** ****** ****** *****: 781-***-****
Arlington, MA Email: aduge6@r.postjobfree.com
CAREER OBJECTIVE
Responsible for analyzing requirements, designing, configuring, maintaining, upgrading network systems infrastructure, supply advanced technical direction, information, and recommendations regarding network design, installations and architecture. Provide advanced technical leadership for complex project work in networking team.
Take leadership roles in network system infrastructure management, designing, implementing in network connectivity, upgrades and network security improvement and acted as solution designer of the network projects
Senior Network Systems Engineer
John Hancock Financial / MIMTA -197 Clarendon Street Boston, MA 2013 - Present
Lead the investigation, analysis IT Infrastructure to ensure all corporate information systems are secure and protected from cyber threats using Qualys scan, Path Green to correlate vulnerabilities and patch data with PowerShell script
Take responsibility with highly skilled network analysis in managing, supporting, and monitoring Organization entire network infrastructure and performance, includes NBS, Routing (OSPF&BGP), DIA, Broadband circuits connectivity, VOIP, Clouds, Azure laaS, SaaS architectures migration project, switches, firewalls. Wireless, EMC VNX5600, HP ProLiant DL380 SAN storage array. Administration and Architecture deployment, MS office 365 with ADFS SSO servers
Provide direct management for infrastructure components, network connections at NOC Data Center, Corporate, and 56 branches. Manage IT and company compliance issues. Produces detailed documentation including data flow diagrams, logical diagrams, and physical diagrams as required
Take lead an effort to independently complete design, implement and management Meraki SD-WAN with Azure Active Directory, network policies, scripting, vNets express route, auto VPN (LAN, WAN, Wireless), server virtualization connectivity e.g security appliances, switches, and WIFI in MIMTA new offices network connectivity. Implementations and management of SharePoint sites
Coordinate with different ML, John Hancock ETS, Domain, Security, Application teams and vendors deploy and build the new offices in FMS, HFA, HFM, solved all kinds of network connectivity and VOIP issue and deliver contracted services and solutions on budget to ensure they meet business goal and requirement
Identify information system needs. On-going evolution of the company IT infrastructure, take a lead and independently drive network project initiatives in selection, designing, deployment, upgrade and process, improve network architecture and performance. Review and implement infrastructure changes to enhance reliability, increase capability and ensure maximum availability of network infrastructure and Provide an expert level of troubleshooting & diagnostics with deep levels of resourcefulness in identifying and resolving network system connections and infrastructure issues
Develop and implement a strategic roadmap for IT systems to match business needs and requirement
Take a lead to design and implement MS Azure virtual WAN (vWAN) to replace MPLS and DIA with secure HUB and Azure firewall policies in global sites configuration
Design and implement Juniper SRX550, 240 firewall, Cisco4331, Cisco Nexus5000 switch, Cisco3750, 2960, Sonicwall, ADTRAN, and Juniper WLC880 with cli, Ringmaster call management
Design and deploy multiple HNRG IPsec and Site to site VPN e.g. NBS IPsec VPN in using Lumen Fortinet including NetScaler servers for load balancing, install NPS, Azure MFA server in both Data Center; Meraki AutoVPN and Client VPN in Microsoft Azure cloud for On-Prem connectivity in organization
Take major responsibility VMware virtualized infrastructure with build, migrate VCenter, ESXi servers, Data Store with Cisco UCS Storage servers in EMC Unisphere environment
Fully support entire network VLAN, WAN and configure, deploy the new switch, firewall and Wireless
Track,. centralize monitoring, alerting and troubleshooting of the entire HNRG IT stack, from infrastructure to applications with Orion SolarWinds with build, fully support and manage
Fully support and manage EMC VNX SAN Storage in Multiple Data Center
Fully support and manage Cisco CUCM VOICE/VIDEO, CIMC Call Manager in all HNRG locations
Support, manage, configure Commvault backup system
Build WinMagic self-encryption to protects data from endpoints
For cost-effective and performance consideration, migrate office locations from Lumen MPLS to DIA, Fiber(OTN) circuit in Meraki SD-WAN environment, provide in timely manner designing topologies, rack connectivity diagrams, documentations and develop templates to facilitates
Provide seasoned decision-making in working with mission-critical production systems, fast and timely responsiveness to problems, and drive and manage vendors towards timely resolution of issues
Take responsibility to provide direct support to the team members and Tech-DOC for any kind of unexpectedly issues, such as Citrix network connection, circuit connectivity, VOIP, applications, database, GIS certificates, backup, storage, etc.
