Hardware: Cisco Routing/Switching/ASA/WLC, Juniper Routing/Switching/NSM/IDP/STRM/SSLVPN(MAG), Aruba Wireless, Netscreen FW, Palo Alto FW/Panorama, F5 LTM/GTM, Fortigate FW, Riverbed, Lantronix / Opengear serial consoles.
Network Management/monitoring tools: MRTG/Cacti, Big Brother, Juniper NSM, Panorama, Intermapper, Kiwi Cattools, Airwave, CA/NetQos, LiveAction, DataDog, Cisco Prime, SolarWinds.
Protocols: TCP/IP, DHCP, DNS, HSRP/VRRP, OSPF/EIGRP/BGP, STP, LACP, IPsec, SSLVPN.
SOFT SKILLS & ABILITIES
- Excellent communication and documentation skills.
- Able to manage and communicate expectations for project deliverables.
- Extremely process oriented. (ie change control, project plans)
- Strives to develop and document standards where needed.
- Proven history of crafting solutions to meet business needs and timelines.
- Can work well as needed alone, with a team, or with other teams.
- Experience working in security conscious environments. EXPERIENCE
Network Engineering Manager, Marqeta, INC
• Managed equipment across 3 data centers as well a rapidly growing HQ environment.
• On call for all production/corporate outages.
• Designed/Built out multiple data centers.
• Provisioned/managed dozens of circuits (T1/Fiber/MPLS/Internet) between data centers, HQ, and partner networks.
• Managed IPsec/BGP connections to AWS and Azure environments.
• Implemented monitoring and alert systems (Solarwinds/Intermapper/Datadog).
• Designed/implemented multi provider MPLS networks between data centers.
• Moved company from static to dynamic routing (OSPF/BGP).
• Centralized network device logging.
• Implemented network device config backup system. Page 2
• Standardized device configs and standards:
o Implemented host naming convention
o IP subnetting standards
• Performed Thales HSM key management tasks.
• Deployed new Palo Alto Firewalls (220/5220) and Panorama VM.
• Managed/deployed production changes and upgrades
• Managed projects with the security team to meet PCI compliance requirements.
• Assisted Devops engineers to bring up and securely connect to AWS environments via both IPsec and Direct connect links.
• Replaced aging serial console system with Lantronix. 6/2014 –
Staff Network Engineer, Xilinx, INC
• Part of an on-call support team, supporting over 1000 network devices globally across over 50 sites and 5 data centers.
• Network resource for assist other IT teams for project design/execution.
• Led several initiatives from planning and design to deployment. Some of these projects include Cisco Prime deployment, Global serial console switch deployment, network device name, configuration standardization, Out-of-band network management.
• Managed MPLS routers readvertising BGP routes to/from OSPF routes between offices.
• Mentored junior network engineers.
• Recommended/implemented several best practices. (spanning tree, AAA, SNMP, Tacacs+, etc)
• Participated in quarterly network maintenance windows.
• Current owner of network management/monitoring tools globally.
• Escalation point for network issues.
Senior Network Engineer, Riverbed Technology
• Support Corporate global network including all offices and data centers. Primarily support for Cisco routers/switches, Juniper (netscreen) firewalls, Aruba controllers/AP’s, Riverbed Steelhead/Granites.
• Drove several network infrastructure redesign efforts to improve security and redundancy/uptime – Particularly in the areas of the Juniper SSLVPN, firewalls and routing configuration.
• Designed and implemented several custom environments to support challenging business (engineering) requirements.
• Primary architect/lead for multiple acquisitions (M&A) – merged corporate networks, consolidated data centers and remote offices – including 800+ users
(OPnet purchase) and Wireshark data center move.
• Deployed/upgraded/rolled out several remote office infrastructures. Designed new office environments, created BOM’s, pre-configured equipment, Page 3
rack/stack/configured/powered/tested new office deployments and upgrades. Includes routing, switching, wireless, and firewalls.
• Assisted engineering groups to connect securely to Amazon AWS environments to extend private lab environments.
• Designed/coordinated/deployed the moving of data center environments for different internal functions.
• Designed/implemented security/links/protocols between Riverbed and partners
• Designed/deployed test networks to route production traffic through different QA resources/equipment.
• Updated Visio documentation of designs and changes.
• Trained/mentored new employees/contractors.
• Contributed significantly to creating standards.
• Participated in an on-call rotation to support 80+ global remote offices and data centers. Escalated support resource for routing, firewall, switching, load balancing, and other network issues.
• Routinely presented management with recommendations and project reports. 8/2004 –
IT systems/network engineer/Network Administrator/Senior Network Administrator, TeleNav, INC
• Design/Built/Implemented UK Data center including servers, PIX firewalls, F5 LTM’s, cisco switching/routing.
