Posted

print

favorite this post Network, Security, VoIP and Data Center Solutions Architect (Sammamish) hide this posting unhide

17+ years of Experience in designing, implementing and maintaining the IT infrastructures including Network, Security and Systems.
Looking for part time projects but long term relationships.

***Also available on most holiday and weekends including Christmas and New Year***

CAPABILITIES

• Design, build and manage Enterprise Local Area, Wireless and WAN Networks
• Managed Services for Networks, Security and Systems, Virtualization, Service Chaining VNF and PNFs
• Services Orchestration/Intelligent Automation
• Adaptations/Migrations to new Technologies

CREDENTIALS

• CCIE in Routing and Switching#22151
• CCIE in Security#22151
• CCIE in Data Center (Th) #22151
• JNCIA -Juniper Certified
• ISO 27001 - ISMS Auditor
• CCSA - Checkpoint Certified
• Bachelors in Engineering (AMIE) - 2001
• Diploma in Engineering (DME) - 1996



-------------------------------------------------------------------------------------------------------------------------------------------------------

PROFESSIONAL EXPERIENCE HIGHLIGHTS

• Built multiple Enterprise class Data Centers, Disaster Recovery Sites, deployed WAN Networks to interconnect Branches, Campus and Data Centers.


TECHNICAL EXPERIENCE SUMMARY

NETWORKING/INFRASTRUCTURE/IT MANAGEMENT
• Architect - worked with pre-sales teams and System Engineering to gather requirements, propose solutions and writing product requirements, work with development teams to develop solutions
• Technical Lead/Architect - Deployed 1000+ Enterprise Networks to connect Secure Clouds, enabled Single Sign On, URL, AV Filtering and SSL transparent Interception
• Technical Lead/Solutions Architect - Built Customer Solution Labs and Developed Solution documents on how to enable WAN Opp with various Interception Techniques
• Solutions Architect/ Escalations - Deployed 100+ Unified Server platforms in large Enterprise Data Centers, enabled hosted services with KVM, HyperV, vmware and built multi tenant Networks using Cisco VMDC architectures
• Security Architect - Designed and Implemented a Web Content Security, End Point Protection Solution for a brewery company worldwide for 20 Countries for 125000 Users
• Network and Security SME - Managing Network and Support teams, work loads, Handling customer escalations
• Sr. Consultant - Implementing BYOD wireless Infrastructure
• Solutions Architect - Developed and built a multi silo Network Segmentation for a Collection agency, developed a Multi tier architecture to access Customer, partners and Internal Users.
• Sr Consultant - Helped to enable Secure connectivity branches across the North America and APAC region to interconnect with HQ and Reginal HQ locations using MPLS, DMVPNs
• Sr Consultant - Audited perimeter security for an Enterprise, helped to migrate from old firewalls to an application aware firewalls, migrated the server load balancer from discontinued product lines to Latest Firewalls.
• Architect / Sr Engineer- developed datacenter DR plan for a 5K robots FAB (manufacturing unit) organization, built Two mega datacenters for disaster recovery, worked from developing roadmap, defining project milestones for all Infrastructure and applications, defining BCP/DR policy, and publishing std operating procedures (SOPs).


TECH TALKS

• Routing, Switching, Security, Virtualization, Application Networking, VPN's and MPLS, Wireless Networking, SDN, Cloud Networks , Cisco VMDC
• Specialties / Expertise in :- IPv4, IPv6, Routing, Switching, Security (Perimeter, Endpoint, WAF, URL, IPS, email Security, AV, Threat Protection, OSSEC), Virtualization, Application Networking, VPN's and MPLS, Wireless Networking, SDN, Cloud Networks [VMDC], Cisco UCS,HP BladeSystem
• Products includes :- Anuta NCX, WanOP, Cisco Catalyst, Nexus Switches, IOS-ZBFW, FWSM, ASA, Net Screen, CheckPoint , PaloAlto, Fortinet, IPS/IDS, Zscaler, ForcePoint, Juniper SSL-VPN, Wireless and LAP's (Cisco & Aruba, Ruckus, Meraki, ubiquiti), NAC and Cisco, Juniper Routers and Switches, Cloud Router (CSR1000v), Cisco VSG, vASA, F5 BIG IP, NetScaler VPX. OpenStack, DevStack, vmware NSX, vmware vShield, vyatta, Radware LB, Cisco ACI/APIC, VCE vBlock, HP Cloud System, NetApp, Nimble, HP Flex Fabric, VMWare ESXi, OpenStack, KVM, Oracle VMs, Sumologic, Splunk, ELK stack, Qualys vulnerability, Acunetix pen testing, Cylance, MFA (Azure , Yubikey, Google Authenticator), OKTA, SAML



