SUMMARY:

• Senior leadership of Ag - Tech startup
• Plan roadmap(s) for personnel/team development
• Plan roadmap(s) for 5 year infrastructure plan
• Plan monetization model and gain strategic partners for current product set
• Accomplished, results-driven Senior Network/Virtualization Engineer & Project Manager with 20+ years’ experience supporting business-critical operations for major organizations.
• Design, implementation, management, security experience with “TMT” (Trusted Multi-Tenant) environments on “CI” (Converged infrastructure) platforms including SDN.
• Broad expertise in system and network engineering, testing, troubleshooting and integration with most Unix/Linux, Windows and Cisco (bare metal and virtualized) LAN/WAN/Wi-Fi environments.
• In-depth knowledge of system interrelationships, service, application architecture and security.
• Highly analytical leader with 50,000 foot view, and the ability to work with management, staff, vendors and customers to convert complex business requirements into actionable project plans and technical requirements.
• Proficient at designing, implementing and maintaining enterprise-grade networking solutions (bare metal and SDN) that are stable, elegant, efficient and add bottom line to the organization.
• Exceptional ability to communicate technical concepts to diverse audiences.
• Consistently deliver projects on-time, on-budget and with minimal business/system impact.
• Focus on business impact, that may affect revenue short and long term, with tactical and strategic decisions
• Focus on service, primary objective is to intimately understand the business needs of the customer and serve them before anything else. In this way the reputation of organization I represent will be preserved and promoted.
• Strong Technical Project management and Vendor management

• Build and maintain online perishables trading platform
• Develop strategy to monetize platform
• Develop strategic partnerships in adjacent industries
• Develop Global IT direction and process for internal/external facing technology footprint (5 yr plan)
• Lead migration of all legacy architecture to AWS/cloud
• Develop strategy to mature & retain IT organization (mid-level leadership on down)

TECHNICAL SKILLS:

• Program and project management and mentoring junior engineers
• Vendor management
• Team Lead for large engagements and implementations
• NSX
• Acadia/ Confidential Vblock Implementation (VB100, VB300, VB700)
• VMware vSphere ESXi 4.X, 5.X, 6.X
• VMware vCloud Networking and Security (Vshield)
• Edge
• VXLAN
• P2V migration (VMware Converter/Vizioncore)
• Cisco 1000V
• Cisco ASA 1000V
• W/O VSG
• ASDM Management Mode
• Cisco MDS
• Full office conversion from physical to virtual environment (Back Office, non-VDI)
• Cisco UCS (61xx/62xx)
• Cisco B series blades
• Cisco C series chassis
• IBM H series blade chassis
• HS23
• JS23
• Serial over Lan
• Integrated Nexus 4001i
• Dell 1950/2950
• Super Micro
• Intel NUC (for micro footprint environments)
• Cisco WLAN Controller 440
• Cisco 1130AG
• Cisco 1240/2G
• DMVPN, single tier headend, dual cloud, hub and spoke
• Cisco Nexus (7018, 7010, 5596, 5548, 5020, 5010)
• Cisco Nexus 2K (FEX)
• Cisco Nexus 1K
• Cisco IOS 10.2 - 15.X ( platforms)
• Multi-protocol BGP/MPLS (vpnv4)
• BGP design/configuration (VRF-lite/non-VRF/Redistribution)
• Multi-vendor
• EIGRP design/configuration (VRF-lite/non-VRF/Redistribution)
• OSPF design/configuration (VRF-lite/non-VRF/Redistribution)
• Multi-vendor
• Unicast/VPN transit
• Large Scale Network migration (IP migration)
• VPC
• VSS
• RSTP design and implementation
• PVST to RSTP migration
• VTP design and implementation (V2)
• 10G integration, design and troubleshooting
• Large network integration / migration experience
• ATM/Frame/PVC migration to GRE/IPSec
• Snort, Suricata, Bro, Sguil, Squert, Snorby, Xplico, NetworkMiner
• Solarwinds NPM, Nagios, MRTG, RRDTool, Zenoss
• OpenNMS
• Cisco ASA 1000V, 5585X, 5545X, 5550, 5540, 5520, 5510, 5505, and Pix
• Cisco FWSM (Firewall Service Module)
• VMware vCloud Networking and Security (Vshield)
• Secure VPN design (IPSec, SSL vpn, SSH, PPTP and GRE) platforms include:
• Most Cisco hardware and software combinations
• Nokia CC 5205
• Most Linux flavors
• Most Windows platforms
• PFsense, M0n0wall, OpenWRT and IPCop
• Secure network design and troubleshooting
• Security review, including mitigation and redesign
• Incident response and mitigation (hands on and policy creation)
• Design and troubleshooting IDS technologies including Snort and Cisco Secure IDS.
• Implementation and troubleshooting Cisco AAA, TACACS and Radius.
• Open source security tools and methodologies
• FCoE (Nexus 4K/5K/MDS)
• FIP snooping
• Virtual Fiber Channel
• Zoning
• Data Domain DDOS 4.6-5.1 implementation and usage
• FreeNAS 8.X-9X
• EMC VNX/VNXe
• Cisco MDS (9100/9500)
• NFS, CIFS
• Open Source VOIP telephony (Trixbox / Asterisk)
• QOS (COS/DSCP)
• Cisco NX-OS 4.1 - 8.0(2)
• 7018, 7010, 5596, 5548, 5020 & 5010
• Cisco IOS (10.2 -15.x)
• Cisco ASA (7.2X - 8.X), Pix (4.2 - 7.3)
• Cisco ASA V1000 (8.7.1.SMP.ED)
• F5 BIG-IP (4.5.X)
• JunOS, Juniper DX (5.1.6)
• Solaris (Sparc and Intel versions 2.51-9)
• HP-UX (10.x & 11.x)
• CentOS (4.5 -6.X)
• Windows Server (NT R2)
• FreeBSD (4x-7x)
• Fedora Core (1-12)
• PFsense (0.96-2.X)
• M0n0wall (1.1-1.2)
• Windows (3.1 - 8)
• Quagga/Zebra, OpenWRT and IPCop

