SUMMARY:

• 8+ years experience in Network and Security Design, implementation, support on LAN, WAN, Data center networks.
• Strong knowledge in Cisco Routing, Switching and Security with Cisco hardware.
• Experience in installing, configuring, and troubleshooting of Cisco Nexus 7k, 5k, 2k, Cisco 7600, 7200, 3800, 3900, 2800, 2900 series Routers, Cisco Catalyst 6500, 4500, 2960 and 3750 Stack Switches.
• Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP. Configured RIP, EIGRP, OSPF.
• Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200) series.
• Expertise in installing, configuring and troubleshooting Juniper Routers (E,J,M and T - series)
• Profound knowledge on various WAN technologies like E1/T1/E3/T3, HDLC, Frame-Relay and PPP.
• Implementing IP addressing schemes, Routing, Switching and Firewall Security, including hands-on experience in providing network support, installation and analysis for a broad range of LAN /WAN/MAN communication systems.
• Extensively worked on Cisco catalyst 6509 and implemented VSS along with VDC and VPC on Nexus 5505, 7009 switches.
• Proficiency in using and troubleshooting with help of reporting and incident ticketing tools such as Service Now, Remedy and Service Wise.
• Experience in L2/L3 3 protocols like VLANS, STP, VTP, MPLS and Trunking protocols.
• Solid Experience in Firewall technologies includes general configuration, risk analysis, security policy, and rules creation on Fortinet.
• Hands on Experience in Industry leading NAC Provider - ForeScout CounterAct Network Access Control design, testing, deployment and implementation.
• Advance Knowledge in Penetration testing tools such as Metasploit, Nessus, Qualys, Nmap, Zenmap, AppScan, SQL Map, Burp Suite, and IBM Appscan.
• Expertise in Configuration of Virtual Local Area Networks (VLANS) using Cisco routers and multi-layer Switches and supporting STP, RSTP, PVST, RPVST along with trouble shooting of inter-VLAN routing and VLAN Trunking using 802.1Q.
• In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
• Implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology (LACP, PAgP) etc.
• Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Hands on experience in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN.
• Managed inventory of all network hardware, Management and Monitoring by use of SSH, Syslog, SNMP, NTP.
• Expertise in OSI layer model/TCP/IP.
• Worked on INFLOBOX for network device monitoring.
• Extensive knowledge and experience of routing and switching protocols RIP v1 & v2, OSPF, EIGRP, BGP, NAT and VLAN.
• Have knowledge on various advanced technologies like VOIP, H.323, SIP, QOS, IPv6, Multicasting, and MPLS.
• Strong knowledge of TACACS+, RADIUS implementation in Access Control Network.
• Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.
• Experience in designing MPLS VPN and QoS for architecture using Cisco multi-layer switches.
• Implementing security policies using Cryptography, ACL, SDM, PIX Firewall, IPsec, VPN, and AAA Security on different series of routers.
• Strong hands on experience on PIX Firewalls, ASA (5540/5550) Firewalls.
• Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Experience in operational support, troubleshooting on an enterprise network and possess data capture skills in Cisco CSS, Citrix NetScaler devices.

TECHNICAL SKILLS:

Switches: Nexus 2K/3k/5K/7K, Cisco Catalyst 2900, 3500, 3700, 6500, 4500, 3850, 3560, 3750, 2960.

Switching: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Ether channels, Transparent Bridging.

Routers: Cisco 7600, 7200, 3800, 3600, 2900, 2800, 2600, 1800, 1700

Routing: OSPF, EIGRP, BGP, IS-IS, RIP v1/v2, PBR, Route Filtering, Redistribution, Summarization, and Static Routing.

LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet

WAN: PPP, HDLC, Channelized links (T1/T3), Fiber Optic Circuits, Frame Relay

Network Security: Cisco ASA 5500-X, SRX, ACL, IPSEC, NetScaler, F5 Load Balancer

Load Balancer: Cisco CSM, F5 Networks (Big-IP) LTM and GTM.

