We provide IT Staff Augmentation Services!

Sr. Network Engineer Resume

0/5 (Submit Your Rating)

Washington, DC

SUMMARY

  • Network Engineer with Over 8+ years of experience in testing, troubleshooting, implementing, optimizing and maintaining enterprise data network and service provider systems.
  • Implementation, Configuration and Support of Checkpoint (NGX R65, R70 and R71), Juniper Firewalls (SRX5400, SRX5600, and SRX5800), Cisco Firewalls (ASA 5505, 5506 - X, 5585), Palo AltoNetworks Firewall models (PA-2k, PA-3k, and PA-5 k).
  • Provide scalable, supportable military grade TCP/IP security solutions along with expert TCP/IP network designs that enable business functionality.
  • Administration, Engineering, and Support for various technologies including proficiency in LAN/WAN, routing, switching, security, application load balancing and wireless.
  • Worked on Juniper Net Screen Firewalls like, NS50, SSG 550M, SSG520M, ISG 1000, ISG 200 and Cisco PIX 535, 520, 515, ASA -5500 and 5505.
  • Responsible for Checkpoint and Cisco firewall administration across global networks.
  • Worked on Cisco Catalyst Switches 6500/4500/3500 series.
  • Policy development and planning / programming on IT Security, Network Support and Administration.
  • Creating Virtual Servers, Nodes, Pools and iRules on BIG-IP F5 in LTM module.
  • Experience with Firewall migrations from PIX firewall to Cisco ASA and Juniper SRX firewall appliances.
  • Experience with Bluecoat Proxy servers, LAN & WAN management.
  • Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
  • Experience with Checkpoint VSX, including virtual systems, routers and switches.
  • Experience in Network LAN/WAN deployment,
  • Experience with DNS/DFS/DHCP/WINS Standardizations and Implementations.
  • Extensive understanding of networking concepts, (IE. Configuration of networks, router configuration and wireless security, TCP/IP, VPN, Content Filtering, VLANs, and routing in LAN/WAN, Ethernet Port, Patch Panel and wireless networks.)
  • Configuration of Network and Security devices such as Cisco routers and switches (Cisco 7600/3500/Nexus 7K/5K), Firewall (Checkpoint R75/Gaia and Cisco FWSM), Load Balancers and DNS and IP Manager (Infoblox)
  • Black listing and White listing of web URL on Blue Coat Proxy Servers.
  • Administration of production Windows Servers infrastructure that includes Domain Controllers, IIS Web Servers, SharePoint, File and Print and FTP/SFTP servers.
  • Extensive experience in Windows 2008 R2/2008/2003 Wintel Servers Confidential single or multi domain platforms.
  • Proficient in installing and configuring Windows Server 2003, 2008, 2012 and Windows XP, 7 & 8 Professional Client Operating Systems
  • IDS and IPS event management using CSM including signature updates for SSM Modules, IDSM.
  • Provides management level reporting of firewall and Intrusion Protection System (IPS) activity on a periodic basis.

TECHNICAL SKILLS

Cisco router platforms: 2500, 2600, 2800, 3600, 3700, 3800, 7200, 7609.

Cisco Switch platforms: 2900XL, 2950, 2960, 3560, 3750, 4500, and 6500.

Firewalls & Load Balancers: Cisco ASA 5585, 5550, 5540, Juniper SRX5400, 5600, 5800, Juniper Netscreen 6500, 6000, 5400. Juniper SSG Firewalls, Palo Alto PA-3060/2050, F-5 BIG-IP LTM (3900 and 8900), Blue Coat SG8100, AV 510, AV810.

Routers: Cisco routers (1900, 2600, 2800, 2900, 3600, 3800, 3900, 7200, 7600), Cisco L2 & L3, Juniper routers (M7i, M10i, M320)

Switches: Cisco switches (3560, 3750, 4500, 4900 & 6500), Nexus (2248, 5548 &7010)

Routing: RIP, EIGRP, OSPF & BGP, Route Filtering, Redistribution, Summarization, Static routing

WAN Technologies: FRAME RELAY, ISDN T1/E1, PPP, ATM, MPLS, leased lines, DSL modems.

