Paul is available for hire

Paul Wedde

Verified Expert in Engineering

Network Engineer and Developer

Location

Wellington, New Zealand

Toptal Member Since

April 11, 2023

Paul has close to 20 years of experience in a diverse range of network specializations. Both as an employee and a contractor, he has worked for managed service providers, internet service providers, one of the world's largest media conglomerates, and financial service providers. Paul has previously held UK government security clearances, including "Basic," CTC, and SC clearances.

Portfolio

ANZ Group

Networking, Networks, IT Security, TCP/IP, VPN, Firewalls, Cisco Routers...

FNZ

Check Point, Ansible, Cisco Switches, Web Application Firewall (WAF), VPN...

Sony Interactive Entertainment

Cisco, Check Point, DNS, Network Security, Networks, Security, IT Security...

Experience

Cisco Networking - 17 years SNMP - 16 years DNS - 15 years Check Point - 14 years Fortinet Firewall Configuration - 10 years Transport Layer Security (TLS) - 10 years Palo Alto Networks - 6 years F5 Networks - 4 years

Availability

Full-time

Preferred Environment

Cisco, Check Point, F5 Networks, Palo Alto Networks, Bash, Ansible, Linux, Fortinet Firewall Configuration

The most amazing...

...project I've been involved in was architecting multi-cloud connectivity for New Zealand's largest bank.

Work Experience

Network Designer

2020 - 2024

ANZ Group

Contributed to the BS11 project to build a "bank within a bank", focusing on Active Directory (AD) networking requirements.
Built a new laptop provisioning location over VPN over a third-party vendor's MPLS.
Migrated a network privileged access management (PAM) application between AD domains.
Onboarded multiple replacement DMZ switches and managed hardware lifecycle.
Migrated a backup application to a new AD domain, including networking components.
Built a remote data canter in Sydney via Cloud OnRamp for IaaS.

Technologies: Networking, Networks, IT Security, TCP/IP, VPN, Firewalls, Cisco Routers, Cisco Switches, Load Balancers, Wireless, VMware, Deep Packet Inspection (DPI), Network Architecture, Network Design, Network Engineering, Network Monitoring, Cryptography, Encryption

Network Engineer and Team Lead

2016 - 2020

FNZ

Deployed user web proxy and optimized proxy auto-configuration (PAC) file.
Consolidated vendor firewall, merging two layers of firewalling and routing into one.
Redesigned and physically moved Wellington's data center.
Deployed Microsoft Office 365 and Exchange Online.
Designed and deployed dual site call center network.
Upgraded APAC-wide firewall hardware and software.
Designed and implemented a third-party private link.

Technologies: Check Point, Ansible, Cisco Switches, Web Application Firewall (WAF), VPN, Fortinet Firewall Configuration, Network Security, Networks, Security, IT Security, TCP/IP, Transport Layer Security (TLS), NetFlow, SSL Certificates, Firewalls, Cisco Routers, Load Balancers, Wireless, VMware, Networking, Deep Packet Inspection (DPI), Network Architecture, Network Design, Network Engineering, Network Monitoring, Cryptography, Encryption

Network and Security Engineer

2015 - 2016

Sony Interactive Entertainment

Contributed to Europe-wide Infoblox dynamic host configuration protocol (DHCP) migration by moving all Sony Interactive Entertainment (SIEE) offices from AD-integrated DHCP to a specific vendor.
Assisted in relocating the office based in Frankfurt by moving it a few blocks down the road. Built a new wireless network, wired local area network (LAN), and associated wide-area network (WAN) connectivity.
Worked actively on satellite VPN swing for SN Systems.

Technologies: Cisco, Check Point, DNS, Network Security, Networks, Security, IT Security, TCP/IP, Transport Layer Security (TLS), SSL Certificates, Firewalls, Cisco Routers, Cisco Switches, Load Balancers, Wireless, VMware, Unix, Networking, Deep Packet Inspection (DPI), Network Architecture, Network Design, Network Engineering, Network Monitoring, Cryptography, Encryption

Senior Network Engineer

2013 - 2015

Sony Pictures

Redesigned and remotely deployed a computer network in SPE's 24-hour media based in Singapore.
Completed the upgrade of a remote console server estate.
Played a key role in pre-sales work for new SPE offices in Mexico and India.
Participated in a global domain name system (DNS) and DHCP migration project for about six months.
Designed a global configuration template for Cisco Internetwork Operating System (IOS), enabling multiple virtual routing and forwarding (VRF) instances.
Deployed a captive portal using specific vendors' firewalls.
Tested AD and lightweight directory access protocol (LDAP) integration with Cisco Context Directory Agent (CDA) and Palo Alto User-ID.

