PROFESSIONAL PROFILE:

Dynamic, results - driven IT leader with versatile, extensive and cross-platform experience in systems/network architecture, design, installation, implementation, integration, security, and administration within multiple countries including USA, Belgium, Japan, UK, China, France and Netherlands. Tenacious in building short term and long term business strategies for the department, in addition to, cultivating innovation at different levels in organization. Exceptional mentor and coach for teammates. Combine business acumen with innate leadership skills to continuously grow the strengths and performance of teams.

CORE STRENGTHS AND SKILLS:

• Extensive experience with strategic planning, designing and execution with focus on technology architecture
• Passionate about Technology and firm believer in innovation
• Experience in successfully leading Network (Telecommunications) teams
• Experience and Ability to work with both business and technical personnel
• Ability to work on multiple projects, meet deadlines, and creatively solve problems
• Highly effective in negotiation, problem solving and analysis
• Excellent technical aptitude, skills and knowledge
• Experience with Multiple Data Center Technologies
• Subject Matter Expert for LAN, WAN, Wireless and Cisco ISE, ACS and AAA

EXPERIENCE:

Confidential

Sr. Network Architect

Responsibilities:

• Lead LAN/WAN/Security Network Teams in its operations and act as Architect tier point of escalation globally for the teams. Team comprises of 25+ engineers worldwide.
• Architect new technology solutions to address current and future business needs. Continuously monitor Industry trends and developments in order to effectively deliver cost-effective, latest and innovative solutions to business and all of its stakeholders. Consistently work on developing new technical solutions/services for arising business needs and presenting them to senior management
• As an Architect provided a link between business mission, strategy, and processes of the organization to the IT strategy, initiatives, and technology selections.
• Prepare budgets for projects. Work with project managers and finance team on Capex and Opex requirements for network services and projects
• Establish constructive relationships with Leadership, vendors and different teams across the enterprise
• Assist with identifying, developing and leading innovation initiatives. This will include researching new technologies and/or new applications of existing technologies that will deliver new capabilities to the business
• Participate in selection of networking technologies and products for implementation
• Make recommendations to management on desirable additions and development
• Establish new Wireless RF and security standards for the entire organization and leading multiple wireless projects to uplift current Wireless capacity. Introducing 802.11ac (new wireless) across the entire organization.
• Deployed multiple new next generation firewalls and enabled multiple new features in them
• Re-Designed 802.1x protocols for Wireless users. Migrated authentication for wireless users (Radius) from Cisco ACS to ISE. Upgraded Cisco ACS to 5.2 and re-configured TACACS+ policies
• Manage, Configure and support Cisco ACS 5.2 for both TACACS and Radius Authentications.
• Implemented new policies and rules for different requirements.
• Implemented Cisco ISE 1.1 for the whole enterprise.
• Designed and configured different ISE policies for Wireless authentications, Profiling and Remote VPN.
• Currently Managing 4 different Cisco ISE instances for close to 65000 user deployment.
• Design, Configure, Maintain and Troubleshoot Cisco 5540 (ASA) and 5520 (ASA) Firewalls along with FWSM on 6500 chassis across 4 data centers. Designed and deployed next generation Palo Alto firewalls. Extensive experience with Cisco Firewalls in both Layer and Layer 3 mode. Experience with both GUI and CLI. Also design and manage Site-to-Site VPN’s for multiple business partners. Extensive experience with Cisco ISE. Experience with proxy servers and packet shaper’s used in security environment.
• SME for Wireless Infrastructure. Redesign, Establish and Implement 802.1x (EAP) standards for Unified Wireless. This involves designing various different SSID's depending on device types and users and finally integrating them with Cisco ACS 5.2 for better control and security - (majority of now has been migrated over to Cisco ISE). Projects comprised of upgrading existing Unified Wireless Controllers from Version 4.1 to 7.0 and implementation of features such as Clean Air technology. Current Wireless Infrastructure consists of Cisco 4402, Cisco 4404, Cisco 5508 Controllers, Cisco WISM’s, AeroHive Wireless Solution, and Cisco NCS/Prime 2.2. Configured security/authentication mechanisms using protocols such as EAP-TLS, EAP-FAST and PEAP.
• Experience with Cisco Access Points including 1100, 1230, 1240, 3502, 3600 series. Worked on both standalone and CAPWAP AP’s.
• Architect, implement and support Nexus 7K, 5K and 2K across multiple Data Centers. Experience with multiple Data Center technologies including OTV, VXLAN (1000V) etc.
• Design, Implement, and Manage WAN (MPLS) and Internet network
• Responsible for designing and managing Routing Protocols functionality in LAN and WAN which includes EIGRP, OSPF and BGP (eBGP and iBGP) and Multicast
• Plan DR and business continuity for the Network Team. Prepare Designs and Implement solutions.
• Design, Manage and support current infrastructure of VPN users across 7 data centers. Current VPN servers are based on Juniper sa-6500 and sa-4500. Recently built new Cisco ASA based user VPN and in process of migrating users to Cisco VPN.
• Audit, monitor and generate periodic reports on Firewalls for management and certification purposes thru various tools such as Orion, NetQOS etc. Performed firewall and access-list audits.
• Design, Implement and support IPSEC VPN for business partners on Firewalls
• LAN Switching - Design, Manage and Support LAN infrastructure which includes various Cisco 6500, Cisco 3750, Cisco 3560, Cisco 4500 and many other Layer 2 and Layer 3 switches.
• Involved in IPAM, DHCP and DNS management
• Manage Cisco 4710 ACE Load Balancers configured for different applications across the campus. Migrating to Citrix NetScalers. Working on new design for Load-balancing and GSLB.
• Co-Manage IPAM, DHCP and DNS services for LAN
• Experience with UCS 5108 in lab environment for Proof of Concept testing along with 6100 Series Interconnect Fabric.
• Design and configure QOS for LAN and WAN environments
• Involved in Implementing Multicast on LAN (sparse/dense mode) for applications and video primarily

