SUMMARY:

• IT professional with over Nine years of professional and progressive technical experience in installation, configuration, support, implementation, administration and troubleshooting of various technologies for enterprise environments which include proficiency in routing, routing protocols, switching, security (firewalls), voice, wireless and datacenter technologies.
• Extensive experience in design, deployment, implementing, and troubleshooting LAN/WAN, MPLS, VLAN, Cisco Routing and Switching, Cisco, F5, BIG - IP Load Balancing, Fortinet, Juniper SRX/EX, Cisco ASA, Checkpoint R77 3.0/NG-1, and Palo Alto 6x/7 Next Generation firewalls, Network Security, SEIM, DLP, and IPS/IDS for data center environments.
• Experience in working with Cisco 2500, 2600, 2800, 3600, 3800, 7200, 9010 series Routers.
• Strong hands on experience on configuring Cisco Catalyst 2900,2960, 3560, 3750, 4500, 4900, 6500 series and Nexus 7000, 5000 and 2000 switches.
• Extensive knowledge with VLAN’s, Trunking, RSTP, SNMP, Ether Channels, HSRP, Port Security, ACL’s, QoS, Traffic Policing, Shaping, EIGRP, OSPF, RIP v1/v2, BGP NAT, PAT, Inspections, VPN’s, DHCP, WireShark, MPLS
• In depth knowledge of F5 BIG-IP Hardware Platforms, F5 TMOS Architecture including currently generally available software versions, F5 API and F5 load balancing in production E-commerce environment.
• Hands-on experience of various layer 2 transport protocols including ATM & Frame Relay and MPLS, 2547bis VPN, RFC 4364, mVPN, VPLS.
• Experience in Cloud: AWS - design, migration, development and administration
• Has experience in working on cloud AWS cloud EC2, S3, RDS, Load Balancer, Auto Scaling with AWS command line interface and AWS python SDK.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Experience with implementing and maintaining network monitoring systems (Cisco works and HP Open view).
• Experience with WAN acceleration technologies, such as Cisco WAAS and Riverbed Steelheads.
• Well experienced in configuring HSRP, GLBP, ICMP, PPP, PAP, CHAP and SNMP.
• Experience in installing and configuring DNS, DHCP server
• In-depth knowledge and hands-on experience in ISP Routing Policies, Network Architecture, IP Sub netting, VLSM, TCP/IP, NAT, DHCP, DNS, Firewalls.
• Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, MPLS QOS
• Experience with implementation of DNS and DHCP protocols.
• Good knowledge of OSI Model and TCP/IP networking standards with protocols such as SNMP, FTP, ICMP and IPv6.
• Comprehensive expertise in the implementation of optimization, analysis, troubleshooting and documentation of LAN/WAN networking systems
• Detailed understanding of data warehouse databases such as Teradata, Amazon redshift, SQL Server and MySQL.
• Network security including Cisco IDS/IPS, AAA, IPsec/SSL VPN, NAT/PAT, ACL, ASA/PIX Firewalls, and L4 - L7 protocol.
• IPv4, IPv6 subnetting and super netting for Host or Network requirements.
• Familiar with REMEDY for ticket change management process.
• Cisco Security: Telnet, SDM, NAT/ACLs, AAA, Layer 2 Security, Layer 3 Security, IPS/IDS, Cisco (ASA, PIX) 5510, Cryptography, VPN, IPSec.
• Experience in physical cabling, IP addressing and subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies
• Reliable and collaborative team leader, member, or independent contributor, with proven ability at managing multiple priorities / projects in fast-paced environments.

CORE COMPETENCIES:

• Route/Switch and Overlays for Datacenter, Route/Switch and Overlays for WAN, Data Center Fault, Tolerance and DR, Large Scale Network Architecture
• Large Scale Security Architecture, Layer 3 - 7 Load Balance, Layer 3 - 7 Firewalls, IDS/IPS
• Network Automation, System Automation, SIEM/NMS, SDN

TECHNICAL SKILLS:

