Skip to content

Infrastructure & Networking

Cisco

Full product line experience across the Cisco portfolio:

Switching

  • Catalyst 6500 platform — deep chassis-level experience including Cat OS, Hybrid mode, native IOS, Supervisor 720, Supervisor 2T, MSFC, and associated service modules
  • Access, aggregation, and core layer switching
  • Top of rack deployments
  • Industrial and embedded variants for OT environments (IE series)
  • Per-VLAN Spanning Tree (PVST+), Rapid PVST+
  • SVIs, inter-VLAN routing, DHCP relay

Routing

  • BGP (eBGP/iBGP), OSPF, EIGRP
  • Static and policy-based routing
  • Router platforms across the ISR and ASR families

Security

  • ASA firewall platforms — deployment, rule management, VPN termination
  • Site-to-site and remote access VPN
  • ACLs, zone-based firewalling

Meraki Enterprise

Currently managing a full enterprise Meraki stack end to end:

  • Core switching through top of rack
  • Dashboard-managed deployment at scale
  • Template-based configuration management
  • Integrated wireless (MR series)
  • SD-WAN capabilities

Engineered the deployment of over 100 Starlink-enabled systems across a major energy operation:

  • Plant facilities — permanent installations with wired backhaul failover
  • Operator trucks — mobile deployments, ruggedized mounting, power management
  • Integration — Starlink as primary or failover WAN, managed alongside existing RF and wired backhaul
  • Operational challenges — thermal management, obstructed sky views at remote locations, firmware management across fleet

Sophos

  • Sophos firewall and endpoint integration
  • Unified threat management alongside Cisco/Meraki infrastructure

Design Principles

The networking layer exists to serve the control systems. Design decisions are driven by:

  1. Reliability — a wellpad going offline means production stops. Redundancy isn't optional.
  2. Simplicity — every protocol and feature must justify its presence. Complexity is a liability in the field.
  3. Serviceability — when something breaks at a remote site, the fix needs to be achievable by the person who happens to be there, not a specialist.
  4. Security — IT/OT segmentation, least privilege, defense in depth. The converged network can't become a lateral movement path.