Yuen *

Kai Yuen

adv7no@r.postjobfree.com 646-***-****

www.linkedin.com/in/kfyuen

Summary:

● Has over 20 years of experience in network design, routing, switching, firewall technologies, testing, support, implementation, and troubleshooting.

● Excellent at configuring, troubleshooting, analyzing, and resolving complex networks issues.

● Abilities in performing proof of concepts and technical presentation relating to network design or architecture. Technical skills:

Network Technology - Cisco Spine and leaf, Routing, Switching, Cisco Prime, F5, Network Security, NAC, AWS Routers - Cisco 9000, 8500, 7200, 4000, 3700, 3600, 2900, 2600 series LAN & WAN Switches - C9300, 6500, 4500, 3550, 2900, Nexus 9K, 7K and 3K Wireless - Cisco Wireless Controller, Cisco WLC, WCS, Access Point Security Appliances - Cisco ASA, Palo Alto

Optical Transport Service - SONET, Metro Ethernet

Protocols - TCP/IP, OSPF, EIGRP, MPLS, BGP, QoS, STP, VLAN, Multicast, DMVPN, MPLS, ACI Network Management - ServiceNow, SolarWinds Orion, SNMP Professional Experience:

Mitsubishi UFJ Trust and Banking, New York, NY Oct 2018 – Present Senior Network Engineer (AVP), Full Time

● Supporting company network operations

● Working with market data clients like Bloomberg for day- to- day operation issues including routing and switching.

● Implementing and supporting company infrastructure for day-to-day operations activities.

● Involving in installation of new Cisco leaf switches and Spines. Troubleshooting for any hardware/software issues.

● Design and Configuring Cisco ACI Tenants/Fabrics, adding new application profiles and EPG as per user’s requirement on Cisco Spine and leaf platform.

● Migrated Cisco ACS to ISE platform. Supporting and implement ISE and enforces policies for controlling guests' access into the company network.

● Working with all vulnerability issues and adding new policies as well as anyconnect and GlobalProtect VPN for various vendors in the Cisco ASA and Palo Alto firewall.

● Worked with WCS and 4000 series wireless controllers to help deploy Access Points.

● Installed, maintained, troubleshoot and configured for network hardware including routers, switches, access points and other network management devices

● Configured 3800 series routers controllers (WLC) service modules for new routers for T1 circuits. Etc.

● Upgrading and renewing digital certificates on all Cisco devices including F5, ISE, ASA and Palo Alto firewalls.

● Worked on Cisco hardware refresh project to replace all End Of Life Cisco switches and routers.

● Configured inter-AS connectivity (eBGP and iBGP) to Amazon cloud network.

● Supporting company WIFi network operation.

● Working with multiple carriers for any major circuit outages and escalations.

● Working with all ServiceNow incidents tickets.

Scholastic Corp, New York, NY (Relevance Lab, LLC) Mar 2017 – Jun 2018 Network Engineer, Full Time

● Provided daily support on Cisco switches and routers, Catalyst 4500/6500/7600, Cisco 3750/3800, 29xx/39xx/4k, ASR 1000 and Nexus 9K, including troubleshooting or adding VLAN, port-channel, access-list, prefix-list, and routing protocols.

● Configured FireSIGHT/FirePOWER and set up Palo Alto, Cisco ASA firewalls.

● Implemented and supported enterprise wireless network.

● Used SolarWinds to monitor network performance and generate network utilization reports.

● Configured VPC (Virtual Private Cloud) available in AWS and launched EC2 instances into VPC for Scholastic book services.

● Configured inter-AS connectivity (eBGP and iBGP). Perform traffic engineering for loop control by using AS path prepending.

● Troubleshooted and monitored all MPLS links 24x7. Manage network incidents with change control in Service Now.

● Designed and implemented DMVPN Phase 2, 3, and L3 VPNs on Cisco platforms.

● Interfaced with carriers for circuit delivery, problem solving, and migration. Yuen 2

Valley Health System, Paramus, NJ (Insight Global, LLC) Apr 2016 – Jan 2017 Network Analyst, Contract

● Performed routine support including routing, switching (Cisco 3850 and Nexus 7009), ISE, DNS, DHCP, Cisco ACS, VPN, Infoblox, Blue Coat, Cisco prime, and Cisco wireless technologies.

● Monitored network performance by using NetFlow, SolarWinds Orion, and PRTG monitoring tools.

● Recommended software and hardware upgrade to enhance the network performance.

● Administered and maintained all Cisco & Juniper routers, switches, firewalls, and VPN.