Confidential

Network Engineer / Lead for Firewalls

Responsibilities:

• Provided architectural guidance and technical leadership for designing and implementing security services across globe
• Develop standards and procedures for network services and implement them across all sites.
• Develop and Maintain the Architecture Technology reference model and associated architecture patterns that define the infrastructure and application technology standards
• Establishing and driving programs and initiatives that support increasing the organization's capacity for innovation
• Creation of long-term prioritization plans for shared architecture development across the organization that supports integrated products, without sacrificing short-term goals and needs
• Act as last Tier of escalation for network related issues
• Assist divisional engineers with technology implementation and support procedures
• Prepared budgets for the team and for services offered by Network Team
• Worked with different vendors to negotiate various service and support contracts
• Train and educate divisional engineers on several aspects of Routing, Switching and Firewall operation and maintenance
• Serve as a key representative on major network initiatives
• Continually update understanding of business and technology status and objectives and respond to strategic design requests as the business evolves
• Architect, Manage, and Support 18+ Cisco Firewalls (ASA) across all data centers. Models deployed include Cisco ASA 5505, 5510 & 5540. Firewall management software’s include CSM and ASDM.
• Supported Upgrade and deployed IPS/IDS, Content Filter and implement and manage technologies such as WCCP. Performed continuous periodic audits for firewalls and access-lists and established standards and guidelines on management.
• Supported F5 load balancers as per project requirements. Configured different load balancing algorithms for different applications. Designed and Implemented F5 LTM’s. Worked on Design and Implementation of GTM. Experience with iRules.
• Internet Services Design, Manage and Maintain Internet Services across 6 major data centers. All of the data centers are MULTI-HOMED with multiple ISP’s which utilizes EBGP and iBGP. This includes managing circuits, load sharing between circuits thru manipulating BGP attributes, bandwidth monitoring and reporting on these circuits.
• Managed External DNS for whole organization
• Configure, manage and troubleshoot Cisco Wireless System including Cisco Access Points (1100, 1200 series), Cisco Wireless Controllers (4400, 5500 series) and Cisco Wireless Management System (WCS). Converted standalone AP’s to LWAPP. Designed and Implemented authentication methods.
• VPN Services Manage and Support VPN servers.
• We have over 9000 clients registered to our VPN System. VPN based on Cisco and NetMotion technology.
• Layer 2 & 3 Design, Manage and support several layer 2 and layer 3 Cisco Devices including Cisco Switches 3560, 3750, 4500, 6500, VSS, and NEXUS series. Routers in production include 1800 series, 2811, 3825, 3845, 3925, 3945 and more.
• Protocols We as a Core Network Services team support EIGRP, OSPF and BGP deployed in most of the LAN. Our WAN is comprised of BGP and MPLS which is supported by us as well.
• QOS Design and configure QOS for LAN and WAN environments which includes traffic shaping, traffic policing, WRED, and QUEUING.
• Supported and managed Site-to-Site VPN
• Support ACS 5.0 servers for TACACS+ and Radius Authentications
• Support Cisco Wireless System that consists of WCS, WLC, AP’s and LWAPP
• Support DMVPN implementation for B2B setups
• Use NETVOYANT (SNMP) for monitoring network infrastructure. Utilize sniffer tools such as WIRESHARK for packet capturing.
• Design and Support WAN optimization technology Riverbed, Cascade etc.

Confidential

Network Administrator / Co-Lead

Responsibilities:

• Co-Lead the Network Team with another Sr. Network Engineer.
• Established standards and procedures for various network services
• Re-designed network infrastructure to improve the performance and leverage new technologies
• Trained and provided Support to Junior support team
• Worked with different industry vendors to continuously develop and provide solutions to emerging needs of the organization
• Prepared budgets for the team and for services offered by Network Team
• Worked with different vendors to negotiate various service and support contracts
• Configure, Manage and Support multiple Cisco 5510, 5520 ASA (Firewalls) for INTERNET access, Site-to-Site VPN and Client access. Provided support for PIX series firewalls.
• Design and maintain all LAN and WAN projects
• Manage wide variety of CISCO switches including 3750, 3560, 2950. Support IP addressing, VLAN creation and management and routing on Layer 3 switches
• Support multiple PRI and CAS T1’s for both Voice and Data
• Configure and administer Cisco Access Points for Company Wireless
• Provide support to Cisco Call Manager Cluster 6.1, including configuration, backup, restore and troubleshooting
• Manage Voicemail based of CISCO Unity with other network administrator
• Installing and Administering Windows Server 2003, Exchange 2003, Domain Controllers, Print Servers, Publisher, Subscriber
• Support over 300 CISCO IP Phones, ATA’s and several gateways
• Support for 7204 and 2800 Cisco Routers
• Responsible for 24/7 on-call support

Confidential, Minnesota

Network Architect / Design Lead

Responsibilities:

• Understand current client network setups and then architect designs based on business requirements such as capacity enhancement, redundancy build, new application/technology in corporation or network upgrades
• Provide Infrastructure expertise and thought leadership to clients with an emphasis on networking
• Serve as the lead architect and engineer providing conceptual and detailed global solution designs that are scalable, flexible and secure for clients
• Establish governing principles for network design and deployment
• Work with technical management to architect networks that effectively reflect business needs, service-level and availability requirements, and other technology parameters
• Liaise with enterprise, server and applications architects to ensure alignment across technology portfolios for clients
• Work with other SMEs and technical support teams in the pursuit of technically excellent solutions
• Deliver the networking/connectivity strategy and architecture that enables the clients short term and long term IT strategy
• Provide analysis to support performance tuning and capacity planning.
• Provide troubleshooting and problem solving support for network issues.
• Responsible for pre-sales solution design as well as post sales consulting and implementation of network and security system solutions for clients.
• Lead strategic initiatives within the organization, and acting as primary interface with key partners to help develop new product offerings
• Ensure proper documentation of all processes and procedures

Confidential

Network Administrator

Responsibilities:

• Participate in Network Team activities in all aspects
• Prepared budgets and documentation for the services offered by Network Team
• Performed regular capacity planning and generated various reports in this effort
• Administered Windows and Unix server and its network infrastructure
• Configured and supported LAN environment with various switch models
• Design and implement security policies using ACL and firewalls
• Assisted in modifying and implementing automated accounting information systems
• Performed maintenance for Active Directory
• Resolved DHCP and DNS issues
• Resolved common Unix server and end user issues
• Redesigned Monitoring of the network systems and its reporting
• Troubleshooting hardware and software issues
• Help establish guidelines and standards for Change Procedures