LAN Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, NAT/PAT, FDDI. Cisco Secure Access Control Server (ACS) for TACACS+/Radius.

VOIP Devices: Cisco IP phones, Avaya.

Routing Protocols: RIP, OSPF, EIGRP, and BGP.

Switching Protocols: VTP, STP, RSTP, MSTP, VLANs, PAgP, and LACP.

Network management: SNMP, Cisco Works LMS, HP Openview, Solar winds, Ethereal.

Layer 3 Switching: CEF, Multi-Layer Switching, Ether Channel.

Carrier Technologies: MPLS, MPLS-VPN.

Redundancy protocols: HSRP, VRRP, GLBP.

Security Protocols: IKE, IPsec, SSL, AAA, Access-lists, prefix-lists.

Software: Microsoft Office Suite, MS SQL Server 2008, HTML.

Language: Unix, Turbo C / C++, basics in Perl and Shell scripting.

PROFESSIONAL EXPERIENCE

Confidential, Washington, DC

Sr. Network Engineer

Responsibilities:

  • Implementing security Solutions using PaloAlto Pa-5000/3000, Cisco ASA, Checkpoint firewalls R75, R77.20 Gaia and Provider-1/MDM.
  • Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
  • Configuring Big-IP F5 LTMs (virtual servers, pools, SNATs, health monitors, irules) and GTM’s for managing the traffic and tuning the load on the network servers.
  • Firewall rule base review and fine-tuning recommendation.
  • Hands on experience in configuration of Cisco ASA 5000 series firewalls and experience with checkpoints and FortiGate.
  • Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support
  • Configure Syslog server in the network for capturing the log from firewalls.
  • Policy Reviewing, Audit and cleanup of the un-used rule on the firewall using Tufin and Splunk.
  • Configure and Monitor Cisco Sourcefire IPS for alerts.
  • Experience working on Network support, implementation related internal projects for establishing connectivity in various field offices and Datacenters.
  • Working with different teams to gather info for the new request and troubleshoot for any connectivity issues by capturing traffic using TCPDUMP and smart view tracker.
  • Configuring and troubleshooting site-to-site IPSEC VPN tunnels using Cisco ASA 5540 for third party connectivity.
  • Implemented configuration back-ups using WinSCP, cyberfusion to automate the back-up systems with the help of public and private keys.
  • Documentation involved preparing Method of Procedures (MOPs) and Work Orders. Also creating and submitting Remedy tickets for user auditing.
  • Performing URL filtering and content filtering by adding URL’s in Bluecoat Proxy SG’s.
  • Working on the network team to re-route BGP routes during maintenance and FW upgrades.
  • Co-ordinated and Upgraded F5 LTM’s and Cisco ASA’s IOS images during window time.
  • Running vulnerability scan reports using Nessus tool.
  • Configure B2B VPN with various business partners and 3rd parties and troubleshoot VPN Phase 1 and Phase 2 connectivity issues including crypto map, encryption domain, psk etc.
  • Worked on Blue Coat Proxy SG to safeguard web applications in extremely untrusted environments such as guest Wi-Fi zones.
  • Troubleshoot connectivity issues and Monitor health of the firewall resources as well as work on individual firewall for advanced troubleshooting.
  • Working on Service now tickets to solve troubleshooting issues.

Environment: Cisco ASA, Checkpoint, Palo Alto, Big IP F5 LTM/GTM, Nexus switches, TCP/IP, VPN.

Confidential, Lebanon, NJ

Network Engineer

Responsibilities:

