Ranli is available for hire

Ranli Cruz

Verified Expert in Engineering

Network Security Engineer and Developer

Location

Toronto, ON, Canada

Toptal Member Since

December 2, 2022

Ranli is a graduate of information and communication technology engineering. He is an IT professional with 14+ years of network administration experience offering excellence in network solutions. He provides viable techniques that solve and optimize network requirements and thrives in managing multiple tasks simultaneously. Ranli is also self-motivated, proactive, and customer-oriented, having strong analytical skills and multiple Cisco certifications.

Portfolio

MCAP

Ansible, CCNA, CCNP, Border Gateway Protocol (BGP)...

Teleperformance

CCNA, CCNP, Border Gateway Protocol (BGP), Open Shortest Path First (OSPF)...

Teleperformance

Border Gateway Protocol (BGP), CCNA, CCNP, Multiprotocol Label Switching (MPLS)...

Experience

Cisco - 14 years Routing - 14 years CCNP - 11 years Software-defined WAN (SDWAN) - 4 years Amazon Web Services (AWS) - 3 years Python - 3 years Ansible - 3 years FortiGate - 1 year

Availability

Full-time

Preferred Environment

Windows, Cisco, Juniper, Python, Ansible, Routing, Multiprotocol Label Switching (MPLS), Cisco Certified Network Associate Routing & Switching, Amazon Web Services (AWS), Azure DevOps

The most amazing...

...projects I've worked on involved implementing new data centers and branches using multiprotocol label switching (MPLS), site-to-site VPN, Python, and Ansible.

Work Experience

Network Engineer

2021 - PRESENT

MCAP

Developed automation in Python using Ansible with Azure DevOps to migrate the URL for the development, QA, and production environments to the HAProxy load balancer.
Implemented the network access control (NAC) using Aruba ClearPass.
Automated the task using playbooks and kept track of the versions with Git.

Technologies: Ansible, CCNA, CCNP, Border Gateway Protocol (BGP), Cisco Application Centric Infrastructure (Cisco ACI), Cisco Certified Network Associate Routing & Switching, IP Routing, Git, Cisco Switches, Aruba, Checkpoints, Python, Azure DevOps, Agile, F5 Networks, Cisco, Windows, Multiprotocol Label Switching (MPLS), Linux, Wireless, Programming, Networks, ISE, Cisco Wireless, DHCP, DNS, Firewalls, Computer, HAProxy, Nexus, Cisco Routers, Security, Duo, Single Sign-on (SSO), Identity & Access Management (IAM), Group Policy, User Authentication, Group Policy Management, Check Point, IT Security, TCP/IP, Network Security, Network Engineering, OSI Model, Generic Routing Encapsulation (GRE) Tunnels, Networking, Kubernetes, Designing for Data, Network Configuration, Access Points, FortiGate, Fortinet Firewall Configuration, Cisco Networking, Cisco LAN/WAN, Data Center Management, VXLAN, VLANs, IP Networks, Data Center Infrastructure, Software-defined Data Centers (SDDC), Software-defined Networking (SDN), Network Architecture, Network Monitoring, Network Design, Network Access Control, FortiAnalizer, SD-WAN, Enterprise Firewalls, LAN

Senior Network Engineer

2017 - 2021

Teleperformance

Contributed to deploying the software-defined wide area network (SD-WAN) across the branches.
Engaged in multiple projects to propose and provide connectivity to various clients using virtual routing and forwarding (VRF), SD-WAN, application-centric infrastructure (ACI), a virtual private network (VPN), and MPLS.
Coordinated with multiple teams to deploy all the required changes and establish the proposed connectivity.
Implemented multiple branches from scratch, renewed the entire site network into a modern infrastructure, and migrated some services to cloud providers like AWS and Azure.
Acted as the tier 3 escalation point person for any network-related issues.
Worked with DUO, SSO, IAM, ISE, and other security applications. Enrolled network devices with user applications like access to firewalls, routers, switches, phones, and so on.

