Contact details

Mobile telephone number: (0098) 9123021584

Email address: Pooyakhishtandar@gmail.com

LinkedIn address: www.linkedin.com/in/khishtandar

Website: www.khishtandar.com

Career objective

An experienced senior level IT consultant with significant design, support,

administration and implementation experience of network projects. Over 10

years of IT experience with full life cycle ICT project experience. Thrives in a

customer focused, multi-site environment. Always meets client demands

and develops good long-term customer relationships.

Current position

Middle East Bank

Senior Network Datacenter and Security Consultant

Cando Higher Education Institute

Cisco and Linux Instructor

Professional Skills / Service Provider Expertise:

Pouya Khishtandar

Network / Cisco /Security /VoIP /Linux /Microsoft /Data Center Architect & Consultant

Project Skills

Project Management & Planning, Preparing RFQ, RFP, LOM, LOS, Detail

Design, ATP, Test & Delivery, etc.

Routing

Static Routing , RIP , RIPv2 , IS-IS , OSPF, OSPFv3, EIGRP, BGP and Multi-

protocol BGP, VRF & VRF-lite, NHRP, IPv6 Routing, Route redistribution

, Multicasting (PIM Sparse/Dense Mode) , EIGRPv6, RIP-ng , IPv6 & IPv4

,NAT ,PAT ,RITE ,OER ,PFR ,PBR ,IRB , CRB, Route Filtering ,

Summarization.

Switching

STP, RSTP, MST, PVST +, 802.1 Q in Q Double Tagged VLANs, CEF, Ether

Channel Protocols, VLAN Trunking Protocols, VTP, GVRP, HSRP, VRRP,

GLBP, SPAN, Stack, Ether channel, LACP, PAGP.

MPLS

MPLS unicast forwarding, MPLS VPN, VRF-lite , LDP, TDP, MPLS-TE .

WAN Technologies

PPP, HDLC, ISDN, DSL, Frame Relay, VPN, METRO-ETHERNET, etc.

QoS

Classification and Marking (CoS, IPP, DSCP & etc ), Congestion

Management and Avoidance (CBWFQ ,PQ ,CQ ,WFQ ,LLQ ,WRED & etc

), Shaping and Policing, Link Efficiency, RSVP, Switch QoS ( WRR - SRR )

Security

Network & Data Center Security Architecture, IPSec, VPN Technologies,

Intrusion Detection & Prevention Mechanism, Hardening Mechanisms,

IOS Firewall, ezVPN, DOS Mitigation, Device Hardening, IOS IPS,

Webvpn, AAA programs ( Cisco Secure ACS , Free-radius, NAP, NTTAC+

) , RADIUS &TACACS+ , NAC ,TCP intercept & etc .

L3 Security Mechanism (IP ACL, RPF Checks, TCP Intercept, CBAC,

DMVPN)

L2 Security Mechanism (Port Security, DAI, DHCP Snooping, IP source

Guard, Dot1x, Storm Control)& etc.

Penetration Testing, Ethical Hacking, etc.

Design

Enterprise Composite Model, IIN, SONA, Top Down Network Design.

Virtualization

Consulting VMware VSphere ESX Solutions, Vcenter, open stack.

VoIP

Signaling Protocols (SCCP, SIP, MGCP, H323), VGateways, Gatekeepers

, RTP , RTCP , Voice Codes , Dial Planning , Other VoIP Features ( Call

Pickup , Call Park , Call Transfer ,Call Forwarding , Intercom ,CDR & etc.

)

Monitoring & Management

Snmpv2c, SNMPv3, IP SLA, Syslog, Net flow, EEM, TCL scripting, NTP,

SDM, CCP.

Specialties & Experiences

Cisco Routers, Switches, Load Balancer:

Experience of Cisco 7600 Series, Cisco 7200 Series VXR, NPE-G2

Routers, Nexus 1000v, 2000 & 5000, Cisco ACE, Cisco Catalyst 6800

Series, Cisco Catalyst 6500 Series, Cisco Catalyst 4500 Series Switches,

Cisco Supervisor Engines SUP/RSP/SIP, Cisco C3750X – 3850X , Cisco

C3560 , Cisco 4900 , Cisco C2960X , Cisco ASR 1000 , Cisco ISR 3800 ,

2800 , 1800 , 4000.

Cisco Security, Management & Monitoring Products:

Experience of Cisco Security Monitoring, Analysis and Response System

(MARS)

Cisco ASA 5500 Series, Cisco Cat 6500/7600 Service Modules like:

FWSM/ASA/IDSM2/NAM/Anomaly Guard/SPA-IPSEC/SSL, Cisco Secure

ACS,

Juniper Security Products

Experience of Net Screen, SSG, ISG, SRX & IDP Series (Screen OS &

JUNOS)

Network Monitoring and Management Systems

Experience of Cisco Prime, Cisco ISE ,CiscoWorks Suite, Solarwinds,

PRTG, MRTG, Cacti, Zabbix, Nagios, Accelops, OSSIM OSSEC and

ManageEngine Products such OPM, NetFlow Analyzer and Security

Manager Plus, etc.

Voice over IP

Experience of CME , CUCM6-11 , CUE ,CU ,Asterisk based programs (

Trixbox, Elastix, FreePBX) , 79XX ip phones, CIPC, CUPS .

Microsoft Services

Experience of Active Directory, CA, WSUS, DNS, IIS, NAP ,etc.

Linux-Based Services

Experience of Squid, Bind, IPTables, Snort, Apache, FreeRadius, RAID

,NFS ,SAMBA ,OpenVZ ,Keepalive ,Postfix ,Sendmail, FreeNAC

,Openldap, OpenCA, Openssh, OpenVPN.

Experience of Industry leaders’ products like Astaro, Fortigate,

Brocade, HP, Foundry, Bluecoat, Huawei etc.

Assisting Corporations & Organizations in Project Management &

Planning, Designing, implementing and maintaining secure and

efficient information technology networks.

Creating networks from scratch or taking an existing one and

enhancing any or all components associated with the business tool.

Evaluating the needs of the client and preparing a detailed document

of what is needed to create a secure networking structure that will

meet those needs.

Deep understanding of Routing & Switching concepts

Deep Understanding of Service Provider related technologies

Experienced in installation and configuration of high-end devices such

as Cisco 12000, 7600 & 7200 routers, Nexus 7k, 5k, 2k and 6500/4500

switches, ACE and Supervisor engines & modules such as RSP720,

RSP16, SUP720, SUP32, SUP2T, CSM, …

Solid hands-on experience in network design, configuration, and

troubleshooting experience with Expert-Level knowledge of

Switching, Routing, WAN, MPLS , Multicast ,and Linux Services

Skills Profile

Teamwork and Leadership

Working at PDK, Vista, Cando and Cybertech Co. demonstrated

excellent teamwork and leadership skills in multiple projects

environment, such as an ability to listen to clients and managers,

perform different roles, support colleagues, share problems, and have

positive attitude to learn from setbacks resulting in promotion.

Effective communication

Able to communicate effectively with a wide range of clients and

colleagues, providing presentation and technical support for users with

varying levels of IT knowledge and competence.

Administration

Excellent ability to plan ahead and manage time effectively, I have

gathered data from a wide range of sources during my dissertation

whilst balancing my other studies, resulting in a 71% grade.

Employment history

2012-2016 - Middle East Bank

Senior Network Consultant

I was invited to cooperate with Middle East Bank 2012 when the Bank

was established, Since the Bank’s IT manager and CEO have known me

from Karafarin Bank (former workplace). My main role was:

Datacenter Design and Implementation

WAN Design and Implementation (Connectivity between branches and

datacenter all over the county)

Design and Implementation connectivity between Bank and IRAN

Central Bank and Ministry of Economic Affairs and Finance (Iran)

Infrastructure Security Design and Implementation based on Cisco

SAFE and ISMS

Training IT staffs to support and maintain Network and Troubleshooting

I was on call 24 hours a day to Troubleshoot advanced problems, During

These years I ‘ve attended IT weekly meetings with IT managers and

staffs and I’ve given solutions for on demand changes continuously.

2012-2015 - SAIPA YADAK (saipayadk.org)

SAIPA is one of the biggest Automaker Company in Iran. When they

invited me to cooperate in case of wrong Design they were experiencing

Downtime and low availability, since they had more than 5000 branches

all over the country they needed optimization. In order to solve the

problem I redesigned the network and with BGP and DMVPN

Implementation and providing redundancy for devices, I optimized the

network. With the changes I made availability reached to 99.998% per

year.

Design and implementation of VMware/Citrix

Configuring Cisco Catalyst 3650, 2960, 4500, 6500, 3750 series

switches, Cisco 878, 1841, 2811 Routers

Implement Linux based services – BIND, Apache, squid cache, nginx &

etc.

Configuring Juniper SSG 550, IPS 240, SRX 550.

Switching configuration, administration, and troubleshooting.

Installing, managing and supporting Active directory (DNS, DHCP,

Domain), Mail servers (Exchange, Mdeamon, Qmail), and Wireless

networks

Configuring 802.1X Port-Based Authentication for wired and wireless

networks

Assisting with writing procedures and documentation such as

troubleshooting guides.

2013 - China National Petroleum Company (Tehran Branch)

Senior Voice Consultant

North Azadeghan Petroleum Domain Project

2010-2012 - Hekmat Iranian Bank (http://www.hibank24.ir/)

Hekmat Iranian Bank has more than 200 branches all over the country

and I Designed and Implemented Datacenter and WAN.

Datacenter design based on Cisco datacenter infrastructure documents.

Managing & Administrating Country Wide Scale WAN in “Gateway

Project” Between more than 200 Points on 4 different Type of

Communication Platform such as Fiber, Intranet, Internet & VSAT with

Cisco & Juniper Products. Design MPLS network with traffic

engineering features.

Task Including Designing, Implementing, Maintenance and

Troubleshooting complex BGP and Routing structure. Also

Implementing QoS with Prioritizing, CBWFQ, LLQ , features for Part

of Network to Transporting VoIP Traffic.

2010-2011 - Karafarin Bank (http://www.karafarinbank.ir)

Senior Network Consultant WAN

I was responsible to redesign, optimize, Troubleshooting of their

network.

2009-2010 - Tehran University of Art (http://www.art.ac.ir)

Network, Security, Datacenter Consultant

Redesign and optimization connectivity between University faculties.

Configuring Cisco Catalyst 3750 , 4900 , nexus 1k , 5k series switches,

Cisco 878 , 1841 , 2811 , 2911 , 3845 Routers

Troubleshooting network problems.

2008-2010 - Pars Dadeh Kavosh ( http://www.pdkco.ir)

Technical Manager

Technical management of a group globally dispersed consultants and

engineers providing strategic planning and delivery of a range of

network solutions, working with the team and with the customer,

typically within strict deadlines, to ensure projects are delivered on time

and to a very high standard.

Working as a consultant and in technical sales, providing design and

installation of a range of complex network setups, to deliver LAN,

WLAN and WAN security, redundancy and performance. Design

Engineering to provide high-level design documentation followed by

configuration of Cisco Routers, Switches, ASAs, MARS, IPS, IDS,

VoIP, Content Services Switches and Wireless equipment & etc.

Technical manager, Technical consultant, and implementer in different

Projects such as:

2009-2010 - Ministry of Industries and Mines (Iran)

Senior Network Consultant Virtualization

2010 - Ardebil Governor

Video Conferencing

2010 - IRAN Khodro

Video Conferencing

2010 - Lorestan Imam Khomeini Relief Foundation

(www.emdad.ir/lrs)

WAN

2009-2010 - Bid Boland Gas Refinery Complex (www.nigc-

bidboland.ir)

Design and Implement Campus WAN

2009 - Ministry of Health and Medical Education IRAN (Salamat

Complex)

Consultant Design Implement

2009 - Noshahr Port And Maritime Organization

(http://www.pmo.ir)

Consultant Design Implement

2009 - The Organization for research and Composing University

Textbooks in the Humanities (SAMT organization)

(http://www.samt.ac.ir/)

Consultant Design Implement

2009 - Asia Insurance (http://www.bimehasia.com)

Consultant Design Implement

2009 - Kish Chips Company (http://www.MazMaz.net )

Consultant Design Implement

2009 - Research Institute of Petroleum Industry (www.ripi.ir/)

Consultant Design Implement

2008-2009 - Mazandaran Meli Bank (http://www.bmi.ir)

Consultant Design Implement

2008 - Tehran University of Medical sciences faculty of dentistry (

dentistry.tums.ac.ir )

Consultant Design Implement

2008 - Golestan Hospital

Consultant Design Implement

2008 - Islamic Azad University Karaj Branch

(http://www.kiau.ac.ir)

Consultant Design Implement

2008 - Kohkiloye Boyerahmad Telecommunication

(http://www.TCKB.ir)

Consultant Design Implement

2008 - Lorestan Governor

Consultant Design Implement VOIP

2008 - Karaj Municipality (http://www.karaj.ir)

Consultant Design Implement

2008 - Construction and development of Transportation

Infrastructures Company

2008 - Ministry of Interior (Iran) (http://www.moi.ir)

VOIP

2008 - Ministry of Interior (Iran)

WAN

2006-2008 - Pars Dadeh Kavosh ( www.pdkco.ir )

Technician

Projects:

2007 - Hormozghan Governor

WAN

2006 - Road Maintenance and Transport Organization Video

Conferencing (http://www.rmto.ir)

2006 - Governor of Semnan province: Semnan state Governor

network ( 300 users in central office, 10 WAN connectivity )

(http://www.ostan-sm.ir)

2005 - Azaran Pelastic Company (http://www.azaran-plastic.com/)

Administrating Microsoft-based network, Implementing Security

using ISA, Implementing Virtualization using vSphere ESX.

2005 - Momtaz Pelastic Company (http://www.momtaz-

plastic.com/)

2005 - Ministry of Roads & Urban Development

(http://www.mrud.ir/ )

Projects

2014-2015 - Mobile Communication Company Of IRAN

Senior Network Consultant

VOIP in contact center (Troubleshooting)

MCI is the biggest Mobile Telecommunication company in IRAN with

approximately 17 million postpaid and 49 million prepaid subscribers.

In addition to solve VOIP problem I did some Redesigns in Datacenter.

2014 - National Iranian Oil Refining and Distribution Company

Senior Network consultant

They had some security concerns, I redesigned and Optimized network

security and codified Security Strategy document.

2012 - IRISL Group (www.irisl.net )

VoIP Consultant

Spearhead design, development, and implementation of asterisk based

voip programs.

2012 - Darou Pakhsh Company (http://www.dpdcir.com)

Senior Network Consultant LAN and WAN

Training Experiences

Experience of over 11000 hours of Teaching Cisco , Microsoft , Linux & CEH

Courses at Cando higher education institute (www.cando.ac) ,Cybertech (

www.cybertech-ir.com ) , Vista ( www.networkacademy.ir ) ,and DPI”ex

IBM” ( www.dpi.ir ) :

CCNA & CCNP & CCIP ~5000 Hours

CCIE R&S ~3000 Hours

CCNA Voice ~600 Hours

CCNA Security & CCNP Security ~600 Hours

CCVP ~600 Hours

LPIC1&2 ~800 Hours

CCDP ~200 Hours

MCSE 2012 and MCITP ~Hours 300

ITIL , ISMS , Cobit ~200 Hours

CEH & Penetration Testing ~ 300 Hours

Certifications

CCIE R&S (Written)

http://www.pearsonvue.com/authenticate

Registration ID: 227946707

Validation Number: 177339327

CCIE Sec / CCIE Voice (Written)

CCNP (ROUTE, SWITCH, TSHOOT, ISCW, ONT) / CCIP / CCSP / CCDP/

CCVP

CCNA (csco11268769) / CCNA Security / CCDA / CCNA VOICE

Cisco ASA Specialist / Cisco Firewall Security Specialist

Cisco Data Center Architecture Design Specialist (CDCADS)

Cisco Data Center Networking Infrastructure Design Specialist

(CDCNID)

Cisco Security Solutions and Design Specialist (CSSDS)

CEH (EC Council Certified Ethical Hacker)v8 / CISSP

MCSE / MCITP / MCSE2012/ LPIC 101,102/LPIC 201,202 / ITIL /

ISMS/Cob

Education

Bachelor Of Science

June 2013

Computer Hardware Engineering

Islamic Azad University, Tehran Central

Publications

Analysis of Voice over IP Codecs

(B.Sc. Thesis - October 2012)

Languages

English

Persian (native)