SUMMARY:

• Network Engineer with Over 6+ years of experience in testing, troubleshog, implementing, optimizing and maintaining enterprise data network and service provider systems.
• Provide scalable, supportable military grade TCP/IP security solutions along with expert TCP/IP network designs that enable business functionality.
• Worked on F5 LTM/GTM, BIG - IP, load balancing, iRules and WAN acceleration.
• Administration, Engineering and Support for various technologies including proficiency in LAN/WAN routing, switching, security, application load balancing.
• Experience in F5 Load Balancing.
• Expert knowledge and experience in all major infrastructure vendors to include Cisco, Arista, Brocade, Juniper and others.
• Managed all network and devices to include Cisco routers, switches, VPNs, SSL, Check Point, Cisco PIX, Cisco IOS, Cisco FWSM as well as content delivery networks (CSS, Citrix Net scalar and F5 Big IP LTM and GTM 1600 and 3400 load balancers) enterprise environment.
• Worked on juniper SRX, installed F5 LTM, GTM and Aruba WLAN from scratch.
• Site to site VPN tunnels on CISCO IOSXR, SRX. Cabling that includes Copper and Fiber.
• Solve deal escalations cross-functionally with Cisco and Meraki teams
• Knowledge of web application firewalls and data loss prevention technologies.
• Policy development and planning/programming on IT Security, Network Support and Administration.
• Experience in Configuring and Troubleshooting BIG-IP F5 LoadBalancer LTM.
• Knowledge on Cisco Meraki, Cisco Nexus-OS, VRF's, VSS, Cisco Nexus hardware (9K, 7K, 5K, 3K, 2K).
• Creating Virtual Servers, Nodes, Pools and iRules on BIG-IP F5 in LTM module.
• Have done structured cabling in IDF and MDF environments. Worked on assigning and configuring ports to end users.
• Experience with Firewall migrations from PIX firewall to Cisco IOSXR and Juniper SRX firewall appliances
• Build and document Cyber Security work flows for incident mining (Hunting), triage, incident response, SIEM content generation and SOC workflow
• Experience in management of Checkpoint VSX environment and using VSX with Multi-Domain Security Management.
• Train outsourced/offshore SOC's, Build Distributed packet capture platform (MOLOCH) with Threat Intelligence Integration
• Experience with Bluecoat Proxy servers, LAN & WAN management.
• Excellent knowledge in Routing, Switching, Firewall and Gateway technologies, system design, data network design, capacity management and network growth.
• Meraki Access Point configuration, installation and management
• Experience in working with Cisco 9348 Nexus OS and Cisco Catalyst IOS 9410/9407 switches using Cisco CLI.
• Experience in Network LAN/WAN deployment.
• Have solid experience working with FireEye HX, NX, EX, AX series.
• Experience with DNS/DFS/DHCP/WINS Standardizations and Implementations.
• Experience with SD-WAN deployment, worked with network engineer team to design and implement industry SD-WAN infrastructure to provide secure, carrier-independent WAN connectivity across the enterprise.
• Experience with management platforms such as Panorama, Juniper NSM and Smart Center.
• Black listing and White listing of web URL on Blue Coat Proxy Servers.
• Knowledge & Experience on complex Fortinet, Cisco IOS & Palo Alto firewalls Environment.
• Administration of production Windows Servers infrastructure that includes Domain Controllers, IIS Web Servers, SharePoint, File and Print and FTP/SFTP servers.
• Experienced with routing protocols (RIPv1/2, IGRP, EIGRP, OSPF, BGP), switching (VLANS, VTP Domains, STP and trunking),
• Extensive experience in Windows 2008 R2/2008/2003 Wintel Servers at single or multi-domain platforms.
• Provide consultancy services to customers on a variety of network security products including firewalls, VPNs, authentication, load-balancing, data loss prevention and security information and event management.
• Proficient in installing and configuring Windows Server 2003, 2008, 2012 and Windows XP, 7 & 8Professional Client Operating Systems
• IDS and IPS event management using CSM including signature updates for SSM Modules, IDSM.
• Provides management level reporting of firewall and Intrusion Protection System (IPS) activity on a periodic basis.

