SUMMARY:

• 8+ years of Experience and having multiple Certifications Cisco (CCNA&CCNP) in designing, deploying and troubleshooting Network & Security infrastructure on routers, switches (L2/L3) & firewalls of various vendor equipment.
• Working on Cisco IOS, Junos & NX - OS (7K, 5K&2K).
• Strong hands on experience on ASA (5505/5510/5540/5585 ) Firewalls, Juniper (SRX 110/210/220/550 ).
• Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Worked aggressively on complex Palo Alto firewalls Environment.
• Strong hands on experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K, 2K series, Cisco router models like ASR 9K, ASR 1K, 7200, 3900, 2900, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3850, 3750, 3500, 2900 series switches
• Technology and Infrastructure consultant for Cisco and Juniper design and implementation projects. Specific tasks include installations, configurations, support and maintenance of routers and switches.
• Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, MPLS QOS
• Diverse industry exposure - Finance, Telecom, and IT consulting Markets.
• Extensive experience in configuring Layer3 routing and layer2/3 switching of Juniper & Cisco based J2320,MX,EX,2950,2960,3600,3750,4500,6500,1700,1800,2600 and 3700 series routers & Switches.
• Troubleshooting & implementation of Vlan, STP, MSTP, RSTP, PVST, 802.1Q, DTP, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5, VTP & SVI.
• Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments
• Experience configuring & troubleshooting routing protocols like RIP, OSPF, BGP, and EIGRP.
• Hands-on experience with Juniper SRX - Juniper SSL VPN
• IOS/JUNOS upgrade for Cisco & Juniper routers/switches.
• Experience in testing Cisco & Juniper routers/switches in laboratory scenarios and deploy on site for production.
• Native communication skills and a team player, Effective inter-personal skills, adaptive to any environment, with the latest technologies and delivering solutions as an individual and as part of a team

TECHNICAL SKILLS:

Routing Protocols: RIP, BGP, OSPF, EIGRP, Static Routing, IP Addressing, Subnetting, VLSM

Communication Protocols: TCP/IP, UDP, DHCP, DNS, ICMP, SNMP, ARP, PPP

Redundancy Protocols: GLBP, HSRP, VRRP

Topologies: MPLS, Ethernet, Cable Modem, and Wireless

Switch Technologies: VLANs, VTP, STP, DTP, ISL and dot1q

Network Hardware: Cisco switches (2960, 3550, 3560, 4500, 6509, and 6513),Cisco Nexus Switches(2248,2232,5548,5596,7010,7718),Cisco routers (1900, 2900, 3900, 7200, ASR-1k/9k), Cisco ASA 5500 series, CSU/DSU s, network cards, Modems and F5 Network Load Balancer

Network Management Tools: MRTG, HP Open view, Cisco WAN manager, Cisco works 2000, Solarwinds Orion, Zenoss

Security: NAT/P NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration, Internet Content

Filtering,URL Filtering Web: sense, SSL, IPSEC, IKE, Static, Dynamic, Reflexive ACL, and authentication AAA (TACACS+ & RADIUS).

Firewall: Cisco ASA, Juniper SRX, Palo Alto

Network Simulators: GNS3, Packet Tracer, Wire shark

OS: Windows, UNIX, LINUX

PROFESSIONAL EXPERIENCE:

Confidential, Englewood, CO

Sr. Network Security Engineer

Responsibilities:

• Experience working with data center deployment where we converted from Cisco 6500 to Nexus.
• Experience with configuring FCOE using Cisco nexus 5548.
• Experience working with Juniper devices like EX 2200,EX 4200, EX 4500, MX 480, M Series, SRX650, SRX240
• Troubleshoot wan related problems including OSPF, EIGRP, BGP routing and design
• ExperienceSupporting EIGRP, OSPF and BGP based network by resolving level 2 & 3 problems of internal teams & external customers of all locations
• Experience with configuring BGP, OSPF in Juniper M and MX series routers for branch / Back office locations
• Working with Checkpoint Support for resolving escalated issues
• Configured and troubleshoot Autonomous and Cisco Meraki and Access Points
• Experience with setting up IPSEC VPN on Cisco 5585 Firewalls towards the multiple vendors
• Experience working with Nexus 7010/Nexus 7018, 5020, 2148, 2248 devices
• Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000
• Experience in configuring all Palo alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments
• Support Panorama Centralized Management for Palo alto firewall PA-500, PA-200 and PA3060, to central manage the console, configure, maintain, monitor, and update firewall core, as well as back up configuration
• Helped team to deploy 100 APs with 15 Switches, Cisco Nexus, Cisco Meraki and 2 Wireless controllers.
• Experience working with F5 LTM 3600/6400 and GTM 2200/4200 in data center
• Configured Virtual Servers, Configure Nodes, and configuring the load balancing Pools and also used to work with configuring load balancing algorithms.
• Experience configuring session based persistence and I have leant configuring writing i Rules for specific redirection purpose and also i rules for persistence.
• Dealt with creating VIP(virtual servers), pools, nodes and applying I Rules for the virtual servers like cookie persistency, redirection of the URL
• Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers.
• Configured Cisco 3502 wireless access points.
• Supplied documentation, escalation, training and standard operating procedures as needed to allow for a smooth transition within the NOC.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing
• DMZ environments to support new and existing application platforms.
• Designed and installed new Branch network systems. Resolved network issues, ran test scripts and prepared network documentation.
• Performed switching technology administration including VLANs, interVLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.
• Configuration of Access List ACL (STD, Ext, Named) to allow users all over the company to access different applications and blocking others.
• Involved in configuring IP Quality of service (QOS)
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment
• Primary responsibility is to design and deploy various network security & High Availability products like Cisco ASA other security products
• Convert Branch WAN links from point to point circuits to MPLS and to convert encryption from IPsec/GRE to get VPN.
• Configured, implemented, and troubleshoot routers and switches with various account settings permissions, and parameters including security firewalls.
• Plan Design and assist in deploying enterprise wide Network Security and High Availability Solutions for ASA and SRX Firewalls
• Work as a part of the DMZ migration and consolidation for external vendors into a new environment on ASA 5585 devices.
• Creating or Modifying Firewall rules on Cisco 5555, 5520, Juniper SRX and Palo alto VM-300 devices.
• Upgrading the IOS on Network Devices including cisco 6800, 6500 and Palo Alto VM-300 devices
• Experience in working in panorama, Palo Alto user interface version 8.0.2 and VM-300 series firewalls.
• Creating templates in panorama to manage the individual devices from it.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/Juniper security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Multipoint VPN: IPSec, IKEv2, DES, 3DES, AES (-128, -192, -256), Pre-Shared Key, X.509v3 Certificate, MD5, SHA-1, NAT-T, firewall rules for each VPN connection, configuration assistance via web interface, remote-controlled activate/ deactivate connection.
• Data center migration was involved in Access, Distribution and Core layers.
• Created MOPS and get approval from peers to perform configuration add/ remove changes.
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
• Configuration and extension of VLAN from one network segment to other segment between Differentvendor switches (Cisco, Juniper).
• Configuring Vlan’s, VTP’s, enabling trunks between switches.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Performed Configuration on ASR 9K Pairs includes HSRP, Bundle Ethernet Config, Assigning DHCP profiles.

Confidential, St. Louis, MO

SR Network Engineer

Responsibilities:

• Involved in the Configuration and Administration of Cisco and Juniper Routers and Switches
• Experience working with Nexus 7010, 5548, 5596, 2148, 2248 devices.
• Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with ASA and JUNIPER SRX Firewalls
• Configure and troubleshoot Juniper EX series switches and routers at branches/back offices.
• Experience with moving data center from one location to another location, from 6500 based data center to Nexus based data center
• Worked with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience
• Upgrading code on Palo alto firewalls PA5050/3020 to meet company security policy
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall
• Created documents for various platforms including Nexus 7k, ASR9k, and ASR1k enabling successful deployment of new devices on the network.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Involved in Implementation and Configuration (Profiles, I Rules) of F5 Big-IP C-4400 load balancers.
• Network Redesign for Small Office/Campus Locations. This includes changes to both the voice and data environment
• Establish AWS technical credibility with customers and external parties
• Help customers build scalable, resilient, and high-performance applications and services on AWS
• Develop/capture/document architectural best practices for building systems on AWS
• Worked on a broad range of topics such as proactive monitoring and maintenance, disaster recovery exercises, and core network repairs
• Advanced expertise and hands-on on Cisco IOS-XR software platform on Cisco 12000 series routers
• Experience working with ASR 9000 series switches with IOS-XR
• Advanced expertise and hands-on on Cisco IOS, IOS-XR 4.1.2 and 4.3.31 software platform on 12000 series routers
• Well Experienced in configuring protocols HSRP, GLBP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP.
• Experience with communicating with different with different customers/Vendors, IT teams in gathering the details for the project
• Switching tasks include VTP, ISL/ 802.1q, IPSec and GRE Tunneling, VLANs, Ether Channel, Trunking, Port Security, STP and RSTP .
• Experience in installing and configuring DNS, DHCP servers.
• Replace branch hardware with new 3900 routers and 3750 POE Switches.
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking, deployed port security when possible for user ports
• Involved in configuring Juniper SRX 550, Cisco ASA 5585 firewall and PALOALTO 5050 firewall
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed

Confidential, Phoenix, AZ

Sr. Network Engineer

Responsibilities:

• Experience with configuring Cisco 6500 VSS in Distribution layer of the Data center network
• Configuration and Administration of Cisco and Juniper Routers and Switches
• Experience working with Nexus 7010, 5548, 5596, 2148, 2248 devices.
• Experience configuring VPC(Virtual Port Channel), VDC(Virtual Device Context) in Nexus 7010/7018
• Experience with configuring FCOE using Cisco nexus 5548
• Configured Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000 to connect servers and storage devices.
• Experience with setting up MPLS Layer 3 VPN cloud in data center and also working with BGP WAN towards customer
• Configure and troubleshoot Juniper EX series switches and routers
• Migrated to Juniper EX series switches from Cisco 3500 series and 6500 series switches
• Experience with moving data center from one location to another location, from 6500 based data center to Nexus based data center
• Network Redesign for Small Office/Campus Locations. This includes changes to both the voice and data environment
• Network security including NAT/PAT, ACL, and ASA/SRX Firewalls.
• Good knowledge with the technologies VPN, WLAN and Multicast.
• Well Experienced in configuring protocols HSRP, GLBP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP.
• Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy It also includes the configuration of port channel between core switches and server distribution switches
• Experience with communicating with different with different customers, IT teams in gathering the details for the project
• Switching tasks include VTP, ISL/ 802.1q, IP Sec and GRE Tunneling, VLANs, Ether Channel, Trunking, Port Security, STP and RSTP.
• Experience in installing and configuring DNS, DHCP servers.
• Replace branch hardware with new 3900 routers and 2960 switches.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPSec/GRE to Get VPN.
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking, deployed port security when possible for user ports
• Involved in configuring Juniper SSG-140 and Cisco ASA firewall
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed.

Confidential, Memphis, TN

Network Engineer

Responsibilities:

• Responsible for the configuration, implementation and operation of Cisco 3745 routers Cisco 6509 and 3560 L2/L3 switches
• Removed Cisco 3600 and 2600 series routers and Cisco 2900 series switches from the current infrastructure and replaced them with the Cisco 6509 or 3560 L2/L3 switches.
• Configured RSTP, MST and used VTP with 802.1q trunk encapsulation. Provided port binding and port security wherever required. Provided router redundancy through HSRP.
• Configured ether channels using PAgP and LACP.
• Designed ACLs, VLANs, troubleshooting IP addressing issues and taking back up of the configurations on switches and routers.
• Responsible for Checkpoint firewall management and operations across our global networks.
• Working with Checkpoint Support for resolving escalated issues
• Created effective network security by migrating from Check Point FW-1 NG to ASA 5510 Firewalls
• Provided testing for network connectivity before and after install/upgrade
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet and Gigabit Ethernet channel between switches.
• Experience in Cisco switches and routers: Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay and ATM).
• Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external
• Escalation procedures and customer notifications.
• Configured Cisco Routers for OSPF, IGRP, RIPv2, EIGRP, Static and default route.
• Worked on HSRP and GLBP for first hop redundancy and load balancing.
• Configured the Cisco router as IP Firewall and for NATting.
• Prepare, update, and maintain technical and logistical network documentation

Confidential

Network Engineer

Responsibilities:

• Configuration, Management, Troubleshooting of Network devices (Routers, Switches). Maintained the Telecommunication Connectivity using DSL and T1 Lines.
• Maintained complex LAN/WAN networks with several VLANS and provided support for routing protocols.
• Managed IP addressing and implemented IP Access Lists
• Configured and troubleshoot VLAN, VTP, STP and Trunks
• Installing and configuring protocols like TCP/IP and Internet protocols including Local Area Networking, routing and HTTP.
• RMA’s and provided 24x7 supports.