Gateway Redundancy: HSRP and GLBP.

WAN Optimizer: Riverbed Steelhead Appliance.

Various Features & Services: IOS and Features, IRDP, NAT, CDN, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP, FTP, DHCP and DNS Infoblox.

AAA Architecture: TACACS+, RADIUS, Cisco ACS.

Network Management: Wireshark, SNMP, Netflow, Solar winds, VMware, Opnet, SQL,SPLUNK, Qradar, Tripwire

Operating System: Windows 7/ XP, MAC OS X, Linux, UNIX, Windows Server 2003/2008.

PROFESSIONAL EXPERIENCE:

Confidential, Harrisburg, PA

Sr. Network Engineer

Responsibilities:

• Troubleshooting issues related to Layer 1/2/3 skills like switching / routing, WAN /Hardware and critical network links by coordinating with the vendor.
• Troubleshooting the Juniper SRX100 and 110 series, Juniper NetScreen routers with Site-Site VPN, and firewalls for Confidential Retail sites.
• Experience in the setup of HSRP, Access-Lists, and RIP, EIGRP, and tunnel installations.
• Proficiency in configuration of VLAN setup on various Cisco Routers and Switches.
• Regular upgrade and maintenance of Infrastructure, Installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800) Cisco Router and Switches, Juniper Routers.
• Operate and analyze results from enterprise detection systems such as Cisco Source fire and Tripwire.
• Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Installing and configuring new Cisco equipment including Cisco catalyst switches 6500, Nexus 7010, Nexus 5548 and Nexus 2k as per the requirement of the company.
• Configure legacy route map configurations using the new Cisco IOS XR Routing Protocol Language (RPL).
• Supporting EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations.
• Managed 2 "Hub" 1500D firewalls that handled URL/App filtering for the entirety of our customer-base being rolled out with Fortinet firewalls and Aps.
• Deployed & Supported new DMZ utilizing TRex firewalls, tripwire, snort, portsentry and sentry Watch to provide security and Apache Jakarta Tomcat with MySQL and PostgreSQL database for the new application.
• Installing and configuration of Splunk in a staging environment.
• Involved in finalizing the design for Corporate Wireless Network Access for NAC Solution, comprising of ForeScout CounterAct NAC Appliances in all WAN Consolidation Points, and Data Centers.
• Configure Splunk for log Monitoring, log rotation, activity monitoring.
• 24x7 on-call escalation support as part of the security operations team.
• Working closely with Data center management to analyze the data center sites for cabling requirements of various network equipment.
• Worked extensively on device profiling, authentication and authorization mechanisms using AAA, RADIUS, 802.1X, Policy buildups for Posture Compliance Policies and Rules for Checking the devices coming onto Network, Remediation Process, Access and Controls, and Segmenting the Global Networks for NAC Solutions for both Cisco and Forescout NAC Appliances
• Provided application level redundancy and availability by deploying F5 load balancers LTM.
• Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center including patching the cables in the Patch Panel. Design and implemented network.
• Worked on security tools and software such as CISCO WSA, Qualys, Splunk, Solar winds, Source fire.
• Hands-on experience in the network management of circuits using TDM and Frame Relay Managing and providing support to various project teams with regards to the addition of new equipment such as routers switches and firewalls to the DMZs.
• Planned, Prepared, Designed and Implementation of Cisco NAC Appliances in the Network comprising of Access, Distribution and Core Layers (All Cisco Catalyst Switches 4500s and 6500 Series.
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path.
• Extensive experience working with Qualys Guard to conduct Network Security assessments.
• Handling enterprise outages effectively and driving towards the resolution.
• Coordination of fault escalations in conjunction with the 1st high-level technical management of high priority or technically complex calls.
• Migrated Splunk config file to multiple remote servers.
• Providing to new comers and effectively working towards a process quality improvement in the Team.
• Experienced in Troubleshooting Splunk search quotas, monitor Inputs, WMI Issues, and Splunk.
• Performing troubleshooting on slow network connectivity issues, routing issues that involves OSPF, BGP and identifying the root cause of the issues.
• Firewall policy provisioning on Fortinet Fort iGATE appliances using FortiManager.
• Extensive hands-on experience with complex routed LAN and WAN networks, routers and switches.
• Hands-on experience with Ether Channel, Spanning Tree, Trunking, ACLs, Syslog.
• Work assigned tickets to determine the point of failure and resolve problems remotely utilizing available tools and other Operation Center resources.
• Analyzed and tested network protocols (Ethernet, TCP/IP) using Wireshark tool.
• Provide escalation support to L1 members of network team.
• Worked on Qualys for vulnerability management and Tripwire for real time threat detection.
• Worked with different ISP globally for any WAN circuit and BGP routing issues.
• Opening up cases for CE routers, Riverbed optimizer issues.
• Understand the JUNOS platform and worked with IOS upgrade of Juniper devices.
• Used QualysGuard vulnerability management software to prevent data breaches, to maintain compliance, and to ensure the business continuity.
• Work & escalate problems effectively in order to meet customer SLA's (service level agreements).
• Perform problem management and root cause analysis for customers as required.

