senior network engineer
BAI Communications
Total years of experience :12 years, 2 Months
Member of the core Infrastructure team
• Hardware and software installation of Firewalls, switches and routers
• Responsible for enterprise data network
• Hands on experience with Cisco 9K platform
• Responsible for enterprise security network
• Hands on experience with Cisco ASA and Firepower firewalls
• Responsible for End-of-life hardware refresh
• Managed Wi-Fi network for TTC buses and Subway trains
• Deployed wired and wireless network in new Cross-Town LRT stations
• Managed VMware infrastructure
• Upgraded end of life ASA Firewalls to Firepower
o Moved DNS services from ASA to Firepower
o Updated DNS firewall policy on the new Firewall
o Updated DNS suffixes
o Updated SMTP policy on the new firewall
o Integrated with ISE for authentication.
• Upgraded ISP infrastructure to provide full redundancy and higher bandwidth.
• Worked with domain name registration vendor (GoDaddy) for MAC type requests.
• Expert level knowledge of OSPF and BGP routing protocols
• Upgraded wireless infrastructure from Cisco 5500 based controllers to Cisco 9800 based
controller with over 150 sites and 1500 Access points
• Akamai BGP Onboarding portal
• Member of Infrastructure engineering team
• Hardware and software installation of Firewalls, switches and routers
• Structured cabling
• Responsible for enterprise data network
• Responsible for enterprise security network
• Responsible for End-of-life hardware refresh
• Firewall migration from Checkpoint to Fortinet
• Crypto key and security certificate management via HSM
• Administration and management of on Prem HSM
• Key generation, storage, and management
• Access control lists and security policy management
• Implementation of network segmentation of various factory cells
• Firewall access-list analysis and certification
• Deployment of MFA for SSL VPN
• Azure/AD integration with Single-sign-on SSO and Microsoft Authenticator
• Upgraded UCS Fiber-interconnect to latest supported hardware
• Upgraded end of life MDS SAN switches to latest supported hardware
• Monitoring critical environments such as HVAC, Fire control and Security
• Used PowerShell to integrate with MS Services
Upgraded legacy ECOM and Extranet environments running on end-of-life hardware to
new Cisco 9000 running ACI Fabric (2021-22)
• Migrated from legacy network to ACI fabric (2021-2022)
• Deployed Palo Alto firewalls and migrated from Checkpoint to Palo Alto (2020-2021)
• Performed Firewall policy audit (2020-2021)
• Used Infoblox for IPAM DNS record management.
• Internal and External IP assignment and record keeping
• Upgraded MDS 9148S to MDS 9148T to allow for higher bandwidth and support of new
generation UCD blade servers.
• Upgraded UCS-FI-6248 to UCS-FI-6454 to allow for higher bandwidth and support of
new gen UCS blades servers.
• Deployed ACI Fabric in multiple datacenters. (2020-21)
• Upgraded ISP Plant to 80G to meet the growing demand of remote access due to
Pandemic (2020-21)
\[SEC=PROTECTED\]
• Upgraded North American backbone stretching between US and Canada to 100G to
facilitate growing bandwidth demand (2019-2020)
• Akamai DDoS Mitigation Project to prevent DDOS attacks on banks critical public
facing applications (2019 - 2020)
• Deployed AWS on premises and off premises cloud
• Migrated applications to AWS cloud
• Testing in Lab environment. (Pre-Prod and crash & burn)
• Deployed SBC with SIP trunking to connect to Carrier gateways
• Used ITSM ServiceNow for change management and Incident management.
• Used MS Visio to create network diagrams.
• Used ServiceNow for all change management activities.
Honors diploma in network engineering technology