Design Security
Resume:
Curriculum Vitae
Personal data
Name Stefan Stefanov
Contacts E-mail: accrj0@r.postjobfree.com Tel.: +359-***-**-**-**
Technical skills Hardware & Software:
and competences
Routers: Cisco: 800-7600, ASR 1000-9000, GSR 12000; Juniper:
MX960, MX480; Huawei: NE40 ; Redback: SmartEdge 800; 3COM; ZTE;
Firewalls: Cisco: ASA 5505-5580; Juniper: ISG-2000; Checkpoint:
IP740, IP2255, Smart-1, Power-1; Huawei: Eudemon 8000E
IPS: Cisco: IPS 6.x/7.x, AIP-SSM, IOS IPS; Juniper: IDP
Switches: Cisco: 2500-6500, Nexus 1000/5000/7000; Huawei; Quidway
S6348; HP; Dell; 3COM; Linksys; AMC; ZTE
Wireless: Cisco: WLC4404, WCS, 1252AG/1522AG; RadWin; Buffalo;
D-Link; Linksys
AAA: Cisco: ACS, RSA: SecurID, Free Radius
VoIP: NetCentrex: Softswitch, NextOne: SBC; Cisco: PGW 2200,
AS5350, Call Manager 4.x/6.x, Unity 5.0; Asterisk, 3CX Server,
AudioCodes
IP Phones: Cisco, SwissVoice, Linksys, Nortel; Ericsson
GSM Gateways: Blue Gate, MobiLink
Load Balancers: Cisco: CSM; F5: BIG IP
Proxy servers: BlueCoat: ProxySG 600 and 9000; McAfee: WebGateway;
Microsoft: Forefront TMG 2010
SAN: QNap: TS-210
Servers: HP, Dell, IBM, Sun
UPS: Chloride: 80-NET, Active 2000
OS: IOS, IOS XR, NX-OS, ScreenOS, CatOS, IPSO, SEOS, Windows
2003/2008, RedHat, Ubuntu, CgLinux, CentOS
Security: Cisco MARS, Cisco Security Manager, OpenVPN, snort,
cacti, iptables
Web: Dreamweaver, Flash, Apache, MySQL, MS SQL, PostgreSQL, PHP
Mail: Postfix, Courier, MS: Exchange 2010, Barracuda: SpamGateway
100; Lotus: Domino, SpamAssasin, Amavis
Virtualization: VMWare Server/Workstation, VMWare ESXi, Microsoft
Hyper-V
Billing: Nomadix AG 5500
Office: Acrobat Pro, Photoshop, CorelDraw, MS Office, OpenOffice,
WinCHM
Programming: Pascal, Delphi, VBA, C, bash, PowerShell, HTML, Java
Script
Network Management: Cisco LMS, Juniper NSMXpress, ManageEngine,
SolarWinds, MRTG, PRTG
Network:
MPLS: L2 & L3 VPNs, Traffic Engineering, Inter-AS L2 & L3 VPNs,
CsC, LDP, RSVP
Routing: RIP v1/v2/ng, ODR, EIGRP, OSPF v2/v3, IS-IS, BGP
L2 protocols: CDP, VTP, DTP, STP, RSTP, MST, 802.1Q, ISL, PAgP,
LACP
Voice: H.323, SIP, MGCP, RTP, SS7, SIGTRAN, IMS
Security: SSH, SSL, IPSec & SSL VPN, AAA, PKI, IPS, 802.1x,
RADIUS, DIAMETER, Kerberos
Tunnelling: GRE, PPTP, L2TP v2/v3, PPPoE, PPPoA, Q-in-Q
Redundancy: HSRP, VRRP, GLBP, SSO, NSF
Mobility: Local Area Mobility, Mobile IP, Wireless L2/L3 Mobility
Multicast: CGMP, IGMP v1/v2/v3, RGMP, MSDP, PIM, MP-BGP, Multicast
VPNs
QoS: DiffServ, IntServ, NetFlow, NBAR
IPv6: network provisioning, multicast, security, QoS
WAN: Frame Relay, ATM, SDH, ISDN, xDSL
Storage: iSCSI, FCoE
Network Management: SNMP, RMON, Syslog, NTP
Other:
Active Directory, DHCP, DNS, LDAP, NFS, intelligent networks,
optical networks, IMS, project management, team lead
Certificates Cisco:
CCNA - April 2005
CCNP - Aug 2006
CCDA - Jan 2007
CCDP- Jul 2007
CSE (Cisco Sales Expert) - May 2008
CCAI (Cisco Certified Academy Instructor) - Oct 2008
CCIE Routing & Switching N20713 - May 2008
CCIE Service Provider N20713 - April 2010
CCIE Security (written only) - January 2012
Juniper:
JNCIS-ER (Juniper Networks Certified Internet Specialist -
Enterprise Routing) - November 2010
ISC2:
CISSP (Certified Information Systems Security Professional)
N323113 - Sep 2008
Microsoft:
MCITP: Enterprise & Server Administrator - Oct 2008
ITU:
Basics of Spectrum Management - Feb 2005
National Spectrum Management - Feb 2006
IPv6 Services, Routing, Quality & Network Management, Security
Problems, Network Convergence - Jan 2006
CompTIA:
Security+ - Sep 2008
Professional
experience
Dates August 2013 - January 2014
