Senior Network Engineer CCIE R&S (#61878)
Saudi Aramco Total Refining And Petrochemical Company - Satorp
Total years of experience :18 years, 2 Months
Responsible for network high-level and detailed design, implementation, operations, troubleshooting and issue resolution.
• Testing for Network Vulnerabilities: work with larger information security team to evaluate, test, and troubleshoot technologies. Identify, diagnose, and resolve information security issues.
• Prepare Reports: based on findings, write comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement.
• Handle the provisioning, deployment, configuration, and administration of different pieces of network and security-related hardware and software. These include
o Cisco Prime Infrastructure (Cisco LAN Monitoring System LMS), used to monitor all switches and routers in SATORP environment and collect configuration back-ups and archives.
o ALGOSEC for Firewall rules analysis and optimization
o SMA (Cisco Security Management Appliance) for Administration & reporting.
o Administration of Cisco routers & (2960, 4500, 6500, 3759, IE-300) Nexus switches (9k, 7k, 5k, 2k)
o Firewalls (Cisco ASA, Juniper-Junos /Net screen)
o FireEye EX/NX
o IPS : Fortinet/Cisco Firepower
o Iron Port Email Gateway- Mail Relay
o Proxy-WSA
o F5-LTM/ASM
o Web Gateway- MacAfee
o Network Admission Control NAC Administration - Cisco ISE
o Cloud Service: Cisco Open DNS and Talos
o Administration of Wireless controller and Access points
o Administration of Firewall analyzer and optimization of firewall rules in every 6th Months
• Assisted other shops with troubleshooting their networks, security devices, operating systems, e-mail systems
• Performed security audits with full reporting delivered to customer based on application, system, security device, and snmp logs.
• Reviewed and modified access control lists (ACLs) on network switching and routing equipment as needed to maintain security standards
• Plan, implement and documented change of services including hardware replacement and enhancements.
• Lead in deploying new technologies to data center and branch offices including firewall, NAC, wireless and switching technologies.
• Provide knowledge transfer and informal training to clients
Primarily responsible for configuration management and overall operational readiness of Industrial and enterprise network, the job description includes:
• Implement and support complex network systems including routers, switches, load-balancers, security devices, Servers and wireless systems in a multivendor environment: Cisco, F5 LTM, Juniper SSG, Netscreen and SRX, Solarwinds, Barracuda, Foundry, IBM, Extreme networks, SonicWALL, Hirschman and Cascade.
• Identify, prescribe, and resolve common switched network media issues, configuration issues and hardware failures.
• Install, Replace different industrial end-point devices and Infrastructure devices to perform appropriately in an industrial setting to incorporate elements of bandwidth, real-time, precise timing, industrial topologies, network resiliency, Ruggedization, bandwidth, etc.
• Preparation of necessary documentation like SOPs, Diagrams, Configuration manuals to strengthen & Streamline day-to-day operations.
• Involved in various POC to test drive new Products/Technologies that would Value add to our Data Center Operations.
• Overall Management, Maintenance, Implementation of Bonfanti (SIPI), Bruckner (MMS CUT) servers.
• Undertaking routine preventative measures and to Ensure reliable back-ups of current configuration are being made.
• Continually update understanding of business and technology status and objectives and respond to strategic design requests as the business evolves.
Accomplishments
• Monitoring tools: Design, implementation, tuning and troubleshooting.
• Implementing Remote Access Solution: SSL VPN and IPSec/VPN migration project, design and implementation between several Sites.
• Configure and implement Layer 2 VLANs project to achieve a structured and low latency network, Utilize VLAN Spanning-Tree in conjunction with PVST+ for compatibility between Cisco and Juniper switches.
• Installed and Configured F5 BIG-IP LTM load balancer for Weblogic farm for SSL & SLB
• Configure and administrated OSPF routing with multiple areas for networks between sites. Implement OSPF Authentication between each OSPF enabled subnet, along with Creation & modification of access list, prefix-list & distribution lists, Route-map.
• Integrated static NAT/PAT to provide access to services located on a server in the private network to the public network. Implement standard and extended access-lists to filter network traffic.
Design Network Infrastructure with policies and procedure for Integration between SIPI(SQL server) and Oracle ERP.
