Network Engineer Palo Alto
Resume:
TODD ASHER ROY
SUMMARY
Network Engineer with experience designing and troubleshooting large network infrastructures.
FortiGate and Palo Alto next generation firewall installations configurations and support.
Key areas of expertise are in the Cisco products arena utilizing routing and switching platforms to build out or successfully upgrade existing networks.
Arista routing and switching expertise.
Detailed knowledge of IP routing protocols including: OSPF, RIP, EIGRP, ISIS and BGP for design of failsafe, secure, and redundant networks.
In switched campus environments strong knowledge of 802.1Q, ISL, VMPS, IGMP, CGMP, Multicast, Uplinkfast, Backbone fast and spanning tree protocol used to design high availability LAN networks.
Very familiar with Frame Relay, X25, ATM and remote access solutions using modems and VPN concentrators, in wide area networks.
Extensive experience working in networked environments using several types of layer one connectivity to include MLOS, LOS, T-1’s E-1’s, DS-3’s fractional T-1’s fractional DS-3’s, POS, OC3 thru OC12. Network management platform experience includes SNMPc, Netcool, Cisco Works, SolarWinds and Spectrum.
Experience with Cisco CME, Call manager and Cisco UC.
Worked with many types of Cisco routing and switching platforms such as ASRs, 6500, 4500, Nexus 7000/5000/2000 and ASAs to include 55XXs and multi context 5585s.
Experience in network support for rollout of new Office 365
EDUCATION
MBA Business School, Redlands University
MS Cybersecurity, Webster University
BS Business Administration, Excelsior College
AA Southern Maryland Community College
CERTIFICATIONS
CCIE# 5473 2000
CISSP# 351730 Active 2009
CCSI Inactive #31350 since 1994
ITIL Foundations V3 2012
ITIL Service Strategy Intermediate 2012
SEC+ 2006
ACHIEVEMENTS
Cisco CCIE #5473 2000
CISSP, CCNPV, Brocade
Army Aviator 1986
Army Info Systems Technician 2004
FAA Flight Instructor 1988
EXPERIENCE
TRACE3
Sr. Engineer
Responsibilities
Sr. Network Engineer for operations support and network design related issues on multiple enterprise support contracts.
Supported the very large Merck contract to re-IP the entire network from a class A network to private IP address space. This required an excellent working knowledge of route maps and routing protocols such as BGP and OSPF.
Worked on the Miller Knoll contract which involved the integration of two private IP based networks. This contract required great attention to detail in discovering all nodes for a given site and managing the old to new address conversions without causing any outages. Also required excellent working knowledge of FortiGate firewalls in order to make changes required for cutovers to new private IP address space.
Provided minor support on the contract for PIMCO which was mostly just upgrading hardware and supporting the installation of new gear and circuits. I also assisted in the installation of a CX Cloud server and the test installation of a test node.
NAF New American Funding February 2020 – JUNE 2022
Sr. Network Engineer
Responsibilities
Lead Network Engineer for operations support and network design.
Designed, maintained, and installed Palo Alto HA pairs in both the data center and disaster recovery sites.
Managed all routing and switching for major and remote branch sites to include AnyConnect and global protect VPN access.
Designed and set up remote site connectivity using Cisco’s site to site DMVPN configuration.
Assisted in the roll out of Netskope as a CASBI solution.
Provided support and assistance for the AppGate project installation of zero trust implementation and replacement of AnyConnect and global protect VPNs.
Provide top tier support to internal team and all sites.
Execute or lead network assessments, upgrades, and support.
Provide tier 1/2 mentoring to improve the entire customer experience.
Track and maintain highly detailed Visio Diagrams for entire network.
On call 24/7.
NIC Partners, Rancho Cucamonga, CA August 2018 – February 2020
Network Practice Lead
Responsibilities:
Lead Network Engineer for network practice.
Provide top tier support to internal team and all customers.
Execute or lead network assessments, upgrades, and support.
Provide tier 1/2 mentoring to improve the entire customer experience.
Panasonic Avionics, Lake Forest, CA January 2018 – August 2018
Senior Network engineer
Responsibilities:
Tier 3 support for all GCS network infrastructure.
Working with a large, highly complex, installation base of Cisco 9K’s, 6500’s, 3750, 2960 and ASA.
Approve/execute/generate change tickets for maintenance and troubleshooting.
Provide tier 1/2 mentoring to improve the entire customer experience.
Carl’s Restaurant Group, Irvine, CA February 2017 – December 2017
Senior Network engineer
Responsibilities:
Assigned the task of designing CKR’s new Headquarters site located at Franklin Tennessee. The design was completed in 2 weeks and successfully implemented in 2 days consisting of a 4500-X core and 2 3650 Cisco switch stacks.
Working with the large install base of Fortinet Fw’s using Fortimanager 3000C and Fortianalyzer.
Assessing data center in Anaheim and making recommendations for critical improvements.
Evaluating Meraki as a potential replacement for our 3000+ store installation.
Panda Restaurant Group, Rosemeade, CA September 2016 – February 2017
Senior Network engineer
Responsibilities:
Primarily focused on auditing the network design and documenting the network using Microsoft Visio diagrams.
The network was a flat network that took only partial advantage of new technologies such as VRF’s and VPC capabilities in newer switching technologies.
Assessed the routing and switching topologies and recommended a new design solution using 4500-X VSS technology, which was approved and implanted with 100% success and 45 minutes downtime.
Worked heavily with the large install base of Fortinet firewalls using Forti manager 3000C and attempted to migrate the store network to a OSPF dual data center homed topology.
Edwards Life Sciences, Irvine, CA February 2016 – August 2016
Senior Network engineer
Edward’s Network is a global network with multiple data centers utilizing a robust high availability design leveraging MPLS and Internet DMVPN transport.
Responsibilities:
Worked primarily with InfoSec and networking team to provide operations, implementation and design support for extensive Pal Alto panorama installation base.
Documented the network using Net brain and Microsoft Visio diagrams.
Migrated to AWS and participated directly in the design and implementation of the solution to dual home the main Edwards data center to Amazon’s on-line cloud service.
Directly responsible for handling all network related challenges during and after the rollout of Edwards Office 365 migration.
The global network infrastructure was primarily Cisco but also used Riverbed for wan optimization and VPN support.
Green Dot Corporation, Pasadena, CA June 2015 – February 2016
Senior Network engineer
Responsibilities:
Worked with InfoSec/networking team to provide rapid response to security modification ticket requests.
Network was a highly complex dual datacenter design using Nexus VDC’s for the production PCI environment. The corporate and production networks were separated with Cisco ASA’s and each network, Corp/prod, had its own DMZ and INET firewall suite using ASDM and CLI for management.
Supported Cisco Anyconnect issues and user/servers access to production and corporate resources via multiple FW suites.
Played a key role in the rollout of Anyconnect for corporate and Sourcefire for URL filtering of Production traffic.
Army Reserves, retired December 2013
Army Reserves Active Duty, Ft Gordon, GA September 2011 – January 2013
251A Information Systems Tech– Active Duty
Responsibilities:
USAR Warrant Officer LNO performing primarily as the USAR SME on all signal training related matters and Warrant Officer Accessions.
Worked with the force restructuring process and MOS changes related to critical task lists for course POI.
Worked with the active duty to support Warrant Officers attending WOBC, WOAC and the new 255S course.
Army Reserves Active Duty, Adelphi, MD October 2006 – August 2011
251A Information Systems Tech– Active Duty
Responsibilities:
Activated on a 7-year tour as the IAM to support the ARIOC and ongoing information assurance training efforts for 5 IO army reserve Battalions.
Directed efforts to put together secure mobile network racks for IO training exercises.
Developed a CCNA training program.
As a TPU in the NCRIOC, supported the DREN IDS mission one weekend a month and worked with the tools for just over one year.
Harris IT, Quantico, VA January 2007 – March 2008
Senior Network Engineer (while on ACTIVE duty with Military)
Responsibilities:
Worked as NOC 4th shift, (6pm-6am), Lead Engineer responsible for mentoring and providing technical support to five Jr. NOC Technicians and Engineers.
Provided technical leadership during critical network outages on the USMC enterprise-wide network to insure rapid outage recovery.
Worked with shift team to distribute nightly maintenance and assisted site operations and NOC shift team whenever technical questions arose.
Detailed understanding of how Cisco router/switched networks was configured.
A detailed understanding of IP routing protocols, (EIGRP, BGP and OSPF), and Spanning Tree protocol for bridged network environments was mandatory to be successful.
IXIA, Falls Church, VA March 2006 – October 2006
Sales Engineer
Responsibilities:
Supported government sales efforts nationwide for a premiere IP test equipment manufacturer.
Provided expert level demos to potential new sales customers and training for existing customers on ongoing new features and HW/SW upgrades. These products provided IP testing in almost all areas of network enterprise environments.
IP skills and knowledge included IP routing, switching, IPv6, MPLS, voice, video, security, etc.