-------------------------------------------------------------------------------------------------------------------------------------------------------

EMPLOYMENT/PROJECTS


Project : Managni Systems Inc.
Company : Managni Systems Inc. (Oct 2015 to ..)
Build Security and Infrastructure Solutions and architecture, Information gathering, propose, implement and support

Position : SOLUTIONS ARCHITECT/DIRECTOR SUPPORT & OPERATIONS
Contribution:
• Offering consulting services to VARs/System Integrators to develop proposals that speaks to the client's needs, concerns, and objectives
• Provide complex design and systems engineering configurations, architectures and proposals to address customer and prospect requirements, Work on SOW, BOM and Solution Proposals
• Research and stay up to date on the most recent industry standards and trends, emerging technology in network and sever engineering, and working with the principles of SDN, routing and switching, security, and server virtualization
• Designing cyber security architectures, integrating network access tools, aggregated sensor data, threat feeds and security analytics in to SIEM
• Design solutions with evolving technologies, building campus, enterprise networks, SDN networks, Private clouds, interconnecting public clouds and building 360° security information surveillance.
• Working on various projects related to Endpoint Protection, Perimeter Security, including Web, Content Security, Email Security, Mobile Security and Visibility
• Working with Compliance, Governance and Auditing tasks
• Authentication & Federation Controls integrate with all top Authentication solutions that included Cisco ISE, Aruba ClearPass LDAP, ADFS, Azure MFA, Google Authenticator, OKTA
• Working with Web Application Firewalls, URL and AV Filtering, SSL Inspection, Adv Threat Protections & IPS
• Participate in the development and support of presentations for customers and partners and provide remote support for field sales team



Project : Anuta Networks Inc.
Company : Anuta Networks. (June 2013 to Jan 2017)
Worked with pre-sales teams and System Engineering to gather requirements, propose solutions and writing product requirements, work with development teams to develop solutions.

Position : SOLUTIONS ARCHITECT
Contribution :
• Provide complex design and systems engineering configurations, architectures and proposals to address customer and prospect requirements
• Research and stay up to date on the most recent industry standards and trends, emerging technology in network and sever engineering, and working with the principles of SDN, routing and switching, security, and server virtualization
• Participate in the development and support of presentations for customers and partners and provide remote support for field sales team
• Contribute to the creation of case studies, white papers, collaborative, team-based environment, sharing best practices and building lasting relationships, Understand and effectively utilize organizational resources.
• Coordinate Implement POCs and product installations by understanding and documenting customer requirements, evaluations
• Working with Technologies/products includes: Open Daylight Controller, OpenStack, Docker Swarm, OpenFlow Switches, Virtualized Network Services / Functions Virtualization (NS/FV) Stack, Merchant Silicon Switches with a "Server-in-a-Switch, "Server-in-a-Router" Dynamic Service Choreography, OS2 MDM/EMM (Mobile device Mgmt), VXLAN Tunnels



Project : Zscaler Inc.
Company : Zscaler Inc. (Sep 2012 to June 2013, then as a Freelancer from June 2013 till date)
Working with Zscaler customers to troubleshoot data centers, internet and cloud connectivity issues with Zscaler cloud. Simulate customer scenarios in house and reproduce customer found defects to support engineering for providing the fix. Validating the fixes, working with Support Escalations.

Position : Principal Support Engineer & Deployments Assistance
Contribution :
• Advisory on best practices for optimum Zscaler service usage via a series of conference calls and videoconferencing sessions
• Deployment assistance and support includes, Traffic Forwarding Methods, Policy Structure, Authentication, Reporting and Scheduling
• jump-start for traffic forwarding and service implementation with the Zscaler DAS team working remotely with customers and customer-designated partners to replicate Zscaler-provided best
• practices across all sites, projects and users
• Deep-dive Q&A sessions to supplement the Zscaler online training content
• Supporting various customer escalations, TAC and engineering, working with Product Marketing and Account teams, and reviewing the logs, providing the RCA, working with engineering to get closure on the escalations
• Supporting various customer escalations, TAC and engineering, working with Product Marketing and Account teams, and reviewing the logs, providing the RCA, working with engineering to get closure on the escalations
• Working on various routers including Cisco , Juniper and Firewalls like Cisco , Juniper, PaloAlto Networks, Checkpoint , Sonicwal, Fortigate etc in traffic redirection using GRE or IPSec tunnels to the Zscaler Cloud.
• Supporting the various Zscaler enablement's across the customer networks and providing solutions, and deployments



Project : Cisco Systems Inc.
Company : Cisco Systems Inc. (Jan 2007 to Sep 2012)
Description : Building enterprise-class data centers and simulate customer scenarios, POC Topologies and re-produce complex customer found defects, Lead the Solution Team for WAAS (Wide Area Application Acceleration) and UCS product lines, Lead Functional Test Team for Interceptions inc WCCP (off-path), IN-Path, Supporting customers, TAC and business unit (BU) for the IT infrastructure issues inc Security, Routing, Switching, Content Networking, Server Virtualization and Storage. Supporting & building Cloud Architectures, drafting and reviewing solutions and design specs, test strategies and gap analysis etc...

Position : Escalation Engineer, Technical Leader
Contribution :
• Supporting various customer escalations, TAC and engineering, working with Product Marketing and Account teams, and reviewing the logs, providing the RCA, working with engineering to get closure on the escalations
• Building the scalable end to end networks, Cisco's Cloud reference architecture VMDC (Virtualized Multi-Tenant Data Center topologies.
• Reproducing the customer issues, drive the meetings with multiple partners inc vmware, emc, netapp to work on the incident, RCA, bug fixes, release notes, certifications etc..
• Lead the solution team and functional test team, building customer simulated system/solution pods to test Interop with Cisco and third party network devices for WAAS product using simulated real world Enterprise DataCenter which inc various types of technologies inc Routing, Switching, Security, Voice, Virtualization and various other applications.
• Coordinating Alpha and Beta customer deployments, reproducing escalation issues, working with Engineering, AS and TAC
• Reviewing and writing product solution and design specs, test strategies, test plans, gap analysis, functional specs etc.
• Working on various features sets of ISR, ASR, Nexus7K, Cat4K, Cat6k, 7600, 3750 in various Topologies for feature Interop validation and WCCP Interception testing
• Expert in using virtual technologies includes features like vPC, vDC, VRF,, vMotion, VSS etc..
• Use Virtualization like vWAAS , vCenter, ESX/ESXi, VSM, VEM, (N1K), DAS/SAN/NAS, iSCSI, FCoE, Windows, Linux on to Cisco UCS Servers and other HP Servers..
• Deploying Cisco UCS Servers, ACE/CSM, FWSM, CheckPoint, PIX, ASA, , NetScreen, SonicWall, IPS(AIM,SSM) etc part of validating Directed-Mode feature in WAAS
• Configuring BGP, EIGRP, OSPF and validating across all these devices with WAAS for sanity testing
• Leading WAAS Interceptions Team and Troubleshooting support to the BU (business Unit) with 500 Racks of Network Equipment inc Routers, Switches, Firewalls, and WAAS devices and Test Equipment like IXIA and Spirent Traffic Generating Tools for the team of 180 people.
• Reviewing the product enhancements functional specs, writing and Reviewing the various Test plans and product performance documents for WCCP, INLINE, Port Channel, Standby Interfaces, Egress-Methods (inc GRE-Return, GGRE) and Network Path-Affinity/Directed-Mode etc
• Reproducing various customer found defects in the LAB to help development to fix the bugs, which requires building test beds and re-designing and re-configuring the testbeds as per the customer topologies
• Validating and implementing customer environments in house and working on Cisco Validated Design (CVD) Solutions include various features like QoS, CBAC, IOS ZBFW, ASA Firewall Cluster, HSRP, GLBP, VRRP Redundant Topologies, MPLS-TC/COS/DSCP, ACL, protocol based classification, markings and Appling policy optimizers, redirecting, intercepting traffic using PBR, WCCP, Inline , ACE etc..
• Working with SE's, escalation and Engineering on various customer found defects and verification & re-verification (regression)
• Supporting the product audit team for common criteria certification and reviewing the product security controls




