Syed Farrukh Mustafa

Farrukh Mustafa -, Resident of Long Beach, CA 90814 - Web: www.linkedin.com/in/farrukhmustafa Professional Profile Resourceful, energetic, go-getter and result-oriented professional with 15+ years of hands on multinational FMCG IT & Sales (hybrid) experience with solid understanding of a diverse range of Business Applications. Substantially worked and delivered on complex projects / solutions in Retail/ E-Commerce, Energy, Supply Chain /fleet management etc. Streamlined service management operations to boost efficiency and cut costs. Develops and inspires Off shore and on-shore teams to success, applies an analytical and data-driven approach to solve complex problems, and cultivates trusted relationships with key stakeholders Specialties Transformational Leadership Field Operations Sales & Distribution Business Systems Analysis Client Relationship Management Requirement Elicitation Sales Operations Feasibility Study & Risk Analysis Process Re-Engineering ITIL 4 (Courses completed) Training Development & Delivery Documentation Development Teaching & Coaching Team Management & Development Event Management Cross-Functional Collaboration Change Management Network/ Hardware Reporting & Analytics Data Integration Experience Independent IT Field Engineer at Fieldnation.com Nov 2019 – Present Completed more than 270+ jobs achieving 5 Star rating with more than 95 Clients working in different states within US with embedded systems, PC/Desktop Administration, Networking, Server Administration, Routers and switches troubleshooting, POS, IP security cameras, Retail Service Desk, Asset management, Field Tech support, and still pursuing other evolving tech solution in a fast pace tech realm FOR details please have a look at my profiles here : https://app.fieldnation.com/p/492580 https://app.fieldnation.com/p/486624 United Group, Pakistan Jan 2019 to Sep 2019 Sr Network Engineer Migration of Palo Alto firewalls from Cisco ASA 5585 and Juniper SRX 3600 & NetScreen 5400. PANDB migration and code upgrades for Palo Alto Firewalls. Redesigned the LAN & WAN network from a flat network to a tiered structure (STP, VTP, and 802.1q, HSRP, EIGRP and BGP). Switching in Campus and Data center environments using Cisco, Juniper, HP, Dell, Arista and Extreme networks Routing experience on Cisco, Juniper and Arista routers in Distribution, Core, WAN and Internet connectivity. Experience with Network Automation, Firewall Migration (FTD, FMC) and experience with configuring onsite to cloud connectivity using AWS. Integrating Panorama with Palo alto firewalls, managing multiple Palo Alto firewalls using Panorama Palo Alto App ID migration from the legacy-based port rules for PA 5060, 7050 Implementation, configuration and deployment of Active directory, IIS, DNS, DHCP, WINS, ISA, VMWARE , WSUS and windows Exchange 2003/07 server on server site. Installing, troubleshooting and supporting Windows 2003 server administration and Active Directory. Knowledge in AWS Federation/IAM. Privileged and access management using AWS and Microsoft Azure. Implemented site to site VPN on Cisco Meraki MX64, MX65, MC84, and MX400. Responsible for creating NIP, HLD+LLD for University wide-projects Over trapped converts SNMP traps into an NNM standard packet. SNMP MIB Browser was the web tool of the SNMP utility to get the MIB variables. Performed migration from Cisco ASA 5505 to Palo Alto Firewall PA-200. Performed network administration tasks such as creation and management of VLANs, port security, trunking, RPVST+, Inter-VLAN routing and LAN security. Upgrade of Juniper firewalls and management servers from SRX 3750 to SRX 6509. Implemented port aggregation& link negotiation using LACP and PAGP Provide Tier 4 level technical support for network, including root cause analysis and permanent resolution where applicable Performed migration of security appliance from ASA 5510 to Palo Alto security device. Experience in negotiating VPN tunnels using MPLS standards, configuring and implementation of site-to-site VPN and Remote VPN Configured and worked on Juniper MX240 and MX40 router, and optimized network for application delivery in virtualized network environment. Provide technical expertise and support of network devices and security peripherals including Cisco routers and switches Support Cisco ASA 5520 firewall and F5 load balancers. Router disaster recovery from crashes, checking logs to locate the reason for crash and verifying the hardware or software issues on production routers Extensive implementation of firewall rules on Juniper SRX 3600, SRX 650 and SRX 220 on a daily basis, using SPACE as well as CLI when needed. Responsible for ensuring network designs maintain high availability standards, while aligning with industry best practices, and maintaining cost effective operation Implement LAN/WAN technologies in support of a data center implementation Experience in negotiating VPN tunnels using IPsec encryption standards, configuring and implementation of site-to-site VPN and Remote VPN Experience