SUMMARY

• Multiple years effectively managing and prioritizing multiple projects and tasks; communicating technical concept to business and stakeholders
• Multiple years of effectively gathering complex business and technical requirements across multiple functional group and teams and recommending sound and viable solution to business
• Multiple years of define, design, institute processes, procedures, and work closely with the business partners to identify/quantify business issues associated with specific projects, develop/implement business strategy, and assist in setting strategic tech direction
• Multiple years manage, operate and optimize processes and operation of multiple development environments, which consist of co - locations, managed data centers, and physical data centers.
• Multiple years strategizing and translating business needs into technical solutions, institutionalizing defined solutions and processes, and defining solutions to problems through reasoned application of information technology Roles & Responsibilities
• Effectively providing cost cutting, justification of procurements vendor management, resource management, and capacity management
• Design, setup, Implement and configure virtual CA API Layer 7 gateway appliances and design environments to consolidate and to secure services and applications with ADFS, NTLM, Kerberos, and SAML within On-Prem, AZURE Private and Public Cloud environments
• Multiple years define, optimize, secure, automate, monitor and simplify processes andoperation utilizing various Security, network and infrastructure management tools in Proactive monitoring, Security Vulnerability, Application Security, Password management, Virtualization, PKI and Certs managements, NAC and SSO, DHCP/DNS/IPAM management, Auditing, Incident and change and process managements
• Multiple Years in design, setup, and manage virtualization infrastructure utilizing SCVMM and Vcenter ESXi and Microsoft Hyper-V Hypervisor clusters to build virtualized resources and infrastructure
• Design, administration, setup, and implementation of Security Appliances and Devices such as Cisco PIX500 series, Cisco ASA5500 series, Checkpoint AI/NG with Provider-1/SPLAT/IPSO, and Juniper ISG/SSG 1000/2000/ScreenOS/SRX JUNOS firewalls includes clustering and failover
• Designing, administering, monitoring, analyzing, and optimizing Internet traffic and its security utilizing Symantec DLP (Bluecoat Security Appliance) and Forcepoint (Websense Security Appliance) to secure HTTP/HTTPS/FTP proxy/Data Loss prevention(DLP) and securing of Instant Messaging, preventing phishing, and protecting other various services including Trend Micro for email scanning and filtering
• Multiple years of IDM and PAM with various tools which includes AD, AAA, RADIUS, TACACT, NAC, Cyberark, LDAP, ADFS, and SAML among others
• Multiple years in design, setup, manage, and administer virtual and physical Microsoft AZURE Private and Public Cloud infrastructure using Microsoft SCVMM, SCCM, SCOM HP Blade G7/G8/G9 Blade servers and 7000c Chassis, MSA 2040, Cisco 6500, Brocade FC switches.
• Multiple years of design, setup, implement, automate various vulnerability and audit and reporting tools to manage and to monitor incidents and event management with RapidFire, SEP, Qualys, Nessus among others.
• Multiple years of hand-on experience in setup, administer, manage and monitor with Cisco routers and switches, Cisco 12000, 7600, 7200, 3800, 2800, 2600, 2500 Series, Catalyst 6500, 4900, 4500,3700, and 3500 Series, which includes advance Level understanding of CatOS, IOS and IOS- XR
• Design to implementation in MPLS, MPLS TE (FRR, Node and Link Protection), mBGP, VPLS/L2VPN(Martini and Kompella), L3 VPN, Multicast, Multicast VPN utilizing various enterprise and service provider class hardware platforms
• Design, setup, and implementation experience with Juniper JUNOS and JUNOSe on hardware MX 960, M320, M120, M10i, M7i, J6350, J4350, Erx310 routers and EX 4500, 4200. 3200 switches and VC, and also various other vendor equipments such as Foundry/Brodcade, Alcatel Enterasys, and among others
• Multiple years design, mange and administer F5 BIGIP LTM and GTM infrastructure and Citrix Netscaler Infrastructure to service web applications and services.
• Multiple years of planning and hand-on with IT Infrastructure on proactive Performance Monitoring, Performance Management, Network Optimization, Auditing and event and incident management using SPECTRUM, EMC SMARTS, ORION APM/NPM, Cacti, SevOne, Gigamon, AlgoSec, and COMPUWARE and various other applications and appliances
• Design to implementation of Site-to-Site VPN, SSL VPN, Frame-Relay, and remote access using various vendor platforms includes Cisco, Juniper, and Nortel.
• Multiple years design and manage QIP Lucent DNS, DHCP, IPAM infrastructure and management of Inforblox DNS/DHCP/IPAM infrastructure in medium to large enterprise.
• Significant hands-on knowledge and experience with Cisco and Juniper wireless network using Cisco WLC, Juniper Ringmaster, and various Standalone and Lightweight APs.
• Significant understanding of OTV, FabricFath, VXLAN, VPC, and Juniper QFX, Cisco ISE, Chef, Puppet, TOGAF, NIST, ISO 27001/27002/17999, PCI Github, Git, Spine/Leaf, Cisco ACI, NSX, Microsegmentation

