CAREER OBJECTIVE:

To work with a company that provides opportunity and exposure to most challenging and technology driven market. A job that requires network solution designing, Cyber security, cloud network & Security, infrastructure project planning and execution skills.

EXPERIENCE SUMMARY:

• Over 17 years of experience in the Information Technology. As part of my assignments, I have been in Network Management & Network Operations, Information & Cybers security, Project Management, Firewall security management, Data Center Infrastructure Management, new Infra buildoust & ODC’s setup, Cloud(Azure/AWS) network & Security operations and Network Design & Implementation. Good knowledge in server administration with Windows / Linux based operating systems.
• Projects executed during the professional career covers following area of expertise.
• MPLS and metro Ethernet technology roll - out
• Azure cloud migration & network setup.
• Network security control implementation in Azure cloud.
• Building IT infrastructure and datacenter(LAN/WAN)
• URL configuration with F5 Load balancer
• Implementing corporate security.
• Setting up enterprise class wireless network
• Implementing BYOD solutions
• Secured and trusted ODC setup
• Configure client to site & IPSec site to site VPN.
• Implementation & management of F5 Load balancers (LTM/GTM).
• Project planning and implementation
• Network monitoring & management tools
• Customer support & Audits.
• Framework design & documentation.
• Crisis management/Business Continuity Planning
• Internet security & content filtering implementation
• Servers installation & Administration
• Problem, incidence and change management
• Team management
• Firepower & ASA firewall management.
• Design corporate networks.
• HandsOn experience with Cisco Prime & ISE.
• AWS Direct and VPN connections from on premises network devices.
• Vulnerability management in AWS cloud.

TECHNICAL SKILLS:

Network Equipment:

Cisco Nexus: 9000, 7000, 7700, 5000, 5672, 3172, 2K

Cisco Router Series: 1900, 2600, 2800, 3600, 3700, 3800, 7200, ISR Branch Routers and ASR1000X, 7200, 7600 Data Center Routers.

Cisco Switch Series: 2960, 3550, 3750, 3850, 4500, 4948, 6500 & CAT 9K

Firewalls: PIX 506e, 515e, 525, 535 and ASA 5505, 5510, 5520.5540, 5585-X

NGFW, Firepower: 4100, 2100

BigIPs: 2000, 3900, 4000, 4600 & 5000

Checkpoint: 2200, 4600, 2 & R 8.0

Network Protocols:

Routing Protocols: RIP version 1 and 2, EIGRP, OSPF, OSPFv3, BGP.SD-WANSwitching Protocols STP, RSTP and PVST.

Redundancy Protocols: HSRP, VRRP and GLBP.

Multicast Protocols: IGMP, IGMP version 2 and 3, CGMP, PIM-Sparse and Dense Mode. DHCP, FTP, TFTP.

Network Security: Access Lists, Cisco & Checkpoint Firewalls, MPLS VPNs/SSL VPN/IPSec VPN/DMVPN, Deep Packet Inspection, IDS/IPS, Port Security, DHCP Snooping, Private VLANs, Websense Internet URL filtering & DLP, Mcafee DLP & application control, Fireeye.

Tools: Network Simulator2, Wireshark, Ethereal, Packet Tracer, Netmri, Cisco Prime, MSE, Qradar, Riverbed Opnet, Extrahop, Cisco ISE, TACACS, Splunk, ServiceNow

Operating Systems: Linux (Red Hat, Fedora Core 11 and Ubuntu 9.04 Widows 2008/2012/2016

Cloud: AWS, Azure

PROFESSIONAL EXPERIENCE:

Confidential

Network Support Specialist Firewall & Cyber Security Engineer

Responsibilities:

• Implementing security environment with Cisco Firepower & Checkpoint firewalls..
• Managing the security controls with tools like Mcafee, Firepower, Redseal.
• Incident management. change management, problem management, configuration management
• Design, configure, and test network and security devices per scope of customer projects
• Perform troubleshooting and support activities as part of project delivery
• Lead or participate in network security discovery and design workshops
• Configure network security devices per design agreed upon with the customer
• Support physical installation of network and security devices, VPN either in person or remotely
• Azure cloud network & Security operations.
• AzureExpress Route,AzureFront Door,AzureNSG's., ASG's.
• Implementing, Managing & Maintaining the Azure cloud Checkpoint firewalls.
• AzureCloudAppSecurityusing third party SIEM tool Splunk
• Participate in network and security assessments.
• Isolate and resolve network related service problems, diagnose and correct problems resulting from component failure or normal use of the network.
• Protecting company network and data by coordinating, planning, implementing network security measures.
• Configure firewalls for usage, manage their day-to-day operations, and perform regular maintenance through upgrades and patches.
• Monitor & Continuously improve security of the network against all vulnerabilities and attacks.
• Monitor security devices and applications for performance problems.

Confidential

Manager - Infra Ops Specialist

Responsibilities:

• IT Network Infrastructure designing and deployment
• Data Center design and implementation
• Wireless network design and deployment
• Setting up enterprise LAN, WAN and Internet infrastructure
• Setting up Clients’ requirement and IT projects
• Troubleshooting core data and firewall issues
• Establishing load balancers for all corporate url’s
• PCI & Pentest security audits
• AWS cloud network infrastructure.
• Hands on with high end and enterprise class Cisco routers, switches, firewalls & Load balancers
• Servers installation and configuration
• Budget planning
• BOM and BOQ preparation
• Business continuity planning
• POC and new technology evaluation
• Build site to site/ Client to site VPN tunnels and GRE tunnels
• Managing & maintain F5 Load balancers (LTM/GTM)
• Certificate & vulnerability management.
• BYOD implementation
• Team management
• Vendor assessment and management
• Incident management. change management, problem management, configuration management
• IQ and SOP drafting for switch deployment and administration
• Global Policy review
• Function Process review
• Internal and external audits
• Service assurance
• Client communication and presentation
• Function newsletter structure and content designing
• Reports and presentations
• RFP responses
• ISO 27001, ISO 9001 and SAS 70 controls implementation
• IT Security Compliance
• Organizing Innovation fairs.

Confidential

Network Administrator

Responsibilities:

• Building of Network infrastructure
• Hardware and IOS upgrade
• Configuration management
• Maintenance of MPLS and Metro-Ethernet network
• Setting up NMS and monitoring tools
• Hands on with Cisco high end routers, switches & firewalls
• Installation and configuration of Snort IDS.
• Escalation handling and client management
• Inventory and capacity management
• SLA monitoring and handling escalation
• New Infra build outs & project migrations.
• Integrating Confidential network with Caritor networks
• Training to laterals and new joiners
• Member of Global network team
• Experience on Video conference setup with Polycom Equipment.
• Provisioning site-to-site VPN’s, client access VPN’s & IPLC circuits.
• APNIC PUBLIC IP’s Migration
• Team lead in Confidential Enterprise operations center (EOC)
• Installation, configuration and troubleshooting of Active Directory, DNS, WINS, DHCP, Remote access, Group policies
• Monitoring Backups using NT backup.
• Installation and configuration of Redhat & Fedora Linux servers.
• Preventative maintenance of project related critical Servers.
• Break fixes for issues involving various scenarios for windows servers.
• Decommissioning of servers.
• Assisting onsite teams with hardware related issues.

Confidential

Network Administrator

Responsibilities:

• Day-to-day administration and technical support to clients.
• Installation, Configuration and Administration of Windows 2000/NT servers, Windows 2000/XP Professional.
• Provided hardware specifications for current and future needs. Co-coordinated with hardware vendors for hardware replacement. Purchased hardware peripherals for servers, pcs, laptops and printers.
• Provided support for Printers, Scanners, modem, Routers, switches, hubs and other hardware peripherals.
• Carried out installation of new Windows 2000 servers.
• Installation, Configuration and Administration of several Redhat Linux Servers for the Software Labs.
• Performed Windows security operations to secure network shares and permissions so that only authorized users had access to the necessary folder and files stored on central file servers.
• Installed necessary operating system service and security patches.
• Provided support for end users to resolve issues related to various application and hardware issues.
• Installed Antivirus software and patches to provide proactive protection from malicious viruses and emails.
• Manage projects related to implementing Cyber Security tools and products
• Maintain the documentation & connectivity diagrams with Microsoft Visio.
• Work with teams outside of Cyber Security to complete projects
• Review client requirements for security systems.
• Collaborate with engineers and developers towards a secure technical approach.
• Installation software and hardware components of firewalls and other portions of security infrastructure.
• Configure firewalls for usage, manage their day-to-day operations, and perform regular maintenance through upgrades and patches.
• Track and manage licenses status for renewal, upgrade.
• Troubleshoot the network/security related issues through ServiceNow ticketing system.
• Implementing Cisco Antimalware tools, Mcafee DLP, Application control & Redseal network model.
• Review and implement firewall rule changes per client’s specifications as necessary.
• Support and maintain proxy, VPN and other network traffic management
• Monitor security devices and applications for performance problems.
• Analyze the root causes and resolve them promptly.
• Installing hardware, software, configuring firewalls, setting up virtual private networks (VPNs), and upgrades.
• Engage with clients, relaying information about the project and troubleshooting all issues.
• Design, review and ongoing assessment of firewall, intrusion detection/intrusion prevention, VPN, SSL, application control, and other network component policies
• Design and configuredAzure Virtual Networks(VNets), subnets,Azure network settings.
• Setup Azure Virtual Appliances (VMs) to meet security requirements as software based appliance functions (Checkpoint firewalls, Intrusion detections).
• Configure BGP routes to enable ExpressRoute connections between on premise data centers and Azure cloud.
• Troubleshoot complex Checkpoint / Cisco firewall issues & Site-to-Site VPN related. maintain documentation on process procedures, device statuses, firewall block lists, and other important technical areas.

Confidential

Responsibilities:

• Take care of all ITIL processes- Incident management, Event management, Problem management, capacity management & Change management.
• Implementing the various security policies as per the client information security team
• Mitigate security vulnerabilities identified in network & proactive measures. (PCI, Pentest & Internal security audits)
• Build site to site VPN tunnels and GRE tunnels for all partner & Customer locations.
• Configure and troubleshoot of IP Sec VPN tunnels
• Manage the client network devices & upgrade the OS based on the recommendations from Cisco, F5 & Checkpoint.
• Ensure 100% PCI clean scan & vulnerability free network.
• Network devices upgrade & configuration changes with respect to Routers, switches, firewalls & Load balancers.
• Managing the load balance for 2000+ F5 hosted url’s. URL creation, Certificates management & vulnerability mitigation.
• Implement, design and troubleshoot EIGRP, OSPF, BGP, MPLS, VRFs, DMVPN, QoS, HSRP, VRRP, GLBP, Load Balancing, Ether Channels PAgP, LACP, VLANs, VTP, DTP, RSTP, PPP, PPTP, L2TP and so on.
• Administrating ASA devices with firepower and creating security rules, addressing the bug/vulnerabilities by upgrading the FXOS & ASA.
• Optimize & consolidate the ASA devices with Firepower & integrate IPS with Firepower.
• IPSec, GRE, ISAKMP, PKI, SSH, Port Security, ACLs, NAT, AAA, Radius and TACACS+.
• Interact with the client’s business and IT teams to gather, define, clarify and refine requirements.
• Design choices, such as protocols and topology, for large-scale Web data centers have significant impact on scalability and operations of underlying networks.
• Standardizing existing networks with current and new industry standards.
• Develop architecture proposals; work with vendors, test new solutions and products.
• Establish connectivity to AWS from On premises network through Direct connect & VPN.
• Troubleshoot issues using network monitoring & management tools (Opnet/Qradar/Splunk)
• Security vulnerability mitigation in AWS cloud environment.

Confidential

Responsibilities:

• Inventory of conference rooms & client visit rooms details across all locations & Based on that designing the wireless Infrastructure
• Installation and Configuration of 15 wireless controllers along with 800 Access points & standardizing the unique SSID across all locations.
• Wireless setup for the sales offices all Confidential locations.
• Implementation of the security best standards in all WLC’s.
• Built the Wi-Fi network to support multi-vendor platform (Cisco & Aruba).
• Effective Project Management & Vendor management/System integration for tracking each task & BOM preparation for Wi-Fi network requirements and arranging the passive network infrastructure.
• Creating the one touch profile configuration script and pushed in all laptops.
• Implementation of Unified guest access with Cisco ISE solution.
• Design and Implementation of Wireless access on smart mobiles with Cisco BYOD solution
• Reporting Wi-Fi monthly metrics & exploring the new options in Wireless.
• Implementation of Indoor navigation system with Cisco MSE
• Monitoring Wi-Fi service with Cisco Prime solutions.

Confidential

Network Administrator

Responsibilities:

• Working with Management for understanding the requirement and designing the Passive network infrastructure.
• Planning & Implementation of High-end Data Structured Cabling solutions using Krone/Systemax/Amp (Infrastructure) for data center.
• Working with the system integrator for finalizing the BOM which includes cable & other passive requirement and fiber laying and termination.
• Participating discussions with various vendors to provision the racks exclusively for the servers & data center switches and vendors for provisioning the power requirement.
• Management & Vendor management/System integration for tracking each task & BOM preparation, Material management for network requirements and updated the status to all stake holders on daily basis.
• Supervising Datacenter Inspection Reports for Hardware malfunction alerts/ Data Center temperature details, etc..
• Maintain the documentation of the all the services and inventory of the devices.
• Experience in server & Network devices rack mounting, cable installation and testing.
• Maintaining ISO 27001 documentation for Data Centre operations, participated in internal & external audits.
• Provisioning the racks based on the project requirements and has designed the network accordingly.
• Planning for data center consolidation at Hyderabad and have designing the network infrastructure which facilitates the additional servers which moved from different locations.
• Accompanying Auditors & Clients inside to the data center and addressed all their queries.

Confidential

Network Administrator

Responsibilities:

• Service lead for networking services.
• Configuring of SITE-TO-SITE VPN's for corporate clients.
• Implementing collapsed core infrastructure for new ODC’s & provisioning the network access to the client locations.
• Based on the customer requirement, Implementing the physically/logically isolated ODC’s
• Design customer required networks by using Microsoft Visio software and configuration and implementation of the same.
• Responsible to manage and maintain network data infrastructure devices like switches, routers, firewalls across US, European locations and offshore locations.
• Dashboard preparation for network operations and worked on improvement areas.
• Have been responsible for the projects BCP’s and audits & compliance.
• Take care of all ITIL processes- Incident management, capacity management & Change management.
• IPsec/SSL VPN implementation for new project connectivity’s for US customers.
• Setting up of SSL Cluster across US geographies & Design and implementation of SSL servers at US.
• Designing the customer connectivity’s and end to end support for implementation.
• Links Capacity management and monitoring the services & hardware.
• Coordinating with service providers and integrators for the link capacities and hardware designs.
• Designing MPLS failover across all US hub locations and offshore locations.
• Capacity planning for the hardware and the internet links at US hub locations.
• Coordinating with service providers and integrators for the link capacities and hardware designs.
• Design and implementing the wireless across US & all offshore location’s.

Confidential

Responsibilities:

• Study of Invensys global network
• Identify integration issues from IP conflict to domain conflict
• Lab environment setup with 3000 nodes.
• Prepare design proposal for short term and long term integration plan
• Necessary approvals from both parties and clearance from Information security group
• Order necessary BOM and links
• Server infrastructure setup & Desktop deployment in LAB & work area.
• Project planning and execution

Confidential

Responsibilities:

• Installation and configuration of Websense proxy & filtering services across Confidential locations.
• Managing and maintaining the proxy installed in Redhat servers.
• Implementing the various Policies as per the security team guidelines.
• Managing the Websense infrastructure and effectively worked on product upgrades.
• Configuring SSL decryption and lenient Websense policy implementation across all locations.
• Monitoring the services on daily basis & troubleshooting issues related issues related to Websense.
• Weekly review meetings with Websense team for service improvements and new features implementations status.
• Configuration & management of Websense Data loss and prevention servers and providing support in case of any issues with the server hardware.
• Attending Projects specific audits and providing required evidences related to URL filtering.