Experience Summary:

 

·         Switching: Cisco 2900,3700,6500 & Nexus 7K,5k,2k

                            Vpc, VSS, VTP, Port-Channel, RPVST,1000v.

 

·         Routing:   ISR G1, G2, ASR ,& Juniper routers etc

                            OSPF, EIGRP, BGP, HSRP, MPLS, VRF.

 

·         Security:  Firewall Policies, IPsec S2S ,C2S VPN,

                           SSL-VPN, DMVPN, URL-Filtering,

                           DLP, Application inspection, IDS/IPS,

                            Dos Attacks, Hardening, Rogue AP's.

 

·         Wireless:  Cisco Aironet Access points ,Flex7500 ,

                           WLC 5500, 802.11a/b/g/n/ac standards.

 

·         VOIP:        IP-Phones, Soft Phones, Call Manager Etc.

                           SIP, H.323 protocols, CME, Video Codecs.

 

·         Appliances: Cisco ASA, Checkpoint R65/75,Jun-SRX,

                           Palo-Alto , Fortinet, Snort IDS,IPS,

                           Bluecoat Proxy/Packet shapers,

                          F5 , Radware Link load balancer,

                          Cisco ACE, Cisco ACS, Web-sense, Riverbed

 

·         Mgmt:      SNMP, TACACS,Cache-flow, NTP,MRTG,PRTG

                         WhatsupGold, Solarwinds, Openview etc.

 

·         System:     VMware Virtualization,VirtualCenter ,Vsphere

                         Windows, Linux, ADS, DNS,DHCP

 

·         Info-sec:   CISSP, Multi-tier deploying Architectures

                           Penetration testing, scans, log reviews etc.

                           Regulatory compliance, Risk Management

                           Access controls and reconciliation checklists.

 

·         Process:   SAS type I &II , ISO standards, Six-sigma

                           ITIL V2 and V3 frame work, Toll-gates,

                           Requirement-gathering, Design build,

                           Change review, periodic reporting, Audits,

                           Procurement, PO/Invoice processing,

                           ISO 27001 and                          

 

·         Documentation: MS-Visio, PPT, Excel, Cost modeling

                           Audit reporting, Budgeting & forecasting,

                           Problem and Known error database,

                           Audit/Security reporting, periodic reports

 

·         People:      Vendor/Provider coordination and mgmt,

                           Escalations and updates to stake holders

                           Project driving leadership, team building.

 

 

     DOITT                                      since Apr’15.

     Project                                       911

     Location                                    Brooklyn, NY

     Role                                           Network SME

 

     Profile:

 

·  Design & Build of Staging and Development environment for E-911 Project

·  Deployment of a miniature 911 datacenter environment with Nexus VDC's and virtual PAN firewalls

·  Requirement gathering of NYPD,FDNY,Verizon & NICE application workflows and their segmentation

·  Transitioning the design and technology attributes to the operations team and assisting in application testing.

·  Participation in the build requirement discussions for the 911 disaster recovery setup and failover 911 Answering center

·  Design & deployment of DOITT extend LAN for 911 infrastructure using 6800 core/distribution and 3850 access layer

·  Design & testing of local and central switched wireless LAN traffic for DOITT staff supporting e911 deployment

·  Troubleshooting QOS issues in the core DOITT Network and doing a correlative analysis with the hardware line rate congestions

·  Review of the packet discards on the DOITT core network and problem management analysis of issue on various switch platforms

·  Deployment of flexible net flow on cisco 6800 and Nexus switches for data export to Riverbed Cascade Profiler.

·  Documentation & transitioning the deployments & design to the support team for day to day operations.

 

 

     Atlas Air Worldwide               Since Sept'14.

     Location                                   Purchase, NY

     Role                                         Network Architecture & Engineering Consultant

 

 

·  Design & implementation of HA and disaster recovery architecture enterprise datacenter.

·  Design & setup of cross data center interconnects like dark fiber and OTV's and GTM's

·  Seamless migration of cisco 6500 cores to nexus 7009 core platforms at corporate headquarters.

·  Migration of legacy VPN's across remote site networks to dual cloud DMVPN networks.

·  Review and audit of core component architecture and high availability in datacenter

·  Creation of run books for various disaster recovery scenarios of datacenter infrastructure

·  Upgrade of legacy Cisco ASA's to next generation Cisco ASA's and Paloalto firewalls.

·  Troubleshooting of Cisco 1000v issues in Dell blade/ Vmware Vcenter environments

·  Layout of framework to facilitate Cisco iWAN in the global wide area network.

·  Design & setup of infrastructure framework to enable sync with the enterprise cloud infrastructure.

·  Migration and setup of services to the Microsoft Azure & Amazon web services platforms on the cloud as per global DR strategy.

·  Troubleshooting and reviewing NX-OS upgrade and wireless LAN issues in the enterprise wide network.

·  Development of out of band management of infrastructure and disaster ready procedures.

·  Guiding the team through the Business Continuity tests for the datacenter infrastructure for various services.

·  Participating in budget, network design, security reviews as a member of core infrastructure team.

·  Review of various network audit, monitoring tools as part of continuous improvement process.

 

 

     Tiffany & Co.                          April'13-Aug'14.

     Location                                   NJ

     Role                                          Network Architecture & Services Consultant

     Projects                                    PCI Network Segmentation, Architecture & Services.

 

     Profile:

 

·  Architecture and implementation of branch in a box concept on a Cisco ISR G2/UCSe to run virtual

 Paloalto firewall, riverbed, Wireless LAN controller and unity connection on top of VMware Vsphere.

·  Architecting the PCI segmentation of global network and its roll out in phases and passed the ROC.

·  Design & setup of DMVPN cloud over global BGP MPLS and regional internet DMVPN clouds.

·  Setting up of DMVPN phase 2/3 to facilitate multiple DMVPN hubs under one routing domain.

·  Deployment of redundant DMPN clouds on a different NHRP instance cross datacenter failover.

·  Deployment of QoS pre-classification for DMVPN and per tunnel QoS for spokes with QoS profiles.

·  Global routing planning and setup with distribute lists, prefix-list, route-maps, AS path prepends etc.

·  Cross datacenter failover and automatic global routing failover during the disaster recovery process setup.

·  Setup of multi-VRF routing to facilitate multiple default routes on different routing domains.

·  Planning of datacenter redundancy for ecom environments and coordination with Akamai and VeriSign for external hosting services of corporate resources on the internet.

·  Design & setup of full internet routing table ecommerce setup with dual carrier redundancy, and PFR.

·  Migration of Datacenter core from Cisco 6500 VSS to Nexus 7k Vpc & Vpc+ environments.

·  Planning and testing of Overlay transport virtualization for Datacenter Interconnection on Nexus platform

·  Testing of next generation SDN networking , intelligent WAN and flow analytics tools

·  Was an Active member of Cisco iWAN solution development customer adoption team

·  Implementation of Palo alto firewalls in stand-alone, vwire, active/passive & active/active modes

·  Setup of Central Panorama console to manage Palo Alto firewalls 3020,3050,5020 & VM-200 models

·  Setup of high throughput 10G supporting ASA 5585x series firewalls in HA mode for core PCI segment.

·  Setting up of Zone based firewall on Cisco ISR G2's & configuration of FWSM on core 6500 series

·  Design of plug and play executive wireless kits running of DMVPN infrastructure for mobility

·  Planning and deployment of F5 GTM's for enterprise wide URL load balancing on geo location basis.

·  Analysis of business traffic to fine tune and harden the firewalls to segment the card holder data.

·  Integration of Network environment into Cisco Prime for management and compliance tools

·  Analysis of firewall rules on the Q-Radar and implementing the lock down of rules.

·  Analysis of logs in IBM Q-Radar SIEM to strategize the lockdown the firewalls.

·  Setup of locally and centrally switched wireless segments at stores across the cloud.

·  Testing of firewall compliance tools like Tufin, Arc sight, Cisco Prime tools.

·  Documentation of store deployment templates with routing, zone based configuration

·  Managing and pushing configurations through Cisco Prime for large scale global deployments.

·  Troubleshooting the load balancing issues related to cisco ACE environment in production.

·  Troubleshooting escalated operational issues on various segments of WAN and datacenter infrastructure.

·  Setup and configuration of on the go training kits with certificate based authentication & DMVPN.

·  Coordinating with other infrastructure and application teams as part of the architecture review meetings.

·  Participation in budget forecasting meetings for capital and operational expenditure planning.

·  Documentation of architectures, migration or new deployment plans and run books for vendor roll outs.

·  Planning of high availability, Disaster Recovery and out of band management access of infrastructure.

 

   

   

 

     Becton Dickinson                    Dec 2012-Mar 2013

     Location                                    NJ

     Role                                          Network Architecture Consultant.

     Team                                         Global Network Design & Architecture

 

     Profile:

 

·  Design ,deployment and maintenance of enterprise network QOS over AT&T MPLS

·  Design of Class of service and DSCP marking framework for all global data centers

·  Deployment of packet shapers on the datacenter for ingress and egress traffic

·  Design of QOS policy for CPE routers at remote and hub data centers for classification

·  Implementation of QOS policy and bandwidth shaping and marking on router, packet shaper , proxy

·  Planning of legacy to contemporary platform migrations to implement VLAN-VRF alignment

 

   Delphi                                      Jan 2012 - Nov Dec 12

    Location                                   FL

    Role                                          Network Lead

    Team                                        Network Planning & Operations

  

    Profile:

 

·  Design ,deployment and maintenance of enterprise networks and datacenters

·  Setting up WAN routers using BGP , OSPF,EIGRP protocols and in also in MPLS environments

·  Migration planning of core from legacy Nortel to the Nexus environment and implementation

·  Design of load balancing options for hosted infrastructure with Radware , Cisco , F5

·  Configuring Checkpoint R75 firewalls for policies , VPN tunnels and URL filtering

·  Configuring Cisco ASA site to site VPN's and client to site VPN's for remote connectivity

·  Migration of Juniper SRX firewalls for isolation of network segments and VPN's

·  Migration of Juniper net screen firewalls to ASA and PaloAlto firewalls in phases.

·  Configuring and migrating to Palo-alto firewalls from existing old firewalls for better apps

·  Design and deployment of DMVPN, SSL VPN's and QoS for voice applications.

·  Attending change review meetings and planning scheduled changes for network Infra

·  Migration of old LAN architectures to new redundant and high bandwidth mechanisms

·  Deployment of Cisco 6500 switches in standalone and VSS modes with SSO and NSF

·  Configurations of Cisco Nexus 7k ,5k and 2k(fex) in core data center environment

·  Reviewing incident and problem management logs and alerts for vulnerability closures

·  Deployment of Bluecoat proxies in distributed architecture through central Director console

·  Management of application traffic using Bluecoat packet shapers for performance tuning

·  Management of Cisco Wireless access points and Wireless access controllers for users.

·  Setup and management of Tipping point Intrusion prevention systems at aggregation points

·  Evaluation of Data leak prevention DLP mechanisms using web-sense , Bluecoat etc

·  Startup reviews of new or migrating infrastructure deployments with vendors and clients

·  Implementation of hosted infrastructure on internet and intranet for enterprise wide segment

·  Multi-tier and Multi-layer network architecture implementations in datacenters /NOC

·  Bringing up proposals for various architectures with cost modeling for various initiatives

·  Leading team for design, build and maintenance of network deployments enterprise wide

·  Migration of LAN/WAN architectures to latest environments replacing obsolete devices

·  Lead the team in the ISO and quality audits of IT network infrastructure and analytics

 

 

     Agilent                                     Nov 2009 - Dec 2011

     Location                                  India

     Role                                         Network Lead

     Team:                                     Network Services

 

     Profile:

 

·  Network planning for Wide area networks and datacenter infrastructure

·  Design and deployment of enterprise wide network infrastructure

·  Setting up of WAN using Cisco 3600,7200,ASR and Juniper routers with OSPF,BGP etc

·  Setting up of T1's and other MPLS circuits for enterprise networks

·  Migration of point to point links to MPLS network for better operations.

·  Deployment of datacenter LAN using Cisco Nexus 7k, 5k, 2k switches

·  Set up of distributed core LAN using Cisco 6500 series switches

·  Configuring the core Cisco 6500 with SSO and non-stop forwarding for high availability

·  Configuration and maintenance of Cisco ASA firewalls for network isolation policies

·  Setting up of IPSec site to site and remote access VPN's for enterprise users

·  Configuration of Cisco ASA firewalls in multiple context mode and failover mode

·  Configuration and set up of Juniper SRX firewalls for policy mgmt and VPN's

·  Deployment of Checkpoint firewalls on secure platforms for server DMZ

·  Maintenance of Juniper net screen firewalls for network isolation from base LAN

·  Maintenance of bluecoat proxies with web filters and traffic forwarding

·  Configuration of F5 Big IP load balancer for application performance tuning

·  Deployment of Cisco ACE application load balancer for hosted infrastructure

·  Configuration of Radware link load balancer and App Director for DMZ segment

·  Migration of LAN from standard STP to RSTP and PVST+ for faster convergence

·  Setup of wireless LAN with Air tight Access points ,sensors and Cisco controllers

·  Planning and setup of disaster recovery sites for datacenter infrastructure locally and globally.

·  Risk mitigation and Business continuity planning for high availability of service.

·  Network Access control for LAN users through Cisco CAM/CAS mechanism

·  Setting up of DMVPN's for multiple remote site connectivity and GRE tunnels for routing protocols.

·  Maintenance of TACACS+ server through Cisco ACS server for AAA services

·  Review of Snort IDS and Tipping Point IPS logs for vulnerability assessment

·  Review of security signatures and tracking the false positives for IDS/IPS generated alerts.

·  Monitoring of network using HP Open view , WhatsupGold , MRTG tools

·  Analysis of traffic using net flow analyzer from the cache flow feeds from devices

·  Penetration tests for network devices hosted both on Intranet and Internet.

·  Compliance and vulnerability assessment of network infra segments

·  Deployment of ITIL frame work in network operations and management

·  Setup of Cisco/Avaya IP phones for IP telephony and multi network dialing

·  Coordinating with PBX vendors for trunks setup and PBX integration with Data network.

·  Network planning of very new structures and extended connectivity for stop gap arrangements

·  Creation of standard templates for regular day to day LAN/WAN/VPN deployments

 

   

 

 

 

 

    GE                               Oct 2006 - Nov 2009

    Role                            Network Leader

     Location                     India 

     Team                          Global operations

     Achievements            Gem Award’s, outstanding operational excellence award.

 

     Profile:

 

·               Design, Migrate & operate various business sites across India, ASPAC, EMEA, Americas & Brazil setting up Datacenters, contact centers & business hub’s.

·               Migration of IPLC & Frame Relay circuits onto Customer-Service Provider MPLS clouds by integrating geographically diverse environments , these WAN setups are  supported by routing protocols BGP, OSPF , EIGRP , MGRE  etc.

·               Setting up of isolated business segments at various sites using higher availability architecture & providing secured access.

·               Deployment of multi-vendor hardware’s across the development centers, Switches ranging from Cisco, Avaya, Nortel & Procurve. Firewall & VPN setups with Cisco ASA, Juniper Netscreen, Checkpoint & Fortigate devices.

·               Tested and deployed network sizing & shaping hardware’s, Radware & Packeteer etc.

