Security Cisco
Resume:
RICHARD C. YOUNG * Red Ash Drive, Markham, Ontario L3S 4B6
adlpql@r.postjobfree.com
linkedin : www.linkedin.com/in/richardcyoung
EDUCATION
York University
B.A. Major: Math for Commerce and Computer Science Professional Accreditations and Memberships
• Novell Certified Network Engineer (CNE) • IBM BladeCenter and SAN Configuration
• Microsoft Certified System Engineer (MCSE) • Dell Equallogics SAN Design and Implementation
• Cisco Certified Network Professional (CCNP) • Cisco SMB Solutions for Engineers (SMBEN)
• Cisco Certified Security Professional (CCSP) • Linux Professional Institute Certification – LPIC-1
• Azure Administrator Associate • Designing Cisco Data Center Unified Computing (DCUDC)
• AWS Certified Cloud Practitioner
AREAS OF KNOWLEDGE AND EXPERIENCE
Network Infrastructure
Detailed knowledge and hands on experience with networking devices and environments including Cisco line of enterprise routers, and switches, Nexus 5000 and 7000 series switches, Avaya, HP\Aruba & Dell L2 & L3 switches. Cisco ACE & CSMs and Local Director load balancers, F5 BIG IP LTM, Cisco WLC 5500 (and AP’s), Cisco Meraki, Cisco Unified Communications Solutions, Juniper (T-series, MX-series) and Nortel (Alteon and Passport) products, Riverbed WAN optimization products. Excellent background with Ethernet (Fast, Gigabit & 10GE), 802.11a,g & n and VLAN’s. FT designs using HSRP, VRRP and stacking technologies. Extremely detailed knowledge of TCP/IP (v4 & v6), IGRP, EIGRP, BGP, OSPF, RIP2, PPP, PPPOE, MPLS, VoIP, Telephony, DOCSIS and RSVP protocols. Experienced with Frame Relay, ISDN, ATM (SONET), POS, T1, OC3, OC12, OC48 & OC192 wide area links, Software Defined Networks. Outstanding analytical and troubleshooting skills and methodologies. Security Design, Analysis and Investigation
In-depth knowledge and hands on experience with firewalls and security devices such as Cisco ASA Firepower, Meraki, CheckPoint, Juniper SRX, Fortinet 60D/90D/3600, PaloAlto 820/850/4000/5000 series Sonicwall, Sophos UTM, Blue Coat Proxy. Design and implement solutions involving advanced access-lists, content filtering, NAT/PAT, IDS (host and network, RealSecure, Cisco Secure), VPN’s (Checkpoint, Cisco), IPSec, PKI, Proxy servers and security standards. Designed and analyze application- level security (databases, email systems etc.) Conduct risk analysis, security audits, response methods and exception reports. Provide Windows, Exchange, IIS and Unix/Linux system hardening. Architecture and design experience with data center and cloud implementations. Experienced with Nessus, Retina, Kali, Snort, Tripwire, NMAP, Nexpose, Metasploit, Security scanners and tools (SANS SIFT, and CAINE). SIEM platforms such as Splunk, ArcSight and QRadar System Consolidation, Virtualization and Cloud Computing Extensive knowledge in design and implementation of virtualization technologies including VMWare (ESXi, vSphere, vCenter, vMotion), Windows Hyper-V, Xen, Citrix XenServer, Parallels and VirtualBox tools. Virtualization and consolidation projects included datacenter rationalization, environmental footprint reduction, hosted service physical chassis reduction, P2V migrations for legacy services and disaster recovery modeling, planning and testing using virtual environments. Backup, Recovery and DR activities using HA and other tools. Implement virtual servers, appliances, applications, services routing and security on Azure, AWS, GCP, RackSpace and others. Configuration of Docker and K8S environments. Automation tools, Infrastructure as code using Terraform and Ansible. Migration and management of SaaS and PaaS. Project Management
Proven ability to lead structure, assign responsibilities to project team members, and report to PMO on the status of both daily and weekly activities, task completions and constraints. Coordinated and managed projects within designated regions. Established effective project management skills including defining project plans and gathering estimates for activities and tasks, along with milestones, deliverables, and dependencies for large projects. Perform quality assurance testing and measurements. Excels at dealing with multiple projects and building strong customer relationships. Knowledgeable in risk management methodologies. Systems Analysis, Consulting and Management
Managed, supervised and mentored staff for various departments with multiple direct reports and thousands of end users. Excellent oral & written communication skills, with a demonstrated ability to work effectively with an end user community. Establish positive working relationships with numerous staff, peers and superiors to develop optimal environment while adhering to company standards. Analyze situations and proactively implement improvements within client guidelines while maintaining positive employee relations. Provided business process improvements, procedural changes, designed application systems and software package selection. Knowledge of SDLC, Zachman Framework, Agile principles, ITIL (Service Support and Delivery) best practices, and requirements analysis.