Primarily responsible for configuration management and overall operational readiness of data network, the job description includes:
• Designing and deploying, configuring and testing the new and upgraded networks for fulfilling business objectives and processes
• Configuring Switches and Routers, Physical Media Feasibilities and Improvements, Network equipment’s replacement or upgrading.
• Configure, verify, and troubleshoot Routing Protocols (RIP, OSPF, and EIGRP).
• Configure and Manage Router redundancy (HSRP, VRRP) and Switching (STP, VLANS).
• Analyze and Test Primary and Backup connectivity for DXX, DSL, VSAT, I-Direct, Wimax, fiber optic And DVBRS
• Configure IP sec VPNs, GRE tunnels, GRE over IPSEC tunnels for secure connectivity of Branch offices to the Core sites on Cisco IOS, PIX Firewall, Cisco VPN Concentrator and Nortel Contivity in establishing Extranet Connectivity to clients
• Managing Firewalls for perimeter protection, Traffic filtering using IP-access list and state full firewall policies, IOS Firewall, Cryptography, AAA, Radius, TACACS+, , Cisco IDS, Cisco IPS,
• To coordinate & liaison with media service providers and vendors for commissioning of services.
• To coordinate with IT Centers and Retail Bank for the availability of pre-requisites required executing network projects.
• Configure LAN & WAN devices to ensure their smooth and reliable operation in line with business requirements and in compliance with bank’s corporate security policy.
• Monitoring the network traffic for branches, their WAN activities and usage proactively by using network management or monitoring tools such as MRTG, PRTG, and What’s Up Gold to ensure continued integrity and optimal network performance.
• Analyze and troubleshoot the day to day problems in networks and taking corrective measures to maximize the uptime of network sites.
Accomplishments
• Deployed M10i on WAN segment as an aggregate Router. Terminated different WAN backhauls of branches by configuring Logical Routers on M10i.
• Deployed ISG-1000 in High Availability mode in core segment and configured site-to-site VPNs.
• Designed and Configured Nexus 7000/5000/2000 in Top of Rack & End of Row Architecture for a Scalable Production Network that supports Rack & Blade server architecture in a Multi-Tenancy environment using vPC, VDC & VRF
• Designed and Implemented Nexus 7K/5K/2K and Catalyst 6500/4900/3750-X in a complex DC Core/Aggregation/Access layer on a 10G backbone in Production and DR Data Center
• Router replacement to Juniper SSG 20 at more than 450 branches along with inventory.
• Deployed multi-vendor core security devices in high availability mode in internet, extranet and core WAN segment at DR site, which provides network availability for country wide branches, partners and Middle east sites in case of primary site failure
• Deployment and configurations of PTCL DSL at more than 600 branches.
Aliening multiple venders for fiber deployment at more than 500 branches.
Visiting as Assistant Professor in the Division of Engineering and Computer Sciences at Govt College University Faisalabad.
• Cisco Technologies (Routing and switching)
Responsible for configuring Cisco 6260 DSLAM, PARADYNE HOTWIRE 8280 DSLAM, Siemens/Alcatel DSLAMs, Cisco ATM Switch and other DSL CPEs of Aztec, Speed Touch Alcatel, Paradyne, Zoom,
Configuration of Cisco 7206, 7204, 7301, 7609 series routers as BRAS with Gig Ethernet for PPPOE aggregation & Termination.
Configuration/Trouble shooting of MP-BGP and BGP Route Reflectors, Peer Groups, BGP routing policies, conditional advertisement.
Providing MPLS layer2/layer3 VPN services to the corporate customers of NTL, configuration of MPLS TE tunnels using RSVP.
Configure, verify, and troubleshoot core connectivity for IP/MPLS (VRF, VRF lite, VRF Aware Protocols, MPBGP, RSVP, LDP).
Providing enterprise Network solutions, managed services, pre sales meetings as according to the customer needs.
Acquired knowledge of the DSL standards and got in depth knowledge of TCP/IP, ATM, DSL, MPLS, and MPLS, VPN etc.
Responsible for handling operations of Data services and LAN/WAN networks. Work on LAN/WAN protocols especially ISIS, OSPF, and BPG4 Routing Protocols.
Configuring, monitoring, and troubleshooting technologies and protocols (OSPF, ISIS, BGP, and MPLS) implemented in the Nayatel (Metro Ethernet) core network.
Ensuring that all IT equipment complies with industry standards.
Completed with merit
I completed my Bsc with Hons
