ELYON F. RABBEYAH
*********@*****.***
CAREER SUMMARY
Skilled and resourceful IT professional providing innovative enterprise-wide network solutions that include engineering, administration and security that meets with business requirements. This experience covers budgeting, vendor management, disaster recovery, LAN/WAN networking, routing and switching, voice, wireless, virtualization, storage, and security, as well as Windows and Linux server domain administration and support. I’m a dedicated team player with the ability to work effectively, the motivation to keep informed of evolving technology, and the ambition to grow within the company.
PROFESSIONAL EXPERIENCE
12/23 – 7/24 Sysco Corporation Vernon, California
Sr. Network Design Engineer (remote project work)
Global network support, including routing, switching, security, monitoring and troubleshooting
Global design and deployment of Eutelsat OneWeb Satellites for 150 remote offices
Aruba Silver Peak SD-WAN support and administration
MPLS operations support and troubleshooting
Topology design and presentation with MS Visio
Coordination with AT&T and other team for MPLS, ISP and Satellite deployment, configuration and testing
3/22 – 11/23 State Street Corporation Irvine, California
Sr. Network Engineer (remote project work)
Global Network Support, including circuitry and routing
LAN Support – Upgrade, Configuration and Administration of Cisco routers, Catalyst switches and Palo Alto Panorama managed firewalls; OSPF/EIGRP;
PAN Firewall / Panorama Upgrades
Configured, maintained & troubleshot hundreds of secure, controlled access connections to extranet portals for third parties (vendors, suppliers, partners customers, etc.,) via IPSec S2S VPN on the Cisco ASA platform
Managed Palo Alto firewall security policies and access control
SolarWinds/InfoSim Monitoring;
Use of monitoring applications AppView, and ThousandEyes,
Network Access Control and support with Cisco ISE, Cisco DNAC, and SD-WAN/Access
Postue compliance; created policy sets and authorization policies; configured identity stores; AD
Configured global ISE network authentication, authorization and accounting parameters
Device role assignment; Fabric Overlay deployment
Data Center Support – Cisco Routing and Nexus Switching, DMZ, Architecture; multiple locations
WAN Support - MPLS, Cisco Viptela SD-WAN
Internet Circuit Support, BGP Peering
9/20 – 9/22 City of Hope National Medical Center Duarte, California
Sr. Network Engineer
Turn up new ISP circuits on Cisco ASR routers; upgrade other circuits to 10Gb
Upgrade Aruba Wireless Infrastructure with Mobility Masters and 14 Controllers, 1500 APs
Cisco DNAC integration with Cisco ISE for centralized network management
Cisco Digital Network Architecture (DNA) cluster deployment for network segmentation, upgrades, policy-based automation, zero-touch provisioning, end-to-end visibility, and orchestration; policy, provision, design, assurance and platform workflows;
Cisco Identity Services Engine (ISE) deployment and configuration across enterprise infrastructurefor network access control, AAA, posturing and profiling; enforced endpoint compliance via client provisioning within 802.1x environment; support for discovery, profiling, policy-based placement, and monitoring of endpoint devices on the network; Enabled consistent policy in centralized and distributed deployments for service delivery; security group access tags and ACLs; MAC Authentication Bypass
Use of Software-as-a-Service (SaaS) for multiple applications with ease of accessibility, scalability, rapid deployment, maintenance and support
Aruba Airwave Monitoring and Aruba ClearPass Network Access Control for Wireless
Juniper Mist Wireless deployment
NetScout and ThousandEyes with probes to monitor network paths, analyze traffic, and provide monitoring of network and application performance, availability, and potential issues to ensure the optimal delivery of applications and services
InfoBlox implementation for IP address management, including DNS Zones, Static IP and DHCP Services, subnet management, DNS Security; Used in conjunction with Cisco ISE to provide context and enhance security response accuracy and timeliness
eBGP configuration & peering with multiple ISPs / iBGP configuration with internal peers
Cisco FirePower / ASA Firewall upgrade and administration; routing, policies and access control; multi-vendor IPSec VPN connectivity
Panorama for Palo Alto Firewall management and administration, including HA, logging, troubleshooting, OS upgrade, AV and threat protection, IPSec VPN, Global Protect, FIPS compliance, zone policies
Palo Alto Firewall deployment, configuring App-ID and FW security policies, virtual routing, L2, TAP and VLAN interfaces; Wildfire, PAT/NAT, L2/L3 Zoning and Segmentation
MS Azure Network configuration, with ExpressRoute setup and configuration, with dual BGP peering, VNet peering, and IPSec backup tunnel; including VNets, Subnets, vNICs; BFD and QoS; implemented VNet security groups;
Implemented Azure Traffic Manager and Load Balancing; Deployed application gateway
VXLAN configuration and implementation between Campus and Data Center
Migration from Ubiquiti wireless network to Aruba (Clear Pass, 802.1x, Mobility Master)
Designed and configure three-tier infrastructure using Arista Layer 3 Switches
Configuration of Palo Alto Firewalls
Switch refresh migration from Foundry/Brocade to Aruba, HPE and Arista
Setup new branch office, and refreshed/maintained current branch offices
Configuring the Fortinet Security Fabric; Fortigate Content Inspection
Configuring Static and SD-WAN FortiGate Routing; NAT/PAT
Configure IPSec L2L VPN, SSL remote access; policy/template configuration on Fortigate Firewall
2/19 – 2/21 USC ISI Viterbi School of Engineering Marina Del Rey, California
Sr. Network Engineer
VXLAN-EVPN Spine/Leaf configuration and implementation in Data Center
Migration from Ubiquiti wireless network to Aruba Wireless network
Configuration and support of Aruba/HPE switches in each IDF for node access
Designed and configure three-tier infrastructure using Arista Layer 3 Switches
Administration of network access control using Aruba Clear Pass, 802.1x
Deployed Aruba wireless controller / mobility master for central management
Configuration of Palo Alto Network Firewalls – HA, IPSec, remote access using Global Protect, configuration backup and restore, conversion into FIPS mode, set policies for zones, NAT, routing configuration with virtual routers, etc
eBGP peering configuration with ISP
Switch refresh migration from Foundry/Brocade to Aruba, HPE and Arista
Troubleshoot wireless, bottlenecks, and access issues
Configuration of SNMP, Netflow and Syslog for event monitoring
Establish 100G layer 2 link using dark fiber between campus and data center
Configure 10G / 40G links between floors throughout infrastructure
Configure MLAG, LACP and trunk links
FortiGate Firewall administration, including L2/L3 networking and IP routing, IPsec VPN, SSL Remote Access Web/Tunnel Mode, Trunking, VLAN interfaces, HA, Link Monitoring, NAT/PAT
2/18 – 1/19 4Over Business to Business Printing, LLC Glendale, California
Sr. Network Engineer
Setup Branch offices on East Coast
oDesigned Branch topology and infrastructure
oDeployed Cisco routers, switches, firewalls, wireless controllers and access points
iBGP client configuration for multiple ISPs, transit systems, and route filtering
MPLS Configuration and Full Mesh Redesign
DMVPN / EIGRP Configuration and Hub and Spoke Redesign
Core Router and Switch Configuration
OSPF design and configuration for local area network
Cisco Firepower 2100 Series Firewall Configuration and Deployment
Palo Alto 5020 Firewall Configuration and Deployment
Cisco ASA 5500 Series Firewall Configuration and Administration
Deployed Cisco ISR 4431 routers, 9300 series switches, 3504 Wireless Controllers for infrastructure refresh
Work with 3rd party telecom providers to plan and manage leased lines and WAN circuits at all branch locations
Created new schema for VLANS, Wireless, subnets, scopes and IP address management
Worked with management to document approved network change control for all projects, tasks and information security requirements
Big IP F5 2200 Series Load Balancers Administration
Use of SolarWinds for monitoring capabilities across the enterprise
Develop documentation of current as well as planned network
Lead network availability incidents with customers as required, keeping them informed on incident progress, and pending change or outages
10/16 – 2/18 Atos/The Walt Disney Company Burbank, California
Sr. Network Engineer – Global Projects Team
Responsible for Data Center Refresh Projects Globally
Created work plans and conducted peer reviews for all changes
Worked w/architecture team to deploy new routers, switches & firewalls in DCs worldwide
Palo Alto Panorama use for worldwide central management of firewalls
Configuration and Deployment Cisco 6880-X-LE L3 switches
Configuration and Deployment Palo Alto Networks 5060 Firewalls
Configuration and Redeployment of Big IP F5 2200 Series Load Balancers
Configuration and Deployment of Cisco 9372 TX/PX Switches
Modified and updated BGP and EIGRP routing protocols
Layer 3 VRF routing segmentation; Layer 2 VLAN switching segmentation
Configured port channels; trunks and vPCs
Troubleshoot connection issues between hop links
Configured Cisco ASR 9000 Switches for new gear brought online
Refresh of L2 3570 access switches with 2960 XR and 3850 models
4/16 – 10/16 Marina Del Rey Hospital Marina Del Rey, California
Sr. Network Engineer
Responsible for architecture and design for migration from one data center to another for new parent company
Used Visio Drawings for demonstration and documentation
Documented process and details of project procedures for future reference or troubleshooting
Upgrade / Configuration of Cisco ACS appliances for network and device access control
