SUMMARY:

• Professional with 5+ years of experience in routing, switching, firewall technologies, system design, implementation, troubleshooting of complex network systems, enterprise network security, wireless design, data network design, capacity management and network growth.
• Extensive hands - on experience in Palo Alto, Juniper and Cisco network design, deployment and troubleshooting. Experienced with implementing the firewall rules on Checkpoint
• Have in depth knowledge and working experience on NxOS CATOS, Native IOS.
• Extensive experience in configuring and troubleshooting of routing protocols RIP v1/v2, EIGRP, OSPF, BGP and TCP/IP.
• Worked on network topologies and configurations, TCP/IP, UDP, Frame Relay, Token ring, ATM, bridges, routers, hubs and Switches
• Have experience installing and troubleshooting Cisco routers and switches.
• Strong hands on experience in installing, configuring, and troubleshooting of Cisco 7600, 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950, 3500XL, Nexus 5K, 7K series switches.
• Switching tasks include VTP, ISL/ 802.1q, IPSec and GRE Tunneling, VLANs, Ether Channel, Trucking, Port Security, STP and RSTP.
• Configuring juniper router and switches.
• Worked on Juniper switches such as EX-4200/EX-8200
• Setup and configured SevOne network monitoring tool.
• Deploying F5 load balancing in a network environment.
• Network security including NAT/PAT, ACL, VPN Concentrator, IDS/IPS, and ASA/PIX/ASR Firewalls
• Strong work experience with the following technologies MPLS, Q0S, VPN, WLAN and Multicast.
• Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP. Configured RIP, EIGRP, OSPF.
• Experience in installing and configuring DNS, DHCP server
• Gained experience working with Layer-2 and Layer-3 Switching and Security
• Gained expertise in writing test procedures and test plans with a strong understanding of design, implementation, and execution of testing methodologies.
• Good knowledge of Switched Virtual Interface.
• Strong knowledge in HSRP, VRRP redundancy Protocols. Fault Tolerance using HSRP and VRRP.
• Good knowledge of OSI Model and TCP/IP networking standards with protocols such as SNMP, FTP, ICMP and IPv6.
• Extensive hands-on experience with complex routed LAN and WAN networks, routers and switches.
• Have extensive experience in setting up LAN and troubleshooting related issues. Have WAN awareness and assisted in setting up and troubleshooting various WAN related issues.
• Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution, and Core layers.
• Experience in the setup of Access-Lists, and RIP, EIGRP, and tunnel installations
• Proficiency in configuration of VLAN setup on various Cisco Routers and Switches
• Installation of retail shops equipment’s such as POS workstations and servers, Shoppers Tracking Systems and Modems.
• Experience with Change management process and Project documentation tools like Excel and VISIO

TECHNICAL SKILLS:

LAN Technologies: VLAN, VTP, Inter-Vlan routing, STP, RSTP, PVST, IGMP, 802.1x

WAN Technologies: Frame Relay, ISDN, PPP, ATM, MPLS, Channel & Leased lines, SES

Network Securities: NAT/PAT, VPN, Filtering, Load Balancing, IDS/IPS, IPSec, ACL

Routing Protocols: RIP, EIGRP, OSPF, BGP, HSRP, PIM, IPv6

Routed Protocols: TCP/IP, IPX/SPX

Infrastructure Services: DHCP, DNS, SMTP, POP3, FTP, TFTPNetwork Managements: SNMP, SSH, Telnet, ICMP

IP Telephony: VOIP, FXO/FXS/E&M/T1/ISDN/ PRI, Call manager Express.

Operating Systems: Windows 8.1/ 7 /Vista/XP/NT/2003, MS DOS,IOS, UNIX, Linux

Languages/ Tools: C, C++, VBScript, Visual Studio 2008, MATLAB, Dream weaver, Python

PROFESSIONAL EXPERIENCE:

Confidential, Redmond, WA

Sr. Network Security Engineer

Responsibilities:

• Configuration and troubleshooting of Firewalls ASA 5506, ASA 5510, Checkpoint VPN­1 R75/R77.F
• Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco ASA and Check Point firewalls.
• Configuring failover and working on ssl-vpn when in active/standby failover on ASA.
• Designs, tests and deploys IT security systems and solutions.
• Bluecoat IP Address Management (IPAM).
• Experienced in WNMS,OMCR, L3 Support and Troubleshooting for RAN Network.
• Expertise in implementing Security policies like VPN, Access list and NAC appliances.
• Software updates and management for Brocade VDX Fabric switches and ICXs in either top of rack or stack configuration.
• Establish new and tear down old IPSEC and DMVPN connection to 3rd party sites.
• Providing network cable connections For Switches, Servers, IBM Brocade, and WAN Circuits
• Created dynamic access policies on the ASA’s for the offshore vendors to be able to VPN in and access the resources they needed for their testing purposes.
• Upgraded the code on multiple ASA’s from 8.2 to 8.4 which required a very great deal of configuration changes especially due to the change of syntax for building NAT’s on 8.4.
• Planning, designing and implementation of moving multiple DMZ’s on FWSM’s to ASA’s by creating Multi-Context Environments on the ASA.
• Configured and maintain Brocade VDX 6740 and ICX 7250 switches for Digital Insurance Inc. Data Center.
• Maintained and configured Brocade 300 SAN Switch & Brocade VDX 6720 Switches as well as HP Storage Works 8/8 SAN Switch and HP 3020 Blades series switches.
• Installing and configuring FWSM and ACE modules on Cisco 6509 distribution switches.
• Planning and designing to in corporate McAfee’s IDS/IPS devices into Lowes network at optimized network locations.
• Experience configuring Brocade devices for network monitoring and for carrier caching.
• Managed application delivery controller for next-generation data centres using Brocade Serveriron ADX 1000 and 4000 switches. Configured SNMP on all the network devices and added them to Solarwinds for monitoring.
• Configured Routing protocols such as OSPF, BGP static routing and policy based routing.
• Configured HSRP and VLAN trunking 802.1Q, VLAN Routing on Nexus 7k, 5k and Catalyst 6500 switches.

Sr. Network Engineer

Responsibilities:

• Providing Network support for Blackboard/IBM. This includes deploy/support/migration on R&S and FW Specially in Brocade MLX and MLXe Devices.
• Building configurations for management devices ICX 7450.
• Providing Network Security support for BB/IBM. This includes deploy/support/migration on R&S and FW Specially in Brocade and Checkpoint devices
• Key responsibility area is to manage network and provide expertise in implementation and support to the LAN/WAN network (Incident, fault, capacity, configuration, change and release management)
• Participating actively in projects to understand the requirement and then providing /implementing solutions keeping in mind the timelines.
• Attending monthly governance meetings with the customer for discussion on SLA and issues faced and upcoming changes.
• Preparation of weekly and monthly ticket reports
• Coordinating with customer on call support to migrate network, handover the finally commissioned devices.
• Configuration and Management of VLAN, VTP, Ether-Channel, STP
• Configure Routing protocols like BGP, OSPF & EIGRP etc.
• Configure redundancy protocols like HSRP/VRRP High availability.
• Configure VLAN, SVI, Port Security, Ether Channel, and ACL etc.
• Configuration of Routers/Switches and Resolving technical issues to bring up new sites.

Sr. Firewall Security/Network Engineer

Responsibilities:

• Worked on call flows involving IMS architecture - VOLTE, IP messaging (RCS).
• Performed Proxy testing which serves Layer-7/ HTTP traffic and other Proxy features like HEADER ERICHEMENT, TFD, LTMI and Video Optimization.
• Collaborated with team members on Key Management Plan for the Intelligence Community (IC ) PKIRoot.
• Configuration of routing protocols EIGRP and BGP for little to medium sized branches supported company branch standards, together with distribution and route maps.
• Centralize and unify network access policy management with Cisco ISE to provide consistent, highly secure access to end users, whether they connect to your network over a wired, wireless, or VPN connection.
• Lead the testing team on Virtualized Proxy which supports port 80 traffic in connected car project.
• Involved in test case design, execution and also analyze the traces and perform root cause analysis on issues.
• Experience and worked on protocols: SIP, DIAMETER, HTTP, GTP, RADIUS, and TCP/IP.
• Firewall Log monitoring using RSA Envision and Q RADAR.
• Manage a variety of other security appliances (Bluecoat proxy servers, IDS/IPS appliances, NAC Appliances, network taps, etc.
• Good knowledge of PaloAlto Firewalls and the Panorama Network Security Management Box.
• Choose WAN services to meet customer requirements. MAN, Frame Relay, T1
• Worked on F5 BIG-IP LTM 8900, Citrix and Netscalar configured profiles, provided and ensured high availability.
• Working with carrier Ethernet technologies like L2vpn, VPLS, VPWS.
• Configured various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
• Redesign of Internet connectivity infrastructure for meeting bandwidth requirements.
• Configured HSRP and VLAN trunking 802.1Q, VLAN Routing on Catalyst 6500 switches.
• Optimized performance of the WAN network consisting of Cisco 3550/3560/6500 switches by configuring VLANs.
• Brocade VDX Fabric switches and Citrix NetScalers for user VDI sessions.
• Configure Data Center Switches for Fabric Path in a Spine and Leaf topology with the TRILL technology utilizing Switch Ports and Links. Configure VPC's for Link and path Redundancy for VDX's on Fabric.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture and Implementing 802.1x on access switches
• Worked on troubleshooting, installing and configuring Brocade Serveriron products
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Configuration and troubleshooting of Cisco 2600, 3000, 7000 Series routers.
• Providing Technical Support and solutions for Network Problems. Implemented NAT solution's on WAN applications.
• Planned, tested and evaluated various equipments, systems, IOSs and procedures for use within the Network / security infrastructure. Configure and administer Brocade 12000 and 48000 SAN Switches Brocade
• Upgrading IOS, troubleshooting network outages.
• Continually monitor, assess and improve network security, test and implement new security technologies.
• Operate, troubleshoot, and configure diverse network platforms, including virtual environments and vendors like Cisco, Juniper, Brocade, and F5.
• Good knowledge on Cisco ACE load balancers and worked with server team on some servers.
• Participate in all technical aspects of LAN, WAN, VPN and security Internet Service projects including, short and long term planning, implementation, project management and operations support as required.
• Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco PIX Firewall.
• Create, manage/maintain end-user and Admin Accounts on all PKI System Servers in the infrastructure (33 Servers)
• Configuring & managing around 500+ Network & Security Devices that includes Juniper (NetScreen) Firewalls, F5 BigIP Load balancers, Citrix Netscalar and 3DNS, Blue Coat Proxies and Plug Proxies.
• Streamline BYOD and enterprise mobility with easy, out-of-the-box setup for self-service device onboarding and management with Cisco ISE (Identity Services Engine)
• Involved in Corporate Sponsored Data and SOCKS, Toggle Voice testing
• Worked on Sd interface testing and performance testing, failover resiliency
• Dealt with EAP-AKA authentication
• Implementation of EAP-AKA protocol on voice over WIFI calling
• Implemented DER and DEA, Post challenge request messages for authentication on AAA and HSS
• Implementation of Radius and Diameter (RFC 3588,RFC 4072) interface with EAP for AAA Controller
• Integration of EAP module with R6 module.

Sr. Firewall Security/Network Engineer

Responsibilities:

