JASON DAVIS Lewisville, TX | (940) 340-9369 | newton214@gmail.com linkedin.com/in/jason-davis-27442118a =============================================================================== PROFESSIONAL SUMMARY =============================================================================== Systems & Network Infrastructure Engineer with 15+ years building, scaling, and defending mission-critical networks and Unix/Linux platforms. Overlay networking native – designed, deployed, and automated VXLAN/EVPN fabrics at AWS, Charter, Verizon, and Denver Health. Unique hybrid depth: Linux systems engineering + hyperscale network architecture + security compliance (PCI-DSS, NIST, HIPAA). SME in Fortinet Security Fabric (NSE 4 certified, NSE 5 in progress) and Meraki SD-WAN (TBX). Red Hat Certified System Administrator (RHCSA) with RHCE in progress. Bridge the gap between traditional infrastructure and cloud-native, automation-first operations. =============================================================================== CORE COMPETENCIES – TECHNICAL =============================================================================== NETWORK FABRICS - VXLAN/EVPN (Cisco Nexus/Arista) - Spine-Leaf Architecture - MP-BGP EVPN (Type-2/Type-5) - Anycast Gateway / Symmetric IRB - L3VNI / Multi-Tenant VRFs - Multicast / Head-End Replication SECURITY & SD-WAN - Fortinet Security Fabric (NSE 4) - FortiGate, FortiManager, FortiAnalyzer - Meraki SD-WAN (TBX SME) - Versa SD-WAN (Verizon migration) - Cisco Viptela (ARS migration) - Palo Alto, ASA, Juniper SRX CLOUD & HYBRID - AWS (GovCloud, Direct Connect) - Hybrid Cloud Interconnect - AWS Transit Gateway / VPC - VMware NSX-T / KVM Integration - Kubernetes Overlay (Cilium) - Equinix Fabric / Cloud On-Ramps AUTOMATION & IaC - Python (Netmiko, NAPALM, Tcl) - Ansible (Cisco.ios, NX-OS, Fortinet) - Terraform (AWS, Equinix) - YANG / NetConf / REST APIs - Git / CI/CD Pipelines - Bash / Pre-Post Diff Scripts SYSTEMS FOUNDATION - Red Hat Enterprise Linux (RHCSA) - RHCE – In Progress - Unix (AIX, Solaris) - Kernel Tuning / sysctl - Arch Linux (personal lab) MONITORING & OBSERVABILITY - gNMI/Telemetry / sFlow - Prometheus / Grafana - PRTG / SolarWinds / Splunk - NetFlow / sFlow / IPFIX - Custom Python anomaly detection =============================================================================== CERTIFICATIONS & DEVELOPMENT =============================================================================== - Fortinet Network Security Expert NSE 4 – Certified - Fortinet NSE 5 – In Progress (FortiManager, FortiAnalyzer) - Red Hat Certified System Administrator (RHCSA) – Completed - Red Hat Certified Engineer (RHCE) – In Progress (Ansible automation focus) - Cisco CCNP Enterprise & Data Center - AWS Certified Solutions Architect – Associate - Cisco DevNet Associate =============================================================================== PROFESSIONAL EXPERIENCE =============================================================================== TBX May 2022 – Sept 2024 Consulting Systems Engineer – SD-WAN & Security SME Subject Matter Expert for service provider and enterprise networks, focusing on Meraki SD-WAN and Fortinet Security Fabric. Delivered technical go-to- market strategies and hands-on POC deployments. - FORTINET SECURITY FABRIC SPECIALIST – Architected and validated FortiGate deployments, including SD-WAN, IPSec VPN, and security policies. NSE 4 certified; actively pursuing NSE 5 (FortiManager, FortiAnalyzer). - MERAKI SD-WAN EXPERTISE – Designed and deployed Meraki MX/Z3 auto-VPN topologies, traffic shaping, and application-aware routing for multi-site enterprises. - AUTOMATION ENABLEMENT – Developed Python/Ansible automation frameworks for zero-touch provisioning and configuration validation, reducing deployment time by 30%. - TECHNICAL WORKSHOPS – Authored and delivered advanced workshops on Zero Trust, SD-WAN security, and automation, training partner SEs and customers. - POC LEADERSHIP – Executed end-to-end proofs-of-concept that directly influenced six-figure enterprise deals. ------------------------------------------------------------------------------- AMAZON WEB SERVICES (GOVCLOUD) Sept 2021 – May 2022 Network Development Engineer – Hyperscale Fabric Team Led Tier 3 escalation for critical networking incidents in AWS GovCloud, a high-compliance, multi-tenant hyperscale environment. - ARCHITECTED VXLAN/EVPN OVERLAY SOLUTIONS for GovCloud tenants requiring isolated, compliant network segments – directly translated customer segmentation requirements into MP-BGP EVPN address-family configurations. - BUILT AUTOMATION FRAMEWORKS using Python to model, validate, and deploy underlay/overlay policies across thousands of devices, eliminating manual configuration drift and reducing provisioning time by 40%. - DESIGNED HYBRID INTERCONNECT STRATEGIES using AWS Direct Connect and Transit Gateway, integrating on-premises VXLAN fabrics with AWS VPCs via eBGP route exchange. - DEPLOYED AND TROUBLESHOOTED BGP CONTROL PLANES at hyperscale, including route reflection policies, next-hop reachability, and RT/RD consistency across multi-tenant partitions. - DEVELOPED SOPs AND POST-MORTEM GUIDANCE for complex routing incidents, institutionalizing "automation-first" remediation patterns. ------------------------------------------------------------------------------- VERIZON ENTERPRISE SOLUTIONS Jan 2020 – Sept 2021 Principal Network Architect – SD-WAN & Data Center Transformation Directed enterprise-scale fabric architecture and migration for Fortune 500 clients (finance, healthcare, retail). - ENGINEERED VXLAN/EVPN DATA CENTER FABRIC DESIGNS for multi-tenant environments, defining L3VNI per tenant, anycast gateway addressing, and consistent RD/RT schemas. - LED AVIS MIGRATION from legacy Cisco MPLS to Versa SD-WAN + Aruba edge – designed hybrid overlay interconnect strategy ensuring zero downtime during cross-vendor cutover. - DEVELOPED PRE/POST DIFF BASH SCRIPTS for configuration validation, reducing change-related incidents by 35% across major deployments. - MENTORED SOLUTION ARCHITECTS on YANG, NetConf, Meraki API, and Python automation – shifted team mindset from "CLI-first" to "API-first." - SPEARHEADED WALGREENS NATIONWIDE WAN OPTIMIZATION, integrating underlay BGP policies with overlay SD-WAN controllers for application-aware routing. ------------------------------------------------------------------------------- CHARTER COMMUNICATIONS Sept 2018 – Oct 2019 Data Center Network Engineer – Core & Overlay Platforms Managed enterprise F5 LTM/GTM and A10 load balancing infrastructure while implementing next-generation overlay networks. - IMPLEMENTED EVPN/VXLAN OVERLAY NETWORKS on Nexus 9K platforms, enabling multi-tenant segmentation across national data centers. - AUTOMATED TACACS CONFIGURATION with Bash scripts, reducing manual overhead and eliminating credential misconfigurations. - IDENTIFIED CRITICAL BUFFER TAIL DROPS on Data Domain SSL replication (port 29000) using PRTG and packet capture analysis – isolated root cause to underlay MTU mismatch and oversubscription. - COORDINATED CROSS-TEAM VIDEO VPN DEPLOYMENT, driving alignment between network, security, and Linux systems teams. ------------------------------------------------------------------------------- ZIVARO (CONSULTING ENGINEER III) Oct 2018 – Jan 2020 Senior Network Consultant – Healthcare & Enterprise - DESIGNED AND DEPLOYED VXLAN DATA CENTER FABRIC for Denver Health using Cisco ACI with BGP EVPN underlay, achieving HIPAA-compliant micro- segmentation and workload mobility. - ADVOCATED ANSIBLE OVER DNA CENTER for Simmons Foods automation – delivered Ansible playbooks for configuration management, saving client $50K+ in proprietary licensing costs. - IMPLEMENTED LAYER 3 TO THE EDGE for CDPHE despite organizational resistance; architected migration plan that proved operational benefits, eventually adopted as team standard. - PLAYED KEY ROLE IN CISCO GOLD PARTNER RECERTIFICATION, leading technical deep-dives on EVPN/VXLAN, ACI, and automation capabilities. ------------------------------------------------------------------------------- ENTRUST (ZIVARO CONSULTING) Jan 2020 – Present Cloud Network Engineer – PCI-DSS Compliance - IMPLEMENTED AWS NETWORK INFRASTRUCTURE with PCI-DSS compliance, including VPC segmentation, security groups, NACLs, and Transit Gateway routing. - BUILT STAGING ENVIRONMENT despite VP-level opposition – demonstrated value through successful pre-production validation of Ansible ACL playbooks (cisco.ios). - ASSISTED ILLINOIS CREDIT UNION VPN DEPLOYMENT for overwhelmed customer team, troubleshooting IPsec tunnels and BGP peering to restore service. ------------------------------------------------------------------------------- AT&T (TIAA-CREF SENIOR TECHNICAL ARCHITECT) Jul 2010 – May 2016 Lead Network Architect – $100M Financial Infrastructure Refresh - LED $100M+ NETWORK TRANSFORMATION, deploying Nexus 7K/9K, ASR9K, and F5 BIG-IP platforms for financial trading environments. - OPTIMIZED MAINFRAME OSPF ROUTING (AREA 51), resolving route flapping and suboptimal path selection – required deep understanding of both mainframe TCP/IP stack and traditional routing protocols. - IDENTIFIED NETAPP LACP RFC NON-COMPLIANCE via custom Tcl script – vendor acknowledged defect, implemented firmware fix, saved client from undetected link failure risk. - STANDARDIZED BLACKHOLE ROUTING CONFIGURATIONS across global footprint, creating validated, auditable templates. =============================================================================== ADDITIONAL RELEVANT EXPERIENCE =============================================================================== KAISER PERMANENTE Senior Data Center Engineer 2016–2018 - Deployed Cisco ACI fabric; migrated Nexus 7K/5K → 9K - Resolved Exadata OSPF issues and Data Domain buffer drops AMERICAN RESIDENTIAL SERVICES Senior Network Engineer 2018–2019 - Migrated 100+ sites to Cisco Viptela SD-WAN - Designed $15K+ cost-saving OOB/UPS solution with repurposed hardware DYNAMIC IMPACT MARKETING LLC Principal & Technical Strategist 2024–Present - Founder consultancy applying infrastructure engineering to marketing tech - Build automated data pipelines (Python) and technical audit frameworks =============================================================================== EDUCATION & MILITARY SERVICE =============================================================================== UNITED STATES AIR FORCE Senior Airman – Honorable Discharge =============================================================================== CONTINUOUS LEARNING =============================================================================== - Self-directed study: SRv6, eBPF/Cilium, NVIDIA Spectrum, BlueField DPUs - Arch Linux maintainer (personal infrastructure) – kernel tuning, systemd, network namespaces - Fortinet NSE 5 (FortiManager, FortiAnalyzer) – In Progress - Red Hat RHCE (Ansible, system roles) – In Progress