RAJ MATHARU

SR. NETWORK- ARCHITECT/CLOUD/DATA-CENTER/SECURITY- ENGINEER

ac2g91@r.postjobfree.com PH:206-***-****

SUMMARY

19+ yrs of collective IT experience in LANs/WANs/WLANs Computer Networking Consulting, Cloud Services, Data Centers, Security, Project management and Networking.

Hands on experience with Microsoft Cloud Services planning, Design, implementation and deployment, as well as integration, upgrades, testing, trouble shooting networks involving Routers/Switches(Cisco-Catalyst/Nexus/Juniper-EX series/Arista)/Load Balancers/Network System security/Firewalls(Cisco-ASA/Juniper/Checkpoint/Palo Alto)/SANs/NAS, and consulting services for networks involving mergers, acquisitions and Data Centers.

Provided system/network operations expertise & support including proactive LANs/WANs/ WLANs systems monitoring locally & remotely, Streaming Video, Implementing VXLAN, SNA, RIP, MPLS, SNMP, IP, IPX, OSPF, IGRP, EIGRP, BGP, SIP, VoIP, QoS, FHRP, Access Lists on Cisco/Juniper routers & supporting fractional/full T1, DS-3, OC-3 & OC-12, Frame Relay, ISDN circuits, ATM, Status reporting, Preventative & Remedial action recommendations.

Strong knowledge/experience on Data center migrations/capacity planning, redundant network connectivity, working with Azure SaaS/PaaS/IaaS and private clouds.

Provided support and maintenance of heterogeneous network environments e.g. Windows, Novell, Linux/Unix, TSE servers, Citrix servers, VmWare. Server Clustering, Designing, Installing, Monitoring and trouble- shooting VPNs/VLANs/ WIRELESS networks, Active Directory, setting up NDS, Merging & Designing Trees, DNS, DHCP, IIS, SMS, RAS, WINS, Assisting/ evaluating & testing vendor h/w, s/w, Application specifications.

Planned, Designed & implemented various network operating systems migration projects.

Security:

Provided consultation to department/division management on BCP relating to critical business issues; assess costs, risks and impacts of information technology strategies, Encryption and approaches; coordinated cross-organizational efforts. Create written reports, drawings and documentation in support of the BCP.

Participated/managed BIA, Risk management, Change control, risk analysis/countermeasures, Vulnerability scanning and penetration testing, Disaster recovery policies and procedures, Testing applications, Set up policies, ACLs and rules on routers, firewalls, VPNs, DLP, IDS/IPS, Data Encryption, Cryptography, Key/Certificates PKI management, SIEM, Vunerability scanning and URL filtering.

Discovery and classification of sensitive data to vulnerability assessment to data and file integrity/activity monitoring.

IT Auditing, Reporting unresolved IT security exposures, misuse & non-compliance situations to appropriate management.

Ensuring compliance of security policies, industry standards-HIPPA(PHI, ePHI, PII)/ISO/PCI/SOX and other government regulations.

Monitoring VPNs, server logs, firewall logs IDS/IPS logs, network traffic and other security systems for unusual or suspicious activity.

Interpret activity and implement counter measures to fix the security breach.

Conducted presentations to technical/ non-technical and management audiences.

Project Management:

Experience in IT Infrastructure projects, implementation, delivering results with tight deadlines and budgets.

Develop, negotiate, and review contracts associated with assigned projects.

Managed, Administrated & Supervised assigned staff & projects, Forecasting work volume & staff levels, Preparing/assisting/writing RFPs, Budgeting for the department, Analyzing & Establishing work processes & priorities, Overseeing network systems Applications testing, installation, integration, support & maintenance.

Provided senior level consulting in capacity planning, designing, maintaining, and network connectivity for Data centers & managed other responsibilities/duties as required.

TECHNICAL SKILLS

Hardware: CISCO/JUNIPER/ARISTA/BROCADE/FORCE10/NORTEL- Routers/Switches/

Firewalls, NAS, SANs, VPN Concentrators, F5 Load balancers, Aruba, Meraki, D-Link, ASA, Checkpoint, NetScreen, SRX, Palo Alto, Mainframes, Laptops, VAX, EMC, CD-Towers/Servers, Shiva-VPN LAN Rover Express/Gateway, Printers, FILE SERVERS- (Compaq, HP, Micron, Dell, IBM). WORKSTATIONS- (HP, Compaq, Dell, IBM, Micron, Etc

Software: CISCO IOS, NEXUS OS, JUNOS, ScreenOS, Check Point –GAiA, PAN-OS, A10-ACOS, Arista EOS, FTOS – Force10 Operating System, FOS - Brocade Fabris OS. Encryption, PKI, Cryptography, Windows Servers/workstations, Terminal Servers, MS- BizTalk, Citrix, Novell – 6.x/5.x/4.x/3.X Servers, MS-Office, MS Exchange, Z.E.N.Works, VMware, GROUPWISE, MANAGEWISE,, TIVOLI, ARCSERVE-IT, BACKUP EXEC, LEGATO, PROXY SERVERS, IIS, ProofPoint, MimeSweeper, FIREWALLS, SCOM, ORION- SolarWinds. Moderate experience with SMS/SQL/Lotus Notes/DNS/FOURTH SHIFT/ and Linux/Unix Servers etc.

EDUCATION & CERTIFICATIONS

PCNSE7 - Palo Alto Networks Certified Network Security Engineer

CCSE/CCSA - Certified Check Point Security Expert/Administration

JNCIS-FWV, JNCIP-ENT, JNCIS-ENT, JNCIA, ITIL, CCDP, CCNP, CCDA

FEMA-Information Security, CCNA-RS/Voice/Security

CCIE-Data Center (written passed prepping up for lab exam)

Completed A10 Networks traning - System Administration, ADC and CGN devices

Healthcare Informatics certification 2012

Citrix Certified Administrator (CCA), Bay/Nortel Router Specialist

MCSE, MCP+I, CNE 3/4/5x, MS SQL 2008 – Implementation and Maintenance

Certificate for Managing System Center Operations Manager 2007-(SCOM)

CME-Certified MimeSweeper Engineer, Compaq Storage Works Engineer

On going studies for CISSP, CCIE, Cloud certifications

Electrical Engineer

PROFESSIONAL EXPERIENCE

Holland America Line/Contract Feb 2017 - Aug 2017

Sr. Network-Security Engineer

Responsibilities

Assisted Network/Security deployment teams for dry dock major network/security upgrade Trident/Medallion projects for cruise ships in a redundant Data center environments. Helping with implementation and trouble shooting of Security/Network distribution issues.

Working with Panorama/Palo Alto firewalls in Holland America Line/Carvival Cruise line/Seabourne Cruise line ships and USA data centers, also worked with Cisco ASA/Juniper SRX firewalls, Cisco UCS/ISE/Prime and Riverbed installations.

Assisted and worked with security policies/security/network/Akamai/F5 load balancers operations related issues and Key/Certificates management/monitoring.

Assisted and mentoring other junior engineers with security and networking related issues.

Lan Wan Gurus

Sr. Network/Security Engineer/Architect May 2016 - Nov 2016

Responsibilities

Assisted clients and worked on sub contracts helping with Designing, Planning, Integration, Implementation and Trouble shooting of Cloud/Network/Security devices.

Working with routers, switches, firewalls(Checkpoint/Cisco ASA/Palo Alto), web application firewalls and other monitoring tools. Data and file integrity/activity monitoring.

Assisted and worked with security policies/security related issues.

Vertafore/Contract Jun 2015 – Jan 2016

Sr. Security Engineer

Responsibilities

Handling day to day security operations tasks as required by projects/change requests/tickets for security applicances in multiple Data Centers/sites for 30+ Firewalls, VPNs, IPS, RSA 2F, WAF, Encryption, WLANs, PKI, SEIM and other security related devices and services.

Analyzing the current security architecture to identify weaknesses and develop opportunities for improvement

Participation in network design and architecture leveraging next-gen firewalls to minimize risk.

Enabling an innovative approach to system architecture standards which greatly increase the flexibility, scalability, and reliability of IT services at a lower cost.

Installation, configuration, monitoring and administration of network firewalls-Checkpoint/ASA, intrusion detection/prevention systems, VPN technologies, RSA 2F authentication, Vunerability scaning and other various security system hardware and software.

Perform daily maintenance on firewalls and other appliances to ensure optimal performance

Driving the analysis, design, and development of a roadmap and implementation plan based upon a current vs. future state in a cohesive architecture viewpoint

Implement, support, Pen testing, vulnebility scanning and maintain security appliances in the Data Center for SaaS Cloud.

Serve as one of the highest levels of escalation for security related issues and make ongoing recommendations to improve security configurations and standards.

Providing expert level security engineering knowledge and counsel to others.

Data and file integrity/activity monitoring. Assisted with internal audits of security compliance.

Developing, supporting, and communicating security system engineering policies, standards, guidelines and procedures and creating technical documentations

EMC-Isilon/Contract Jan 2015 – Apr 2015

Sr. Network Engineer

Responsibilities

● Providing planning, design, implementation and operational support for global data network

and telecommucations services. Working on routing, switching, remote access, SSH, PKI,

encryption, perimeter services, WLAN, IPv4/v6 address management, application acceleration,

cloud transport and performance monitoring.

● Worked on project which involved new chassis replacement for Nexus 7k, installing new

supervisor module and updating the images on Nexus from 6.1.2 6.1.3 6.2(8a) and finally

to 6.2(10). Enabled up 10gig interfaces for NAT64 IPv6 traffic. Setting up and enabling IPv6

routing for numerous VLAN as driven by needs of testing new product release and associated

features.

● Setup/configure/upgrading image on Cisco ASR-1002x router for NAT64 IPv6 translation

needs. Setting up and configuring two 10gig down links to Nexus 7K.

● Working on projects that require: Interfacing with different switch vendors, creating various

routing and switching design solutions that support the engineering organization network

needs, leading the network project planning and implementation, planning, designing and

implementation of IPV6 solution, configuring Arista Switches, Kiwi Cat Tools, Implementing

network backup configuration tool, using Zabbix, network monitoring tools IPv4/v6 address

management, documenting network design best practices and firewall restriction and access

control.

● Handled day to day operations of Data Centers needs in USA and Worldwide. Which included

1000+ network devices consisting or Cisco routers/switches(7k/5k/3750), Arista/Brocade/

Force10 switches, DNS Servers, Checkpoint firewalls. Updated switch images/configurations/

interfaces/vlans, monitoring logs/events/alerts via SIEM.

● Replacing old switches Cisco 3750s/Brocade/Force10 switches with Arista switches.

● Worked on trouble shooting tickets for networks issues relating to network routing switching/

IPv6/IPv4 subnetting needs per project and other requirements.

● Recovering of failed/setup/configuring new network equipment after power outages.

Gurus LLC, WA Sep 2013 – Dec 2014

Sr. Network/Security Architect

Demonstrated thorough knowledge of architecture, systems design, management and implementation as it relates to core infrastructure benefitting organizations through targeted deployments, designing solutions for large complex environments in the following areas:

Responsibilities

Data Networks, Clouds, VoIP Networks, Network security, Virtual environments. Contributing to large network and voice transformation projects involving common technologies (Cisco, Avaya, Arista, Juniper, Palo Alto, CheckPoint, F5 load balancers, Alcatel, ShoreTel) Networking, Telecommunications, Data Center, Cloud Enterprise Security, Encryption, eCommerce, Call Centers and Data/Voice/Video solutions with a clear understanding of how an IT organization capitalizes upon technology to help enable our clients businesses

Networking (LAN, WAN,WLANs, MAN, Optical), Data Center (Network R/S, Compute, Storage), Enterprise Security, IP Telephony & IP Video/Telepresence, IT policy/processes/ standards, IT organizational structure, IT job descriptions, and competencies

Change management, enabling technology and program delivery including leveraging network security management (NetQoS, Smarts, HP Openview, SIEM, SolarWinds Orion etc.), security tools, unified messaging and collaboration tools

Microsoft/TCS, WA Oct 2012 – Aug 2013

Network Engineer-III

Responsibilities

Provided Microsoft Cloud Services Network management and support for new data centers’ deployment and Router configuration including Cisco, Juniper and F5.

Managed GNS-O365-BOS-D Azure Cloud ITAR/GSGO Service expansion, VLANs, and configured Access/Core routers as well as load balancers.

Responsibilities include working on tickets related to Cisco/Juniper – Routers/Switches/ Firewalls, Netscaler, F5, PKI, Identity management devices etc.

Tickets include trouble shooting, changes, escalations, new stamp setups, other deployment & decommission work for ITAR/BOS-D environments.

Monitoring network infrastructure devices for performance and troubleshooting.

Well versed with SOP/MOP/RFC processes and their significance, making sure all work performed conforms to IT Security/Compliance, and managed other responsibilities as needed on project by project basis.

EARLIER EXPERIENCE

Sr. Network/Security Engineer/ EPTI Consulting Apr 2011 - May 2012

Sr. Systems Engineer/ Public Health King County Aug 2006 – Feb 2011

Project Manager/Sr. Systems Engineer/ ITS King County Jun 2005 – Dec 2005

Technical Project Manager-Sr. Consultant/ IT Solutions July 2004 - Feb 2005

Project Lead/Weyerhaeuser/ EDS /Excell Data Jan 2004 – May 2004

Sr. Security Analyst-Engineer/Weyerhaeuser/ EDS /Excell Data Jan 2003 - Nov 2003

Sr. Network/Security Consultant/ Network Plus Aug 2001 – Jul 2002

Sr. Network/Security Engineer Pacific InfoSystems Inc Jan 99 - Jun 2001

Network Service Manager/ IT Limited Aug 98 - Dec 98

Systems Engineer/ Wells Fargo Bank- Contract/ MicroAge April 98 – Jul 98

Systems Engineer/ Contract-MicroAge InfoSystems Feb 98 – Mar 98

Sys. Admin-II/ Solectron Washington-Contract/ MicroAge Oct 97 - Feb 98

Sys. Engineer / Aetna U.S. Healthcare-Contract/ MicroAge May 97 - Sep97

Contact this candidate