● Contributed to the design and implementation of disaster recovery (HSRP and IP SLA). GAF Materials Corporation, Parsippany, NJ (Soham Consulting Inc.) Oct 2015 – Apr 2016

Network Engineer, Contract

● Provided Tier3 support including EIGRP, BGP and MPLS routing and onsite support including internet/intranet access, remote access, and unified communications.

● Configured and deployed networking hardware in compliance with industrial standards and best practices.

● Migrated to Cisco routers 1921, 2911, 3825, 3925, 4431, Cisco Nexus switches 7700, 7009, and Cisco switches 3750, 3850, and 4506-E.

● Optimized network traffic using BlueCoat and Riverbed devices. Administered QRadar with Sourcefire.

● Deployed wireless network and monitored wireless devices using Cisco Prime Infrastructure.

● Participated in design of high-availability solutions by implementation of IP SLA and HSRP.

● Designed AnyConnect VPN for remote connection and deployed transparent firewall on point to point circuit.

● Investigated incidents with alarms on SolarWinds and delivered quick resolutions.

● Collaborated to implement information security policies, standards, guidelines, and procedures. PSE&G Corporation, Newark, NJ (Iconma, LLC) Mar 2013 – Oct 2015 Network Engineer, Contract

● Provided network engineering design for QoS, VPN, TCP/IP, ASA Firewall, and MPLS to achieve optimal solutions for clients.

● Resolved complex network issues including routing and switching problems, security problems, and VPN connections.

● Replaced all end-of-life Cisco switches and routers to reduce maintenance cost. Upgraded Cisco devices with the latest IOS.

● Configured Cisco 3700 series Wireless Access Point and 2500 series Wireless Controller.

● Migrated all active access control list rules to zone-based firewall rules for saving operational expense.

● Migrated all the Frame-Relay network to MPLS network and performed capacity planning to improve network performance.

● Developed strategy to monitor network performance on DMVPN tunnel interfaces using Cisco IOS IP/SLA and remote access to core router/switches using Cisco easy VPN solution.

● Used TCL scripting shell to test connectivity between devices, and automate common tasks on Cisco IOS devices.

● Provided users guidance and technical support in the areas of LAN/WAN and network infrastructure. Discussed effectively on implementation of MPLS circuits for different sub-station sites.

● Configured and implemented SCADA/DCS system and NERC/CIP standard and related hardware. I- Pacesetters Corporation, Montvale, NJ (InTelikore Corp.) June 2011 – Mar 2013

Network Security Engineer, Contract

● Provided ongoing network support as well as leading and supporting key Network Infrastructure.

● Effectively worked with the team in designing and implementation of network upgrades.

● Configured Cisco ASA firewall 5545 through the use of access control lists and OBJECT NAT.

● Maintained and supported company-wide IPSEC and SSL VPN services for remote sites.

● Maintained and enforced PCI security compliance, in accordance with established policies and procedures.

● Configured routers. Conversion of the company point to point ATM networks to MPLS utilizing BGP and EIGRP for internal and external routing protocol. Monitored all MPLS links 24x7. Collected daily statistics for utilization and cost analysis using PRTG monitoring tool.

● Configured DMVPN as a backup for the MPLS/VPN.

● Installed and configured Avaya IP phones. Supported Cisco IP phones at newly acquired sites as part of company expansion.

● Implemented QoS to improve performance and connectivity. Yuen 3

Cablevision Optimum, Inc., Bethpage, NJ Feb 2001 – May 2011 Network Engineer, Full Time

● Delivered network solutions, VoIP and cabling infrastructure in both mid- and large-scale deployments.

● Designed and deployed secure hardware including firewall, VPN, Concentrator, DNS/DHCP Servers, Private Fiber Network Systems, and VOIP to New Jersey K12 educational market.

● Oversaw day-to-day network operations. Provided Tier2 and Tier3 support, including data, voice, and security, on all Optimum Lightpath regions and to Town of Greenwich, Connecticut and various school districts.

● Upgraded various school districts in Tri-State area from ATM to Metro Ethernet following contract renewal.

● Repaired and restored service including ATM, MRV, TDM, Atrica Metro Ethernet switches, cabling and Optical Fibers.

● Effectively planned, designed, and engineered Metro-Optical transport with emphasis on MPLS technology. Education:

● Bachelor Science of Engineering, Mechanical Engineering

· State University Of New York, Stony Brook, NY

Certification:

● Cisco Certified Network Professional ( CCNP)

● Cisco Certified Design Associate ( CCDA)

Contact this candidate