Sign in

Engineer Security

Saint Paul, Minnesota, United States
December 24, 2018

Contact this candidate


Yusuf Ibrahim, MBA,Ms


**** ********* **

Tell xxx-xxx-xxxx

Minneapolis. MN USA

Well respected Data Center / Network Security lead Engineer with 18+ years experience with $ 108 Billion Company; ensured the quality of Software / Hardware of Cisco Nexus and IOS Releases and supported multiple Cisco client organizations using Data center cloud and Classical Ethernet Networks


Seeking Senior Network / Security position to lead large communication projects, such as Data center, LAN / WAN network Security, Cisco ISE, Prime and MSE deployment which are highly interactive environments utilizing my knowledge for Cisco Data Center Visualization, Vmware, Dynamic FabricPath(DFA), DCNM, Nexus, N2K, N3K, N5K, N9K(ACI/ Non-ACI mode), LAN/WAN Networks Security setup Cisco ISE, Prime, WLC, Linux kernel, Layer-3 /Layer-2 Adj, MPLS,VPN, 6VPE, Multicast and my hardworking capabilities to achieve the corporate objectives as well as personal growth.


Carefully managed Cisco Security Technology arena (Cisco ISE, MSE, Prime, etc ) in XcelEnergy company with regular syncing with the project stakeholders ensure that projects stay on time.

High-level design expertise of Cisco ISE with Wired / Wireless devices with F5 LTM and test plans for enterprise security technologies with Prime / MSE Servers.

Built, developed and conducted trouble shooting for Data Centers, LAN/WAN Networks (Cisco Routers / switches), Virtual Switching, Virtualization, Vmware, UCS / EXSI hosts setup, Wireless, Access Points /controllers, L2 / L3 Network Security resulting in stable IOS and Nexus Releases

Developed /maintained Cisco Nexus Data center switches (N9K,7K,N6K,N5K,2K) in Fabric Path traffic forwarding using CNPR, DFA and DCNM providing more efficient Cisco Data Center Releases

Extended experience for Cisco Nexus 9000 Series Switches ACI Fabric and the Cisco Application Virtual Switch (AVS), also Nexus 9K in Nexus modes with Vxlan deployment

Gained strong technical knowledge of Cisco Classical Ethernet Routers / Switches, VM Networking, Storage, UCS setup, Security, Voice (Call Manager) setup from designing, implementing and administering, configuration, troubleshooting Routing Protocols and Date Packets connected to Host (Windows, Linux, VM, etc…) network/share resource and setting security parameters, firewalls, etc allowing for expedient and reliable support for Cisco customers

Designed, configured and debugged IP/IPv6 Routing protocols such as: (RIP, OSPF, EIGRP, BGP, ISIS, DHCP, NAT, IPSEC, Netflow, QOS, Dot1x, AAA model, Firewalls, Data Encryptions and troubleshot packet in data and backplane switching of Cisco Routers / Switches & Cisco ASR.

Developed, built, and maintained Date Center cloud, Fabric Path (TRILL) data switching packets, Traditional Layer2 Spantree forwarding, Layer 3 Routing Protocols and L2 adjacency, BIG-IP F5 load balance, F5 Firewalls,F5 LTM/GTM, Cisco ACI for SDN Network.




Data Center Networking design and deployments


WLC, Linux kernel, Layer-3 /Layer-2 Adj, MPLS,VPN, 6VPE, Data Center Visualization, Vmware, Dynamic FabricPath(DFA), DCNM, Nexus environment.


IPv4 / IPv6 Routing Protocols (RIP, OSPF, EIGRP, BGP, ISIS, DHCP, NAT) IPSEC, Netflow, QOS, Dot1x, AAA model, Firewalls, Data Encryption and troubleshot packet in data and backplane switching of Cisco Routers / Switches & Cisco ASR


Cisco ISE, Prime and MSE and Wireless


Cisco L2/L3 Switches, Nexus, N9K, 7K/5K/2K F5 LTM/GTM, Cisco ACI for SDN Network and Firewall


CISCO Nexus / ACI Mode and Nexus Fabric Path




Degree (Level & Concentration)

Completed (Yes/No)?

