Summary
Overview
Work History
Education
Skills
Accomplishments
Certification
Languages
Timeline
Personal Information
Generic

Anhtuan Huynh

Hackettstown,NJ

Summary

Professional network engineer with over 20 years experience prepared for advanced roles in network design, implementation, and troubleshooting. Skilled in routing, switching, firewall configuration, and network security protocols. Strong focus on team collaboration and achieving results, adaptable to changing needs. Known for reliability, analytical thinking, and problem-solving abilities.

Overview

25
25
years of professional experience
1
1
Certification

Work History

Sr. Network Engineer

The Guardian Life Insurance of America
Bethlehem, PA
08.2014 - Current
  • Led the engineering and architectural design of core network projects, facilitating complex multi-company integrations and third-party solutions. Managed tier 3 escalation support, ensuring robust LAN/WAN security and efficient resolution of routing and F5 LTM and GTM challenges.
  • Configure, troubleshoot and optimization of complex EIGRP and BGP design
  • Provide Tier 3 escalation support for all LAN, WAN, and F5 issues
  • Designed, engineered the migration of the production mainframes to an outsourcing company (40 million dollar project) successfully saving the company millions of dollars per year in cost for support and maintenance. This was one of the most important projects for the company in the last 10 years since the mainframe it the bloodline of Guardian. Received multiple awards and recognition from the company for delivering on this project under budget and on time.
  • Designed networks for mainframe outsourcing project in Dallas
  • Architected and configured offshore offices and call center in Chennai India
  • Design/deployed internal and external DMVPN solution for regional office backup links
  • Migrated internal load balancer from CSM to F5 LTM consisting of over ~2000 VIPs
  • Helped team members on troubleshooting of core network issues, routing configuration, and F5 escalation issues
  • Responsible for building out and migrating our current production data center to Dallas. Support multiple data centers, over a hundred regional offices with over 5000 employees globally.
  • Ability to work under pressure and resolve complex networking issues or outages
  • Working with cloud team members on moving many on-premise systems to AWS
  • Designed and implemented scalable network architectures to enhance system performance and reliability.
  • Led troubleshooting efforts to resolve complex network issues, improving response times and service quality.
  • Mentored junior engineers on network best practices and emerging technologies to build team expertise.
  • Collaborated with cross-functional Network Security team to align network strategies with organizational goals and initiatives.
  • Developed and maintained documentation for network configurations, ensuring compliance with industry standards.
  • Evaluated new networking technologies, recommending solutions that improved operational efficiency and reduced costs.
  • Conducted regular network assessments, identifying vulnerabilities and implementing robust security measures to safeguard data integrity.
  • Led planning and technical design activities for routine operations and special projects.
  • Recommended the purchasing and installation of networking equipment such as core routers and switches.
  • Standardized processes and procedures for network maintenance and configuration changes, reducing errors and streamlining operations.
  • Configured, tested and maintained LAN/WAN components and connections.
  • Recommended network security standards and upgrades to management.
  • Streamlined troubleshooting processes by creating detailed documentation of network infrastructure, configurations, and topologies.
  • Reduced downtime for essential systems by proactively identifying and resolving network issues.
  • Architected high-availability networks incorporating redundancy at all levels for seamless failover during outages or maintenance events.
  • Designed scalable WAN architectures to accommodate growing bandwidth requirements while minimizing costs.
  • Managed vendor relationships with F5 Networks and Cisco for hardware procurement, software upgrades, and technical support services to ensure optimal resource utilization.
  • Evaluated emerging trends in networking technology applying innovative solutions where appropriate to improve overall efficiency.
  • Built and improved network documentation and training procedures to lead successful team completing high-quality work.
  • Led successful migration projects for data center consolidations and cloud transitions while minimizing disruption to business operations.
  • Planned and implemented effective disaster recovery and business continuity solutions.
  • Improved network operation by incorporating new technologies into existing designs.
  • Mentored junior engineers on best practices in networking technologies, resulting in increased team efficiency and effectiveness.
  • Enhanced network performance by designing and implementing advanced network solutions.
  • Troubleshot complex multi-vendor network service provider issues.
  • Provided network support services for devices such as Cisco ASR routers, Cisco 4510R switches, Cisco Meraki MX and 9300s stack switches, F5 BigDNS, F5 i5800/i2600, F5 r2600, Cisco WLC, Meraki MR44 APs, Ekahau Sidekick 2 WIFI survey equipment, Cisco Nexus 3K/9K for data centers.
  • Integrated fixed wireless connectivity into facilities requiring high-speed networks.
  • Performed troubleshooting Cisco, and wireshark packet analysis.
  • Provided complete end-to-end engineering and installation of route-based IP network solutions.
  • Provided detailed information on hardware and software products so that appropriate stakeholders could make suitable purchasing decisions.
  • Collaborated with teams in disaster planning, network backup and recovery process monitoring.
  • Supported data center circuits and network infrastructure and consistently applied critical facility operational best practices.
  • Diagnosed network problems involving combination of hardware, software, power and communications issues.
  • Implemented WAN and LAN designs in multi-datacenter configurations.
  • Analyzed, identified and resolved complex network hardware and routing issues