in configuring & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, and BGP and also configured IP access filter policies for restricted access Involved in design, implementation and configuration of HSRP for load balancing on L3 switches on different location of office on the switched network. Configured PVSTP+ for loop prevention and VTP for Inter VLAN Routing. Managed various teams involved in site surveys, cabling specifications, network installation and configuration Engro Foods Limited, Pakistan June 2014 to Dec 2018 Network Security Engineer Participated in Installation, configuration and troubleshooting of checkpoint, Palo Alto & Juniper firewall Participated in developing and implementing new security policies and configuration, to maintain of existing systems. Good understanding of F5 products and technology (LTM, SSL offloading) Upgraded Showtime content network with Arista switches. Configuration and implementation of Arista 7504 & 7280 in Spine-leaf architecture. Increased traffic load support by building out Internet Gateway Architectures in key locations; developed complex designs to ensure high availability, load balancing, traffic sharing, dynamic routing, and fail over Managed LAN & WAN and Bluecoat proxy servers. Black listing and White listing of web URL on BlueCoat Proxy servers. Adding Websites to the URL filtering blocklist in Bluecoat Proxies and upgrading firmware on the bluecoat proxies. Contribute to the vision, strategy, and drive execution for integrated security controls across Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS) and Infrastructure-as-a-Service (IaaS) and for Millennium’s and Amazon Web Services (AWS) efforts. Participated in a team responsible for the seamless transition of operational support for security devices prior to the CLIENT/VENDOR network split. Implemented and configured 21 Smarts domain manager, muti domain manager, with logs manager for checkpoint SMART-I 3050, 3051 modules. Designed and Implemented Checkpoint R75.40 Secure Platform 77.20 Gaia with total 560+firewalls, Cisco ASA 5540, 5580 and VSX, Juniper SRX 3600,650,240 600+ as per the business requirements. Build and configured, migrate physical checkpoint firewall to VXS cluster configuration. Implemented new rules, policies, policy issue and tuning on Checkpoint Gaia Versions 70.30, 77.20,R75.40, R65 on the existing firewalls for a server refresh project and decommissioning of unused rules per user needs Hands on experience in implementation and deploying BIG-IP F5 LTM for load balancing and network traffic management for business applications. Upgraded Checkpoint firewalls and management servers from Splat R75.40 to Gaia R77.20 & R70.30 with MDS, MLM and Provider 1 infrastructure globally. Implemented checkpoint log server module i.e Smarts log, reporter, monitor, tracker etc. Established IPSec VPN tunnels between external vendor firewalls and corporate perimeter firewalls using Checkpoint and Cisco ASA 5500 Platform. Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls (110+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series. Configured Palo Alto Firewall for outbound SSL decryption with URL filtering. Migration of Palo Alto firewalls from Cisco ASA 5585 and Juniper SRX 3600 & NetScreen 5400. PANDB migration and code upgrades for Palo Alto Firewalls. Migration checkpoint firewall with Palo Alto with configuration and policy vice versa Integrated gigamon HC series appliance with checkpoint and Palo Alto firewall Migrated cross-platform firewall with policy and configuration so network expansion will be easy. Experience in multiple security areas such as firewall policy implementation, Data Loss Prevention (DLP),intrusion detection / prevention, threat and vulnerability assessment, event management (SIEM tools) Splunk, ArcSight, Source fire,and NetScout forensics and security incident response Implemented Data protections & Privacy regulations using SIEM application. Prior experience in monitoring security systems and reviewing logs for vulnerabilities Working on R80 & PAN OS 7 in UAT setup as deployment is planned for early next year. Modern Trade, Dabur, Pakistan Aug-2011 to May-2014 Network Support Engineer Responsible for the System and Network Management for more than 4000 local and remote system and network devices including design, implementation and 24x7 support Researched, designed and replaced aging Cisco IOS firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection. Extensive knowledge of optical transport technologies, particularly OTN, DWDM, ROADM, TOADM and Ethernet. Performed site refreshes on Cisco switching and Avaya infrastructure at several locations. Configure and update network devices (ARISTA 7010T, 7150S, 7280r, Raritan KVM switches, Talari T860, Cisco 2960 x series, Nexus 7K, ISR 4400, Cisco Catalyst 3400/3600/3800 series) as customer requirement Decommissioning existing Meraki networks and license/network movement. Implementation of port forwarding rules on Meraki firewalls. Structured cabling termination and testing (Copper/Fiber)  Installed, terminated and tested Cat 3, Cat5, Cat5e, Cat6, Telco cable (25 pr, 50pr etc.), Coax and Fiber  Performed network closet construction (i.e.) racks, ladders, cable dressing etc.  