Install and manage Riverbed Steelhead appliance to optimize our WAN infrastructure creating greater throughput and decreasing WAN costs
Network Infrastructure Architect
Sokolove law LLC – Wellesley, MA 2011 –2013
Defined and implemented key IT infrastructure at an enterprise scale. Lead infrastructure projects, Projects include WAN/LAN strategies, storage, VMWare, FW and Switching, messaging, directory, and security; Helping fast growing companies reach maximum potential. Network WAN/LAN/WLAN architecture network systems design as Company growing requirement
Managed daily operations within the IT Infrastructure (Systems, Networking, FW, servers, Switching, Telephony, Helpdesk, Citrix, VM and SAN environment)
Designed and configured Juniper SRX untrusty /external interface, Zones, VLANs, DMZ and HA configuration and tested and worked with our new Barracuda link balancer 330
Created Juniper SRX240 FW migrating plan and FW conversion statement of work from Sonicwall to Juniper, including Juniper SRX configuration, FW policies, NAT policies, security policies, services objects, service object groups and test NAT, internet, network connectivity through Juniper SRX FW
Installed and configured the new Juniper MAG4610 SSL VPN for 150 clients with Oregon call center with MPLS VPN Cisco 6500, 3900 environment
Configured and set up IP telephony systems based on call manager/call manager express, Unity express with setting up and maintaining SIP gateways integrated with Cisco CM clusters
Designed and installed and configured the new Enterprise WLAN with Brocade Mobility Controller RFS4000, 802.11n integrated services controller
Worked on SonicWALL FW zones, firewall policy, NAT, address object, access rule and web Content filter and SonicWALL Global VPN, Web hosting project
Installed and configured APC Netbotz temperature, humanity and Netflow ISP, MRTGOSPF Monitor
Reviewed and assessed the existing WAN and LAN design and evaluated Cisco EoS service for the new data communication in KCC area; Identified any single points of failure, routing issues and made recommendations to remediate where applicable; Confirmed that all hardware is functioning as SOE (Cisco SW 6509, 3750, and Extreme 8506, e450a and Cisco ASA 5520, 5505,2811); Designed and implemented Quality of Service (QOS) policies, IP Precedence and process network security concern
Designed and implemented the new BGP core Multi-Home routing architecture to enhance the redundancy and flexibility of the network with dual cisco 2945, 3750 switches and ASA5520 firewalls in AT&T EVPN-MPLS cloud in three sites of KCC area, El Segundo and Memphis with NTT Comms and XO Comms ISPs
Identified traffic types using class-map(CoS1 traffic for RT, CoS2, CoS3), QoS and ACLS, Created policy for queuing and traffic marking and applied the policy to ATM, VOIP, Applications interfaces
In depth knowledge of TCP/IP, LAN Switching, Routing (OSPF & BGP) (Cisco)
In depth knowledge of IPSEC and SSL VPN
Senior Network Engineer
Benchmark Assisted Living. Wellesley, MA 2010 –2011
Installed, Configured and managed 12 VOIP-Cisco Unified Call Manager Express 4.1 (CUE/CME) with access router 2811 in 12 communities, tracked all active network components to support IP Phones systems to reduce IP phone network by 1/3 saving $120,000 annually
Designed, setup site to site VPN between home offices with other communities in Cisco ASA. Also use a NPS RADIUS server on server 2008 to authenticate AD users for VPN access
Installed and configured Barracuda 400 spam filter
Installed and configured F5 Link Controller for both ISPs failover and bandwidth Load balance control by F5 Big-IP and configured Local traffic (LTM) with Sharepoint 2010 for SSL offload
Designed and deployed Exchange Server 2003 Enterprise in the 2 nodes Cluster attached to the EMC SAN VNXe3300 with SPA and SPB fabric channel
Administered all Domain Controllers, DHCP servers, internal and external DNS, web servers, ftp, VMWARE VSphere (esxi4.1, VCenter, p2v converter, DR and DPM), EMC SAN CX-300, VNXe3300, and other 68 Servers
Setup and configure the new 35 XEROX 7775, RICOH, TopAccess, Konica and Toshiba SMTP, LDAP email SMTP, LDAP scan and file server(SMB) share folder scan
Network Systems Administrator 2008 – 2010
Acronis Software Inc. Burlington, MA
Consolidated domains in one forest and migrated AD and Exchange servers from 2003 to 2007
Developed the collaboration portal for the office of Administration utilizing SharePoint 2007 with Active Directory. It also included integration with business systems, creating, configuring, and the administration of the IT Helpdesk, Support Engineering, HR, Channel team websites and remote web workspace environment project including fireworks, Visual Studio and creating external links and objects in IIS server7.0,6.0
Created three site-site VPN between Global offices and office-sites, installed Cisco Pix 525, create IKE, pre-shared keys, set IPSec, configured extended access list to define traffic, and defined transformation set
Configured and created new user accounts through Sonicwall WAN firewall, configured setting, peer IP, imported connection policy file and set credentials and installed the new Cisco VPN concentrator 3015 server: unpacked, mounted rack, installed, configured system, tunneling protocol, address assignment, internal authentication server, user database, RADIUS server, tested VPN connection and Remote access clients with policy creating, import and modified for Mac and Windows users
Network Administrator
WF Financial Group (ProAct) Burlington, MA 2003 – 2008
Managed, troubleshoot AVAYA phone system, remodeled SE team and corporate phone services and connected every user phone line with the unit module
Installed Salesforce tools on office 2003 or 2007 and provide problem fixing for the whole sales team
Managed Citrix Access Licensing Server, Citrix Presentation 3.5 server settings, sessions, policies; Deployed, Published applications to ICA users; Managed Loads in the presentation server Meta Frame_XP Environment; administrated Citrix farms with Terminal server
Set up site to site VPN tunnels and troubleshoot network servers, workstations, firewalls, routers, VPNs, Exchange servers’ and resolved any problem from internal and remote end users using ITG ticketing system and utilities through Cisco Pix firewall 500, Catalyst3800, 6500 Series routers, switches
Configured, implemented and troubleshooting MS clustering and web-based database servers clustering with data mirroring, log shipping and network load balancing (NLB) services to provide failover solution
Created script and template files to automate administrative daily routine multi task with managing Windows Server 2003 environment by VBScript and batch file
EDUCATION
Brandeis University, Waltham, MA - Master of Software Engineer
VC-VIP Boot Camp training at UNITEK/CCNA Security Training at Global Knowledge
JNCIA-Junos Certificate Training
YIJUN MA
Senior Network Engineer