Consulting - Sr. Network Security Engineer

REALOGY
Madison, NJ
01.2014 - 08.2014
  • Deployed Palo Alto 5050 for in-line application inspection, threat/malware/virus detection and offloading the inspection to Wildfire on core network data centers. Completed POC to replace 1200 SSG branch office firewalls, VPN implementation and redundancy with Fortigate 60D at the branch and 3000s for the head-end. Implementing ForeScout NAC solution for corporate and branch office without using 802.1x for authentication.
  • Audit all Juniper ISGs firewalls Policies and cleanup rules in multi data centers used for internet, WAN and BGP
  • Help WAN P&E team in configuration, troubleshooting and optimization reviews for EIGRP, OSPF, and BGP
  • Successfully completed branch office POC with Fortigate Firewalls
  • Successfully deployed Palo Alto 5050 for inline security NG treat detection
  • Successfully migrated ALL cisco ASA firewall to Juniper SSG 350s
  • Successfully migrated Juniper SSL VPN 4000s to 4500s VPN appliance
  • Help WAN P&E team configure and troubleshoot all internal L2/L3 issues
  • Work with WAN P&E team on Nexus 7K/5K/2K VDC/VPC configuration and implementation
  • Escalation support for existing Cisco SSL VPN connections for clients
  • Responsible for POC with firemon for firewall auditing
  • Configure IPSEC VPN tunnel for head-end and branch offices using Juniper Firewalls
  • Able to capture network traffic with tcpdump, wireshark for troubleshooting and analysis

Consulting - Sr. Network Architect

Tiffany & Co.
Parsippany, NJ
09.2013 - 01.2014
  • Lead core network architecture department in multi-site design, troubleshooting, and upgrade. Provide tier-3 support for all complex network and voice related issues, and responsible for the design and PCI/segmentation Projects for POS systems over the WAN, WIFI, and internal secured segments.
  • Part of team to architect PCI standards for POS systems across multi enterprise sites consisting of 500 stores
  • Nationally and internationally.
  • Responsible for BGP and EIGRP routing configuration, troubleshooting and optimization
  • Successfully upgraded and migrated Infoblox 1050s to 1420s (H/A Grid Master)
  • Successfully migrated PIX 525 to ASA 5555 for core internet firewall in a multi-context architecture
  • Successfully migrated Cisco CSS 11500 load balancers to Cisco ACE 4710 in a 6504 Switch Chassis
  • Configured DWMPN for PCI secured traffic over the MPLS WAN between all retail stores over MPLS to the HSZ (high security zone) for POS traffic
  • Deployed and upgraded Cisco VLC 5800 for the Flagship office
  • Upgrade Cisco ACE 5.2 to 5.4 for 4 secondary servers and one primary.
  • Configured and maintain complex IPSEC tunnels to external vendors
  • Maintain and support client-based AnyConnect VPN
  • Responsible for the Architecture of all core Cisco Nexus 5K, and 7K core.
  • Upgraded 6500 to VSS for High availability in the flagship office.