  • Day-to-day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
  • Managing and administering Juniper SRX and Checkpoint Firewalls Confidential various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
  • Juniper Firewall Policy management using NSM and Screen OS CLI.
  • Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
  • Configure and administer Cisco ASA Firewalls (5585, 5550, and 5540) and use command line CLI, Cisco CSM, ASDM for day-to-day administration.
  • Policy Reviewing, Audit and cleanup of the un-used rule on the firewall using Tufin and Splunk.
  • Active/Standby and Active/Active HA configuration on Cisco ASA Firewalls.
  • Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
  • Configuring rules and maintaining Palo Alto firewalls and analysis of firewall logs using various tools.
  • Experience on ASA firewall upgrades to 9.x.
  • Configured Panorama web-based management for multiple firewalls.
  • Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
  • Understand the flow of traffic through the Check Point Security gateway cluster and troubleshoot connectivity issues using advanced troubleshooting from Command Line Utilities.
  • Build and configure Active/Standby Failover on Cisco ASA with stateful replication.
  • Configure and tweak the inspection policies on Firewall to allow legacy application traffic.
  • Understand different types of NAT on Cisco ASA firewalls and apply them.
  • Firewall policy provisioning on Fortinet FortiGate appliances using FortiManager.
  • Troubleshooting connectivity issues through Blue coat as well writing and editing web policies.
  • Administration Big IP F5 LTM for all Local Load balancing and use GTM for load balancing across Data Centers.
  • FWSM configurations in single/multiple context with routed and transparent modes.
  • Support Data Center Migration Project involving physical re-locations.
  • 24 x7 on call support.

Environment: STP, RSTP, Cisco IOS-XR, ASA, VTP, VOIP, DMZ, HSRP, Palo Alto, Port-Channel, BGP, OSPF, EIGRP, PPP, HDLC, SNMP, DNS, DHCP.

Confidential, Middlesex, NJ

Network Engineer

Responsibilities:

  • Designed and implemented Cisco VoIP infrastructure for a large enterprise and multi-unit office environment. Met aggressive schedule to ensure a Multi-office reconfiguration project which was successfully delivered
  • Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support
  • Supporting EIGRP and BGP based PwC network by resolving level 2 &3 problems of internal teams & external customers of all locations.
  • Configuring Big-IP F5 LTMs (virtual servers, pools, SNATs, health monitors, irules) for managing the traffic and tuning the load on the network servers.
  • Upgrade Cisco Routers, Switches and Firewall (PIX) IOS using TFTP
  • Updated the HP open view map to reflect and changes made to any existing node/object.
  • Handled SRST and implemented and configured the Gateways, Voice Gateways.
  • Configuring HSRP between the 3845 router pairs for Gateway redundancy for the client desktops.
  • Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches.
  • Policy Reviewing, Audit and cleanup of the un-used rule on the firewall using Tufin and Splunk.
  • Ensure Network, system and data availability and integrity through preventive maintenance and upgrade.
  • Implementation and Configuration ( Profiles, I Rules) of F5 Big-IP C2400 load balancers
  • Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
  • Worked on the security levels with RADIUS, TACACS+.
  • Completed service requests (i.e. - IP readdressing, bandwidth upgrades, IOS/platform upgrades, etc.)
  • Identify, design and implement flexible, responsive, and secure technology services
  • Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
  • Performed load balancing and application level redundancy by deploying F5 BIG-IP LTM 3900.
  • Configured switches with port security and 802.1x for enhancing customers security.
  • Monitored network for optimum traffic distribution and load balancing using Solar winds.
  • Validate existing infrastructure and recommend new network designs.
  • Created scripts to monitor CPU/Memory on various low end routers in the network.
  • Installed and maintained local printer as well as network printers.
  • Handled installation of Windows NT Server and Windows NT Workstations.
  • Handled Tech Support as it relates to LAN & WAN systems

Environment: Net Flow,TACACS,EIGRP,RIP,OSPF,BGP,VPN,MPLS,CSM,SUP720, Ether Channels, Cisco 7200/3845/3600/2800 routers, Fluke and Sniffer, Cisco 6509/ 3750/3550/3500/2950 switches, Checkpoint firewalls(SPLAT)

Confidential, Detroit, MI

Network Administrator

Responsibilities:

