SUMMARY:

• CCNA CCNP Certified with 8 Years of experience in networking and security, hands on experience in design, implementation, and support. Routing, Switching, Firewall technologies and troubleshooting of complex network systems.
• Device platforms including Juniper, Cisco, BNT, Arista, Cylades, Clinet.
• Experience in developing automation tool with a software language Python, JavaScript.
• Extensive knowledge with VLAN’s, Trunking, RSTP, SNMP, Ether Channels, Port Security,HSRP,VRRP,GLBP,ACL’s, QoS, Traffic Policing, Shaping, EIGRP, OSPF, NAT, PAT, Inspections, VPN’s, DHCP, Wiresharketc.
• Expertise in designing, implementing and troubleshooting Cisco3750, 3550, 3560, 2924, 6509 - V-E, 6513, 6504, 6503, 6506, 6500 series switches and ARISTA (7100, 7500) Series switches.
• Extensive experience in configuring and troubleshooting of protocols RIP v1/v2, EIGRP, OSPF, BGP and MPLS.
• Participate in planning, implementation, and growth of our infrastructure on Amazon Web Services (AWS ).
• Experience with Azure Security environment.
• Experience with HP C7000 enclosure switches.
• Hands on experience in configuring HSRP, GLBP, ICMP, PPP, PAP, CHAP and SNMP.
• Experience in designing, implementing and troubleshooting Cisco routers (800, 2800, 2600, 3800, 7600) using Static, RIP, IGRP, OSPF, EIGRP . Experience with Cisco PIX & ASA devices.
• Experience in Cisco security: Telnet, SDM, NAT/ACLs, AAA, Layer 2 Security, Layer 3 Security, IPS/IDS, Cisco (ASA, PIX) 5510, Cryptography, VPN, IPsec.
• Troubleshooting & implementation of Vlan, STP, MSTP, RSTP, PVST, 802.1Q, DTP, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5, VTP & SVI.
• Experience with VenafiTrust Protection Platform.
• Experience in installing and configuring DNS, DHCP server.
• Knowledge in configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone APs, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics.
• Experience in create, debug, and maintain scripts to optimize work flow.
• Experience in physical cabling, IP addressing and Subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies.
• Dealt with the escalation problems for Routing, Switching and WAN connectivity issues using ticketing system like Remedy Ticketing System .
• Hands on experience with ASR9k/ISR routers.
• Strong hands on experience on PIX (506, 515, 525, 535), ASA (5505/5510) Firewalls.
• Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• In-depth knowledge and hands-on experience in ISP Routing Policies, Network Architecture, VLSM, TCP/IP, NAT, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
• Knowledge in Citrix Netscaler 12000/15000/11500 series load balancers.
• Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs.
• Worked extensively on Palo Alto, Juniper Net screen and SRX Firewalls.
• Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, and MPLS QOS.
• Responsible for Check Point and Cisco ASA &Palo Alto Firewalls environment.
• Expertise in creating groups and pruning traffic flow using VLAN, VTP, ISL, 802.1Q.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Experience with CISCO and ARUBA wireless access points and controllers
• Working Knowledge of Cisco IOS, Junos& basic Nexus (7K, 5K&2K).
• Global Maintenance of device configuration as per certified standards and Engineering recommendations. Create, administer, and execute changes in mass-scale device quantity
• Expertise in installing, configuring and troubleshooting Juniper Routers (J, M, QFXand MX-series)
• Administration and diagnostics of LAN and WAN with in-depth knowledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
• Business analysis skills, with the ability to forecast implications and provide consultative recommendations and solutions.
• Experience with Amazon Web Service(AWS) and Cloud Security .
• Coordinate work with external vendors for areas that are not under current management.
• Worked closely with RIR(Regional Internet Registry) to procure PI(Provider Independent) and PA(Provider Aggregately) IP addresses and AS numbers for COLT and customers.
• DNS Zone administration for 13 countries across EU for COLT customers.
• Set up DNS Reverse Delegation according to RIPE rules in RIPE Database.
• Participate in design and peer reviews.   Adapt and transform operational and/or functional needs into solutions.
• Efficient at use of Microsoft Excel/Word/ VISIO as technical documentation and presentation tools.
• Conduct network audits and risk assessment as required and remediate.
• Ability to communicate clearly and concisely, both orally and in writing and also deliver information to business community in non-technical terminology.
• Expert in set priorities, meet deadlines and manage operational lifecycle.