Consulting - Sr. Network Engineer

iQor
Parsippany, NJ
03.2013 - 09.2013
  • Provided network and systems support/engineering for internal VDI applications, voice traffic, and daily data center network operations, remote site implementation and migration.
  • Migrated from HP 5820 core switches to HP 12508 with IRF in the NJ core data center successfully
  • Maintained global SSL and IPSEC VPN on Cisco ASA 5520/5585-X firewalls
  • Responsible for BGP and OSPF routing configuration, troubleshooting and optimization
  • Configured Cisco 3845 wan routers for QoS/Voice, and MPLS
  • Configured DWMPN for remote users with cisco 3845 and 881 in multiple data centers
  • Responsible for IPSEC VPN setup/troubleshooting/ and implementation with external customers
  • Support other internal network engineers for escalation involving VPN or routing issues
  • On call rotation and escalation point for all internal routing or security issues that requires tier-3 support
  • Created global wan template and procedure for BGP site rollouts/activations
  • Created global IGP (OSPF) procedure for redistribution into BGP utilizing route filtering

Sr. Network Architect

INTTRA Inc.
Parsippany, NJ
08.2001 - 03.2013
  • Senior network engineer responsible for architecting data, VoIP, Disaster recover network, and multiple global sites using various technologies from Cisco Routing and Voice, F5, Linux/Unix, VPN, and wireless.
  • Primary responsibilities include architecting new and improving the current infrastructure, data centers and global remote offices.
  • Part of global engineering team. Utilize EIGRP, BGP, Layer2/3 Switches, and ASA firewalls.
  • Maintain, monitor and administration of global Cisco Call Manager 4.3/6.1/8.0, Voice Gateways/ Gatekeeper and all related VoIP technology.
  • Maintain, implemented, and designed global Cisco IPT systems.
  • Design, configure and implement Blackberry Enterprise system including carrier selection.
  • Implement Layer 2/3 switch and VLAN using Cisco 4507E, 6509E, 3750 and 3550 switches.
  • Plan, design and implement 3 million dollars business continuation (DR Site) plan at Sungard in Wood Dale IL.
  • Plan, design, and implement Symantec Antivirus Corp 8.0 to 100 corporate and remote clients.
  • Implement solutions for remote and mobile users including client-less VPN, Client VPN, VPNC.
  • Implemented QoS solutions to resolve multi-site quality problems for VoIP inter-office trunks/calls
  • Analyze WAN traffic using sniffer and NetQoS to report and troubleshoot complex network issues
  • Evaluate Citrix traffic monitoring tools to monitor, analyze and troubleshoot Citrix session problems.
  • Engineered all internal office moves, including the migration of network, wireless, voice, and servers.
  • Architect and configured all F5 global load balancers, ASM (WAF), Link Controllers, and GTM for DR and DR Sites
  • Migrated 10G wave circuits for site cross-connects between two core data center
  • Assisted in the Data center implementation in Atlanta utilizing cisco Nexus FX FEX, 5K, 7K
  • Assisted with the migration of Cisco 7609 wan MPLS router to ASR 1006 in the NJ data center
  • Work on customer integration, circuits activations, and firewall configurations

Education

Associate of Science - Systems Programming

CHUBB Institute
Parsippany
01.1999

Associate of Science - Electrical Engineering

County College of Morris
Randolph Township, NJ
01-1996

Skills

Hardware

  • Routers: Cisco 800, 2800, 3700, 3900, 4400, 7200, 7600, ASR 100X and 1002HX
  • Switches: Cisco 6500/6800, 4500, Series, Nexus 2K/5K/7K, HP 5800, HP 5820, HP 12508 (H3C Comware V5/V7 IOS for HP - IRF technology), Nexus 9K/3K
  • Security: Checkpoint Firewall NG, Netscreen, IPTables, DMVPN, ZBFW, uniper ISG 1000/2000, Juniper SA 4000/4500 SSLVPN, Palo Alto PA-200 & 5050, Fortinet FG-1000, FG-3000, FortiManager
  • Wireless: WLAN Controller 5800 Series, Meraki M44
  • Infoblox: Infoblox 1050, 1410 and 1420 (grid master H/A pair) Nokia QIP: QIP DNS/DHCP server, Effcient IP

Software

  • Solarwinds, Wireshark, Riverbed net profiler, Zenoss, Splunk, BigIQ

Routing

  • EIGRP, OSPF, BGP, RRI (reverse route injection), Advanced EIGRP and BGP

Switching Protocol

  • STP, RSTP, MSTP, VTP, DTP, VLANs, Trunking, Layer 3 capabilities, Etherchannels, 8021q trunk, Port Security, HP IRF, VRRP, HSRP, VPC, VSS, ISSU

Cloud computing understanding

  • AWS ALB/ELB, VPC, EC2, S3, Security group, Route53 DNS

Load Balancers

  • F5 BigIP Load Balancers - 3900 / i5800 / i2600 / r5900 / r2600, F5 Link Controllers, F5 GTM/BigDNS, BIG-IQ, I-health, AWS ALB/NLB

