Summary

Accomplished Network/Security/Wireless/Voice Engineer with over 17 years of experience in NOC/ design, installation, configuration, administration and troubleshooting of LAN/WAN infrastructure and security using Cisco routers/Switches/firewalls/Load Balancers/Voice Gateways Wireless Controllers. Experience in design datacenters engineering/Cloud environments. Implementation experience firewalls and security, systems, VoIP/ wireless/networking. Worked in various industries like Telecommunications, Production, Manufacturing, and Engineering services industry.

PROFESSIONAL EXPERIENCE

Confidential

Sr. Network Security

Responsibilities:

• Designing and implementing large-scale networks, network routing, switches, firewalls, load balancer, firewalls including client and PTP VPN , WAN accelerators and internet-related networking and security technologies. Design and implement security-related improvements / enhancements to customer and internal networks. Designs, implements and tests Internet Commerce sites, provisions VPNs, develops intrusion detection and firewall management architectures. Deploying Cisco ASA network firewalls and Cisco ACLs. Design 10gig redundant network for EMC DD990, NetApp, implementation and direct support of customers. Managed Cloud Services Platform, network infrastructure supporting Core distribution and Access switches. Implementing security policies and infrastructure in a multi-customer ISP Data environment. Support and configure new Cloud offering, DaaS, IaaS and SaaS.
• Managing OSPF, HSRP, BGP, Radius, Tacacs and SNMP, BGP,VRF, VRRP Tacacs . Manage network / systems security, implement policies, processes PCI, HIPAA compliance. Develop solutions to network and security problems.

Network equipment: Cisco Routers and switches, Cisco Catalyst 6509 as well as ASR 9000 and Nexus 7K, 5K and 2K Routers / Switches, particularly in a fully meshed, fault-tolerant Ethernet environment. Deploying network load balancers Cisco CSS11xxx

Tools used: network monitor CA Spectrum, Snort, Nessus, nmap, ntop, snoop, tcpdump, wireshark and other Open Source tools. Participated in an On-Call rotation.

Confidential

Sr. Network Security Engineer

Leading in an enterprise data center migration. Working with the existing team to complete project work, assist with tier III alerts, such-as emergency, guide technician to install/replace hardware at datacenter facilities. Performing Dell SecureWorks' Vulnerability Management, blocking scanning IP on IPS module on Cisco 6500 catalyst switch. Implementation SNMPv3 network monitoring for whole datacenter, finding OID's, setup custom sensors. Daily perform task such as: Opening ASA/PIX/Cisco Firewall Service Module FWSM opening Firewall rule, manage OSPF, NAT, VPN, SSLVPN, VRF, VRRP NEXUS 5k/7k, configuring Cisco 7600 Series Routers, Cisco 6500/4510 Series Catalyst Switches, configuring FEX Nexus 2k module Fabric Extenders , VLAN, VPC, Port-channels, configuring Cisco ACE for server farm for load balancing, identifying firewall issues using Capture, packet-tracer and some tools such as Wireshark Nessus, nmap, NA/Sniffer Pro, Nagios, Rancid, assist with ITIL implementation, some work with HP with iLo and Proliant BL460c blade running linux and many more.

Confidential

Sr. Network Engineer

Lead MPLS team to assist in all stages installation and maintenance in state-of-the-art voice/data network technology include Video - Streaming Media, Wireless controllers 5508/, Telco Circuits and Transport T1/T3/DS3/OC3. My daily responsibilities were to prepare devices configuration. Attending hosting services cut over meeting over 900 company offices. Install new and upgrade Cisco routers 2811, 2921, 3925, ASR1002-5G w/ SFPs. Cisco switches 3850/6500/4500. Network Management and troubleshoot - DNS, DHCP, BGP, preffics list, Access list, IGRP, VRRP/HSRP,VRF, VLAN, Infoblox - IP Management, Avaya Avaya G350/450 gateways, Avaya voicemail, Avaya IP Office branch system w/ stations 4620sw/4621sw /Cisco voice, Avaya Site administration.

Confidential

Sr. Network Engineer

• VSXi installation on Cisco Server Chassis UCS-5108, UCS 6120xp for new product testing and development, in both a test and production environment.
• Configured and troubleshot VLAN's, STP, VTP, Tranking, DNS, DHCP EtherChannels, Access Lists, EIGRP, NAT, QOS, BGP, MPLS and static routing. Configuration OSPF on Nexus 5000/7000/2000 FEX Extenders
• The project to coordinate and responsible for migration all CISCO testing laboratory running multipurpose Voice VoIP, Video Conferencing for running effective tests solutions for various Cisco devices and software equipment which is over 360 on 26 racks networking systems containing Cisco 6500 Switches, Linux Based high-end Servers, Storage SAN, NAS. Setup voice Cisco 2800/3800/2900/3900, Cisco Unified Communications Manager, connecting over 500 phones. Configured Cisco 2950 switches, 7200 Routers and 4500 Switches, Multi service Modular MDS 9222i, Cisco Voice Gateways VG224/248.
• Configure and maintain a variety of modules for the 6500 Switch including AON, NAM, Sup2, Sup720, and Switch modules for both copper and fiber.
• Coordinate lab move, planned bldg power shutdown, bldg power outage issues and lab bring up. Install and administer numerous Linux solutions including NFS, Apache, MySQL, and a variety of Java based Cisco apps, and tools.

Confidential

Sr. System Network Analyst.

• ESC consulting company specializing in software projects consulting and technical support. Lifecycle: analysis, design, testing, deployment serves various industries: financial, brokerage, banking, insurance, health care, manufacturing, pharmaceutical, and many others. Being responsible for consulting and technical support Microsoft Server 2003/2008 and 2008 R2, Active Directory Domain Controller, Microsoft Exchange 2003/2008/2010, SharePoint, Linux, SQL database and other systems, networking, wireless, Network installation's and administration: Cisco IOS, Nexus OS 2000, 5000, Catalyst switches, Firewalls administration, ISDN line, Checkpoint upgrade R65 to R80, firewall rule base revalidations and migrations, support, Cisco catalyst 6500, 7600 Series Wireless Services Module WiSM , Cisco Wireless LAN Controller 4402/5508, Cisco 2500 Series Wireless Controller
• Cisco Wireless LAN Controller Modules NME-AIR-WLC8-K9 with 3845 Services Router, Cisco Catalyst 3750G Integrated Wireless LAN Controllers, Cisco Unified Communications Manager, ASA 5500 firewalls configuration's, monitoring, troubleshooting. Manage protocols: TCP/IP, UDP, SSH, FTP, HTTP, SMTP, POP3, IMAP, DNS, STP, RSTP, IPSec, LWAPP, RIP, EIGRP, OSPF. Assisting all technical environments with effective monitoring solution. Wirelesses network troubleshoot and support based on CISCO Aironet 1100,1200, Cisco 1520/1522 Mesh Access Points. Maintain security and privacy with sharing permission. Installing Digital Certificates. Assisting all Systems Development Life Cycle SDLC and supporting Web environments: site, mail, web hosting.

Confidential

Network Security Engineer.

AT T is the largest provider of local, long distance telephone services in the United States, and also sells digital subscriber line Internet access and digital television. AT T is the second largest provider of wireless service in the United States, with over 81.6 million wireless customers, and more than 150 million total customers. Being responsible for configuration, maintenance and monitoring of clients firewalls, routers and load balancers, I worked as Network security engineering team to support, troubleshoot with a wide range of hardware devices including but not limited to CISCO, PIX ASA, Cisco Nexus Switches, Aventail, Nokia, Checkpoint NGX R65-R80 , Provider-1 and many others. In my work I've utilized various software products such as Cisco Works, Lotus Notes and many other databases, Remedy, ticket management MAXIMO, R1 and others. Used Nessus scanner for Network Scan External/Internal large networks with many hosts. Installing Session Initiation Protocol SIP and Gateways administration, Performing network security packets scanning using capture tools tcpdump and Wireshark, Nmap to analyze to identify network problems. Manage spanning tree network, 802.1q trunking and VLAN, Proxies and VPN, Configured DNS, Manage the network scripting using bash to perform some automated tasks. Revalidate firewall rules to optimize the rules and recommend for specific clients application types. Responsible for life cycle and End of Live networking devices, Improve process documentation improvements to prevent compliance violations. Planning and performing the network security audit, Service Activation and Deactivation, Incident Responses. Assisting all Systems Development Life Cycle SDLC , Vulnerability Scanning Assist team leader with service planning and maintain PCI network security documentation, ITIL procedures and processes to improve service delivery and reporting. Work with team on-call rotation.

Confidential

LAN and Firewall ENGINEER.

IBM, the world's largest multinational computer technology and consulting corporation with over 338,000 employees and over 170 offices worldwide. At IBM Global Services Delivery Center I administered firewalls, switches, routers and load balancers for Deutsche Bank, one of the largest clients of IBM and one of the largest financial institutions in the world. Being responsible for support for configuration, maintenance and monitoring of client's firewalls, routers and load balancers, Revalidating firewalls rules and identify rules that can be removed if not used by clients application. I worked with a wide range of hardware devices including but not limited to CISCO Switches and routers, PIX/ASA Firewalls, Checkpoint NGX R62/R65/R70 Provider- 1, IBM xSeries, Foundry Server lon and others. In my work I've utilized various HP and Dell, AIX servers and others include Bralde Logic and CVS, Assisting all Systems Development Life Cycle SDLC and supporting Web Applications, reverse-proxies, socks and many others. Using network security analysis tools Wireshark, TCPdump, to sniff traffic, using monitoring software CA Spectrum, Qradar identifying security assets, analyzing log, flow, vulnerability, user and asset data troubleshoot devices and firewalls. The position required from me extensive work with low level network protocols management, security tasks such as defining and managing ACLs, hands-on working with advanced network technologies such as virtual private networks, tunneling, remote access and management, demilitarized zones, etc.

