Engineer Network
Resume:
Ali Syed
Milton, Ontario, Canada
**********@*****.***
https://www.linkedin.com/in/ali-syed-ccie/
OBJECTIVE
To obtain a position as a Senior Network Engineer/ Senior Security Specialist in a renowned organization that will provide me an opportunity to use my skills in prepare, plan, design, implement, operate and optimize IT Infrastructure that meets today and future Business requirements and drive cybersecurity risk management, advisory services and leadership across the organization.
Summary
SUMMARY I have more than 17 years of experience as a Senior Network and Security Engineer/ Architect with LAN/WAN and Network Security. MS in Computer Science, BS in Computer Engineering have worked to prepare, plan, design, implement, operate and optimize administration of networking equipment such as routers, switches, Nexus Switches 9K,7K/5K/2K, 1000v,VBLCOK, firewalls, Virtual Firewalls, DDOS Protection,IPS, HIDS, EDR, SSL VPN, Load Balancer, NAC(Network Access Control), WAN Optimization,RSA Secure ID, Cisco MDS, IaaS Cloud, Campus in Cloud with AWS, Next Generation Endpoint Detection Response (EDR) NSX Deployment in Data Center, Symantec, Avaya IP PBX,HP Enclosures, Cyber Security, NERC CIP, Vulnerability Assessment, Security Dashboard, Cisco Wireless Controller and Access Point, Aruba Controller and Access points Web Security, network management and structured cabling. Leveraging Network programmability for automation, orchestration of API’s, RESTCONF, NETCONF, YANG, Ansible, ACI, APIC-EM, ODL and python scripting. CCIE Data Center #48988, CCIE Routing and Switching, Voice, Security, Wireless Written Exam. Excellent Communication, project management and high customer services satisfaction skills and believe in continuously improving the Technical/Managerial skills.
EDUCATION
MS in Computer Science (Sept’ 01-May’ 03):
NEW YORK INSTITUTE OF TECHNOLOGY, NEW YORK, USA.
BS Computer Engineering (Jan’ 96-Dec’ 99):
SIR SYED UNIVERSITY OF ENGINEERING & TECHNOLOGY
Certifications
Cisco Certified Internetwork Expert Data Center Lab CCIE # 48988
Certified Infrastructure Security Manager CISM (In Progress)
AWS Certified Solution Architect (In Progress)
Cisco Certified Internetwork Expert Routing & Switching Written Exam
Cisco Certified Internetwork Expert Security Written Exam
Cisco Certified Internetwork Expert Voice Written Exam
Cisco Certified Internetwork Expert Wireless Written Exam
Checkpoint Certified Security Administrator (CCSA)
Information Technology Infrastructure Library ITIL-Foundation
Troubleshooting and Maintaining Cisco IP Networks (TSHOOT)
Implementing Cisco IP Switched Networks (SWITCH)
Cisco Certified Network Associate (CCNA)
Cisco Certified Design Associate (CCDA)
Cisco Certified Voice Professional (CCVP)
Cisco IP Communication Express Specialist (IPTX)
Cisco IP Telephone Design Specialist (IPTD)
Cisco IP Contact Center Express Specialist (IPCC)
Cisco Unity Design Specialist (CUDN)
Microsoft Certified Professional + Internet (MCP + I) Expired
Microsoft Certified System Engineer (MCSE)- Expired
Microsoft Certified Professional (MCP) Expired
Microsoft Certified System Engineer + INTERNET (MCSE +I)) (TRAINING FROM SSUET)
Technical Skills Summary
LAN / WAN
Routing Protocols: EIGRP, RIP, OSPF, BGP, TCP/IP, IPv4
Hardware Platform: Routers; Cisco 800, 1700, 2600, 3600, 4500, 7500, 3800, 6500,6800,6880,Arista 7500
Switches :3550, 3600, 3700, 3750, 6500, Nexus 2000, 5000, 7000,9000, Nexus 1000v,VBLCOK, UCS C and B Series, Arista 7000 Arbor Network DDOS, MDS922i and HP C Class and P Class Enclosures
Wireless
Cisco and Aruba Wireless controller and AP’s deployment in Campus .
Security & VPN
Security Protocols: IPSec, RSA, SSH, SSL
Hardware Platform: Palo Alto 200,3000,5000,7000 and Panorma,Checkpoint IP 560 IP 390, Checkpoint 4600 Appliance, Checkpoint 12600,Check Smart 1 25 and Check Point Smart 1 50 Cisco VPN concentrator, Cisco ASA 5505 Cisco ASA 5510,Cisco ASA 5540, Cisco PIX 501, Cisco Pix 515E, Cisco PIX 525 Cisco PIX IDS, IPS, Pix Firewall, Juniper SSL VPN, Checkpoint Firewalls, Juniper SRX 5500, Sonic Wall NSA5600, Checkpoint Network Access Control (NAC), SAV for NAS, Tipping Point, Mimesweeper, Qualys, Cyphort, Fireeye, Crowd Strike, Carbon Black
Network Management
Security: Team Cymru, Qualsys Guard,Cyphort
LAN/WAN: OPSware, HP Openview, Cisco works, Tivoli, Solar Winds, Netbrain, Whatsup Gold
Sniffer: Ethereal, Wire Shark, Observer, Fluke Networks
Application Performance
Load Balancer: Experienced in CSS, F5 (BigIP and 3DNS), Foundry LB and Radware Alteon’s,, AVI Networks
WAN Optimization
Silver Peak NX 10700 and VRX
SIEM Tools
System Logging: RSA Envision, QRadar, Tripwire
Content Filtering
Web Sense
Remote Authentication
RSA Secure ID, Cisco ACS, Steel Belted Radius and Crypto Card
Network Diagram
Microsoft Visio
Professional Training
Developing with Cisco Network Programmability (NPDEV) (5 Days Training) 2017
Designing and Implementing Cisco Network Programmability(5 Days Training) 2017
IP Expert CCIE Data Center Boot Camp (5 Days Training) 2015
DCNX5K – Implementing the Cisco Nexus 5000 and 2000 (5 Days Training) 2014
Avaya Communication Server 1000 Familiarization Rls 7.x (2 Days Training) 2014
Avaya Communication Server 1000 System Admin and Mgt (3 Days Training) 2014
Avaya Aura System and Session Manager Boot Camp (5 Days Training) 2013
Configuring BIG-IP LTM Version 11 (3 Days Training) 2012
Checkpoint Certified Security Expert (CCSE) R75 (4 Days Training) 2012
Checkpoint Certified Security Administrator (CCSA) R71 (4 Days Training) 2011
Certified Information System Security Professional (CISSP) ( 5 Days Training) 2010
Information Technology Infrastructure Library (ITIL V3) ( 5 Days Training) 2009
Tipping Point Advanced Technical Security Products (3 Days Training) 2009
Symantec Endpoint Protection Training (5 Days Training) 2008
Clearswift Mimesweeper Training (5 Days Training) 2007
Voice Boot Camp (6 Months Training) 2007
CCVP, Cisco certified voice professional
Cisco IP Telephony Design Specialist
Cisco Unity design engineer
Cisco IP Telephony express specialist
Cisco IP Contact Centre Express specialist
Memotec Router Training ( 5 Days Training) 2004
MCP,MCP+I and MCSE Training from SSUET (6 Months Training) 2000
Professional Experience and Education
Ontario Finance Authority Toronto -Canada June' 17- Present
Senior Security Engineer/ Architect
Infrastructure
Responsible to improving the security posture for OFA and communicate the security priorities with C Level Management.
Directed all facets of the IT department to include: corporate information architecture, data and voice infrastructures, information security, database and reporting strategy, software development efforts, and project management. Provided strategic planning to senior management.
Patch management, vulnerability assessment, vendor selection, Penetration testing and day to day analysis on daily threats and their remediation.
Conducting Security Awareness Training, Patch Management, Security Dashboard for C Level Executive and analyzing day to day threats.
Palo Alto Network, Inc. Santa Clara -California Feb' 16- June 17
Senior Network Engineer/Architect
Infrastructure
Provide day to day and new office deployment via PAN firewalls at more then 30 Remote Offices ( Over 200 Firewalls), Data Centers, Cloud and also support the upgrade and bug fixes .
Design, implement and provide support for all network related hardware/software.
Deploy Campus in Cloud with AWS .
Install, support and maintain hardware and software infrastructure according to best practices, including routers, Load balancers, switches, wifi controllers, and firewalls.
Perform network security design and integration;
Diagnose problems and solve issues, often under time constraints;
Provide network and host based security, incident response, firewall and VPN management and administration;
Implement the necessary controls and procedures to protect information systems assets from intentional or inadvertent modification, disclosure, or destruction;
Provide network documentation;
Ensure system uptime and backup for network related equipment.
Conduct security assessments (with security team) and make recommendations on data/voice network (LAN/WLAN/WAN/DMZ/Internet), disaster recovery, remote access, network appliances, servers, and directory services security
Provide security incident triage and response, including working with firewall and device logs, investigating security events, protecting forensic value of data and establishing monitoring and incident reporting and response procedures.
Work closely with engineering to help report issues and manage project deliverables and provide status and progress reports
Provide on-call support for L3 Network engineering on rotation
Openwave Messaging, Inc. San Mateo -California Oct' 15- Feb' 16
Senior Network Engineer/ Architect
Infrastructure
Working on designing and implementing Data Centers for the new and existing customers with an objective for minimum or no downtime.
Provide day to day support to Cisco UCS architecture, Cisco Nexus Switches, Cisco Nexus 1000v
Provide day to day support Cisco ASA, Juniper SRX and Sonic Wall Firewalls
Provide day to day support to F5, Foundry and Alteon load balancers.
Develop procedures and policies for supporting the Global Networks, SLA's, and Network Security
Ability to comprehend, analyze and research problems of a complex nature, make judgment decisions and recommendations as to their solution
Excellent interpersonal, organizational, leadership and mentoring skills
Ability to prioritize, multi-task and maintain flexibility in a fast-paced environment.
Proactively Support Engineering, Development and Lab Infrastructure
Develop and design the BCP for the Data Centers and create strategic ways to avoid the downtime for the transition during the Data Centers Fallback/Fall forwards with minimum impact to business critical applications.
Leading the teams by example and initiate the brainstorm and collaboration session with the Engineering Teams, Application Developers, Customer Support, Network Operation Center,CIO and CTO .
Independent Electricity System Operator (IESO) Mississauga-Canada Feb' 08- Oct’ 15
Senior Network Engineer/ Architect
Infrastructure
Preparing and maintaining Reliability Standard Auditing Worksheets (RSAWs) and involved in Setting up the NERC Zone and preparing documentation for NERC CIP Audits.
Prepare, plan, design, implement, operate and optimize the Enterprise Campus across multiple locations by upgrading it from the Cisco 4500 Switches to Cisco Stackable Switches 3750's and also deploy Checkpoint Firewall with Identity Awareness and Application Control for User's Segment.
Prepare, plan, design, implement, operate and optimize the Enterprise Edge across multiple locations by upgrading the WAN Link to meet business requirements and upgrade the IT infrastructure to Juniper SSL VPN 2500 for Production and Development.
Prepare, plan, design, implement, operate and optimize the Enterprise Data Center across multiple locations by upgrading it from the Cisco Catalyst 6500 to Cisco 6800 with VSS and upgrading the access to Nexus Switches from Cisco Catalyst Switches
Prepare, plan, design, implement, operate and optimize the Enterprise Edge security parameter across multiple locations by upgrading it to Tipping Point IPS 1200 E and then upgrading them to Tipping Point IPS 1400 E with Geo Locations.
Prepare, plan, design, implement, operate and optimize the Enterprise Edge across multiple locations by deploying Checkpoint Firewalls, Cisco Load Balancer and Tipping Point IPS 1200 E.
Prepare, plan, design, implement, operate and optimize the Infrastructure Voice Services of existing PBX to Avaya Voice Solution with CS1K, Session Manager, System Manager and Survivable Media Gateway and CIC IBM Contact Center for multiple locations.
Prepare, plan, design, implement, operate and optimize the Enterprise Remote Access across multiple locations with Site to Site VPN with Cisco ASA’s and Checkpoint Firewalls with Managed and Unmanaged Edge Firewall and deploying thick Client Check Point NAC which includes ( Firewall, VPN, Full Disk Encryption, Media Encryption)
Upgrade the existing RSA Secure ID version 6.1 to RSA Secure ID Appliance Authentication Manager 7.1 and recently in 2014 to 8.1 P 05
Prepare, plan, design, implement, operate and optimize NERC isolation which includes several pairs of Cisco ASA’s 5550, Cisco Routers 3800, Cisco Switches and Tipping Point 1200 E to enhance the posture of Critical Cyber Assets in Production and Dev Environment.
Works as a stakeholder for the Security patches and vulnerabilities. Identify the vulnerabilities across the entire infrastructure and upgrade the devices if possible.
Works as Project Manager on several projects and create several Business Cases and Project Plan of Juniper SSL VPN, F5 Load Balancer Deployment, RSA Secure ID Upgrade and Checkpoint NAC Deployment.
Upgrade the Checkpoint Management consoles for Checkpoint Firewalls IP390’s, IP560’s, IP530’s and in several DMZ Zones for Production, Sandbox and QA Environment in Primary Site and Backup Operation Site from R65 to R71.10.
Upgrade Checkpoint Firewall from NGX R65 to R71.10 and R75.40 ( Gaia) also deploy Checkpoint Firewall with Identity Awareness and Application Control.
Deploy several HP C- Class Enclosures and also troubleshoot day to day problems related to HP C and P Class Enclosures and Rack Mount Servers
Recreation of problems in a lab environment and filled bugs with several vendors.
Fusepoint Managed Services Mississauga-Canada Jul' 06- Feb’ 08
Senior Network Engineer
Infrastructure
Design, deploy and implement several new Managed, Complex Colo and Colo Customers
Provide day to day and final level of escalation as a Tier 3 Support Engineer for existing and new customers
Identify and Perform Security patches on Network devices.
Installed, configured and troubleshooting of several Cisco devices, Checkpoint, F5 (BigIP and 3DNS), Nortel and other tools.
Excellent customer services skills
Recreation of problems in a lab environment and filled bugs with several vendors
Implementation of several customers in the data center based on complex project scope
Provide day to day support and deploy new customer on Cisco Pix’s, Cisco ASA’s, F5 BIG-IP LTM,F5 BIG-IP GTM, Check Point Firewalls, Cisco VPN Concentrator, Cisco CSS’s, in Toronto, Vancouver and Montreal Data Center.
GE Healthcare Canada (Contractor for B& D Morningstar) Mississauga-Canada Feb' 05- July’ 06
National Broadband/VPN Specialist
Drove Broadband connected systems in Canada from 38% to 70 %, successfully achieving the target for 2005 and resulted in approximately 10% less calls to the Customer Centre and reduced FSR site visits by 20%.
Increased the Canadian VCP Credits by $300K CAD per month for the Broadband Service contract.
Supervised with Milwaukee to create a Broadband Workbench to access the Broadband Compatible systems for Canada.
Design and coordinate the Site-to-Site VPN using Cisco PIX, Cisco Routers and Linux FreeSwan, Sonic Wall for connectivity with customers.
Provide assistance to VPN team and Customer for setting up and troubleshooting problems with Site to Site VPN with Checkpoint NG, Cisco Pix, Cisco Concentrator 3.6 or higher, Cisco Router 12.2 or higher, Juniper Netscreen, Sonicwall Pro +TZ, Symantec Raptor, Watchguard Firebox.
Good relationship builder with Customers by positive approach, re-enforcement of mutual goals and establishing trust relationship and provide assistance in understanding, designing, securing and developing Site to Site VPN with almost every firewall vendor and with customers all over the Canada.
Coordinate and lead GE Healthcare VPN Team, Field Team, Project Manager Teams, Online Engineering Team, Sales Team and Services Team.
Broadband Maritime Inc (Contractor) NYC-USA Jul’ 03 - Feb’ 05
Senior Network Engineer
Network Engineer leads the Network Department within the design and implementation of IT infrastructure center, provides and supports all local voice and data network.
Designed and implemented a topology where remote nodes (moving ships) can get 24/7 IP & Voice services through Teleports (Earth stations). This involved setting up earth stations to provide services from four different locations (Glenwood, New Jersey; Holmdel, New Jersey; Leuk, Switzerland & Brewster, Washington).
Design and implementation of Site-to-Site VPN using Cisco PIX, Cisco routers, Sonicwall and Red Hat Fedora Core 2 for backup connectivity between branch offices.
Network implemented running RIP2 & OSPF over Frame Relay.
Designed, implemented and managing Network operations center (NOC).
Worked with Cisco(3600, 1720, Switches), Memotec (CX800, CX950) & IBM 2210 Router's and Sonic Wall Pro 100, Pro 230 and Cisco Pix firewall 515E.
Implementing Site to Site VPN between Cisco PIX, Cisco router (1720, 3640) and Red had Linux.
Central Depository Company Karachi, Pakistan May’ 00- Sep’ 01
Senior Network Engineer
Network Engineer in making plans including operations, troubleshooting, and expansions of the current network and communication links. Network monitoring including performance of the network, links utilization, and network troubleshooting
Installation and Configuration of 3Com switches Core Builder 9000 & 3500 Layer3 switch and GIGA interfaces, also configuration of 3Com Super Stack Switch 3300 Configuration of VLAN and implementation of security using QOS Classifiers and Controls. Cisco 2900 switch, Switches IBM 8271, Access Servers IBM 8235 032 and Ethernet Stackable hubs IBM 8224 Series.
Design, implement and setup of Network Monitoring Software (IBM Tivoli, HP Open View, Cisco Works for Windows and 3Com Transcend Enterprise Manager)
Administered Cylink PrivateWire Gateway as encryption/decryption tool using RSA and Triple DES technologies - Created users, group, defined the rule(s), certified authorities and certified the public keys.
SoHo Solutions - ISDN: legacy DDR, Dialer profile and Dial Backup, Bandwidth on Demand from main site to backup site.
Involved in Design, Installation, Configuration, network testing, Operations & Administration of Internetwork. Project leader for implementation of Disaster Recovery Site & structured cabling for CDC networks.
Configure Site to Site VPN between Cisco Routers and monitor the performance of network
Programming Languages and DBMS
Java (JDK 1.3), Oracle 9i, 8 and 7.3, Access 97, PL/SQL, Pascal, Red Hat Linux, C and C++.
References
Excellent Recommendations - available upon request
Contact this candidate