SUMMARY:

• Over 25 years of “HANDS - ON” experience in the technical and financial industry.
• Over 20 years of Cisco Firewall experience starting with PIX and then ASA.
• Over 20 years Content Management, filtering and easement.
• Over 20 years of Network Design and Security design (Firewalls, IDS, Load Balancer and Proxy)
• Over 20 years. Of Network, systems and/or Security Operations
• Designed and supported multiple designs using BGP at edge with redistribution into OSPF and EIGRP for IGP. Use of EIGRP or OSPF depending on design or company.
• Designs included managing the integration of 350 clients with 1gig to 10 gigabit circuits or cross connects.
• Used BGP at Edge, EIGRP for IGP for Multicast Market data feeds to clients and OSPF for FIX Trading networks.
• Segmented Production trading from corporate services by a throttle network.
• This network was audited and approved by the S.E.C as it was the New Stock Exchange for the United States at the time.
• Firewall and Load Balancer Hardware: F5 LTM,GTM,ASM Foundry 850, Cisco CSS, Brocade ADX, A10,Cisco ACE,
• Managed Python Scripts for start of day and End of day.
• Group Policies, DNS and Microsoft Server 2008,2012
• Designed, site surveyed and implemented multiple 20 AP -50 AP setups for full Wireless connectivity.
• Aruba ClearPass and AirWave, ARUBA 7210 and 6240, Cisco ISE, Cisco Meraki installations. Cisco W-Controller using 8540 and 5520
• From Cisco ASA to Palo Alto for 3 different companies.
• Supported and/or implemented CheckPoint Firewalls
• Multiple designs using VPN IPSEC site to site tunnels to offices as well as Client to Site VPN.
• Have created multiple VRF’s for MPLS, VOICE Routing using BGP for routing.
• Configured multiple designs w/ Cisco ASA and Routers using VPN IPSEC, GRE.
• Configured and supported Client to site VPN on Cisco ASA. Managed a network of 20 branches all using VPN S2
• Cisco IOS and Cisco Nexus Platforms, Arista, Blade Networks, Juniper (light), Cabletron, Bay Networks, Extreme, 3COM, HP switches, Brocade
• Supported Source Fire IDS based off of alerting.
• Have led and/or have made contributions to in 4 PBX to VOIP migrations for both Cisco CM and Avaya Media Gateways
• VOIP migrations ranged from 100 people to 700 employees.
• Led and Designed Direct Edge move and launch of their “Stock Exchange” from 545 Washington NJ to Confidential NY4. Designed server and cable layout, Network design and Firewall and/or ACL placement.
• Have Led, designed, deployed and ultimately setup management of 5 Major Network build-outs and over 20 small to mid-size Network build-outs.
• Branch networks with MPLS, GRE, IPSEC w/BGP and OSPF using Riverbed WAN Optimizing for WAN
• Foundry 850, F5-BIG IP (LTM) Brocade ADX, CISCO CSS series
• Cisco ASA, PIX, Palo Alto, Checkpoint (7 years ago)”
• Amaranth, Led Migration 350 Employees from Building to building which included all new servers, Phones, Turrets, Feeds etc.
• PIM w/Multicast Sparse-Dense Mode for Clients registering for EDGA EDGX Multicast market feeds.
• Orion NPM, NCM, ISITUP for TCP port or WMI service monitoring. Orion Syslog, Splunk Syslog or Syslog watcher (my favorite as it is free) for alerting on parsed errors.
• GRE Tunnel w/IPSEC S2S using BGP and HSRP w/route tracking failover,
• VOIP migrations from Nortel 81 to Cisco VOIP system 2x and once to an Avaya Media Gateway, communication manager and session manager.
• Has been Lead Level 2-3 Analyst where I either assisted in or led the implementation of monitoring methodology and troubleshooting procedures.
• Designed full network design with MSFT platform Servers, SAN, Network, SAN switch, RAM SAN, Firewalls, Load Balancers
• 2 years of cloud integration and support Experience with AZURE and AWS
• Compiled a "CLOUD COST" proposal compared to ON PREMISE Hardware costs report.
• Prepared flexible road-map for executive summary
• Setup Security guidelines required for connectivity and implementation strategy.
• TEST FAIL-OVER SCENARIO: performed to gauge: A) time to fail-over B) if VM sync working
• Integrated redundant connections one to "AWS" and other to "AZURE".
• Performed performance testing from internal to CLOUD destinations.
• Used multi-platform design and projected USAGE and COST metrics.
• Analyzed and worked with Azure on "Business Analytic data."
• Setup connectivity via VPN LAN to LAN
• Gathered and performed analysis on Latency, data performance
• Led management of 4000 client logins from legacy data centers to new primary data cents (DIRECT EDGE)
• Led validation of Migration to new location networks (Direct Edge, TD Securities, RocketFuel, Amaranth LLC)
• Participated in or led 5 VOIP migrations from legacy PBX (Avaya 2x, Cisco 3x)
• Led 400 branch migration to Avaya VOIP solution over MPLS/QOS using OSPF (UBS)
• Participated in migration to new infrastructure WAN different time(Citigroup, TD Securities, Direct Edge)
• Led and participated im documentation "scrubbing" for over 500 diagrams ( Confidential and RocketFuel)
• Led multiple Firewall and Load Balancer migrations (to F5,Checkpoint and Palo Alto)

COMPANY EMPLOYMENT:

Confidential

Technical Advisor or Director

Responsibilities:

• Deployed F5 LTM along with ASM BIP IP Load Balancers for Client FIX certification and active client logins.
• Created and Implemented Microsoft Anti-Virus and overall network security methodology including Windows Updates and PC policies.
• Designed and Led Migration from D.E. ECN to Stock Exchange consisting of 400 clients, 700 circuits and/or connections
• Managed and negotiated contracts for Microsoft, HP, Intel, SFTI, Radianz, TNS, SAVVIS, NASDAQ, DTCC, Verizon Business, Level3 and Abovenet
• Wrote document and was liaison to the S.E.C. “ARP” committee for D.E. the stock exchange audit. Document included policy, processes, evidence and tickets to support each.
• Design and built new Stock Exchange network using Cisco 6509’s based on modular design segmenting Production from DR and both from "Corporate" environments.
• Designed and implemented "New D.E." Stock Exchange network consisted of BGP on edge for client integration, redistribute into OSPF for FIX trading application, redistribute into EIGRP for Multicast market data feed network
• Migrated from Cisco PIX to Cisco ASA and Checkpoint. Designed Corporate and Trading networks using Firewall to control access.
• Reported to S.E.C. and passed Audit ARP review of S.E.C. for Exchange
• Deploy Alcatel 7450 ESS for Purpose of GRE and MPLS implemented change Trading based on full breathe security approach from Work Stations to ticketing approach This for DR and Production
• Designed and led VOIP migration from Nortel PBX network to Cisco CM,CC and Unity network.
• Led pro-active monitoring team and supported Cisco Call Manager and Call Center using windows events log converting to syslog.
• Created Market data delivery Multicast network using PIM SPARSE-DENSE and was the first exchange to use this method instead of the inefficient “DENSE MODE”... .
• Responsible for engineering and designing the building out of the primary and secondary Direct Edge “Next Generation” LOW LATENCY platform and implementing the build out at Confidential and Confidential Data Centers
• Designed Market Data ticket plant using Exegy and integration of Market data feeds.
• Designed low latency network for Client connectivity
• Engineered RFP specifications for cabling and network projects for Confidential and Confidential

Confidential

Manager of Network Operations

Responsibilities:

• Lead of Global Network Operations Engineering Team
• Managed Vendor relationships.
• Support CISCO CSS, Cisco ACE as well as F5 VIPIRON LTM Load Balancers for a combined 3000 servers domestic
• Supported large OSPF network across Global sites with BGP between business units.
• Lead for 30 Network analysts monitoring global Network
• Client and Business unit interface for all network issues
• Network hygiene Lead using network report analysis and infrastructure audits
• Network Sustaining Engineering Support for purpose of network upkeep
• Hands-on application support of proprietary trading and vendor applications using protocol analysis

Confidential

Sr. VP, Communications and Lead Architect (Network, Security Telecom and BCP)

Responsibilities:

• Managed build outs of New data center and disaster recovery site.
• Managed Network Operations and created process, procedures.
• Managed build out of BCP seating site.
• Managed Vendor contracts and relationships.
• Implemented and supported Source Fire IDS
• Designed Security layout with Cisco ASA and Public server DMZ
• Designed Extranet network using BGP for 3rd party routing integration
• Designed new data center network using OSPF for various sites broken up into Geographic areas.
• Member of security policy committee
• Managed and supported VPN Concentrator for purpose of Client registration.
• Created support technical model for “Trader Help Desk “for all critical network and trader infrastructure issues.
• Managed group responsible for hardware asset management and allocations
• Member of security policy committee
• Managed remote access services allocations for Juniper SSL/ VPN and Citrix user accounts
• Managed an implementation team and contributed to the design of disaster recovery site for the network, telecom and market data groups
• Managed WIFI Solution using Airespace Access points.
• Designed L4-7 load balancing solution using Foundry Server Irons and Brocade ADX.
• Provided supplemental security solutions using SourceFire IDS, Honeypot and 3rd party 7/24/365 monitoring solution to reinforce security strategy.
• Managed an implementation team and contributed to the design of Amaranth’s global offices for the Network, Telecom and Market Data groups
• Implemented SONET ring technology for purpose of WAN redundancy and cost savings initiative for over $2,000,000

Confidential

Director of Networking

Responsibilities:

• Managed all aspects of Market Data integration and FIX connectivity
• Managed System, Network engineering and operations teams
• Designed market data solution to improve latency of various feeds.
• Designed client delivery network (22 branches)
• Designed Client data center footprint
• Designed disaster recovery site routing
• Provided protocol analysis of trading application to improve performance
• Reduced CPU average on core network from 65% to 25% using protocol analysis
• WAN: audit of invoices and reduction circuit costs that produced 2.2 million dollars in savings