Syed Muhammad Ali Khan

Phone: 312-***-****

E-mail: ad0m2q@r.postjobfree.com

PROFESSIONAL SUMMARY:

9+ years of professional experience in Network Planning, Implementing, Configuring, optimization, Troubleshooting and testing of network management systems in Datacenter which includes Network load balancers (NetScaler, F5, ACE).

Experience with the escalation problems for Routing, Switching and WAN connectivity issues using different ticketing systems.

Experience with Firewall Administration, Rule Analysis and Rule Modification, project implementations.

Worked on Cisco 7200, 3800, 3600, 2800, 2600, 1800 series Routers and Cisco 2900, 3500, 4500, 5500, series switches

Worked on MX-480, SRX-320, SRX-1500, SRX-5400 and EX-4300 Juniper devices.

Experience in the setup of Access-Lists, and tunnel installations

Experience working with Palo Alto Firewalls.

Familiar with security products such as Cisco ISE.

Enhanced level of experience with routing protocols like OSPF, BGP, and EIGRP.

Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.

EDUCATION

Bachelors in Science Iqra University, Karachi. (Completed 2017)

Master’s in Business: Concordia University Chicago (Completed 2022)

NETWORK CERTIFICATIONS

Cisco Certified Networking Professional (CCNP)

Cisco Certified Network Associate (CCNA)

TECHNICAL SKILLS

Routers

:

Cisco 2600, Cisco ASR [9k, 1k], Juniper [MX960, MX480]

Switches

:

Cisco 2900, Nexus [7k,5k,2k], Arista [7280, 7170]

Firewalls

:

Palo Alto [5000/3000 Series], Cisco ASA [5510, 5585, etc.], Checkpoint

LAN Technologies

:

Ethernet Standards, VLAN, Inter-VLAN, VTP, STP, RSTP, SMTP,

Ether Channel, Port Fast, ACL

WAN Technologies

:

MPLS, VPLS, SD-WAN, EPL, EVPL

Routing Protocols

:

RIP v1/v2, EIGRP, OSPF, IS-IS, BGP, Multicasting

Gateway Redundancy

:

HSRP, VRRP, GLBP, Ether channel technology (LACP, PAGP)

Network Monitoring

:

Wireshark, SolarWinds, NetFlow Analyzer, PRTG Packet sniffer

Load Balancers

:

Cisco CSM, F5 Networks (Big-IP, Viprion 4400, 2400)

Scripting

:

Python

Authentication

:

RADIUS, TACACS+, Digital certificates

Servers

:

Domain servers, DNS servers, WINS servers, Mail servers, Proxy Servers, Print Servers, Application servers, FTP servers, Avocent

Console server.

Datacenter Technologies

:

VDC, vPC, vPC+, FabricPath, FEX, OTV for DCI

Operating Systems

:

Windows 2000/2003/2008 server, Windows XP/7, LINUX, Solaris, Red

Hat, Active Directory, UNIX,junos.

PROFESSIONAL EXPERIENCE

Common spirit Health, Remote. Oct 2022 till Present

Role: Sr. Network Engineer

Responsibilities:

Design and configure complex routing environments, both EGP (BGP) & IGP (OSPF, EIGRP, etc.).

Managing Service Now, Solar Winds Toolset, Cisco Wireless LAN Controllers (general Wi-Fi), Cisco IP SLA, Cisco NAT, Cisco ACL’s, Cisco CoS/QoS.

Implementing IT network architecture, Cisco Application Centric Infrastructure (ACI), including configuration, optimization and supporting network management systems in Data Center which includes Network Load balancers (NetScaler, ACE, F5), Network Firewalls (Cisco ASA, Palo Alto Firewalls) and TCP/IP packet analysis (Wireshark).

Aruba ClearPass server build & migration away from Microsoft/Cisco NPS & TACACS solutions

Management of switch ports with ClearPass and MAB configuration. Allowing the MAC address to connect based on the service request.

Manage SolarWinds NPM, WPM and IPM on monitoring services and nodes.

Provide second/third level technical support for ACI (Application Centric Infrastructure), APIC technologies

In corporate Cisco Nexus 9000 NXOS to ACI fabric to work in concert with existing Nexus 7000s and ASRs for MPLS

Design and implement Cisco ACI in datacenters, create a strategy that allows use of containers, cloud orchestration tools for end users and developers

Deployed Palo Alto firewalls using Confidential NSX through L2 and L3 interfaces on models such as VM-300, VM-500, and VM-1000-HV.

• Enable file forwarding to Wildfire cloud through Content-ID implementation to identify new threats.

• Leveraged Palo Alto Networks’ Wildfire inspection engine to prevent Zero-Day attacks.

• Manage multiple Palo Alto firewalls centrally through the Palo Alto Panorama M-500 centralized Management appliance.

• Configuring Cisco Catalyst Switches for Dot1x support testing the IOS compatibility with ISE

• Implementing, configuring and supporting cloud-based application environments: Microsoft Azure, VMware/vcenter and Cisco UCS, Amazon web services VPN deployment.

• Integrating Configuring Cisco Wireless LAN Controllers WLC with ISE to perform Dot1x authentication for Wireless users.

Deutsche Bank, NJ Jan 2021 to Oct 2022

Role: Network Engineer

Responsibilities:

Implementing IT network architecture, Cisco Application Centric Infrastructure (ACI), including configuration, optimization and supporting network management systems in Data Center which includes Network Load balancers (NetScaler, ACE, F5), Network Firewalls (Cisco ASA, Palo Alto Firewalls) and TCP/IP packet analysis (Wireshark).

Design and configure complex routing environments, both EGP (BGP) & IGP (OSPF, EIGRP, etc.).

Managing ServiceNow, SolarWinds Toolset, Cisco Wireless LAN Controllers (general Wi-Fi), Cisco IP SLA, Cisco NAT, Cisco ACL’s, Cisco CoS/QoS.

Planned migration of servers from traditional Nexus environment to Application Centric Infrastructure (ACI).

Completed POC for Cisco ISE with all Posture, Profiling for end devices like smartphone, laptops, network devices, etc.

Installation and configuration of SDN and NFV Solutions (cloud-based solutions) and Integration of SDN and NFV Solutions.

Worked on AWS to Corporate connectivity and AWS EC2, Auto scaling, NAT Gateways

Extensive trouble shooting experience from legacy Cisco 5500 Series Wireless LAN Controllers to new Meraki security appliances and wireless access points.

Implementing Layer 3 firewall rules and policies on Meraki.

City Of Hope, CA. Oct 2018– Dec 2020

Role: Network Engineer

Responsibilities:

Designed, validated and implemented LAN, WLAN & WAN solution to client’s needs.

Installed and configured Cisco 7200 series router and Cisco Nexus 6004, 6001 switches.

Implemented Layer 2 security by enabling STP BPDU & Root guard, locking down VLAN trunking.

Migrated production applications from a traditional network to a policy-based network model (ACI) which enabled faster application deployment and delivery.

Plan & maintain the enterprise environment including IP address & VLAN schemes.

Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.

Experience on Web Filtering solutions from Blue Coat.

Aruba ClearPass server Authentication: 802.1X, AAA, Policy Management, Guest Access, etc.

Aruba ClearPass server build & migration away from Microsoft/Cisco NPS & TACACS solutions

Management of switch ports with ClearPass and MAB configuration. Allowing the MAC address to connect based on the service request.

Blacklisting and White listing of web URL on Blue Coat Proxy Servers.

Implemented F5 BIG-IP application delivery controllers for load balancing using Virtual servers, irules and iApps.

Configured Checkpoint and Palo alto, Blue Coat Firewall’s Web Defense to mitigate malicious traffic with MacAfee, Blue Coat

Performed LAN operations and troubleshooting which involves working on VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.

Implemented redundancy with HSRP, Ether channel technology (LACP, PAgP) etc.

Migration of existing IPSEC VPN tunnels from pre-Shared key to Certificate Authority for purpose of scaling.

PTCL Sahiwal, Pakistan. June 2016 – Feb 2018

Role: Network Engineer

Responsibilities:

Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy. It also includes the configuration of port channel between core switches and distribution switches.

Implemented HSRP for load balancing.

Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.

Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.

Troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP.

Configuring, Installing and troubleshooting on Check Point Devices.

Configured networks using routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.

Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption.

Negotiated VPN tunnels using GRE, IPSec encryption standards and also configured and implemented site- to-site VPN, Remote VPN.

Deploying and decommission of VLANs on core ASR 9K, Nexus 9K, 7K, 5K and its downstream devices.

Installed and configured the F5 BIG-IP LTM, configure virtual servers and associate them with pools for internal web servers.

Well experienced in configuring protocols HSRP, GLBP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP.

Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.

State Bank of Pakistan, Head office Karachi, Pakistan. September 2014– May 2016

Role: Network Engineer

Responsibilities:

Administrating LAN and WAN connectivity for Client Sites.

Responsible for advanced enterprise wireless LAN administration and design, mesh networks, and point- to-point and point-to-multipoint topologies.

Responsible for Cisco ASA firewalls configuration and administration across global networks.

Installation, Integration and maintenance of LAN, WAN and MAN setup.

Replaced old 6500 and WAN routers and Installed Nexus 7K and ASR 1006 routers.

Configured Cisco 6500, 3500 and 3750 Catalyst Switches at the core and distribution/access layer

Expertise in VPN configuration, routing, NAT, access-list, Security contexts, and failover in ASA firewalls.

Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tuning AS-path.

Tested and implemented various BGP attributes such as Local Preference, MED, AS-PATH, Community, Extended community using route-maps.

Monitor LAN/WAN issues and troubleshoot issues as they arise; using ping, traceroute and using the knowledge of default/advanced protocol settings.

Maintained Cisco ASA firewall/Routing/NAT translations.

Configured Static and default routes.

Created VLAN and Inter-Vlan routing with Multilayer Switching.

Installing new equipment to RADIUS and worked with TACACS configurations.

Contact this candidate