SUMMARY:

• I have 14+ years of experience as a Senior Network Engineer working on Cisco/VMware/Citrix/F5/BlueCoat/Palo Alto/Aruba/FireEye/Riverbed/Juniper/Netscout/Solarwinds/HP/CA networking technologies. I have completed the PMP and Cisco Certified Network Professional (CCNP) s.
• I have extensive hands - on experience in the network design, implementation, troubleshooting, and configuration of Security/LAN/WAN/WLAN infrastructure technologies such as routers, switches, load balancers, firewalls, forward and reverse proxy appliances, network performance management and analysis tools, virtualization, wireless controllers, bandwidth shapers, packet sniffers, TACACS/RADIUS, BIND/DNS, DHCP, etc.

TECHNICAL SKILLS:

Tools: Citrix XenServer, VMware vSphere\ESX, CiscoWorks LMS, Packet Design Route Explorer, CiscoWorks Security Manager, Packeteer Intelligence Center, Computer Associates (CA) Unicenter Network and Services Management (NSM), CA NetQoS Netvoyant/Reporter Analyzer. Bluecoat reporter, Packeter Policy Center, CA Unicenter Network Performance Option, MRTG, Cisco Secure ACS, WhatsUp Gold, Cisco SDM, SolarWinds Engineer edition, aaa-reports for Cisco Secure ACS, Airwave WLAN Management Platform, SolarWinds Orion Network Performance Monitor and NCM, Kiwi Syslog, HP TopTools, OPNET modeler (Network Design and Simulation), MS SQL Server 2008, VisualRoute VisualTrace, Cyclades Power/KVM/Console/Server Management appliances, Netscout Performance Manager and Service Delivery Manager, GFi Languard, Nessus, Riverbed Wireshark/CACE Pilot, Websense Web Filter, LanGuardian, ArcSight ESM

Platforms: Cisco 2611XM, 2851, 2960, 3560, 3750, 4506, 4510, ASR1000, AS5300, 6506/6509 (Sup2/720), 7206VXR, 7609, CRS-1, Cisco WiSM, PIX 525/ASA 5520, Juniper EX-4200, Blue Coat 40 ProxySG appliances, Bluecoat ProxyAV appliances with Kaspersky AV, Ipoque, PacketShaper and Anagran bandwidth control appliances, Aironet 1100/1200/1300 access points, Aruba 7240 WLAN controllers and ClearPass, Alcatel Lucent OS6900, FireEye Web MPS, Aironet 1410 wireless bridges, CiscoWorks WCS/WLSE, Cisco IP/TV 3412/3425, HP Procurve 4104 and 2524, F5 Big-IP LTM 3900 and 6900, Citrix Netscaler 9000 load balancers, Packeteer 6500/7500/10000 PacketShapers, Palo Alto Networks PA-3020 firewalls, Juniper SRX/ISG/NSM, Tipping Point 5000E IPS, Foundry ServerIronXL load balancers, NetApp NetCache C2100, IBM BladeCenter (HS21 series), Infoblox DNSone and RadiusOne, Nortel Optical Multiservice Edge OME 6500

Languages: C++, Visual Basic, Perl, Pascal, HTML

Operating Systems: Windows 2003/2008 Server, Redhat Enterprise Linux, SuSe Linux, Ubuntu, Mac OS

PROFESSIONAL EXPERIENCE:

Information Technology Center

Confidential

Responsibilities:

• Managing and leading the network management group.
• Design, installation, and maintenance of Cisco LAN and WLAN infrastructure
• Design, installation, and maintenance of Cisco ASA/PIX firewalls for securing the network and providing remote access VPN service.
• Design, installation and configuration of Bluecoat proxies for forward proxy deployment.
• Installation and configuration of Citrix Netscaler load balancers for ERP applications.
• Installation and configuration of PacketShapers for bandwidth shaping and application control.
• Installation and configuration of different network monitoring and management systems like MRTG, WhatsUp Gold, CiscoWorks, and Airwave.

Network Services, Division of IT

Confidential, California

Responsibilities:

• Leading the network and security engineering team.
• Installation, configuration, and operation of security, LAN, WAN, and WLAN systems.
• Analysis, troubleshooting and resolving complex network problems and coordinating with vendors for fault isolation and resolution.
• Prepare detailed documentation including as-built diagrams, system and network designs.
• Generating and providing monthly statistics to Senior Director and CIO.
• Configuration management of all network devices and making sure that all the devices comply with the policies.
• Ensuring the provisioning of network services, and monitoring activities for efficient and reliable network services to users.
• Participate in the maintenance of network configuration documentation as well as standard operating procedures.
• Identify/recommend infrastructure upgrades and improvements.
• Utilize network monitoring tools to proactively identify and investigate network related issues.
• Appropriately scoping & implementing project deliverables while ensuring smooth transition into operational support.
• Manage multiple complex and highly visible projects simultaneously.
• Maintaining and renewing vendor support contracts.
• Member of the California State University working group for recommending security products.

Team Lead, Network and Security

Confidential

Responsibilities:

• Design, implementation, operation and maintenance of the LAN and WAN infrastructure providing connectivity to the super-computer lab, research labs and a large scale SAP implementation.
• Designing and planning Bandwidth management policies and applying the same using a highly advanced and specialized solution.
• Design, implementation, and operation of infrastructure for providing Internet services using F5 load balancers and Bluecoat appliances.
• Provide technology planning, design, and administration for the network infrastructure for the data center connected to more than 70 buildings.
• Proposing and implementing policies and procedures for network services and systems.
• Investigating and evaluating new network technologies and solutions.
• Planning network configurations and monitoring performance to ensure maximum availability.
• Managing and monitoring the network resources using a variety of network management tools, including Netscout, SolarWinds NPM/NCM, Ciscoworks, etc.
• Design and implementation of the DR site for providing fail-proof networking services.
• Identify requirements and implement the most efficient and cost effective solutions (hardware, software, and management tools) to satisfy business requirements.
• Preparing RFPs for all networking projects and analyzing bids for the same. Coordinating with suppliers and vendors for timely completion of all projects.
• Member of the Change Advisory Board approving the configuration changes after looking at the proposed changes and the associated risks.
• Coordination with service providers for resolving WAN issues and ensuring SLAs are met.

Senior Network Engineer

Confidential

Responsibilities:

• Conducting research both individually and as a team member with Faculty.

Research Assistant

Confidential

Responsibilities:

• Developed the Human Resource and the Payroll Management Systems

Software Engineer

Confidential

Responsibilities:

