SUMMARY

• Experienced Network Engineer exceptionally well - versed in Routing and Switching. Offering diverse experience of over
• Proven skills in Network Implementation, Troubleshooting & Customer support.
• Confidential, Microsoft Certified IT Professional, Diversified 7+ Yrs Network Support Experience
• More than 7 years of experience in Network environments and Data Centers
• Adept at troubleshooting complex network infrastructure issues.
• Proficient in providing good customer support. Effective team leader with excellent communication skills.
• CCNP and CCNA certified - 7 years of professional experience in Network Planning, Implementing, Configuring, Troubleshooting and Testing of networking system
• Strong hands on experience on PIX (506, 515, 525, 535), ASA (5505/5510) Firewalls.Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA ( TACACS+ & RADIUS )
• Strong hands on experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K, 2K series, Confidential router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Confidential catalyst 6500, 4500, 3750, 3500, 2900 series switches
• In depth experience with Confidential routers, switches, Nexus, Firewalls, VPN’s and ACS/ISE Server.
• Security Specialist certified with 7 years of extensive experience in Technical Support with LAN/WAN/ Confidential VOIP, QOS, Confidential Prime Infrastructure, Checkpoint Firewall/ Confidential ASA/Firepower/FTD/Palo Alto Firewalls, Qualys and Keena vulnerability management, amazon web services (AWS) cloud
• Configured Nexus Switches(7k,5K, 2K) by using virtual port channel, fabric extender, virual device context and port channeling
• Extensive knowledge of computer hardware & software, including desktops, laptops, mobile phones, tablets, and network devices.
• Experienced in deployment, refresh and maintenance of multiple network devices and appliances such as (Routers, Switches, Wireless Controllers, Access Points, NAC, and Prime Infrastructure, etc.).
• Effective team leader with excellent communication skills.
• Excellent in implementing innovative and tailored solutions to meet the changing business requirements
• Good knowledge and experience in Installation, Configuration and Administration of Windows Servers 2000/2003, Active Directory, FTP, DNS, DHCP, TFTP, Linux OS under various LAN and WAN environments
• Advanced knowledge of creating and deploying internal and external wireless network .
• Administering & designing LANs, WANs internet / intranet
• Analysing & developing key components using methodology prescribed techniques.
• Working with multiple technical platforms and multi-vendor products.
• Responsible for communication protocols, configuration, integration & security.
• .Dinternet, WAN, remote access/site-to-site IPSEC VPN to hosted services virtualized over the cloud IP backbone using MPLS L3VPN VRFs, load balancing and application security for published applications through F5 LTM and ASM
• Provisioned IaaS customer services over Confidential ACI network infrastructure includes Aps, EPGs, BDs, service graphs and L3out OSPF integration to the core network
• Participated in building MEEZA Multi-Tenancy SOC network infrastructure and onboarding over 10 clients to the SOC services

TECHNICAL SKILLS

Routers: Confidential routers 1700, 1800, 2500, 2600, 2800, 2900, 3200, 3600, 3700, 3800, 4000, 7600, Juniper Routers like, M320 and MX80

Switches: Confidential switches - Layer 2 2900 series, Layer 3 3560, 3750, 4500, 6500, Avaya switches, juniper switches like EX2200, EX2500

Network Management Tools: Confidential Network Pulse, Net Voyant, HP Service Desk, Service Now, HP Network Automation, IP Plan, CMDB, LMDB, IP Angry Scan, NMTP,IDS IPS, ACL, Netflow Analyzer, Smokeping, CS-MARS.

VPN: Checkpoint NGX R60, NG AI R55, VPN1 pro, Secure Remote/Client, License management, Confidential works 2000

Network/ Security Services: DNS, DHCP, WINS.

Protocols/ Services: Routing Protocols RIP v1 v2, IGRP, EIGRP, OSPF, BGP, TCP/IP, PPP, HDLC, Frame Relay, ATM, MPLS

Operating Systems: Windows XP/2000/20003/NT/7, UNIX, OSX

Reports: Microsoft Visio pro.

Firewall Security: Checkpoint, Confidential ASA, Juniper SRX.

