Eric Tian
Sr. Network Engineer
aduz7g@r.postjobfree.com, 650-***-****
Skills and Abilities
Technologies SDWAN, Cisco IOS, OSPF, EIGRP, RIP, BGP, MPLS, IPv6, QoS, GRE, VRF, VLAN, STP, VTP, QinQ, Multicast, PIM, IGMP, MSDP, CEF, HSRP, PPP, Frame Relay, DNS, DHCP, NBAR, StackWise, 802.11x, WPA, DCB, vSAN, Fibre Channel, FCoE, iSCSI, FabricPath, vPC,
AWS Cloud Direct Connect, VPCs, VGWs, DGW, TGW, Cloudwatch, VPC Flow Logs, Outpost, LambdaEdge, ELBs, ENI, EIP, S3, DynamoDB, Athena, FarGate, GuardDuty, Network Firewall, Security Groups, ACLs, WAF, Inspector, GW Endpoints, Interface Endpoints, Private-link, VPC Peering, IGW, Nat GW
Platforms 1900/2900/3900/7200/7500/7600 Series Router, Catalyst 2900/3500/3750X/3850/6500 Series Switch, Cisco WLC, Cisco Aironet AP, Cisco ACE 4710, Cisco VoIP, Cisco IWAN, Cisco VIPTELA
Utilities Cisco NX-OS, Cisco Nexus 2000/5000/7000/9000, Cisco MDS 9000, Cisco ISR 4k Series, Cisco ISR C1k series, Cisco Device/Fabric Manager, Cisco UCS, Compellant SAN, VMWare ESX/ESXi, HP Proliant DL360/380, Dell PowerEdge R610/R710, External Storage Array, Rackspace Cloudservers
Certification
Cisco Certified Internetwork Expert
CCIE (Written)
AWS Certified Advanced Networking - Specialty (ANS) Valid Dec 23, 2022 - Dec23, 2025
AWS Certified Cloud Practioner
Valid Dec 27, 2022 - Dec27, 2024
Professional Experience
American Water – Camden, NJ
Manager, Network and Telephony – March 2020 to Present
Managed and led a team of senior level network/telephony engineers with more than 10 direct reports
Oversaw network transition from MPLS to SDWAN
Oversaw telephony transition from POTS/PRI to SIP/Teams
Migrated secondary datacenter to the new central office
Started new divisions for IOT devices, Military dealings, and Wireless 1
Established quick, mobile, and redundant networks to address needs stemming from the COVID-19 Pandemic
Upgraded internet bandwidth at our primary datacenter and VPN services to reflect changing business needs
Oversaw migration of SAP Non-prod from on-prem to AWS
Oversaw integration of AWS VMWARE Horizon VDI workstations to our AWS environment/on-prem
American Water – Camden, NJ
Sr. Network Engineer – April 2018 to March 2020
Assisted with datacenter migration from on-prem facility at Hershey, PA to an IBM colo facility at Sterling Forest, NJ
Migrated and continued to support Cisco IWAN, provisioned 4321 and 4321 series ISR routers with APIC-EM and troubleshooted issues (pki cert replacement, UNKNOWN state, cell usage, and various DMVPN problems)
Refreshed equipment at Scott Airforce Base (redesigned LAN, refreshed router and switches)
Refreshed equipment at our Alton Call Center (switch and cabling refresh)
Integrated Cisco Viptela to an existing 2 WAN environment (MPLS and Cisco IWAN), resulting in a 3 WAN environment. Deployed the head-end, tested enpoint devices (C1111-4PLTEAA), and developed the internal environment/documentation for future use (wrote all manuals, including steps for maintaining the voice environment)
Led all SIP, IWAN, and VIPTELA weekly meetings for a team of 20+ including regional leads, engineers, and technicians Oliver Wyman – Seattle, WA
Sr. Network Engineer – July 2016 to April 2017
Configured and installed Nexus 7k/5k series switches as Core, Distribution and Access layer switches
Developed infrastructure configurations for WAN environment to connect to existing Datacenters which included Cisco ASR 1002/4s, WAAS, and Nexus 7k
Troubleshooting of network issues on many platforms including Cisco 6509 IOS, Nexus 5549/5596 and 7000 series switches
Designed and deployed SSL VPN using F5 APM and BigIP Edge Client for client connectivity
Design and deployment of F5 LTM infrastructure for SSL Offload across 500 2
+ virtual servers
Design and migration of over 500+ B2B IPSEC VPNs from Cisco ISR G1/G2 routers to Cisco ASA 5585-X with FirePOWER
Configuration and implementation of Application Bypass, Fast Path Rules, SSL Decrypt and Hardware Failopen Interfaces on Cisco FirePOWER 7010 and 7020s appliances
Designed and implemented ASA 5585-X with FirePOWER for site-to-site remote access VPN
Design and implementation of DMVPN phase 3 single layer design with 200+ spokes
Met with customer change management and infrastructure teams for white- boarding, knowledge transfer, and advisory approvals
Configured Cisco 4500 and 6500 series Switch in VSS mode to create Loop Free 3-Tier Topologies
Performed 2000 DMZ firewall rule migration from Checkpoint to ASA utilizing Tufin as a rule monitoring and analysis tool
Signal Strength Contribution—Every AP listens for Neighbor Messages on all serviced channels and records the RSSI values at which these messages are heard
A.T. Kearney – Portland, OR
Sr. Network Engineer – January 2015 to July 2016
Designed and Implemented solution to use 40+ pairs of Cisco Nexus 2232 and 2248 FEX switches as a TOR Solution for server port density
Performed large multi data center hardware migration from the 6500 Catalyst to the Cisco Nexus 7000 body of products
Provisioning, configuration, and implementation of Cisco FirePOWER SSM on Cisco 55XX-X for advanced URL filtering and threat detection
Consolidation and remediation of redundant/unused policies of Cisco FirePOWER on Cisco ASA 55XX-X for NFE card performance enhancement
Implemented wireless standard utilizing 5508 WLC and 1600 series LWAPs in Local and FlexConnect mode to migrate away from autonomous APs
Designed and implemented a Dual HUB DMVPN network as a backup WAN solution for a large enterprise
Maintained all External and Internal Cisco ASA 5585-X firewalls across all major Data Centers
Configuration/implementation of B2B IPSEC VPNs on ASA and ISR G1/G2 for vendor connectivity
Design and deployment of route domains on F5 LTM for multi-tenant hosting 3
infrastructure across 300+ external customers
Lead in redesign of customer VPC deployment integrating new features improving convergence and increasing reliability (Peer-gateway, Peer- switch, Bridge assurance, etc.)
Successful experience in technical engineering, customer service, and support with recognized strengths in problem-solving, sales staff support, client relationship skills, and planning/implementing proactive procedures and process improvements
Infosys – Albany, NY
Network Engineer – August 2013 to January 2015
Design and implementation of VPC and eVPC connectivity on the Nexus 5000 and 7000 series switch, providing resilient connectivity at Layer 2
Lead team in migration of 3 redundant Cisco Catalyst 6500 cores to a Nexus 7K/5K/2K solution utilizing VPC and FEX for server port aggregation
Design/deployment of Cisco ASA 5510s for remote access workers and B2B IPSEC VPNs for remote sites
Configured 802.1x using EAP-TLS with ACS 5.5 to support wireless authentication of corporate users
Implemented ERSPAN on the Cisco Nexus 7000 series switch allowing the transport of mirrored traffic across an IP network
Implemented wireless standard utilizing 5508 WLC and 1600 series LWAPs in Local and FlexConnect modes
Consultation and configuration of custom Application Detection policies on Cisco FirePOWER 41XX series devices based on Security Risk, Business Relevance, Type, Categories and various Tags
Configuration of global and per-policy pre-processor settings (frag3, stream5, Protocol decoders, and http_inspect) for inline normalization on Cisco FirePOWER NGFW
Provisioning and troubleshooting of over 500+ virtual servers on F5 LTM leveraging Client/Server SSL Profiles
Responsible for Cisco ASA firewall administration, Rule Analysis, Rule Modification
Responsible for full life cycle management of network solutions. Responsible for providing support to implementation engineers as well as Network Operations Centers
Conducted site surveys and contributed to planning of new offices, remote sites and relocations
Implemented Cisco WAE and Central Manager to control caching and WAN acceleration standards throughout the enterprise 4
Hay Group – Boston, MA
Network Engineer – August 2012 to August 2013
Handled lead role in the architecture and deployment of multiple core upgrade initiatives utilizing a Cisco Nexus 7000/5000/2000 solution
LAN – ISR G1, G2, ASR 1000, 9000 routers; Cisco Nexus 7K, 5K, 2K; Cisco Catalyst 1900, 3750, 3000, 4500, 6500 series switches
Configuration of VDC on Nexus 5020s and 2k FEXs for access-layer connectivity between all devices in SSL VPN solution, and configured multiple 10-Gig 802.1q Portchannel trunks to Core-layer Catalyst multi- switches.
Designed, Implemented and provided Level 3 support for the wireless deployment which consisted of 5508 Controllers in FlexConnect and 2600/3600 APs
Implemented Catalyst 4500 and 3750 stacks for phone and user port aggregation respectively
Design and implement VLAN/Subnet standards for future provisioning on unused C RFC 1918 space
Performed upgrades on Cisco autonomous access points to Lightweight image in HREAP, reducing the footprint of and centralizing Wireless LAN controller placement
Worked with Wireshark to perform deep packet inspection on interesting traffic as it pertains to Network issues happening in real time HCL Technologies – Minneapolis, MN
Network Engineer – March 2011 to August 2012
Configured Cisco Nexus 7000 and ASR 1000-x series devices as NetFlow exporters for the purposes of monitoring and analysis
Design/Configuration/Implementation/Migration from legacy Catalyst 6500 series Core switches on CatOS 8.X to Nexus 7K/5K/2K architecture
Performed upgrades on Cisco autonomous access points to Lightweight image in HREAP (FlexConnect), reducing the footprint of and centralizing Wireless LAN controller placement
Used Cisco WCS and Prime to plan wireless deployments at remote sites across the enterprise campus network
Designed and implemented redundant Cisco 7507’s with CIP interfaces running TN3270 Server to interface with bus-and-tag and ESCON mainframe channels.
Designed and deployed McAfee Client Proxy using ePolicy Orchestrator to backhaul all web traffic through a centralized hub
Configuration and implementation of Cisco 7200/3800/3700/2800/2600 5
series routers for T1, MLPPP, DS3, and OC3 circuit termination 6