Confidential

Network/System Wireless ENGINEER.

In the Obolon Hotel I Lead IT infrastructure in design, implementation, configuration, and management of enterprise wireless hardware, software, and management systems NMS . Manage deployment and testing of code updates for wireless systems system operation of 802.11 b/g, 11n, 11ac, Manage Cisco WCS, installed WiSM into Catalyst 6500, Installed Cisco 4402/4404/5760 Wireless LAN Controllers. I submitted a proposal to hotel management to create and set up Wireless Internet Access for hotel guests using wireless technology performing site-survey and analyzing signal spectrum. My idea was accepted and I designed and implemented the system. Planed and coordinate system utilization and capacity, involving configuration and testing with vendor. Responsible for advanced enterprise wireless LAN administration and design, Configured DNS, mesh networks, and point-to-point and point-to-multipoint topologies. Network Monitoring and data acquisition with TCPdump, Wireshark, many others.

Confidential

Network Architect/support engineer

UNK is one of the leading anti-age clinics. I've been hired to upgrade network systems environment increase bandwidth lan/wan Gigabit Ethernet and 54Mbps. Setup Wi-Fi network as well as a 100 Mbit Ethernet routed network. A heterogenic environment was set up. Platforms included: PC, Solaris, Apple Mac, Microsoft Windows 2000, XP, Vista, Microsoft Windows 2003, Active Directory, Setup DHCP/DNS/NAT. Supporting windows domain controller, Mobile Devices, and Specific Medical Devices over Network and Wireless Bluetooth.

Technical and relevant skills

Operating Systems: Windows Vista/Windows Server, Windows Mobile, Linux, CISCO IOS, UNIX, Mac OS X, DOS, PalmOS, Symbian, Android, iPhone OS. Other Software: IBM Tivoli Enterprise Console, IBM Tivoli Netcool / OMNIbus, SAProuter, SSH, EotS, Microsoft Office, Adobe photo shop, Illustrator, Indesign, Power Quest Drive Image, Norton Ghost, ZoneAlarm, McAfee Antivirus, Norton Antivirus, Symantec antivirus, Winternals software, VMWare, VirtualPC, MDaemon, Agnitum Outpost, PuTTY, Solarwinds, Kiwi, Network Monitoring System, CVS, SQL database. Technologies: Wireless Gateways Networking, Wi-Fi, TCP/IP, UDP, xDSL, ADSL, SHDSL, ISDN, Ethernet, Directory Service, SSH, DNS, FTP, HTTP, Email, SMTP, POP3, IMAP, V.32, V.32bis, V.42, V.42bis, V.90, V.92, RS-232, NAT, VPN, 802.11a, 802.11b, 802.11g Networking TCP/IP stack, routing, Communication protocols, Link-Level protocols, Modems, High-Speed Internet access, LAN/WAN, Physical cabling, Network planning and design, Troubleshooting

Network Hardware CISCO Routers, CISCO PIX Firewall, CISCO Catalyst Switches, Check Point Secure Platform Pro, Aventail, Nokia Firewall, Tipping Point Intrusion Prevention System IPS basic

Security Firewalls, VPN, DMZ, Tunnels, Intrusion detection and monitoring, CISCO, DMZ, ACL

Wireless Wi-Fi, 802.11b, 802.11g, WEP/WAP, Bluetooth, GPRS, Roaming, Wireless Security

Specific Hardware Broadband routers, Modems, CISCO Hardware Firewalls, Wireless Routers, Access Points, Billing Hardware, Medical Hardware

User Management Active Directory, Microsoft Windows Domain Controller, Workgroups, Billing Systems

Internetworking NAT, PAT, Proxy Access, FTP, Email, Traffic and Bandwidth Accounting, User Management and Auditing, Messaging Solutions, Sniffing

Protocols TCP/IP, UDP, SSH, FTP, HTTP, SMTP, POP3, IMAP, DNS, STP, RSTP, IPSec, LWAPP, RIP, EIGRP, OSPF System Architecture PC Hardware, Apple Mac Hardware, Pocket PC, Windows Mobile, Symbian, Palm OS, Android, Blackberry, Mobile Communication Devices Hardware Diagnostics, SCSI, RAID, Troubleshooting and Upgrade