·               Evaluated, tested and deployed bluecoat proxy and web filters for global deployments.

·               Deployment of network monitoring & intrusion & access control setups with various software & appliance like HP-Openview, WhatsupGold, Opmanager, MRTG, Packet shaper, Radware ,Snort-NIDS, Tipping point IPS

·               Design of proprietary global voice solutions & Contact Centers for businesses in coordination with service providers & innovative collaboration techniques for cost effective solutions.

·               Design & defining the work flows for wireless security environments & setting up internet kiosks.

·               Deployment of fiber networks & coordination with service providers for provisioning of scalable multiplexers across organizational segments.

·               Project Management of Phased migrations across the geographically spread locations.

·               Deployment of ITIL framework in global operations & Expense Management inclusive of procurement of network devices & services.

·               Business Continuity Planning & Team Management.

·               Participating in recruitment drives for infrastructure teams & junior associates.

·               Coordinating with CIO & CTO teams of the organizations & service providers.

·               Lead the network team for network compliance as per the businesses guidelines

·               Lead the network operations team which participated in SAS 70 Type I & Type II, ISO 27001, ISO 20000 audits & integrated Quality Management Systems.

·               Acting as a reviewer of hosted documentation in the areas of network & telecommunications on knowledge development & content management portals.

·               Problem Management & Design development of certain IT infrastructure projects in coordination with members.

·               Causal analysis of IDS logs , final vulnerability and risk analysis reporting

·               Developed best practice procedures for global deployments for toll gate clearances of infrastructure

·               Physical and logical access controls and periodic reconciliation

·               Disaster recovery mechanism and risk mitigation drills

·               Coordinating with application security teams for NIDS alert justification and closures.

 

 

   

 

     Techvoyant            Aug 2005 – Oct 2006

     Location                  India

     Role                         Network Engineer & Technology Analyst

     Achievements         Best performer award.

 

    Profile:             

 

·  WAN design & implementation including VPN set up for remote sites and remote users.

·  Has been in the team in system integration part of DTDC data center.

·  Designed WAN network for other global locations using OSPF , BGP and MPLS

·  Worked on simulators & Network Load Performance analytics

·  Worked on Virtualization technologies like Vmware workstation, Esx server, Virtual center etc.

·  Was part of Network Operations Center team which had a spanning across 37 nations

·  Has designed software based SIP servers’ infrastructure from ININ & BEA.

·  Has designed & implemented WAN & VPN for global locations with HP-Procurve network devices.

·  Has been active participant in several other LAN migration projects and wifi projects

·  Case study on Alcatel switch interoperability with HP NNM and HP procurve network equipment.

 

 

 

    Gemini Comm.'s   Feb 2005 – Aug 2005

     Location                India

     Role                        Network Engineer – Pre-sales: Network Care/Wireless/Telecom

 

Profile:

·  Pre-Wimax design & solution for Telcos like VSNL (TCL), Bharti-Airtel & BSNL.

·  Network Testing Solutions for Enterprises & Service Providers with certification tools like DTX series, Wireless Network Testing tools, OTDR’s Intellitone, Optiview & INA etc.

·  Planning & setting up Wireless last mile solutions  , non line of sight based wireless broadband internet solutions

·  Spread spectrum(2.4GHZ & 5.7 GHZ) based outdoor solutions on Wi-Fi & backhaul for microwave communications

·  Optical Networking using free space Optics & Optimux etc.

·  Wi-Fi setup for enterprises using Cisco, Netgear & Linksys Wireless devices

 

 

 

     Ivector Tech          Jan 2004 – Jan 2005

     Location                 India

     Role                        Network Engineer

     Profile:

·  Setting up LAN , internet routers , Linux firewalls , wireless setup on Linux devices.

·  Monitoring of  network links , configuring DSL modems , ISDN links.

·  Configuring L2 , L3 Vlans , VTP domains.

·  Documentation of LAN diagrams , rack equipment and servers

·  Cabling plan for the datacenter and remote office networks.