PROFILE:

• 15+ years’ experience in implementing and operating mission critical network connectivity and security solutions provisioning.
• Excellent problem solving, multitasking, team leadership and communication skills.
• Highly resourceful and result oriented, with great sense of judgment
• Robust verbal, written communication skills complemented with customer management skills.
• Meticulous with processes, procedures and organization
• Highly collaborative with good leadership and mentorship skills - a great team player
• Solid understanding of business processes & understanding of the organization’s goals and objectives

AREAS OF EXPERTISE:

• VPN, NAT, IPSec, Firewall, ASA, FWSM, ASASM, IPS, IDS, Antispam, Antivirus - NAC (wired and wireless)
• VPN IPSEC encryption methodologies and pre shared key management
• Microsoft Server Installation (Physical and Virtual), and Administrations.
• Architecture, Design, Planning, Operation, Support & Maintenance
• Data Network Platforms: TCP/IP, MPLS, Switching and Routing Protocols (BGP, OSPF, RIP, VLAN), PBR, VPN L2, L3, Ethernet, QoS, VPLS, MPLS, DHCP, DNS, HTTP, SMTP, FTP, SNMP, OSI Layers 1-7, HSRP
• Voice & Data, LAN/WAN, Internet, Satellite/VSAT Solutions, Metro Ethernet
• Application Software and Operating Systems, Data Center, Storage Area Network, Virtualization, Colocation VoIP, IPT, Video Conferencing, IP PBX, Call Centre Solution, Architectures and Platforms
• Network troubleshooting, debugging, diagnosing and reporting, Load-balancing
• Mobile, Wireless, & Fixed/Wired Networks (Voice & Data)- APN, Wi-Fi, 2G/3G/4G LTE, DSL
• Transport & Optical Network: DWDM/ROADM, FOC, FTTX, SONET, ISDN, Open Network (SDN, NFV)

TECHNICAL PROFICIENCY:

Platforms: Firewalls Cisco ASA, Palo Alto, Checkpoint UTM

Security Solutions: Lancope StealthWatch, Cisco secured ACS, Cisco ISE and Cisco Sourcefire, Cryptography, PKI, F5 Big IP.

Cisco: Routers & Switches (2900, Catalyst 6500, 3650, 3860,); NAC, ASA55XX, ASASM

Data Center & Virtualization: IBM, HP, Dell. Microsoft Windows Server 2012, Active Directory, Checkpoint, MacAfee, VMware/VSphere ESXi

Voice Platforms: Cisco Unified communications 300,540, manager express.

Wireless: Cisco and Aruba.

Network & Systems Management: Cisco Prime Infrastructure, Cisco Prime Network Registrar

EMPLOYMENT HISTORY:

IT Network/Security Consultant

Confidential

Responsibilities:

• Designs and reviews the network (Wired & Wireless) and configurations on routers, switches, WLAN controllers, Load Balancers.
• Oversee the design and implementation of multi-factor Authentication (MFA) in the environment
• Designs and review network security rules on firewalls, proxy servers, routers and switches etc. within the organization.
• Design and implement privilege users access in the environment through Cisco Radius NAC server (Cisco ISE)
• Review of VPN connectivity and remote users.
• Manage user access (standard & Privilege) across the environment

Confidential

Network Engineer

Responsibilities:

• Build Checkpoint Gaia 77.20 firewall clusters
• Migrate Checkpoint IPSO firewall clusters to Gaia 77.20
• Build Palo alto PAN 7.0 Firewall clusters
• Build Cisco Firepower IPS management and sensors.
• Migrate McAfee IPS and managers to Cisco Firepower.
• Migrate Checkpoint IPSO firewall clusters to Palo alto PAN 7.0
• Work and resolve network tickets relating to Cisco Routers, switches (Catalyst and Nexus), F5 Load balancers (GTM and LTM), Bluecoat Proxy servers, McAfee IPS and Firewalls (Checkpoint and Palo Alto.)

