- Proficient in network and security technologies (18 years) including software defined networks (SDN Openstack) and Network Function Virtualization (NFV).
- Compliance readiness (i.e. NIST 800 - Series, DIACAP, FISMA, FedRAMP, FIPS) and technical security architecture/design/development/implementation.
Sr. Network and Security Consultant
- Supported and migrated clients secure remote access infrastructure to Pulse MAG platform (over 2000 users).
- IP Engineer and deployed geographically diverse Datacenter, MAN's, R.O and F.O Juniper MX Router, SRX firewalls and EX switches, real and virtual instances.
- Production supported monitoring tools to include Netcool, SolarWinds and third party (non-standard) platforms.
- Managed Riverbed LAN|WAN Optimizers and Accelerators and Loadbalancers.
- Performed network, traffic and security analysis including bandwidth and utilization and trend reporting.
- CSIRT alert responding.
- Worked as ip/network SME to liaison with Application Q.A and Devops Team to troubleshoot VMWare (NSX) virtual to physical links and session/transaction analysis using Wireshark, HTTP Trace, Fiddler among others.
- Supported Infoblox's DNS/DNA platform - multiple geographically diverse clusters.
- Supported/engineering lead for phased application migration to virtual servers and load balancers for subsequent hosting on AWS|Azure cloud infrastructure.
- Compliance standards including FIPS, Networkx and other NIST mandated including Einstein E3A, managed firewall, managed Virtual Private Network (VPN), managed intrusion detection, managed boundary anti-virus protection, managed secure web proxy, and on-site network and security management.
- Familiarity with Juniper Networks Contrail, network function virtualization solution.
- Performed knowledge sharing /training for the team.
- Performed on-call and volunteered with work shift coverage.
- Liaison with client on Engineering matters.
- Used ticketing system from Remedy and Service Now.
Sr. Network and Security Consultant
- This youth/teenager targetting retail industry based client has over 3000 store locations, multiple distribution centers and datacenters.
- To stay relevant with new technology trends it wished to redesign its shopping floor and internet based shopping experience to include mobile devices.
- Inorder to perform data storage and analytics it wanted to build its own private cloud, and migrate sharable resources to vendor provided public cloud.
- Video communication is a common media of connectivity.
- Monitoring, networking and security devices were multivendor, while OS were primarily Windows, Linux and Mainframe.
- WAN services are provided by multiple ISP, with due consideration for redundancy.
- Cloud based virtualization and mobile technolgies were preferred.
- Access to guest/hotelling users were provisioned on the fly using Juniper SA 4500. Performed upgrades.
- Troubleshot access issues using log/troubleshooting tools. Managed network connect profiles.
- My role was to understand the interplay of the LAN and WAN technologies and recommend a design for their international expansion in ASIA-PAC region.
- These included BGP, OSPF, MPLS (LDP/RSVP), Qos (for store).
- This was done after understanding of traffic pattern across the network using monitornig tools like Cacti and NetQos.
- Vendor evaluation for loss prevention Solution was also performed.
- Production supported routers, switches, firewalls, loadbalancers among other layer 1-3 devices.
- These were primarily from Cisco (IOS, Nexus), Juniper (JUNOS SRX, MX, M,T), Palo Alto and F5.
- Used provisioning softwares including Junos Space, Cisco Prime, NetMri, Infoblox (for DNS updation).
- Configure virtual routers, switches, lans and firewalls for cloud based data center architecture.
Sr. Security Consultant
- This DOI network was performing Bureau networks consolidation.
- The migration to cloud based topology needed gateway ISG firewalls replaced with Juniper SRX.
- This called for revisiting security posture and policies (over 1500) in consultation with network engineering team.
- Propose to client the best practices and ensure minimum downtime during the switch.
- Configured managed and supported Juniper SA 4500 clusters for access to the private TIC compliant DOI (Dept. of Interiors) Network.
- Configured DHCP access pools, managed JAVA version mismatches.
- Redesign/migrate/rehome virtual routers/switches and firewalls to account for the new layout.
- TIC complying gateway layout. Migrate NAT rules and policies.
- Troubleshoot F5 Load balancer.
Sr. Security Engineer
- Consolidate two Datacenters into one cloud based, using switching, routing and firewall virtualization technologies.
- Migrating a few Cisco IOS devices to Junos.
- Architecture, design and implement virtual switching of EX4200 virtual-chassis, MX80 routers, SRX firewalls, 3400's and SSL-VPN Juniper SA4500's along with Cisco switches.
- Met demand for fast design roll out and configuration.
- Meet project timelines and liason with other technical and PMs.