SUMMARY

• Dynamic, resourceful and motivated Information Technology professional with proven record of delivery and operation of large - scale and complex networks in enterprise level organizations specializing in Network and Security infrastructure management field. Adaptive and transformational leader with ability to work independently and cross-functional teams to develop opportunities to further establish and progress organizational goals.

TECHNICAL SKILLS

Security: Palo Alto Panorama, PA 7K-2K hardware platforms, Cisco Firepower/SourceFire appliances, Juniper SRX, JunosSpace, Netscreen 2000/50, Bluecoat Proxies, Cisco ASA firewalls, McAfee Sidewinder MCC

Application Delivery Controllers: F5 LTM/ASM/APM/GTM modules, Cisco GSS DNS Load Balancing, Cisco ACE/CSM modules and ACE 4710 appliance, Radware Alteon

Routers: Cisco 8xx to 7xxx/ASR

Switches: Cisco Nexus 9k, 7k, 5k, 2k, 19-65xx, MSFC/RSM, SUP720/SUP6/2, NX-OS/IOS/CatOS

Routing Technologies: EIGRP, BGPv4, RIP, HSRP, Access/Prefix/Distribute Lists, Route-map, offset-lists

LAN Technologies: Ethernet 802.3, Ether Channel (LACP/PAGP), vPC, FabricPath, OTV, Spanning Tree, InterVLAN Routing, ISL/802.1Q Trunking, VTP, UDLD, 802.11

WAN Technologies: Riverbed Steelheads, SilverPeak, Frame Relay, MPLS, Tunneling, T1-T3, (Channelized T1, T3), DWDM, Point-to-Point, ISDN, Paradyne, Adtran, Larscom, Cylink CSU, SafeEnd Encryptors

Voice Technologies: CUCM (4.x-6.x), VoIP Protocols, H.323, MGCP, and SIP

Tools: Lucent QIP, HP-NA, Infoblox, Cisco ASC, Solarwinds Network Management, Wireshark, Infinistream probes, NGenius, Niksuns, Opsware, InfoVista, eHealth, SevOne, Corvil, SNMPNetwork Monitoring HPOV, Spectrum, Smarts, System Sentinel, IR Prognosis, Avocent

Hardware: Fluke One-Touch, Agilent WireScope, Light Meter

PROFESSIONAL EXPERIENCE

Confidential

Senior Network and Security Engineer

Responsibilities:

• Project Lead for full Cisco 5K software refresh across US Nomura enterprise. Successfully refreshed over 80 switches across different Data Center functions. Project completed ahead of the dead line without any service downtime.
• Lead Implementation Engineer for US Bluecoat proxy refresh. Configured and deployed both SG/CAS units per global engineering design.
• Lead Engineer responsible for Fixed Income and Equity F5 load balancer consolidation. Successfully ported over 80 VIP’s with no application downtime. Achieved maintenance cost savings with hardware decommission.
• Lead engineer on Symantec MSSP log forwarding solution for US Region. Project completed ahead of deadline and resulted in over 250K cost saving for contract renewal.
• Design and engineer various F5 load balancing configuration utilizing F5 LTM/GTM modules
• Design and implement firewall policy to allow secure communications between Nomura business partners and external clients.

Confidential, New York, NY

Senior Network Security Engineer

Responsibilities:

• Responsible for design implementation and support of all NYU network security portfolio including perimeter, DMZ and internal network security components.
• Involved in all aspects of Palo Alto firewall deployment, administration and maintenance including policy setup and hardening, security features configuration, code upgrades and new firewall installs.
• Design, configure and deploy both internal and external facing applications using F5-ASM security module.
• Configure and deploy Cisco ASA S2S configuration for various vendors.
• Work with various IT team to assist in secure solutions deployments, including allowing appropriate DMZ access, NAT, firewall route setup and external service exposure.
• Work with user community to resolve various network security issues.

Confidential, New York, NY

Network and Security Engineer

Responsibilities:

• Lead Engineer responsible for companywide Palo Alto firewall deployment to replace existing Cisco ASA egress infrastructure. Consolidate existing Cisco ASA rule set; migrate to PA test device with eventual consolidation into Panorama for egress device group deployment.
• Team member involved in intra building data center migration which involved design planning, moving core/distribution switches, porting over SVI’s from server access 6K platform to NX 5k pod, relocating egress(internet) firewall cluster and FEX module installation.
• Converted all closet switches at 9th ave locations to eigrp stubs due to existing sub-optimal routing design.
• Project lead to perform total network overhaul at Emblem upstate offices.
• Provided day-to-day user support, consisting of production outages, access and network connectivity issues.
• Replicated pre-production routing deployments in GNS3 to test proposed changes.

Confidential

Network Engineer

Responsibilities:

• Lead Network Operations Engineer for Credit-Suisse Global Enterprise managing and supporting network real estate, ranging from various network and security platforms.
• Baseline, implement and troubleshoot Market Data firewall requirements for third party network connectivity.
• Design and implement various global applications utilizing Cisco GSS and CSM/ACE load balancing solutions.
• Engineer and deploy internet/DMZ firewall requests for Credit-Suisse ecommerce and internet connectivity.
• Liaise with SOC team to identify Credit-Suisse internal/external threats and take appropriate corrective actions.
• Simulate failure, test and certify network resiliency for various Credit-Suisse money maker applications that utilize ecommerce infrastructure.
• Worked closely CS Security SME to tweak and deploy existing Palo Alto IPS requirements.
• Manage and troubleshoot DNS/DHCP issues utilizing Lucent QIP appliance.
• Responsible for proactive monitoring, support and incident management for Credit-Suisse global infrastructure utilizing live monitoring solutions.
• Liaise with application/server owners to investigate and identify performance issues and provide deep dive communication analysis.
• Create, analyze and provide critical network reports to senior management on weekly and ad hoc basis.
• Perform network baseline and capacity management utilizing Smarts, SevOne, Niksun, Ehealth, Splunk tools and other home-grown applications and trending tools. Analyze logs, debugs, network captures and liaise with vendors and platform owners to achieve corrective actions.