Paul Wedde, Developer in Wellington, New Zealand
Paul is available for hire
Hire Paul

Paul Wedde

Verified Expert  in Engineering

Network Engineer and Developer

Wellington, New Zealand

Toptal member since April 11, 2023

Bio

Paul has nearly 20 years of experience in diverse network specializations. Both as an employee and a contractor, he has worked for managed service providers, internet service providers, one of the world's largest media conglomerates, and financial service providers. Paul has previously held UK government security clearances, including "Basic," CTC, and SC clearances.

Portfolio

ANZ Group
Networking, Networks, IT Security, TCP/IP, VPN, Firewalls, Cisco Routers...
FNZ
Check Point, Ansible, Cisco Switches, Web Application Firewall (WAF), VPN...
Sony Interactive Entertainment
Cisco, Check Point, DNS, Network Security, Networks, Security, IT Security...

Experience

  • Cisco Networking - 17 years
  • SNMP - 16 years
  • DNS - 15 years
  • Check Point - 14 years
  • Fortinet Firewall Configuration - 10 years
  • Transport Layer Security (TLS) - 10 years
  • Palo Alto Networks - 6 years
  • F5 Networks - 4 years

Availability

Full-time

Preferred Environment

Cisco, Check Point, F5 Networks, Palo Alto Networks, Bash, Ansible, Linux, Fortinet Firewall Configuration

The most amazing...

...project I've been involved in was architecting multi-cloud connectivity for New Zealand's largest bank.

Work Experience

Network Designer

2020 - 2024
ANZ Group
  • Contributed to the BS11 project to build a "bank within a bank", focusing on Active Directory (AD) networking requirements.
  • Built a new laptop provisioning location over VPN over a third-party vendor's MPLS.
  • Migrated a network privileged access management (PAM) application between AD domains.
  • Onboarded multiple replacement DMZ switches and managed hardware lifecycle.
  • Migrated a backup application to a new AD domain, including networking components.
  • Built a remote data canter in Sydney via Cloud OnRamp for IaaS.
Technologies: Networking, Networks, IT Security, TCP/IP, VPN, Firewalls, Cisco Routers, Cisco Switches, Load Balancers, Wireless, VMware, Deep Packet Inspection (DPI), Network Architecture, Network Design, Network Engineering, Network Monitoring, Cryptography, Encryption, Border Gateway Protocol (BGP), Computer Networking, Multiprotocol Label Switching (MPLS), Open Shortest Path First (OSPF), Routing

Network Engineer and Team Lead

2016 - 2020
FNZ
  • Deployed user web proxy and optimized proxy auto-configuration (PAC) file.
  • Consolidated vendor firewall, merging two layers of firewalling and routing into one.
  • Redesigned and physically moved Wellington's data center.
  • Deployed Microsoft Office 365 and Exchange Online.
  • Designed and deployed dual site call center network.
  • Upgraded APAC-wide firewall hardware and software.
  • Designed and implemented a third-party private link.
Technologies: Check Point, Ansible, Cisco Switches, Web Application Firewall (WAF), VPN, Fortinet Firewall Configuration, Network Security, Networks, Security, IT Security, TCP/IP, Transport Layer Security (TLS), NetFlow, SSL Certificates, Firewalls, Cisco Routers, Load Balancers, Wireless, VMware, Networking, Deep Packet Inspection (DPI), Network Architecture, Network Design, Network Engineering, Network Monitoring, Cryptography, Encryption, Computer Networking, Intrusion Detection Systems (IDS), Routing

Network and Security Engineer

2015 - 2016
Sony Interactive Entertainment
  • Contributed to Europe-wide Infoblox dynamic host configuration protocol (DHCP) migration by moving all Sony Interactive Entertainment (SIEE) offices from AD-integrated DHCP to a specific vendor.
  • Assisted in relocating the office based in Frankfurt by moving it a few blocks down the road. Built a new wireless network, wired local area network (LAN), and associated wide-area network (WAN) connectivity.
  • Worked actively on satellite VPN swing for SN Systems.
Technologies: Cisco, Check Point, DNS, Network Security, Networks, Security, IT Security, TCP/IP, Transport Layer Security (TLS), SSL Certificates, Firewalls, Cisco Routers, Cisco Switches, Load Balancers, Wireless, VMware, Unix, Networking, Deep Packet Inspection (DPI), Network Architecture, Network Design, Network Engineering, Network Monitoring, Cryptography, Encryption, Border Gateway Protocol (BGP), Computer Networking, Multiprotocol Label Switching (MPLS), Routing