Technical Architecture and Technical Writing
Established record of creating detailed Architecture, Design, Implementation and Operational documents based on client requirements and successful implementations. Conduct capacity planning and gather data flow requirements to define accurate Page 2
design parameters. Effectively leverage existing infrastructure, legacy equipment and new technologies to provide the optimum solutions. Provide unit and integration testing methodologies. Produce detailed designs, documentation and implementation for WAN, LAN, DR, HA, SAN, Security Domains, DMZ’s, Facilities, RFQ’s, RFP’s, Requirement Analysis, Feasibility and Risk Assessments, Testing/Implementation, Data Flow Analysis, Application, Configuration, Network and Service Management. Develop training documentation and training to end-users. Network Management and Monitoring Systems
Utilize SNMP, RMON and established metrics to monitor, analyze, and control network resources using tools such as HP OpenView, CiscoWorks\Prime, Unicenter, AlgoSec, Netscout, SNMPc, Nagios, MRTG, Solarwinds, What’s Up, Tivoli, and BMC Patrol. Platform monitoring experience with MS SCCM, SCOM, SCSM, DPM and VMM. Analyze and implement network management systems based on client’s environment and mission critical devices. Design and implement proactive monitoring systems and service management plans. Regular use of Service Now, Trello & Jira. Application and System Administration
Performed regular server hardware and OS upgrades on Sun, HP/Compaq, IBM, Dell, Apple and others. Routinely setup and troubleshoot servers for connectivity (Configuration of OS and hardware). Windows Server (All versions) advanced administration, implementation and troubleshooting including RAS, NDS, AD, Novell Identity Manager, MS Exchange (all versions, including O365), TMG, IIS, Apache, and LDAP. Strong Unix (Sun, HPUX), Linux (RedHat, CentOs, SUSE), FreeBSD, OSX (Mac) administration skills. Designed and implemented Windows Server clustering and load balancing. Detailed knowledge of DNS, QIP, BIND, DHCP, TFTP, FTP, TACACS, RADIUS, LDAP and Syslog services. Knowledge of NetIQ Migration Suite, Veritas, Commvault, Legato products, Sniffer, EtherPeek, PrisimLite, WinRunner, Test Director, SmartBits, IXIA, Agilent Router Tester, MS Exchange, MS Project Server, SharePoint Server, MS SQL Programming and Computer skills
Extensive knowledge of productivity tools Work, Excel, PowerPoint, Project and Visio. Some experience with Bash Shell Scripts, Powershell and Python. Familiar with GitHub repositories. PROFESSIONAL EXPERIENCE
Blair Technology Technology Consultant Feb 2020 - Present
• Redesign internal network, Fortinet firewall rationalization
• Support various security platforms including Cisco ASA & PIX, PaloAlto and Fortinet
• Implement network core upgrade to Cisco Nexus infrastructure
• Implement SD-WAN and failover for multisite environment
• Design and configure VPN infrastructure for Azure, IBM and Skytap
• Assist clients with security, firewall, network, operating systems and applications
• Perform security assessments, reports and remediation.
• Implement monitoring and management solutions including Connectwise, Proofpoint, Ironscales, Liongard, Auvik, Pingdom, Qualys, Netsurion, Rapidfire and Solarwinds
Canadian Cancer Society Network Consultant Dec 2019 – Jan 2020
• Investigate and document current state infrastructure using Visio and Lucidchart
• Identify deficiencies and remediation
• Assemble network and security evidence for CCS PCI compliance Stericycle/Prompt Alert Network & DevOps Engineer Feb 2018 – Dec 2019
• Investigate and document current state infrastructure using Visio and Lucidchart
• Support & Deploy Azure & AWS. Use of Ansible, Terraform. GitHub, python, bash and PowerShell scripts for cloud management and automation
• Support Azure / AWS environments (connectivity, addressing, virtual machines, routing, security groups, load balancing)
• Redesign Cloud based VPN for interconnectivity
• Perform regular security assessments and participate in security related audits
• Redesign network integration using virtual and physical Palo Alto, Meraki & Cisco ASA network devices
• Implement Meraki AP solution, Migrate F5 VPN to Cisco ASA & Meraki
• Implement network monitoring and management tools (MRTG, RRD Tool, Nagios, Netbox)
• Provide detailed design and migration documentation to support project (Layer 2 & 3) 360Insights Network Design Consultant June 2017 – Jan 2018
• Migrate Cisco Aironet to new facility; expand AP count on 4402 controllers.
• Implement Infoblox NIOS VM for DDI and future services.
• Plan and document target state infrastructure (Layer 2 & 3)
• Use of Ansible, Terraform. GitHub python, bash and PowerShell scripts for cloud management and automation tasks.
• Provide planning and technical assistance for migration of windows services to Azure
• Rationalize and design AWS hosted services in a Kubernetes containerized environment
• Provide detailed design and migration documentation to support project
• Support data center network components consisting of Juniper EX 3400 switching, Palo Alto & Sophos firewalls and F5 LB
• Design and implement Aruba WiFi, Juniper switching stack, Palo Alto firewall solution Page 3
Inflection Group Network Consultant March 2017 – June 2017
• Design, implement migration of services to Office 365 for multi-site enterprise environment
• Coordinate Active Directory, File Share and Database move to Azure
• Design and coordinate WAN topology using ExpressRoute
• Implement remote support using SolarWinds Web Help Desk Buchanan Technologies Network/Security Consultant December 2016 – March 2017
• Design, implement data center move, with network and security rebuild
• Design and implement migration of Cisco ASA firewalls and Catalyst 2960 & 3850 switches to a Meraki solution, with core Dell L3 switches.
• Provide design and procedure documentation for firewall, switch and Kemp load balancer migration
• Provide design for migration of windows services to Azure using ExpressRoute
• Support security and routing requirements for O365, SfB and VMWare
• Design and implement Meraki switching, and AP solution at client office.
• Provide detailed design and migration documentation to support project
• Support Windows AD, server configuration and GPO’s IBM Security Consultant July 2016 – December 2017
• Design and implement large migration of Cisco ASA firewalls to FortiGate UTM for financial client.
• Design, implement and support Websense to FortiGate Web filtering, implementation of VPN rebuilds
• Provide design and procedure documentation for firewall migration Southern Ontario Library Services Sr Systems Engineer March 2016 – July 2016
• Execute and supervise the launch of specific systems upgrades and migrations to modernize the CoreIT Infrastructure of SOLS. This includes server virtualization, On premise exchange to O365 migration. Microsoft TMG to Meraki Firewall, VPN and Meraki switch infrastructure upgrade, Creating and implementing Windows 7 to Windows 10 imaging and upgrading process.
• Apply proven project management and problem-solving skills to identify, communicate and resolve issues Meet with senior management to identify specific business functions and requirements during the transition process. Shoppers Drug Mart Infrastructure Architect March 2014 –March 2016
• Utilize Wireshark to analyze packet captures to determine RCA of several business-critical issues
• Provide hands on support and troubleshooting for network related issues for enterprise Windows AD environment
• Examine firewall logs and data traffic patterns for ACL enforcement on Checkpoint and Sidewinder platforms
• Design and implement WAN optimization PoC for SDM store network using Riverbed
• Utilize and manage system monitoring platforms for unified reporting leveraging Arcsight, Splunk, Netscout, OpenView and SolarWinds
• Develop both logical and linear data flows to provide organizational knowledge to aid in both design and troubleshooting
• Provide design and implementation plans for Checkpoint and SideWinder firewall changes and upgrades
• Provide Infrastructure architecture for SDM – LCL network migration with SDN implementation
• Investigate, document and provide design changes to core Avaya & HP Network components
• Provide architectural oversight to all infrastructure initiates including overall security model
• Provide architectural input to production systems troubleshooting Fitze Technical Services Network Engineer March 2013 – March 2014
• Lead technical troubleshooting with network device changes on primarily Cisco environment
• Develop and implement procedure to configure, validate and ship 2,400+ Cisco 2960S & 3850 switches for TD Bank Retail Branch Optimization project
• Configure and validate all network devices prior to install.
• Provide hands on support and troubleshooting for network connectivity and configuration during implementation phases
• Develop documentation guidelines for TD Bank Retail Branch Optimization project
• Provide Project Management for all processes involved with TD Bank Retail Branch Optimization project
• Provide escalation support for all technical and procedural issues surrounding TD Bank Retail Branch Optimization project. Financial Services Commission of
Ontario (FSCO)
Technology Architect Jan 2004 – March 2013
• Configure firewalls for logging to syslog servers for preservation and incident analysis
• Provide installation and troubleshooting for all switches (Cisco & HP), routers (Cisco & HP), firewalls (Cisco) and servers
(Lenovo & HP) in the environment
• Implement IPv6 design and preliminary implementation
• Initial implementation of load balancing solution with Cisco ACE solution.
• Design and implement Cisco WiFi with integrated AD and guest access
• Complete redesign of data center, including project planning, equipment procurement and technical guidance
• Design and manage the execution of a transparent migration of ISP’s, Firewall hardware, DNS and web services
• Implement and maintain network and security monitoring platforms (Splunk, MRTG, SolarWinds, CiscoWorks)
• Design and implement data center rebuild using VMWare ESXi and device consolidation.
• Implement Multiple Fiber Channel SAN’s and Multiple Blade Center Environments (94TB capacity)
• Design, implement and migrate all network connectivity to a new Cisco 6509e (w/ Sup 720 modules) core switch, and Cisco ASA (failover mode) firewall and RedHat Linux based monitoring platforms Page 4
Highlights of
Consultant/Architect/Analyst
Engagements
Various Clients June 1998 – Present
• Migrate Sonicwall to Cisco ASA, redesign pre-production environment using VMWare 6 for Worklinks
• Rationalize firewall ruleset and maintenance of a multiple site Fortinet environment (Fortigate 300D) with SD-WAN and Site- to-site VPN connectivity, Fortinet switches and Fortinet WiFi for microSUMMIT.
• Implement a Juniper SRX220 & EX3400 solution for microSUMMIT.
• Redesign Cisco infrastructure to utilize 802.1x for BioConnect.
• Configure and maintain Cisco ISE, Cisco ASA, RSA and Meraki WiFi for TechZip
• Design and configure LAN, WAN & WiFi on Ubiquiti devices for TechZip
• Design and implement Wi-Fi infrastructure using 802.11b and Cisco Aironet Controllers for Rogers IPST
• Develop linear flow analysis for business-critical applications, understanding routing, IP ports and associated firewall ACL’s for Rogers IPST
• Provide planning and implementation for network services (DHCP, QIP DNS, WINS, TFTP, FTP, SYSLOG, RADIUS, and TACACS+) with Oracle backend for Rogers IPST
• Create and Implement NMS for new services for eventual operational handover - Unicenter (Network, Database and Application), HPOV, BMC Patrol (Solaris), Tivoli & Spectrum for Rogers IPST
• Implement routing configurations featuring VRF’s on a range of Cisco 6500, 3750 (and other) series routers for Rogers DPS
• Lawful Intercept architecture design and POC verification (hardware, IOS, ACL’s and software) for Rogers DPS
• Design and implement load balance solutions using Cisco CSM and ACE modules for Rogers DPS
• Design and implement MPLS VPN, Security Frontiers and provisioning systems on Rogers Broadband, HFC and Management Networks for Rogers DPS
• Evaluate and provide primary project management for infrastructure and security rebuild (T1 moves, Firewall Replacement, VPN Replacement, Data Center migration, Windows server upgrade, Server consolidation, clustering and load balancing) for Watt International
• Design and implement network monitoring using CiscoWorks MRTG, Big Brother and NetSaint on RedHat for Watt International
• Provide Project Management, Resource Deployment and ITIL recommendations for Northrop Grumman IT
• Perform certificate management for several client environments for Vast-IT
• Migrate older firewall rules and services (from Cisco, McAfee & Checkpoint) for implementation on Fortinet and Palo Alto firewalls for clients with Vast-IT
• Support Cisco, HP\Aruba and Dell switching and routing products for various Vast-IT clients.
• Migrate email hosting form various platforms to M365 (including PST management) for Vast-IT
• Migrate and support Nexus 7018 switch in core network configuration for Toyota Canada
• Manage F5 BIG-IP LTM and GTM for traffic and DNS load balancing, Cisco ISE and RSA for Toyota Canada
• Implement Cisco Meraki solution for WiFi, Firewall and switching for Toyota Canada
• Design and implement data centers, IP networking and cloud implementation using Juniper and Cisco solutions with RedHat servers for PharmaTrust
• Design and implement web farm using VMWARE ESX, Cisco ASA, and Cisco Load Balancers for Nash Networks
• Conduct WiFi site survey for 16 Wing Borden Air Force Base
• Provide Cisco ASA reconfiguration, infrastructure support and environment overview for Acpana
• Design and implement site-to-site and client VPN for Rabba Fine Foods
• Perform, document and provide remediation advise for security audit tor Hastings County Courthouse
• Implement Sonicwall email gateway for St Josephs Medical Center
• Prepare Requirement Analysis, Zachman Framework architecture, provide consultation on RFP and SoW to Ontario Alcohol and Gaming Commission (AGCO) for IT Rationalization and ESDI project
• Provide planning, management and implementation for Indigo data center move
• Provide Technical Writing for advanced PIX user guides for Kojack Systems
• Design and implement site to site VPN solution for Toronto Board of Trade
Contact this candidate