Scripting Automation: python and pearl

PROFESSIONAL EXPERIENCE

Senior Network Engineer

Confidential

Responsibilities:

• Resolving issues that tiers of support have escalated.
• Responsible for complex analysis and resolution of escalated problems within the department.
• Confidential & HP switch configuration in particular VLAN configuration/troubleshooting.
• Design and deploy functional networks (LAN, WLAN, WAN, SDwan).
• Suggesting improvements to network performance, capacity and scalability
• Working with multiple technical platforms and multi-vendor products.
• Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking, deployed port security when possible for user ports
• Used Kiwi-Cat tools to manage configurations from desktop for network devices, including routers, switches and firewalls. Generate network device configuration reports, such as port, MAC, APR and version details
• Configure, enhance and operate the enterprise wireless network infrastructure, diagnose tools, automation, and recovery systems using standard or proprietary scripting and utilities.
• Assist the service desk and application development teams with technical support in a Windows and Linux environment as needed. Perform a variety of other administrative and technical work in support of both the service desk and application development teams.
• Responsible for network project implementation and operation support in Changi General Hospital (CGH) network.
• Provide front end on-call network support 24x7x365 for all network infrastructures in the co-operation
• Performs daily, weekly network changes in Hospital network for user requests and compliance fixes (IP requests and reservation, NAC whitelisting and FW implementation).
• Coordinates with various department and team in Hospital for any IT/ Network requests, migration or changes.
• Makes network hardware refresh for end-of-life devices and appliances
• Monitors Hospital network to ensure availability and efficiency and execute necessary troubleshooting and maintenance in a 24x7 environment.
• Design, configure, maintain, monitor, and coordinate new and existing server and network infrastructure system activities, projects, and resources.
• Import maps and AP placement on Prime version 2.2 in production and 3.1 in lab.
• Worked with Confidential Layer 3 switches 3560, 3750, 4500, 6500 Confidential Nexus 5000 and 7000 in multi VLAN environment with the use of inter-VLAN routing, 802.1Q trunk, and ether channel.
• Assist with creating disaster recovery plans, continuity of operation plans, and other related security plans having to do with mission essential functions.
• Maintain a technical library of all materials that document standard operating procedures for managing servers and network infrastructure.
• Configured, installed, & managed DHCP, DNS, & WINS servers
• Responsible for communication protocols, configuration, integration & security.
• Designing and implementing functional network infrastructure.
• Communicating and negotiating with users, specialists, other staff and suppliers.
• Mentoring team members and addressing user needs.
• Achieved 90 % CSAT score and awarded topper of stack rank.

Senior Network Enginee

Confidential

Responsibilities:

• Performed innovative and effective network engineering and design, developing and planning networks to meet client specifications and needs. Configured technologies and systems, ensuring connectivity and availability for all critical products and devices including Cyberoam, Sophos, and SonicWall Firewall devices, as well as DSLAM and fiber Connection.
• Captained the configuration and connection of a large-scale GPS tracking system to ensure optimal function.
• Installation and Configuration of Confidential Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy It also includes the configuration of port channel between core switches and server distribution switches
• Configured IPSec site-to-site VPN connection between Confidential VPN 3000 Concentrator and Confidential 3800 Router/ Microsoft VPN Server in order to access certain limited network resources from customer locations
• SIEM: Create SIEM alarms, develop correlation rules, create and modify policies, and monitor events and trends
• Performs daily, weekly network changes in DBS network for user requests, compliance fixes and project related requests.
• Review and assess network impact for any modification/changes to ensure zero downtime and avoid critical issues affecting Customer and Bank's integrity.
• Monitors Hospital network to ensure availability and efficiency and execute necessary troubleshooting and maintenance in a 24x7 environment.
• VPNs: Manage and troubleshoot site-to-site IPSec VPN connections
• Executes planned replacement for various network devices & appliances as recommended by the vendor due to end-of-life and end-of-support.
• Key contributions include troubleshooting of complex LAN /WAN/WLAN infrastructure that include routing protocols EIGRP, OSPF,BGP,RIPv2 HSRP.
• Involved in design, implementation and configuration of HSRP for load balancing on L3 switches on different location of office on the switched network.
• Performed and scheduled system backups and assisted with disaster recovery plans and testing in addition to maintaining and monitoring system performance to ensure network integrity and functionality
• Manage hardware and software inventories
• IDS/IPS Engineering: Tune IDS/IPS signatures, change default actions, create and amend policies, configure and monitor high availability
• Documented network failures and internal troubleshooting procedure using Excel, Visio and internal software
• This includes Artifacts for regular Health Checks, IP and System Integrity, Change management, Problem management, Logical Access Controls, Network Connectivity.
• Manage Confidential Routers and troubleshoot layer1, layer2 and layer3 technologies for customer escalations
• Reduced customer complaint rates by 10% in two months as a member of technical support team in charge of responding to customer inquiries regarding network configuration settings
• Provide on-call and afterhours support as required
• Taking knowledge of existing networking and security mechanisms, including authentication, and creating them in cloud environments
• Implemented and configured various Lucent dense-wave-division multiplexing products as well as high speed Ethernet over SONET multiplexors including the Wavestar 400G, 800G, 1.6T
• Responsible for network project implementation and operation support.
• Keep detailed records of customer interaction and problem resolution in a ticketing system
• Performed expert troubleshooting, maintenance, and issue resolution for Windows Server
• Designed, planned, and configured complex technologies and hardware including CCTV, IP Camera, and Security Zone as well as servers and NVRs.
• Taking Regular backups & testing the backups by restoring in test lab frequently
• Worked in data center to manage tickets, apply diagnostic methods to troubleshoot data center equipment. Pulled required inventory as defined by inventory process. Updated inventory systems as required.

Network consultant

Confidential

Responsibilities:

• Taking knowledge of existing networking and security mechanisms, including authentication, and creating them in cloud environments
• Firewall Engineering: Installation of new firewalls, high availability configuration, and monitoring
• Administer applications running on Linux and UNIX systems in virtualized and cloud environments
• Responsible for planning, designing, implementing, optimizing, and troubleshooting large scale IP/MPLS networks
• Worked on Layer-2 and Layer-3 technologies OSPF/MPLS/MPLS VPN/MPLS TE/BGP/ISIS/VPLS
• Implemented VRF/ EPLs/Hardware swap and migration, L2 to L3 upgrade
• Prime for IP/MPLS network expansion and grooming including ASR9001, ASR9010, ASR 9006,ASR1000
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security Settings of the networking devices ( Confidential Router, switches) co-coordinating with the system/Network administrator during any major changes and implementation
• Installed, Configured and troubleshooted various protocols such as TCP/IP, BGP, EIGRP, RIP, OSPF, and SNMP.
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security Settings of the networking devices ( Confidential Router, switches) co-coordinating with the system/Network administrator during any major changes and implementation
• IDS/IPS Engineering: Tune IDS/IPS signatures, change default actions, create and amend policies, configure and monitor high availability
• Maintained and L3 support of Routing & Switching devices including Huawei NE80E, NE40E, S9312, S9306, CISCO2921, Confidential 2821
• Configured and deployment for IPSec VPN with Juniper SRX 550/3400/3600 , Juniper Netscreen SSG520
• Implemented the security architecture for highly complex transport and application architectures addressing well known vulnerabilities and using access control lists that would serve as their primary security on their core & failover firewalls
• Configured FWSM on Confidential 7600 router to reduce costs and operational complexity while enabling organization to manage multiple firewalls from the same management platform.
• Configured Hyper-V LAN which decouples virtual networks from the physical network infrastructure, removing the constraints of VLAN and hierarchical IP address assignment from virtual machine provisioning.
• Designed advanced networking solutions including Quality of Service (QoS), and Route redistribution
• Troubleshooted network problems, diagnosed and resolved technical issues effectively and in a timely manner.
• Installed existing routers, switches, Wireless controller, firewall and configured hardware, peripherals, services, settings, etc. in accordance with standards and project/operational requirements.
• IDS/IPS Engineering: Tune IDS/IPS signatures, change default actions, create and amend policies, configure and monitor high availability
• Installed Confidential WAAS device 4451-X for acceleration of TCP-based applications, and Confidential 's Wide Area File Services WAFS in a single appliance and to preserve and strengthening branch security
• Team lead duties include conducting daily scrum calls, writing monthly progress reports, conducting bi-annual employee evaluations and performance reviews, etc
• Expertise in maintenance of layer2 switching tasks which advocate VLAN, VTP, STP, RSTP, PVST, RPVST, configuring of ether channel with LACP and PAGP along with troubleshooting of inter-VLAN routing.
• Designed advanced networking solutions including Quality of Service (QoS), and Route redistribution
• Authored Methods of Operations documents for implementation (ATP/MOP) by the Network Operation team
• Member of a team in planning, design, capacity management, and budget approvals for switching, Ethernet over SONET, Ethernet over DWDM, fiber network including spur closures, and other infrastructures.

Network Engineer

Confidential

Responsibilities:

• Deputed to Deutsche Bank as a Senior Security Analyst which is a member of the Neutral Control Team under the umbrella of CISO
• My previous responsibilities includes but not limited to Wintel/Firewall log review, CyberArk password release authority, engage in IN/GCM ticket processing, generate reports to the management, and perform other duties assigned by the Silo
• Gathering Requirements - WLAN expectations, Goal, Scope, Security requirements, types of devices and users needed to be supported and establish operational support
• Interview vendors. Some major vendors interviewed were Confidential, Confidential and Avaya (Xirrus). Confidential was chosen as the vendor
• Provided proactive threat defense with ASA that stops attacks before they spread through the network
• Dealt with the escalation problems for Routing, Switching and WAN connectivity issues using ticketing system remedy
• Provides the technical interface to Tier III resources for complex matters requiring deep technical expertise. Strong knowledge of MPLS, Ethernet over TDM, VoIP, technologies as well as routing protocols BGP and EIRGP
• In-depth expertise in the implementation of analysis, optimization, troubleshooting and documentation of LAN/WAN/WLAN networking systems
• IOS upgrade and router hardening for 2600, 3600, 7200 routers and 6500, 2900, and 3500 series of switches.
• Spec existing deployments. The DOL has several sub agencies with their own IT infrastructure and one of the main goals was to capture already existing deployments and reuse as much equipment as possible
• Worked on the Network and security assessment project for DOL which involved cataloguing and evaluating the network and security infrastructure of the various agencies within DOL and providing recommendations for network and security improvements based on our findings
• Recommended Security considerations for the Intranet data center, integrating security, providing solution design details and configuration details
• Performed and documented packet capture analysis to resolve interoperability issues with third party ISPs,
• Solved clients issues remotely domestic as well as internationally (Australia, UK, South Africa)
• Configured Access List ACL (Std, Ext, Named) to allow users all over the company to access different applications and blocking others
• Demand Generation tool and summarized very complex information in a useful format. Produced timely and high quality deliverables, as result established credibility internally including multiple MDs and multiple clients.
• Configured and managed OSPF redistribution and authentication with type 3 LSA filtering and to prevent LSA flooding and also configured OSPF over frame relay networks for NBMA and point to multipoint strategies.
• Troubleshooting network connectivity between branch office and regional office with multiple link paths and routers running HSRP, EIGRP in unequal cost load balancing.
• Troubleshot and resolved VOIP, video and data network problems on Confidential equipment.

Network Infrastructure Specialist

Confidential

Responsibilities:

• Configuring, deploying, maintaining and upgrading different models of Confidential APs like 1200 series, 1300 series, 1040 series, 1140 series, 1130 AG series and 3500 series.
• Configuring, deploying, maintaining and upgrading with different models Confidential Wireless LAN controller models like 4400 Series, 5500 Series, Confidential Flexconnect Controller and the Wireless LAN controller modules.
• Worked for a system integrator dealing with licensed/unlicensed band microwave radios.
• Provide technical support in the management of VLAN and VLAN trunking including 802.1Q and ISL, multicasts and spanning-tree
• Implementing the necessary changes such as adding, moving and changing as per the requirements of business lines in a data center environment
• Worked on commissioning and decommissioning of the MPLS circuits for various field offices POPs.
• Configured Access List Standard, Extended, and Named to allow users all over the company to access different applications and blocking others
• Provided Network and Security Architecture and Operations support services for Windows 2008 based web, application and database servers
• Created standSard access lists to allow SNMP, NTP and logging servers
• Support and manage protocol analyzers to diagnose network problems. These network tools include Network Associates, Sniffer, Network Instruments, NetQos and Confidential Works
• Verify the operational capabilities of all new equipment prior to deployment and coordinate all installations as such.
• Consistent network design deployed across all nodes throughout county consisting of core Confidential 7600 routers, distribution layer Catalyst 6500 switches, WAN aggregation Confidential 7600 routers, and access layer Catalyst 2900/3500/3750/3850 switches
• Network design, performance, security and trade off considerations including throughput, latency, Qos, system availability, redundancy and fail over such as HSRP
• I used to lead the wireless engineers in the network integration projects, network design and consultation, and pre-sales of various networking products.
• Created Private VLANs & preventing VLAN hopping attacks & mitigating spoofing with snooping & IP source guard.
• Install and/or Migrate Checkpoint Security Hardware systems while upgrading to the latest Checkpoint Security Software version
• Troubleshooting complex networks layer 1, 2 frame relay, ATM, Point to Point, ISDN to layer 3 routing with MPLS, BGP, EIGRP, OSPF and RIP protocols technical issues
• Member of a team in planning, design, capacity management, and budget approvals for switching, Ethernet over SONET, Ethernet over DWDM, fiber network including spur closures, and other infrastructures.
• Confidential ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.