Senior Network Engineer

2013 - 2015
Sony Pictures
  • Redesigned and remotely deployed a computer network in SPE's 24-hour media based in Singapore.
  • Completed the upgrade of a remote console server estate.
  • Played a key role in pre-sales work for new SPE offices in Mexico and India.
  • Participated in a global domain name system (DNS) and DHCP migration project for about six months.
  • Designed a global configuration template for Cisco Internetwork Operating System (IOS), enabling multiple virtual routing and forwarding (VRF) instances.
  • Deployed a captive portal using specific vendors' firewalls.
  • Tested AD and lightweight directory access protocol (LDAP) integration with Cisco Context Directory Agent (CDA) and Palo Alto User-ID.
Technologies: Firewalls, Cisco Routers, Load Balancers, Wireless, VoIP, Network Security, Networks, Security, IT Security, TCP/IP, Transport Layer Security (TLS), SSL Certificates, ASA Firewalls, Cisco Switches, VMware, Networking, Deep Packet Inspection (DPI), Network Architecture, Network Design, Network Engineering, Network Monitoring, Cryptography, Encryption, Border Gateway Protocol (BGP), Computer Networking, Multiprotocol Label Switching (MPLS), Routing

Senior Technical Network Consultant

2010 - 2013
Endava
  • Collaborated with other senior network and server engineers to deliver a multi-tenant, scalable virtualized infrastructure.
  • Completed an audit of a client's data center and multi-office network, successfully leading to further architecting, redesigning, and implementing their data center presence.
  • Managed network-related responsibilities during a client disaster recovery exercise.
  • Supported network for a high-profile website during an annual event.
  • Redesigned and implemented a multi-office client network and global VPN mesh.
  • Implemented a multi-tier Linux application platform using CentOS.
  • Redesigned and implemented the client's data center and office networks.
  • Worked actively on pre-sales, architecture, and implementation for many intrusion prevention systems (IPS) deployments.
Technologies: Load Balancers, VMware, Cisco, Firewalls, Intrusion Prevention Systems (IPS), Network Security, Networks, Security, IT Security, TCP/IP, Transport Layer Security (TLS), SSL Certificates, ASA Firewalls, Cisco Routers, Cisco Switches, Wireless, Unix, Networking, Deep Packet Inspection (DPI), Network Architecture, Network Design, Network Engineering, Network Monitoring, Cryptography, Encryption, Border Gateway Protocol (BGP), Computer Networking, Intrusion Detection Systems (IDS), Open Shortest Path First (OSPF), Routing

Technical Services Specialist

2006 - 2010
PwC
  • Supported over 30 UK-based offices and three data centers with up to 1,800 network devices.
  • Redesigned wireless network infrastructure incorporating Cisco autonomous wireless access points (WAP) with Wireless LAN Solution Engine (WLSE) and newer lightweight access point protocol (LWAPP) with wireless LAN controllers (WLC) and WCS.
  • Supported approximately 80 countries in the EMEA region and London, including MPLS and internet protocol security (IPsec) VPNs.
  • Designed and implemented a new network for office relocation.
  • Supported global connectivity with London as the hub for EMEA, interacting with other global hubs using a single contiguous network address space. It was a major achievement for PwC, with 236,000 people in 158 countries and 743 offices at the time.
  • Designed and implemented wired and wireless networks for a new office.
  • Assisted in designing the network and implementing the Cisco Adaptive Security Appliance (ASA) firewall on a voice-over-internet protocol (VoIP) pilot.
  • Helped design and implement a network for video conferencing over an IP pilot.
  • Designed and implemented a network for global WAN migration using border gateway protocol (BGP) peering into multiple service providers' MPLS and IPSec networks.
Technologies: Firewalls, Load Balancers, SNMP, VPN, Cisco, Network Security, Networks, Security, IT Security, TCP/IP, NetFlow, Cisco Routers, Cisco Switches, Wireless, VoIP, Networking, Network Design, Network Engineering, Network Monitoring, Cryptography, Encryption, Border Gateway Protocol (BGP), Computer Networking, Routing

Network Support Engineer

2005 - 2006
DXI Networks
  • Managed and supported dedicated, resilient internet connections utilizing LAN extensions, E1 leased lines, symmetric digital subscriber line (SDSL), asymmetric digital subscriber line (ADSL), primary rate interface (PRI), and basic rate ISDN (BRI).
  • Supported a complex multi-user, multi-company VoIP platform, including troubleshooting many VoIP phones and administering the network via Cisco CallManager.
  • Configured, administered, and troubleshot a large variety of networking hardware and software associated with the core of our provider's network.
  • Supported a large corporate ADSL platform, including servers such as remote access server (RAS), network access server (NAS), LNS, and remote authentication dial-in user service (RADIUS) running FreeRADIUS under SUSE Linux.
  • Analyzed layer 2 tunneling protocol (L2TP) and point-to-point protocol (PPP). Troubleshot BT's ADSL using the whoosh test.
Technologies: Cisco, Firewalls, VPN, Networks, IT Security, TCP/IP, Cisco Routers, Cisco Switches, VoIP, Unix, Networking, Network Engineering, Network Monitoring, Cryptography, Encryption, Computer Networking, Routing