Routing/Switching Technologies: Cisco Routers (3900, 2900, 1900, 800 Series), Cisco Catalyst Switch (6500, 5500, 4900, 4500, 3750, 3560-X, 3100), Cisco Nexus 1kv, 2k, 5k Series, Juniper and HP Routers & Switches - WAN, LAN, TCP/IP, Cisco IOS, Spanning Tree Protocol, BPDU, CDP, ACL, NAT, PAT, RIP, RIPv2, OSPF, OSPFv3, EIGRP, BGP, MPLS, VTP, SNMP, SMTP, ARP, TCP, UDP, Static Routing, Stub Routing, VLAN, VLAN Trunking, Multicast routing, HSRP, SVI, CEF, Etherchannel, Portfast, VSS, VPC, Cisco (Nexus; 2k, 6k, 7k, 9k, ASR, ISR) Juniper (MX, M and SRX, vSRX), RIPv2, EIGRP, OSPFv2 & v3, MP-BGP, MBGP, L3VPN, MULTICAST - (SM, DM, SDM, RP, IGMP, CGMP), QoS, COPP, DMVPN, GRE, IPsec, ISAKMP, IKEv1

Security/Firewalls Technologies: Cisco Security Manager Suite, Cisco ASA 5500 series firewalls, Cisco FWSM, Cisco IPS/IDS, Cisco ACS, Advanced Firewall Manager (AFM), Cisco ASA 1000V cloud firewall, Checkpoint Firewall, Juniper SRX series, Palo Alto

Protocols & Standards: AAA, TACACS+, RADIUS, SSH, VPN, IPSec, SSL/IPSec, Data Loss Prevention, Data Management Zone, Pretty Good Protection (PGP), Public Key Infrastructure (PKI), Internet Key Exchange Policy, Port Security, MAC Address Filtering

Wireless/Voice Technologies: Cisco WLC, IEEE 802.1x & 802.11, WLAN, WAP, AP, SSID, LWAPP, Aironet, Bluetooth, Avaya, STP, Quality of Service (QoS), PoE, MMDS, LMDS, CCK, DSSS

Monitoring/Data Center Technologies/APPS: Wireshark, Remedy, Cacti, Nagios, Solarwinds, Cisco Security Manager Suite, Server, Sniffer, Ethereal, Orion - F5 Big-IP load balancing (GTM/LTM), Cisco AnyConnect VPN mtg, Cisco Prime, Cisco IPS/IDS, Meraki cloud.based - Splunk Enterprise, SNMPv2c, SNMPv3, DNS, DHCP, FTP, Telnet, HTTP(S), SMTP, tunneling protocols, PTP, SFTP, RDP.

Other Technologies/Languages: HTML, Microsoft Office, AWS, Microsoft Visual Basic, Unix/Linux, Data Communications, Networking, Remedy, SharePoint, Turnover, Outlook/Exchange, Solaris, HP/UX, AIX and Windows Server 2003

PROFESSIONAL EXPERIENCE:

Confidential, Chicago, IL

Sr. Network Security Engineer

Responsibilities:

• Make recommendations on the Network’s Infrastructure to enhance and optimize day to day business activities and to support the scalability of building and implementation of Network Infrastructure Components/Upgrades, etc
• Design, install, configure, support, and troubleshoot Cisco Routers, Switches, Access Points and Firewalls on all new branch openings and current branches and Datacenter, work independently with CenturyLink Portal, Active Directory, ASDM, SolarWinds, Wireless Infrastructure, VPN, MPLS, BGP, Network Security, vendor relations, maintenance, support of LAN/WAN Technologies, and Citrix Support
• Sears being one of the countries’ largest retail giant with 18 data centers running in a highly complex environment.
• Coordinated daily activities including Change creation, Network issue troubleshooting, Network Implementation, Network reports etc. with Sears’s offshore team.
• Provided 24*5 supports in various domains such as Routing & switching (EIGRP, OSPF, BGP), Firewall security (Cisco ASA/PIX), Load balancing (F5, Cisco CSS) etc. for 5 data centers.
• Configured Policy Based Routing, Route - maps to divert the normal traffic nature and to maintain the network security at VLAN level.
• Was responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches, fixes, and all-around technical support.
• Configuring, testing, troubleshooting multiple vendor device platforms like Cisco routing and switching: Cisco ASR9010, ASR901, ASR903, Catalyst Cisco 7609, 2960, and Juniper routing and switching devices: MX960, MX 480 and SRX5200, ACX2200, ALU service aggregation router 7705 and 7750 service router.
• Migrate, design and implement 1000+ Stores DMVPN tunnels over new Internet Service provider.
• Design Configure, manage and troubleshoot Cisco ASA 55xx series, Wireless Controller 5520/ 5508/44 xx/2504,Cisco Switches 6509/4500/37 xx, Nexus 7k/5k/2k, F5 Load Balancer, Two factor Authentication, PKI Certificates, Cisco ACS Server, NAC ISE 2.0,Call manager Express,H.323 Gateway, MGCP Gateway,VG224, Cisco Unified Communications Manager Network of Sears.
• Setup, troubleshoot and Manage F5 LTM nodes, pools, virtual server, profiles, upgrade, and iRules for several applications like HTTP, HTTPS, SMTP,DNS etc.
• Monitored network operations, performance, operations automation, inventory management, service provisioning.
• Leading the design and implementation of an enterprise network for AWS.
• Automating AWS builds with Cloud Formation and Terraform
• Responsible for the design, migration from Cisco ACE 4100 to F5 Viprion deployment, configuration, and troubleshooting the F5 Viprion Load Balancing platform, integrating F5 BIG IP/IQ, GTM, LTM, APM, ASM, iRules, DNS-SEC, DNS ANYCAST, IPv6, SSL, BIG-IP GTM
• Install Design and Visio diagram of Palo alto (IPS) PA500 / PA-5050 / PAN-M-100 (In-Line monitoring mode, Vwire, Active/Active and Active/Passive) for the corporate office and branch location with collaboration Internal Security team and Palo Alto partner.
• Integrated AWS with our existing infrastructure with the goal of making AWS available for use as a platform for applications and IaaS.
• Redesigned MPLS network servicing .com remote offices and partner networks to separate corporate and partner networks for improved security and performance.
• Multisite distributed ISE 2.0, Design, Implement, Configure, Planned and migrated ACS existing configured devices like WLC,Radius,Tacacs+,802.1x,Guest portal, posture policies and VPN authentication.
• Identified devices physically connected to the legacy corporate core Black Diamond x450.This information is needed to develop a plan to migrate those devices to top other switches.
• Documented the corporate and datacenter network layout.
• Identified devices physically connected to the Core 7606. This information is needed to develop a plan to migrate those devices to top other switches and enable us to retire the Core Cisco 7606.
• Setup NetEngineer VPN Access
• Created REP Ring between the Cisco 4948-1 and Cisco 4948-2
• Cisco 4948-2 integration,Migrated from old Cisco 4948-2 to NEW Csico 4948-2
• Created a L2L Tunnel for access into Legacy devices between Cisco ASA's.
• Determine best method to integrate Monticello FiberNet corporate network with Sears corporate network with the preferred option of QinQ connection back to Perham Cisco corp core. Ensure connectivity is preserved to local services needed for management and administration.
• Installed doors on Cisco ASR9010s that do not currently have them.
• Migrated from Cisco ASR 9001 to Cisco ASR 9010.
• The Wabasso office connection trouble which is sloved by having a L2VPN i.e.,VPLS.
• Adding Cisco 9ks in a couple Data Centers / CoLos in the Metro to support 10Gig port density required for E-Rate sales, and reduces the number of circuits that are currently using non-optimal fiber paths.
• Got a command on KMZ file to work with.
• Made a Couple of Cleanup Configurations on the Cisco ASR.
• Implemented, reviewed and approved the MOP's of every task created.
• Created a L2L tunnel for the Billing Access between Cisco ASA's.
• Followed some of the projects about Transport Capacity upgrades ( METRO/CORE)
• Worked with different vendors other than CISCO like Alvarion, Accedian, Juniper.
• Eliminated all Trident line cards from noted sites - Tomahawak and Trident cannot co-exist in the same chassis.
• Eliminated all Typhoon line cards if feasible - 64 bit XR only supported on Tomahawk and newer platforms.

Environment: Design LAN, WAN, Security systems. Implemented Cisco Routers and Switches, Cisco ASA, ASR, Juniper SRX, Palo Alto, Checkpoint, BIG IP/IQ F5 Viprion, AWS VPC.