Infrastructure Security Design Engineer

Confidential

Responsibilities:

• Monitor access controls and projects implementations to make sure security policies and standards are followed.
• Review network security rules on firewalls, proxy servers, routers and switches etc. within the organization.
• Develop proposed solutions using the Payment Card Industry Data Security Standard (PCI DSS) standard knowledge of processes.
• Design and put in place security controls (preventive, detective and responsive) for clients based on their business need.
• Design network perimeter security using bluecoat ProxySG, Checkpoint firewalls and other security devices.
• Used best practices to harden layer 2 switches, routers, firewalls and network infrastructures.
• URL filtering for authorized users and for advanced attack prevention.
• Designed remote user VPN with multi factor authentication
• Deployment and management of McAfee NSP (IPS sensors, NSM and ePO)

Sr. Security Delivery Engineer

Confidential

Responsibilities:

• Understand client’s requirement and help design security solution
• Work with the customer’s representative to implement the solution, mostly after hours.
• Designed and deployed Cisco Meraki controlled network. Hub and Spoke and wireless enterprise networks
• Implemented VPN (Site to site and remote users) on Cisco ASA, Palo alto with multi authentications using RSA Securid and Symantec VIP
• Successfully implemented McAfee NSP, Juniper, Palo Alto and ASA firewalls, Anti-Virus, Anti Bot and IPS.
• Develop proposed solutions using the Payment Card Industry Data Security Standard (PCI DSS) standard knowledge of processes.
• Implemented network access controls with Cisco ISE using 802.1X security protocol in enterprise networks.
• URL filtering for authorized users and for advanced attack prevention.
• Configured and deployed Cisco ASA 5580, 5585-X, 5512=X, Cisco ISE and ACS, Bluecoat Proxy SG S-200 and S400, Palo Alto (PA-7050, 500, 5020, 3050), McAfee IPS/IDS in live environment
• Configured and Juniper firewalls and McAfee NSP M-2850, NS-9200 and M-1450 in live environment

Security/Network Engineer

Confidential

Responsibilities:

• Deployed & managed Cisco 4331, 4431 routers.
• Deployed Cisco 3850 Stacked switches.
• Deployed F5 Big-IP 2000s local traffic manager (LTM)
• Deployed Cisco 2960X Stacked switches.
• Configured and managed EIGRP, MPLS, QOS, VRFs and VLANs.
• Deployed & managed Cisco 5508 Wireless LAN controllers (WLC) with High Availability.
• Deployed and managed Cisco ASA 5555X firewall with High Availability
• Created and managed all firewall policy rules to ensure application availability and functionality.
• Deployed and managed Cisco secured access controlled servers (ACS) for centralized AAA access control of management users of network access devices.

Security/Network Engineer

Confidential

Responsibilities:

• Deployed & managed ASA 5585X Firewalls to protect the Core IT Infrastructure at Primary and Secondary Data Centres.
• Deployed & managed ASA5585X Firewalls with Firepower to protect the whole of the PAN AM wide area Network from the public internet.
• Team member in deploying, upgrading and managing Cisco identity service engine (ISE) manage secured access of users and guests.
• Managed all Cisco ISE policies that allowed for defined access and application availability for specific groups of users and endpoints.
• Managed all firewall and policy rules to ensure application availability and functionality across multiple firewall layers
• Deployed VPN infrastructure to support remote users and managed all Radius Infrastructure (Symantec), integration with Microsoft Active Director, Authorities (internal and third party)
• Provided 2nd level user supports on the windows server infrastructure side like user account creation, password reset, print queue creation, user addition to a group, logs review among others.
• Deployed and managed Cisco secured access-controlled servers (ACS) for centralized AAA access control of management users of network access devices.
• Implemented Lancope StealthWatch to watch over the whole PAN AM WAN network both prior to and during the Games. Established baseline behaviors. Reported and investigated abnormalities.
• Deployed and monitored Sourcefire IPS (intrusion prevention system) instances to monitor the whole network for vulnerabilities. Signature based data traffic analysis was implemented.
• Provided (2nd level and 3rd level) Support to the network engineers in routing and switching issues within the network.