TECHNICAL SKILLS:

Protocols & Standards: LAN, WAN, WLAN, VRF, VDC, TCP/IP, NAT, PAT, MPLS,GETVPN, GDOI, DMVPN, IPv4, IPv6, OSPF, OSPFv3, EIGRP, BGPv4, VPN,L2TP, GRE/IPsec / ISAKMP, IKE, VoIP, VSS, VLANs, ACLs, Layer 3, Switching, HSRP, GLBP, VRRP, QoS, TACACS+, RADIUS, 802.1X, PKI, LDAP, POE.

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA

Security Protocols: IKE, IPSEC, GRE, SSL-VPN

Cisco Platforms: Nexus 7K, 5K, 2K & 1K, Cisco routers (7600, 7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series), Huawei AR Series Routers

Juniper Platforms: M, J and MX,QFX Series Routers

Networking Concepts: Access-lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPsec, VLAN, VPN and Wireless Technology (CAPWAP, WLC, FlexConnect)

Firewall: Palo Alto, firewall, Check Point Juniper Netscreen and Juniper SRX

Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240

Network Tools: IBM ITNM, Splunk, StealthWatch, Solar Winds, SNMP, CiscoWorks, Wireshark

Load Balancers: F5 Networks

Operating System: Windows 7/XP, Windows Server 2003/2008, Linux, UNIX.

PROFESSIONAL EXPERIENCE:

Confidential, Austin, TX

Sr.Network Engineer

• Expertise in Integration, configuration and maintenance of Cisco Router, Catalyst Switches and Firewalls
• Experience working with ASR 9000 series switches with IOS-XR.
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet and Gigabit Ethernet channel between switches.
• Datacenter upgrades from C6500s to Nexus 7k/5k/2k, double-VPC between distribution and access, single-VPC to servers
• Designing and implementing a new network  core that consisted of a series 3750 stackwise switches configured in a spine  and leaf configuration.
• Hands on experience in installing new switches and routers and configure the IOS according to the requirement which included VLAN, OSPF, Subnetting, EIGRP, BGP, VTP, Spanning - tree, IP Subnetting, wireless access points, T1 circuits and PIM-SM using auto RP.
• Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches, fixes, and all around technical support of 24*7.
• Implemented Site-to-Site VPNs over the Internet utilizing 3DES, AES/AES-256 with ASA Firewalls.
• Hands on experience with automation tool with a software language Python.
• Experience with migrating from Cisco ASA 8.2 version to Cisco ASA 8.4 Version.
• Assisted campus for VOIP network management and troubleshoot.
• Experience with CISCO and ARUBA wireless access points and controllers.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls for stable VPNs.
• Created lot of site to site IPSEC VPN tunnel with Checkpoint, Juniper Netscreen firewalls and Cisco ASA firewalls.
• Hands on experience with ASR/ISR routers
• Configured Juniper MX480s, EX8200s, EX4500s, EX4200s, from scratch to match design.
• Implemented and maintained intrusion detection/ prevention (IDS/IPS) system to protect enterprise network and sensitive corporate data. For Fine-tuning of TCP and UDP enabled IDS/IPS signatures in Firewall.
• Designing, Provisioning and Installation of the Customer Sites in Oracle IPSA for MPLS Backbone
• Experience with convertPIX rules over to the Cisco ASA solution.
• Configured the access-list rules, network object-service group based on well-known port the port i.e. FTP/SFTP, SSH, HTTPS/HTTPS (SSL) and etc.
• Worked with LAN protocols like STP, RSTP, MST, VTP, VLAN and Port Channel Protocols like LACP.
• Experience in using and maintaining various network monitoring tools like Solarwinds, Fluke, plunk.
• Design and configuring Overlay Transport Virtualization (OTV) on Cisco NX-OS devices like Nexus 7000.
• Experience working with migration from 6500 series devices to 4500 Series switches in Campus deployments at Core, Distribution and Access Layers.
• Responsible for creating and maintaining Microsoft project, VISIO diagrams and MS WORD documentation of network systems
• Experience of VMware ESXi and VMware Infrastructure.
• Hands-on experience with McAfee EPO deploying agent either with EPO.
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Implementing, configuring and troubleshooting routing protocols such as RIPv2 HSRP, GLBP
• Installation & configuration of Microsoft Proxy Server 2.0 & Blue Coat Proxy.
• Experience in designing and planning of Juniper MX, EX, QFX network routing products within the Customer infrastructure
• Configured, installed, & managed DHCP, DNS, & WINS servers.
• Expert level knowledge of Cisco ASR 9K, MPLS, BGP, OSPF and other R&S technologies.
• Experienced working with the Trouble Tickets on F5 Load balancers on LTM module
• Working knowledge of the UNIX and CLI based command to implement the networking tools.
• Negotiate VPN tunnels using IPsec/GRE encryption standards and also configured and implemented site-to-site VPN, Remote VPN.
• Provided technical support for full setup, debugged the problems of OSPF, switching and HSRP.
• VPN & remote connectivity with FortiGate Site to site VPN and IPsec Vpn.
• Team representative for change management review meetings.
• Review posted documentation to ensure network is in adherence to and compliant .

