We provide IT Staff Augmentation Services!

Sr. Network Engineer/ Systems Design And Strategy Resume

0/5 (Submit Your Rating)

Seattle, WA

SUMMARY

  • 8 years of extensive experience in network design, implementation, troubleshooting, engineering, managing & migration of large - scale enterprise Campus networks and Data Center networks.
  • Excellent knowledge and experience on different platforms like Cisco, Juniper, Checkpoint, ASA, Palo Alto, F5 Big-IP LTM load balancers.
  • Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
  • Configuring and implementing routing protocols including RIP, TCP/IP, and RIP v1/v2, OSPF, EIGRP and BGP.
  • Strong Knowledge in WAN technologies including E3, E1, T1, T3, ISDN, HDLC, Point to Point, ATM and Frame Relay and PPP.
  • Experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K, 2K series
  • Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series and Cisco catalyst 6500, 4500, 3750, 3500 and 2900 series switches.
  • Configuring VDC & VPC in Nexus 9k, 7k, 5k and 2k.
  • Experience in working with IPSEC Site to Site, Remote VPN using different encryption methods.
  • Experience in installing, configuring and troubleshooting of Checkpoint Firewall and Juniper MX series.
  • Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
  • Configured Client-to-Site VPN using SSL Client on Cisco ASA 5520.
  • Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs.
  • Collaborated with third party vendor in cabling, configuring, and introducing new pair of F5 load balancer in the datacenter.
  • Experience in installing and configuring DNS, DHCP server.
  • Experience in installing and troubleshooting of WAN technologies like T1/T3, DS3, STM1, OC3, SONET, Gigabit and STM4 circuit types
  • Strong knowledge of TACACS+, RADIUS implementation in Access Control Network.
  • Developed and presented LAN/WAN/WLAN network engineering design packages.
  • Experience in Network Protocol Testing and analyzing the Signaling of VoIP Protocols H323 and SIP as per standard RFCs.
  • Participated in a 24/7 working environment to resolve urgent trouble tickets filed by customer security admins.

TECHNICAL SKILLS

Operating Systems: Cisco IOS, Windows NT 4.0 (Desktop/Server), Windows 2000/2003/2008/2012 Server, Windows XP/Windows 7/8, LINUX, UNIX, MS Exchange server, Solaris, Active Directory.

Equipment’s (Switches & Routers): Cisco routers (7600, 7200, 3900, 3600, 2800, 2600, 2500, 1800 series, ASR 1K, 9K) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series, juniper SRX, MX480, 240, 80 series, EX Series Routers and Switches.

Routing: OSPF, EIGRP, BGP (EBGP/IBGP), RIP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing, IPV4, IPV6.

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing &Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging.

Firewalls: ASA 5500 series, checkpoint, Juniper Netscreen Firewall ISG100, 2000, SSG, SRX, Palo Alto.

Load Balancer: ACE Module, GSS & F5 LTM

LAN Technology: Workgroup, Domain, HSRP, DNS, DHCP, Static, VLAN, STP, VTP, Ether Channel, Trunks.

WAN technology: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET.

Various Features &Services: HSRP, VRRP, GLBP, NAT, SNMP, SYSLOG, NTP, CDP, DNS, TFTP, FTP, IOS and Features, Management. Wireshark, IXIA chariot, Packet Sniffer, Packet Analyzer and Solar Winds Breaking Point, TCPDump, Python.

Wireless & Wi-Fi: Canopy Wireless Device (point to point/point to multipoint), DLink Wireless (point to point), DLink Access Point, CISCO 1200 series Access Point, and Linksys Wireless/Wi-Fi Router.

PROFESSIONAL EXPERIENCE

Confidential, Nashville, TN

Sr. Network Engineer

Responsibilities:

  • Configuring Static, IGRP, EIGRP, and OSPF Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers.
  • Successfully implemented the datacenter segmentation project with 7K, 5K and 2K Cisco Nexus architecture, ISR and ASR 1001, 1004, 1006 series routers
  • F5 BIGIP 4000s and 7200v load balancers and Palo Alto Pa-5000/3000 series firewalls.
  • Supporting EIGRP, OSPF and BGP based network by resolving level 2 & 3 problems of internal teams & external customers of all locations.
  • Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
  • Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
  • Configured Nexus 7000, 5000, 2000, ASR 9k, Cisco 6500, 3560/3750s series multilayer switches.
  • Handling Complaints for Intranet and Extranet over MPLS backbone. Checking the connectivity between different locations.
  • Implemented, configured BGP WAN routing, converting OSPF routes to BGP (OSPF in local routing).
  • Perform ISSU upgrade on Nexus 7010 devices by operating the supervisors in active/standby mode on the devices by determining ISSU compatibility.
  • Configuring objects such as Load Balancer pools for local traffic management on F5 Load Balancers.
  • Worked on updating the SSL certificates to the application URL using the F5 LTM and F5 GTM.
  • Designed application mapping and application delivery using F5 BIG IP LTM.
  • Provided design, engineering, and implementation of new F5 deployment and transition from Cisco ACE and CSS environment. Implement F5 APM for new SSL VPN access with F5 GTM.
  • Licensing and provisioning of F5 modules such as LTM, GTM, VCMP (Virtual Cluster Multi Processing.
  • Configured different load balancing methods on F5 LTM & GTM and worked on one-connect profiles and HTTP compression and several persistence profiles.
  • Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
  • Successfully configured and maintained Site to Site IPSEC and SSL VPN's on Palo Alto firewalls.
  • Configuring rules and Maintaining Palo Alto & Analysis of firewall logs using various tools.
  • Exposure to wild fire advance malware detection using IPS feature of Palo Alto.
  • Responsible for Cisco ASA firewall administration across the Network. Installing & rebuilding IP appliances, checkpoint appliances. Configuring & troubleshooting Checkpoint ClusterXL& VRRP.
  • Involved in configuration of Access lists (ACL) on ASA firewall for the proper network routing for B2B network connectivity.
  • Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
  • Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
  • Provided proactive threat defense with Cisco ASA that stops attacks before they spread through the network.
  • Responsible for Cisco ASA firewall administration across the Network. Installing & rebuilding IP appliances, checkpoint appliances. Configuring & troubleshooting Checkpoint ClusterXL& VRRP.
  • Configured ACLs in Cisco 5540 ASA firewall for Internet Access requests for servers, Protocol Handling, Object Grouping and NAT.
  • Provide second/third level technical support for ACI (Application Centric Infrastructure) technologies.
  • Monitoring the network traffic with the help of Qradar and Cisco IPS event viewer.
  • Implementing and troubleshooting (on-call) IPsec VPNs for various business lines and making sure everything is in place.
  • Implementing IPsec and GRE tunnels in VPN technology. Designed, configured, implemented site-site VPN on Cisco ASA 5500 firewall.
  • Integrating Configuring Cisco ASA Firewalls with ISE to the Posture policy compliance perform CoA for remote VPN IPsec, SSL AnyConnect users.
  • Monitored and analyzed Intrusion Detection Systems (IDS) & Intrusion Prevention System (IPS) to identify security issues for remediation.
  • Implemented Juniper SRX FW Interface, MIP and VLAN using NSM.
  • Configuration of new Juniper SRX firewalls for remote site implementation.
  • Configuring DNS and DHCP scoops using Infoblox.
  • Integrating Configuring RSA SecurID with ISE for Token based authentications using RSA Native method RSA RADIUS method for user's remote VPN users.

Confidential, Seattle, WA

Sr. Network Engineer/ Systems Design and Strategy

Responsibilities:

  • Redesigns and upgrades corporate/datacenter backbone to 10G DWDM on Cisco ONS and Nexus class infrastructure.
  • Implements and monitors MPLS (MPLS-VPN), QoS (Layer 2 and Layer 3) and BGP technology.
  • Designs 10 gigabit networks using Cisco Nexus 7000 series switches and Cisco 3800 series routers.
  • Analyzes and tests network protocols (Ethernet, TCP/IP) using WireShark tool.
  • Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811
  • ISR routers and switches at access level to 2950, 3550. This project also involved in configuring and testing EIGRP and BGP protocols.
  • Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Nexus 9k, 7k, 6k, 5k switches and Catalyst 4500 switches.
  • Configured Nexus 7010 including NX-OS Virtual Port Channels, Nexus port profiles, Nexus Version 4.2 and 5.0, Nexus VPC peer links.
  • LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems).
  • VLAN's design and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.
  • Design and integration of Juniper SSG series firewalls, SA VPN Appliances, J series Routers and EX-series switches.
  • Managed Plan of Record with PLMs/SE/Sales/Marketing and followed up and monitor product lines of Juniper routing/switching/security portfolio (MX, PTX, EX, SRX).
  • Configuring RIP, OSPF and Static routing on Juniper M and MX Series Routers.
  • Implemented site to site VPN in Juniper SRX as per customer Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
  • Developed and implemented core network consolidation plan. Included redundant configuration of Juniper EX8200.
  • To support 64-bit machines Cisco SSL VPN ASA5500 is migrated to Juniper SSL VPN 6500.
  • Configuring Routing protocols like BGP, OSPF, MPLS, multicast and L2 protocols in Cisco ASA to check it is passing through via ASA in customer deployments.
  • Converting Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
  • Creating a rule on the checkpoint firewall for a NAT (used ACLs to block unauthorized users) to the VLAN IP and allowing the IPsec traffic.
  • Migrated from Checkpoint to Cisco ASA firewall. Implemented Bluecoat Proxy 810 security devices. Third Party security appliances to Cisco technologies.
  • Configuring Site-Site VPN on Checkpoint Firewall with R77 GAIA.
  • Regularly performed firewall audits around CheckPoint Firewall-1 solutions for customers.
  • Provided tier 3 support for CheckPoint Firewall-1 software to support customers.
  • Implemented Checkpoint FW Interface, NAT and VLAN using R77 GAIA Smart Dashboard.
  • Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
  • Worked on the migration of existing PIX firewall to ASA firewall, PIX OS upgrade from 6.3 to 7.0.
  • Implemented F5 hardware refresh of older 3600 hardware to Viprion.
  • Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
  • Building the VPN tunnel and VPN encryption.
  • Experience CSM, F5 (LTM) Load balancers to provide efficient switching and routing for local and global traffic.
  • Configuration and installation for F5 reverse proxy load-balancers.
  • Determining the functionality with the DNS naming conventions and migrations from old load balancing environments to the F5 environment both 10.x and 11.x.
  • Contributed in implementation and configuration of F5 BIG-IP LTM-6400 load balancers, redistribution into OSPF on the core ASA firewall, working with Checkpoint Support for resolving escalated issues.
  • Plan, design and test the application migration from F5 load balancer to new A10 load balancers.
  • Creating App by APP configuration conversions from F5 to A10 load balancers and test it in Lab.
  • Created WIDE-IPs, WIDE-IP Pools and corresponding members in GTM’s.
  • Worked with Juniper SRX550 and Palo-alto Next-Gen PA-5000 Firewalls implementing and managing NAT, IPsec, site-to-site and remote VPNs, advanced inspection, anti-spoofing and AAA policies.
  • Contributed in implementation and configuration of F5 BIG-IP LTM-6400 load balancers, redistribution into OSPF on the core ASA firewall.

Confidential

Network Engineer L2

Responsibilities:

  • Configuring, managing and troubleshooting networks using routing protocols like RIP, EIGRP and OSPF (Single Area and Multi Area).
  • Troubleshoot MPLS issues with in the core and edge.
  • Implementing, configuring, and troubleshooting various routing protocols like RIP, EIGRP, OSPF, and BGP.
  • Maintaining & Troubleshooting L2 LAN switches.
  • Analyze Level 1 issues based on TCP/IP model of Communication.
  • Monitor/support the WAN, MAN, LAN, VPN, switches, routers.
  • Working on DNS, DHCP Request.
  • Performed migration of legacy Bigip and 3-DNS devices to newer version of LTM 8900 boxer.
  • Worked on Checkpoint Firewalls Clusters of both High-Availability and Load-Sharing. Implemented firewall policy change on the Checkpoint clusters.
  • Worked on projects of Migrating CMA R65 to R77 through Provider-1, MDS Environment.
  • Providing requested permissions by adding/modifying the Checkpoint Firewall Policies and rules.
  • Implementing and Managing VPN Networks of the Customer through Checkpoint firewalls.
  • Created VSYS Builds from Checkpoint to Palo Alto Panorama Database Zone, Access Zone.
  • Configured Checkpoint Firewall's Web Defense to mitigate malicious traffic.
  • Palo Alto App ID migration from the legacy-based port rules for PA 5060, 7050.
  • Integrating Palo alto firewall with Active directory for user-identification.
  • Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
  • Installation of Palo alto user-id agent on Active directory, Migrating URL filtering policies from Bluecoat to Palo alto.
  • Integrating Configuring Cisco Wireless LAN Controllers WLC with ISE to perform Dot1x authentication for Wireless users.

Confidential

Network Engineer

Responsibilities:

  • Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team.
  • The LAN consisted of Cisco campus model of Cisco 3550 at access layer, Cisco 6513 at distribution/core layer.
  • Created OSPF multi area summarization plan. Created stub, totally stub areas.
  • Tested routers and Line Cards using SmartBits and done Performance Analysis of both LAN/WAN infrastructures.
  • Upgraded distribution switches from .
  • Involved in managing the Routing Protocols OSPF and BGP on 7200 and 7600 and on ASR
  • Interacted with business users from a service delivery and service support perspective.
  • Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing.
  • Configured Routing protocols such as VLANs, VTP, STP, MSTP, VRRP and HSRP
  • Configured STP for switching loop prevention, and VLANs for data and voice along with configuring port security for users connecting to the switches.
  • Negotiate VPN tunnels using IPsec encryption standards and also configured and implemented site to site VPN and remote VPN
  • Configured NATs, ACL and routing on Cisco routers, firewalls, and layer 2 & layer 3 switches.
  • Configured policy-based routing for specific traffic, route filtering with route maps and route redistribution.
  • Implemented Network monitoring tools Wireshark and Manage Engine IT360.
  • Implemented IP Telephony and Cisco VoIP 7960 phone systems in the company.
  • Worked in Multi-vendor environment containing Juniper, Cisco and Nortel routers.
  • Worked as a member of NOC and involved in troubleshooting LAN/WAN issues.

We'd love your feedback!