Confidential, Chicago, IL

Senior Network / Security Engineer

Responsibilities:

• As a senior consultant worked with multiple projects/clients simultaneously on design and implementation, including migrating projects from legacy, pre-production, and production data center environments.
• Technical Responsibilities include but not limited to Voice, Network Systems Support, Wireless Infrastructure, Disaster Recovery, support of LAN/WAN technologies for customers, servers and enterprise applications and desktop technologies.
• Specific responsibilities were but not limited to Disaster Recovery, Database updates per Disaster Recovery, Cisco or Juniper OS, Microsoft Outlook, Failover Tests, LAN/WAN servers, Juniper devices: NetScreen 5000 series, SRX Series, Junos OS, Cisco Devices: 7500 Series routers, Cisco Nexus 5020 Switches, Genesis OS, Citrix NetScaler OS, server devices, mainframe devices and WAN/Routing/ACLs/Policies and VLANs.
• Furnished peer review, Technical Design review, Design documents, Roll-Back plans, Project goals, Solution Scope, Project Risks, RFQ, and BOM.
• Executed ASA Firewall changes, Cisco router & switch replacement, Big IP F5 replacements, Rapid STP design, and MST deployment. Provided implementation of Secured-GRE-Tunnel migration to allow connectivity during remote-site swings across Data Centers.
• Ensured optimization with separate traffic to prevent asynchronous-routing of return egress traffic in dual-data center.
• Manage Cloud network, BGP point to Multipoint to MS and AWS
• Resolved integration conflict between the applications CORE team and supported client during Severity incidents. Resolved site-to-site VPN Issues from Client to VPN gateways. Implemented Cisco routers, ASA, Juniper SRX, and Big IP F5.
• Managed Juniper Junos devices in production environments
• Worked on commissioning and decommissioning of the MPLS circuits for various field offices.
• Implemented Nexus 2k, 5k, 9k switches, 4500 Switches, 6500 Switches, VPC uplinks for bandwidth capacity, Private-VLAN for secured Backup domain. Big IP F5 pools, ASA changes, and campus builds.
• Build and configure Firewall policies for PCI Network to secure credit card authorization on AJB platform for Retail and Ecommerce Site.
• Handling Complaints for Intranet and Extranet over MPLS backbone. Checking the connectivity between different locations.
• Providing daily network support for national wide area network consisting of MPLS VPN and point-to point site.
• Installation, configuration and maintenance of Checkpoint, PIX/ASA/FWSM, Brick, Netscreen, SRX, Ipolicy, Fortigate, and Palo Alto firewalls.
• Deployed Palo Alto for web filtering and application control.
• Troubleshoot firewall and network issues using CLI for all devices managed as well as using GUIs such as: Juniper NSM, Checkpoint Smartview Tracker, and Lucent Brick LSMS.
• Configure and support Cisco ACE load balancers, routers, and switches.
• Perform upgrades to firewalls.
• Use centralized management/configuration systems including Solsoft, Juniper NSM, BlueCoat Director, Provider 1, Horizon Manager, FortiManager, and Panorama.
• Configure and support multiple vendor VPNs.
• Modify configurations and scripts on all supported platforms.
• Manage McAfee Webshields, Secure Email Gateways, Websense, and F5 Load Balancers.
• Support Checkpoint firewall and Provider 1 versions of R55, R65, R70, SPLAT, and VSX.
• Monitor and configure Alta Vista, Check Point, Cisco firewalls and IDS, and F5 Load Balancers.
• Performed design and implementation in a financial Data Center infrastructure.
• Changed control process, which provided complex route optimization support and standards to existing and new migrations.
• Did Gcom deployments for new and existing infrastructures.
• Completed changes to Cisco Call Manager for phone registration and Cisco router configuration.
• Delivered configuration changes on Router, Switches, ASA, SRX, Nexus, and Big IP F5.

Environment: Nexus 9k, 7K, 6K, 5K, 2K; 4500, 6500 VSS pairs; Cisco IOS, Arista switches; AWS, Cisco IOS & IOS-XE routers; ASA, Palo Alto, Checkpoint and Juniper Firewalls; F5, Cisco aACE load balancers; Cisco UCS, Dell, HP Chassis; Linux, Python 2, BASH.