Arun Singh - Network & Security Architect
Arun Singh - Network & Security Architect
Email : arunrsingh@gmail.com | Mobile: +91 8010318409 | CybeArch.com | Skype: arunrsingh
Email : arunrsingh@gmail.com | Mobile: +91 8010318409 | CybeArch.com | Skype: arunrsingh
CORE COMPENTINCY
IT Infrastructure Management – Network & Security | Project Management | Regulatory Compliances | Disaster Recovery Management | Global IT Operations & Business Practices | Release & Change Management | Quality and Security Audits | Data Centre Management | DC Migration | Stakeholder Management | Process Optimization | Team Mentorship & Management | Budget Handling | BCP – Business Continuity | Monitoring | Digital Transformation | Solution Designing | Technical Presentation | Design & Estimation | Pre Sales | Costing
Cisco : CCIE R&S, CCIP, CCNP, CCDP, CCNA, CCDA
Azure : Azure Cloud Architect
HP : MASE, ASE, AIS, ASP, ASC
IIHT : A+, N+, S+
Microsoft : MCSE, MCP, MCSA, MCSA Exchange
SKILLS ( HANDS ON )
R&S : Cisco, HP, Arista, Brocade, Juniper, Extream,
SECURITY : Cisco asa, FIREPOWER, Checkpoint, Palo Alto, Fortinet, Juniper, Fortitocken
NAC : Cisco ISE, ForeScoute
CLOUD : Azure & GCP
PROXY : Biluecote, Forcpoint Proxy
IPS & IDS : Tipping Point, Checkpoint, Fortinet
LTM : F5 Big IP, Citrix Netscaler
WAF : F5 big IP ASM, FortiWeb
DNS : F5 GTM, Infobllox
IPAM : Infoblox
SDN & SDWAN : Cisco ACI, Cisco DNAC, Arista, Cisco Viptela, Versa, VeloCloud
SIEM : IBM Qrader, Managengin, Solarwinds
Monitoring : PRTG, Solarwinds, Managengin, Zabbix
· Information Security Policies: Implement Network perimeter security to comply with Information Security Policy of the
organization. This includes proposing the solution to CTO/CISO for approval and implementation.
· Access Control: Design and Implement ID based network access control methods for users to access resources on private
as well as public could. Access control methods include integrating edge devices with directory services running in the
network AD, LDAP, RADIUS. Also implement Remote Access control methods using different VPN technologies including SSL, IPSEC, PPTP and L2TP, with strong authentication using RSA secure IDs.
· Security Architecture and Design: Setup and manage a team of Presales Engineers to provide Technical and Architectural
Design solution to Enterprise customer accounts and put forward the Solution to Senior business and technology decision makers.
· Perimeter Security: Provide expert services to deploy, configure, harden and maintain edge devices that provide Firewall,
Intrusion Prevention System, Web and Application Filter, Gateway Anti-virus and Gateway Anti-spam.
· Vulnerability Assessment and Testing: Conduct vulnerability and penetration test for host, network and perimeter devices
and mitigate open vulnerabilities.
· Firewall, VPN: Provide expert assistance in Firewall, switches and router deployment and configuration, to secure network architecture and conduct advanced troubleshooting.
DC Migration | WAN Encryption | Monitoring Deployment
DC to DR Failover | Deploying DC firewall | SD WAN Deployment
Cisco ACI Deployment | IP Schema Design | DC and DR IP Migration
Fortinet as Third-party Firewall | Nexus 9500 as DC Spine Switch | Foritweb as Web app firewall
Fortinet as WAN Firewall | Nexus 9300 as DC Leaf Switches | FortiTocken for dual Auth
Checkpoint as Perimeter Firewall | Cisco APIC Servers | Forcepoint as Forward Proxy
Cisco firepower as DC firewall | Nexus 7K as Campus Core Distribution | FortiGatways as Branch SDWAN Routers
Palo Alto as Internal Firewall | DC Servers Micro segmentation |
Growth Path -> Sr. Network and Security Architect to Sr. Manager – Network and Telecommunication
· Designed and deployed entire banks network to meet the best network and security practice.
· Audited the entire network node by node, including 600 routers, switches with 20 multivendor firewalls.
· Proposed and implemented network, servers and application monitoring with PRTG.
· Executed the gap analysis between multiple DCs so all the services are available from all DC and at given time.
· Redesigned IP schema and lead the team to reconfigure the entire network from scratch with minimum downtime.
· Audited firewall, cleaned up more than 2500 unused policies and object groups, and performed policy hardening.
· Performed Firewall swapping and migration of the policies for better performance.
· Proposed & Deployed GET VPN for MPLS WAN encryption for all Branch and offices without any outage and downtime.
· Proposed OSPF clean up and summarization from 800 routes to less than 100 routes with new proposed IP schema.
· Migrated all the corporate users behind firewall and IPS from DC core.