• Redesigned corporate multi sub-domain AD infrastructure (windows 2003).
• Assisted Shanghai office in setting up a monitoring system for systems/network
• Designed and implemented corporate P2P and MPLS links between the US HQ and multiple remote offices spanning 3 continents.
• Designed and implemented network failover scenarios for corporate and data center networks. Includes failover at the core as well as edge network devices as well as a DR (cold) Data center.
• Implemented Packeteer packet-shapers between US and Shanghai offices.
• Coordinated/implemented multiple IPsec VPN tunnels and private MPLS links to partner carriers (cingular/AT&T/Alltel/Sprint/Tmobile).
• Designed worldwide private IP schema for corporate and production environments.
• Managed and assisted in the implementation of an outsourced VoIP solution
• Designed/implemented company wide OSPF/BGP infrastructure.
• Implemented LTO3 backup solution using legato networker for company backups.
• Coordinated Iron Mountain office backup procedure. Page 4
• Assisted with initial drafts of SOX narrative documentation.
• Assisted in creating IT standards between all corporate offices.
• Designed network protocols/links/hardware for geo-redundant data centers.
• Centralized flow/syslog monitoring of network devices to Juniper STRM.
• Designed/Implemented production GSLB solution using F5’s BigIP GTM.
• Maintained a BIND DNS infrastructure in the data center, and AD DNS infrastructure for corporate DNS. Eventually migrated all public DNS resolution to UltraDNS.
• Managed Data Center links/power/space.
• Managed Domain Name registration.
• Managed/installed Verisign SSL certificates.
• Advised management on all network related hardware purchases.
• Played an integral part to the growth of the company. From being the only IT administrator of a 15 person startup in a single office, to a 1000+ employee, global company with 4 data centers and 6 offices around the globe. 1/2003 –
Contractor – Senior Systems/Network Administrator, Televigation, INC
• Deploy/support SUN enterprise servers.
• Exchange 5.5 backup/support.
• Support/expand big brother monitoring systems.
• Support Cisco routers, Alteon load balancers, and fortigate firewalls.
• Minor alert scripting (perl)
Contractor – Network Consultant, Nextdoor Solutions to Domestic Violence
• Active Directory maintenance/support
• Backup email/filesystems (veritas)
• Manage system patching
• Manage remote office VPN
Contractor – Network Administrator, Navin Corp
• Coordinate and execute data center equipment migration 1/2002 –
Systems/Network Consultant, Unity Electronics
IT Manager / Senior Systems-Network Administrator, Cellmania.com, INC
• Responsible for tracking all software and hardware, licenses and service contracts.
• Managed colo servers, including dealing with collocation office for increasing space, as well as deployment, upgrades, maintenance and troubleshooting of all production servers at our collocation (Sun Enterprise 220R, 250, 450 servers as well as Linux boxes, and Sun clones).
• Maintain (BIND) DNS server configuration of our constantly changing network. Page 5
• Set up basic shell scripts (bourne) to monitor processes on Solaris servers that emailed alerts.
• Managed and implemented collocation network changes, including moving of location of production servers, implementation of F5 Big IP load balancers, and the upgrade of our firewall from netscreen to a Cisco PIX firewall.
• Negotiated contract issues with new collocation providers.
• Maintained sendmail servers on linux and solaris boxes.
• Sent out reports and notices to customers with SLA’s for maintenance and upgrade outages.
• Kept a thorough documentation of inventory
• Acted as sole System Administrator for a software development for all servers
(including about 80 Sun, Linux, Windows NT servers).
• Set up a windows NT4 network including PDC, BDC, DHCP, Unix files servers running samba, Linux and Solaris development systems. (Primarily Windows 2000 clients, with a few linux and solaris desktop systems) 3/1999 –
Desktop Support (Contractor), Legacy Partners
Desktop Integration Systems (Contractor), GAP, INC 3/96 –
Desktop Support Intern, GAP, INC
May 1998 Bachelor of Arts in Legal Studies
University of California, Berkeley, May 1998
June 2000 EU-118 Fundamentals of Solaris 2.x
August 2000 SA-238 Solaris 8 System Administration I June 2015 Cisco Live – Cisco ACI, iWAN, Prime seminars December 2015 Cisco ACI test drive
Sept, 2017 EDU-210 Palo Alto Networks, Firewall Essentials: Configuration and Management
Jan 2018 AWS-T-ESS AWS Technical Essentials
Jan 2018 AWS-ARCH Architecting on AWS
April 2008 CCNA, Cisco ID CSCO11403636 (expired)
April 2008 CCDA, Cisco ID CSCO11403636 (expired)
November 2010 CCNP, Cisco ID CSCO11403636 (expired) November 2010 CCDP, Cisco ID CSCO11403636 (expired) September 2017 ACE, Palo Alto Networks