TECHNICAL SKILLS:

Networking: OSI, TCP/IP, Cisco IOS, IOS-XR, LAN/WAN interconnection, Frame-Relay, ISDN, RIP, OSPF, EIGRP, IS-IS, BGP, MPLS, STP, RSTP, MST, VTP, NAT, ACLs, VPN, IP-Sec

Hardware Routers: Cisco (1800/2600/3600/3800/7200/7600 series), Cisco ASR 9Ks)

Switches: Cisco (2900/3500/3700/5500/6500 Series, Nexus 9K, 7K, 5K, 3K, 2K)

Firewalls: Cisco IOS (5510,5540), Checkpoint R65, R70, R75, R77 Gaia, Juniper SSG, SRX, Palo Alto

Other Tools: Tufin Secure Track, Forescout Counter ACT, F5 Big IP (LTM/GTM/ASM), DNS, Bluecoat Proxy, Solar Wind, Wireshark, BMC Remedy, Citrix Net scalar, Cisco Prime, VM Ware

Microsoft Operational Environment: Windows Servers, 365 CRM, Microsoft Navision ERP, VOIP PBX, MS Azure/On-Prem AD, DNS, DHCP, 395 Exchange, 365 email, Meraki Firewalls, Meraki switches, printers.

PROFESSIONAL EXPERIENCE:

Confidential, Dallas, TX

Sr. Network Engineer

Responsibilities:

• Experience working with data center deployment where we converted from Cisco 6500 to Nexus.
• Expert knowledge of Cisco ACI, NxOS and IOS, other SDN products Tiered Domains, QoS, data center network design, cloud infrastructure design and management, OSPF, BGP, VLAN Trunking
• Experience working with Nexus 9k,7k,5k,2k devices.
• Regular upgrade and maintenance of Infrastructure including Cisco Router and Switches, Juniper Routers and Firewalls, Nexus 7k,5k & 2k, F5 BIG IP and Palo Alto Firewalls.
• Worked on Palo Alto PA-5050 design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Design and implementation experience in building Cisco ASA Firewalls, Palo Alto firewalls, F5- Load balancer, Juniper firewalls and FWSM Blade modules on Cisco Switches.
• Configuring VIPs in LoadBalancers/NetScalers for Postal Infrastructure in support of Cisco ISE. Analyzing packet capture via Wireshark
• Deployed SDWAN with cisco infrastructure for SaaS applications in the firm.
• Deployment and integration of Catalyst 9300 and 9410 with Cisco DNA
• Experienced working on network monitoring and analysis tools like, SOLAR WINDS, CISCO works and SDWAN by Riverbed steelhead, L3VPN over network, multi-tenant segment routing, Cisco ASA firewall 9.x, OSPFv3, EIGRP classic and name-mode (wide metrics), VxLan, SDWAN, VRF and VRF-lite, VMWare NSX VDC.
• Worked in for the NextGen Datacenter Cloud Architecture, using Cisco ACI and Nexus 9K.
• Advanced skills of designing, coding, and troubleshooting iRules Executed the F5 Viprion to deal with high traffic volume for L7 traffic on 2250 blade while Thunder 6630 using Viprionchassis
• Configured Virtual Servers, Configure Nodes, and configuring the load balancing Pools and also used to work with configuring load balancing algorithms.
• Participated in troubleshooting SDN/SD-WAN deployments
• Deployed CISCO ACI Greenfield and Migrated from Legacy network.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card(module) for the Nexus 5000.
• Configured Cisco ISR routers and Cisco Catalyst Switches using the following routing/switching technologies; IPsec, DMVPN, GRE, NHRP, Zone Based Firewall, ACLs, 802.1X, TACAS/RADIUS, EIGRP, SNMP, NTP, VLANs, and 802.1Q.
• Support Zscaler network access from multiple sites.
• Configuration and administration of firewalls, which includes Checkpoint, Juniper, and Cisco ASA firewalls.
• Responsible for buildup of new customer environments on Cisco, Arista and F5 equipment including Cisco ASR1002-X and Arista 7100/7400 Series
• Created different application policies in the ACI including Tenants, Application Network Profile (ANP), End Point Group (EPG), Contracts, Subjects, Filters & Labels.
• Managing Cloud networks in VMware vCloud Director, engineering and administration of all virtual servers and network security.
