SUMMARY:

• 14+ years networking exp, Dual CCIE (R&S/Security), CQS (IP Telephony Operations Specialist)
• Security expert in VPN, Firewall, Certificate Authority, Radius/Tacacs+
• 4,5 year working in 24x7 E - Commerce and Financial Industries
• 1 year working experience within large IPSec-VPN
• 2 years working in ISP managing everything about network
• 100G speeds, high load, 24x7

TECHNICAL SKILLS:

• OS: IOS, NX-OS, JunOS, Vyatta, VMware, Windows, Linux
• High Availability and Redundancy (VPC, VSS, StackWise, LACP, HSRP, VRRP, STP, OTV)
• Routing protocols (RIP, OSPF, EIGRP, IS-IS, BGP)
• Firewall, NAT (PIX, ASA, Cisco IOS)
• WAN (10G, ISDN BRI, PRI, DSL, Frame-relay)
• IP-Telephony (Asterisk, Cisco Call Manager, IPCC, SRST, H.323, SIP, Mitel ip-telephony)
• IPSEC/SSL (Site-to-site, RA, EzVPN, WebVPN)
• AAA (TACACS+, RADIUS, ISE)
• MPLS, MBGP, TE
• IPv6 Dual-Stack; 6VPE
• Cisco ISR G1, ISR G2, ASR1K, 7206VXR routers Cisco NEXUS 9K/7K/5K/2K, Catalyst 29XX, 3560, 3750, 40xx, 45xx, 4948, 65xx/6807XL switches Cisco 5108, HP C7000 Chassis servers Cisco PIX/ ASA firewall, VPN Concentrators, 79xx IP-Phones; ATA186
• Allied Telesyn switches and media converters, Nortel, 3COM Switches, Zyxel routers, DSLAMs
• Brocade RX, MLXe, FLX,
• MITEL 3300 ICP, NSU, Universal ASU, OPS Manager, DeTeWe IP-DECT

PROFESSIONAL EXPERIENCE:

Confidential

Lead Network Architect

Responsibilities:

• Datacenter migration. DR site build-out and implementation.
• Nexus 7K/6K/5K/2K. ASK1K, CAT3750. UCS5108, HP7000. OSPF, BGP, vPC.
• Created design and configured redundant flexible multi-tenant infrastructure based on Cisco Nexus line of products accommodating needs and future growth of several affiliates.

Network Consulting Engineer

Responsibilities:

• Network Security Audit. Cisco, Fortinet, CheckPoint FW rules analysis and port closure
• Verified and restricted existing rules in 20+ sites by analyzing configs, logs,and SQL database records
• Worked with internal security and operations teams to implement changes

Resident Engineer / SME

Responsibilities:

• Nexus 9K/7K/5K/2K/1K, ASR1K, CAT38/45/65/68XX, WLC25XX/55XX, ACS/ISE, CUCM 10
• Design and documentation of NYC Transit Network infrastructure upgrade for 57 sites and 4 DCs

Sr Network Architect

Responsibilities:

• Nexus 7K/5K/2K/1K, VBLOCK, FLEXPOD, ISR-G1/2, ASR, CAT65XX/6807XL, CAT45XXe, 3750-X
• Implementing VDC, VPC, FEX, OTV in Nexus based virtualized environment
• Consolidation of many acquired businesses into one global network, planning and deployment of HQ Campus, planning and deployment of critical network elements supporting production plants

Consultant/Network Architect

Responsibilities:

• CheckPoint, Cisco ASA 5555-X
• 5 months migration project of all the rules from CheckPoint to Cisco (28 000 lines of configuration). Automated conversion and made possible to migrate the rules in 4 hours

Consultant/Network Architect

Responsibilities:

• 24x7. 10G. Large-scale networks.
• BGP, OSPF, EIGRP, Multicast, VRRP, HSRP, MST, RSTP, LAG, IPSEC, TACACS+, RADIUS. Scripting.
• Cisco Switches NEXUS, 29XX-65XX, Cisco Routers 29XX-ASR, Juniper, Brocade MLXe/MLX.

Chief of Network Dept / Sr Network Engineer

Responsibilities:

• Architecture, equipment, security, redundancy, scalability
• 24x7 network availability
• Redesigned addressing; configured iBGP/eBGP/EIGRP/OSPF; deployed ASA clusters in Datacenters, removed complexity of infrastructure and configs; deployed VPNs between HQ, Branches, Partners; participated in different optimization works as leading network expert
• Deployed network failover model for geographically spread environment
• Deployed PKI-based Remote Access for telecommuters
• Reduced telecommunication costs by 40%
• Established LIR membership with RIPE, received independent address block and ASN

Sr Network Engineer

Responsibilities:

• Architecture, equipment, security, redundancy, scalability
• Maintain relationship with RIPE and Cisco
• Develop existing infrastructure and launch new projects/services
• Created infrastructure/production addressing, deployed it; configured iBGP/eBGP/IGP; upgraded to managed switches; configured redundancy for critical environment; configured CCM4.1 IP telephony + IPCC, Asterisk PBX; deployed IPTV solution; AAA (TACACS+), syslog, snmp, sms-alarming, ssh and https management, established Cisco partnership with 63% GPL discount
• Launched L2/L3 VPN, MPLS TE, IPTV, Wireless as a network service

Leading network engineer

Responsibilities:

• Work in cooperation with management and technical personnel in worldwide based locations
• Plan, design and configuration of nation-large multiservice networks based on Cisco equipment
• Implementation of new address plan incl. separating infrastructure and production networks, summarization, public and private address usage
• Implementation of network redundancy. eBGP, iBGP, OSPF, ASA Failover, HSRP, DMVPN
• Implementation of centrally managed Remote Access and WebVPN with Radius authentication
• Peering with 3 rd parties networks. Site-to-site VPNs, RA VPNs, leased lines
• Managing network security incl. AAA, NETFLOW, SYSLOG, RTBH
• Consulting external projects for implementation of MPLS, DMVPN, Global SPs integration, etc
• Network support incl. remote and onsite troubleshooting
• VoIP management based on Cisco and Asterisk
• Designed network architecture and policy
• Launched eBGP peering with ISPs delivering redundancy for inbound and outbound traffic
• Launched DMVPN across branch offices for redundancy and scalability
• Launched iBGP across the network to implement Production networks announces and Remotely Triggered Black Hole routing
• Implemented Syslog and alarming
• Launched fully redundant failover in the HQ for LAN and WAN