OBJECTIVE

• I am a Senior Network Engineer with experience in architecture, designing, configuring and managing Cisco and Juniper based enterprise level infrastructure. I have expert level skills at deploying Juniper network and security solutions.

TECHNICAL SKILLS

Cisco Platforms: Nexus 9K, 7K, 5K, 2K & 1K, Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series) Nexus 8K &9K Series Catalyst Switches. Level2 & Level 3 Infrastructure

Juniper Platforms: QFX, SRX, MX, EX Series Routers and Switches

Networking: Access - lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPsec

Concepts: VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi

Load Balancers: Cisco CSM, F5 Networks (Big-IP)

Technologies: QFabric, DS1, DS3, OC3, T1 /T3 &SONET, NCS

Firewall: ASA Firewall (5505/5510), Checkpoint, Cisco ASA

Operating System: Windows 10/8/7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix, SNMP, TOSCA, Apple OS

PROFESSIONAL EXPERIENCE

Confidential, San Francisco, CA

Sr. Network Engineer

Responsibilities:

• Configuration/Administration of Cisco ASA 5585-X, Juniper NetScreen 5200s, and McAfee Sidewinders (NAT/ACL/Dynamic Routing/VPN/Troubleshooting)
• Configured QFabric system hardware architecture for chassis-based, group-based as well as hybrids deployments in a proof of concept lab environment.
• Configured BGP peering to redundant providers on Juniper MX and J Series Routers, controlling ingress and egress traffic flow via local-preference and JunOS routing-policy
• Lead team in migration of 3 redundant Cisco Catalyst 6500 cores to a Nexus 7K/5K/2K solution utilizing VPC and FEX for server port aggregation
• Configured Nexus 3k management features including Python scripting, EEM, and other XML manageability tools
• Design/migration from Juniper EX series switches to Cisco Catalyst series equivalents
• Highly regulated environment with PCI and HIPAA compliance that was incorporated into security environment and DMZ environment
• Configured and implemented Meraki Cloud-managed wireless network, switches, and firewalls
• Developed and implemented new Meraki site-to-site VPNs across the global network
• Lead engineer for the monitoring and maintenance of the client’s Meraki networks
• Troubleshot ACI issues on the Nexus 9k in a PoC using GUI based troubleshooting tools as well as APIC and switch CLI tools for a full view of the environment
• Designed and configured Juniper MX480s, EX8200s, EX4500s, EX4200s, and SRX5800s from scratch to match design at BoA.
• Integrated APIC with external L4-7 Services, including F5 LTMs and Cisco ASAs, and utilized services graphs to transparently chain multiple services into desired traffic flows
• Troubleshoot multi-chassis link aggregation group peers on the QFabric system for learned MAC addresses, standby mode, and operational command issues.
• Managed pilot for an Out-of-Band management for 3 sites to test new Opengear infrastructure

Confidential

Sr. Network Engineer

Responsibilities:

• Design and validate Nexus 7K/5K/2K series switches as replacement of current Catalyst 6500 platform as Data Center Core/Aggregation infrastructure
• Design and migration from Juniper NetScreen 5200s to Cisco ASA 5585-Xs in Active/Active Multi-Context mode
• Lead deployment of logical configuration for major UCS deployment at customer’s DR site. Consisting of two Nexus 5696, eight Nexus 5696, eight Nexus 56128 and four Nexus 2k FEX
• Designed and implemented Nexus 1000v, FabricPath, VXLAN, EVN and VBLOCK in support of VMware
• Implemented vPC and eVPC on the Cisco Nexus 5548 and 5596 reducing Data Center dependency on STP
• Troubleshot ACI issues using GUI based troubleshooting tools as well as APIC and switch CLI tools for a full view of the environment
• Managed a Cisco Meraki cloud wireless deployment of 30+ MR42 wireless access points across 7 branch sites
• Lead a team of technicians responsible for the day-to-day administration and maintenance of ASA firewalls, F5 load-balancers and Juniper SRX series firewalls
• Upgraded existing ISE environment to support 802.1x authentication with Meraki devices
• Configured IP-BGP connectivity with route-policy to dual-ISPs on various Juniper MX and J-Series Routers
• Deployed Virtual Chassis Fabric (VCF) across Juniper QFX Spine/Leaf topology
• Hand Written Numerous Python Scripts to automate simple and fundamental tasks including things such as polling devices and retrieving and verifying versions of cisco software
• Performed QFabric system back-up and recovery installation on the director group
• Collaborated with the security team on various projects, including internal data center firewall segmentation, end-point user security, IPS, VPN, and Web filtering

Confidential, Seattle, WA

Network Engineer

Responsibilities:

• Designed a data center in spine/leaf architecture with Nexus 9504s at the spine and 9300s at the leaf
• Migrated from Cisco 6500’s to Juniper MX series routers (MX240, 480, 960)
• Configured, repaired, maintained, fine-tuned and upgraded Cisco hardware and software operating systems, checkpoint/juniper firewalls, F5s and riverbeds
• Performed rule-set analysis and configuration migrations from Juniper ScreenOS to Cisco ASA 8.4
• Performed Nonstop Software upgrades on the QFabric System, including director devices, interconnect devices and other Fabric-Related components.
• Worked with ACI Cobra SDK to develop python scripts for Application Profile and Fabric Policy deployments.
• Deployed wireless network using Cisco 4400/5500 WLC and Aironet APs. Perform site surveys for new deployments, prime APs, created WLAN and dynamic interfaces, created AP groups, and configured Layer 2 security and QoS
• Set protocols for AP Distribution, WLC Discovery, Centralized and Distributed WLCs for network connectivity
• Migrated over 100,000 firewall rules from Cisco PIX firewalls to Cisco ASAs and Juniper SRX firewalls
• Designed topology which utilized Cisco WAAS over the MPLS to optimize day to day traffic such as CIFS, HTTP, FTP and various other protocols
• Worked with carrier to activate new circuits at branch locations
• Directed global on­site physical Layer 1 teams for cabling new equipment in MDF/IDFs at each site of separation
• Migrated a QFabric System to an EVPN-VXLAN IP fabric architecture in tech refresh project
• Designed load balanced SSL offloading solutions to ensure secure vendor transactions through the internet and VPN