  • Firewall Policy Provisioning and troubleshoot connectivity issues through firewall.
  • I worked on Check Point Security Gateways and Cisco ASA Firewall.
  • Firewall Clustering and High Availability Services using Cluster XL on Check Point.
  • Configuring and tweaking Core XL and Secure XL acceleration on Check Point gateways.
  • Troubleshoot User connectivity issues on Checkpoint and Cisco ASA using CLI utilities.
  • Packet capture on firewalls and analyzing the traffic using Wire shark utilities.
  • Troubleshot Clustering issues on Check Point and Sync issues monitoring and fix.
  • Upgrade of Checkpoint Gateways in Cluster with Minimal downtime.
  • Policy Reviewing, Audit and cleanup of the un-used rule on the firewall using Tufin and Splunk.
  • Implemented Active/ Standby HA configuration on Cisco ASA Firewalls.
  • Configuring Cisco ASA firewalls in Single and Multiple Context Mode firewalls.
  • Configuring VPN both B2B and remote access SSL and centralized policy administration using FortiManager, building Fortigate High Availability using Fortigate Clustering Protocol (FGCP).
  • Firewall Compliance and Rule remediation for compliance such as SAS 70 Audit.
  • LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
  • Vlan design and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.
  • Working with OSPF as internal routing protocol and BGP as exterior gateway routing protocol.
  • Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation on Cisco ASA Firewalls.
  • Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay).
  • Deployed a Syslog server to allow proactive network monitoring.
  • Implemented VLANS between different departments and connected them using trunk by keeping one Vlan under server mode and rest falling under client modes.
  • Configured Firewall logging, DMZs and related security policies and monitoring.
  • Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
  • Documentation and Project Management along with drawing network diagrams using MSVISIO.

Environment: CISCO routers and switches, Access Control Server, VLAN, Trunk Protocols, CISCO ASA, DHCP, DNS, Spanning tree, Nimsoft.

Confidential

Network Engineer

Responsibilities:

  • Responsible for PIX 7.x/8.x & ASA 8.x Firewall migration and in place hardware upgrades and Troubleshooting, IOS Security Configurations, IPSec VPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
  • Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation.
  • As part of Security and network operations team I was actively involved in the LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
  • VLAN implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.
  • IOS Upgrades from 7.x to 8.x as well as backup and recovery of configurations.
  • Work in an enterprise network environment with dynamic routing using OSPF and BGP for external connectivity.
  • Configured Switches with proper spanning tree controls and BGP routing using community and as path prepending attributes.
  • Install Windows Server 2003, configure IP addresses, network printers and configure Client Access for PCs.
  • Work with BGP routing protocol for communication with business partners and influence routing decision based on AS Path Prepend and other attributes.
  • Administer and support Cisco based Routing and switching environment.
  • Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay).
  • Implemented VLANS between different departments and connected them using trunk by keeping one Vlan under server mode and rest falling under client modes.
  • Configured Client VPN technologies including Cisco’s VPN client via IPSEC.
  • Configured Firewall logging, DMZs and related security policies and monitoring.
  • Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.

Environment: PIX, CISCO routers and switches, Access Control Server, VLAN, Trunk Protocols, CISCO ASA, DHCP, DNS, SAN, Spanning tree, Nimsoft, Windows Server, Windows NT.

Confidential

Network Engineer

Responsibilities:

  • Primarily responsible for incident and problem management.
  • Part of Network Operation Center NOC offshore support team from India supporting HP Data Center 24x7. L2 support for Cisco PIX and ASA Firewalls.
  • Schedule changes and work through maintenance requests over weekends.
  • Perform daily maintenance, troubleshooting, configuration, and installation of all network components.
  • Configuration of CISCO Routers (3600, 4000 Series) and 3550, 4500 series switches.
  • Creating groups, users and policies in Active Directory.
  • Troubleshoot and support Cisco Core, Distribution and Access layer routers and switches
  • Built IPSec based Site-to-Site VPN tunnels between various client locations.
  • Point-to-Point, Frame Relay, T3, ATM, WAN troubleshooting.
  • Debugging abilities Confidential L1, L2, L3, and L4 protocols in an Internet-centric environment. Troubleshooting Active Directory, DNS, and DHCP related issues.

Environment: Cisco 7200/3845/3600/2800 routers, TACACS, EIGRP, RIP and Vulnerability Assessment tools like Nessus, Red Hat, Solaris, Juniper VPN's and SSL.

We'd love your feedback!