Sr. Engineer with of hands - on experience in deploying, migrating and supporting critical multi-site, redundant datacenter infrastructure including carrier class networks. Hands on expertise includes routing, switching, firewall and load balancing and Wireless technologies. Outstanding customer service along with a background in Big Data, Financial Services and Telecom sectors. Moreover, I have excellent communication and documentation skills with the ability to interface at all levels. Using a common-sense approach to complex problem solving and analysis are my strong suits.
Technologies: Wireless, RF, Application Firewall, Data Center, Routing, Switching, TCP/IP, SSLVPN, Wan Acceleration, SD-WAN, Application Delivery/Load Balancing, VoIP, IPAM, NAT/PAT, Hypervisor, Virtualization, Centos 6.x
Protocols: TCP/IP, Ethernet, SIP, QoS, SMB/CIFS, HTTP, TFTP, PXE, ALG, PEAP, WPA2, EAP TLS, h3233, 3DES, AES, IPSEC, BGP, OSPF, EIGRP, MPLS, HSRP, VTP, STP, DNS, DHCP
Circuits: T/E1/3, DS1/3, OC3-OC48
Software/Utilities/Network Management: IPAM, VMware Esxi 6/7, PuTTY, Wireshark, IPerf3, Ekahau, Wifi Analyzer, Solarwinds Engineer’s Toolset, Visio, NMS; Cisco Prime, Cisco ISE, Cascade netflow
- Palo Alto PA-500/5050 7.x
- Cisco WLAN Controller 55xx
- Cisco Access Points 36xx, 37xx, 28xx
- Talari SD-WAN
- Cisco ASA Firewalls 55xx
- Cisco Nexus 9k/7k/6k/5k/2k
- Cisco ISR 1000, ASR1000,ISR4451; 29xx, 39xx
- F5 LTM/GTM 11.x
- Juniper Routers (M320, T640, M160)
- Cisco Catalyst Switches 45xx,3825,3850,3750,2960
- Tufin Appliance
- Infoblox 6.12/7.x
- Cisco C220 M4
- Cisco UCS 63xx Fabric Interconnect
- Riverbed WAN Accelerator
- VMware ESXi 6/7.x
Sr. Network Engineer
- Responsible for engineering LAN/WAN solutions and maintaining dual mission critical data center network infrastructure
- Responsible for wireless design planning, implementation, configuration, and administration globally
- Manage deployments, testing of code updates, bug analysis, and feature research
- As Lead for America’s global wireless refresh deployed and integrated Identity Management System with new wireless controller-based hardware, and network management systems (NMS) tool
- Conducted RF Analysis, heat map creation and performance load testing across the wireless infrastructure using testing and analysis tools; Ekahau Heat Mapper, Wireshark, iPERF3, WIFI Analyzer
- Performing debug level analysis from Controller to Access Points to client interaction
- Troubleshoot wireless PHY through application layer communication, client, RF, experience, and diagnosis of complex WIFI problems
- Demonstrated and tested vendor stated capabilities in each geo against test plan, documented results, and produced a side-by-side comparison scorecard to management
- Key decision maker, vetted vendor proposals, deployed multi-vendor high density Wireless POC across US/India Regions in tandem
- Developed, and executed detailed test plans against use cases, gauging product administration, technological feature set, level of performance along with the client experience
- Experience with troubleshooting and resolving application integration, systems across data, wireless and voice infrastructure
- Manage deployments, testing of code updates, bug analysis, and feature research
- Plan/execute the build of new sites, responsible for moves, adds and changes to existing
- Conceptualized, developed, architected, implemented and facilitated the adoption of a globally accessible IT lab to simulate the production LAN/WAN and deployed the lab in all Geo’s; US/IN/EU.
- Developed, documented overall use cases for building lab configurations and executing test cases, policies and change procedures for the lab environment
- Perform administration, upgrade, configuration, hands-on installation, fiber/copper cabling/rack/stack, and troubleshooting of network elements at core, distribution and access layers.