Position held Network Architect
Main Re-design and optimization of the investment bank's data centre
responsibilities infrastructure, migration from Cisco to Checkpoint firewalls,
integration of Juniper routers and Nexus switches; DWDM re-design;
PKI integration for VPN user authentication; VoIP network
low-latency QoS implementation; MPLS VPN services implementation
Name of employer Alpha Bank (Bulgaria)
Dates January 2013 - July 2013
Position held IP Engineer
Projects 3G roaming migration - converting security policies between
Checkpoint firewalls and Huawei routers
Troubleshooting complex mobile packet core issue, implementing
fixes, network performance management
SolarWinds fine tuning - integrating the full scope of core
network devices to the Syslog server
Cacti real-time monitoring enhancement - assissting for the
creation of real-time network reporting solution
Nagios provisioning - integrating the full scope of core network
devices for SNMP polling
HP OpenView - adjusting the configuration of custom SNMP Trap
Receiver application creating alarms in HP OVO
Main Assisting with the acquisition of Orange and the core packet
responsibilities networks merger; Support of the existing mobile service provider
packet core
Name of employer Hutchison 3G (Austria)
Dates February 2000 - present
Position held Network consultant (part-time)
Projects V6 Horizons - Ubuntu, Apache, PHP, MySQL, Postfix, Courier,
Asterisk, BlueGate SIP GSM Gateway, QNap TS-210 iSCSI SAN,
OpenVPN, iptables, bash scripting
IT Consulting Ltd. - design, deployment and support of Internet
POPs, BGP, OSPF, MPLS L2/L3 VPNs, MPLS TE, CsC, Inter-AS VPNs with
7206VXR and 3845 routers, Catalyst 6506, 3750 and 3560 switches,
Juniper MX 480 routers, security and VPN design, implementation
and support for ASA 5520 and 5510 firewalls
Radio SV Taxi - design, deployment and support of L2/L3
infrastructure and IPSec VPN
ProNetExpert (UK) - consulting Cetus Solutions about G.SHDSL-based
VPN design and configuration of 3COM 3034 routers
NBU - network lab design & setup, tasks preparation for university
courses in switching & routing with ZTE devices
SDM - ASA 5505 VPN design and integration, QoS and SLA monitoring
implementation, RADIUS implementation, RSA SecurID, BlueCoat
ProxySG 900, Checkpoint VPN-1
MDL - Cisco 1812 router configuration and support, wireless
network deployment, security policies implementation, QoS policies
design and implementation, IPSec VPN design and implementation
ABCro - Cisco 1812 and 2811 routers configuration and support,
L2/L3 and VPN design, configuration and integration with Active
Directory via RADIUS, NetFlow monitoring system implementation,
QoS policies design and implementation, IOS Firewall and IPS
implementation, SLA monitoring implementation
Darrko - ASA 5505, Catalyst 2960 and Roline firewall configuration
and support, QoS and switch security policies design &
implementation, SLA monitoring implementation, L2/L3 and IPSec VPN
and WebVPN design and deployment
Lozenec LAN - L2/L3 network design, security policy
implementation, QoS design and implementation, configuration and
support of Cisco 2801 routers, Cisco 2950 switches and Linksys
APs, RedHat server administration
Main Consulting, designing, deploying and supporting small and medium
responsibilities size enterprise and service provider networks
Name of employer V6 Horizons Ltd. (various international locations)
Dates June 2011 - January 2012
Position held IP & Security Design Engineer (contract)
Main Procera Software & Capacity Upgrade - impact assessment,
responsibilities high-level/low-level L2/L3 & MPLS VPNs design & implementation,
security infrastructure design of mobile broadband traffic shaping
& reporting solution for several datacentres in Three's mobile
network including various Cisco, Juniper, Checkpoint, and RedBack
equipment
ASF Upgrade - impact assessment and reverse engineering of
security & server load balancing infrastructure in Three's mobile
network including various Cisco and Checkpoint equipment
SMSC Drop 2 - impact assessment, high-level/low-level L2/L3 & MPLS
VPNs design & implementation, IPSec VPNs, and security
infrastructure design & implementation for Huawei SMS centre and
Adaptive Mobile SMS anti-spam solution integration for several
datacentres in Three's mobile network including various Cisco and
Checkpoint equipment
Name of employer Ericsson (UK)
Type of business Designing, testing and implementing network & security
architectures for Ericsson's clients
Projects September 2009 - September 2010
Position held Network & Security Engineer (contract)
Main Design, deployment, optimization and support of company's
responsibilities enterprise & datacentre infrastructure, project management, team
lead, internal staff trainings, creating and implementing virtual
service provider offerings, tender preparation/evaluations and
vendors selection, customer pre-sales and post-sales communication
Name of employer IBM (Qatar)
Type of business System integration, consulting, trainings, Cisco Gold Partner
Projects Cultural Village (government/service provider) - L2/L3
infrastructure re-design; network failover and redundancy
optimization; security policy definition and implementation;
wireless network implementation; Multicast/IPSec and SSL VPN
design & implementation; QoS/NAC design & implementation for both
wired & wireless; RADIUS/Active Directory authentication
implementation; VoIP provisioning & troubleshooting; application
performance optimization; network management solution design &
implementation; Internet billing system integration; disaster
recovery planning; data centre planning including layout, cabling,
power consumption and air conditioning; backup and restoration of
software images, databases and configurations of network
equipment; server OS hardening and maintenance; integration of
CCTV/BMS/Access Control/Lighting Control/Video Content
Distribution systems. Enterprise campus consisting of 50+
buildings hosting the following hardware and software:
Switches: Cisco: Catalyst 6509-E with Sup720-10G, 4507 with Sup6E,
3750G and 3650G
Routers: Cisco: ASR 1001 with IOS XE 3.2S
Firewalls: Cisco: ASA 5540 v8.0, FWSM, Juniper: ISG-2000 with
ScreenOS 6.2, Checkpoint: Firewall-1
IPS: Cisco ASA: AIP-SSM20 v6.0, Juniper ISG-2000: IDP 2010.1
Security Appliances: Cisco: NAC 3350 Manager & Server; CS-MARS 55;
ACS 1113; RSA: SecurID
Proxy & Spam Gateway: McAfee: WebGateway v6.8; Microsoft:
Forefront TMG 2010
Wireless: Cisco: WLC 4404 v6.0, WCS v6.0; APs: Cisco 1252AG,
1522AG
VoIP: Servers: CallManager v6.1, Unity v5.0; Voice Gateways: Cisco
3825; Fax & Modem Converters: ATA-188, VG220; IP Phones: 7906G,
7921G, 7965G, 7975G
Video Content Distribution: Cisco: DMS Manager v4.1, DMS Player
4305
Network Management: Cisco: LMS v3.2, CSM; Juniper: NSMXpress
v2010; Manage Engine: NetFlow Analyzer; Kiwi Enterprises: Syslogd
Billing: Nomadix AG 5500
UPSs: Chloride: 80-NET, Active 2000
Servers: Hardware: Dell: PowerEdge 2950, PowerEdge M1000E with
M710 blades; IBM: x3550, x346
OS: Windows 2003/2008 Standard & Enterprise Editions 32/64-bit,
CgLinux 5.1, CentOS 5.3
