** ****** ****** *****: 781-***-****

Arlington, MA Email: aduge6@r.postjobfree.com

CAREER OBJECTIVE

Responsible for analyzing requirements, designing, configuring, maintaining, upgrading network systems infrastructure, supply advanced technical direction, information, and recommendations regarding network design, installations and architecture. Provide advanced technical leadership for complex project work in networking team.

Take leadership roles in network system infrastructure management, designing, implementing in network connectivity, upgrades and network security improvement and acted as solution designer of the network projects

Senior Network Systems Engineer

John Hancock Financial / MIMTA -197 Clarendon Street Boston, MA 2013 - Present

Lead the investigation, analysis IT Infrastructure to ensure all corporate information systems are secure and protected from cyber threats using Qualys scan, Path Green to correlate vulnerabilities and patch data with PowerShell script

Take responsibility with highly skilled network analysis in managing, supporting, and monitoring Organization entire network infrastructure and performance, includes NBS, Routing (OSPF&BGP), DIA, Broadband circuits connectivity, VOIP, Clouds, Azure laaS, SaaS architectures migration project, switches, firewalls. Wireless, EMC VNX5600, HP ProLiant DL380 SAN storage array. Administration and Architecture deployment, MS office 365 with ADFS SSO servers

Provide direct management for infrastructure components, network connections at NOC Data Center, Corporate, and 56 branches. Manage IT and company compliance issues. Produces detailed documentation including data flow diagrams, logical diagrams, and physical diagrams as required

Take lead an effort to independently complete design, implement and management Meraki SD-WAN with Azure Active Directory, network policies, scripting, vNets express route, auto VPN (LAN, WAN, Wireless), server virtualization connectivity e.g security appliances, switches, and WIFI in MIMTA new offices network connectivity. Implementations and management of SharePoint sites

Coordinate with different ML, John Hancock ETS, Domain, Security, Application teams and vendors deploy and build the new offices in FMS, HFA, HFM, solved all kinds of network connectivity and VOIP issue and deliver contracted services and solutions on budget to ensure they meet business goal and requirement

Identify information system needs. On-going evolution of the company IT infrastructure, take a lead and independently drive network project initiatives in selection, designing, deployment, upgrade and process, improve network architecture and performance. Review and implement infrastructure changes to enhance reliability, increase capability and ensure maximum availability of network infrastructure and Provide an expert level of troubleshooting & diagnostics with deep levels of resourcefulness in identifying and resolving network system connections and infrastructure issues

Develop and implement a strategic roadmap for IT systems to match business needs and requirement

Take a lead to design and implement MS Azure virtual WAN (vWAN) to replace MPLS and DIA with secure HUB and Azure firewall policies in global sites configuration

Design and implement Juniper SRX550, 240 firewall, Cisco4331, Cisco Nexus5000 switch, Cisco3750, 2960, Sonicwall, ADTRAN, and Juniper WLC880 with cli, Ringmaster call management

Design and deploy multiple HNRG IPsec and Site to site VPN e.g. NBS IPsec VPN in using Lumen Fortinet including NetScaler servers for load balancing, install NPS, Azure MFA server in both Data Center; Meraki AutoVPN and Client VPN in Microsoft Azure cloud for On-Prem connectivity in organization

Take major responsibility VMware virtualized infrastructure with build, migrate VCenter, ESXi servers, Data Store with Cisco UCS Storage servers in EMC Unisphere environment

Fully support entire network VLAN, WAN and configure, deploy the new switch, firewall and Wireless

Track,. centralize monitoring, alerting and troubleshooting of the entire HNRG IT stack, from infrastructure to applications with Orion SolarWinds with build, fully support and manage

Fully support and manage EMC VNX SAN Storage in Multiple Data Center

Fully support and manage Cisco CUCM VOICE/VIDEO, CIMC Call Manager in all HNRG locations

Support, manage, configure Commvault backup system

Build WinMagic self-encryption to protects data from endpoints

For cost-effective and performance consideration, migrate office locations from Lumen MPLS to DIA, Fiber(OTN) circuit in Meraki SD-WAN environment, provide in timely manner designing topologies, rack connectivity diagrams, documentations and develop templates to facilitates

Provide seasoned decision-making in working with mission-critical production systems, fast and timely responsiveness to problems, and drive and manage vendors towards timely resolution of issues

Take responsibility to provide direct support to the team members and Tech-DOC for any kind of unexpectedly issues, such as Citrix network connection, circuit connectivity, VOIP, applications, database, GIS certificates, backup, storage, etc.

Install and manage Riverbed Steelhead appliance to optimize our WAN infrastructure creating greater throughput and decreasing WAN costs

Network Infrastructure Architect

Sokolove law LLC – Wellesley, MA 2011 –2013

Defined and implemented key IT infrastructure at an enterprise scale. Lead infrastructure projects, Projects include WAN/LAN strategies, storage, VMWare, FW and Switching, messaging, directory, and security; Helping fast growing companies reach maximum potential. Network WAN/LAN/WLAN architecture network systems design as Company growing requirement

Managed daily operations within the IT Infrastructure (Systems, Networking, FW, servers, Switching, Telephony, Helpdesk, Citrix, VM and SAN environment)

Designed and configured Juniper SRX untrusty /external interface, Zones, VLANs, DMZ and HA configuration and tested and worked with our new Barracuda link balancer 330

Created Juniper SRX240 FW migrating plan and FW conversion statement of work from Sonicwall to Juniper, including Juniper SRX configuration, FW policies, NAT policies, security policies, services objects, service object groups and test NAT, internet, network connectivity through Juniper SRX FW