- Experience with troubleshooting and resolving software, systems, wireless and voice network issues using
- Create high-level data and designs based on best practices, presented RFP’s to 3rd party vendors, fine-tuned requirements, created BOM,
- Design, maintain server/application infrastructure solutions in f5 environment
- Gather requirements for new application deployments
- Responsible for monitoring, modifying and maintaining application delivery systems to ensure high availability, stability and response time to customers
- Create final documentation/diagrams, worked with teams to ensure quality assurance verification with the customers.
- Created and standardized build documents, developed templates, test plans and user intake documents
- Creating, maintaining, updating Visio diagrams, spec hardware, creating purchase orders
- Regional and headquarter site buildout to support redesign pre-and post-installation
- Security vulnerability remediation
- Provide mentoring/training to Jr. level engineers
- Perform Tier IV network project engineering and implementation expertise for multi-national payment card processing enterprise.
- Responsible for engineering LAN/WAN solutions and maintaining mission critical data center network infrastructure. To include taking architectural, high level requirements from design to implementation and creating final diagram for operational handoff.
- Define standards for base configuration of network infrastructure
- Gather requirements for configuration, deployment, and documentation of network infrastructure for Data Center buildouts.
- Engineer and redesign extranet, customer networks in an environment to include redundant fault tolerant schemas within standard.
- Serve as point of escalation to junior and mid-level support engineers.
- Serve as key member in the creation of Default Access Standards for all production firewall’s
- Serve as key member of Network Segmentation team to create interdepartmental IT strategy regarding overall network maintenance, cleanup and related PCI risk discernment
- Perform quarterly firewall audit and analysis and documentation
- Tune, configure, maintain Tufin appliance
- Created overall firewall cleanup process and workflow procedures
Network Security Engineer
- Tune, troubleshoot, configure Cisco 4260 IPS appliance and 5510 Firewall and IPS Module in production environment
- IPS signatures fine tuning, customization, applying software updates and licensing, creating custom signatures, anomaly detection.
- Responsible for filtering IDS reports, determining threat level, evaluating affected systems, taking corrective action
- Perform a gap analysis of IDS and MARS configurations and make recommendations as appropriate.
- Perform event analysis and provide response and recommendations to senior IT leadership
- Implemented Cisco IPS devices in the production environment at network perimeter
- Configure MARS as a receiver of security information from all network devices directly connected to a secure zone or PCI/Hippa regulated device
- Implemented in-depth MARS tuning and integration with AAA (Cisco ACS)
- Produce PCI documentation related to logging, network security and IDS.
- Assist with Network Segmentation design and Cisco 5580 firewall deployment/integration with existing Juniper Netscreen
- Exposure to Juniper Netscreen architecture via training and design sessions
- Created operational guide outlining security operations procedures, threat detection and escalation
- Responsible for deciphering annual penetration tests, remediating security threats found therein and employing the latest encryption standards, patches, and or security best practices.
- Responsible for filtering IDS reports determining threat level, evaluating affected systems, taking corrective action
- Implemented McAfee IPS devices in the production environment at all network perimeter access points.
- In charge of creating and updating comprehensive network diagrams.
- Interpret and integrated SAS70and PCI audit control language to Confidential network
- Performed network engineering and fault resolution for financial payments processing applications.
- Troubleshooting Cisco routed, switched, and firewalled networks in production environment
- Troubleshooting active directory, DNS, DHCP, authentication in Windows 2000/2003 environment
- Performed design, planning and execution phases of mission critical network consolidation and integration projects in a multi-tiered enterprise network.
- Built out entire DEV, QA, UAT environments for Accounts Payable software platform
- Liaised with business leadership to gather application requirements and design solutions.
- Interfaced with vendors, negotiated cost performed TCO Analysis and procured network gear and software.
- Developed tracking controls for network moves, adds, and changes
- Implemented equipment configurations, circuit migrations, and consolidation for all network changes
- Build, maintain, troubleshoot site to site and client to site VPN tunnel configurations
- Resolving network outages and troubleshooting during On Call rotations and maintenance windows
- Performed day to day Data Center network administration and firewall changes including 24 hour on call rotation.