ALI HIGHLAND
**-** ***** ****** *****: 203-***-****
Rego Park, NY 11374 Email: ac0jh6@r.postjobfree.com
Senior Network Engineer/Architect
An accomplished, hands-on, goal-oriented Senior Network Solutions Architect with extensive multi-vendor, multi-industry experience encompassing sectors such as finance, healthcare, technology, non-profit, legal and retail. Obtained CCNP(x2), CCNA(x3) and MCP certifications and holds a Bachelor of Science in Information Systems. Consistently demonstrates strong leadership abilities, with proven expertise with engineering projects; planning, designing, implementing and supporting complex high-profile infrastructural brown and greenfield projects resulting in scalability, tight security, cost-savings and resiliency. Exceptional at separating keynote technical marketecture with realworld brass-tack solutions.
Areas of Expertise
AWS (Amazon Web Services)
Network Architecture/Engineering
Data Center/WAN Design
MPLS, BGP, EIGRP & OSPF
Cisco ACI/SDN
WAN Circuit Solutions
Infrastructure Security
Business Continuity Planning
NAC (ForeScout & Cisco ISE)
Documentation/topologies
Load Balancing
VPNs & wireless
Professional Experience
LEADING FIN-TECH (confidential), New York, NY 5/2015 – Present
Senior Network Architect/Engineer – Network Lead
Staging datacenters for Cisco ACI SDN implementation
Migrating AWS VPCs & VPNs to newly implemented Direct Connect hub-spoke solution
Optimizing/completing hosted MPLS & DMVPN deployment
Changing ISPs and upgrading all WAN links to 1Gig
Managing office relocations and build-outs
Completing Cisco FirePower IPS deployment
Supporting Server, App, InfoSec, DevOps, Software Engineering, etc teams with project rollouts
Preparing infrastructure for upcoming IT audit
Reviewing maintenance support contracts
Staging network environment to be automation-ready
Managed/supported BGP and EIGRP network
Supporting 4451Xs, 4500X(VSS), ASRs, 3945s, 2960Xs(stacked), Nexus Switches, ASAs, IPS, ISE, etc
Key Accomplishments:
Architected and implemented Cisco ACI in datacenters
Architected and implemented private+public cloud (hybrid-datacenter) solution with AWS
Designed and implemented datacenter segmentation
Designed and implemented datacenter interconnect via Cisco OTV
Created global segmentation, IP allocation & VLAN design
Designed and performed various office relocations
Designed and implemented enterprise Cisco wireless solution
Designed & configured Solarwinds, Scrutinizer Flow Collector & ThousandEyes
Swapped out all Netgear switches with enterprise grade Cisco switches, ASAs and routers
Supported Cisco ISE (802.1x/NAC) on access switches and AnyConnect VPN
Implemented A10 Application Delivery Controllers (ADC)
Implemented and supported hosted L3 MPLS solution
Ensured smooth network datacenter failovers
Ensured and configured automatic WAN redundancy at all sites
Created and maintained network diagrams via Visio
Designed and implemented Cisco Firepower IPS
Designed and implemented multi-homed eBGP designs
DAIWA SECURITIES CAPITAL MARKETS, New York, NY 3/2014 – 5/2015
Senior Network Engineer
Perform Cisco Voice Unified Communication MACDs and translation patterns
Conduct EOL hardware refresh assessments with recommendations based on complex business needs
Coordinate with vendors and providers for multiple WAN circuit installations
Assist with the selection of new data center and WAN design
Troubleshoot Turret, Speakerbus and other financial service business centric trading systems
Analyze network behavior with LogRhythm and Gigamon
Supported EIGRP/BGP MPLS and various VPN connection technologies.