Confidential, Boston, MA

Network Security Engineer

Responsibilities:

• Involved in the activity of DATA-Center migration of regular Cisco catalyst switches with the new Nexus 2148, 2224T, 5548, 6018, 7010 using F3/M3 line-cards with 10GE & 40GE interfaces and Supervisor 2E.To secure configurations of load balancing in F5, SSL/VPN connections, troubleshooting CISCO ASA firewalls, and related network security measures.
• Hands on Experience software and hardware defects, SDN and ASR 9K
• Expert level knowledge of Cisco ASR 9K, MPLS, BGP, OSPF and other R&S technologies
• Participate in planning, implementation, and growth of our infrastructure on Amazon Web Services (AWS ).
• Experience with Azure Security environment.
• Responsible for Cisco ASA firewall administration across our global networks.
• Configuring Palo Alto policies and setting different device configurations.
• Hands-on experience with Ether Channel, Spanning Tree, Trunking, ACLs, Syslog. Experience in the setup of HSRP, Access-Lists, and RIP, EIGRP, and tunnel installations.
• Involved in the troubleshooting aspects of complex network infrastructure using routing protocols like EIGRP, OSPF and BGP.
• Experience with VenafiTrust Protection Platform.
• Maintain all documentation on Security Policy and Procedures.
• Designing and implementing a new network  core that consisted of a series 3750 stackwise switches configured in a spine  and leaf configuration.
• Monitor and Investigate for Security Breaches.
• Test for Vulnerabilities.
• Configured Firewall logging, DMZs& related security policies & monitoring.
• Monitoring threats on firewall and changing policies to prevent attack.
• Configuring Palo Alto policies and setting different device configurations.
• Applied ACLs for Internet access to the servers using Cisco 5550 ASA firewall and performed NAT
• Configure legacy route map configurations using the new Cisco IOS XR Routing Protocol Language (RPL).
• Responsibilities also included placing order for new SFP’s, implementing inline capabilities for home agents and running network cables from Palo Alto direct to required firewall.
• Configuring Palo Alto’s for inline use and Adding signature attacks on prevention lists.
• Created new policies for CDE and syncing the same policies in all the Data Centers.
• Auto Tuning Palo Alto Signatures and syncing between the data centers, working on PCI’s and managing it during peak if needed..
• Dealing with Cisco ASA 5550 providing advanced application-aware firewall services with identity-based access control, denial of service (DoS) attack protection all built upon market-proven Cisco PIX Security Appliance technology.
• Troubleshooting the Juniper SRX100 and 110 series, Juniper Net Screen routers.
• Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls and their implementation.
• Created standard access lists to allow SNMP, NTP and logging servers.
• Experience with software language JavaScript
• Configure and Install F5 New Virtual Servers, Profiles, I Rules, Pools, Nodes, Generate CSR Certificate, SSL Certificates Etc.,
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
• Performed Security operations in terms of pushing new policies and deploying new rules.
• Dealt with the service providers in the case of WAN outages.
• Performing security troubleshooting in terms of checking ACLs and ACEs and traffic flow analysis using packet capture features.
• Supported in giving access the User machines and partners exterior to the network using IPsec VPN tunneling and SSL.
• Experience with Cloud Administration.
• Responsible for simulating network operations with the usage of packet analyzer like Wire shark, and use to resolve tickets whenever there is an issue.
• Performed load balancing and application level redundancy by deploying F5 BIG-IP LTM 3900.
• Ensure network connectivity of all servers, workstations, telephony equipment, fax machines, and other network appliances.
• Assisted with Endpoint Protection.
• Monitor network performance and troubleshoot problem areas as needed.
•   Act as a team interface between network operations and the engineering, deployment, and security teams.
• Worked with client team with plan, build, run Security Design.

Confidential, Los Angeles, CA

Network Engineer

Responsibilities:

• Configuration 7609, 7606 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
• Create and test Cisco router and switching operations using OSPF routing protocol.
• Configuration and troubleshooting link state protocols like OSPF in multiple areas.
• Optimized performance of the WAN network consisting of Cisco 3550/4500/6500 switches by configuring VLANs.
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches.
• Implemented MPLS VPN networks to test various problem reproductions in lab
• Configured VLANs with 802.1q tagging.Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Troubleshooting issues related to Layer 1/2/3 skills like switching / routing, WAN /Hardware and critical network links by coordinating with the vendor.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Extensively worked on Nexus 5k and 7k, configured and troubleshooted
• Assisted in backing up, restoring and upgrading the Router and Switch IOS.
• Configuration and troubleshooting of Cisco 6500, 7500, 7200 Series routers.
• Managing and supporting large scale MPLS & Frame relay on Cisco environment for more than 5000 Retail sites, 100 Distribution centers, 100 offices and 3 datacenters.
• Design and Implement DMZ for FTP, Web and Mail Servers with CISCO PIX 506, PIX515
• Involved in Configuration of Access lists (ACL) on ASA firewall for the proper network routing for the B2B network connectivity.
• Provided proactive threat defense with ASA that stops attacks before they spread through the network. 
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
• Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external escalation procedures and customer notifications. Configured Cisco Routers for OSPF, RIP, IGRP RIPv2, EIGRP, Static and default route.
• Configured the Cisco router as IP Firewall and for NATing.
• Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center including patching the cables in the Patch Panel. Design and implemented network
• Implement changes on switches, routers, load balancers (F5 and CSS), wireless devices per engineer’s instructions and troubleshooting any related issues.
• Involved in Switching Technology Administration including creating and managing VLANS’s, Port security, Trunking, STP, Inter-VLAN routing, LAN security etc.
• Deploying Layer 2 security in Server Farms by configuring switch for 802.1x port based authentication.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Coordinate work with external vendors for areas that are not under current management.

Confidential

Network Administrator  

Responsibilities:  

• Supported core network consisting of Cisco routers running multi area OSPF. Implemented stub/Totally stub areas as per requirements
• Deployed Cisco ACS using TACACS+ for Authentication, Authorization and Accounting of access to network devices.
• Installation, configuration, and testing cisco equipment’s, IOS updates, and configuration changing, troubleshooting various LAN/WAN technologies issues for internal and external clients, monitoring network performance, defining network policies and procedures.
• Resolve customer WAN/LAN/wireless/load balancing networking issues
• Installed and configured Solar winds server.
• Configuring IPsec VPN Site-site, GRE Tunneling and SDM along with troubleshooting.
• Firewall and router configuration changes as per the business requirement.
• Provide technical assistance and support for incoming queries and issues related to Networks, computers systems, software’s, and equipment’s hardware.
• Evaluating network performance, including availability, utilization, throughput, and latency.
• Optimized OSPF and EIGRP network reducing network multicast traffic.
• Greatly enhanced network manageability using SNMP, NTP, SSH and Solar Winds.
• Performed configuration and management of network and circuits. Documented and updated network physical and logical layout
• Understanding of layer 2 protocols HDLC, PPP, spanning-tree protocols and multiple VLANs

Confidential

Network L1 Engineer

Responsibilities:

• Worked in Network building and Network infrastructure management team.
• Worked with upgradation, replacement of NICs, display cards, RAM, peripheral devices.
• Handled installation, configuration and troubleshooting of operating systems NT/2000, XP, and Solaris.
• Experience with Remedy ticketing system in resolving tickets related to Routing and Switching
• Configured and installed Cisco routers 2500, 2600, 3601 and 4000 series.
• Remotely testing links up to 1.5 Mbps using tools like REACTS.
• Recovered lost passwords and created standard access-lists and extended access list for new users.
• Monitoring network performance to improve the backup strategy using Netrep, Solar winds.