Environment: Nexus 2k/5k/7k, Cisco 6500/7500/7200 Routers, Cisco 3550/4500/6500 switches, Juniper SRX100, LAN, WAN, OSPF, RIP, BGP, EIGRP, HSRP, PPP, VPN, Cisco ASA.

Confidential, Celebration, FL

Network Security Engineer

Responsibilities:

• Configuration and Administration of Cisco and Juniper Routers and Switches.
• Administration and diagnostics of LAN and WAN with in-depth knowledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
• Troubleshoot remote access services like Citrix Netscalar, Cisco VPN clients and for the users to access their enterprise network.
• Upgrading and troubleshooting Cisco IOS to the Cisco Switches and routers.
• High-level Designing and Low Level Designing of Cisco (WLAN) Wireless Networks, NAC Network Design for Global Network based in EMEA, NAR and APAC and coordination with global teams in delivering the proposed solution successfully.
• Experience in migration of Frame-relay based branches to MPLS based technology using multilayer stackable switch like 6500 series and 2800 series router.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Router/ Microsoft VPN Server in order to access certain limited network resources from customer locations.
• Installed and configured four PIX 525 and two ASA 5505 in customer locations. In addition to that, configured two PIX firewall for the Guest access.
• Configuring VLANs and implementing inter VLAN routing.
• Design and create dedicated VLANs for Voice and Data with QOS for prioritizing VOICE over the DATA on Catalyst switches and basic VOIP configurations.
• Testing E911, voicemail, Media gateways.
• Planning, performing and documenting updates and changes to bluecoat Proxy systems, McAfee and Palo Alto Firewalls.
• Configuration/Management Proxy IronPort S360/S650/S660/Bluecoat SG180/8100 Series/ (Bluecoat Director) /Web sense Appliances for Web Security/Access Control and filtering policies implementation.
• Configuring Site to Site to VPN connectivity.
• Evaluating, designing, developing and implementing updates to software and/or hardware for the Palo Alto Firewalls and Bluecoat Proxies.
• Implementation of HSRP, IPsec, Static Route, IPSEC over GRE, Dynamic routing, DHCP, DNS, FTP.TFTP, RAS.
• Worked on Extensively on Cisco Firewalls ASA 5500(5510/5540) Series.
• Documentation the entire deployment notes and policy sets.
• Conducted workshop for end user employees and provided helpdesk and facilitated the handover of NAC Project to the Verizon managed services provider.
• Responsible for investigating events and tuning all McAfee Point product policies, i.e. HIPS and Anti-Virus.
• Configure and maintain HIPS, Anti-Virus, DLP, and PA policies to comply with DOD HBSS requirements.
• Configured and deployed BIG-IP LTM 6900 for providing application redundancy and load balancing.
• Migrate studies from the Cisco ACE Load Balancer appliance to the Citrix NetScaler Load Balancer appliance.
• Involved in designing and implementation of wireless IPT devices.
• Involved in Disaster recovery, like diverting the form one data center to different data center when disaster occurs.
• Manage Netscaler load balancing and content switching policies.
• Involved in configuration of Cisco 6500 ACE switches.
• Worked on the upgrades on Cisco Routers during production maintenance windows.
• Configuring IPSLA monitor to track the different IP route when disaster occurs.
• Configured Site-to-Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
• Involved in Implementing, planning and preparing disaster recovery.
• Conducted periodic scans and on demand scan as and when new network devices are introduced or configurations are updated in the windows servers with Qualys Guard.
• Involved in configuring Juniper SSG-140.
• Involved in smart view tracker to check the firewall traffic.
• Troubleshooting hardware and network related problems.
• Stood up the Disaster recovery Netscalers, tested and validated.
• Design and create dedicated VLANs for Voice and Data with QOS for prioritizing VOICE over the DATA on Catalyst switches and basic VOIP configurations.
• Wide experience in implementing and managing F5 BIG-IP load balancing, including GTM, APM, ASM, and custom iRule development.
• Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.