Keller Graduate school of Management, San Jose, CA 2010.

MBA in Network Management


George Washington University, Washington, DC 2009.

Master Degree Project Management


Devry University, San Jose, CA, 2006.

BS in Communications



Wells Fargo Bank, Minneapolis, MN Dec 2017- Present

Senior Data Center Network / Security Engineer

Wells Fargo Network Datacenter

Designing,deployment and troubleshooting Data Center Network included security configuration Routing, Routing Protocols, and tuning of Cisco security appliances

Designing and configuration Cisco ASA, GETVPN, VPN (site-to-site, remote access client, IPSec, IKE, tunnel modes, SSL/clientless/AnyConnect, tunnels between firewalls,

Designing, building and troubleshooting Cisco ASR, Nexus (N9K, N7K, N5K, N2K) data center in NXOS / ACI mode, F5L-balance Firewalls (NAT, IPS appliances and tuning alerts)

Network Access Control (NAC) / Cisco Identity Services Engine (ISE) integration with wired data, wireless infrastructure, and VPN, as well as posture and client provisioning

Working knowledge and troubleshooting of network engineering of local and wide area (LAN/WAN) technologies and MPLS packet switching connected Remote sites

• Troubleshooting of IPv4 / IPv6 networks and their routing protocols, L2 / L3 switching, Packet switching, ISE, Prime and MSE security best practices, etc

Xcel Energy Corporation, Minneapolis, MN Nov 2015 – Nov 2017

Senior Network Security lead Engineer

Xcel Energy Security Design Center

Managing, leading, designing and deploying Cisco Security infrastructure that develops network wireless / wired networks to be authenticated /authorized through Cisco ise with Prime/MSE Security.

High-level design implementation of Cisco ISE with Wired / Wireless devices with F5 LTM and test plans for enterprise security technologies

Delivering expert security device management including, WIFI / ISE (Radius / Tacacs+ Servers) to be authenticated all Devices / Users, monitoring, profiling, patching, and designing Network growth

Enterprise-level design of ISE, Prime, MSE, & L2/ L3 Network configurations and troubleshooting..

Building LAN/ WAN Enterprise level Network, deployment Cisco ISE / Prime on wired /wireless network guest access, Firewalls /VPN setup, ISE profiling and posturing deployment, PxGrid setting

State of Minnesota, Minneapolis, MN Jan 2015 - Oct 2015

Senior Data Center Network Engineer

Minnesota State Data Center Architecture

Managing, leading State Data Center inlcuded Nexus N2K, N3K, N5K, N6K, N9K (ACI / Non-ACI Mode) / traditional Network infrastructure project to ensure quality, efficiency and dependability.

Designing, configuring and deploying complex Datacenter with classical Ethernet network, Firewalls, load balance Problems and developing corrective action.

Designing and configuring Data center Network, BIG-IP F5 / Load balancer using different types of routing protocols to meet users request for service following design guidelines.

Debugging Security incidents and seeking ways to improve State Network Security and performance, maintaining F5 Firewalls and overall State Network Security.

Avaya, Sanjose, CA Oct 2014 - Dec 2014

Senior Software Engineer

Data Center C-POD Network design Engineer

Manage, Configure, debug and deploy Avaya Collaboration C-Pods, which combines applications, Virtualization and storage (EMC) for end to end solution.

Configuration using Orchestration Manager (COM) in real-time, web-based management tools to debug and troubleshooting for a wide range of network devices

Configure and test using Provisioning Service (VPS) to deploy tenants with different VLANs, ACL and port setting features) and for setting device credentials, roles and permissions

Design, configure and debug Data Center cloud Network traffic with ESXI hosts, using APIs/tools and building C-POD Network

Deployment, UCS, Switch bridgin to forward Layer 2 and Layer 3 Packet.

Cisco, Sanjose, CA Aug 2000 - Oct 2014

Senior Software Engineer

Data Center and Network design architecture

Design, configure and debug Data Center cloud Network traffic with ESXI hosts, using APIs/tools DCNM, DFA Data Server using Nexus N7K, N6K, N5K/ & N2K (Fex), N9K (ACI / Non-ACI mode)

Deployment and support of Nexus Switches, UCS, Fabric Path (Trill) to forward Layer 2 and Layer 3 Packet from Classical Ethernet to Fabric Path mode.

Build customer Data center setup in Cisco by using Nexus Switches such as: N7K, N5K, N6K, N2K and connect EXSI Hosts, using Linux kernel to reproduce and debug Customer issue and configure network/share resource and setting security parameters, firewalls, etc…

Work and debug Hardware /Software Forwarding Table in packet drop with Layer 3 Routing Table with equal / non-equal load balance and Layer 2 adjacency table.

Work MPLS, VPN, 6VPE, VRF-Lite and IPv4 / IPv6 Supported Routing protocol such as: (RIP, OSPF, EIGRP, BGP, ISIS, Static etc…) in different Cisco IOS releases on 6500 switch and NEXUS (N7K, N6K,N5K) Releases

Write technical notes, Function Specs, Test Plans for the new features, and plan them executing time, script require and attend bug scrubs.

Set up Call Managers, CM Express, Gateways, users with their Voice Mails / permission and adding call routes with restriction

Design, test and troubleshoot Layer-2 and Layer-3 Network Security on Cisco Switches including Port Security, VACL, RACL, IPSEC, VPN, Dot1x, SSH, Kerberos, NAT and DES/3DES.

IPv4/IPv6 Multicast Traffic PIM Dense/ Sparse Mode, IGMP, CGMP, DVMRP & MLD Snooping

Microsoft Corp, Seattle, WA Nov 1998-Aug 2000

Software Engineer

Window Servers Network Design Engineer

Window 2K Development / Testing; Team, wrote Technical Notes, Test Plans, designed, built and Troubleshot Window 2000 Networks and Datacenter Servers.

W2K Network Layer issues resolution – tested, debugged systems, Network topologies, filed bugs and verifying windows patch fixes by using manual or scripts before released to the customers

Built, Tested and Troubleshot of W2K Active Directory, DHCP/DNS and Backup Servers.

Designed, configured and troubleshot of RAS using PPP authentication CHAP/PAP & PPP multilink.

Worked with software W2K development team to design and maintain the website using MS FrontPage and ASP 3.0 using MS SQL Server 2000 as database for testing

Built, configured and debugged of W2K Data Center Servers and Networks backup.

CTV (Canadian TV Network) Toronto, Canada Aug 1998 – Nov 1998

System Engineer

Network Multicast Video Engineering

Designed and deployed Network services, including creating domains, users, print servers, setting trust relationships between domains, Network Monitoring and Backup Servers Accomplishment

Designed Architecture Network Multicast Video architectural design and implementation of streaming media data acquisition, distribution, and hosting.

Supported and setup MsMail, Outlook, BMail systems and Mail gateway Servers and users

Performed fine network tuning, security and responsible data migration between Novel and windows

Supported over 1400 CTV Network users, using LAN& WAN with different systems.

Professional Development courses and certifications


CCIE Written (Routing & Switching); pursuing Lab





CNA Novel



Configuration and Troubleshooting of Routers and Switches, IP Packets with Service Line Cards

Network Sniffer a/Analyzer, Network Emulation and Traffic generators

Linux/ Unix administrator

Managing the Enterprise Network Security and CCIE Security

Designing and debugging Wireless and WAN Networks including Controllers and Access Points

VMware and Data Center Virtualization Training certification

Advanced Cisco Router Configuration and CCIE Routing & Switching

W2K/ SQL and Data Server System Administration and Server backup Certification


To be furnished upon request

Contact this candidate