Security Understanding and experience

  • Site- to-site VPNs, Remote Access VPNs, VPN Client, Anyconnect SSL VPN, Clientless SSL VPN, IPSec, NAT, AAA (RADIUS/TACACS), Access Control Lists, Traffic Filtering, Juniper SSG 350M, 520M, 550M, ISG 2000, Juniper SRX 220, 240, 550, Juniper NSM, Juniper SA 4000/4500 SSL VPN, Palo Alto Firewall Model PA-3020 and PA-5050, Fortinet Fortigate FG-3700

Virtualization

  • VMWare ESX, Vmware Client, AWS Workspace

SaaS and external solutions

  • Vercara/Digicert DNS
  • Imperva
  • Arbor DDoS cloud solution
  • AT&T Netbond
  • Splunk

Area of strength and understanding

  • Data center networking
  • IP address management
  • Network architecture design
  • ITIL framework
  • Unified communications integration
  • Network Access control implementation
  • Software-defined networking (SDWAN)
  • Disaster recovery planning
  • Switching technologies
  • Cloud networking solutions
  • Load balancing strategies
  • DNS and DHCP administration
  • Network troubleshooting expertise
  • Data center architecture
  • Network capacity planning
  • LAN configuration management
  • Cloud-based service integration to VMware cloud
  • LAN switching technologies
  • Layer-2/3 protocols
  • Strong troubleshooting skills
  • Network troubleshooting
  • Effective communication
  • Verbal and written communication
  • Organized and detail oriented
  • Microsoft office proficiency
  • Routing protocol expertise (BGP and EIGRP)
  • Network security systems
  • Wireless networks troubleshooting
  • Network configuration
  • Technical troubleshooting
  • Packet trace analysis
  • IP addressing and subnetting
  • Cisco switching expertise
  • Hardware installation
  • Firewall functionality
  • Network performance monitoring
  • Risk assessment
  • Remote work support
  • Virtual private networks
  • DNS implementation
  • Access control
  • MPLS routers
  • SNMP monitoring
  • Subnetting expertise
  • User support
  • 8021x experience
  • Network security
  • Cisco IOS mastery
  • Equipment configuration
  • Datacenter network implementations
  • Change management
  • Security architecture and technologies

Accomplishments

• Upgraded two data centers from Nexus 7K to nexus 9K/3K for internal and external core routing and switching

• Migrated from Cisco 4710s to Meraki 9300 hardware and MX routers for all of our regional and home offices, to include the Hubs in the Dallas and Richmond data centers

• Migrated external and internal Global load balancers to an external Vercara Global GSLB solution

• Migrated apps of IBM web proxy to F5 for reverse proxy architecture

• Assisted the Guardian India security team on the upgrade of the FTD firewalls and SSLVPN FW. This included all firewalls in the Dallas and Richmond data centers

• Migrated from Cisco WLC and Anchor controller to Meraki Wireless MR44 access points with integration and routing with the MX 85 for regional offices, and MX250 for home offices

• Assisted with the migration from QIP DNS to Efficient-IP DNS and IPAM solution for internal DNS and DHCP

• Migrated to F5 i5800/i2600/r2600 series Load balancers for internal and external applications to include Cisco ISE

• Designed networks in collaboration with third party mainframe hosting provider (Ensono)

• Migrated over production mainframe systems, a 40 million dollar project to Ensono

• Exceptional Visio skills, 2D and 3D diagraming capability

Certification

  • CCIE #18720 (Security) Cisco Certified Internetwork Expert in Security (Not Active)
  • CISSP IC2 - Certified Information Systems Security Professional (Not Active)
  • AWS Solutions architect associate (Active)
  • AWS Advanced Network Specialty (Active)

Languages

English
Vietnamese

Timeline

Sr. Network Engineer

The Guardian Life Insurance of America
08.2014 - Current

Consulting - Sr. Network Security Engineer

REALOGY
01.2014 - 08.2014

Consulting - Sr. Network Architect

Tiffany & Co.
09.2013 - 01.2014

Consulting - Sr. Network Engineer

iQor
03.2013 - 09.2013

Sr. Network Architect

INTTRA Inc.
08.2001 - 03.2013

Associate of Science - Systems Programming

CHUBB Institute

Associate of Science - Electrical Engineering

County College of Morris

Personal Information

Title: Sr. Network Engineer