Environment: Net Flow, TACACS, EIGRP, RIP, OSPF, BGP, VPN, SUP720, Ether Channels, Cisco 7200/ 3845/ 3600/ 2800 routers, Fluke and Sniffer, Cisco 6509/ 3750/ 3550/ 3500/ 2950 switches, Network edge routers, Switches, WAP, WLC, OSPF, BGP, VLAN, VTP, RSTP, STP (Spanning Tree Protocol), HSRP, IPSEC VPN tunnels, ACL, NAT/PAT, Firewalls (ASA), Netscaler Load balancer Pal Alto, Bluecoat Proxies.

Confidential, Harrisburg, PA

Network Security Engineer

Responsibilities:

• Implementation of analysis, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards.
• Worked with Juniper Firewalls.
• Configured and resolved various OSPF issues in an OSPF multi area environment.
• Configured CIDR IP RIP, PPP, BGP and OSPF routing.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Configured and troubleshoot OSPF and EIGRP.
• Planning and configuring the routing protocols such as OSPF, EIGRP, RIP, and Static Routing on the routers.
• Tested authentication in OSPF and BGP.
• Maintains network performance by performing network monitoring and analysis, and performance tuning, trouble shooting network problems.
• Skilled using Burp Suite, Acunetix Automatic Scanner, NMAP, Dirbuster, Qualysguard, Nessus, SQLMap for web application penetration tests and infrastructure testing.
• Troubleshoot traffic passing managed firewalls via logs and packet captures.
• Experience with Firewall Administration, Rule Analysis, Rule Modification.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Configuration, Troubleshooting and Maintenance of Palo Alto PA-5060, PA-5020 series.
• Implemented firewall rules in Palo Alto firewalls using Panorama for one of the environment.
• Monitoring and troubleshooting traffic on Palo Alto 5020 firewall.
• Experience with implementing and maintaining network monitoring systems (Cisco works and HP Open view) and experience with developing complex network design documentation and presentations using VISIO.
• Worked on Cisco Routers, Switches, and Juniper SRX/SSG Firewall.
• Implementing and configuring F5 LTM's for VIP's and Virtual servers as per business needs.
• Estimated Project costs and created documentation for project funding approvals.
• Configured ASA 5540 to ensure high-end security on the network with ACLs and Firewall.
• Working on Tufin and Splunk tool for firewall rule usage analysis and log analysis for Firewall rule optimization.
• Used IPSec VPN tunneling to provide access to user machines and partners in other network.
• Provided application level redundancy and availability by deploying F5 load balancers LTM.

Environment: Netflow, TACACS, EIGRP, RIP, OSPF, BGP, VPN, MPLS, CSM, SUP720, Ether Channels, Cisco 7200/3845/3600/2800 routers, Fluke and Sniffer, Cisco 6509/ 3750/3550/3500/2950 switches, Cisco ASA firewalls, Palo Alto, F5 LTM.

Confidential, Weehawken, NJ

Network Engineer

Responsibilities:

• Configured and deploying Cisco catalyst 6506, 4948E, 4510 switches and Cisco 3660, 3845, and 7609 series Routers.
• Configuring and resolving various OSPF issues in an OSPF multi area environment, Implemented, configured BGP WAN routing, converting OSPF routes to BGP (OSPF in local routing).
• Installing, configuring Cisco Catalyst switches 6500, 4948, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design.
• Experience working with Nexus 5020, 2148, 2248 switches.
• Involved in the troubleshooting aspects of complex network infrastructure using the routing protocols like EIGRP, OSPF & BGP.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500.
• Experience in migration of VLANS.
• Implementation of Access Lists for allowing/blocking desired traffic.
• Configuring VLANs/routing/NATing with the firewalls as per the network design.
• Responsible for Cisco ASA firewall administration, Rule Analysis, Rule Modification.
• Configuration and maintenance of ASA firewall systems.
• Good knowledge in systems integration, software hardware emulation experience.
• Configured and performed troubleshooting on link state protocols like OSPF in single area and multiple areas.
• Configure and support Private BGP Peering with transit providers.
• Configure BGP peering between L3 routers and core routers Ether channels.
• Experience in configuring, upgrading and verifying the NX-OS operation system.
• Troubleshoot issues with network connectivity and issues related to neighbor relationship and peers.
• Experience configuring Virtual Device Context in Nexus 5k series switch.
• Strong knowledge on networking concepts like TCP/IP, Routing and Switching.
• Designed, configured, implemented site-site VPN on Cisco ASA 5500 Firewall.
• Implemented, configured redundancy protocols HSRP, VRRP, GLBP for Default Gateway Redundancy.
• Worked on FortiGate’s 90-30 series and firewall virtual appliances.
• Worked in projects converting P2P circuits into MPLS circuits, commissioning and decommissioning of the MPLS circuits for branch offices.
• Performing network monitoring, providing analysis using Solar Winds.

Environment: Cisco 2948/3560/4500/3560/3750/3550/3500/ switches and Cisco 3640/1200/ 7200/3845/3600/2800 Cisco ASA 500, windows server 2003/2008: F5 BIGIP LTM, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP.

Confidential

Jr. Network Engineer

Responsibilities:

• Troubleshooting of personal computers. On line Support to customers concerning their computer problems.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Responsible for reporting day to day operations of all associated hubs, routers, bridges, gateways and related equipment.
• Configured BGP for CE to PE route advertisement inside the lab environment.
• Monitoring the network, troubleshooting network problems, implementing changes, communicating and working closely with vendors, customers, system administrators.
• Spearheaded meetings & discussions with team members regarding network optimization and regarding BGP issues.
• Plans, coordinates, implements and supports the LAN / WAN hardware, software and Internet /Intranet integration network connectivity, diagnose network failures and resolve any problems.
• Responsible for LAN and internet connection file and print server.
• Maintained and installed new internet connections for customers.
• Validate existing infrastructure and recommend new network designs.
• Installed and maintained local printer as well as network printers.
• Handled Tech Support as it relates to LAN & WAN systems.
• Handled installation of Windows NT Server and Windows NT Workstations.
• Maintained and installed new internet connections for customers.
• Used various scanning and sniffing tools like Wire-shark.

Environment: Cisco catalyst 2960/4550/5550 switch, Cisco 2880/3700/3880 router, LAN, MAN, BGP and DHCP.