases within AWS.
• Experience with Kubernetes and docker container services
• AWS Data pipeline and CI/CD processes
• Web Application Firewalls for Cloudfront Deployments
• Best practices for Securing AWS Components according to best practices
• Using cloudfront to create DR templates in form of code for easy spin-up
• Advanced knowledge of AWS networking with VPC
• Infrastructure as code with Terraform; creating custom VPC using Terraform Registry, using terraform and packer to build custom AMIs. Automating Vault and Consul Cluster using terraform, Automating Kubernetes cluster using terraform, managing IAM group and users using terraform.
• Security Analysis using Open source tools like Pacu for resiliency testing, Scout2 and prowler for Industry standard Benchmarks
• Google Cloud IAM with the responsibility of assigning access with least privilege to google cloud resources, service accounts and organisation integration
• Google Cloud hybrid networking with interconnect through service providers to connect gcp infrastructure to on-prem and setting up on VPNs as a backup
• Experience with stackdriver to monitor gcp resources
• Experience with google cloud storage and storage classes. Object versioning and life cycle management
• Experience with VPC setup in google cloud
• Scenario based experience with google managed databases, cloud SQL, big table, big query for data analysis
• Experience with compute engines, load balancers, GKE, custom images, snapshots and backups
• Experience with standard and flexible app setups for app engines
• Experience with Cloud data flow and data prep

PROFESSIONAL EXPERIENCE:

Confidential

NETWORK CLOUD ARCHITECT-ENGINEER

Responsibilities:

• Responsible for Networking Architecture across Public clouds and legacy networking
• Managing Company Wide firewalls
• Leveraging AWS, Azure Technologies within the cloud space

Confidential

SENIOR NETWORK/CLOUD ARCHITECT

Responsibilities:

• Initial Design and deployment for Hybrid cloud involving AWS Direct Connects and Azure Express Route and Google Cloud interconnect to connect on-prem networks and certain locations to VPCS and VNETs
• Architecting with devops teams for Azure Webapps
• Architecting for Data Factories and Data warehouses
• Assisted with migration of applications/VMs into cloud environments (AWS, Azure, GCP)
• Setting up Palo Alto firewalls as Cloud exchange firewalls between on-prem and cloud environments which include AWS, Azure and GCP
• Using VLAN and VRF Segmentation on edge routers to segregate traffic between AWS, Azure and Google Cloud
• Assisting Data team with integrating data pipelines including dataprep with exports to big query for analysis and in certain scenarios google cloud storage
• Managing communication with different VPCs using concepts like VPC peering between organisations and firewall rules within google cloud
• Using flexible environments for VPC access for app engine working with developer teams
• Creating groups and managing IAM concepts within AWS, GCP and Azure
• Managing Panorama that holds multiple firewall groups across the administration
• Setting up new cloud and internet firewalls using palo alto template stacks
• Creating and managing Palo alto firewall policies for both cloud and internet perimeter firewalls
• Working with Devops teams to architect around Datalake, Azure sql databases and app services
• Working with Devops teams to ensure high availability for VM deployments and setting up load balancers and application gateways as the case may be
• AD integration between on-prem and Azure. Also ensuring enterprise state roam.
• Creating and managing VPCs and VNETs withing AWS and Azure accounts. This also includes monitoring expressroute and transit gateways through equinix cloud exchange fabric
• Assigning user permissions adhering to least privilege based on job functions using AWS IAM and Azure Active Directory.
• Working with Devops teams to set up an GCP environment for apps using Google Kubernetes Engine Clusters in east and west regions respectively sitting behind a HTTPs Load balancer. This also includes GCP networking within the clusters
• Scheduling backups for VMs in the Azure Environment using ASR and daily backups.
• Assisting the devops teams in designing microservices within Azure using Container instances
• Working with Azure Cloud Storages. That includes working with blob and file containers. Also setting up file share sing Azure cloud storages
• Working with Azure Monitor for monitoring resources.
• Troubleshooting cloud related issues
• Ensuring Resources within cloud environments are monitored and appropriate parties are set up to receive notifications using alert groups and notification hubs
• Ensuring security controls on required services within the cloud
• Managing Edge routers running BGP and VRF Aware contexts for different routing contexts
• Creating VPNs per requests using AWS site to site and Azure VPN configurations.
• Helping with user administration within Azure Active Directory
• AD integration between AWS, Azure and On-prem domain controllers.
• Ensuring Compliance for creating of resources using Azure Policy.
• Designed a NPM(Network Performance Monitor over Azure ExpressRoute) between Azure Gateway VNET to On-prem server for Network performance monitoring.
• Designed 2 Data Center to include hybrid cloud networking which included perimeter firewalls from on-prem to cloud environments including AWS, Azure and GCP
• Database migration using Google cloud SQL and Azure SQL services from on-prem
• Application and VM migration into azure
• Help architect for a scalable azure web application employing a 2 tier architecture with a web front end and a data storage backend taking advantage Azure Front door and CDN Services.
• Using Google cloud interconnect to connect a London datacenter into google cloud using google cloud router to exchange routes between on-prem and google cloud
• Using the concept of shared VPC to share vpc to other developer and programmer projects for cloud networking purposes
• Creating environments for web applications using instance templates/instance groups behind an HTTP/HTTPS load balancer . Also using cloud armor to create a whitelist of allowed IP addresses to access load balancers for ddos mitigation
• Helping provide rolling updates/canary updates to google cloud managed instance groups
• Using VPC peering between Google cloud to other organisations for the purpose of connecting those partner organisations to peer with a hub vpc for the sole purpose of accessing on-prem resources
• Perfoming a lift and shift of an on-prem SQL server to Google cloud SQL using the migrate data tool
• Designed AWS Transit Gateway to consolidate ingress/egress traffic to existing edge technology
• Implemented Azure Virtual WAN to china region in replacement of an intended express route design
• Worked with compliance team to set up new security rules when creating resources in cloud environments