Key Accomplishments:
Migrated datacenter cores from 10 to 40Gig via Nexus 6001s and leveraged vPC+, FEXes, LACP, EIGRP, etc
Replaced and upgraded end-of-life layer 2 and 3 switches with Cisco 3850 stacks
Merged and migrated old 6.3(4) PIX 515e configuration to ASA5550 8.4(7)
Deployed 802.1x via Cisco switches and ForeScout CounterACT appliances
Deployed and supported MPLS, Riverbed Steelheads and Cisco WiFi
OGILVY/WPP ADVERTISING & PUBLIC RELATIONS, New York, NY 3/2013-3/2014
Senior Network Engineer
Migrated and collapsed several branch offices into global network
Performed Cisco ASA55XX IPSEC and Remote VPN troubleshooting and configurations
Migrated Layer 2 IDFs to Layer 3 via EIGRP
Deployed and performed troubleshooting on MPLS BGP WAN
Utilized InfoBlox for IPAM/DNS/DHCP and QRadar for network behavior security awareness
Supported and configured Cisco 5508 and WISM wireless controllers
Managed service providers’ WAN traffic via Palo Alto PA-5020s"
Key Accomplishments:
Designed and configured Cisco ISE for EAP-TLS 802.1X, BYOD and sponsored guest services
Configured and supported DMVPN phase 2 connectivity
Planned and configured load balancing/sharing in 3,000 end-user office via migrating from HSRP to GLBP
Upgraded 300+ network devices and configured them with security, routing and layer 2best practices
Created and maintained multiple Visio and SolarWinds Orion network topologies
CLEARY GOTTLIEB STEEN & HAMILTON, New York, NY 9/2012-3/2013
Senior Network Engineer
Project managed and functioned as lead engineer for multiple DWDM 1Gig and MPLS circuits
Provided framework for collapsing old data-centers to new data-centers
Deployed Steelhead WAN accelerators, BlueCoat proxy appliances and configured BigIP F5 LTMs
Key Accomplishments:
Configured four data-centers using Cisco ASRs, 3750s, Nexus 7Ks, 5Ks, 2Ks and HP B22 FEXs
Provided technical direction & BOM approval for replacing 107 Enterasys switches with 50 Cisco switches
Configured OTV, vPC, LACP, HSRP, OSPF, FEX, QoS, NETFLOW, TACACS+ on Nexus (NX-OS) infrastructure
Identified methods to be leveraged resulting in both increased network performance and cost-savings
NEW YORK HOSPITAL, New York, NY 4/2012-9/2012
Senior Network Engineer/Architect
Investigated and deployed backup Layer 3 EVPL WAN path diversity solution
Managed SolarWinds Orion, BlueCat Adonis/Proteus, BlueSocket and TACACs+
Facilitated network standardization with emphasis on cost-savings and created best-practices framework for change management and LAN/WAN automation
Created networking security policy documentation
Worked within the ITIL framework and PPIDOO life cycle network design and implementation
Key Accomplishments:
Identified engineering inefficiencies, necessary improvements, network capacity planning and the created 5-year WAN/LAN plan
Implemented failover via BGP, EIGRP, HSRP, RSTP, LACP, IPSLA/EEM on various Cisco routing and switching platforms
Migrated from Cisco wireless platform to Aruba networks wireless infrastructure
PHILLIPS VAN HEUSEN, INC. Milford, CT 7/2008-4/2012
Senior Network Engineer
Oversaw network infrastructure implementation and support
Supported QoS for voice, H3232 video and data traffic optimizing
WAN traffic engineering via MPLS, BGP, EIGRP, route-maps and static configs
Facilitated failover via HSRP, VRRP static and dynamic routing
Implemented Cisco WCS, wireless controllers and access points
Configured IPSEC, GRE, SSL, remote VPN Client and AnyConnect
Key Accomplishments:
Implemented various configurations on a variety of platforms, including Nexus 7010/5k/2k (NX-OS),6513s, 3750s, 3560s, 3800s, 2800, ASA5500s and Juniper EX series
Deployed SaaS solutions via IPSEC and dedicated WAN infrastructures
Installed multiple network management appliances/servers including WhatsUp, Scrutinizer, SolarWinds, RANCID, Riverbed Cascade, Cisco IPS, ACS and TippingPoint
Deployed and supported BlueCoat Proxies, WAN accelerators via WCCP and Netscaler NSMPX-7500 & F5s
SILVERSKY, Milford, CT 11/2006-7/2008
Network Engineer, financial services
Education
Bachelor of Science, Information Systems, Charter Oak State College, New Britain, CT (2003-2010)
Majored in Computer Science, Housatonic Technical College, Bridgeport, CT (1999-2002)
Micronics: Security Zero-to-Hero (2016)
FireFly Educate: Application Centric Infrastructure (ACI) SDN Solution (2017)
Global Knowledge: – CCIE R&S Bootcamp (2017)
Narbik’s: CCIE R&S Bootcamp (2016)
INE: CCIE Bootcamp (2017)
Micronics: Datacenter Zero-to-Hero (2017)
Certifications
Cisco Certified Network Professional (CCNP) Comptia A+ Certification Cisco Certified Network Administrator (CCNA) x3 Microsoft Certified Professional (MCP) Comptia Network+ Certification
https://www.linkedin.com/in/ali-h-7a452743