Services & Applications: Active Directory, Exchange 2010, DNS,
SMTP, DHCP, SFTP, TFTP, NTP, VMWare Server, Hyper-V
Dates March 2008 - August 2009
Position held Technical Director (permanent)
Main Project management, team lead, budget & resource planning,
responsibilities marketing & pre-sales support, technical consultant &
CCNA/CCNP/security instructor
Name of employer Bulgarian Association for New Technologies (Bulgaria)
Type of business System integration, consulting, trainings, network optimization,
auditing, Cisco Premier Partner, Cisco Network Academy
Projects InterAmerican - L2/L3 infrastructure re-design, network
optimization, IPSec VPN services deployment, network management
tools integration, Cisco 2821 routers, Cisco 2960/3750 switches
and ASA 5510 firewalls configuration and support, BlueCoat ProxySG
integration
Teletek - ASA 5510 configuration & support, L2/L3 + IPSec VPN
design and integration with NetBSD
GDB Solutions - L2/L3 design, IPSec VPN services deployment, Cisco
2821 routers and Catalyst 2950 switches configuration
Logicom Cisco SMB routers training (lab setup, presentation
leader) - Cisco 851/861/871/881 and SR520 routers configuration
Logicom Wireless Workshop (lab & presentation) - Cisco wireless
products overview & implementation
Logicom Security Workshop (lab & presentation) - IPSec and SSL VPN
on Cisco routers & firewalls
Komatek - Cisco 1841 and 871 IPSec site-to-site and remote access
VPN solution design with tunnel failover customization,
implementation and support, QoS and security policies
implementation
Dates March 2007 - March 2008
Position held Senior Network Engineer (permanent)
Main Core packet network planning - L2/L3 MPLS VPNs, MPLS TE, CsC,
responsibilities VoIP, Security, IMS, project management, team lead, budget and
resource planning, tender preparation/evaluations and vendors
selection, marketing and pre-sales teams support
Name of employer MTel (Bulgaria)
Type of business Service Provider
Projects NetCentrex Softswitch - service, security, IP, QoS, management -
design and implementation
Cisco PGW2200 - service, security, QoS, IP infrastructure and
management design
NextOne SBC - vendor selection, service, security, QoS, IP
infrastructure and management design
Voice CPEs - vendor selection, management, security and
provisioning design, project management
IP Centrex on IMS (Mobilkom Austria Group Project) - vendor
selection, solution design
MGC/MGW for IMS (Mobilkom Austria Group Project - vendor
selection, solution design
Fixed-Mobile VPN (solution design, project management) - senior
technical expert and project manager
Dates July 2004 - March 2007
Position held Network Engineer (permanent)
Main Design, integration and troubleshooting of datacentres, IP
responsibilities networks, VoIP systems and security solutions, assisting the sales
department with customer solution design and tenders, CCNA/CCNP
internal staff trainings
Name of employer Lirex (Bulgaria)
Type of business System integrator (Cisco Gold Partner), ISP, consulting services,
professional trainings, IT auditing
Projects MTel - NetCentrex softswitch and PGW2200 integration, L3 MPLS VPNs
design and implementation, Catalyst 3550/3750 switches & PIX 515E
integration; QoS design and implementation; Cisco 79xx IP Phones
and ATA186, SwissVoice IP10s and IP20s IP Phones, AudioCodes MP10x
media gateways
TransTelecom - NetCentrex softswitch and PGW2200 integration, L3
MPLS VPNs design and implementation, QoS design and
implementation; NeoXBC, Cisco 79xx IP Phones and ATA188,