Confidential, HOUSTON TEXAS

SENIOR LEAD CONSULTANT/ARCHITECT

Responsibilities:

• Work with Netsync clients and Netsync project teams to identify business and technical requirements for network and security services ranging from Cisco to Palo alto, F5, and Fortinet
• Perform network assessments for clients to determine areas for improvement and optimization
• Provide Pre-sale/Post-sale engineering support to customers in the public and private sector
• Responsible for and independently leads complex, cross-functional teams to deliver critical client outcomes
• Work autonomously in preparation of site specific documentation according to relevant templates which includes creating high level and low level designs, Bill of materials(BOM), CRQs and Methods of Procedure(MOP)
• Develop high level network designs based on current technological solutions provided by the manufacturer.
• Lead and mentors a team of associate engineers and determine the suitable projects based on skill set and customer relationships
• Implement and support network solutions for clients based on industry best practices.
• Provide knowledge transfer and advanced detailed design/operational documentation to clients.
• Provide quality assurance documentation and peer review on projects
• Provide Tier 3 support.
• Cisco WLC installs
• In charge of AWS and Azure and GCP Cloud Engineering for Netsync customers. This includes pre-sales and post-sales implementation and support in a managed serviced environment.
• Initial design of cloud environments relating to IAAS and PAAS concepts
• Designed and implemented Palo Alto firewall security solutions for an Oil and Gas industry in the Houston Area including the setup of Palo Alto Panorama for firewall management
• Cisco Firepower multi-location deployment.
• Redesigned the network infrastructure at a University in the Houston Area, replacing old 6504 infrastructure at the core and distro centers with Cisco Nexus 9ks including redundancy with VPC, HSRP and routing protocol EIGRP
• 8-million-dollar project of redesigning HISD legacy wan ring that connects 290 schools to new infrastructure including Cisco Nexus 7ks, Fortigates and 100 gig connections through cisco optical devices
• Designed an internal MPLS infrastructure including ASR 900, 1002-X, ASR 9010 with multi-vrf solution and multicast VPN end-to end between sites
• Designed and deployed a full-fledged ISE installation for a multinational Specialty company
• Designed and Migrated existing infrastructure to Cisco ACI to leverage SDN that simplified the deployment of applications for a said Transit authority. Solution included Cisco Nexus 9300 Spine and Leaf switches
• Migration of Applications from On-premise to AWS using AWS import/export to assist in some large data migrations, VPN to the on-premise to maintain a hybrid infrastructure
• Deployed a hybrid WAN solution involved ISRs. This involved integrating a new Data center and 2 remote sites with a legacy location using viptela SD-WAN Solution and due to this setup was able to migrate the WAN solutions hosted on the ISRs into Cisco SDWAN Viptela solution.
• Created a full POC infrastructure in the cloud for a customer
• Deployed and managed AWS networking components for a customer
• Led migration of Virtual Machines to Azure Virtual Machines for multiple global business units.
• Migration of SQL servers into the Azure cloud
• Migration of applications into AWS and Azure cloud domains
• Prepared capacity and architecture plan to create the Azure Cloud environment to host migrated IaaS VMs and PaaS role instances for refactored applications and databases
• Perform hands-on activities involved in creating cloud infrastructure components.
• Deployed NSGs, VMs in a resource group using PowerShell
• Manage the AWS cloud infrastructure for different clients in a managed service provider role.
• Performed Security Audits on a clients AWS infrastructure.
• Migration of customers on-premise to cloud.
• Managed Services for Azure Enterprise/GCP and AWS per different customers

Confidential, HOUSTON, TEXAS

NETWORK ENGINEER

Responsibilities:

• Deploying, configuring, and managing network devices and services, including but not limited to switches, routers, wireless controllers, wireless access points, and security appliances to maintain a high level of reliability and availability through the implementation of various protocols, such as HSRP, BGP, OSPF, EIGRP, and MPLS
• Configured OTV and VPC on nexus platforms on a per customer basis.
• Using NMS and link utilization graphs to monitor network hardware and link utilization. Also using solarwinds for network management.
• Troubleshoot and resolve network related incidents (link outages, peer outages, router/switch hardware failures, network performance issues).
• Assisting the Network manager and the core network team with network designs
• In charge of OSPF migration from EIGRP to support mpls design for site to site traffic for the customers. Also setting a MPLS enabled core and tweaking for convergence and optimum resilience
• Deployment of Radware for DDOS protection.
• Continuous researching of current network architecture with the aim of providing solutions for future scaling.
• Implementation of quality-of-service i.e Policing and shaping of traffic using the modular quality of service approach.
• Participating in network engineering “on call” rotation to support 24/7/365 operation
• Maintaining cisco ASA firewalls and sonicwalls for network security. Most work done with ASAs based on a managed service agreement. This also includes responding to tickets generated by service desk for customers
• Consultancy role in a managed service team for end customers
• Cisco wireless controllers and access points support and troubleshooting
• Performed wireless site survey, RF and capacity planning to determine coverage and density
• Deployed VSS on Cisco 6500 series switches for the purpose of redundancy and little to no downtime

Confidential

NETWORK SUPPORT ENGINEER

Responsibilities:

• Upgraded the IOS on Cisco Routers and Switches using a TFTP as well as SCP.
• Replaced the existing Cisco 2800 routers with pre-configured Cisco 3900 series routers.
• Designed and deployed new Cisco 7206 VXR routers with hardware encryption card for remote access and B2B VPN
• Trouble ticket resolution with set SLA timelines based on problem severity classification usually two to three tickets a day
• Investigated network connectivity problems involving IP routing, Frame Relay and MPLS.
• Provided network support to customers, by data analysis, problem resolution and testing and loading of equipment software
• Managing 7600s at the edge to British telecoms for the schools internet transit
• Design of a small sized network for one of the facilities.
• Provided Desktop Software support and troubleshooting to user problems.

Confidential

NETWORK ENGINEER

Responsibilities:

• Worked with the NOC team to monitor network performance, traffic performance to the upstream vendor locally and over an air interface.
• Upgrade of aged network infrastructure for Nigerian Breweries PLC. The company faced an aged network infrastructure, which could not cope with the pace of advanced network technologies and increase in customer business application requirements.
• Configured and implemented layer 2/3 redundancy through load sharing with HSRP (Hot Standby Routing Protocol).
• Configured and troubleshoot VLANs implementation, also implemented routing between VLANs using the Router on a stick method.
• Configured and troubleshot all LAN/WAN switches which included the following Cisco switches: 6500 switches, 3750X switches and 3560 switches involving features such as Spanning Tree Protocol, Inter-vlan routing, DOT1Q trunking, etherchannel and VTP.
• Designed IP address schemes by utilising VLSM (Variable Length Subnet Masking) to effectively utilize the IP address spaces
• Installed and configured VPN Client Software on Users PCs both onsite and remotely
• Designed and implemented GRE (Generic Routing Encapsulation) Tunnel over IPsec VPN tunnel in order to connect the remote locations to the Head Quarters utilizing OSPF as the protocol of choice for redundancy.
• Troubleshot all LAN/WAN connectivity issues, implemented best practices
• Responsibility for complete project life cycle, including requirements determination, technical planning scheduling, designing, implementation testing and post-implementation documentations.
• Configured Cisco Routers to create a redundant and reliable network infrastructure using BGP, EIGRP and OSPF routing protocols.
• Documented designs using Microsoft Visio 2010
• Configured AAA on all Cisco devices using TACACS+ (Terminal Access Controller Access-Controller Access-Control System Plus) protocol on Cisco ACS 4.2 Server with local authentication failback if the ACS server is unreachable.