Installed and configured the new Juniper MAG4610 SSL VPN for 150 clients with Oregon call center with MPLS VPN Cisco 6500, 3900 environment

Configured and set up IP telephony systems based on call manager/call manager express, Unity express with setting up and maintaining SIP gateways integrated with Cisco CM clusters

Designed and installed and configured the new Enterprise WLAN with Brocade Mobility Controller RFS4000, 802.11n integrated services controller

Worked on SonicWALL FW zones, firewall policy, NAT, address object, access rule and web Content filter and SonicWALL Global VPN, Web hosting project

Installed and configured APC Netbotz temperature, humanity and Netflow ISP, MRTGOSPF Monitor

Reviewed and assessed the existing WAN and LAN design and evaluated Cisco EoS service for the new data communication in KCC area; Identified any single points of failure, routing issues and made recommendations to remediate where applicable; Confirmed that all hardware is functioning as SOE (Cisco SW 6509, 3750, and Extreme 8506, e450a and Cisco ASA 5520, 5505,2811); Designed and implemented Quality of Service (QOS) policies, IP Precedence and process network security concern

Designed and implemented the new BGP core Multi-Home routing architecture to enhance the redundancy and flexibility of the network with dual cisco 2945, 3750 switches and ASA5520 firewalls in AT&T EVPN-MPLS cloud in three sites of KCC area, El Segundo and Memphis with NTT Comms and XO Comms ISPs

Identified traffic types using class-map(CoS1 traffic for RT, CoS2, CoS3), QoS and ACLS, Created policy for queuing and traffic marking and applied the policy to ATM, VOIP, Applications interfaces

In depth knowledge of TCP/IP, LAN Switching, Routing (OSPF & BGP) (Cisco)

In depth knowledge of IPSEC and SSL VPN

Senior Network Engineer

Benchmark Assisted Living. Wellesley, MA 2010 –2011

Installed, Configured and managed 12 VOIP-Cisco Unified Call Manager Express 4.1 (CUE/CME) with access router 2811 in 12 communities, tracked all active network components to support IP Phones systems to reduce IP phone network by 1/3 saving $120,000 annually

Designed, setup site to site VPN between home offices with other communities in Cisco ASA. Also use a NPS RADIUS server on server 2008 to authenticate AD users for VPN access

Installed and configured Barracuda 400 spam filter

Installed and configured F5 Link Controller for both ISPs failover and bandwidth Load balance control by F5 Big-IP and configured Local traffic (LTM) with Sharepoint 2010 for SSL offload

Designed and deployed Exchange Server 2003 Enterprise in the 2 nodes Cluster attached to the EMC SAN VNXe3300 with SPA and SPB fabric channel

Administered all Domain Controllers, DHCP servers, internal and external DNS, web servers, ftp, VMWARE VSphere (esxi4.1, VCenter, p2v converter, DR and DPM), EMC SAN CX-300, VNXe3300, and other 68 Servers

Setup and configure the new 35 XEROX 7775, RICOH, TopAccess, Konica and Toshiba SMTP, LDAP email SMTP, LDAP scan and file server(SMB) share folder scan

Network Systems Administrator 2008 – 2010

Acronis Software Inc. Burlington, MA

Consolidated domains in one forest and migrated AD and Exchange servers from 2003 to 2007

Developed the collaboration portal for the office of Administration utilizing SharePoint 2007 with Active Directory. It also included integration with business systems, creating, configuring, and the administration of the IT Helpdesk, Support Engineering, HR, Channel team websites and remote web workspace environment project including fireworks, Visual Studio and creating external links and objects in IIS server7.0,6.0

Created three site-site VPN between Global offices and office-sites, installed Cisco Pix 525, create IKE, pre-shared keys, set IPSec, configured extended access list to define traffic, and defined transformation set

Configured and created new user accounts through Sonicwall WAN firewall, configured setting, peer IP, imported connection policy file and set credentials and installed the new Cisco VPN concentrator 3015 server: unpacked, mounted rack, installed, configured system, tunneling protocol, address assignment, internal authentication server, user database, RADIUS server, tested VPN connection and Remote access clients with policy creating, import and modified for Mac and Windows users

Network Administrator

WF Financial Group (ProAct) Burlington, MA 2003 – 2008

Managed, troubleshoot AVAYA phone system, remodeled SE team and corporate phone services and connected every user phone line with the unit module

Installed Salesforce tools on office 2003 or 2007 and provide problem fixing for the whole sales team

Managed Citrix Access Licensing Server, Citrix Presentation 3.5 server settings, sessions, policies; Deployed, Published applications to ICA users; Managed Loads in the presentation server Meta Frame_XP Environment; administrated Citrix farms with Terminal server

Set up site to site VPN tunnels and troubleshoot network servers, workstations, firewalls, routers, VPNs, Exchange servers’ and resolved any problem from internal and remote end users using ITG ticketing system and utilities through Cisco Pix firewall 500, Catalyst3800, 6500 Series routers, switches

Configured, implemented and troubleshooting MS clustering and web-based database servers clustering with data mirroring, log shipping and network load balancing (NLB) services to provide failover solution

Created script and template files to automate administrative daily routine multi task with managing Windows Server 2003 environment by VBScript and batch file

EDUCATION

Brandeis University, Waltham, MA - Master of Software Engineer

VC-VIP Boot Camp training at UNITEK/CCNA Security Training at Global Knowledge

JNCIA-Junos Certificate Training

YIJUN MA

Senior Network Engineer

Contact this candidate