Project : Avaya Data Center Consolidation. Remote Local Secure Access (RLSA) Network
Client : Avaya Inc. USA (Sep 2006 to Jan 2007)
Description : Avaya Inc, part of Data Center Consolidation, Securing and integrating Global Managed Services (GMS) and product Support Services (PSS) as 'Enterprise Service Delivery platform' (ESDP) with two factor authentications, Security compliance and operational documents

Position : Solution Architect
Contribution :
• Migrating AVAYA's Regional Data Center from Herndon VA to Denver CO.
• Evaluated IT Infrastructure design/solution for Avaya GMS & Avaya PSS Infrastructures with various Routers and Firewalls includes Juniper and Cisco, and Juniper SSL-VPN Devices, and Extreme's Core Switches and Routers.
• Involved in Project design evolution and reviews. Tested with simulated test cases in Development Lab.
• Evaluated & Tested simulated Production site setups inc of Routing, NATting, IP Addressing, IPSEC & SSL Tunnels, L2TP and various other secured connectivity options inc integration of 2-factor Authentications with LDAP, Radius
• Evaluated several types of NATting Options available to resolve IP Conflict issues with Customer networks, inc various type of firewalls which is in production inc of Cisco, Juniper, CheckPoint and Watch Guard...and other Router& Switches inc of Cisco, Extreme, Juniper.
• Integration of complete Secured remote Access infrastructure with NetConnect and SAM(Juniper IVE connectivity Options), Realm, Roles and Role mappings, resource policies, authentication policies etc,,
• Developing test cases, solution and migration documentation.





Project : Implementing, Managing and Securing Networks
Company : EDS Internationals, Singapore. (Client: SSMC, Philips Semiconductors) (Jan 2004 to Aug 2006)
Description : SSMC plant is a Joint venture of Philips & TSMC semiconductor manufacturing unit.

Position : Sr. Network & Security Architect / Project Lead
Contribution :
• Developed IT Infrastructure design/solution for Network Separation Project due to the security/business requirement by Philips, also involved in execution of Network Separation Project.
• Designed Infrastructure Solutions for the Projects includes of Alternate Work Site for BCP and Building Disaster Recovery Site.
• Involved in Sales pursue for IT Infrastructure and Hardware Refresh projects. Helped in getting BOM and involved in POC Solutions and presentation to the customers. Supporting pre-sales activity for IT Infrastructure Solutions
• Generating/Providing Standard project documentation including detailed test plan for highly complex networks, Generating network configurations from Low Level Design for highly complex networks
• Deployed Cat 6509-E Core Switches in DR Site and Data Center, Configured VLANs, HSRP Groups, FWSM Firewall groups, EIGRP Routing between Two Core Network blocks.
• Managing Campus Security, Inter-VLAN security and internet security by using various Firewalls (using CheckPoint and Cisco PIX and FWSM)
• Implemented Virus filtering and URL filtering in CheckPoint Firewall with the integration of Surf Control's URL Filtering Server and Trend Micro's CVP Server.
• Managing the WAN Circuits to Philips Global Network and backup ISDN WAN link also dedicated International Leased Circuit Wan Link to Taiwan Semiconductor Mfg Co (TSMC).
• Managing the Infrastructure Security inc of VMPS and port security, remote access security, network Security and patching the devices etc. managing multiple Cisco Airo350/1200 Wireless LAN access points installation and configuration using EAP/TLS encryption
• Peer Reviews and Standby Support to SSMC, ABN AMRO account and GM, Caltex (Chevron & Texaco) accounts.
• Worked as Project Leader for building the Disaster Recovery site & Network Segmentation project.
• Involved in Information Gathering, Planning, Solutioning, Costing and Sales Pursue, Chair for Project Kick-Offs, Project update meetings, Project milestones reviews, User Acceptance Tests, Post Project reviews, Post Project Surveys
• Configured the 4x 6500 Core Switches, FWSM Blades, and 3550 Edge Switches,
• Configured Firewalled VLAN-Groups Configured VLANS and SNMP, HSRP, Spanning Tree
• Inter-VLAN Routing, VTP Authentication and EIGRP Authentication, Network Address Translation
• Cisco Works Server Implementation and configured SNMP Strings
 SPAN/RSPAN and IDS 4215 with IDS Event Viewer
 DMZ VLAN and Static Network Address Translations with H-IDS on Apps Server
 Deployed Port Security, WAN Links connecting and Routing, End user (MFG Related tools & Servers) migrations, Firewall Logs review and Incidents handling and reporting
 Firewall Harding and handling User Network Access Requests, Cisco ACS Server installation and Configuring AAA in all Data Comm. Devices
 Configured VPN's (FWSM, VPN Concentrator, Check Point Firewall) and connected Sub cons with pint-to-point VPN tunnels and restricting the access to specific application Servers with Access Controls
 Handling Change Management Requests and Peer reviews, Troubleshooting the connectivity problems, 24x7 Standby Support and issue escalations
 Consolidating, reporting the network interface errors for business-critical server
 Troubleshooting and Supporting MFG Related applications problems including ProCIM/ Promise and TIBCO dependent applications etc...
 Preparing Project Documentation and project closures meetings with the clients
• Monitoring and managing the data communication devices, backbone network connectivity and WAN links by using Cisco Works 200 Campus manager.
• Involved in ITO Audits includes BS-7999, T-Systems and developed Standard Operating Procedures (SOP) for day to day network and security operations.
• Worked with Tibco Gateways inc RVRD and RVD Servers, to support Semiconductor MFG Operations
Team Size : IT Support Staff - 50 (Data and Voice Network, IT Security staff -5)
Environment :
Cisco 6506/6509 Catalyst Core Redundant Switch Blocks. CISCO 3548/3550 Switches about 70, CISCO 2620 Router about 5, HTU-E1 V.35, Cisco PIX / FWSM Firewall, Cisco IDS, Check Point Firewall and Real Secure IDS, Cisco Works 2000, and Traffic Director. Nessus Vulnerability Assessment Tools, MRTG Traffic monitoring Server and Philips PABX SOPHO iS3000.






Project : Network Support and System Integration and Security (Apr' 2002 - July'2003)
Company : Information management Resources Pte Ltd, Singapore

Position : Security Expert and as a Team Leader
Contribution : at various client places (ABN AMRO, SCS Systems, China aviation oil, Bisley Asia)
• Involved in servicing and support to various clients in the fields of Network integration, Systems and Security
• Involved in Network Infrastructure Audits and documentation, Security Consulting and Vulnerability Assessments,
• Customer presentations, POC deployments, pre-sales support and vendor coordination.
• Installed a Symantec Antivirus Gateway for the SMTP and HTTP traffic.
• Implementation Site-to-Site Cisco VPN and upgrading Cisco Router 1700,2600 Series DRAM, IOS and supporting
• ISDN, Leased Lines, Switches and router configurations
• Implemented Windows NT 4.0 Server with File and Print Service. Configured & Maintained Lotus clients and Server, Check Point Firewall with DMZ network and also implemented Site-to-Site VPN.
• Maintaining the exchange 5.5/2000 configured separate OWA server under DMZ to minimize the Risk, with 120 users under the Internal network.
• Support for HP Servers, 3Com Switches, HP Printers, Print Servers and Jet Direct etc.
• Implemented Checkpoint NG with VPN and clients with Secure Remote, dynamic NAT, and configured DMZ for Web
• server and MAIL server (Exchange 2000).
• Used Arc Server as a backup system with Exchange agent and Linux agent. Outlook Express Migration to Outlook 2000.
• Installation and maintenance, SonicWall/Watch Guard Firewalls with maximum 300 users with network printers, Application Servers, Mail, Web servers and Accounting Servers.
• Generating/Providing Standard project documentation including detailed test plan for highly complex networks
Team size : 7 engineers (Inc of Network and Desk support, Helpdesk)

Project : ISP WAN Links Setup and Maintenance (Oct' 1998 - Jan'2002)
Client : Gatestech InfoTech, Hyderabad - India
Description TATA Internet Services Limited is one of the largest Internet Service Providers in India having 10 POP Locations and 3 world-class DATA centers.
Position : Sr. WAN Engineer & Cisco Trainer
Contribution : Deploying/ Managing the WAN links and Routing
  • do NOT contact me with unsolicited services or offers

post id: 6915104497

posted:

updated:

best of [?]