Technologies: CCNA, CCNP, Border Gateway Protocol (BGP), Open Shortest Path First (OSPF), Software-defined WAN (SDWAN), Cisco Application Centric Infrastructure (Cisco ACI), Cisco Switches, Juniper, IP Routing, ISE, Cisco Wireless, ASA Firewalls, Firewalls, Python, Ansible, Cisco, Windows, Multiprotocol Label Switching (MPLS), Cisco Certified Network Associate Routing & Switching, Amazon Web Services (AWS), Servers, Linux, Wireless, Git, Networks, Palo Alto Networks, DHCP, DNS, Computer, Azure, Nexus, Cisco Routers, Security, Duo, Single Sign-on (SSO), SAML, Identity & Access Management (IAM), Group Policy, User Authentication, Group Policy Management, Check Point, IT Security, TCP/IP, Network Security, Network Engineering, OSI Model, Generic Routing Encapsulation (GRE) Tunnels, Junos OS, Networking, Kubernetes, Designing for Data, Network Configuration, Access Points, Cisco Networking, Cisco LAN/WAN, Data Center Management, VXLAN, VLANs, IP Networks, Data Center Infrastructure, Software-defined Data Centers (SDDC), Software-defined Networking (SDN), Cisco Adaptive Security Appliance (ASA), Network Architecture, Network Monitoring, Network Design, Cisco Identity Services Engine (ISE), FortiAnalizer, FortiManager, Cisco Certified Design Associate (CCDA), Cisco Certified Design Professional (CCDP), SD-WAN, Enterprise Firewalls, LAN

Network Engineer

2013 - 2017

Teleperformance

Implemented a data center and numerous branches from scratch for multiple countries.
Planned, coordinated, administrated, requisitioned, and troubleshot different technologies during the implementation project.
Applied project management knowledge to complete the project, enabling over 1,000 end users to establish connectivity between clients and branches.

Technologies: Border Gateway Protocol (BGP), CCNA, CCNP, Multiprotocol Label Switching (MPLS), Open Shortest Path First (OSPF), Cisco Switches, Wireless, Servers, ASA Firewalls, Palo Alto Networks, DHCP, DNS, Cisco, Windows, Juniper, Cisco Certified Network Associate Routing & Switching, Amazon Web Services (AWS), Linux, IP Routing, Networks, ISE, Cisco Wireless, Firewalls, Computer, Nexus, Cisco Routers, Security, Duo, Single Sign-on (SSO), SAML, Identity & Access Management (IAM), Group Policy, User Authentication, Group Policy Management, IT Security, TCP/IP, Network Security, Network Engineering, OSI Model, Generic Routing Encapsulation (GRE) Tunnels, Junos OS, Networking, Designing for Data, Network Configuration, Access Points, Cisco Networking, Cisco LAN/WAN, Data Center Management, VLANs, IP Networks, Data Center Infrastructure, Software-defined Data Centers (SDDC), Software-defined Networking (SDN), Cisco Adaptive Security Appliance (ASA), Network Architecture, Network Monitoring, Network Design, Cisco Identity Services Engine (ISE), FortiAnalizer, FortiManager, Cisco Certified Design Associate (CCDA), Cisco Certified Design Professional (CCDP), Enterprise Firewalls, LAN

Network Engineer

2013 - 2013

Claro

Troubleshot multiple client connectivities in an internet service provider (ISP) environment that used different technologies like MPLS, DSL, and asynchronous transfer mode (ATM).
Provided network support services to the end user community, including troubleshooting router, switch, and ISP devices.
Identified and troubleshot issues with DSL, point-to-point protocol over ethernet (PPPoE), MPLS, frame relay, ATM, FlashBox, layer 2 and 3 protocols, and internet protocol television.
Maintained and configured digital subscriber line access multiplexers, handling customers' speed, PPPoE support, and line transmission or synchronization modes, such as G.DMT and ADSL2.

