Sr network engineer
Resume:
TAHER S
aczkh1@r.postjobfree.com / 708-***-****
aczkh1@r.postjobfree.com / 224-***-****
PROFESSIONAL SUMMARY:
Around 8 years of experience in Networking, Security and service provider, including hands-on experience in providing network support, installation, design, implementation for a broad range of LAN / WAN/MAN technologies and newly-emerged SDN technology
Hands on experience in Cisco IOS/IOS-XR/NX-OS, Juniper JUNOS, Dell FTOS and Brocade
Hands on experience in installing, troubleshooting, configuring of Cisco7200, 3900, 3800, 2900, 2800, and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 series switches
Worked on different Network Topologies and devices including Routers, Bridges, Switches, Hubs and Access point
Expert level knowledge on OSI model and TCP/IP protocol suite
Experience in layer-3 Routing and layer-2 Switching
Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: OSPF, EIGRP, RIP, ISIS, BGP
Advanced knowledge of BGP route filtering and BGP policy including Route Reflector, Confederation, Advertise map and Attribute map
Knowledge of implementing and troubleshooting layer 2 technologies such as VLAN, Trunks, VTP, Ether-channel, STP, RSTP and MST
Experience in device hardening and security features on router and switch
Expert in design of MPLS VPN and ATOM (Ethernet over MPLS) and providing Intranet, Extranet and shared services
Strong knowledge of TACACS+, RADIUS and RADIUS proxy implementation in RADIUS and ACS server
Working knowledge of network monitoring/management tools like Wireshark, TCPDump, Net Flow, PRTG, MRTG and Solar Winds, Putty, Secure CRT, GNS 3 and Cisco Packet Tracer, SDM, ASDM
Knowledge of NAT/PAT on Cisco routers, ASA firewall, Microsoft RRAS, ISA, Palo Alto and Checkpoint firewall
Configuring security policies and deep application inspection on most common firewalls including: CISCO ASA/PIX, Check point, Palo alto, MS ISA server
Managing VMs in VMware ESX with vCenter and configuring Resource pool, DSR, vMotion and distributed switch
Working knowledge VOIP phone CUCM, CME and QOS and digit manipulation and transformation
Implementation of HSRP, VRRP GLBP for Default Gateway Redundancy
Administration of Windows servers including Windows server 2003/2008/2012 and Linux
Design and implementation of Active Directory forest and establishing trust
Design and configuration of Active Directory Group policy
Adept in preparing Technical Documentation and presentations using Microsoft VISIO/Office
Strong interpersonal, organizational communication, customer service & presentation skills.
Excellent conflict resolution, problem solving, debugging skills and capable of quickly learning, effectively analyzing results and delivering solutions as an individual and as part of a team.
Experience in implementing and handling projects.
TECHNICAL SKILLS:
LAN Technologies: VLAN, VTP, Inter-Vlan routing, STP, RSTP, MST, HSRP, GLBP, VRRP, LACP, PAGP, Ether Channel, Trunks, DTP, PVST+/RSPVST+
WAN Technologies: Frame Relay, ISDN, PPP,HDLC, MPLS, Leased lines
Routing Protocols: RIP, IGRP, EIGRP, OSPF, BGP, IS-IS, IPV4, IPv6, LPD/TDP, Multicasting PIM DM/SM, Route redistribution, NAT/PAT
VPN: VPN (PPTP, L2TPv2, L2TPv3 compulsory and mandatory mode), Layer 2 VPN Architectures (ATOM and L2TPv3), MPLS VPN, MPLS TE, VPLS, IPsec remote access and site to site, Anyconnect, SSL VPN, SSTP, DMVPN phase 1,2
Firewall: Cisco ASA/PIX, Router Zone-based Firewall, Checkpoint, Palo Alto Networks
QoS: CBWFQ, LLQ,WFQ, WRED, Policing/Shaping.
Virtualization: VMware VSphere 6, View, Workstation; Microsoft hyper V, virtual server and PC, Virtual Box
Microsoft Servers: Active Directory, Certificate Authority, DNS, DHCP, ISA & TMG, VPN solutions (RRAS), IAS and NPS, Exchange 2003
Network Managements: SNMP, SSH, Telnet, ICMP, Trace
IP Telephony: VOIP, FXO/FXS/T1/ISDN PRI, Call manager Express.
Common Protocols: DHCP, DNS, SMTP, POP3, FTP, TFTP,HTTP,NTP,WLAN, 802.11
Operating Systems: Windows XP/8/10/ Windows Server2003/2008/2012, Ubuntu, Centos
Languages/ Tools: HTML, CSS, Shell Scripting
Tools: Microsoft Office Suites, Visio, Wireshark, GNS, Solar Winds, MRTG,PRTG, What’s UP, SDM, ASDM, TCPDump, Net Flows, Putty, Secure CRT, GNS 3 and Cisco Packet Tracer
Educational Qualification :
Bachelor's in Computer Science (B.A) Devry University, Chicago IL.,U.S.A.
CERTIFICATION:
Cisco Certified Network Associate (CCNA)
PROFESSIONAL EXPERIENCE:
Assertive Health Inc, Chicago Illinois September 2013- Current
Network Engineer
Responsibilities:
Designed and implemented appropriate policy for organization's security.
Configured Access lists (ACL) on ASA firewall for site to site IPsec VPN connectivity.
Implemented Modular Policy Framework on ASA to tweak TCP parameter.
Configured Routing protocols such as RIP, OSPF, EIGRP, static routing and policy based routing and redistribution.
Configured and managed Cisco access, distribution and core layer routers and switches.
Configured gateway redundancy (HSRP, GLBP) on Catalyst 6500 switches.
Configured policy package, app control and URL filtering on Checkpoint firewall through manager.
Configured PAT, security policy, IPsec VPN site to site and antivirus engine on Palo alto networks firewall.
Established policies and procedures related to Systems security and integrity.
Skilled knowledge of RIP, EIGRP, BGP and OSPF.
Configured/ administered/ deployed several Cisco 12000, 10000 and 6500 series.
Configured channelized DS3 card on the Cisco 12000 series router for managing T1 lines.
Migrated, authenticated and synchronized AD accounts of forest to CUCM, and CME ; QOS, Implemented dial plan by digit manipulation and transformation
Implemented and maintained network performance testing software like PRTG and MRTG.
Migration of Cisco wireless controller from 4500 to 5508,5520 series.
Deploy Cisco aironet 700,1700 series
Implemented and managed network monitoring tools like Nagios and Orion.
Implemented Perl scripts for network monitoring tasks.
Deployed and managed various Fujitsu switches (XG2600, XG2000, XG0448, and XG0224).
Experience working with 5505, 5510, 5520 and 5550 model ASA's.
Experience working with the latest ASA IOS (8.3, 8.4)
Implemented and managed SSL VPN using Radius server (Cisco Any connect) on ASA 5550.
Configuring vpc, port channel on Nexus 5k, 7k.
Experience working on Cisco ASR, Nexus. Also Cisco products such as 3750, 2901, and 2811
Experience working with Cisco 3750, 4948, 2811, 2600, 7200, 6500, 12000, 10000 series switches and routers.
Implemented Cisco load balancers cluster for firm's proprietary analytics web application.
Implemented and administered Websense Web Security Gateway for web content filtering and DLP.
Configure wireless access point, migration from 4500 to 5000 series Wlan controller.
Experience working with APM(access point manager)
Managed software and hardware contracts. Audited contracts and worked with vendors to terminate unused services and reduced costs. Negotiated key contracts with vendors and reduced costs.
Extensive experience with Check Point, Juniper and Cisco ASA firewalls.
Protection System management and configuration.
Experienced with Firewall administration such as Juniper, Check Point or Cisco
Extensive experience with Check Point and CISCO Security Firewall Configurations and network configurations.
Strong TCP/IP understanding. Knowledge of debugging Check Point Firewall.
Configured with F5 Load balancers in Failover for Load balancing and SSL handling
Configure F5 BiGip to provide Load Balancing for server farm
Create self signed certificate and deployed on Loadbalancer
Designed, implemented and supported ; ISE security services (lan/wan)
Hardware migration from Citrix Netscaler NS 7000 to MPX 9500
Involved in setting up new Citrix Netscaler SDX 15000
Experienced in Network deployments and Network security designs.
Experience with configuring, supporting, and troubleshooting security products including Check Point, Juniper, Cisco, IDS solutions, and others
Troubleshoots network access problems and implements network security policies and procedures.
Ensures network (LAN/WAN, telecommunications, and voice) security access and protects against unauthorized access, modification, or destruction).
Experience in Identifying and evaluating implementations of specific and general security tools (Secure Works, SharePoint, IDS, ASA, etc.)
Review the webdefend console at least daily, deal with the identified application events, review and tune the Web application firewall rules for each of the applications being protected, add new, administer users add & remove, and patch/update software
Create and Maintain security compliance PCI document
Administration and diagnostics of LAN and WAN with in-depth knowledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
Provide 24/7 on call support and Document the environment
Edward Hospital, Chicago Illinois Feb 2011 – July 2013
Network Administrator
Responsibilities:
Assisted with design, maintenance and monitoring of the customer’s Enterprise Network and their MPLS VPN connectivity, CE-PE routing and providing continual improvement.
Configured and maintained ISP core network consisting of Juniper M40, M160 and Cisco 7200 routers and Cisco 6500 switch with BGP and OSPF
Resolved issues escalated from other departments mainly DSLAM and DSL issues
Assisted in developing department procedural and training documentation
Held training classes for MPLS-related technologies (Basic MPLS, MPLS VPN, ATOM, VPLS)
Upgraded core infrastructure routing protocol from EIGRP to OSPF
Design and configuring of OSPF, BGP and static on Juniper routers (M40, MX160)
Involved in the configuration & troubleshooting of routing protocols: OSPF, EIGRP, RIP, BGP for CE-PE connectivity
Designed and implemented Route Reflector and Confederation for MPLS VPN infrastructure after number of customers grew largely
Designing, configuring, implementing and troubleshooting VLAN, VTP, Spanning Tree (STP), Trunking and Ether channel on Pop sites and DSLAM to separate users traffic
Performing troubleshooting on slow network connectivity issues for ADSL customers
Maintenance and configuration of Cisco 7200 routers at POP site and 3900, 3800, 2951 and 2821 switches
Extensive experience with Check Point and CISCO Security Firewall Configurations and network configurations.
Strong TCP/IP understanding. Knowledge of debugging Check Point Firewall.
Implementation and administration of Check Point Firewalls & network Management
Assisted in design of multicast network to deliver Multimedia server traffic to ISP customers
Experience with manipulating various BGP attributes such as Local Preference, MED, Communities, Route filtering to balance the loads on links and affect incoming and outgoing traffic path
Alleviated Distributed denial-of-service (DDoS) attacks on ISP main links by blocking intruding addresses
Configuring clientless and full SSL VPN and different profiles to meet customer needs
Improved ISP internal infrastructure by analyzing deficiencies and providing solutions in the form of visual presentations, written proposals
Researched new technologies and products in collaboration with R&D
Assisted in creating comprehensive Visio Documentation to give complete picture of whole ISP network infrastructure
Troubleshoot the network issues remotely and send support group depending on the severity of the issues.
Performing network monitoring, providing analysis using various tools like Solarwinds, Wireshark
Monitor, document, and control infrastructure performance for response, throughput, and availability
Upgraded Operating Systems for different devices like JUNOS (Juniper), IOS (Cisco) and FTOS(DELL).
Cat Technologies Inc, New jersey, Illinois, June 2008- Oct 2012
Server and Network Administrator
Responsibilities:
Configured Cisco Routers (2500, 3000, 4000) using RIP, IGRP, OSPF, EIGRP
Configure Cisco Switches (5000, 3524, and 2900)
Responsible for Network Upgrades
Responsible for Check Point and CISCO Security Firewall Configurations and network configurations.
Worked on IP based networks, network design, and security products.
Configuring, Supporting, and Troubleshooting security products including Check Point, Cisco, IDS solutions, and others
Configuring and install hardware and software required to conduct network penetration testing.
Worked on infrastructure strategies, hardware/software, security and networking products
Setting technical standards for network infrastructure, security baselines, policies and procedures
Ability to access Information Security Risks, understand business needs, and apply defined information security policies and architectures in order to develop effective solutions
In-depth knowledge of IP routing, virtual routing and forwarding(VRF) and routing protocols
Well versed in different vendors L2/3 switch hardware architectures
Detailed knowledge and hands-on experience of Layer 2 protocols includes Spanning Tree Protocols, VLAN Tagging(802.1Q), Link aggregation (IEEE 802.1AX)
Hands on experience with design and implementation of large IP networks
Worked on design and implementation of network security infrastructure (firewalls, IPS)
Hands on experience in datacenter environment (LAN/WAN/security/application)
Perform security as a discipline, with focus on IPSec, Access Control, Firewalling, IDS/IDP
Managing Network consisting of more than 100 servers with Novell Netware, Windows NT, UNIX, Win frame, AS400, Cisco Routers and more than 1500 client.
Experience with Check Point's Smart Center management station Tipping Point Intrusion Protection System management and configuration.
Experienced with Firewall administration such as Juniper, Check Point or Cisco
Responsible for installing connectivity software using VPN, Citrix, Telnet and Dial-up connections.
Diagnose and solve Frame relay / T1 lines, CSU/DSU and routers connectivity problems.
Provided Security and Network performance audits periodically using Sniffer Distributed suite
Configuring and managing network traffic using 3COM SNMP and access list.
Manage Cisco Router, 2900xl switches and 3Com hubs configuration for WAN and LAN interfaces.
Responsible for determining software and hardware resolutions.
Monitoring and responding to system and network alarms and alerts
Administrate / supports (mfg, Lab, Office & Data Center Network)
DNS Management (IP addressing)
Assists in LAN Design & support
Onsite Support of desktops, Servers, LAN equipment and WAN links.
First level support for network.
Managing and monitoring the WAN setup which includes Leased Line links, ISDN and leased line connectivity.
Contact this candidate