Technologies: Firewalls, Cisco Routers, Load Balancers, Wireless, VoIP, Network Security, Networks, Security, IT Security, TCP/IP, Transport Layer Security (TLS), SSL Certificates, ASA Firewalls, Cisco Switches, VMware, Networking, Deep Packet Inspection (DPI), Network Architecture, Network Design, Network Engineering, Network Monitoring, Cryptography, Encryption

Senior Technical Network Consultant

2010 - 2013

Endava

Collaborated with other senior network and server engineers to deliver a multi-tenant, scalable virtualized infrastructure.
Completed an audit of a client's data center and multi-office network, successfully leading to further architecting, redesigning, and implementing their data center presence.
Managed network-related responsibilities during a client disaster recovery exercise.
Supported network for a high-profile website during an annual event.
Redesigned and implemented a multi-office client network and global VPN mesh.
Implemented a multi-tier Linux application platform using CentOS.
Redesigned and implemented the client's data center and office networks.
Worked actively on pre-sales, architecture, and implementation for many intrusion prevention systems (IPS) deployments.

Technologies: Load Balancers, VMware, Cisco, Firewalls, Intrusion Prevention Systems (IPS), Network Security, Networks, Security, IT Security, TCP/IP, Transport Layer Security (TLS), SSL Certificates, ASA Firewalls, Cisco Routers, Cisco Switches, Wireless, Unix, Networking, Deep Packet Inspection (DPI), Network Architecture, Network Design, Network Engineering, Network Monitoring, Cryptography, Encryption

Technical Services Specialist

2006 - 2010

PwC

Supported over 30 UK-based offices and three data centers with up to 1,800 network devices.
Redesigned wireless network infrastructure incorporating Cisco autonomous wireless access points (WAP) with Wireless LAN Solution Engine (WLSE) and newer lightweight access point protocol (LWAPP) with wireless LAN controllers (WLC) and WCS.
Supported approximately 80 countries in the EMEA region and London, including MPLS and internet protocol security (IPsec) VPNs.
Designed and implemented a new network for office relocation.
Supported global connectivity with London as the hub for EMEA, interacting with other global hubs using a single contiguous network address space. It was a major achievement for PwC, with 236,000 people in 158 countries and 743 offices at the time.
Designed and implemented wired and wireless networks for a new office.
Assisted in designing the network and implementing the Cisco Adaptive Security Appliance (ASA) firewall on a voice-over-internet protocol (VoIP) pilot.
Helped design and implement a network for video conferencing over an IP pilot.
Designed and implemented a network for global WAN migration using border gateway protocol (BGP) peering into multiple service providers' MPLS and IPSec networks.

Technologies: Firewalls, Load Balancers, SNMP, VPN, Cisco, Network Security, Networks, Security, IT Security, TCP/IP, NetFlow, Cisco Routers, Cisco Switches, Wireless, VoIP, Networking, Network Design, Network Engineering, Network Monitoring, Cryptography, Encryption

Network Support Engineer

2005 - 2006

DXI Networks

Managed and supported dedicated, resilient internet connections utilizing LAN extensions, E1 leased lines, symmetric digital subscriber line (SDSL), asymmetric digital subscriber line (ADSL), primary rate interface (PRI), and basic rate ISDN (BRI).
Supported a complex multi-user, multi-company VoIP platform, including troubleshooting many VoIP phones and administering the network via Cisco CallManager.
Configured, administered, and troubleshot a large variety of networking hardware and software associated with the core of our provider's network.
Supported a large corporate ADSL platform, including servers such as remote access server (RAS), network access server (NAS), LNS, and remote authentication dial-in user service (RADIUS) running FreeRADIUS under SUSE Linux.
Analyzed layer 2 tunneling protocol (L2TP) and point-to-point protocol (PPP). Troubleshot BT's ADSL using the whoosh test.

Technologies: Cisco, Firewalls, VPN, Networks, IT Security, TCP/IP, Cisco Routers, Cisco Switches, VoIP, Unix, Networking, Network Engineering, Network Monitoring, Cryptography, Encryption

Technical Support Analyst

2004 - 2004

Datacom Group

Worked actively for both Kiwibank and NZ Post, which gave me a solid support foundation and exposed me to several key technologies.
Provided support for Postlink II, NZ Post's proprietary software designed and managed by Datacom, which handled all PostShop's transactions.
Troubleshot the front end of Kiwibank transactions and IP voucher banking process.

Technologies: Unix, Citrix, Cisco Routers, Networks, TCP/IP, Networking, Network Engineering

Experience

Check Point VPN Migration from R75 to R80

I migrated many third-party VPNs from one software version to the next, from traditional to simplified modes. This migration required an element of finesse, significant pre-planning, and coordination between other companies to get it all across the line. The VPN configuration migration needed to be thoroughly done before committing to the pre-production environment and finally rolling out to production. All VPNs were migrated over several months with minimal downtime to third-party connectivity.

Cisco

Skills

Tools

VPN, VMware, Ansible

Paradigms

Deep Packet Inspection (DPI)

Languages

Bash

Industry Expertise

Network Security

Platforms

Linux, Unix, Citrix

Other

Cisco, Cisco Networking, SNMP, Firewalls, Cisco Routers, Networking, Networks, TCP/IP, Network Design, Network Engineering, Network Monitoring, Check Point, F5 Networks, Fortinet Firewall Configuration, Transport Layer Security (TLS), ASA Firewalls, DNS, Load Balancers, Wireless, Security, IT Security, Cryptography, Encryption, Palo Alto Networks, NetFlow, Web Security, Intrusion Prevention Systems (IPS), SSL Certificates, Web Application Firewall (WAF), Cisco Switches, VoIP, Network Architecture

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring