Faizan Mahmood

• Team Leadership: Managed and led a team of 20+ network engineers.
• Infrastructure Management: Scaled, designed, and troubleshot infrastructure network designs, maintaining network and security posture as required.
• Data Center Operations: Managed and maintained two data centers in the US, supporting 40+ sites worldwide, 1000+ network devices, 35,000+ users, and 20+ global/regional network providers/carriers.
• Compliance and Security: Collaborated with the Information Security team to ensure compliance and security requirements.
• Project Planning and Implementation: Planned, designed, and implemented various infrastructure projects related to data centers, security enforcement, and client onboarding in the Ibex environment.
• Network Access Control (NAC): Planned and deployed NAC solutions to improve security posture and network segmentation.
• Migration Projects: Led the migration from traditional Cisco ASA to next-generation Firepower Threat Defense (FTD) and Firepower Management Center (FMC).
• Next-Generation Data Center: Built and migrated data center environments from classical to next-generation setups with a centralized control approach, application-centric design, network segmentation of east-west traffic, and BGP VXLAN implementation within and across data centers.

Worked as a contractual employee for six months to manage and deploy the projects of different sites of stewart branches. Further addition to that below are my roles and respnsiblities.

• Design, plan, implement, and manage SDWAN on 450 sites - Silverpeak and Meraki Environment
• Provide tier 3 troubleshooting support.
• Plan, design, and arrange network migration of new acquire offices across the States. Document processes.
• Managing the Operations of Nexus switches (7K/9K/5K/2K) in a Data center environment to ensure the seamless network operation.
• Managing Catalyst 4500-X series switches, optimizing their functionality to meet operational needs.
• Handling and configuring Firepower appliances (4100/5585-X) to enhance network security and threat prevention.
• Playing a pivotal role in maintaining and configuring Cisco Identity Services Engine (ISE) to enforce network access policies and security protocols.
• Managing and configuring the Citrix Load Balancer to ensure the load balancing across the application environment.
• Involved in the Coordination with different vendors for Data Center migration projects

• Design and implementation of routing/switching and security protocols.
• Respond promptly during outages and recommend solutions for performance issues.
• Maintain network security firewalls, Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets.
• Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities
• Oversees the performance of day-to-day networking tasks to ensure network reliability, availability and serviceability within minimal interruption.
• Oversees the configuration of firewall security settings to access permissions groups for individuals and sets up provisions for incoming data. Ensuring network security is in place to protect CHD/PCI environment.
• Oversees and participates in network technology upgrade or expansion projects, including installation of hardware, software and integration testing, as well as coordinating these activities without disturbing function of other systems.
• Develops and produces documentation for installation, network topology, and troubleshooting of communications hardware or software.
• Participate on Service Restoration Teams when critical problems arise - 24x7x365
• Manage and support all network related services and systems including: L2/L3 routing, switching, firewalls, IDS, VPN, user remote access, AWS Cloud, and a variety of monitoring, management and notification systems.
• Manage multi-vendor and multi-protocol networks MPLS/VPN/Telco/Integrations
• Conduct high-level and low-level designs for network operations and network infrastructure projects and manage data center infrastructure changes.

Providing Technical support and troubleshoot different client’s issues. Making required changes on client’s Network as per request. Managing network of 3 Data Centers, 30+ sites worldwide and 1200+ network devices.

• Creating ACLs, NAT/PAT, Route-Maps, IP SLA, Site to Site VPNs, VLANS, HSRP, STACKING for IBEX and Client Network as per requirement.
• Hands on experience on Cisco ASR-1000s/ISR-4000s/7200,3900,3800,2800
• Hands on experience on Cisco Switches Nexus7k, Nexus 3k 6500, 4500, 4000, 3750, 3500, 2900, 2960x, 3850x series.
• Creating Policies, Custom-Categories, URL Filtering and adding/removing URLs from local categories on Palo Alto 200/3020/3050/5050 and Fortigate 800C/600C/100D and Cisco ASA 5510, 5515, 5525x , FTDs
• Design and implementation of routing protocols such as EIGRP, OSPF and BGP.
• Monitoring network, logs and alerts on Solarwinds/Netflow (NPM, NCM, VNQM, NTA, and Netpath) for 1200+ network devices with advance alert configuration/additional pollers/SLX licenses. Kiwi sylog for syslog alerts. Ping Plotter for route change detections
• Escalation to domestic/internal carriers in case of any issues on MPLS/Internet/IPLC circuits. Taking care of global peering with IPs.
• Managing/configuring and provisioning of wireless Forti APs with Fortigate Wireless controller for enterprise wide wifi management

Being the part of Mulinet in Managed IP services i have the following responsibilities.

• Provide 2nd level of support to internal/external customers
• Installation, configuration, and maintenance of Routers, Switches and Firewalls.
• Identified, diagnosed, and resolved network related issues.
• Oversaw administration of Local, Wide and Metropolitan Area Networks (LAN, WAN, MAN).
• Assisted field Engineers to deploy, troubleshoot and maintained the highest quality of service to all clients.
• Configure, Managed and Maintain Different Firewalls (Fortinet, Barracuda, Sangfor) at different customer premises.
• Configuration of L3 and L2 MPLS VPN for the different customers.
• Communicated effectively in both technical and non-technical terms to customers and other staff.
• Created and maintained comprehensive documentation of all the implemented networks.
• Conducted meetings with customers for network related solutions / suggestion.
• Technical proposals and custom solution design for new projects, tenders and customers.
• Provide Support and Troubleshoot all aspects of core infra including layer 2 switching, L2 & L3
MPLS networks, IP routing such as BGP, OSPF & ISIS architectures.

Being a Part Of Techaccess I have following responsibilities
• Configured and Deployed F5 LTMs (2000s, 5000s, 5050s) for the Jazz Tibco-Siebel Application systems, Biometric verification system and Jazz Ecare system. Provide support for all configured services on F5, insured the system performance and system health.
• Provide the Support for the Cisco Nexus 5548 and insured its connectivity with the Jazz external network and Siebel Application systems.
• Configured and Deployed Oracle ES1-24 Switch for the Bank of Punjab and MCB-IB bank Oracle Flex cube applications system. Integrate the network with its existing network. Provide the support for the deployed switches and insured its performance.
• Performed the deployment of Huawei S12708 Agile switch in HEC-Lahore and provide the support for all its configured services.
• Deployed the whole Huawei Wireless solution (AR1220-E and AP4030-DN) for the PSCA Qurban Line building.
• Provide the On call support for Huawei S2700s switches deployed in PMA (Punjab Metro Bus Authority). And insured its connectivity of switches with IP cameras and PMA core network.
• Deployed and configured the whole Cisco Solution (Router 2921, firewall 5525-x with Firepower services, 2960 & 3650 access switches and wireless solution 2504 controller & 1832 access points) in Jinnah Burn Reconstructive and Surgical Center. Also provide the on call support for this project.
• Prepared the Technical Proposal for the different upcoming projects and compile the High Level Design (HLD) Low Level Design (LLD) for the deployed projects.