• URL filtering with Zscaler
• Troubleshoot MPLS networks and assist our SD-WAN vendors in resolving network routing issues. Engineering new VLAN networks
• Extensively worked with configuration of Network and Security devices such as Cisco routers and switches (Cisco 7K/3K/Nexus 9K/7K/5K), Firewall (Checkpoint 3K, 5K and Cisco FWSM), Load Balancers, DNS and IP Manager (Infoblox)
• Having experience in Migration from Cisco ASA's to Fortinet’ s Fortigate firewalls
• Worked on Blue Coat Proxy SG to safeguard web applications in extremely untrusted environments such as guest Wi-Fi zones.
• Configured rules and maintained Palo Alto Firewalls & analysis of firewall logs using various tools
• Involved in the Migration of policy from Cisco ASA firewall into Juniper SRX’s
• Deployment and Management of Bluecoat proxies in forward proxy scenario as well as for security in reverse proxy scenario.
• Provided administration and support on Bluecoat Proxy for content filtering and internet access to headquarters, remote site offices and VPN client user
• Responsible Implementing NAT solution's on WAN applications with Cisco ASA based solution.
• Designing and Deploying dynamically scalable, Highly available, fault tolerant and reliable applications on AWS
• Migrated complex, multi-tier applications on AWS.
• Defined and deployed monitoring, metrics and logging systems on AWS. Migrated existing on-premises applications to AWS
• Monitored infrastructure with Nagios like Firewalls, Servers, Services, Network devices, applications, web portals etc. Resolution of tickets fresh & pending
• Selecting appropriate AWS service to design and deploy an application based on given requirements.
• Automated network implementations and tasks and designed monitoring tools using python scripting.
• Dealt with creating VIP(virtual servers), pools, nodes and applying I Rules for the virtual servers like cookie persistency, redirection of the URL
• Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers.
• Operations and management of company LAN, WAN, and wireless networks, including routers, switches, Access Points, Firewalls and another network i.e. Riverbed, Bluecoat, F5 LTM/GTM.
• Supplied documentation, escalation, training and standard operating procedures as needed to allow for a smooth transition within the NOC.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing
• DMZ environments to support new and existing application platforms.
• Designed and installed new Branch network systems. Resolved network issues, ran test scripts and prepared network documentation.
• Experience working with Juniper devices like EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX650, SRX240.
• Troubleshoot wan related problems including OSPF, EIGRP, BGP, spanning tree switching and routing designs.
• ExperienceSupporting EIGRP, OSPF and BGP based network by resolving level 2 & 3 problems of internal teams & external customers of all locations
• Experience with configuring BGP, OSPF in Juniper M and MX series routers for branch/back office locations.
• Experience in configuring all Palo alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments
• Support Panorama Centralized Management for Palo alto firewall PA-500, PA-200 and PA3060, to central manage the console, configure, maintain, monitor, and update firewall core, as well as back up configuration
• Helped team to deploy 100 APs with 15 Switches, Cisco Nexus, Cisco Meraki and 2 Wireless controllers.
• Experience working with F5 LTM 3600/6400 and GTM 2200/4200 in data center
• Configured Virtual Servers, Configure Nodes, and configuring the load balancing Pools and also used to work with configuring load balancing algorithms.

Confidential, Houston,TX

Sr. Network Engineer

Responsibilities:

• Supported 200 Cisco ASA firewalls in configuring and maintenance.
• Deployment of Cisco ASA firewalls and migration of end of life CISCO ASA firewalls to New CISCO IOS firewalls
• Cisco Firewalls include CISCO ASA 5585x, 5580, 5550 Series Hardware managed through CLI, ASDM as well as CSM.
• Experience working with Palo Alto firewalls managed through Panorama management platform.
• Configure High Availability on Palo Alto firewalls.
• Design, implement, and test call center applications in a mixed Cisco/Avaya architecture.
• Perform daily Cyber Security investigations, hands on with tools and processes
• Build process flows and document Cyber Security Operations, obtain buy in on roles and responsibilities.
• Work hands on splicing, terminating, testing, and troubleshooting fiber optic cabling.
• Cloud watch services, CI/CD pipeline management through Jenkins automation of manual tasks using Shell scripting.
• Defining, tracking and maintaining the standard baselines and configuration sets of security devices and implementing industry best practices with regards to Firewall, IDS/IPS, IPsec VPN, SSL VPN.
• Applied security enhancement by implementing certificates and RSA keys for authentication.
• Installed and administered RSA Secure ID token authentication servers.
• Proficient with Ruby, Perl, Power Shell, JSON, YAML, Groovy, Bash/Shell, Python and Developed python, and shell scripts for automation of the build and release process and automated Nagios alerts and email notifications using Python script and executed them through Chef
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configured and maintained IPSEC and SSL VPN's on Palo Alto, Cisco IOSXR Firewalls.
• Review and optimize Firewall rules using Secure Track Tufin tool and Firewall audit reports.
• Configuring Tufin secure track and network devices for monitoring network rules.
• Configured IPSec VPN (Site-Site to Remote Access) on Cisco IOS (5200) series firewalls.
• Working with the rule base and its configuration in Cisco IOSXR, Palo Alto, Juniper and Checkpoint firewalls.
• Worked with Fortinet and FortiGate Firewalls (providing perimeter security).
• Responsible for security monitoring, incident response, managing escalations, and providing ongoing training to junior analysts in the Security Operation Center (SOC).
• Monitored, analyzed, investigated security incidents/events, network traffic, and system logs using threat detection tools such as (SIEM) Splunk, Security Analytics, QRadar, IDS/IPS, (DLP), Firewall, FireEye (HX, NX),…etc.
• Provided advanced technical analysis of escalations received by the SOC triage team. This includes initial forensics and documentation of any findings.
• Worked hands on installing for various projects including E-rate, electrical cabling and conduit, splicing and terminations of fiber optics, splicing and terminations of copper cabling, network and telephony system cabling projects (inside and outside plant).
• Work with with various build automation tools (e.g. Team Build, Chef, Jenkins, Octopus)
• Working all phases of CI/CD with Jenkins Pipeline and Jenkins file
• Work with with various scripting languages (e.g. PowerShell, Bash, Python, Ruby)
• Acquire, process, analyze, report on forensic images using tools such as FTK, ProDiscover, Autopsy, SIFT, DEFT, extensive use of Encase enterprise, Encase analytics, Encase Cyber Security, FireEye MAS
• Created TFS Build and Release Definitions for Solutions, Assist with Deployment to VTFS, Azure or AWS, Assist with Database Deployment.
• Troubleshooted Build compilation, Install and Maintain TFS Extensions. REST API SupportTFS Native API SupportInstall and Support VS Test Rigs
• Configured F5 GTM solutions, which includes Wide IP, Pool Load Balancing Methods, probers and monitors.
• Work with the Cisco Meraki Sales team and on strategic sales initiatives like customer outreach and channel training to grow business in targeted regions.
• Physically deployed new Cisco Nexus devices, Catalyst and Nexus replacement blades, FWSMs, Cisco IOSs, Citrix Net scalar MPX and SDX chassis
• Worked with F5 Load balancing, IDS/IPS, Bluecoat proxy servers and Administrating.
• Stand up global SOC, train staff, develop procedures and integrate with other Cyber Defense business units
• Configured and utilized many different protocols such as OSPF, ISIS, BGP/MP-BGP, OER, MPLS, LDP, Multicast, IPv4/IPv6 protocols.
• Utilized knowledge of Spanning Tree Protocol, BGP, MPLS, OSI model layers 1-2 to create network layouts.
• Stateful firewall, VLAN to VLAN routing, Link bonding / failover, 3G / 4G failover, Traffic shaping / prioritization, WAN optimization, Site-to-site VPN, Client VPN, MPLS to VPN Failover, Active Directory and LDAP integration.
• Responsible for investigating Data Loss Prevention using Symantec DLP.
• Configured EIGRP routing and BGP route maps to allow traffic from subnets out to the core to Datacenter on the ASR 1002 devices.
• Manage projects, supervise crews, maintain contact with customers, and work hands on installing for various projects including solar systems, electrical cabling and conduit, splicing and terminations of fiber optics, splicing and terminations of copper cabling, RF systems, security camera systems, paging systems, network and telephony system cabling projects (inside and outside plant).
• Avaya Aura Communication Manager design, programming, and implementation.
• Implementation and configuration of Cisco L3 switches 3750, 4500, 6500 in multi VLAN environment with the use of inter-VLAN routing, dot1Q trunk, ether channel
• Stand up global SOC, train staff, develop procedures and integrate with other Cyber Defense business units
• Monitored and investigated security event logs, alerts from SIEM, IDS/IPS, Firewalls, Proxy, Anti-virus, Endpoint protection, DLP, and AWS in order to identify and mitigate security incidents affecting the US Bank enterprise.
• Performed analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system logs) to identify possible threats to network security.
• Monitored activities and events in US Bank’s Technology environment to ensure that anomalous behavior is detected, identified, classified and acted upon where appropriate.Maintain security through the use of Cisco ISE, Cisco IOS, DHCP snooping, and Dynamic ARP inspection, Symantec Endpoint Protection, Cisco AMP for endpoint, and System Center Endpoint Protection
• Forescout Counter ACT- NAC, endpoint compliance, real-time intelligence and policy-based control.
• Programmed, maintained & monitored multiple large Avaya S8700 PBX systems
• Working experience with Web Application Firewall (WAF) rules.
• Architect WAN solution using the AutoVPN technology with Cisco Meraki MX security appliances including DC to DC failover and SD-WAN capabilities.
• Fix hardware defects & software bugs actively on Cisco, Juniper and Arista networking hardware