Technical Support Analyst

2004 - 2004
Datacom Group
  • Worked actively for both Kiwibank and NZ Post, which gave me a solid support foundation and exposed me to several key technologies.
  • Provided support for Postlink II, NZ Post's proprietary software designed and managed by Datacom, which handled all PostShop's transactions.
  • Troubleshot the front end of Kiwibank transactions and IP voucher banking process.
Technologies: Unix, Citrix, Cisco Routers, Networks, TCP/IP, Networking, Network Engineering, Computer Networking

Experience

Check Point VPN Migration from R75 to R80

I migrated many third-party VPNs from one software version to the next, from traditional to simplified modes. This migration required an element of finesse, significant pre-planning, and coordination between other companies to get it all across the line. The VPN configuration migration needed to be thoroughly done before committing to the pre-production environment and finally rolling out to production. All VPNs were migrated over several months with minimal downtime to third-party connectivity.

Certifications

MARCH 2017 - MARCH 2020

Cisco Certified Specialist - Enterprise Design

Cisco

APRIL 2014 - MARCH 2020

CCNP Security

Cisco

APRIL 2014 - MARCH 2020

Cisco Certified Specialist - Network Security Firepower

Cisco

APRIL 2014 - MARCH 2020

Cisco Certified Specialist - Network Security VPN Implementation

Cisco

APRIL 2014 - MARCH 2020

Cisco Certified Specialist - Security Core

Cisco

APRIL 2014 - MARCH 2020

Cisco Certified Specialist - Security Identity Management Implementation

Cisco

APRIL 2014 - APRIL 2017

Cisco VPN Security Specialist

Cisco

MARCH 2014 - MARCH 2020

Cisco Certified Specialist - Web Content Security

Cisco

FEBRUARY 2014 - APRIL 2017

Cisco IOS Security Specialist

Cisco

DECEMBER 2012 - MARCH 2020

CCNP Enterprise

Cisco

DECEMBER 2012 - MARCH 2020

CCNP Routing and Switching

Cisco

DECEMBER 2012 - MARCH 2020

Cisco Certified Specialist - Enterprise Advanced Infrastructure Implementation

Cisco

DECEMBER 2012 - MARCH 2020

Cisco Certified Specialist - Enterprise Core

Cisco

FEBRUARY 2010 - PRESENT

CCSA R65

Check Point

JANUARY 2009 - APRIL 2017

Cisco IPS Specialist

Cisco

JANUARY 2009 - OCTOBER 2014

Cisco Certified Security Professional (CCSP)

Cisco

NOVEMBER 2008 - NOVEMBER 2010

Cisco Information Security Specialist

Cisco

OCTOBER 2008 - NOVEMBER 2010

Cisco Firewall Specialist

Cisco

DECEMBER 2007 - DECEMBER 2009

Cisco VPN Specialist

Cisco

OCTOBER 2004 - MARCH 2020

Cisco Certified Network Associate (CCNA)

Cisco

Skills

Tools

VPN, VMware, Ansible, VirtualBox, Ansible Tower

Paradigms

Deep Packet Inspection (DPI), DevOps, Automation

Industry Expertise

Network Security

Languages

Bash

Platforms

Linux, Unix, Citrix, Quick EMUlator (QEMU), Proxmox, Wazuh

Other

Cisco, Cisco Networking, SNMP, Firewalls, Cisco Routers, Networking, Networks, TCP/IP, Network Design, Network Engineering, Network Monitoring, Computer Networking, Routing, Check Point, F5 Networks, Fortinet Firewall Configuration, Transport Layer Security (TLS), ASA Firewalls, DNS, Load Balancers, Wireless, Security, IT Security, Cryptography, Encryption, Border Gateway Protocol (BGP), Intrusion Detection Systems (IDS), Open Shortest Path First (OSPF), Palo Alto Networks, NetFlow, Web Security, Intrusion Prevention Systems (IPS), SSL Certificates, Web Application Firewall (WAF), Cisco Switches, VoIP, Network Architecture, Multiprotocol Label Switching (MPLS), IP Routing, Routing and Switching Protocols, Network Switching, Ansible Playbooks

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring