Diako Nourfardi
Networks and Security
Doncaster,VIC
Summary
Dynamic IT professional with over 20 years of extensive experience in network systems, specializing in network design, architecture, and modernization. Expertise includes routing and switching, VoIP, security, and advanced troubleshooting, consistently delivering cost-effective solutions for complex, multivendor infrastructures. Proven track record in managing high-impact projects across government, healthcare, and finance sectors, ensuring scalable and secure systems tailored to organizational needs. Strong problem-solving abilities combined with a commitment to continuous learning position this professional to drive team success and advance organizational objectives through strategic network enhancements.
Overview
23
23
years of professional experience
10
10
Certification
Work History
Senior Network Security Engineer
South East Water
06.2025 - 12.2025
- Designed and implemented a comprehensive security architecture for a large-scale enterprise system
- Developed and implemented security policies and procedures to ensure the security of an organization’s IT infrastructure and data
- Developed and implemented a risk assessment program to identify and protect against potential threats
- Designed, implemented and supported Azure VDC using HUB-Spoke Model, Vnets, Site-Site-VPN and VPN Gateway, ExpressRoute Circuit Setup, Configuration, BGP Routing Provider coordination and delivery, Connection test and QoS Connecting back to the physical Equinix DC and sites
Network and Security Architect
Baptcare
01.2025 - 06.2025
- Managing and configuring FortiOS, FortiManager, and FortiAnalyzer
- Firewall architecture, Policy creation, zero-trust, traffic inspection, VPN configuration, intrusion prevention, QoS, SD-WAN and advanced threat protection, NAT, SSL decryption, IPSEC and SSL VPNs and user authentication to ensure robust network security
- SD-WAN Design, Monitoring and Diagnostics, Migrating Interface To SD-WAN with Redundant IPsec Site-to-Site VPN and ECMP Load Balancing
- Troubleshooting SD-WAN routing and rule matching issues
- Implemented access controls to restrict user access based on organizational requirements
- Optimized FortiAnalyzer performance based on best practices
- Troubleshooting issues with web filtering, intrusion prevention systems, and FortiGuard
Network and Security Architect
ETHAN / PACT Group
03.2024 - 12.2024
- Designed, implemented, integrated and supported Azure VDC using HUB-Spoke Model, Vnets, Site-Site-VPN and VPN Gateway, ExpressRoute Circuit Setup, Configuration, BGP Routing Provider coordination and delivery, Connection test and QoS Connecting back to the physical Equinix DC and sites Vendor and DC mgmt.
- Designed and deployed Palo Alto firewall Virtual appliance ingress/egress stack instances, Leveraging Entra ID's conditional access policies to control access to PAM tools, achieving Zero trust Network Access
- Created Virtual Networks, subnets, IP IDR, and NSG with custom rules, Virtual Machines, Storage, DDoS, Network Watcher, Automation Acct/Run books/DSC, Key Vaults, F5 Load Balancer and Traffic Manager
- Provided support and assisted with end-user issues with resources for Azure and On-premise services using Service Now Ticket
- Uplift, Redesign and Network and Security Optimization of the current network adopting SASE framework utilizing MS Azure, Cisco Meraki SD-WAN, Azure Virtual palo Alto
- Network documentation. Created easy-to-understand interactive network diagrams and relevant information for junior service desk staff
- Implemented production changes during defined maintenance windows with on call after hours / weekend support
Senior Network and Security Architect / Engineer
Adecco Group
03.2019 - 06.2023
- Design, re-Design, uplift and deployment and support of network services for two datacenters and 20+ sites across Australia
- Single point of contact between Service Owners, Service Providers, the MSP and technical specialists coordinating the design and development
- Tight engagement with MSPs for design and delivery of various technologies and projects along with standard documentation and as-built material
- 24x7 BAU support – due to the large number of users, versatile intensive BAU support at the time of covid in particular
- Network optimization in terms of speed and performance, uptime and security
- Public DNS and Domain mgmt. – A, SFP, MX, and DKIM records etc.
- NetScaler - Server pool mgmt., SSL offload, security hardening, patching etc.
- VPN – Pulse secure, certificates, AD integration, end user t-shoot
- Checkpoint – mgmt., policy and application rules, IPsec tunnels and IPS
- Work has always been the first priority
- Change mgmt. – preparing and presenting changes at CAB including rollback plan, risks and workarounds
- Data center mgmt., redesign and relocation inc. rack design, new deployments and maintenance
- Periodic Network performance and security reviews, discovering bottlenecks and performance issues
- New solution for ad-hoc or temporary problems
- Team coordination – working along with multiple other teams in AU, South east Asia and Europe
- Completed projects:
- Checkpoint to Palo alto migration inc. initial design, current environment discovery, security hardening and Change mgmt. for a successful migration of policies, IPS, IPsec tunnels, use experience et.
- Datacenter relocation and re-design – Coordination with multiple teams to relocate links, services, and optimize the new deployment
- MPLS network move to new carrier for 22 sites and the DC
- Zscaler deployment
- Meraki deployment / merge inkling MS, MR and MXs with SD-WAN
- Microsoft Teams deployment – QoS, firewall hardening and end user test
- Akamai deployment for DDoS prevention
- Deployment or relocation of sites, design and config of R&S, wireless and firewall services
Senior Network Architect
Spotless Group
12.2018 - 03.2019
- Completed projects:
- Design, deployment and commissioning of 5 state offices (100-200 staff each) utilizing technologies such as MPLS, BGP, Core routing and switching, Meraki firewalls and Wireless followed by documentation, as-built and support
- Firewall mgmt. Palo Alto firewalls with Panorama central mgmt. utilizing policy rules, IPsec tunnels, application control, global protect SSL VPN solution with AD integration etc.
- Account mgmt. for vendors, third parties and couriers
- BAU network maintenance and troubleshooting
Senior Network and Voice Engineer
Red Cross Blood Services
12.2016 - 09.2017
- Completed projects:
- Migration of voice and video systems from Cisco CUCM, CUC and UCCX 8.6 to 11 for 90 sites national wide, including vendor mgmt. redesign, leading TBC team and change mgmt.
- Migration of national local wireless systems to a centralized Cisco wireless LAN controller (WLC) for national donor and process centers
- Data center mgmt. maintenance and redundancy for Datacenters on Cisco Catalyst 6500, Nexus 9K, VXLAN/BGP/EVPN Fabrics, Introducing Cisco APIC Server/ACI and leaf/spine design, to the already existing Nexus fabric
- Security and VPN mgmt. on Cisco ASA and checkpoint firewalls
- BAU network and telecommunication maintenance and t-shoot
- F5 Administration (LTM, ASM, GTM) rule creation server pools and security hardening
Senior Network and Collaboration Consultant
Viatek
12.2015 - 12.2016
- Presales, deployment and migration of Cisco unified communication / UCS from PABX or older versions along with supplementary services including telepresence and JABBER for large to medium scale clients i.e. Kerang hospital and Camberwell Grammar school
- Design, roll-out and support of complex Cisco Unified communication and telepresence, JABBER etc. for LMHA (Loddon Mallee Health Alliance)
- Managed service for LMHA covering rural hospitals such as Bendigo, Swan Hill, Kerang, Marryborough, Cobaw etc.
- Preparation of project plans, quotes, proposals etc. for design and implementation of data, voice, wireless and security services
- Holding presales meetings with medium to large scale enterprises to uncover their needs and providing them with the most appropriate solution for service efficiency and business continuity
Senior Network Analyst
Golder Associates
04.2015 - 12.2015
- Design and Deployment of Cisco CUCM/CUC integrated with Microsoft Lync for large scale environments along with supplementary services such as UCCX scripting, SRST etc.
- Management, design and implementation of a multi-domain network of 20+ sites in Australasia with complex routing on global and local MPLS / DMVPN
- Vendor management for carriers and vendors for provisioning, installation, changes and decommissioning of various vendors such as Cisco, Telstra, AAPT, BT etc. for data and voice products and services
Senior Network and collaboration consultant
Viatek
08.2014 - 04.2015
Senior Network and Voice Engineer
Pepperstorm / Telstra Business Centre
03.2014 - 06.2014
- Implementation of Wireless LAN Controllers (vWLC, WLC) and integration with Microsoft NPS radius server with guest portal and multi SSID scheme with a variety of authentication methods over a large multisite environment for William Adams / Melbourne
- Design, Implementation and testing of Complex Voice and Data Networks consisting of Cisco CUCM, CUCME, SIP, CUBE etc. along with MPLS networks with Complex routing and switching environment.
- Project management and assuring that customer needs are met by the deadline
- Creating high standard up-to-date network As-built documentations
Senior Network Consultant
elmtree consulting services
02.2013 - 03.2014
- Vendor management for large scale AAPT whole sale services, Cisco Systems, WatchGuard firewalls and other vendors, assuring the enforcement of SLA’s
- Technical lead for network, routing and switching, security, voice and wireless
- Pre-sales, design & implementation of networks, security and voice solutions
- Firewall administration and deployment using multiple vendors, most notably Cisco ASA and WatchGuard
- Wireless design and deployment. (Autonomous/Lightweight)
- Cisco VoIP, including design and implementation of UC500, CUCME/CUCM
Senior Network Officer
City of Yarra Council – Seconded from elmtree
04.2013 - 07.2013
- Team lead for the Network migration team of ~20, for SLA commitments and quality assurance to ensure meeting standards and business continuity, including holding weekly meeting and following up with the progress of individuals
- Deployment of Ciena distribution switches for application infrastructure across Pri and Sec datacenter.
- Point of co-ordination for multiple vendors mainly WAN services, microwave links, Cisco, Juniper and the Council, generating purchase orders, managing competitive quotes to assure effective use of resources
- Maintenance and troubleshooting of security appliances and solutions such as Juniper firewalls, IronPort Web and Mail security
- Creation of easy-to-follow instructions for non-technical users
- Installation, Implementation and network map design of SolarWinds NPM and NCM for high level reporting, availability and configuration backup for a large-scale network of ~1200 users over +20 sites over LAN/WAN/MAN
Network Support Engineer
UECOMM, NOC (Network Operation Centre)
12.2011 - 02.2013
- 24x7 operations, configuration, troubleshooting, maintenance and monitoring of backbone fiber links and ensuring continuous operations of the services
- Service provision (monitoring and graphing for co-location, leased lines, customer backup and other customer network services)
Cisco Systems Tutor (CCNP)
Swinburne University of Technology
08.2011 - 12.2011
- Instruction of Cisco CCNP students
- Assistance with troubleshooting networks for students
- Provision of education to networking students and guidance with their assignments
Network Engineer
HEXA Consulting Engineers
07.2002 - 04.2008
- Implementation and maintenance of routing and switching environment including hardware installation and cabling, VPN and site-to-site connections, server environment and datacenter maintenance
- Implementation of VoIP and QoS using Cisco 2800 and AIM-CUE
- Counseled and provided recommendations to company executives on budgeting
Education
Master of Network Systems - Cisco networks
Swinburne University
01.2011
Bachelor of Software Engineering - undefined
Azad University South Tehran Campus
01.2007
Skills
- Vendor coordination
- Multi-project oversight and planning
- Client relationship management
- Team leadership in project management
- Expertise in Cisco technologies and services
- Network design and compliance
- Comprehensive network design expertise
- Advanced routing and switching design
- Azure virtual network design and configuration
- Security technology implementation
- SASE framework implementation
- Proficient in implementing security controls
- Network access control integration
- Implement wireless technologies and conduct Wi-Fi predictive surveys
- Server pool and SSL offload management
- QoS implementation in layer 2 and 3 networks
- Implementation of monitoring tools and analysis
- Proficient in VMware vSphere and ESXi
- Unified communication solutions
- Active Directory and SCCM management
- Network security design
- Secure network architecture
- Security incident response
- Vulnerability assessment
- Network troubleshooting
- Identity and Access management
- Firewall installation
- Wireless security
- Penetration testing
- Cloud security
- Virtual private networks
- Patch management
- VXLAN designs and troubleshooting
- Firewall configuration
- Network monitoring
- Teamwork and collaboration
- Problem-solving abilities
- Multitasking Abilities
- Critical thinking
- Adaptability and flexibility
- Security protocols
- Intrusion detection and prevention
- Software licenses and patches
Certification
- CCNP (Cisco Certified Network Professional), 2011
- CCDP (Cisco Certified Design Professional), 2013
- CCNP-Voice (Cisco Certified Voice Professional), 2016
- CISSP (In progress)
- CCNA-Voice (Cisco Certified Network Associated Voice) 2015
- CCNA-Video (Cisco Certified Network Associated Video) 2015
- CCNA - Cisco Certified Network Associate
- CCDA (Cisco Certified Design Associated), 2013
- CCNA-SECURITY (Cisco Certified Network Associated – Security), 2011
- Cisco Collaboration Architecture Design Specialist (PSACASE), 2014
- Watchguard firewall professional, 2013
Languages
Excellent communication skills in English, and native speaker of Persian-Farsi
Timeline
Senior Network Security Engineer
South East Water
06.2025 - 12.2025
Network and Security Architect
Baptcare
01.2025 - 06.2025
Network and Security Architect
ETHAN / PACT Group
03.2024 - 12.2024
Senior Network and Security Architect / Engineer
Adecco Group
03.2019 - 06.2023
Senior Network Architect
Spotless Group
12.2018 - 03.2019
Senior Network and Voice Engineer
Red Cross Blood Services
12.2016 - 09.2017
Senior Network and Collaboration Consultant
Viatek
12.2015 - 12.2016
Senior Network Analyst
Golder Associates
04.2015 - 12.2015
Senior Network and collaboration consultant
Viatek
08.2014 - 04.2015
Senior Network and Voice Engineer
Pepperstorm / Telstra Business Centre
03.2014 - 06.2014
Senior Network Officer
City of Yarra Council – Seconded from elmtree
04.2013 - 07.2013
Senior Network Consultant
elmtree consulting services
02.2013 - 03.2014
Network Support Engineer
UECOMM, NOC (Network Operation Centre)
12.2011 - 02.2013
Cisco Systems Tutor (CCNP)
Swinburne University of Technology
08.2011 - 12.2011
Network Engineer
HEXA Consulting Engineers
07.2002 - 04.2008
Bachelor of Software Engineering - undefined
Azad University South Tehran Campus
Master of Network Systems - Cisco networks
Swinburne University