TECHNICAL SKILLS

O/S: Cisco IOS, IOS NX, IOS XR, JUNOS, JUNOSe, ScreenOS, Alcatel, Foundry, Window NT, XP, W2K, Windows 2003, Windows 2008, Windows 2012 R2, Solaris 8 & 9, Linux Red Hat Enterprise

Protocols: MPLS, MPLS-TE, Multicast, MP-BGP, OSPF, EIGRP, ISIS, RIPv1/2, HSRP,VRRP, IGMP, PIM, VoIP, PPP, RSTP, VTP, IPv6, L2TP, GRE, SNMP v1/2/3, VPLS, VPWS, AToM, EoMPLSSoftware: Lucent Enterprise QIP IP/DNS/DHCP (Bind 8&9) management, MG-Soft, MS Office Suits, NetViz, Visio, Cisco ISC 4.2 and 5.0, Alcatel EMS, Trend Micro Email Virus Scanner, RSA Security Server, Remedy, RepidFire, Qualys Vulnerability Scanner, Cyberark Password Vault, Symantec Endpoint Protection, DCNM

Tools: VMWARE vCenter and vSphere, EMC/Smarts In charge AM/IP, Aprisma Spectrum Network Monitor, Bluecoat(Symantec DLP) Packet Shaper, MG-Soft, Snort, Retna Scanner, Nmap, Sygate, firewall, Network Associate Sniffer, Wire Shark, InfoBlox, WINMTR, IPerf, Forcepoint (Websense Security Appliance), Juniper NSM, Gigamon, Failover Cluster Manager, Hyper-V. SCOM, SCVMM, SCCM, WUPS, Nessus, Qualys, RapidFire, Cyberark, SEP

Hardware: Cisco (Cisco 12404, 7204, 3845, 3825, 2851, 2821, 2801, 2691, 2501 Series, Catalyst 6513,6509, 4948, 4506, ME3750, 3550), Juniper (M320, M120, M10i, M7i, ERX-310, J6350, J4350, J2300, EX3200, EX4500, MX960, SRX 3600, 1400, 650, 240, 210), Juniper ISG 1000/2000, Alcatel (ESS1/ESS7/SR1/SR12/ SAS7250), Enterasys SR Core routers and switches, Checkpoint AI/NG Firewall(IP440/210), Juniper SSLVPN

FirewallsSG25/50/ISG1000/2000/SRX3600, Bluecoat Appliances(Symantec DLP), Neoteris SSL Accelerator, Cisco Local Director, BigIP Application and GTM Site Load Balancers, Enterasys Dragon IDS/Wireless, Cisco 5508 Wireless LAN Controller, Cisco Wireless Controller:

VoIP: FXO/FXS, CCM, CCME, MGCP Gateway, Cisco CCM/CCM Express, Cisco Unity and Unity Express, Avaya VoIP 8710/8500/8300/G650/G350, Nortel VoIP 1000T/1000E/ Call Server/Media Gateway/Signaling servers

PROFESSIONAL EXPERIENCE

Others: SONET, OC-48, Dark fiber, OC-3, DS3, T1, Frame Relay, ISDN, MIB, IPSEC VPN, 802.1x, HP Chassis and hardware, IBM Blade Servers, Dell Chassis and Server hardware, Solaris, IBM Blade Centers, DWDM, Dark Fiber, NTLM, ADFS, SAML, REST, SOAP

Sr. Infrastructure Consultant

Confidential, New Jersey

Responsibilities:

• Translates business needs into technical solutions, design and defining solutions to problems and requirements
• Designs, develops, documents, secure, and analyzes overall designure of systems, Security, development environments and their virtual and physical infrastructure
• Secure and consolidate services and applications with ADFS, NTLM, Kerberos, and SAML using CA API Gateways within on-premises, AZURE Private and Public Cloud environments
• Design, setup, Implement and configure virtual CA API Layer 7 gateway appliances and design environments to consolidate and to secure services and applications with ADFS, NTLM, Kerberos, and SAML within On-Premise, AZURE Private and Public Cloud environments
• Provide designure designs and cost estimates for midrange infrastructure required to provide computing resources for applications
• Supports testing, planning, problem management, change management and staging of applications and services within AZURE Private and Public Cloud environments as IaaS, PaaS. and SaaS.
• Define, design, institute processes, procedures and work closely with the business partners to identify/quantify business issues associated with specific projects, develop/implement business strategy, and assist in setting strategic tech direction
• Lead, design, Implement, and troubleshoot L7 application API Gateways for Company wide application services
• Design, manage, and setup auto scan for vulnerability using Qualys Vulnerability Scanner within AZURE Private and Public Cloud environments.
• Administer and manage Symantec End Point Protection to protect against threats on VMs and physical servers within AZURE Private and Public Cloud environments.
• Scan, automate, and create risk and behavior assessment and audit reports using RapidFire
• Create and manage GPO for Active Directory resources for overall development environments consisted of on-premise, co-location, and managed data centers
• Administer and setup Virtual hosts using Microsoft Hyper-V, Failover Cluster, and VMM within AZURE Private and Public Cloud environments as IaaS, PaaS. and SaaS.
• Manage and Administer Windows Updates for multiple environments and Sitesutilizing Microsoft SCCM and WUS within AZURE Private and Public Cloud environments as IaaS, PaaS. and SaaS
• Setup and manage VM images ad templates
• Securing Data transfer using SFTP vShell and FileZilla Clients on multiple sites including AZURE Private and Public Cloud environments.
• Design, Implement and manage Cyberark to manage and to protect privilege access within AZURE Private and Public Cloud environments as IaaS, PaaS. and SaaS.
• Secure for Client Data hosting environment using BitlockerEncryption
• Setup and configure Microsoft Cluster Nodes for VMM using HP G8/G7 Chassis hardware supporting AZURE Private and Public Cloud environments as IaaS, PaaS. and SaaS.
• Setup Storage for Hyper-V clusters using HP MS A2040 for AZURE Private and Public Cloud environments.
• Using Remedy and ServiceNow for tracking issue and problem resolution
• Design, Implement and setup Monitoringfor multiple environments using MS SCOM
• Use Powershell to automate maintenance and to manage resources in AZURE Private and Public Cloud infrastructure and resources.

SR. IT Infrastructure Architect

Confidential

Responsibilities:

• Evaluate, Analyzing, and identify all area of IT infrastructure to split of US Division into Separate Entity
• Evaluate and Advise on overall cost analysis between In-house IT Infrastructure acquisition verse Cloud base Service Providers
• Identify and advise resilience capabilities and technology strategic planning and design
• Provide overall IT Infrastructure, components and create proposal for separation and creation of new division
• Provide and Present overall IT Infrastructure acquisition components and cost analysis to C and VP-Level Management
• Plan and Project time frame for overall Infrastructure acquisition and implementation
• Evaluate, Analyzing, and identify areas of potential risk Concentration within Line of Business(LOB) overall physical and virtual infrastructure, applications and application components to protect from Cyber Security Attack such as DDoS with Infrastructure such as BIG IP LTM and GTM
• Create and evolve conceptual idea into viable framework and automation using Excel and Visio tools to raise awareness of “risk” concentration in bank’s mission critical applications and business underlying Virtual and Physical infrastructure
• Identify and advise resilience capabilities and technology strategic planning and design
• Analyze andraise awarenessforavailability of virtual and physical infrastructure related to PaaS and IaaS consist of different vendor platforms consist of Cisco UCS, Cisco ASA, Bluecoat(Symantec DLP), F5 load balancer, and Cisco router filters.
• Analyze and extract information to formulate framework from large amount of data from different database resources
• Creating and turning high level designural view into low level designural view
• Turning conceptual ideas into tangible action items, tasks, and high level designing and Blueprint for Designure
• Provide and advise on expert level of understanding of seven domains of the Infrastructure Stacks, which include Application Tier, Middleware Domain(Messaging MQ) / DMZ, Business Server Domain, Database Domain, Storage Domain and its associated networking designure, Core Network Designure Domain, and the Facility Domain
• Provide and Advise on hand-on knowledge of each of the datacenter and Infrastructure domains
• Identify and decipher complex requirements and provide possible enhancements to awareness of overall LOB
• Evaluate, identify and advise possible disaster recovery, business resiliency, and business continuity scenarios and plans on an ongoing basis

Network Architect

Confidential

Responsibilities:

• Project manage and take ownership of all aspect of projects includes WAN P2P and Internet provider migration projects
• Evaluation, Migrate, and implement of all aspect of Cisco/3Com platforms such as Cisco 65xx/PIX5xx/ASA55xx to Juniper EX and SRX platforms and other infrastructure components such as Symantec email gateways and Windows services
• Migrate and implement WAN P2P connectivity from Cisco 6500 platform to Juniper SRX1600 Platform with hardware redundancy(Clustering)
• Lead and provide peer review and presentation to upper management level review including CIO/Director
• Troubleshooting and establishing connectivity issue such as Microwave connection.
• Design, simplify, and consolidate 3 tier into 2 tier networks from Distribution/Core/Access to Core/Access with securing the networks with Juniper SRX 1600 firewalls
• Create and develop project documentations and processes including step-by-step implementation procedures and test plans including high-level and lower-level designure drawings and procedures
• Create simulated lab and test beds to test out multiple migration projects
• Design and evaluate, migrate, overhaul of Client’s IGP from RIP network to OSPF networks
• Evaluating, migrating, and implementing Cisco hardware security platforms from Cisco ASA/Juniper SSG hardware to Juniper SRX hardware platform
• Migration all Juniper ScreenOS/Cisco ASA firewall rule sets to Juniper JUNOS rule sets
• Provide initial implementation and support of migration phase
• Evaluation, translation, and implementation of Cisco QoS to Juniper QoS
• Evaluate, test, and verify overall network elements and components includes firewalls, DMZs, SSLVPN (Juniper MAG), STP/RSTP, 802.1Q, AE, Redundant Ethernet, clustering, and Redundant Group
• Create and develop test scripts to test integration and migration
• Evaluate and Optimize Juniper wireless network using WLC8R and WLC800R with RingMaster management software.
• Analyzing and reporting bandwidth utilization of all links and hardware using Orion APM and NPM for capacity planning

Network Architect

Holmdel, New Jersey

Responsibilities:

• Mange and configure multiple BIG IP LTM and GTM infrastructure focus on high-availability and sociability facing 2 millions external customers
• Administering, migrating, and supporting “legacy” foundry networks utilizing Foundry BigIron MLX16 and ISG platform firewalls, and advance Juniper networks using SRX3600 firewalls and MX960 series routers
• Design, design, configure application networks utilizing F5’s 3600 series LTM, BigIP, and GTM, WideIP, load balancers
• Administrator, implement, create, configure, and troubleshoot ISG1000 and 2000 series Juniper firewalls for multi-datacenters, corporate networks, and CO-Locations with Juniper NSM
• Create, produce, and provide periodic bandwidth utilization and Network performance reports to managements using various monitors and reporting tools including SevOne and Cacti.
• Support and troubleshoot with QA, Development, pre-production (Staging), production SDLC issues related to VOIP Services.
• provide public and private IP Managements
• Develops and documents network designure solutions, including designs, guidelines and designure-specific standards for global implementations
• Participates in the design, specification, and implementation of business and technology projects, assuring and resolving adherence to enterprise-wide solutions
• Setup and configure Gigamon for tapping traffic

Cisco Network Engineer

Confidential

Responsibilities:

• Lead, design and manage application traffic among multiple production services and applications utilizing Citrix Netscaler load balancing infrastructure for high-availability and scalability
• Project manager, implement and administer Infoblox DNS/DHCP and transitioned from Microsoft DNS/DHCP infrastructure
• Lead, project manage, configure, implement,and deploy Websense Security V5K appliances with WSS and DLP for multiple geographically dislocated sites with HTTP, HTTPS, and FTP services using Cisco's WCCP protocol and URL-filtering services all through POC to full deployment.
• Configuring, optimizing, troubleshooting and managing using Cisco 5508 Wireless LAN Controller and Cisco Wireless Control System to deploy 1252 and 3500 series access points using HREAP and Local modes on multiple Enterprise wireless networks.
• Dealing and negotiating with quotes, SOWs and procurement processes with third party vendors and carriers.
• Monitor and administer Private P2P circuits from various financial related circuits and feeds, ATDS/BTDS and FIX and etc, from connectivity vendors and Exchange including SAVVIS, RADIANZ, MAXRANET, TNS, London Stock Exchange, NYSE, FINRA, CME and ETC
• Monitoring and optimizing and reporting on network infrastructure using Solarwind for NPM, APM, NETFLOW and CACTI for bandwidth utilization and SYSLOG for traps and logging
• Administer and manage of network switches and routers including 6500, 4500, 3750, 3600, 3500 series switches and Nexus 7k and other various appliances including ACS.
• Securing, managing and administrating multi-datacenter communication using Checkpoint AI/NG with Provider-1 on SPLAT
• Configuring and deploying zoning for SAN configuration with Cisco MDS 9124 and 9148.and DCNM
• Assisting and helping System database administer on Private Vlan and switch configuration.
• Management and administer multiple datacenters and hosting sites throughout US and Europe
• Configure and setup Virtual Load Balancing Servers and Content Switching, and enabling SSL offload using Citrix Netscalers
• Configuring, testing, setup, and troubleshooting Active/Passive failover and Multiple NATs using Cisco ASA 5500 series firewalls
• Provide Application layer troubleshooting with XML/SOAP communication over private and Internet, and providing assistance to QA, developers, and other IT administrators and engineers with tool such as WINMTR, IPerf, WinPcap/Ethereal
• Administration and management of Avaya PBX using Site Administrator
• setup and deployment of site-2-site Cisco VPN deployment in partial and full mesh setup for clients and vendors using Cisco ASA VPN

SR. Network Engineer

Confidential

Responsibilities:

• Responsible for design, design, and setup of networks and customer networks for development and QA/DEV network infrastructures using multiple vendor hardware; and managing and administrating overall operation of the datacenters/ networks helping customers developing advance network Monitoring tools.
• Design, setup, and implement Draft-Rosen Multicast VPN networks with Cisco hardware, which includes Cisco 3800, 2800, and 7200 series hardware.
• Design, setup, and implement Multicast VPN networks with Juniper hardware, which includes Juniper M, E, and J series platform.
• Design, configure, and setup VPLS networks with Juniper M and E series hardware (M320, M120, M10i, M7i, ERX-310) utilizing JUNOS and JUNOSe.
• Design, configure, and setup VPLS networks with Juniper E series, ERX 310, hardware utilizing JUNOSe.
• Design, configure, and setup of VRF-lite networks utilizing Cisco (ISR, GSR) and Juniper (M, E, J Series) hardware.
• Designed, implement and setup L2VPN networks with using various Cisco (Pseudowire, Endpoints, and Forwarders), Juniper, and Alcatel hardware platforms.
• Setup configures, and monitors LAN network flows and traffic through utilizing EMC/ADM appliance to analyze the end-to-end connectivity and services.
• Design, implement and setup various Multicast enterprise network networks utilizing various Cisco, Juniper, and Alcatel hardware platforms and their OS (12404, 3800, 2800, J/M/E series, ESS1/ESS /SR1/ SR12/SAS7250, JUNOS/JUNOSe, IOS XR, IOS).
• Design, implement and setup MPLS and MPLS-Traffic Engineering enterprise network networks using various Cisco, Juniper, Alcatel hardware platforms.
• Design, setup, and administer OSPF, ISIS, EIGRP, BGP enterprise network networks using various Cisco, Juniper, Alcatel hardware platforms and Oss.
• Setup, configure, and administrated multiple Cisco VoIP enterprise networks using CCM/CCME/Cisco Unity/Cisco Unity Express/Gateway utilizing Cisco 3800/3700 series and MCS appliances for CCM.
• Administer, configure and manage Avaya VoIP enterprise networks using 8710/8500/8300/G650/G350.
• Administer, configure, and manage Nortel VoIP enterprise networks using 1000T, 1000E, Call Server, Media Gateway, Signaling servers.
• Setup and configure RADIUS server to centralize routers and switches authentication.
• Manage and monitor overall inventory of equipments and track their licenses and support contract status to continue operation of networks and to enhance manageability of hardware and software.
• Provide assistance and analysis QA engineer and developers using SNMP and MIB data.
• Setup, configure, troubleshot and administer Cisco ISC 4.2 and 5.0 for advance L2/L3, VPN, and MPLS network configuration tool on Solaris 8 and 9 on Solaris platforms for developers and QA engineers.
• Design, implement and configure pure and dual stacked IPv6 networks.
• Setup, configure, and administer EMC management system and KiwiCatTool for all networking devices for management and configurations changes.
• Involved and actively provide feedback on budgeting and procurement processes by providing specifications and design requirements.
• Actively participated in new recruitment processes by providing screening candidates’ skill sets.
• Install and administer various Window servers/services utilizing various vendor hardware, DELL, HP, IBM, etc.
• Prepare, install, and incorporate Exchange W2K3 and W2K7 with Active Directory.
• Install, setup, template various Windows server OS utilizing VMWARE Control Center.