Performed work in commercial, residential, hospital, underground, casino, new construction and remodels Report daily to Professional Manager and Project Manager on Operations and Maintenance. Implemented Micro-services using Azure platform build upon Spring Boot Services and created workflows on TeamCity for setting up automated pipelines for CI/CD with Azure. Configuring and Managing AP's and WLC's using Cisco Prime Infrastructure. Adding the Floor Planes to the AirMagnet and PlNCMng the Access Points in the appropriate location. Design and implementation of several Avaya deployment projects. Design, implement, and monitor re-design of corporate network with Cisco Meraki SD-WAN solution. Worked on the Versa SD-WAN solution, designed the test automation infrastructure for the entire suite of SD-WAN features. Worked on VPN configuration, routing, NAT, access-list, security contexts and failover in CISCO IOS firewalls. Experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 9K, 7K, 5K, 2K series, Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches. Expert in the configuration, implementation, of multiple Fortinet products, including fortigates, forti-analyzer, forti-manager, forti-authentication. Involved in Troubleshooting IP Addressing Issues and Updating IOS Images using TFTP. British American Tobacco Islamabad, Pakistan May-2007 to Aug-2011 Jr. Network Engineer Manage the daily activities of LAN, perform diagnostics, schedule preventative maintenance Responsible for installation, administration, and testing of network servers, hubs, routers etc. Experience in Cisco Routing and Switching using 3800, 4500, 5300, and 6500. Implemented various OSPF scenarios on networks consisting of 7600 routers. Troubleshooting the TCP/IP networks for connectivity, outages and slow network issues and recommended appropriate and cost-effective solutions for the congestion. Involved in troubleshooting of DNS, DHCP and other IP conflict problems Performed switching technology administration including Vlans, Inter-Vlan routing, port aggregation. Troubleshoot routing protocols EIGRP, OSPF and BGP. Configured and installed new IP addresses for new users by using IP Addressing and Sub netting Scheme. Performing the trace route to find out where the traffic is blocked by the firewall. Involved in the redistribution into OSPF on the core ASA firewall. Involved in troubleshooting network problems using Ping, Cisco CLI, tracert and telnet. Expertise in troubleshooting and configuring DNS, DHCP, TFTP, TELNET, SSH, FTP and NFS. Involved in all technical aspects of LAN and WAN projects including short and long term planning Experience with Remedy ticketing system in resolving tickets related to routing and Switching. Configured the Cisco router as IP Firewall and RSTP, MST and used VTP with 802.1q trunk encapsulation. Installation, Configuration and troubleshooting Cisco switches and Firewall on multi-mode context based environments. British American Tobacco Islamabad, Pakistan May-2005 to Aug-2007 Technical Support Installed, modified, and repaired computer hardware and software Diagnosed and configured computer networks, removed viruses, and recorded details of inquiries Created, worked tickets and document activities on all helpdesk interactions Reviewed project requests describing database user needs to estimate time and cost required to accomplish the project and stored all data in Microsoft Access Database System Reviewed procedures in database management system manuals for making database changes in order to build website and coordinated database development, and determined project scope and limitations British American Tobacco Islamabad, Pakistan April-1999 to April-2004 Data & Business Analyst Analyzed and developed business plans on retail data of 40,000 cigarette-selling outlets (Urban/ Rural). Provided constant end-user support in both software and hardware, both on site and remotely Achieved the award for "Best Coordinator of Record Management 2001" presented by CEO - PTC. Education Eduation MS., Management Sciences, 2016 – 2018 Research Thesis on IMPACT OF SOCIAL MEDIA ON CONSUMER BEHAVIOR. Riphah International University, Islamabad Pakistan. Master of Business Administration (M.B.A.), Management Information Systems/Marketing, 2000 - 2002 University of Sindh, Pakistan Bachelors, Computer Sciences, 1997 - 1999 Shah Abdul Latif University, Pakistan. Interests Travelling, hiking, bicycling, swimming, teaching, dining out with family & friends. Volunteering Experience Mentor at The Citizens Foundation https://www.tcf.org.pk/ March 2010 – September 2019 Mentoring under privileged kids in remote areas and giving them academic and career counseling. Organizations Couchsurfing.org https://www.couchsurfing.com/people/fmustafafamily ( Community Ambassador March 2012 to Present)