Vladimir Network Engineer

Support (10.0 yr.), Information Security and Compliance Officer (10.0 yr.)

Summary

- Experienced network engineer with over 10 years of experience in the IT industry.
- Strong background in computer science and software engineering.
- Proficient in a wide range of network protocols and technologies, including IPv4/IPv6, GRE, IPSec, VPN, DMVPN, OSPF, BGP, and more.
- Skilled in network security, including firewalls, IDS/IPS, OpenSSL, and vulnerability scanners.
- Extensive experience in network architecture design and implementation, including high-level and low-level design.
- Proficient in network monitoring tools such as SolarWinds and Zabbix.
- Strong troubleshooting and analytical skills, with a keen attention to detail.

Note: The provided summary is a brief overview of the engineer's skills, experience, and achievements. It is recommended to tailor the summary to the specific job requirements and focus on the most relevant skills and experiences.

Work Experience

Network Solution Architect, Data Transmission Network

Duration: 04.2022 - Present
Summary:

Development and implementation of a new architectural solution for a data transmission network for one of the insurance companies
The purpose of this project was to create a data transmission network that meets the requirements of the customer, increase the level of fault tolerance, optimize the flow of traffic through the network, unite all branches of the company using fault-tolerant solutions, and modernize the network of the data center

Responsibilities: Identifying the customer's needs in the field of building network solutions, negotiating, correspondence, primary audit, removing the task from the customer. Developing options for the technical architecture of network solutions (High Level Design) and the choice of the implemented option, considering technical, price and political factors, protection of the chosen solution by the customer. Designing load balancing strategies for TCP-based services, distributing incoming connections efficiently across multiple servers. Managing SSL/TLS certificates for Stunnel, including obtaining, renewing, and revoking certificates as needed. Exploring UDP-based load balancing solutions to accommodate high-throughput applications while ensuring data integrity. Preparing technical and commercial proposals, formation of procurement specifications, assessment of labor costs for the selected solution option, work plan, management of a group of engineers in the implementation of prepared solutions. Implementing and configuring Stunnel to secure communication channels by adding SSL/TLS encryption to network services. Designing scalable and secure network architectures by integrating Docker containers into the overall infrastructure. Designing and developing secure cryptographic protocols for data in transit using OpenSSL libraries. Providing resolution of technical and technological conflicts between related design sections, ensuring acceptance of design results in accordance with regulatory documents. Participating in the formation of calendar plans for design, construction, installation, and commissioning. Implementing architectural supervision at all stages of the implementation of network projects. Preparing documentation for the pre-project stage, design assignments, technical assignments.
Technologies: High Level Design (HLD), Low Level Design (LLD), vSphere, OSPF, VLAN, VxLAN, IPSec, GRE, NAT, ACL, TCP/IP, UDP, VRRP, OpenSSL, WireShark, Stunnel, Firewall CheckPoint

Network Solution Architect/Lead Network Engineer, Network Architecture Optimization

Duration: 01.2021 - 04.2022
Summary:

Optimization of the network architecture, increasing the reliability and security of the network as well as improving network reliability and reducing downtime
The project aim is to address existing challenges, elevate the company's technological capabilities, and ensure a resilient network foundation to support the dynamic nature of trading activities

Responsibilities: Experience in leading the team. Leading the group of support and development of the data transmission network. Conducting regular team meetings to discuss progress. Improving network security by implementing 3-tier network design. Managing daily operations of a 300+ node, multi-network, multi-vendor. Designing and implementing SSL/TLS protocols for securing data in transit over the network. Automating network tasks and workflows through Docker integration to achieve greater efficiency and consistency. Developing key management strategies for symmetric and asymmetric encryption algorithms using OpenSSL.
Technologies: High Level Design (HLD), Low Level Design (LLD), EIGRP, VLAN, IPSec, GRE, NAT, ACL, VRRP, Zabbix, WireShark, L2/L3 switches, routers, firewall Cisco ASA, FPR, Stunnel, FMC, TCP/IP, UDP, Cisco Umbrella, Cisco AnyConnect, OpenSSL, Cisco ISE

Lead Network Engineer, Wi-Fi, LAN, and WAN Network Support and Development

Duration: 09.2019 - 09.2021
Summary:

Support and development of Wi-Fi, LAN, and WAN networks
Developed a project for the implementation and launch of a backup data center

Responsibilities: Experience in leading the team. Communicating with customers, teams and providers. Collecting and incorporating feedback from team members. Setting up access control and network security (Cisco ASA, Cisco FTD, Palo Alto). Managing daily operations of a 25000+ node, multi-network. Supporting LAN based on Cisco switches, routers, WLC. Experience with the Spanning-Tree Protocol (RSTP, PVST +, MST) and the ability to create a loop-free topology for the client's local network. Providing deep understanding of communication and routing protocols (BGP, OSPF, EIGRP), redundancy protocols (HSRP, VRRP). Containerizing network services for efficient deployment and scalability using Docker. Deploying and configuring OpenSSL to enable secure communication over the network by implementing SSL/TLS protocols in network services. Optimizing Stunnel configurations to ensure minimal impact on network performance while maintaining a high level of security. Managing Cisco Architectural Support Specialist with extensive technical expertise supporting Cisco Switching, Cisco Routing, Cisco Datacenter - ACI Technologies, Cisco ISE, SolarWinds monitoring tools. Diagnosing and resolving issues related to TCP and UDP connectivity, addressing packet loss, latency, and congestion concerns. Managing digital certificates used for TLS encryption, including procurement, installation, and renewal. Organizing communication channels for new branches, ATMs. Reviewing and editing technical documentation for clarity and accuracy.
Technologies: OSPF, BGP, EIGRP, VLAN, IPSec, GRE, NAT, ACL, VRRP, RSTP, MPLS, PVST+, MST, Zabbix, WireShark, L2/L3 switches, routers, firewall Cisco ASA, FPR, FMC, Stunnel, Cisco Umbrella, TCP/IP, UDP, Cisco AnyConnect, Cisco ISE, OpenSSL, SolarWinds, Palo Alto

Lead Support Engineer, Wi-Fi, LAN, and WAN Network Support and Development

Duration: 07.2018 - 09.2019
Summary:

Support and development of Wi-Fi, LAN, and WAN networks
Designing and implementing a robust and secure network infrastructure that supports the operations of a retail store or chain
This includes creating a reliable and scalable network architecture that can handle a high volume of traffic, support multiple devices and applications, and ensure data security and privacy

Responsibilities: Experience in leading the team. Addressing and resolving team conflicts or misunderstandings. Providing updates on project status to stakeholders and leadership. Maintaining and developing the data transmission network. Managing daily operations of a 1000+ node, multi-network, multi-vendor. Implementing SSL/TLS inspection to decrypt and inspect encrypted traffic for security purposes. Configuring logging for Stunnel events to facilitate auditing and troubleshooting. Supporting and maintaining the company's IT infrastructure (administration of Cisco, ZyXel, HP, D-Link, BDCom network equipment - switches, routers, firewalls, etc.). Configuring TLS settings on network devices, such as routers, switches, and load balancers. Implementing security measures for both TCP and UDP, integrating encryption protocols (TLS) to safeguard data during transit. Ensuring network infrastructure availability and incident resolution. Supporting the office Wi-Fi network (Cisco, UniFi Network). Configuring OpenSSL settings to enforce secure cryptographic algorithms, key sizes, and cipher suites to enhance the security of network communication. Monitoring telecommunication equipment (SolarWinds, Zabbix). Organizing communication channels for new points of presence. Creating comprehensive technical manuals and guides.
Technologies: OSPF, BGP, EIGRP, VLAN, IPSec, GRE, NAT, ACL, VRRP, RSTP, PVST+, MST, Zabbix, WireShark, L2/L3 switches, routers, firewall Cisco ASA, FPR, TCP/IP, UDP, FMC, Stunnel, Cisco Umbrella, Cisco AnyConnect, Cisco ISE, OpenSSL, SolarWinds, Palo Alto

Senior Network Engineer, Secure and Reliable Network Infrastructure

Duration: 07.2016 - 07.2018
Summary:

Design, implement and maintain a secure and reliable network infrastructure that supports the operations of the transport company
This includes creating a network architecture that can handle high-volume data transfers, provide real-time information to drivers and operators, and ensure the security and privacy of sensitive information

Responsibilities: Maintaining and developing the data transmission network. Managing daily operations of a 1500+ node, multi-network, multi-vendor. Ensuring network infrastructure availability and incident resolution. Utilizing packet capture and analysis tools to monitor and analyze network traffic, identifying and addressing anomalies in TCP and UDP communication. Generating, deploying, and managing digital certificates using OpenSSL. Organizing communication channels for new points of presence. Supporting the office Wi-Fi network (Cisco, UniFi Network). Supporting and maintaining the company's IT infrastructure (administration of Cisco, ZyXel, HP, D-Link, BDCom network equipment - switches, routers, firewalls, etc.). Managing digital certificates used in TLS encryption, including issuance, renewal, and revocation. Monitoring telecommunication equipment (SolarWinds, Zabbix). Communicating with cross-functional teams to optimize performance within complex software architectures. Ensuring documentation complies with industry standards and best practices.
Technologies: OSPF, BGP, EIGRP, VLAN, IPSec, GRE, NAT, ACL, VRRP, RSTP, PVST+, MST, Zabbix, WireShark, L2/L3 switches, routers, firewall Cisco ASA, FPR, FMC, TCP/IP, UDP, Cisco Umbrella, Cisco AnyConnect, Cisco ISE, SolarWinds, OpenSSL, Palo Alto

Junior/Middle Network Engineer, Network Support and Maintenance

Duration: 07.2013 - 07.2016
Summary: Private industrial project.
Responsibilities: Supporting and maintaining the company's IT infrastructure. Conducting performance analysis and fine-tuning to ensure efficient utilization of network resources. Supporting the office Wi-Fi network. Monitoring telecommunication equipment. Implementing proactive measures for real-time monitoring of protocol-specific metrics to ensure optimal network performance. Configuring firewalls and access controls to protect against potential security threats. Monitoring and applying patches and updates to OpenSSL to address security vulnerabilities. Organizing communication channels for new points of presence. Ensuring documentation accuracy and clarity, providing a valuable resource for team members.
Technologies: OSPF, BGP, EIGRP, VLAN, IPSec, TCP/IP, UDP, GRE, NAT, ACL, VRRP, RSTP, PVST+, MST, Zabbix, OpenSSL, WireShark, L2/L3 switches, routers, firewall

Education

Computer Science
Bachelor's degree in Computer Science
4 years
Software Engineering
Master's degree in Software Engineering
2 years

Certification

CCNA
Cisco Certified Network Associate
CCNP
Cisco Certified Network Professional
SCOR
Security Architecture for System Engineers