SUMMARY

• Experience in Network planning, designing, installing, monitoring & troubleshooting and coaching junior and senior personal through technical issues, increasing growth and confidence among team members.
• Hands on experience in planning, designing, implementing and managing LAN Technologies - VLAN, STP, MSTP, PVST, Trunking, L2/L3 Etherchannel, HSRP, Interface/Port Security
• Hands on experience in planning, designing, implementing and managing WAN Technologies, Routing Protocols - Default Routing, Static Routing, RIP, EIGRP, OSPF, BGP, MPLS
• Hands on experience in planning, designing, implementing and managing Site-to-Site IPSec VPN, GRE Tunnel, DMVPN (IPSec wif Multipoint GRE and NHS, NHRP), Client-Server VPN, SSL VPN, MPLS over Ethernet, DMZ
• Hands on experience in implementing and managing ACLs, PBRs, NAT, PAT, Route Redistribution, Anti-virus Gateway, IPS/IDS, TACACS, Syslog, NTP
• Hands on experience in planning, designing, implementing and managing physical connectivity - Leased Line, ISDN, E1/ T1 Links, Internet Circuits, OC-3, OC-12, Cat5, Cat5e, Cat6, Fiber Cables
• Hands on experience in installing, managing and troubleshooting MS Server OS 2003, 2008 and Installing SQL 2005 & 2008
• Hands on experience in planning, designing, implementing and managing Confidential Technologies - MS-SCOM 2007R2, MS-Hyper-Virtualization & SCVMM, Terminal Web Server & Terminal Gateway Server, IIS Server, ISA Server, MS-Clustering
• Experience in MS Server hardening, security patch updates, password management, Anti-Virus updates
• Setting up and management of Data Center and Client ODC as per Industry Standards
• Planning, designing and implementing BPO Data Network, BCP Site and Network Level High-Availability
• Working experience in Network Operation Center (NOC)
• Problem management, change management, incident management, RCA documentation using ITIL Standards
• Vendor Management
• Day-2 Network & System Support, Pager On-Call Support
• Project documentation using MS- Visio, Word, Excel, PowerPoint
• Effective in working independently and collaboratively in teams

COMPETENCIES

• Network SecurityEnterprise SwitchingData Center Management
• VPN TechnologyEnterprise RoutingProject Management
• Network OperationsNetwork Infrastructure ImplementationVendor Management
• MS Server Operating SystemMS Hyper-virtualization MS SCOM 2007R2

TECHNICAL SKILLS

Security Appliance: Cisco PIX, ASA, FWSMs, Cisco VPN Concentrator, Fortigate, Nokia Checkpoint Firewall, Nortel Contivities, Juniper NetScreen Firewall, Palo-Alto Firewall

Network Tools: Packetshaper, Solar Winds, HPOV, Wireshark, InfiniStream Sniffer, Ethereal, VitalNet, CiscoWorks, NetQoS, SOCKS, ASPEN, STRM, Spectrum, e-Health, Palo-Alto Panorama

Routing Protocols: RIP, EIGRP, OSPF, BGP, MPLS

Technologies: Site-to-Site & Client-Server IPSec VPN, GRE Tunnel, SSL VPN, MPLS over Ethernet, DMVPN, MS-SCOM 2007 R2, MS Hyper-Virtualization, IIS, MS-ISA, MS-Clustering, DNS, SMTP

Hardware: Cisco Routers, Switches, Wireless Aironet Router, Motorola Routers, Atrica L2/L3 Switches, IBM Blade Center Switches, Cisco Load Balancers (ACE, CSS, CSM), Lucent Access Point, Multitech Audio Box, Safeline Encryptor, Proliant Server, HP Blade Server

PROFESSIONAL EXPERIENCE

Network Security Engineer

Confidential, Dallas, TX

Responsibilities:

• Designed and Implemented Cisco ASA5512s
• Memory upgrade on Cisco ASA to support N-1 image
• Upgraded Juniper NetScreen SSG320M firewalls to N-1 image
• Upgraded Cisco ASAs from 8.x to 9.x
• Designed and Implemented NSRP and Failover to provide High-Availability
• Designed and Implemented PaloAltos 3060 and 3050 in VWire and Layer 3 Mode
• Designed and Implemented M100 Panorama for Centralized Policy Management
• MIS Technology Professional Services (MTPS) Engineer/Delivery Engineer/Service Assurance
• Managing firewalls in a heterogeneous environment including ASA 5500-X series, 5500 Series, FWSMs. Firewalls running on single routed mode as well as multi-context, transparent mode, and teh OS version spanning from 8.x to 9.x for Client - Alliance Data Systems (ADS)
• Managing Cisco ASAs, Juniper NetScreen and Checkpoint firewalls for Client - Brookfield Corporate Operations (BCO)
• Managing Cisco ASAs, Checkpoint firewalls for Client - Emerald Performance Material (EPM)
• Managing Cisco ASAs, Checkpoint, Palo-Alto Firewalls for Client - Blue Cross Blue Shield - NC (BCBSNC)
• Design, implement and support Access-lists, Address Translations, TACACS, Syslog
• Design, implement and support S2S, Remote-Access, AnyConnect VPN on Cisco ASAs, Juniper NetScreen and Checkpoint firewalls
• Implement and support Dynamic Routing (OSPF/BGP), Policy-Based Routing, Route Redistribution on Firewalls
• Traffic analysis using Wireshark, Sniffer, capture/packet-tracer on Cisco ASA, debug/snoop on Juniper NetScreen and TCPDUMP/FW-Monitor on Checkpoint Firewall
• Collaborating wif Cyber Security Team to close Audit/ Security Incidents finding
• Configuration clean-up (removal of unwanted/old policies, rules, ACLs, logs) and health-check for hardware refresh
• Problem and Change Management using Confidential ticketing system (TFS) well wifin defined SLAs
• Hands-and-Feet support for Client - Alliance Data Systems (ADS) firewalls in Dallas, TX Data Center
• Hands-and-Feet support for Client - Blue Cross Blue Shield - NC (BCBSNC) firewalls in Durham, NC Data Center
• Primary On-Call support for Alliance Data Systems (ADS), Brookfield Corporate Operations (BCO), Emerald Performance Material (EPM), Blue Cross Blue Shield - NC (BCBSNC)
• Coaching network connectivity and processes to junior and new team members
• Network documentation using MS-Visio, Word, Excel and hand-off presentation to BAU Team & create Knowledge Base article

Confidential

Responsibilities:

• LAN - STP, PVST, VTP, Trunking, L2/L3 Etherchannel, HSRP, VLAN, Interface/Port Security, LST
• WAN - Static Routing, EIGRP, OSPF
• Security - IPSec, GRE, IPSec wif VTI
• Design, implement ACLs, PBR, NAT, PAT and Route Redistribution
• Design and implement high availability for Cisco ASAs
• Design and implement Cisco Routers, Switches, Firewalls for SSH access and AAA services using TACACS+
• Network monitoring using CiscoWorks, Vitalnet, NetQoS
• Packet capture and analysis on Cisco Switches, ASAs, Nokia Firewalls for problem determination and use of Sniffer & Wireshark
• SNI Refresh Focal for Southbury, CT and Poughkeepsie, NY Data Centre
• Configuration clean-up (removal of unwanted/old policies, rules, ACLs, logs) and health-check for hardware refresh
• Responsible for change management - includes - presentation of change, creation of change tickets, and co-ordination wif stack holders for approval
• Network documentation using MS-Visio, Word, Excel and presentation of technical matter during weekly team meeting
• Interface wif vendor - Cisco for RMA and technical consultancy
• Ordered AFIFRF IESPOD Infrastructure devices for replacement of EOL/EOS Nokia Checkpoint IP530
• Rack and stack AFIFRF IESPOD Infrastructure
• Design, present AFIFRF IESPOD to Global SNI Team for approval
• Rules (2000+) conversion from Nokia to ASA format, Routing/PBR change for AFIFRF IESPOD Infrastructure
• Cable trace, cabling request using PADSMART tool, MACD submission for device certification, FCM submission for device monitoring and management, Change record creation using Meximo, co-ordinate wif stack holders for approval
• Replacement during scheduled change window
• Project documentation using MS-Visio, Word and Excel
• Design and functional presentation to Service Assurance Team for Day2 support
• Ordered SCFPOD Infrastructure devices for replacement of EOL/EOS SCF Cisco 6509
• Rack and stack SCFPOD Infrastructure
• Design, present SCFPOD to Global SNI Team for approval
• Rules conversion from 6500 to ASA format, Routing/PBR change for SCFPOD Infrastructure
• Cable trace, cabling request using PADSMART tool, MACD submission for device certification, FCM submission for device monitoring and management, Change record creation using Meximo, co-ordinate wif stack holders for approval
• Replacement during scheduled change window
• Project documentation using MS-Visio, Word and Excel
• Design and functional presentation to Service Assurance Team for Day2 support

Refresh Dedicated Switches

Confidential

Responsibilities:

• Ordered replacement devices for refresh of Dedicated Switches, Shared Yellow Switches, Confidential, NTP Server
• Rack and stack new Infrastructure devices
• Cable trace, cabling request using PADSMART tool, MACD submission for device certification, FCM submission for device monitoring and management, Change record creation using Meximo, co-ordinate wif stack holders for approval
• Configure, Implement new devices and replace during scheduled change window
• Project documentation using MS-Visio, Word and Excel
• Design and functional presentation to Service Assurance Team for Day2 support
• Discussion wif Confidential &T, IBM and Customer for requirement gathering
• Prepare Network connectivity, present it to Global SNI team for approval
• Provide SNI IP range, Switch Interfaces, present Network Connectivity to stack holders
• Co-ordination wif Confidential &T ABFS for DRES switch rack-and-stack and initial configuration
• Co-ordination wif Megapath ( Confidential &T 3rd party vendor) for IPSec VPN design
• Configuration of Dedicated Resource Switch, IPSec VPN, ACLs, PBR, Routes as designed
• Verify Customers flow working as expected
• Project documentation using MS-Visio, Word and Excel
• Design and functional presentation to Service Assurance Team for Day2 support
• Discussion wif Confidential &T, IBM and Customer for requirement gathering
• Prepare Network connectivity, present it to Global SNI team for approval
• Co-ordination wif OneNet team for IPSec VPN design, ACLs and Routing
• Configuration of IPSec VPN, ACLs, PBR, Routes as designed
• Verify Customers flow working as expected
• Project documentation using MS-Visio, Word and Excel
• Design and functional presentation to Service Assurance Team for Day2 support
• Discussion wif Confidential &T, IBM and Customer for requirement gathering
• Prepare and implement logical configuration on Shared Customer Firewalls and Dedicated Customer Firewall
• Verify Customers flow working as expected
• Project documentation using MS-Visio, Word and Excel
• Design and functional presentation to Service Assurance Team for Day2 support

Hardware Environment Cisco Routers (2900, 3900, 7200, 7600 series), Cisco Switches (2960, 3560, 4500E, 6500 series), PIX (515e, 525e), ASA (5540, 5550), Nokia Checkpoint (IP530)

Network Security Engineer

Confidential, Dallas, TX

Responsibilities:

• LAN - STP, PVST, VTP, Trunking, L2/L3 Etherchannel, HSRP, VLAN, Interface/Port Security, LST
• WAN - Static Routing, OSPF, BGP, MPLS
• Security - IPSec, GRE, Multipoint GRE, DMVPN
• Design, implementation & support to Load Balancers (ACE, CSS, CSM) and FWSMs
• Design, implementation & support to ACLs, PBR, NAT, PAT and Route Redistribution
• Network Monitoring using CiscoWorks, Vitalnet, NetQoS
• Packet Capture and Analysis using InfiniStream Sniffer, WireShark
• Focal for Dallas, TX Data Centre for CIGNA Infrastructure & On-call pager support on rotation basis
• Responsible for Change Management – includes – creation of change tickets, presentation of change through Quality-Gate for approval from stack holders as per Cigna security policy
• Responsible for Problem and Incident Management
• Review, root cause analysis and solution of logging errors
• Network documentation using MS-Visio, Word, Excel
• Interface wif Vendor - Cisco for Service Request and RMA
• Verifying and preparing list of Cisco Routers, Switches, Blade-Center Switches and ASAs for IOS upgrade
• Pre and Post change co-ordination wif management and application owners for downtime, change approval and verification
• Upgrading Security Board approved IOS on Cisco Routers, Switches, Blade-Center Switches, and ASAs
• Preparing list of Routers, Switches (CatOS and IOS based), Blade-Center Switches for SNMP update
• Pre and Post change co-ordination wif management and network monitoring team for change approval and verification
• Phase wise implementation of defined SNMP community strings and monitoring ACL changes
• Uplink/Downlink verification to determine High-Availability
• Pre and Post change co-ordination wif management and network architect for downtime and change approval and verification
• Upgrading configuration, addition of Uplink/Downlink, STP verification

Hardware Environment Cisco Routers (2900, 3900, 7200, 7600 series), Cisco Switches (2960, 6500 series), Cisco Nexus 7000 series, ASA (5500 series), FWSM, ACE, CSM, CSS, IBM Blade Switches Cisco OS-CIGESM-18TT-EBU, WS-CBS3012-IBM-me

Network & Systems Engineer

Confidential, Redmond, WA

Responsibilities:

• Administration of Windows Server OS – 2003/2008
• Implementation and support to IIS – URL Redirection
• Implementation and support to ISA Server for Internet facing URL/ Application
• Implementation and support to MS-Clustering for SQL components (Analysis, Database, Integration and Reporting services)
• Implementation and support to SMTP server
• Installation and configuration of Confidential SQL server 2005 & 2008
• Implementation and support to Confidential NLB, DNS, WINS issues
• Planning, implementing and supervising (team-4) monthly security patching and quarterly password update on DEV, SIT, UAT and PROD servers
• Securing servers wif latest Forefront AV updates
• Support to developers/ server owners for application/server connectivity and performance issue
• MIS reporting for management review
• Managing Infrastructure resources Confidential Onsite (team-2)/ Offshore (team-2), tasks assignments and supervising these resources
• Creation of KBs for knowledge sharing, Project documentation using MS-Word, Visio, Excel
• Requirement gathering, server seizing and hardening
• Planning, designing and implementation of SCOM 2007 R2 for UAT and PROD environment
• Management support for SCOM2007 R2
• Alert customization based on application needs on SCOM2007 R2
• Project documentation using MS-Visio, Word and Excel
• Training to team members
• Requirement gathering, server seizing and hardening
• Planning, designing and phase wise migration of physical servers to virtual platform
• Migration of DEV, SIT, UAT and PROD Web and SQL servers to virtual platform
• Project documentation using MS-Visio, Word and Excel
• Training to support team members
• Design, implementation and support to Remote Desktop Gateway (RD Gateway/ TS WEB access) over internet using secured channel.
• Design, implementation and support to SSRS Publishing Servers for Confidential -Yahoo Integration using secured channel
• Design, implementation and support to MS SharePoint Site (MOSS 2007) over internet using secured channel
• Prepared Installation guide for TS Gateway, published on Confidential Internal Website

Hardware Environment Proliant SE316M1R2, HP - BL460c Blade Server, BL680c Blade Server, HP-DL380 G5, HP - DL260 G5

Confidential

Network & Security Engineer

Responsibilities:

• LAN – STP, PVST, VTP, Trunking, L2/L3 Etherchannel, HSRP, VLAN, Interface/Port Security
• WAN – Static Routing, EIGRP, OSPF
• Security – IPSec, GRE, IPSec wif VTI
• Design, implementation & support to ACLs, PBR, NAT, PAT and Route Redistribution
• Design and implementation of high availability for Cisco PIXs, ASAs
• Configuration of Cisco Routers, Switches, Firewalls for SSH access and AAA services using TACACS+
• Network monitoring using CiscoWorks, Vitalnet, NetQoS
• Packet capture and analysis on Cisco Switches, PIXs, ASAs, Nokia Firewalls and Nortel Contivities for problem determination and use of Sniffer & Wireshark
• Focal for RTP, NC Data Centre for SNI (Shared Network Infrastructure) & On-call pager support on rotation basis
• Regular health-check and removal of unwanted/old policies, rules, ACLs, logs
• Responsible for change management – includes – creation of change tickets, presentation of change and co-ordination wif stack holders for approval
• Responsible for problem & incident management and quarterly password management
• Network documentation using MS-Visio, Word, Excel and presentation of technical matter during weekly team meeting
• Interface wif vendor - Cisco for Service Request and RMA
• Information gathering and analysis to decide on bandwidth requirement
• Design, implement and management of Site-to-Site IPSec VPN & GRE Tunnel
• Project documentation using MS-Visio, Word and Excel
• Design and functional presentation to support team
• Verifying and preparing list of SNI devices for alert management using SYSLOG servers
• Configuring devices for Syslog monitoring
• Review, root cause analysis and solution of Syslog errors for North-America SNI Locations
• Verifying and preparing list of SNI Devices in North America for NTP configuration
• Representing change to management and monitoring team for approval
• Configuring Routers, Switches, Firewalls for NTP

Hardware Environment Cisco Routers (2900, 3900, 7200, 7600 series), Cisco Switches (2960, 3560, 4500E, 6500 series), PIX (515e, 525e), ASA (5500 series), Nokia Checkpoint (IP380, 560, 630), Nortel Contivities (1600, 1700 series)

Confidential

Senior Network Engineer

Responsibilities:

• Design, implementation and support to L2/L3 Etherchannel, MST, HSRP, VLAN, ACLs, VTP, Interface/Port security
• Design, implementation and support to Cisco PIXs, ASAs for High-Availability
• Design, implementation and support to Cisco VPN Concentrator for corporate remote access
• Design, implementation and support to Fortigate for AV Gateway & IPS/IDS
• Implementation of project connectivity using IPLCs & site-to-site VPNs for offshore development
• Design, implementation and support to Packet Shapers for bandwidth management
• Configuration of Cisco Routers, Switches, PIXs, ASAs for AAA service using TACACS+ server
• SLA tracking for Telecom and Product vendor for teh support
• Vendor management for IPLCs, Internet links and network products
• Managing Technology Infrastructure Services (TIS) resources (Team Size - 3) & assigning and supervising tasks assigned to Level1/ Level2 engineers
• Active member for fixing security audit findings
• Representing Infrastructure Team in Project Kick-Off meetings
• Project documentation using MS-Visio, Word and Excel

Projects worked

Confidential

Responsibilities:

• Planning, designing, implementation and support to Confidential BPO Data Network using Static Routing, OSPF, BGP, NAT, PBR, Route Redistribution, ACLs, Cisco s/w encryption – IPSec & L2 Encryption using Safe line Encryptor
• Support to Offshore Mastek BPO users accessing BNY ( Confidential ) Network Confidential Teaneck and Harrison, USA
• Client/ Vendor co-ordination during various phases of project implementation
• Planning, designing, implementation and support to Internet Infrastructure for Mastek (India), Majesco Software (USA) and Mastek (UK) offices
• Planning, designing, implementation and support to System and Network Infrastructure for Mastek (India), Majesco Software (USA), Mastek (UK) offices
• Planning, designing and Implementation of Redundant/ BCP Network
• Design documentation for LAN, WAN and Internet Infrastructure setup
• Planning, designing and Implementation of Data Centre relocation (Majesco-USA, Mastek-UK) wif High Availability and effective use of existing and new H/W in compliance wif teh security policies wif efficient cost saving
• Management of Data Centre as per Industry standards in compliance wif teh security policies
• Closure of security audit findings
• Space finalization for Server and Network racks
• Setup of ODCs where in logical separation mandated
• Design and implementation of secured wireless connectivity for Data Center
• Project Documentation
• Planning, designing and implementation of Site-to-Site and Client-Server VPNs using IPSec
• Project Manager/ Application Users/ Client co-ordination to understand bandwidth requirement
• Training to Operations Support Team
• Level 3 support to VPN related issues
• Awarded “Silent Worker Award”
• Awarded “Young Achiever Award”
• Awarded for teh support provided during Natural Calamity
• Awarded “Raise a Toast Award” for network planning, designing & implementation for Confidential . Achieved 7/7 rating from customer for maintaining 99.9% uptime as per agreed SLA.
• Awarded “Raise a Toast” for Data Network up gradation for Majesco Software, USA wif cost savings of 53000 USD and completed project wifin defined time line

Network Engineer

Confidential

Responsibilities:

• Associated wif Reliance National NOC for designing, implementing, monitoring and supporting Confidential network. Confidential uses Optical Gigabit Ethernet, VLAN, OSPF and MPLS to provide L2 VPN, P2P and Internet Access for corporate under Enterprise Network Segment
• Planning, designing and implementation of Confidential Ring wise network
• Simulation and testing of Network before making it live to teh sites
• Responsible for ATP of network nodes - Atrica-2100, Atrica-8100 and network topology
• Backend router route monitoring and announcing area in OSPF as per proposed network design
• Monitoring and support to Confidential network from Reliance National NOC (Data Access NOC) using ASPEN as monitoring tool
• Technical support to field engineers for network related issues
• Planning, designing and implementation of various test cases for different IP based solution using Cisco Routers, LINUX based VPN COSMOS Router, Motorola Timeport – GPRS device
• Planning, designing and implementation of Online Lottery Production Network using GPRS, GRE, IPSec, Leased Lines, ISDN, Dial-up connectivity
• Training and Remote support to Field Engineer
• Installation of Lottery Terminals
• Project documentation
• Planning, designing, implementation and support to IPSec VPN & Voice over Internet over VPN using Lucent AP (300, 600, 1000) and Multitech Audio Box (MP104)
• Implementation of Star topology using ISP backbone

Hardware Environment Cisco Routers (2900, 3900, 7200 series), Cisco Switches (2960, 3560, 4500E series), Motorola Routers (Vanguard 320, 6500 series), LINUX based VPN COSMOS Router, Motorola Time-Port (P738), Lucent Access-Point (300, 600, 1000 series), Multitech Audio Box (MP104, 108)