• Design and implementation of different solutions and policies which include configuration of Cisco IOS features such as BGP, MPLS, EIGRP, OSPF, Frame Relay, Etherchannels, Port Security, 802.1x, Syslog, AAA, ACLs, VLANs, DHCP, STP, VTP, NAT, HSRP, ATM, Multicast, PBR, IP SLA, Netflow, Remote Access and Site-to-Site VPN, and QoS features of Cisco IOS to enforce different policies on the switches and routers.
• Design, installation, configuration, and maintenance of the cache farm comprising of BlueCoat ProxySG B, and Netcache proxy appliances:
• Redesigned the proxy infrastructure by migrating the F5 load balancers on the Inside interface of the firewall to transparently redirect all the web traffic to the Bluecoat ProxySG appliances. The proxies were installed in the DMZ earlier and were only configured for explicit mode. However, after in-line placement of the proxies, they were configured to intercept traffic for both transparent and explicit modes.
• Design, installation, and configuration of Palo Alto Networks PA-3020 NG firewalls to secure valuable assets against Advanced Protection Threats (APTs).
• Design, installation, and configuration of F5 Big-IP 3900/6900 LTMs to build virtual servers in a redundant topology for the Bluecoat cache farm.
• Design and implementation of bandwidth control policies. Configured Ipoque, Anagran and Bluecoat PacketShapers bandwidth shaping appliances to apply policies for bandwidth allocation on per application/user basis to throttle P2P traffic and enable fair bandwidth distribution.
• Configuration and generation of reports from the Riverbed Wireshark/CACE Pilot packet analysis tool.
• Installation and configuration of SolarWinds Orion Network Performance Manager and Network Configuration Manager to monitor and manage the network devices, servers and their services.
• Installation and configuration of Netscout Infinistream and Netscout Performance Manager along with Service Delivery Manager to monitor and alert the administrators in case of any service degradation.
• Installation and configuration of Aruba ClearPass solution to provide secure wireless connectivity and also to deploy Guest self-registration setup integrated with Aruba Controllers.
• Configuration and maintenance of Netfort LanGuardian forensic analysis tool to aid in the investigation about the P2P application users for whom we received copyright infringement notices.
• Configuration and management of security scanners such as GFi LanGuard and Nessus to report and mitigate the vulnerabilities in the servers.
• Design and implementation of the Wireless connectivity project comprising of a total of 800 indoor access points and 450 outdoor access points. Involved in the following phases of WLAN project:
• Configuration and installation of virtual machines using Citrix Xenserver and VMware ESXi 4.0/5.0 virtualization tools. Migrated VMs from one host to another. Participated in the Server consolidation project whereby we moved more than 100 physical machines to VMs.
• Configuration and Management of IBM BladeCenter, Dell and HP Proliant servers hosting more than 100 services.
• Configuration and management of the CiscoWorks LAN Management Solution (LMS) for configuring and maintaining the Cisco LAN and WAN infrastructure. IOS management, fault management and configuration management functionalities were implemented.
• Configuration and management of the Foundry ServerIron (FCSLB24) application traffic management appliances for server load balancing of student registration systems. Also used to provide Transparent Caching Service for HTTP and HTTPS traffic of the ADSL network.
• Lead a team of network engineers to upgrade the Supervisor module (Sup2) on the Cisco 6509 core switches to Sup720. This project involved careful planning to ensure that all the hardware requirements were met and all the configurations had to be carefully translated to Cisco IOS format.
• Configuration and management of the CA Unicenter Network and Services Management System (NSM) and Unicenter Network Performance Operation (NPO). Some of the tasks performed are as follows:
• Installed system, performance, log, and database agents on Windows, Linux, and AIX clients.
• Generated and published real-time and historical trends using Performance Trend and Scope.
• Configured NSM Portal and 2D map for different Business Process Views (BPVs).
• Configuration and management of Cisco PIX 525/ASA firewalls providing IPSec/SSL VPN service. Integrated with CiscoSecure ACS for user authentication and authorization.
• Configuration and management of the Tipping Point IPS 5000E for identifying and mitigating attacks to protect the server farm. Installed and configured the SMS management application.
• Configuration and management of Cisco Secure ACS version 4.0/5.0 (TACACS\RADIUS) servers for providing the remote access service in failover mode.
• Created different groups which pertain to different groups of AD users. The authentication servers were integrated with MS Active Directory for user authentication.
• Implemented TACACS+ for network device authentication with CiscoSecure ACS.
• Worked on a consultancy project for building a new Data center for Saudi Arabia’s Ministry of Higher .
• Configuration and management of BIND (DNS) version 9.2.4 on Red Hat Linux, for maintaining Confidential ’s external DNS service. Migration of DNS service to Infoblox appliances.
• Configuration and management of Cisco AS5300 router for the remote dialup service, with 8 E1 controllers.
• Configuration and maintenance of Cisco IP/TV equipment (Cisco IP/TV 3412 and 3425) for live broadcasting of the events and conferences.
• Configuration and management of Cisco 1410 wireless bridges to provide wireless backhaul connectivity.
• Configuration and management of the WhatsUp Gold software for network monitoring and management, which has been integrated with a SMS Gateway so that SMS messages can be sent. Performance and resource utilization monitoring of network devices using the MRTG/RRD and Netscout nGenius tools.
• Network design simulation with hands on experience of designing and simulating the traffic of a network with more than 300 hosts on OPNET Modeler.