NETCO Government Services, Quantico, VA September 2003 – March 2006
Senior Network Engineer
Responsibilities:
Provided final escalation support for network related problems for the Eastern region of the NMCI Network.
Provided ongoing support for various deployment and enterprise management projects.
Provided technical oversight and occasional hands-on support for the Quantico NOC.
Provided technical support for the VTC deployment of over 200 remote sites and the NOC deployed MCU's and Gateways.
Extensive knowledge of BGP, OSPF, and Switched Campus networks.
Worked with Cisco SE’s to test and roll out the beta of VTC on the NMCI contract.
SAIC, Washington DC, DC June 2001 – September 2003
Senior WAN Engineer
Responsibilities:
As the Lead Engineer on the WAN upgrade team, provided technical expertise in IP routing and switching on Cisco and non-Cisco products.
Provided direct post-sales support of a large-scale, 5-million-dollar deployment, of SafeNet frame-relay, ATM and serial encryptions.
The INS network topology was redesigned along industry standards for large-scale OSPF networks and configured for maximum efficiency.
Validated the design, provided key input for the OSPF configurations and improved backbone design.
Redesigned the Bandwidth parameters within the core to result in better trouble shooting capabilities and routing characteristics.
Completed an analysis of the new design for fail-over and wrote a detailed report regarding findings.
Assisted in the design of the DHS backbone network. Managed the INS service center migration task.
National Tech Training/Consulting, (NTT) Cheyenne WY October 1994 - Present
Consultant/Trainer
Responsibilities:
As a Cisco Trainer and Consultant, established hundreds of short and long-term relationships with many network professionals.
AS an IT trainer have over 7 years of experience presenting and designing IT training courses on Cisco network solutions and Datacom.
Work with many students/professionals to design LAN/WAN network upgrades or migration plans for existing networks.
Worked extensively in IP environments with all types of Cisco routers and switches.
Developed several training classes and lab environments for customers over the years.
MSD November 2000 – March 2001
Network Engineer – Part Time Consultant
Responsibilities:
As a Network Pre/Post, sales Engineer consulted on several government projects with MSD.
Consulted with IBB Voice of America to assist in planning the deployment of an upgrade to the campus and IP wide area network using BGP and OSPF. The project involved the development of a campus topology design that supported the ability to tune spanning tree parameters to take advantage of Cisco’s high availability capabilities for their switched products.
A presentation was developed to support the recommended design and the customer considered the changes for deployment. IBB requested a design for BGP dual homing to two different ISPs for Internet access on a T-3 and a T-1.
A design was planned to use the address space to support a primary/backup scenario with plans to run over two T-3s load balancing in both directions.
The primary/backup design was successfully deployed and an a BGP Internet Policy Routing plan was developed, in writing, for their T-3 load balancing design to be used soon.
Cisco Systems, San Jose, CA June 2000 – October 2000
Cisco SE
Responsibilities:
As a Cisco Sales Engineer was responsible for several major ISP accounts.
Worked with 2 accounts to refine and or redesign many parts of their networks.
Pathnet, a new DSL Global network provider, needed heavy assistance with the design of their separate management network using3600's and hundreds of 2600's. This network used OSPF as its IGP and was initially non-optimal in its design. The original design relied to much on redistributed static routes and did not take advantage of all of OSPF's scaling capabilities. Presented several optimized design suggestions such as better summarization at ABR's and the use of NSSA's. They were accepted and provided for a much more scalable and stable management network.
Pathenet also wanted to provide Voice over IP as a product for its business customers. Helped to deploy and test Cisco Call Manager and several IP phones for them to demo to their customer base.
Worked with Cogent an ISP using a GSR 12000 layer-3 switched network core and 2948g-L3 switches targeting the ability to provide 100-megabit end-to-end connectivity to its customers.
Presented training sessions on ISIS and OSPF integration, inter-operation, and scalability issues.
Supported Cogent in designing and deploying a nationwide DWDM optic network, which was intended to support their GSR OC-192 nationwide core network. Tested, for Cogent, with smartbits testers an OC-192 link over a 5000-kilometer Pirelli DWDM link for 2 days. Wrote and delivered to the account manager the positive results.
Hughes Network Systems, Germantown, MD March 1984 – October 1994
Technical Specialist
OEF Veteran CW4 251A (359th TTSB) Active Reserves October 2006 – January 2013
251A Information Systems Tech– Active Duty
U.S. Army Reserves, Ft. Meade, MD October 1985 – June 2000
UH-1 Helicopter Pilot – Full and Part Time
Contact this candidate