Summary

CCNP (R&S), CCNP (Security), Security + and CISSP.

Over 8 years of IT experience in Enterprise Security, SOC, wired and wireless technologies.

SME on Palo Alto technologies/ Fortinet technologies/Cisco Firewalls, Firewall optimization and Network

Architecture.

In-Depth knowledge and understanding of Routing& Switching, Security, Wireless, and VoIP etc.

Hands-on experience with Cisco Routers 2600, 2800, 3600, 3700, 7200, ASR’s, WLAN Controllers,

ASA Firewalls, IPS/IDS, Cisco switches: Catalyst 6500, Nexus-9k,7k, 5k, 2k, Juniper– SSG, ISG, Security

Appliance, EX4500 switches, Fortinet 60D, 100D, 1000D and Palo Alto-500, 2020, 3060

Design and implementation of Nexus 7K, 5K and 2K Deployment with OTV between Prod and DR data

center, F5 load balancers in Prod and DR environment in High Availability mode.

Palo Alto design and installation which includes Application and URL filtering, Threat Prevention and

Data Filtering and wild fire feature of Palo Alto.

Good communication and Interpersonal skills.

Technical Skills:

• Security Devices

ASA Firewalls, Juniper– SSG, ISG, Security Appliance, MAG-4610, Fortinet 60D,100D, 1000D,

Palo Alto-500, 5060 and Cisco-5500 Firepower Series IPS/IDS.

• Load Balancers

F5 Big 2000 LTM, Cisco ACE.

• Servers

AAA, TACACS+, Radius and ISE.

• Operating Systems

Linux, UNIX, Windows

• Protocols

EIGRP, OSPF, BGP, RIP, OTV, LISP, TSL, MPLS, HSM, Dark fiber, GRE, IPsec VPN and DMVPN Load

Balancing HSRP, VRRP, GLBP, NEXUS vPC, VSS, Port channels, Fabric Path

• Routers and Switches

2600, 2800, 3600, 3700, 7200, ASR’s, Catalyst 6500 and Nexus-9k, 7k, 5k, 2k, Cisco WLC, Meraki

Tools

Netscout, Solar Winds-NPM, Algosec, SPLUNK, Nagios, Qualys Scan

PROJECTS

Engineered Application and URL filtering, Threat Prevention and wild fire feature on Palo Alto-5060.

Designed Out of Band Management Network for Prod and DR sites.

Design and implementation of Juniper Pulse-Mag4610 for connecting 1000 users remotely.

Design and implementation of Nexus 7K,5K and 2K Deployment with OTV between Prod and DR data center (POC).

Engineered implementation of F5 load balancers in Prod and DR environment in High Availability mode.

Accreditation and Decommissioning of FW rules using Algosec.

Design and Implementation of a Data center with Multi-homed ISP with (N+1) Redundancy (Advertising BGP routes) and High Availability with DMVPN to support connectivity between Multiple Remote sites.

Design and Implementation of Data center and Disaster Recovery site for the customer using 2 ASA firewalls with IPS modules in High Availability mode (Active/standby).

Design and Implementation of Fortigate devices in HA mode with Unified Threat Management and secure login using forti-tokens.

Design and Implementation of Cisco IPS device with Threat management and Anomaly based detection.

Implemented Dynamic Failover between HO and DR site using OSPF on Juniper firewalls.

Site surveyed and implemented Wireless Access point with Cisco Wireless LAN Controller to decongest the traffic for Wireless Users in a large Campus Sized Environment.

Automation of Cisco Vulnerability Assessment for Managed devices.

Migration of Cisco IPS devices from MARS to Cisco IME.

Work Experience

The Globe and Mail

Role: Network/Security Consultant Feb2016-July2016

Responsibilities / Deliverables:

Next Generation Firewall Design and Implementation of URL filtering, Threat Prevention and wild fire feature using Palo Alto 5060.

Design Out-Of-Band Management Network for Data centers.

Upgrade and Migration of Juniper SSL VPN- MAG 4610.

Network Design and Architecture of Enterprise Architecture for New location.

Network configuration of Nexus switching infrastructure, Palo Alto firewalls, f5 Load Balancers and Juniper SSL VPN termination devices.

Assist in Disaster Recovery Planning as part of Business continuity.

Handle escalated problems arising from troubleshooting of network or system related issues.

Produce security architecture design and support configuration of security devices in line with IT policy.

DealerTrack Technologies

Role: Network/Security Engineer May2014-Jan2016

Responsibilities / Deliverables:

Lead architect/engineer to design various features on core data center backbone and all venues.

Design and implementation of Nexus 7K,5K and 2K Deployment with OTV between Prod and DR data center (POC).

Design and Implementation of Cisco ASA firewalls and Palo-Alto Firewalls for a 3 Tier zone, multilayer security.

Engineered implementation of F5 load balancers in Prod and DR environment in High Availability mode.

Design and implementation of Juniper Pulse-Mag4610 for connecting 1000 users remotely.

Accreditation and Decommissioning of FW rules using Algosec.

Assist with core departmental responsibilities including configuration of Nexus switching infrastructure, Palo Alto firewalls, F5 Load Balancers and Juniper SSL VPN termination devices.

Troubleshooting Application layer and Security Incidents with Splunk.

Audit and compliance testing using Qualys Scan.

Assist in Disaster Recovery Planning as part of Business Continuity.

Handle escalated problems arising from troubleshooting of network or system related issues.

Evaluate new technologies and produce the technical recommendations.

Configure all network gears (Catalyst 6500/4500/3850/3750/3650, Nexus 5000, ASA 5585, 8500 wireless controller etc) including monitoring/security management systems (SourceFire, Prime infrastructure, ISE, Lancope etc)

Lead capacity management and audit of IP addressing scheme and hosted/networked devices within data centers.

Produce security architecture design and support configuration of security devices in line with IT policy.

End To End Networks

Role: Consultant (R&S, Security) June2011-May2014

Responsibilities / Deliverables:

Create Solution Blue Prints project plans for stakeholder and management approval.

Designed and implemented Core Network solution for clients using Multihomed BGP and OSPF with WAN/Internet Service Provider for clients.

Successfully installed Palo Alto PA-5060, and PA-5020 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.

Configured Cisco Routers, ASA firewalls, PIX devices, Fortinet devices, Juniper SSG’s, Cisco IPS devices,Cisco Switches for new clients.

Worked with newly acquired companies to integrate LANs across IPsec VPN for file sharing and piloting of VoIP phones.

Worked on the AWS in providing a Cloud based Managed Infrastructure for the clients.

Rolling out of MARS and Implementation of New standards of IPS devices successfully to actively guard against Security threats.

Lead the project “Automation of Cisco Vulnerability Assessment and fix Life cycle”.

Technical analysis, development, and project management activities include design, task development and management and project coordination to ensure timely and efficient progression.

Communication and coordination activities included, to managing and directing various contract groups during major projects, timely reporting to the appropriated groups, and scheduling as needed reports to management.

Additional responsibilities and activities included 2nd level support for general systems administration, as needed technical support and training of new technical professionals, 2nd/3rd level support of various LAN/WAN issues.

Evaluation and submission of Quarterly Network performance for Clients Network based on Metrics like

Bandwidth Usage, IP SLA statistics, Jitter, Delay.

Interact with customers to make changes in the Network as per their requirement.

Recommend, schedule, and perform network improvements, upgrades, and repairs.

Implementation of Network Change management for Cisco Routers, Juniper SSG's, ASA's, Fortinet, WLAN Controllers, Juniper SA.

Implementation of IPsec VPN's and scheduling ISP cutover.

Troubleshooting escalated network issues by working with vendors and ISP’s during problem analysis/resolution as required.

Mentoring of Network Analysts in technologies of IPsec VPN's, Remote Access VPN's, SSL VPN's.

Monitoring of IDS/IPS alarms using MARS, IPS Manager Express.

Provide technical support to B2B clients using Ticketing tools like Remedy, Synergy, RT Blink..etc

Provide training and create a Knowledge Base and MOP’s.

Prepare and ensure accuracy of documentation, procedures, manuals, and check lists.

DELL 2009-2010

Technical Support Associate

Troubleshooting and management of Dell switches, VPN network and IP telephony.

Monitor day to day performance.

Control appropriate work of Avaya VOIP and Security systems.

Implement network management and automate system troubleshooting.

Configure install and maintain Internetworking devices.

Analyzes network problems and coordinates with respective teams for resolutions.

Develop work plans, Migration Plans and conversion Scripts needed to integrate Proposed Solutions.

System Administrator 2007-2008

TENET Techtronics

Provided computer hardware, software and network support to various offices.

Experience on Windows Active Directory 2003

Troubleshooting Remote Access VPN Solution: VPN using GRE tunnel

Ability to troubleshoot technical issues in an organized manner

Resolve roaming and local profile issues.

Remotely correct firm wide and local printing, registry and script issues.

Enforce security policies and keep environment up to the company standard.

Education and Certification

Post-Graduate in Wireless Telecommunications

Bachelors of Engineering in Telecommunications

CISSP (Certified Information Systems Security Professional)

Cisco Certified Network Professional–Routing and Switching

Cisco Certified Network Professional- Security

Cisco Certified Advanced Routing and Switching Field Specialist

References: Available on Request

Contact this candidate