Network Engineer Security
Resume:
AFSAR MOHAMMAD
Fremont, USA
ad132p@r.postjobfree.com
Network Engineer with 12+ years of experience in the industry, academic instruction, and seminar presentations. Possesses expert knowledge of OPENSTACK, F5, AWS, CISCO, Juniper SRX, and other Network Security products. Demonstrates proven skills in management, maintenance, and troubleshooting. Shows a strong working knowledge of Routers, Switches, Firewalls, IPS/IDS, Anti-Virus, and VPNs. Successfully redesigned the organization's network infrastructure to improve redundancy, resilience, and speed, resulting in a 30% improvement in network uptime and performance. A problem-solver and analytical thinker who is self-motivated and constantly seeks new areas for learning.
TECHNICAL SKILLS
●Networking & Security: SD-WAN (Viptela, Cloud Genix), Cisco CSR, Juniper vSRX, Cisco ACI, VMware NSX, SDN, NFVI, VNF, Cisco Firepower, Palo Alto, Fortinet, Zero Trust Architecture
●Languages & Scripting: Python, Shell, JavaScript
●Cloud Platforms & Infrastructure: AWS, GCP, Azure, Cisco CVIM Cloud, Docker, Kubernetes, Cisco Private Cloud
●DevOps & Automation: Jenkins, Ansible, Terraform, Git, CI/CD pipelines
●Configuration Management: Red Hat Linux, Ansible, Chef
●Monitoring & Visualization: Nagios, Prometheus, Grafana, SolarWinds, Cisco DNA Center
●Disaster Recovery & Business Continuity: Cloud-based and on-premises DR solutions, DRaaS
●Security & Compliance: SIEM (Splunk, IBM QRadar), IDS/IPS (Snort), Firewalls (Cisco ASA, Juniper SRX), DDoS Mitigation, SSL/TLS, Load Balancers (F5 Big-IP, NGINX), Compliance (ISO/IEC 27001, SOC 2, GDPR, PCI DSS)
●Virtualization & Containerization: Cisco NFVI, VMware, Docker
●Project Management Tools: JIRA, Confluence
●Governance & Policy Management: RSA Archer, ServiceNow
●Data Encryption & Endpoint Security: Thales, Gemalto, SentinelOne, Crowdstrike
Professional Experience
Questivity Inc,
Principal Network Engineer
Santa Clara, CA
DEC, 2022 - PRESENT
●Designed and deployed scalable network architectures using Cisco ACI, ensuring agility in a multi-cloud environment.
●Managed complex network upgrades and system integrations with Cisco Nexus 9K series switches, enhancing data center performance.
●Orchestrated disaster recovery solutions using a combination of Cisco's SecureX for on-prem resilience and AWS Route 53 for DNS failover strategies.
●Optimized network performance on a Linux infrastructure utilizing advanced features of Cumulus Linux and NetQ monitoring.
●Implemented robust network security measures including Palo Alto firewalls and Cisco ISE for secure network access control.
●Deployed and configured Nagios XI for network health monitoring, with custom plugins to address unique metrics.
●Utilized Python scripts and Ansible playbooks for network automation, facilitating rapid changes and minimizing human errors.
●Spearheaded the integration of SD-WAN solutions using VMware NSX, reducing operational costs and improving bandwidth efficiency.
●Conducted detailed performance analysis using Wireshark and Riverbed SteelCentral for real-time network troubleshooting.
●Engineered MPLS network solutions with BGP for optimal routing and redundancy in multi-branch networks.
●Facilitated seamless VOIP deployments by leveraging QoS techniques on Cisco Unified Communications Manager (CUCM).
●Managed DNS, DHCP, and IPAM using Infoblox, providing centralized management and high availability.
●Led IPv6 transition projects, utilizing dual-stack configurations to maintain interoperability with legacy IPv4 systems.
●Administered F5 BIG-IP Local Traffic Manager (LTM) appliances for advanced load balancing and application delivery control.
●Drove network security initiatives, performing vulnerability assessments with Nessus and implementing remediation strategies.
●Directed the adoption of network segmentation and virtualization strategies using Juniper vSRX and VMware NSX for enhanced security and agility.
●Collaborated with system engineers to deploy Kubernetes clusters, ensuring network policies and CNI plugins are optimized for container traffic.
●Instituted a network change management process using ITIL best practices, documented via Atlassian Confluence, and tracked through JIRA.