SwissVoice IP20s IP Phones, AudioCodes MP20x integration
Piraeus Bank - L2/L3 & security design and implementation of the
investment bank's network, low-latency application optimization
Kamor Auto - Catalyst 3550, 3560, 3750 & PIX515E integration,
L2/L3 network design and optimization, security policy
implementation, QoS, IPSec VPN and WebVPN design and deployment
Cisco Labs Audit preparation - Design and deployment of Inter-AS
MPLS L2 and L3 VPNs, Multicast VPNs, MPLS TE and CsC
DSK Bank - redundant data centre design for the investment banking
applications, business continuity & disaster recovery planning,
BlueCoat and Checkpoint integration
Bulgarian Academy of Sciences - cloud computing design, PIX515E,
Catalyst 3750 and 6506 integration
Bulgargas - upgrade of Cisco CallManager 4.1
ITCE - BlueGate ISDN GSM Gateway integration
Virtual Events - L2/L3 network design, Cisco 1841 routers and
Catalyst 3750 switches installation, security policy
implementation, QoS design and deployment
DFZ - L2/L3 & security network design - Cisco ASA5520, Cisco 7200
routers, 3750 and 6506 switches and Cisco LMS installation, QoS &
IPSec VPN design and deployment, CS-MARS deployment
Parsons - L2/L3 network & security design and implementation, 2801
routers and 3750 switches installation, SLA monitoring, QoS design
and deployment
Lukoil Neftohim - RadWin WinLink 1000 wireless APs, Catalyst 3750
& security policies implementation
Lirex office network - design, installation and troubleshooting of
Cisco 2821 routers, 3750, 3560 and 3550 switches, ASA and PIX
firewalls, Cisco VPN Concentrator 3060, HP & Dell switches, MRTG,
QoS, IPSec and SSL VPN design and deployment
NMCC - VoIP, switching and routing design, SLA monitoring, VPNs,
Catalyst 3750 switches and 2811 routers integration, QoS and
security design and deployment, Barracuda 100 spam gateway and
Lotus Domino mail server implementation
Peugeot - Catalyst 4503 installation and configuration, NetFlow
monitoring, network security design and implementation
Education
Dates 2003 - 2008
Title of Master of Engineering (First-Class Honours)
qualification
Principal Telecommunication systems and technologies
subjects
Name of New Bulgarian University
institution
Dates 1998 - 2003
Title of High school diploma (First-Class Honours)
qualification
Principal English and natural sciences
subjects
Name of First English Language School
institution
Scholarships and CCNP scholarship awarded by Lirex BG in 2005
recognitions University education scholarship awarded by Germanos in 2006
Member of the top 100 students of New Bulgarian University - 2007
Personal skills
Languages Bulgarian (native), English (fluent), German (basic)
Social skills Experience in various environments - from customer support to
and competences system integration, consulting, and trainings
Team player with good communication and inter-personal skills
gained in university and developed further during the work
placement due to constant contact with senior management, clients,
engineers, sales & marketing departments
Self-disciplined, friendly, easily adaptable and cooperative in
group initiatives
Organizational I am responsible for the organization and execution of technical
skills and implementations of various projects
competences Coordinating team work in college resulting in excellent grades
and skills applied in further jobs
Ability to prioritize in multitask environment; Accept
responsibility; Handling situations under pressure
Participating in the development of new network architectures and
effectively meeting deadlines
Contact this candidate