Retired legacy Cisco Routers; moved networks to Nexus 7010 under OSPF process
Upgrade and configuration of ASA 5520 / 5555 / 5585 Firewalls with new rules, routes, VPN and failover in active\standby high availability; Migration of IPsec tunnels/RA VPN
Configured backup IPsec Tunnel from DC to local MDF for 10GB L2 primary fiber link
Installed and configured SolarWinds as a tool for network monitoring and visibility
Use of InterMapper as a tool for network monitoring and visibility
Upgrade of 3750-X Stack Switches
Check Point UTM-1 configuration of separate vendor network for data/image backups
Data Center Migration with Fabric Path using Nexus 7010 / 56128P / 2248 FEX
Sophos Email / Web reconfiguration and move to new Data Center
Upgraded and configured cluster of Cisco WLC 5508 / Load Balanced APs
Assisted with the VBlock System 200 Converged Infrastructure migration between Data Centers, with Cisco 1000v, UCS, Nexus, EMC VNX 5300, and VMWare reconfiguration
Layer 2 expansion of VLANs from LAN to remote Data Center
9/15 – 4/16 Sony Pictures Entertainment Culver City, California
Sr. Network Consultant
F5 BIG-IP Load Balancer Administration
Infoblox DHCP, DNS and IPAM (DDI) Administration, including automation of routine network tasks and streamlining network operations
Cisco Switch Configuration and Support (Catalyst/Nexus)
BGP, EIGRP and Static Routing Administration, Redistribution and Support
L2, L3, L4 best practices configuration and support (STP, VLAN, VRF, ZONES, etc)
Use of SolarWinds for Network Monitoring and Management
Firewall Administration using Cisco ASA 5585 and Palo Alto Networks PA-5060, including configuration, deployment and troubleshooting
4/15 – 8/15 Fenwick & West, LLP Mountain View, California
Sr. Infrastructure Engineer
Cisco Meraki Z1 / MX100 Appliance – Provide remote L2L connectivity for home user, as well as wireless services for branch offices
Cisco ACS Server Clusters – for Device Administration and Network Access
Cisco UCS Servers – Manager / Central – 5108 Chassis, B420 M3, 6248UP FIC
Cisco Nexus configuration 2200 / 5000 / 5600 / 7000 Switches – vPCs VDCs, VLANs, Port Security, Routing
Cisco Catalyst 3850 Stacks / 4500-X VSS clusters / 6500 Switches deployment
Cisco ASA Firewall 5500-X Clusters / Multi-contexts, Edge / Internal Security, VPN; IPS / IDS; WCCP
Palo Alto Firewall Edge Deployment for External Security
Cisco Wireless LAN Controller 5508 Cluster / 55 3206i APs / 3 WLANs
Cisco ASR 1002-X / 7206-VXR / 2951 Routers – (Border, Internet, OSPF ABR, WAN)
Cisco CUCM, CME, Unity Connection for VoIP management, v10.5
Cisco CUBE integration with CUCM and SIP trunk on Cisco IOS software
Cisco M170 Content Security Management Appliance
Dynamic Routing / Static Routing, VRF zones; P2P IPsec VTI with OSPF
Cisco OTV / LISP and VMware SRM for replication and disaster recover at colocation
Use of SSL Certificate profiles for VPN connection with Cisco Phones from the Internet
Use of network monitoring tools such as Solar Winds and PRTG Enterprise
RSA Authentication Management 8.1
Infoblox DHCP, DNS and IPAM (DDI) Administration
03/08 – 4/15 TIBCO Software, Inc Palo Alto, California
Sr. Network Engineer
Global support of remote office networks (switches, routers, firewalls, circuits)
Cisco Nexus 7K/5K/2K switch configuration and support (vPC, VDC)
Migration from Checkpoint to Cisco ASA 5585-X Firewalls in multi-contexts
Migrated Cisco Distribution switches from Cisco 6509 to 4509R+E
Setup and maintain global site-to-site IPsec VPN tunnels with Cisco ASA
Designed and implemented global DMVPN solution with hub ASRs and Spoke ISRs
SSL / IPsec Remote Access configuration & support on Cisco ASA with various security parameters and policies, including mobile and tablet support
Configuration of static & dynamic routing
Riverbed SteelHead for management and optimization of network and application performance
Wireless LAN Controllers & Access Points setup and support
Multiple integration projects of acquired companies
Support replication infrastructure from HQ site to DR site
Implemented VoIP w/auto QOS using Cisco Phones through Cisco switches
Setup VoIP Gateways on Cisco 2951 Routers
Setup of Cisco Sourcefire FirePOWER 3D8140 Appliance for IPS/IDS protection
Full infrastructure management, include mentorship and management of Jr admin
Complete re-architecture and design of network infrastructure
Cisco ASA 55XX Firewall & VPN Solutions; Migration from Juniper Junos Pulse SA-4000
Cisco Switches 3560G/4510R+E (VLANs/Port Channeling/Routing/Security)
Cisco Aironet 1250 Wireless APs / 2106 Wireless LAN Controller
Co-location setup for AD and Exchange database replication via site-to-site VPN
PROFESSIONAL ACCREDITATIONS AND CERTIFICATIONS
Cisco Certified Network Professional – 2015 (Routing and Switching)
Cisco Certified Network Professional – 2016 (Security)
Cisco Certified Internetwork Expert – In Progress (Enterprise Infrastructure/Wireless)