●Executed network capacity planning and analysis using SolarWinds Network Performance Monitor for predictive scaling.
●Enhanced team technical acumen through leading Cisco Certified Network Professional (CCNP) certification study groups.
Equinix.
Sr. Network Architect
Sunnyvale, CA
FEB, 2018 - DEC, 2022
●Orchestrated the transition to a cloud-based infrastructure, leading requirement gathering and solution design, deploying robust Cloud/NFVI solutions with Cisco CVIM Cloud for enhanced performance and scalability
●Designed and implemented a VNF Marketplace, enabling customers to seamlessly purchase and manage VNFs including Viptela & Cloud Genix SD-WAN, Cisco CSR, Nokia vEPC, and Juniper vSRX
●Streamlined connectivity by integrating Cisco Private Cloud with Public Cloud platforms using AWS Direct Connect, Azure Express Route, Google Cloud Interconnect, and Oracle Cloud Direct Connect
●Spearheaded a cross-functional team in the automation of NFVI deployments and the orchestration of VNF onboarding utilizing Ansible and Terraform for efficient resource management
●Enhanced system security by configuring virtual server environments, enforcing SSL/TLS encryption, and implementing advanced load balancing strategies with F5 Big-IP and NGINX
●Engineered high-availability (HA) and failover strategies across cloud services, significantly reducing downtime and achieving a 99.9% uptime metric
●Utilized monitoring tools such as Nagios and Grafana to oversee network and application traffic, enabling proactive identification and resolution of performance bottlenecks
●Fine-tuned application performance through strategic load balancing and traffic management adjustments, leading to a 20% improvement in response times
●Fostered a collaborative environment with IT support teams, streamlining complex issue resolution processes and shortening incident response times by 30%
●Drove the migration of on-premises workloads to cloud environments, leveraging Kubernetes for container orchestration and achieving a 25% increase in deployment efficiency
●Advanced network infrastructure modernization by implementing SD-WAN technology, optimizing connectivity and slashing operational costs by 15%
●Played a pivotal role in keeping the organization at the forefront of cloud computing and NFVI advancements, consistently integrating emerging technologies into solution offerings
●Pioneered a company-wide cloud migration strategy for Equinix clients, delivering tailored solutions that resulted in an average of 35% cost savings on IT expenditures
●Led strategic initiatives for multi-cloud integrations and interoperability, ensuring seamless operation across diverse cloud ecosystems with tools like Cisco ACI and VMware NSX
●Collaborated with sales and marketing teams to articulate the technical advantages of our Cloud/NFVI solutions, contributing to a 20% growth in our client base.
ItsOn Inc
Security Engineer
RedwoodCity, CA
DEC, 2015 - DEC, 2017
●Deployed and optimized next-generation firewalls (Palo Alto, Fortinet) to fortify network perimeters, achieving a 30% improvement in threat interception and reducing breach risk
●Orchestrated an advanced intrusion detection/prevention strategy using tools like Snort and Cisco Firepower, enhancing threat detection accuracy by 40%
●Managed a robust SIEM infrastructure with Splunk and IBM QRadar, streamlining incident detection and response times by 25%
●Conducted comprehensive system audits in alignment with ISO/IEC 27001 and NIST frameworks, using tools like Nessus and Qualys for vulnerability scanning, leading to a strengthened security posture
●Led incident response efforts during multiple high-profile security breaches, leveraging digital forensics tools such as Encase and FTK, reducing system recovery time by 50%
●Drove the achievement of certifications including ISO/IEC 27001, SOC 2 Type II, and GDPR compliance, reinforcing the organization’s commitment to data protection and privacy
●Engineered a sophisticated endpoint protection system with SentinelOne and Crowdstrike, diminishing the malware infection rate by over 60%
●Championed the development and maintenance of security policies and procedures, employing governance platforms like RSA Archer for policy lifecycle management
●Collaborated with DevOps teams to integrate security into CI/CD pipelines using SAST and DAST tools such as Veracode and OWASP Zap, ensuring secure code deployment
●Automated compliance and audit reporting by implementing GRC tools like ServiceNow, reducing manual efforts by 35%
●Crafted a comprehensive disaster recovery plan utilizing cloud-based DRaaS solutions, ensuring RTO and RPO targets were exceeded by 20%
●Advanced the company’s encryption practices by deploying enterprise-grade encryption technologies including Thales and Gemalto for data-at-rest and data-in-transit protection
●Spearheaded the transition to a Zero Trust network architecture using technologies like Akamai and Zscaler, minimizing the attack surface and unauthorized access incidents
●Implemented secure remote access solutions with VPN technologies (Cisco AnyConnect, OpenVPN), promoting operational flexibility while maintaining security controls
●Educated and empowered the workforce on cybersecurity best practices and emerging threats through regular training programs, reducing phishing success rates by over 70%
●Instituted a continuous monitoring program leveraging tools like Tenable.io for real-time visibility into the security health of the IT ecosystem
●Pioneered the adoption of a secure cloud gateway and CASB solutions (McAfee MVISION, Netskope) to monitor and secure cloud application usage, achieving a unified security policy across cloud services.
Bare Escentuals
Sr. Network Administrator
San Francisco, CA
MAY, 2015 - DEC, 2015
●Designed and deployed secure vendor VPNs using Juniper MAG Series with dual-factor authentication, leveraging RSA SecurID for robust access control.
●Executed configuration change requests in Cisco ASA 8.4 for client networks, applying ACL and NAT policies to facilitate secure and efficient connectivity.
●Managed configuration updates in Juniper SRX 3400 firewalls for internal network segmentation, enhancing network security and performance.
●Administered URL filtering policies through Bluecoat ProxySG's Visual Policy Manager (VPM), ensuring secure and compliant web access.
●Installed, configured, and maintained WAN and LAN networks, optimizing performance using network analysis tools like Wireshark and SolarWinds.
●Provided comprehensive support for network and security systems, troubleshooting issues with the aid of Cisco Prime Infrastructure and Cisco DNA Center.
●Facilitated cloud computing initiatives by implementing SDN technologies, using platforms such as Cisco ACI and VMware NSX to streamline network operations.
●Supported Cisco NFVI solutions and Cisco Firepower for advanced threat protection and security intelligence across the network infrastructure.
●Managed compliance with PCI DSS standards, performing regular network scans with QualysGuard and implementing remediation strategies.
●Addressed retail stores’ connectivity issues by configuring and maintaining DMVPN networks, and ensured reliable MPLS connectivity for remote locations.
Hitachi Consulting
System Administrator,
Newark, CA
OCT, 2010 - MAY, 2015
●Orchestrated the design and implementation of Datacenters in compliance with SAS70 standards, leveraging best practices for server hosting and ensuring service continuity across diverse geographic locations.
●Spearheaded Datacenter migration initiatives, coordinating with IT teams to execute seamless transitions with minimal service interruptions.
●Installed, configured, and maintained WAN and LAN networks, utilizing advanced network management platforms like Cisco Meraki for optimal network visibility and control.
●Offered dedicated support for Network & Security Systems, ensuring robust security posture using tools such as Fortinet’s FortiGate and FortiManager for unified threat management.
●Enabled cloud computing capabilities by integrating SDN technology with existing IT infrastructure, using solutions like VMware NSX and Cisco ACI for network virtualization and automation.
●Administered Cisco NFVI solutions and managed Cisco Firepower systems for comprehensive threat defense and network security management.
●Managed compliance with PCI DSS by implementing stringent security controls and conducting regular audits with automated tools like Tenable Nessus.
●Acted as a liaison between customers, vendors, and IT teams to resolve complex network-related issues and facilitate Datacenter enhancements.
●Configured RSA Authentication Manager servers to secure network access, implementing two-factor authentication for enhanced user login security.
●Developed and enforced security policies across web applications using Web Application Firewalls (WAF) such as AWS WAF and Cloudflare to prevent exploits and data breaches.
●Instituted DDoS protection mechanisms by configuring services like Arbor Networks solutions to mitigate the risk and impact of distributed denial-of-service attacks.
●Conducted in-depth network traffic analysis to preemptively block malicious activities, employing intrusion prevention systems (IPS) like Snort and Cisco Firepower.
●Analyzed security events and logs with precision using SIEM solutions such as Splunk and IBM QRadar, enabling real-time security insights and forensics.
●Implemented strict network segmentation and access control policies, using VLANs and ACLs on Cisco Nexus switches to enhance security and network efficiency.
●Integrated the Application Firewall Module (AFM) with security orchestration tools, creating a centralized platform for security policy enforcement and incident management.
●Assured compliance with GDPR, HIPAA, and other industry-specific security standards
EDUCATION
Osmania University
Bachelor of Computer Science,
Hyderabad, India
Contact this candidate