PROFESSIONAL EXPERIENCE:

Confidential, Gardena, CA

Sr. Program/project Manager

Responsibilities:

• Manage multi-discipline post sales engineering teams
• Manage 3rd party vendors
• Billing agent
• Outsourced technical resources
• SOW review
• Scope adjustment/change management
• Set/reset expectations (scope creep)
• Resource scheduling
• Pre-sales resources
• Post-sales resources
• Project plan creation (Microsoft Project)
• Validate that engineering resources are providing value add
• Timeline management
• Billing agent (milestone and T&M based projects)
• Customer facing trusted advisor

Confidential, Gardena, CA

Sr. Solutions Architect & Post Sales Engineering Manager

Responsibilities:

• Technical Project Management
• Manage Cisco Post Sales Practice
• Vendor management for large scale projects and new construction
• Design/Implement/Test architectures for virtualized environments
• Design/Implement/Test custom architectures for virtualized environments
• Convert existing physical environments to virtual
• Design and implement technical recovery for virtualized environments (SRM and others)
• Implement next generation networks to support virtualization (Nexus, 7K, 5K, 2K, 1KV and UCS)
• Pre-Sales engagements for virtualization opportunities
• Develop assessment and plan for team’s hard/soft skill development

Confidential, Austin, Tx

Solutions Architect / Service Development

Responsibilities:

• Security service development for Professional Services organization
• Professional Services Delivery Team lead
• Vblock implementation / integration / delivery
• Cisco Nexus 5548/7010
• Cisco 1000V
• Cisco MDS
• Cisco UCS
• VMware 4.x/5.x
• Logical design review (pre-delivery)
• Worked around client network design flaws to implement vBlock successfully
• In some cases, designed an L2 strategy for the customer
• Managed cabling designs to support 10/100/1000mb (cat5e/Cat6) Ethernet environments.
• Validated and corrected problems with installation/configuration procedures prior to implementation, reducing installation mishaps.

Confidential, Atascadero, CA

CEO / Principle Architect

Responsibilities:

• Design and implement micro footprint SOHO design using VMware, Microsoft, Qnap and Open Source
• Multi-site BGP architect/implementation (multi-vendor)
• Site to Site VPN architect/implementation (SSL/IPsec)
• Remote access VPN (SSL/IPsec)
• Responsible for Vendor Management - work with vendor engineers to diagnose, analyze and localize hardware/software problems.
• Architect web server and shopping cart platform using ZenCart, CentOS and Apache
• Architect IP phone system using Asterisk platform, multi-carrier, phone queues, intra-company trunks to vendor sites, voice-mail to email and full remote voice capability.
• Designed Paso Robles fulfillment center
• Employee, online shipping methods, online tools (Google suite)
• Content filtering using DansGuardian
• Web caching using Squid
• Conduct site surveys and analyze environments to evaluate system operations, determine type of hardware/software needed, and develop equipment specifications to meet identified requirements.
• Provide detailed analysis to support the preparation of Statements of Work, technical evaluations of vendor proposals and procurement documents.
• Install and configure File Servers, Cisco Switches, fax servers, modems, scanners and host and LAN printers.

Confidential, Seaside, CA

Senior Network Architect/Engineer

Responsibilities:

• Replaced antiquated remote access VPN architecture with Smartcard/LDAP/IPSec/SSL solution, leveraged Cisco ASA 5540 failover pairs at each head end.
• Maintained Govt. inter-branch connectivity (site to site VPN) and service delivery
• Mitigated DoD identified threats (IAVAs) on perimeter devices (VPN/Firewall)
• Network troubleshooting and triage

Confidential, Santa Clara, CA

Senior Architect/Network Engineer

Responsibilities:

• Design and operational responsibility of datacenter
• Formalized network program for junior engineers
• Formalized policies and standards for:
• Change Control
• Network Device Naming
• Network Device bring up procedure
• Triage procedure
• Standardized documentation
• Upgraded core from IOS to NXOS**
• Upgraded PVST to RSTP
• Migrated from all client to client/server VTP (V2)
• Implemented Virtual Switching environments within NXOS
• Implemented SolarWinds Configuration management for all Cisco devices
• Nagios and MRTG implementation for secondaryand external monitoring
• Troubleshoot, determine root cause and mitigate network issues/failures
• Capacity plan
• Implement isolated test bed networks for various R&D teams
• Keep rogue network equipment from causing outages (bridge loops)
• Train junior engineers
• Lab safety tours and instruction
• Manage SNMP monitoring infrastructure (SolarWinds)
• Cable moves, re-patch, physical layer troubleshooting

Confidential, Paso Robles, CA

IT Security Specialist/Network Security Architect

Responsibilities:

• Security incident response, mitigation and policy/procedure creation. Often involving multiple technology groups to ensure incident was contained and not impacting the production network.
• Security posture assessment and vulnerability mitigation, ensuring security, design and technical continuity standards were upheld.
• Mentoring in security disciplines and firewall administration
• Responsible for Vendor Management - work with vendor engineers to diagnose, analyze and localize hardware/software problems, in addition to price negotiation.
• SSL VPN design, maintenance and troubleshooting (Cisco ASA)
• SOHO infrastructure design, maintenance and troubleshooting (Cisco ASA solution)
• Firewall and router ACL maintenance / troubleshooting
• Wireless infrastructure design, maintenance and troubleshooting
• Captive Portal research
• Content filtering, vendor selection, infrastructure design, maintenance and troubleshooting
• Policy and procedure writing, management approval, evangelism and implementation
• Network design documentation, Visio, dissemination

Confidential, Seattle, WA

Owner/Principal

Responsibilities:

• Manage multiple time sensitive projects with high visibility
• Database and web application design
• Thick client development for windows environment
• Open source infrastructure development (network, server, remote access, firewall, VPN, load balancing)

Confidential, Seattle, WA

System Security Professional / Network Architect/Engineer

Responsibilities:

• Performed vulnerability assessments (red team) against Cisco IOS, PIXOS, Check Point, Windows NT4, Windows 2000, Windows 2003, Solaris 8, Solaris 9 and Linux
• Validated OS and application security issues found on multiple server platforms
• Worked with project teams and architects to implement secure architectures
• Worked with project teams and architects to mitigate security issues found after implementation
• Worked with business/system owners to ensure environments were GLBA and SOX compliant
• Translate process and technology risk into business risk in an attempt to mitigate said risk and keep Washington Mutual off CNN
• Reviewed and contributed security standards
• Responsible for Vendor Management - work with vendor engineers to diagnose, analyze and localize hardware/software problems.
• Business partner network design, implementation and troubleshooting, including legacy L2 encryption over x.25/Frame Relay Treasury Communication Network.
• Perform structured and documented vendor evaluations for various technologies, with a high level of recorded detail to assist in purchasing and road map decisions
• Design secure business partner connections using BGP and other routing protocols
• Designed and implemented development environment for Wamu.com Online banking environment
• Configured and maintained multi-vendor VPN connections
• Performed traffic flow validation on environments to ensure least privilege was imposed
• Developed and presented various security modules
• Developing routing protocol and other for junior engineers
• Design and implement load application acceleration on Juniper DX and F5 platforms
• Write test methodology and process for new features and software into the environment
• Design and implement business partner connectivity solutions
• Manage lab environment for Network Engineering team

Confidential, Seattle, WA

Senior Network Engineer / VPN Architect

Responsibilities:

• Managed a large number of time sensitive projects with high visibility
• Responsible for Vendor Management - worked with vendor engineers to diagnose, analyze and localize hardware/software problems.
• Designed redundant VPN architecture to support inter data center traffic environment.
• Migrated data center WAN environment from ATM to an IPsec VPN infrastructure.
• Designed redundant VPN architecture to support remote site environment.
• Migrated remote site architecture, ATM and Frame relay, to an IPsec VPN infrastructure.
• Performed troubleshooting of switching, routing, (OSPF) WAN links, load balancing and IPsec VPN in a mission critical environment.
• Oversee data circuits, modem DSU/CSU devices, voice and data cable drops, and design computer room floor layouts.
• Performed on-call rotation 24X5, 1 out of every 6 weeks.
• Project management, managed multiple high visibility networking projects at once.
• Outlined disaster recovery scenario and options for IPsec VPN infrastructure.
• Provided and escalation to junior engineers.
• Developed supporting documentation for the IPsec VPN infrastructure.