Consulting Network Engineer

Confidential

Responsibilities:

• Configured ASA firewalls (5512) to protect enterprise networks (failovers implemented)
• Implemented DMVPN Tunnels using Cisco 2951 routers.
• Designed and implemented site-to-site and remote VPN connections using cisco and Palo Alto firewalls at the edges.
• Deployed Cisco WLC 2504 and several access points.
• Deployed Palo Alto PA 2020 Firewalls.
• Install and manage Microsoft servers. Physical servers and virtual servers are deployed. ESXi hypervisor deployed with server instances residing on. Physical to virtual (P2V) migration implemented.
• Radius servers installed within Microsoft server for users’ authentication (local and remote users).
• Installations and of personnel on the use of Cisco VPN clients, preparing the remote laptops for VPN connectivity.
• Provided 2nd level support to the sales and customer service department.

Systems / Network Engineer

Confidential

Responsibilities:

• Led technical team on quotes generation of products and services and its negotiation with prospective clients.
• Managed and coordinated series of network designs for clients.
• Recommended and facilitated purchase of network equipment devices and applications based on the needs of clients.
• Created and maintained IT policies for in house departments and for managed clients.
• Coordinated and took part in new HP, Dell servers’ installations, remote managements, hardware upgrades and monitoring.
• Coordinated and actively led the installations, configurations, remote managements of network equipment like Cisco routers (2800 series, 3800 series, 1900 series), cisco switches (3500, 3700, 6500 series).
• Led series of enterprise network security assessment for vulnerabilities and recommended overhauls, upgrades and maintenance/monitoring practices for clients.
• Proffer network security solutions for cooperate clients against virus, spam, intrusion. Led the provisioning with ranges of devices and applications like Cisco ASA5500 series of firewalls, Cisco intrusion prevention system, McAfee firewall
• Windows network forests and domains were created with network operating systems like windows 2003, 2008, and 2012. Server roles and features like DNS, DHCP, Active directory, Radius, Domain controller were implemented.
• Prepared departmental budgets and planning for the in-house departments and for cooperate clients.
• Third party enterprise backup applications like Symantec ‘Backup exec’, were recommended and deployed and maintained for clients.
• VPN (IPsec) remote and site-to-site secured connection solutions were provided using cisco ASA firewalls and Microsoft server’s radius services.
• Managed the installations, scheduled maintenance and backup of Microsoft SQL server instances.
• Manages projects resources (Human, capital and material) in line with given time line.
• Produced the Project Management Plan that defined the project scope of work, budget, schedule and project methodology; revised the plan throughout the project life cycle to meet projects changing needs

Network Engineer

Confidential

Responsibilities:

• Responsible for configuration changes, troubleshooting of network equipment and protocol maintenance, analyses, development and performance tuning
• Maintained network security and mitigated threats to Cisco switches and routers in coordination with the IT Security team
• Maintained network redundancy and ensured network resilience and fault tolerance
• Resolved user requests, and/ or issued tickets within or less than SLA specified times
• Monitored and reported network status to engineering/ management
• Design and implement various Networks for the clients. Assign IP Subnet, allocate IP for Primary Router, Backup Router, Printers, ThinClients, etc and configure accordingly.
• Configured Sonicwall Firewall, Cisco ASA, Wireless Routers (like D-link), and different branded Access points (like Cisco Aironet 1140).
• Maintain Radius Server- configuring/managing user authenticity, IP Framed Route, IP Subnet/s.
• Maintained Linux based DNS and Mail Servers and also windows based MS Exchange Server.
• Created VM servers with ESXi and administered the VM Servers using V-Center.
• Interfaced with the clients and led the creation of best-fit Network Architectures, Processes and Procedures in order to meet business objectives in a timely fashion
• Assumed successful responsibility as a network architect for the design, implementation and support of LAN/WAN, Computing, IP Telephony and Electrical solutions. Effectively completed various Application Software, Voice, Data and Network Security solution projects within the stipulated time and budget