Master of Computer Engineering - Artificial Intelligence 1998
CCIE x 2 (#19811) ( R/S , Security) (2008,2011)
15+ years of progressive experience
|PSP Investment||Nov 2018 – Date|
|Sr. Network/Security Consultant
-Working on a Cisco ISE version 2.6 project.
-Worked on a URL Filtering Project on Checkpoint firewall.
-Worked on a Cisco Umbrella projects and its integration with Cisco AnyConnect.
-Working on a micro-segmentation project with VMWare NSX-T.
Cisco AnyConnect, Checkpoint, Cisco ASA X 55xx, Cisco ACS, Cisco ISE, NetScaler, VMWare NSX-T, Cisco WLC, Cisco ACI and Switching.
|VIA Rail Canada||Oct 2017 – Oct 2018|
|Sr. Network/Security Consultant
Designed and implemented the new VPN solution for users and partners
· Cisco AnyConnect with SSL certificates
· Planning the deployment of the AnyConnect Client with the deployment team.
Planning the migration from Cisco ACS to Cisco ISE: Licensing, features, Service Nodes and migration plan.
Worked with a lot of security features like VPN, identity management, firewall rules, NGFW features, adding and editing App IDs, upgrading firewalls on active/standby mode... on Palo Alto firewalls by using Panorama for centralized management.
Proposed and deployed a new QoS for the WAN to avoid latency and drops for critical applications.
Acting as a subject matter expert for the network team. Troubleshooting of complex networking problems.
Cisco AnyConnect, OSPF, Palo Alto, Panorama, Cisco ASA X 55xx, Cisco ACS, Cisco ISE, Cisco Switching, F5, Meraki.
|Business Development Bank of Canada||Nov 2016 – Sep 2017|
Working on a large security project nationwide, Implemented Cisco ISE version 2.1 in a large distributed deployment, Implemented and enhanced wireless solutions using Cisco WLC 5500 series, Implemented Cisco Prime Infrastructure to manage and monitor large number of networking devices and gained experience on checkpoint firewalls.
Cisco ISE, Cisco ASA 5585, Cisco WLC 55xx, Cisco Prime Infrastructure, Cisco Switching, Checkpoint
|Ericsson||Aug 2016 – Nov 2016|
|Senior Network Engineer
As a member of Montreal network team, worked on a large Juniper-based network, got involved in a very large migration from extreme switches to juniper switches, Involved in implementing MPLS network in one of the largest data centers in North America in Montreal, Gained experience on Juniper EX, MX Switches and routers, managed SRX 3400 series firewalls by implementing firewall policies, Filter-Based-Forwarding (FBF), VPN Servers, Failover, . . . as an operation work.
|Bell Canada||Oct 2015 – Jul 2016|
|Cisco ISE Consultant
Involved with some Cisco ISE projects, in one of projects implemented a large ISE deployment. In this project ISE was used to implement security policies for different users and groups of wireless clients in an Active Directory forest consisting 8 different domains across New Brunswick. Distributed deployment of ISE considered in this design and 12 ISEs installed, serving in different Administration, Monitoring and Policy Service Node roles, Certificates were used for computer authentication in each domain, Guest portals and sponsor guest portals were used to give restricted guest access. ISE version 1.4 with 5760 wireless LAN controllers was used to implement all authentication and authorization policies and after implementation, the deployment was upgraded to ISE version 2.0 to take advantages of TACACS. I was responsible for design and implementation of all parts of this project.
Cisco ISE, Cisco WLC 5760, Cisco ASA 55xx
|Asre Shabakeh||2001 – July 2015|
|Sr. Network Security Engineer
A leading Networking company providing Design, Implementation, Maintenance and Training in network and related technologies and security/voice consulting.
-Offered Consultancy services for many small to large scale companies.
-Implemented various security features including Active/Active Failover using ASA 5500 and 5500-X series on different platforms(5515-X,55125-X,5545-X5555-x and 5585-X).
-Extensive hands on experience with routing protocols including OSPF, EIGRP, BGP, Policy Routing.
-Implemented IPsec, Dynamic VTI, Static VTI, DMVPN, SSL VPN, and GRE over IPsec on IOS and ASA, AAA using ACS.
-Designed, Implemented 802.1x Security solution for clients in large scale Using Cisco ISE.
-Implemented and tuned IPS 4200 and Cisco FirePOWER 8000 series.
-Implemented MPLS VPN.
-Worked with Nexus 5k and 7k Switches and Assisted in deployment of MST in Service providers on large scale.
-Working in a Service Provider network, encountered many Layer 3 & Layer 2 challenges and dealt with various technologies in large scale.
-Worked as a part of Asre Shabakeh Advanced Services team present at client site providing help and consultation to client engineers with their day to day activities, issues, and questions and providing on the job training.
-Worked with many IP performance, routing, High Availability, F5 Load Balancer issues in Service Provider networks.
-Implemented Wireless using WLC, Aironet access points, WLSE, worked with WLC, Cisco Prime Infrastructure and Cisco Works for centralized LAN management and CSM for centralized security management.
-Worked with BGP and backbone routing at ISP Level.
-Present at Client’s site and solving architectural issues and translating high-level requirements into technical proposals.
|Mojtame Fanni Tehran||April 1995 – April 2001|
One of The largest IT Companies in Iran with more than 1000 employees.
-Installed, configured and troubleshoot Novel Netware, Windows NT networks. Configured low end Cisco routers, 1600/1700/2600 Series.
-I got certified as MCSE (NT/2000), MCDBA during this period.
-Enhancing, Implementing, administering the company campus LAN and WAN which spans over 3 locations in Tehran and 25 locations across the country.
|EDUCATION AND PROFESSIONAL DEVELOPMENT|
|Cisco||CCNA (Cisco Certified Network Associate)
CCNP (Cisco Certified Network Professional)
CCIE (R&S #19811)
|Microsoft||MCSE (Microsoft Certified System Engineer) NT4/2000
MCDBA (Microsoft Certified Database Administrator)
|Azad University||Computer Engineering (AI)||1998|
|Shiraz University||Computer Engineering||1995|