Management Engineer
Resume:
Hetal Soni
******@*******.***
C: 516-***-****, H: 516-***-**** 147 Evans Ave, Albertson, NY 11507
Willing to Relocate
SUMMARY
Senior Computer professional looking for challenging technical position Security engineering. IT architect and engineer
who is passionate about designing, advancing and securing IT systems. Career security management professional focused
for 10+ years on protecting information for major corporation with more than 19 years of diverse and increasingly
responsible IT experience in security operations, systems engineering, network engineering and infrastructure evaluation.
• Architect and design solution based on current/future needs, next generation technology, keeping strategies goal,
big picture and holistic view in mind. Assess needs, analyze/compare technology vendors and prepare pro/cons
reports for upper management. Detail oriented, extremely reliable and ethical.
CORE COMPETENCIES
Network Security • Virtualization • Infrastructure Architect and Management • Cloud Computing
Network Administration • System Administration • Document Management System
Installations • Configurations • Troubleshooting • Upgrade Implementation
Solution Development • Risk Management • Procurement • Vendor Management
TECHNICAL SKILLS
Infrastructure Security: Cisco ASA 5545-X firewall/IPSEC VPN/SSL VPN administration, HP TippingPoint IPS/IDS,
Watchguard Next Generation Firewall/VPN, Sonicwall SSLVPN, Symantec Endpoint Protection, LDAP over SSL, Active
Directory Pass Through, Microsoft Certificate Authority Role, HIPPA and PCI Compliance, Wireshark, TCPdump,
Nmap, Nessus, Cain & Abel, HTTP Watch, IIS Server Hardening, DMZ, Syslog, RBAC, Biometric Access, Surveillance
Camera System.
Working knowledge of Stonesoft multilink VPN, Host Based IDS/IPS, Enterprise PKI, Retina, Websense, N2H2, Snort,
Log Correlation(SIEM), Splunk, DLP, NTOP.
Virtualization/Cloud Computing: VMware5.0/4.1, VCenter, VMotion, HA, DRS, P2V, ESX5.0/4.0, Cisco UCS,
Microsoft Hyper-V, System Center 2012, SCVMM 2012, Citrix GotoManage/GotoAssist.
Continued..
Hetal Soni Page 2
Infrastructure/Data Center: Tripplite PDU, Environsense, Rack Power/Cable Management design, SNMP, WMI,
Solarwinds, HP JetAdmin, Ricoh Remote Communication Gate Monitor.
Working knowledge of WhatsUP Gold, Opnet and Netflow.
Networking/Telecom: IPSEC, VPN, PPTP/L2TP, Voice Over IP (VOIP), QOS, DSCP, COS, HSRP, VRRP, VLAN,
LACP/ 802.11ad/Ether channel, Spanning Tree Protocol, PVST, ARP, Layer2 Switching, NAT, PAT, DNS, DHCP,
TCP/IP, IPX/SPX, PPP, SSH, IMAP, SMTP, POP3, FTP, SFTP, TELNET, TFTP, SNMPv2/3, WMI, PXE, Cisco Catalyst
POE+ 3750-X/3650-X, 3Com/Adtran Switches, Cisco Switch Stacking and Fiber OM3-LC Duplex connectivity, Cisco
Aironet 1142N Wireless AP, WPA2, WEP, Cisco ASA AnyConnect and VPN Client with Sign On Before Logon(SBL),
MPLS, PRI, T1, Fiber, Business Cable, DSL.
Working knowledge of Layer3 Routing- BGP/ RIP/ EIRGP/OSPF, SIP, SBC, Avaya/Toshiba PBX,
Business Applications/Programming Language: SharePoint 2010 Enterprise server, InfoPath designer, SharePoint
Central administration and Site collection administration, Kofax Capture, Westbrook Fortis, Paradatec Prosar-AIDA,
Active Directory, IIS, MS SQL Server, BMC Trackit, Crystal Reports, Visio, Norton Ghost, WS-FTP Pro, Microsoft
Office.
Working knowledge of Microsoft WAIK, MDT 2010, MS Visual Studio, C#, VB, ASP.NET
Hardware: Experience with Intel VPro, Intel Active Management Technology (AMT), Intel SCS, OOB with AMT,
PC, Desktops, tablets, iPad, Smartphones and peripherals.
Operation Systems: Windows 8/7/2008/2003/Vista/XP/ME/2000/NT4.0/98/95/3.11/3.1, IBM AS400 i5/OS,
DOS, Novell 3.1-4.1.Working knowledge of Linux, Cisco IOS, Android, and Mac OS/iOS.
Experience
Sept’ 99 – Present Personal Touch Home Care (PTHC), Bayside, NY Infrastructure Support Supervisor
Setup WAN infrastructure from ground up for 60 remote locations using MultiWAN and VPN failover technology.
Migrate legacy network infrastructure to highly available and robust network infrastructure using VPN and MPLS. New
infrastructure saves company @$100,000/yr by canceling old communication lines.
Setup Remote access for field/contract staff using Cisco ASA 5545-X SSLVPN AnyConnect client with sign on before
logon (SBL) using AD Pass-through. Implement Cisco ASA’s identity firewall using Context Directory Agent. Setup
various Dynamic Access Polices (DAP) to provide very granular privilege to user based on AD group membership. Install
and configure enterprise wide Cisco 1142N/2602i wireless APs.
Fully in charge of Firewall and security administration for all locations. Administer HP Tipping Point IPS/IDS system and
mitigate brute force login attack on SSH server. Setup various IPS rules and policies such as phishing websites, exploits,
vulnerabilities, reconnaissance, identity thefts, P2P, Streaming Media and traffic normalization based on network
segment to add additional layer of protection. Deploy and administer companywide Symantec Endpoint protection using
Group Update Provider (GUP) and using best practices in multi-location and Hyper-V environment. Setup biometric
authentication system for physical access and employee’s time clock activity for payroll use.
Monitor security logs and/or IDS alert logs and network events periodically, Perform vulnerabilities scan in network,
perform penetration testing. Helps in HIPPA and PCI compliance audit. Analyze PCI ASV’s vulnerability reports and take
any necessary actions to resolve issues. Proactively evaluate network, computing device and application deployments to
ensure they enforce security policies and audit controls. Inspect web vulnerability scanner reports to ensure no website
exposures get into production and reduce attack surface.
Architect security infrastructure and design, Setup DMZ for web facing websites and for business partner secure access.
Harden and patch webserver OS and IIS Server application, patch, and Apply defense in depth concepts, open only
needed ports and change standard ports. Strong in depth knowledge of network TCP/IP protocols stacks and OSI layers.
Design and working on implementation of converge network for centralize phone system voice /data using MPLS, QOS,
Traffic engineering of voice, VDI, wireless and printer traffic. Work with MPLS vendor for BGP and failover between
MPLS and IPSEC. Work with MPLS vendor to setup single cloud based backup internet connection for all locations,
which saves lots of money since separate backup internet (rarely used) is not required at each location.
Perform intense analysis for company’s centralize datacenter technology and Architect solutions using latest technology
such as VMware, Cisco UCS with Solarwinds NPM/Opnet application performance monitor system and various load
balancing types, NIC teaming, VMware VCenter, VMotion, HA, FT and DRS. Strong experience in Cisco UCS service
profiles templates, vNIC templates policies, various pools.
Setup and administration of SharePoint 2010 enterprise server, built company’s Intranet website from ground up.
Architect and prepare design document for SharePoint site collections, Database capacity planning. Create Custom
reports using Crystal Reports for BMC Trackit helpdesk ticketing system. Administration of document management
system using Kofax Capture, Westbrook Fortis, Paradatec-AIDA in multi locations enterprise. Convert @1,500,000 paper
documents into digital format, which helps company to finish external compliance audit more efficiently.
Supervise infrastructure dept, which supports desktops/ tablets, copiers, network, PBX and Telecom for @60 locations.
Migrate legacy remote support method to enterprise wide cloud based Citrix GotoManage/GotoAssist.
Feb’ 95 – Nov’ 98 Abacus Computer Systems, Nairobi, Kenya PC Hardware Engineer
Aug’ 93- Jan’ 95 Promotive Electrodeal, Baroda, India PC Technician
Education
Continued..
Hetal Soni Page 2
Dec 2009 M.S. (Information Network Computer Security) - GPA: 3.94 New York Institute of Technology, NY
May 1993 B.E. (Computer Science) - GPA: 3.5 Maharaja Sayajirao University, Baroda, India
Certification/Professional Affiliations
CISSP -Certified Information System Security Professional
VCP410 – VMware Certified Professional 4
VCP510 – VMware Certified Professional 5
Legal Status and Security Clearance: US Citizen and ready to obtain any TS/SCI clearance as needed.
Contact this candidate