Technologies: Digital Subscriber Line Access Multiplexer (DSLAM), ADSL, IPTV, IP Routing, Routing, Cisco Switches, CCNA, CCNP, Cisco, Windows, Multiprotocol Label Switching (MPLS), Cisco Certified Network Associate Routing & Switching, Servers, Linux, Wireless, Border Gateway Protocol (BGP), Networks, Cisco Wireless, DHCP, DNS, Firewalls, Computer, Cisco Routers, Security, Single Sign-on (SSO), Group Policy, User Authentication, Group Policy Management, IT Security, TCP/IP, Network Security, Network Engineering, OSI Model, Networking, Network Configuration, Access Points, Cisco Networking, Cisco LAN/WAN, Data Center Management, VLANs, IP Networks, Network Architecture, Network Monitoring, Network Design, Cisco PIX, Cisco Certified Design Associate (CCDA), Cisco Certified Design Professional (CCDP), Enterprise Firewalls, LAN

Network Support

2008 - 2012

Hospital Infantil Dr. Robert Reid Cabral

Contributed to multiple projects to modernize the network infrastructure.
Implemented new switches and computer and server configurations, including domain name systems (DNS) and dynamic host configuration protocols (DHCP).
Completed the new building's network installation and configuration.
Provided technical support to end users on desktop applications, hardware installation and repair, internet communications, and printing issues.
Managed, maintained, and troubleshot network issues, including DNS, DHCP, switches, and routers.

Technologies: IP Routing, Routing, Cisco Switches, Servers, DNS, DHCP, Computer, Cisco, Windows, Cisco Certified Network Associate Routing & Switching, CCNP, Linux, Wireless, Border Gateway Protocol (BGP), Networks, Cisco Wireless, Firewalls, Cisco Routers, Security, Group Policy, User Authentication, Group Policy Management, IT Security, TCP/IP, Network Security, Network Engineering, OSI Model, Networking, Network Configuration, Access Points, Cisco Networking, Cisco LAN/WAN, Data Center Management, VLANs, IP Networks, Network Architecture, Network Monitoring, Network Design, Cisco PIX, Cisco Certified Design Associate (CCDA), Cisco Certified Design Professional (CCDP), Enterprise Firewalls, LAN

Experience

Automation for F5 to HAProxy Load Balancer Migration

I developed the automation in Python using Ansible with Azure DevOps to migrate the development, QA, and production environment URLs to HAProxy. The migration enabled new features required for the different applications. I also implemented the NAC using Aruba ClearPass, automating the task using playbooks and keeping track of versions using Git. The NAC implementation helped to administrate and strengthen security in the wireless and wired networks.

New Data Center and Branch Implementation

I was the network department's main point of contact. I implemented a data center and numerous branches from scratch for multiple countries, which also required planning, coordination, administration, requisitions, and troubleshooting of different technologies. I successfully managed the project, establishing connectivity between clients and branches for over 1,000 end users. I worked with DUO, ISE, and other security applications, enrolling network devices with user applications like access to firewalls, routers, switches, phones, and so on.

SD-WAN and ACI Deployment

I was the main point of contact for networking in Canada and worked on deploying SD-WAN across the branches. I contributed to multiple projects, proposing and providing connectivity to multiple clients using VRF, SD-WAN, ACI, VPN, and MPLS. I also coordinated with multiple teams to deploy and establish the proposed connectivity. All the agents could establish connectivity through the different technologies, reach the tools, and set up communication to support the clients.

Network Modernization Project

I implemented and completed the network modernization for one of the biggest children's hospitals in the country. The project involved installing, configuring, and replacing old devices, routing and switching, servers, DNS, DHCP, and other pieces to accomplish communication between different buildings.

Network Security Best Practices

Worked on reviewing and suggesting the current infrastructure's best practices, including the L2/L3 connectivity. I created a diagram with the current setup on the network, VLANs, and data flows, among others.

VMware, Azure and AWS Cloud iImplementation

I implemented Vmware, Azure, and AWS integration between the DCs and the cloud environment.

I worked with ExpressRoute, Direct Connect, Azure VPC, Direct Connect over VMC, policy-based and route-based VPN and Direct Connect, VMC-AWS, Internet Gateways, Transit Gateways, VMware, Cloud DevOps, and route-based BGP peering.

I utilized Cisco ASA-Fortinet (iSupport-Side), configuring IPsec Tunnels and Remote AnyConnect VPN. I also configured ACLs and profiles managed by group policies, troubleshooting connectivity issues, debugging, and packet capture.

I also did Cisco ASA end-to-end, ACLs, site-to-site configuration, TMO 5G wireless, and DIA service from each DC for WAN.

Skills

Tools

Cisco PIX, Ansible, Git, Digital Subscriber Line Access Multiplexer (DSLAM), VPN, Amazon Virtual Private Cloud (VPC), VMware, Azure Virtual Network Gateway

Paradigms

Cisco Certified Network Associate Routing & Switching, Azure DevOps, Agile, Software-defined Networking (SDN)

Platforms

Windows, Linux, Nexus, Duo, Amazon Web Services (AWS), Azure, Kubernetes

Industry Expertise

Network Security, Cisco Adaptive Security Appliance (ASA)

Other

Cisco, Routing, CCNA, CCNP, Servers, Wireless, IT Project Management, Cisco Switches, IP Routing, Open Shortest Path First (OSPF), Border Gateway Protocol (BGP), Networks, ISE, Cisco Wireless, ASA Firewalls, DHCP, DNS, Firewalls, Cisco Routers, Security, Identity & Access Management (IAM), Group Policy, User Authentication, Group Policy Management, IT Security, TCP/IP, Network Engineering, OSI Model, Networking, Designing for Data, Network Configuration, Access Points, FortiGate, Fortinet Firewall Configuration, Cisco Networking, Cisco LAN/WAN, Data Center Management, VLANs, IP Networks, Network Architecture, Network Monitoring, Network Design, Cisco Identity Services Engine (ISE), FortiAnalizer, FortiManager, Cisco Certified Design Associate (CCDA), Cisco Certified Design Professional (CCDP), Enterprise Firewalls, LAN, Juniper, Multiprotocol Label Switching (MPLS), Programming, Software-defined WAN (SDWAN), Cisco Application Centric Infrastructure (Cisco ACI), Aruba, F5 Networks, Palo Alto Networks, HAProxy, Single Sign-on (SSO), Check Point, Generic Routing Encapsulation (GRE) Tunnels, Junos OS, VXLAN, Data Center Infrastructure, Software-defined Data Centers (SDDC), SD-WAN, Checkpoints, ADSL, IPTV, Computer, APIs, Network Access Control, Vulnerability Management, System Administration, Direct Connect (DC), ExpressRoute, Azure Virtual Networks

Languages

Python, SAML, Java

Education

2012 - 2014

Bachelor's Degree in Information and Communication Technology Engineering

Universidad de Iberoamérica - Santo Domingo, Dominican Republic

2010 - 2011

Associate's Degree in Computer Networking

Instituto Tecnológico de Las Américas - Santo Domingo, Dominican Republic

Certifications

AUGUST 2023 - PRESENT

Fortinet Network Security Expert Level 4: Certified Professional

Fortinet

JANUARY 2023 - PRESENT

Cisco Certified DevNet Associate

Cisco

FEBRUARY 2020 - PRESENT

Cisco Certified Specialist – Enterprise Core

Cisco

FEBRUARY 2020 - PRESENT

Cisco Certified Specialist – Enterprise Advanced Infrastructure Implementation

Cisco

MAY 2013 - PRESENT

Cisco Certified Network Professional

Cisco

FEBRUARY 2011 - PRESENT

Cisco Certified Network Associate

Cisco

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring