Cisco Security

Jeff Xiao Email: addwof@r.postjobfree.com Phone: 562-***-****

SUMMARY

Visionary, resourceful hands-on Network Engineer with specialty expertise and proven success innovating state- of-the-art solutions on time and under budget. Respected leader of diverse, cross-functional teams and highly regarded as a key resource, critical thinker, and out-of-the-box problem solver. Strong understanding of the relationship between technology and strategic business interests with a P&L mindset proven to drive multimillion- dollar annual savings with a proven track record of managing large-scale global network engineering teams in a corporate environment.

Effective user of technology to increase profits, productivity, and complete edge while simultaneously delivering significant reductions in the cost of doing business. Backed by solid credentials including multiple industry certifications, advanced technical acumen, and cross-platform expertise with over 14 years of international experience in IT industry.

Expert in the design and delivery of cost-effective, high-performance information technology infrastructures and applications to address complex business problems.

Extensively qualified in all facets of project life cycle, from initial feasibility analysis and conceptual design through implementation, documentation, user training and enhancement in a large international corporate environment.

Strong international networking with a proven ability to build and manage creative, highly energized, focused IT teams. Proactive, forward thinking individual with high energy, motivating personality. Excellent leadership and teamwork skills, posses a high personal integrity, credibility, and energy within a professional environment.

Enthusiasm for learning new technologies and finding better solutions. Excellent analytical, problem solving, decision making, and crisis control skills.

Flexibility of work environment, ability to work independently, and comfortable with rapid changes.

Helped identify business needs, propose solutions; prepare budgets and schedules, and coordinates with PM on resources identification and assignment.

Extensive scoping, estimating, and scheduling experience. SKILLS & EDUCATIONAL SUMMARY

Formulation of tactical and strategic plans to continuously improve process, procedures and overall level of IT maturity, Specialized training in specific aspects of job functions and demonstrates the ability to perform assigned tasks in the IT field, Created and maintained deployment project plans while speeding implementation processes in turn increasing ROI

Analyzed and integrated trends and patterns to determine the root causes of technical problems; communicated daily with Global delivery team members on implemented solutions and reengineered systems to achieve continuous improvement.

Direct interaction with Internal Audit, Audit Compliance, Risk Management and Change Management

Established corporate wide strategic IT guidelines and documentation

Worked closely with senior management to define and implement business best practices

Understanding of department’s service catalog and technical delivery solutions in detail and capable of explaining them in concise terms to Technical Operations team.

Excellent organizational skills, troubleshooting and time management.

Full implementation duties of infrastructure technologies-Hardware and Software Clustering allowing infrastructure to meet high availability requirements while maintaining horizontal and vertical scalability.

Designed multi tiered environments with processes driven procedures for operation and ease of maintenance support, built effective cross-functional teams, In-depth IT Analyst and Strong Problem Solver

Ability to work autonomously on various assignments and projects combined with the discernment to know when to approach issues from a team and customer perspective. EDUCATION, TRAINING & CERTIFICATIONS:

Cisco Digital Network Architecture – SD-Access

Cisco ACI Data Center – SDN-Data Center

Cisco Security Solutions Architecture

Cisco Data Center Networking/Compute

Cisco Spark Collaboration Architecture

Cisco Media Blueprint Architecture

Viptela SD-WAN

Certified Ethical Hacking (CEH)

SANs GCIH– Hacker Tools, Techniques, Exploits and Incident Handling Python/Automation

Juniper JNCIE – Enterprise R & S

Juniper Certified JNCIS – Enterprise R & S

Juniper Certified JNCIS – Enterprise Sec

Juniper Certified JNCIA – Enterprise R & S

Riverbed - WAN Optimization

Implementing Cisco Unified Communications IP Telephony (P1/2) Implementing Cisco TelePresence Video Solutions

Cisco Certified Network Professional (CCNP)

Cisco Certified Voice over IP Specialist

Cisco Certified Quality of Service Specialist

Cisco Certified Network Associate (CCNA)

Microsoft Certified Professional (MCP)

Microsoft Certified System Administrator (MCSA)

Microsoft Certified System Engineer (MCSE)

Microsoft Certified Database Administrator (MCDBA) Certified Technical Instructor BPPVE of state of California CompTIA A+ Certified Professional

Technical Resources Management - Hass School of Business, UC Berkeley Leadership and Management Training Program - Chapman University B.S. Information Technology - Western Governors University

Routers & Switches

Cisco 7000,4000,3000, 2000 Series Integrated Service Routers, Catalyst 9000, 6000, 5000, 4000, 3000, 2000 Campus Switches, Nexus 9000, 7000, 5000, 2000 data center switches, Juniper EX 2200, 2500, 3200, 4200 and 8200 Data Center switches, HP Procurve,, Nortel L2 & L3 switches, 3Com, Linksys, Netgear & other multivendor software/ hardware based appliances.

Security Hardware & Software

Cisco StealthWatch, Cisco AMP endpoint protection, Cisco Firepower Threat Defense NG Firewalls, Cisco Thread Analystics, Cisco Web and Email security, ASA ASA SSL VPN, IDS/IPS, Nokia/ Checkpoint Firewalls, TACACS+, RADIUS, Cisco ACS, WatchGuard X500, X700, Sonicwall, Juniper SRX 220, 650, 3400 and 5800 Data Center firewalls w/ IDP, Juniper SA 6500 SSL VPN, Juniper NSM, Nortel VPN, RSA/Smartcard/PKI multi- factor authentication, Websense, Bluecoat ProxySG 800, 900, 9000 series, Netmotion wireless mobile VPN, Citrix Netscaler SSL VPN, other multivendor software/hardware based appliances.

Wi-Fi Wireless

802.11b/a/g/n 500 Series Wireless Express Access Points, Aironet 3500 Series, Aironet 1260 Series, Aironet 1250 Series, Aironet 1240 AG Series, Aironet 1230 AG Series, Aironet 1200 Series, Aironet 1140 Series, Aironet 1130 AG Series, Aironet 1100 Series, Aruba 3000, 6000 series controllers, wireless security protocols, other multivendor software/ hardware based appliances.

Load Balancers, WAN Acceleration, Network Monitoring (NOC) & Specialty Appliances & Technologies Riverbed Steelhead Interceptor, WANaccelerator appliances models 550,1050, 2050,7050, Central Management Console, Cisco ACE Module & 4710 load balancer, F5 GTM/LTM load balancers, Orion, Solarwinds, Negios, NetMRI, PathView, Aruba Airwave Monitor, NetScout InfiniStream, OpNet ACE.

Voice & Video over IP/ Voice & Video Collaboration/ Voice and Unified Communication Technologies Cisco Spark, Cisco Jabber, Cisco Call Manager, Call Manager Express Editions on 3800/ 2800 ISR, Cisco VG224, VG248 Analog Voice Gateway, Cisco Unified IP Phone 9900, 7900, 6900, 500 Series, Cisco Unified Survivable Remote Site Telephony (SRST), Polycom Telepresence RPX, OTX, HDX and CMA desktop video, Cisco Telepresence system MSE 8700 (CTS), Cisco MCU, Telepresence Management System (TMS), Cisco Conductor, Cisco Video Conference System (VCS), Cisco Expressway, Jabber, IP Surveillance System,

Network /Routing Protocols &Technologies

Cisco IOS, NXOS, TCP/IP, Netconf/YANG, Gigabyte Ethernet/Ethernet/Fast Ethernet, UTP/ STP CAT5,CAT6, Fiber Optic, Coaxial Cabling, Frame-relay,DS-1, DS-3, OC-3, OC-12, OC-48, ISDN, ATM,DSL, PRI/BRI, T1/T3, MPLS, VRF-Lite, RIPV1,RIPV2, IGRP, EIGRP, OSPF, BGP, Static & Dynamic Routing, IPSEC, SSL, DMVPN, Cisco Secure TACACS+, RADIUS, Public Key Infrastructure PKI, ACL, TLS, EAP, LEAP, WEP Security protocols, Multicast, MPLS, VXLAN, MP-BGP, Route filtering, route redistribution, route maps, route- reflector, access-lists, network design, QoS, HSRP, GLBP, VRRP, STP, PVST, SNMP, Voice Over IP, VoIP, H.323, MGCP, SIP, DWDM, Distribution and Access Layer technologies.

Network OS & Apps

Windows Server 2016-2000, Windows Desktop10-XP, CentOS, Linux, Kali, Sun Solaris, Active Directory, Exchange Server 2010/2008/5.5, Disaster Recovery and Business Continuity Planning, VMware, virtualization, Anti-Virus/ Anti-spyware, Storage Area Networks (SAN), Network Access Storage(NAS), Network management and monitoring tool, HP OpenView, Visio Enterprises, Protocol Analyzer Sniffer, MS Suite

Servers/ Desktops & Specialty Appliances & Technologies Cisco UCS, Dell PowerEdge, IBM Power Systems,HP ProLiant servers, Cisco Digital Content Manager, PROJECTS

I consider myself as highly motivated, entrepreneurial-minded technical professional who has a passion for delivering world-class technology and services that enable customers produce successful business outcome. Technologent LLC – 2017 - Present Los Angeles, CA

Role: Solutions Architect – Security & Infrastructure

Provided pre/post sales consulting services to Financial, Healthcare, Government and Enterprise customers on infrastructure design, optimizing operations leveraging AIOPS solutions and security tools/platform automation.

Demonstrated cost-effective cloud strategies and technical solutions based on customers’ multi-year business strategies and goals. Provided detailed cloud architectures, implementation solutions, and accurate cost analysis for various solutions.

Created detailed SOWs for customers on Infrastructure design & implementation, ensured HLDs/LLDs meet technical specifications and customers’ expectations. Transitioned new deployment day one and day two support successfully.

Lead new security practice at Technologent, focused on technical solutions uses cases, examine and compare vendor solutions based on customers’ requirements, and manage technology partners relationship.

Lead Zero Trust security methodology, incorporate micro-segmentation, SIEM, Threat Analytics, IAM, FIM, NGFW/IPS, EDR and URL/Email filtering technologies into threat protection architecture and modular multi-year security road-map design. Built technical marketing and pre-sales training collateral on Zero Trust architecture for Account Execs and Solutions Architects.

Provided threat analysis, removed malware infections, identified and secured known applications/systems vulnerabilities in heterogeneous customers environment.

Develop DevSecOps security centric pipelines, provide compliance driven security solutions based on CIS/NIST standards.

Provide consultative secure coding policies and architecture to application developers and DevOps teams

Build multi-cloud strategies and secure cloud services/workloads through multi-phased methodology – Asset Discovery, Visibility, Controls/Enforcement, Automation/Analytics.

Deliver OINST, black box/grey box infrastructure penetration testing, web penetration testing and provide threat heatmap, actionable recommendations and executive reports. Cisco Systems – 2015 - 2017 Los Angeles, CA

Role: Systems Engineer – Media & Entertainment Accounts

Developed and lead technical account plans and strategies for west coast major media accounts leveraging all available resources - executive sponsors, marketing, technical, services, Cisco on Cisco, etc.

Provided technical guidance to Account Managers driving double digit revenue growth through new opportunity identification, creation and competitive deal analysis. Achieved 115% plus annual attainment.

Established high-level executive and technical relationships within critical strategic accounts to win incremental product and service business.

Partnered closely with Cisco internal technical resources to ensure technical excellence in all positioning, competitive analysis, proposals, and exchanges.

Teamed with authorized channel partners on sales opportunities leveraging their capabilities and relationships where appropriate. Identify and recommend new partners to customers, develop partners with Cisco resources and grow the partner execution to excel in this market space.

Applied solution-selling methodologies to maximize corporate revenue growth on both tactical and strategic opportunities.

Presented Cisco's threat-centric cyber security solutions to reduce complexity while providing unmatched visibility, continuous control and advanced threat protection across the entire attack continuum -- before, during and after an attack.

Built executive relationships, developed and executed technical sales strategies and tactics that maximize Cisco’s opportunity within the customer environment, promoted the value proposition for Cisco’s Security Architecture.

Engaged in highly dynamic and fast-moving environment where the interlock between the customer, the field, and the business unit are critical as we align our features, timelines, and scale based on the customer business requirements to drive product development and roadmap.

Provided PoC/PoV lab setup, worked with customer and internal engineers/solutions architects. Provided in- depth technical knowledge transfer including hands-on work with customers, solutions validation services, advanced services, and advanced troubleshooting and project management.

Presented, designed and demonstrated various technical solutions to customer engineers, managers and executives to position the value of Cisco solutions, such as Cisco Spark Collaboration platform, Cisco ACI, Software Defined Access, UCS+Virtualization, HyperFlex, Cisco Security architecture and services.

Worked directly with the Product Management team to clearly communicate customer feedback about use cases and feature requirements with the goal of enabling continuous improvement of Cisco Data Center Switching solutions

Provided technical expertise to position Cisco’s campus switching solutions effectively against competing offerings. Increased Cisco campus switching install base in customer environment, improved Cisco product quality and protected Cisco brand.

Focused on Data Center technology and Cyber security as personal achievement, participated and provided assistance to industry events, such as NAB, IBC, BlackHat, DefCon, etc.

Participated in the writing of RFP/RFQ/RFI responses Creative Artists Agency – 2013 - 2015 Los Angeles, CA Role: Network/Collaboration Platform Architect

Analyzed network design, topology and configuration. Identified technology gaps, such as QoS inconsistency, ISP bandwidth issues and multimedia endpoint configuration errors. Recommended and implemented configuration changes, resolved HD/SD voice and video quality issues for multiple locations.

Designed and implemented Cisco call manager development environment for software upgrade and troubleshooting. Minimized production outages and self-inflicted errors in production environment, stabilized end users’ collaboration experience.

Reduced operating and licensing costs by enabling cloud applications on improving and standardizing infrastructure change approval, communication and implementation processes.

Designed and implemented cloud infrastructure based on various IT business requirements, accomplished network/system/services high availability environment

Developed new office/office expansion solutions based on business requirement collected from stakeholders. Incorporated technology standards and IT security requirements into new designs, managed project timeline and resources and completed implementation on time within budget.

Established systems monitoring, alerting and escalation policy, leveraged on premise solutions and cloud technologies to proactively engage operations collaboration and support.

Designed, implemented and upgraded Cisco collaboration applications, such as Webex, VCS/Expressway, Cisco Jabber, Call Manager, and Instant Message & Presence Server in multi-cluster and multi-host environment. Worked closely with internal and external resources on collecting business and application requirements, communicated technical solutions and caveats, maintained customer relationship and managed customers’ expectations for collaboration applications.

Designed and implemented video conference and Telepresence systems; achieved application high availability and potential growth capacity, standardized video endpoint configuration, video/content resolution and delivered consistent HD video/content experience to end users. The Walt Disney – Corporate IT DTSS 2012-2013 Glendale, CA Role: Network Principle Architect

Provide recommendation and correction to published network technology standards and implementation documents; work closely with Disney Technology Solutions & Services (DTSS) Strategy and Architecture group on developing new technology standards and applying corporate standards according to business requirements.

Managed business acquisition/integration projects, such as Lucas Film and Marvel’s network integration across multiple data centers and service providers. Resolved network/system performance and data interoperability issues with engineers from multiple functional teams/business divisions.

Identified complicated network topology, devices and services suppliers for next generation network high availability migration/consolidation project. Managed service providers and internal engineers throughout gap analysis process. Developed step by step migration plan and communication plan between teams and vendors. Conducted technical training and provided leadership to Xerox support engineers during logical network configuration and migration phase.

Presented project migration strategy, timeline, costs, watch List & detailed mitigation plans to various levels of senior leadership team. Communicated weekly project status to DTSS senior management team and coordinated change control schedules across multi-service-provider environment.

Provided technical guidance and support for Disney Interactive Business Division new buildings move project. Reviewed and validated service requirements for various departments and business units, refined design concepts and configuration details on routing/switch, data security, wireless infrastructure and voice/video systems. Identified and corrected multiple design and configuration inaccuracies. Managed Disney internal engineers, Xerox engineers and Cisco Advanced Service engineers throughout the migration phase. Successfully moved 5000+ users to the new buildings within scheduled timeline.

Provided technical design assistance to key corporate initiatives, such as VDS service, PING Directory Federation, Lync server 2010 upgrade, etc., Coordinated on-going emergency change requests through change control process, guaranteed projects deliver dates and minimized business impact due to project delays.

Focused on new Disney theme park communication technologies design in Shanghai. Interviewed theme park operations division leaders, the Walt Disney Imagineers and Attraction system owners on business and regulatory/compliance requirements. Consolidated business requirements, published business requirement documents to Disney senior IT management team, identified cost-saving synergies and provided overall technical design strategies.

Met with technology vendors and global service providers, explore innovative solutions/technologies that are future proof, can meet or exceed business requirements and reduce overall operating costs for the new theme park.

Developed multicast IP TV, ATM machine and IP surveillance system/network architectures for the new theme park and hotels, provided detailed technical configuration to local engineers and vendor engineers.

Provided data center design architectures and enforced implementation/operations standards/processes for existing and new data centers. Trained data center support engineer on new ITIL processes, provided hands-on configuration trainings and troubleshooting techniques. FOX Entertainment Group – 2010 - 2012 Century City, CA Position: Sr. Network Security Design Architect

Analyzed global private/public network infrastructure services, identified and documented potential security risks and business operations service gaps. Presented design solutions and cost-benefit analysis to the senior management team. Successfully implemented industry best practices and new designs for major hub sites globally, developed security threat mitigation strategies and standard operating procedures for network operations team.

Identified content delivery performance bottlenecks for Fox Film Corp. Resolved major service outage and provided temporary work around solution for business continuity. Presented RCA for the service outage and proposed new design to senior management team and award over two million dollars budget for re-designing and consolidating media content distribution network for the FOX Entertainment Group.

Re-designed network architecture and data center server farms; developed data center migration plan and mitigation plans, communicated roles and responsibilities to each functional team, completed migration of two data center server farms within projected time window.

Collaborated with network operations team and established IT security governance model by publishing new security polices, SOPs and checklists. Presented new processes to various teams and business units, incorporated the security governance model into existing network compliance and approval processes.

Designed FOX corporate IaaS in Amazon cloud with global failover capability. Provided consulting services and trainings to system engineers and application architects. Developed detailed service provisioning processes, network/server change request processes and service reclaim/retire processes. Collaborated with Amazon and FOX SMEs in researching Paas, SaaS and STaaS capabilities, and conducted cost and feasibility studies. Beckman Coulter Inc. - 2007 - 2010 Brea, CA

Role: Enterprise Architecture - Technology Architect Position: Manager, Global Network Services

Key highlights of my role:

Leads the design, development, and delivery of infrastructure (data/voice/video) technical solutions.

Provides assistance to project managers, senior management and other leaders by identifying the infrastructure requirements and associated projects.

Provides subject matter expertise on solutions selection.

Leads a team of 12 engineers on implementing global projects and provide technical support to internal/external customers.

Technology Implementations: 15000+ employees, 130+ sites, 2 Main Data Centers, 6 regional Data Centers, 2,500+ network nodes, Cisco 6509, Cisco 2800/2900, Cisco 3750, 3550, 3560, 7500, T1, T1x3, AT&T Opt-e-Man 1G Circuits, Nortel 5520, 1600, Juniper EX 2500, 4200, 6800 switches, Riverbed WAN accelerators, Cisco ACE load balancers, Switching, Routing, multicast, OSPF, BGP, Quality of Service (QoS), Polycom, Bluecoat, IP Voice & Video, IP Telephony, PBX.

Planned the target enterprise architecture by analyzing the current business and IT strategies and vision, designing an appropriate Reference Architecture, and creating the Network Architecture/Technology Roadmap.

Collaborated with business owners and business analysts to analyze, clarify and validate business requirements; participated in design meetings to oversee the continuous development of detailed technical specifications.

Led the planning, design, development, maintenance and support of managed network services, providing technical solutions and standards for business acquisitions and coordination of IT projects, infrastructures, and technical support services.

Reviewed and evaluated support/maintenance contracts annually, identified cost saving opportunities and synergies within IT. Saved over half a million operational costs for 2011 by eliminating overpriced agreements and support contracts.

Reduced operational costs $200,000 by leading the outsourcing of various technology services to a new offshore service provider; led all aspects of the transition, including the coordination of cross-functional, international teams and guiding planning, migration, and transition processes.

Re-Designed and implemented Cisco architectures to improve WAN QoS strategy and WAN efficiency; eliminated unnecessary bandwidth cost and improved overall voice quality for major call centers.

Established routing standards for 130 sites globally by re-designing and simplifying multi-routing protocols environment to single WAN routing protocol topology. Stabilized routing environment and improved WAN Mean Time to Resolution window.

Designed and implemented application/traffic load balancing strategy using Cisco ACE platform, resolved multiple stale web application issues and improved business application efficiency.

Consolidated multi-vendor IPSec VPN connections using standard platform and routing logic, improved perimeter security visibility and centralized resource access authentication and control process.

Designed and implemented PKI infrastructure and deployed Smartcard solution to corporate users and external vendors. Collaborated with other functional teams on client software deployment, provided trainings to level 1 & 2 support staff and created video-on-demand “How to” tutorial for end users.

Developed and educated service-oriented architecture (SOA) values and training to other functional business units; identified and achieved cost savings related to SOA, software quality, and reusability.

Designed and implemented global high availability RADIUS infrastructure following the industry best practice AAA concept. Centralized logging on network related activities; provided detailed reports to IT audit and other compliance audit teams such as HIPPA, FDA, PCI and CQSI.

Implemented main Data Center collocation project according to the plan. Identified key resources from other IT teams and assisted project manager on resource allocation and task assignment. Led a team of engineers resolving technical crisis and assured major milestones are met, completed the project within time and under budget.

Re-designed and implemented multicast video for surveillance cameras and DVR systems, assisted corporate facilities department meet security and audit requirements, reduced insurance costs on the storage of manufactured instruments.

Architected global WAN technology to MPLS based solution and improved WAN service quality and availability. Consolidated many-vendors environment down to three vendors, composed RFP and negotiated low cost service contracts with carriers that have global presence.

Managed global wireless replacement project, replaced Cisco wireless environment to Aruba platform. Led a team of engineers on technical design, provided guidance on implementation plan and facilitated project communication plan to IT support staff and end users. Cultivated a customer-centric environment to provide desired services and experience; combined experience, insight, and data to determine how to best exceed customer needs.

Yokohama Tire Corporation - 2003-2007 Fullerton, CA Role: Senior Network Engineer

Led the design, development, and delivery of technical solutions to projects. Provided assistance to the Project Managers and other leaders by identifying the infrastructure and applications requirements of a project. Provided subject matter expertise on projects for solutions selection.

Responsible for personal engagement in proposal & business development support outlining technology solutions. Responsible for customer relationship management and working with business leaders, including Senior Executives. Analyzed business needs, recommended solutions, and facilitated solution delivery.

Participated in MIS operations annual project and budget planning, recommended appropriate solutions and proactively prepared infrastructure resources for future projects.

Analyzed, designed, and implemented the Internet/Web security strategy; protected data authenticity and information confidentiality with sophisticated security hardware and technology.

Proposed helpdesk and infrastructure work flow procedures to improve service efficiency and productivity based on ITIL best practices.

Designed and implemented Exchange server 2003/2007 upgrade project. Managed software and hardware change process and coordinated with business division on communication continuity. Maintained healthy server performance on a daily basis, achieved highest level of service availability and maximized ROI.

Analyzed previously failed Active Directory infrastructure deployment and re-designed a scalable, fault tolerant global Active Directory infrastructure. Optimized Active Directory management and performance using third party solution.

Initiated, designed and delivered Windows NT to Windows 2003 domain migration project. Ensured systems availability and productivity while implementing infrastructure upgrade, introduced state of the art technology to YTC data environment and managed the communication/education of the end user community.

Designed and proposed high availability solutions, business continuity plan using alternative technologies and disaster recovery strategies after a detailed analysis of business processes and system capabilities.

Analyzed PC/Server hardware and software contracts, infrastructure capability and vendors service agreements, prepared cost effective recommendations based on YTC’s budget and achieve annual operating goals.

Designed, implemented multiple YTC WAN migration projects; upgraded legacy Point-to-Point Frame Relay to Fully-meshed MPLS technology, significantly increased service availability, data communication performance and established a sturdy backbone

Contact this candidate