Confidential, Houston, TX

Network Engineer

Responsibilities:

• Works with client engineering groups to create, document, implement, validate and manage policies, procedures and standards that ensure confidentiality, availability, integrity and privacy of information.
• Good understanding for virtualization technologies like VMware/Open stack and KVM Implementations.
• Researched, designed and replaced aging Cisco IOS firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
• Extensive knowledge of optical transport technologies, particularly OTN, DWDM, ROADM, TOADM and Ethernet.
• Performed site refreshes on Cisco switching and Avaya infrastructure at several locations.
• Configure and update network devices (ARISTA 7010T, 7150S, 7280r, Raritan KVM switches, Talari T860, Cisco 2960 x series, Nexus 7K, ISR 4400, Cisco Catalyst 3400/3600/3800 series) as customer requirement
• Decommissioning existing Meraki networks and license/network movement.
• Implementation of port forwarding rules on Meraki firewalls.
• Structured cabling termination and testing (Copper/Fiber)
• Installed, terminated and tested Cat 3, Cat5, Cat5e, Cat6, Telco cable (25 pr, 50pr etc.), Coax and Fiber
• Performed network closet construction (i.e.) racks, ladders, cable dressing etc.
• Performed work in commercial, residential, hospital, underground, casino, new construction and remodels
• Report daily to Professional Manager and Project Manager on Operations and Maintenance.
• Implemented Micro-services using Azure platform build upon Spring Boot Services and created workflows on TeamCity for setting up automated pipelines for CI/CD with Azure.
• Configuring and Managing AP's and WLC's using Cisco Prime Infrastructure.
• Adding the Floor Planes to the AirMagnet and Placing the Access Points in the appropriate location.
• Design and implementation of several Avaya deployment projects.
• Design, implement, and monitor re-design of corporate network with Cisco Meraki SD-WAN solution.
• Worked on the Versa SD-WAN solution, designed the test automation infrastructure for the entire suite of SD-WAN features.
• Worked on VPN configuration, routing, NAT, access-list, security contexts and failover in CISCO IOS firewalls.
• Experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 9K, 7K, 5K, 2K series, Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches.
• Expert in the configuration, implementation, of multiple Fortinet products, including fortigates, forti-analyzer, forti-manager, forti-authentication.
• Involved in Troubleshooting IP Addressing Issues and Updating IOS Images using TFTP.
• Used BMC Remedy tool for ticketing purpose.

Confidential, Dallas, TX

Network Engineer

Responsibilities:

• Configured and maintained rule sets in the firewalls and updated them on the daily basis.
• Monitors the network traffic and maintain the records with the help of SPLUNK.
• Knowledge of Cisco IOS firewall, VPN, GRE over IPSec tunnel configuration and Route-maps.
• Extensive knowledge of and experience configuring and troubleshooting layer 3 routing protocols (EIGRP, OSPF, RIP, BGP)and High Availability on Cisco devices.
• Create and validate SMOPS for upgrade, replace, add and remove Cisco VOD equipment.
• Work with Load Balancing to build connectivity to production & disaster recovery servers through Citrix Net scaler.
• Handling Modern related issue for Avaya.
• Experience on Code Upgrade for Cisco Routers including 7200, 3900, 2900, 881, 891 and Switches including 6500, 4500, Nexus 9K, Nexus 7k, Nexus 6k, Nexus 5k, Nexus 4k, ASR 9K, ASR 1K.
• Responsible for the deployment and associated tasks for the implementation of the tanium Endpoint Security and Systems Management product.
• Configuring rules and maintaining Palo Alto Firewalls& Analysis of firewall logs using Panorama.
• Successfully installed Palo Alto PA-3000/PA-5000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls and also implemented Zone-Based Firewall and Security Rules on the Palo Alto Firewall.
• Exposure to wild fire feature of Palo Alto.
• Configuration and Maintenance of Cisco IOS 5580-20, CISCO IOS 5540, CISCO IOS 5520, CISCO IOS 5510 series firewalls.
• Configuring and install hardware and software required to conduct network penetration testing.
• Configure Syslog server in the network for capturing and logs from firewalls.
• Configuring and troubleshooting site-to-site IPSEC VPN tunnels using Cisco IOS 5540 for third-party connectivity.
• Installed and configured a variety of Cisco devices like Cisco Routers (1841, 1900, 2600, 4331, 4800, ASRs and more), Cisco switches (3560, 3750, 4331 catalyst, 6500 catalyst Switch and more) and Nexus 7000 series, Nexus 5000 series, Nexus 2K Fabric Extenders and F5 appliances.
• Applied knowledge of Ethernet switch and router configuration to configuration/design MPLS connections.
• Understanding of Layer2/3 VPN's, MPLS, Metro Ethernet and LAN switching.
• Installed and configured high availability Big IP F5 LTM and GTM load balancers like 6600, 6800 to provide uninterrupted service to customer applications and monitoring the availability.
• Identified opportunities for implementation of network best practices, particularly F5 load balancer implementations.
• Configuring F5 Load Balancers: Adding virtual IPs, nodes, pools and health monitoring.
• F5 BigIP iRule programming and troubleshooting.
• Worked on F5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.
• Configure and Monitor Cisco Source fire IPS for alerts.
• Working with different teams to gather info for the new request and troubleshoot for any connectivity issues by capturing traffic using TCPDUMP and smart view tracker.
• Worked on VPN configuration, routing, NAT, access-list, security contexts and failover in CISCO IOS firewalls.
• Provide support to help desk for complex/major network problems. Build the rules for the application access across the IPSEC VPN tunnel
• Implemented configuration back-ups using Win SCP, cyberfusion to automate the back-up systems with the help of public and private keys.
• Deployment and Management of Bluecoat proxies in forward proxy scenario as well as for security in reverse proxy scenario.
• Worked on Blue Coat Proxy SG to safeguard web applications in extremely untrusted environments such as guest Wi-Fi zones.
• Maintained Call Accounting, Predictive Dialers, Octel Aria 250 Voicemail, Avaya Centre Vu IP Agent, VM Networks.
• Performing URL filtering and content filtering by adding URL’s in Blue coat Proxy SG.
• Working on the network team to re-route BGP routes during maintenance and FW upgrades.
• Utilized VMware ESX configured and installed it properly to implement Cisco, Microsoft Server 2008, Linux, MySQL builds, designs, throughout the entire Network Infrastructure.
• Running vulnerability scan reports using Nessus tool.
• Use of Citrix Net scalar for the application delivery control.
• Used Tufin firewall optimization tool and Splunk to analyze logs and perform Firewall policy cleanup
• Configure B2B VPN with various business partners and 3rd parties and troubleshoot VPN Phase 1 and Phase 2 connectivity issues including crypto map, encryption domain, psk etc.
• Provided administration and support on Bluecoat Proxy for content filtering and internet access to primary, remote site offices and VPN client users
• Follow information security policies, methods, standards, NIST standards and practices to organize information systems, IT reference material and interpret regulations.
• Monitor Intrusion Detection Systems (IDS) console for active alerts and determine priority of response.
• Configuration and Installation of Cisco Nexus 9K, 7K, 5K, 4K, ASR 1000 series.
• Actively use SIEM technology for searching and monitoring real-time events for network security and compliance.
• Review daily log data gathered from various resources such as sensors, alert logs, firewall logs, content filtering logs.
• Monitor Intrusion Prevention System (IPS).
• Experience with converting Cisco 6500 IOS to Cisco Nexus NX-OS in the data center environment.
• Install updates on new signatures.
• Working on day-to-day service tickets to solve troubleshooting issues.
• Experience using Service Now ticketing tool.