SUMMARY

• Highly experienced hands on network architect engineer consultant with more than 12 years of professional experience. Experienced in conceptual design and implementation of advanced networking technologies for large corporations, including Fortune 500 and service providers:
• Network Design Engineer at Confidential: Worked on their DMZ network for all their partners and Internet facing users: Cisco 6500/4500, ASA5500, WAAS, DDoS Mitigation
• Principal data center design engineer at Confidential, Confidential and Confidential:
• With the use of Cisco ASR 9K/2800/Nexus, 9000, 7000/5500/2000 / Cat 6500 and ASA firewall eBGP/iBGP between the internal zones and across MPLS clouds to the partner sites
• Principal and lead Network Architect Consultant at Confidential:
• Cisco Nexus and VMware Data Center network architect and implementation consultant engineer
• QoS distribution from MS Media Room servers located at two data centers in a shared network infrastructure environment design to support voice and video.
• Principal Network Design Consultant at Confidential:
• 3G/4G IP Core and Backhaul Network Design
• Optical MAN (OC12, OC48, OC192) transport architect
• Various layer II switching, layer III implementations
• ISP network designs and implementations
• Frame relay to MPLS network migration implementations.
• Metro Wireless network implementations.
• QoS Design Architect for a multi - service network environment:
• Tier II ISP network backbone design (OSPF, BGP, QoS for VoIP on cables)
• Freelance Network Consultant
• Cisco: TAC Advanced Services (formerly NSA)
• Cisco: Router Software Developer

TECHNICAL SKILLS

Routing Protocols: RIP/IGRP/EIGRP/OSPF/BGP, MPLS, VPN, VPLS, L2TPv3, OER (Optimized Edge Routing)

Media: Frame Relay,10G Ethernet, DWDM, OC3 SONET ring

Platforms: Cisco 7200, 7500, 7600, 6500, 3750G-12G, GSR, NEXUS 9000, 7010, WAAS PIX 525, ASA 5550, IDS, IPS, Penetration testing Routers Performance Tuning / Security

Software: Radius, Cisco Secure ACS, HTTP Server, DNS, SendMail, Asterisk (Linux PC PBX) C, C++, Java, Lisp, Assembler Language, Unix (Sun OS, Solaris), Linux

Scripting: Unix Shell programming (Perl, Tcsh, Expect, TCL/TK, and PHP).

PROFESSIONAL EXPERIENCE

Confidential

Network Architect

Responsibilities:

• Managing USPS MPLS VPN networks comprised of 11000 CE at 9000 USPS agencies.
• Secured PCI network enclave design to allow for secured credit transaction across the USPS network
• Design and management of USPS two major Data Center based to support partners applications and interconnections
• Platform used: ASR/GSR/ISR routers, Nexus 7010, 5000, 2000 in Flex Design DC Environment, ASA firewall

Confidential

Responsibilities:

• MPLS based WAN Network Design and Implementation
• Played a lead role in a team of network architect and implementation to merge and consolidate Confidential and acquired banks networks:
• Redesign the two networks to consolidate a total of eight data centers to three data centers
• Consolidation also included the merger of inter-sites voice traffic and data traffic on a single multi-carrier MPLS network
• Redesign of a new class based QoS for voice, data and check imaging application
• Platform used Nexus 9000, 7010, 5000, 2000 in Flex Design DC Environment

Confidential

Network Architect

Responsibilities:

• DMZ Design and Implementation Engineer for:
• B2B network to support connectivity between the bank and its trading partners
• DMZ network to support bank’s online customers with all required security
• Associate Browsing network for banks branch associates
• DDoS Mitigation
• Protocols used:
• Use of Cisco Nexus 7000/5500/2000 , Cat 6500
• Use of Cisco ASR9K and Cisco ISR 2800/2900

Confidential

Wireless LTE/4G Integration Consultant

Responsibilities:

• Part of the Cisco ASR9K based core network for the interconnection of various MSC supporting 3G/4G IP backhaul traffic.
• Played a key role in the design and Lab implementation of an IP backhaul network that supports the future generation high speed broadband wireless network 4G/LTE in a larger project scope - LTE deployment.
• The IP backhaul architect proposed consisted of Pseudo wire services (ePipe, VPLS) on top of a hybrid MPLS network with the use of a combination of Confidential 7750 SR & 7705 SAR.
• The ePC core network is designed around Cisco ASR9K’s in regional wireless data centers and Confidential 7750’s in satellite sites where Backhauls are aggregated. In addition to the services between the eNodeB’s and ePC core, the design ensured QoS for the different traffic types: Voice, 3G, LTE and OAM with the use of QoS and VRF/VPRN.

Confidential, Westport, CT

Data Center Network Architect

Responsibilities:

• DMZ Design and Implementation Engineer
• B2B network to support connectivity between the bank and its trading partners
• DMZ network to support bank’s online customers with all required security
• Associate Browsing network for banks branch associates
• Use of Cisco Nexus 7000/5500/2000 , Cat 6500 and ASA firewall for data center LAN
• Use of Cisco ASR9K and Cisco ISR 2800/2900
• NEXUS 7000/5000/2000 network architect, UCS, VMware
• Design and implementation of a new data center network infrastructure to support VMware vSwitches and virtual port channel technology. Design included:
• Server POD/Rack consolidation design
• Cisco Nexus 7010 configurations with vPC (virtual port channels)
• Ethernet PFC (priority-based flow control) for more reliability of fiber channel over Ethernet (FCoE)
• Class of services (COS) to minimize fiber channels traffic across the Nexus switches
• VM host cluster network segmentation to provide partitioned security zone
• Unified service load balancing across data center across multiple server AGG switches
• Worked with the low voltage team to define fiber and power requirement of a green field collocated data center rack system
• Cisco UCS 5100 and 6140 fabric interconnect design and implementation to support high scale server virtualization with FCoE and PFC (802.1Qbb)

Confidential

Principal Network Architect

Responsibilities:

• VSS (Virtual Switching System) on the 6500 switches to double bandwidth by enabling active- active redundant network paths
• VMware vSwitch & NEXUS 1000 design and implementation network architect vCenter VMware ESX hosts network configurations for optimal load balancing of VM machines network traffic across all NIC’s of the VM vSwitch.
• Maintained a wireless network composed of a 4402 Wireless LAN Controller and remote AP’s.

Confidential

Principal Network Architect

Responsibilities:

• Designed and implemented a converged network carrying mission-critical applications over a unified multiservice (data, voice, and video) across the state of North Carolina. The design goal was to create the ability to manage traffic flows and delivery terms based on application requirements. The resulting network ensures voice and different classes of data services for the entire judicial system across 210 county courts and clerks of the North Carolina.
• Network architect for the implementation of a second Internet connection dedicated to EPA HQ in DC. This allowed the HQ of the agency to have its own Internet connection without going through their main data center. My duty in the project included, but not limited to:
• Network design Specification to route the entire QH sites (15,000 users) to a new ISP with minimal service interruption.
• IP v6 design and implementation to satisfy the mandatory OMB IPv6 readiness requirement.
• Optical transport (OC12, OC48 MAN ring) design and specification with transport vendors - carriers (Qwest, Verizon business, XO and Level3)
• WAN optimization design for the EPA’s six major regional WAN link with the use of Cisco WAAS out of many proposed solutions: Bluecoat, Riverbed
• LWAPP Wireless access controller: Designed a wireless guest access standard across the different regions of the agency so that wireless access from the AP’s at the remote sites could be controlled from an anchor controller at the central site with NAC. This reduced the security risks and required less expertise at the remote sites, thus reducing the cost of operations. This was made possible by implementing LWAPP between the Cisco Wireless LAN Controller 4400 the 6500 WISM’s cards and AP.
• Acted as lead engineer of a team of five network engineers to help Insight communications take full ownership of its broadband high-speed Internet network operations from AT&T where the network was outsourced prior to the AT&T SBC merger - Insight communications is a cable TV operator with 900.000 broadband customers across Kentucky, Indiana, Ohio and Illinois.
• Redesigned the entire backbone by using OPSF as the route distribution protocol at the core routers and RIP at the distribution routers (cable routers) that connect subscribers - The design included multi-homed BGP connections via three ISP from five different sites.
• As the eighth largest cable operator in the US, Insight Communications required the migration be completed with the least disruption to customers. We accomplished this requirement with success in that.
• In addition, to new network design, developed trainings for the operation center staff on how to troubleshoot the new network. This included troubleshooting techniques on the different protocols (RIP, OSPF, BGP, MPLS, and DocSys3) used on the network.
• Developed standard methods and procedures for network troubleshooting for daily use.
• Network Security Engineer - Design of Secured VPN’s of multiple sites using Cisco VPN concentrator.
• Implementation of the company’s security policies with the use of Cisco ASA and Checkpoint firewall.
• Redesign of ISP Authentication and Authorization access of Dialup Network to integrate DSL access authentication.
• Redesign of distribution network to support the new high bandwidth requirement of DSL subscribers.
• In house Cisco Course Training in partnership with Global Knowledge for the Network Support Staff.
• Part of a team that migrated LAN’s to multilayer VLAN switching network with the use of 300 routers and switches
• Implementation of ATM Tag Switching using 60 Cisco Cat5000 Switches and 20 Cisco LS1010 ATM Switches

Confidential

Network Consultant

Responsibilities:

• Fiber optics rollout requirement specifications
• Design and implemented of a new Cisco bases IP backbone to enable Internet connections for residents and business customers - The network spanned 15 cities with 70 Cisco routers and switches - Successful deliverables included:
• Dialup internet connection services
• Lease line service offerings
• Encrypted VPN Services
• ISDN Backup for Serial links
• VPDN service for customers with multiple sites
• Training of the NOC staff on network troubleshooting
• Implementation of Juniper M5 as the core layer
• Designed and deployed a WIFI wireless ISP network to cover a city of more than one million people. Directed areal study, antenna installations and access point and router configurations
• Network optimization and intrusion testing audit of a network composed of 40 branches. Recommended and implemented IDS and new firewall rules

Confidential

Sr. Network Design Engineer

Responsibilities:

• Responsible for providing large Cisco customers with Network Administration and Design Support.
• Daily router log monitoring.
• Helping customer troubleshoot network problems like routing protocol migration from EIGRP to OSPF, RSRB to DLSW+, MPLS, ISIS to BGP.
• Providing up to 3000 routers Network design to customers.
• Advised Large Cisco Customers on migration to new software release after further research and testing for possible bugs in the newer IOS releases.