· Designed the corporate, Vendors & Customer wireless access solution with cisco ACS, so user can have access level, based on AD and lobby admin authentication. The design included both local and centralised switching.
· Proposed and implemented dual factor authentication for all VPN users RSA and AD.
· Minimised the number of SSIDs using 802.1x authentication and provisioning of VLAN based on user authentication.
Projects
IP Migration for all branch offices and DC and DR location | Forescout NAC Deployment
WAN Encryption on MPLS connectivity using GETVPN technology | F5 GTM deployment for application failover to sec DC
F5 LTM deployment for server load balancing |
· Responsible for designing Network Solutions.
· Translating customer needs into functional design and preparing responses to RFP's & RFI's.
· Analysing Project drawings and Specifications to provide a cost effective solution.
· Analysing proposed solutions to identify gaps, strategic or financial impacts.
Projects
Ritz Carlton Hotel Doha Qatar | Gems Schools | Khalifa International Stadium
FIFA world cup Stadium | Sealine Beach Marwab Resort |
· Responsible for demerging AXELTA network from DUPOND network
· Deploying independent network globally including Branch & Head offices and datacentres in all 5 global region.
· Establishing new ISP links and MPLS and DMVPN and other VPN tunnelling between all the locations and DCs.
· Responsible for Network infrastructure for over 180 sites located globally.
• Managed Datacentre with Cisco ASR1000, NX7k, NX5K, NX2K and Cat 6500.
• Configured VDC, VRF, VPC, VSS, FEX, DMVPN and other data centre and enterprise core technologies.
• Configured BGP PE to CE for MPLS connectivity for more than 100 locations.
• Managed more than 1000 routers and switches across the globe.
· Prepared physical and logical design for the site migration and upcoming sites.
Growth Path: Joined as Sr. Network Engineer -> Sr. Solutions Architect
Responsibility as Sr. Solutions Architect:
Responsible for Technical Sales, Presales and Aftersales activity for Network based solutions.
Carry out wireless site survey using RF planner to provide the detailed information that addresses coverage, interference sources, equipment placement, and power considerations and wiring requirements.
Designed some state of the art technology like virtual switching, 40 and 100 Gig, FCOE using collapsed core.
Monitored overall team performance, making sure team is delivering as per the project goals.
Introduced new strategies which helped the team deliver effectively and learn new technologies.
Restructured the IT project team by assigning new roles and responsibilities.
Prepared company profile, prequalification and presentation for the project submittals
Obtained gold and preferred partnership with vendors like Cisco and HP
Introduced and standardized project costing and estimation format.
Implemented Remote site management and monitoring system for all the AMCs projects.
Implemented ISO standards for IT management and Network Designing.
Qatar Navigation Tower (52 Floor Office tower): Cisco 6500 Redundant Core and wireless network
Qatar Airways 4 star Hotel (IBMS Network)
Al Madaen Hotel (12 Floor hotel apartment ) Data & CCTV
Barwa Financial District ( 14 towers)
Garden 5 (200 Villa project)
Al Udeid Air Base Qatar - American Base Qatar:
Al Asmak – 10 remote site VPN
Doha New Airport – BMS Network
Halool Qatar Petroleum – Network Design
Aspire Zone – Digital Signage Network
Duty free Warehouse – Network Design
Heart Of Doha – Network Design
Diplomatic Compound – Network, Firewall
Dukhan Hospital – Network configuration
Silhouette tower (50 Floor hotel apartment tower
Responsibility as Sr. Network Engineer
Carried out Network Configuration, Troubleshooting, and Maintenance for multiple Enterprise level projects.
Deployed and provided maintenance for more than15 skyscrapers which included 10,000 to 15,000 points.
Hands on experience on Cisco 6500, 4500, 3700, HP 5400zl, 3600, 3800 and many other switches.
Configured protocols like VTP, VLANS, LACP, MSTP, RRPP, RSTP, GLBP, VRRP, HSRP, OSPF, BGP, EIGRP, MPLS, VRF etc.
Successfully deployed many wireless projects using Cisco and HP solutions and prepared RF report.
Configured converged network for multiple systems like Data, Voice, IPTV, CCTV, Wireless, and other ELV systems.
Implemented Disaster recovery, Asset management, Vendor management and Security policies.
Preparing technical documentation during project implementation for the management and for the clients.
Deployed IP network for 3,000 Honeywell Vindicators points for Army Base Qatar in a highly secured environment.
Built and Maintained PR with clients and ensured total customer satisfaction throughout the project.
Al Fardan Twin towers Qatar (40 floor office towers)
Regency Tower (35 floor hotel residency)
Beverly Hills Tower (35 floor hotel residency)
Doha Montessori Indian School – IP CCTV and Storage
Turkish Embassy - Network Design & configuration
Waqood Tower – Network Design
Anti-Doping Lab – Network, firewall, wireless, IPT
Algerian Embassy – Network Design & Configuration
Diplomatic Compound – Network, Firewall
Dukhan Hospital – Network configuration