• Worked with Cisco Layer 3 switches 3750,4500,6500; Cisco Nexus 5596 and 7010 in multi VLAN environment with the use of inter-VLAN routing, 802.1Q trunk, ether channel
• Configuring objects such as Load Balancer pools for local traffic management on F5 Load Balancers.
• Extensively used TCP/IP tool like TELNET for remote login to the routers and SSH for secure login.
• Configuring and Maintaining TACACS+ for AAA.
• Work on Web based protocols FTP, HTTP, SSL, TFTP, RTP, TELNET, SSH
• Troubleshooting and verification of FabricPath.
• Work with vendors to test/setup security tools such as Cisco AMP, CES, ISE, CWS, OpenDNS, McAfee NSM, Nessus PVS.
• Create drive test routes on maps and imported/exported using MapInfo
• Designed network architecture using MS Visio based on client requirements and implemented 3ComRouters, Procurve Switches and Checkpoint firewalls
• Using Microsoft Forefront TMG we were able to intercept and analyse all the DNS traffic destined for the published DNS servers.
• Good at Routing Protocols like EIGRP, OSPF, BGP, DMVPN, and Wireless
• Managed IP addressing and implemented IP Access Lists.
• Worked extensively on Cisco Firewalls, Cisco PIX &ASA 5500(5525/5585), Palo Alto 200 Series.
• Experience with Firewall Administration, Rule Analysis, Rule Modification.
• Configuration and administration of Cisco Switches and Routers 3900/2900/7200.
• Installed and maintained network hardware and software. Managing Palo Alto firewall.
• Troubleshooting network problems. Implementing F5 Big-IP LTM-6400 load balancers in a network environment.
• Implement / Support BGP, EIGRP, DMVPN, MPLS, WAN, GRE Tunnels, Juniper SSL VPN
• Support to plan and execute LAN (VLAN Management) and WAN management activity.
• As a LAN Support point of contact give response to initial trouble calls.
• Directly worked with customers to offer Level 2, Expertise in handling routers, servers, and switches.
• Worked with Cisco ASA and ASR Firewall.
• Configured Cisco 2911, 2921, 2951 routers, Cisco 2960 - 3560 switches, Cisco 5520 Firewalls, Cisco Wireless LAN controllers and Access Points, Brocade VDX and ICX switches, Force 10 C300 switch, Fortinet F600 firewall, Windows 2008 & 2012 servers. Installed and created Vlans and VPCs for Nexus 5K
• Installed Wireless (802.11) Network.
• Completed the migration of Cisco 6509 Cores to Brocade MLX Cores and VDX 10 GB LAN infrastructure at Data Center in 2012. Installed Brocade Fiber Switch units in support of Storage Area Network (SAN)
• Provided customer support including daily backup procedures, testing network connections, equipment installation and turn-up, and remote hands assistance.
• Extensive implementation of firewall rules on Juniper 5600, Juniper SRX 3600, and SRX 100 on a daily basis, using NSM, as well as CLI when needed. Supporting Murphy's LAN and WAN connectivity at the Data Center includes the Cisco MPLS routers, Brocade MLX Cores, VDXs and all the IDF's FCXs AND Cisco switching infrastructure.
• Having knowledge on OSPF & EIGRP Routing protocols.
• Developed maintenance and operating standards for computer hardware and software.
• Experienced with physical layer interfaces and cabling standards. Troubleshooting and supporting multiple OS and hardware environments.
• Managing Microsoft Forefront Threat Management Gateway (TMG) and Blue Coat Proxy SG.
• Experience in security solutions with products from Cisco (routers, switches, ACS) ; Juniper (Firewall) PaloAlto Networks (PanOS) ; NetApp (SAN &Snap Manager) ; Symantec (SEP & SEPM) ; McAfee (all products) WebSense
• Implementing security Solutions using PaloAlto Pa-5000/3000, Cisco ASA, Checkpoint firewalls R75, R77.20 Gaia and Provider-1/MDM.
• Used IXIA-VeriwaveATA for different client testing, Ixia-Veriwave for simulating client roaming andIXIA Veriwave-QOE for real world client deployment tests
• Responsible for nightly maintenances including Big F5, ACS, all Cisco ASAs, Citrix Netscalars.
• Experience with ALG (RTP, RTSP and FTP, DNS, HTTP), DHCP.
• Configures and managed Nexus 2248 and 2400 series of wireless controller.
• Implemented port aggregation & link negotiation using LACP and PAGP.
• Configured site to site VPN technologies using IPSEC.
• Worked on Cisco Routers, Active /Passive Hubs, Switches, paloalto firewalls, Cisco PIX Firewall,Nortel VPN Concentrators TCP/IP, NAT and Checkpoint ESX/GSX firewall.
• Designed, Configured and maintained Bluecoat reporter 10.
• Involved in design, implementation and configuration of HSRP for load balancing on L3 switches on different location of office on the switched Network.
• Responsible for implementation and monitoring of enterprise PaloAlto perimeter firewall infrastructure, Splunk SIEM, and others.
• Experience in introducing different concepts like Full mesh and synchronization to prevent the creation of Traffic Black holes.
• Choose WAN services to meet customer requirements. MAN, Frame Relay, T1
• Propose network redesign based on client hardware guidelines, network policies and individual site's unique characteristics.
• Operating, administrating, managing & testing of carrier Ethernets
• Manage and support Citrix Farm in XenApp 6.5 environment
• Operated on Nexus 7000, 5000, 2000 in a FabricPath topology
• Worked with Routing Protocols of OSPF, and BGP.
• Managed RSA authentication server; managed and troubleshot users.
• Technology support for: Cisco ACI, NSX, Open Source solutions, AWS/Azure VPC, ATT Netbond, Arista VTEP & VxLAN, Hitachi UCP, and many more.
• Worked on configuring and troubleshooting Nodes, Pools, Profiles, Virtual Servers, SSL Certificates, iRules and SNATs on the F5 Big IPs using the Web GUI and CLI.
• AeroScout deployment and integration with Prime NCS/ MSE for Obstetrics unit for RFID tracking
• Query building and threat detection using RSA Analytics, PaloAlto Panorama NGFWs, TippingPoint, WildFire, etc
• Used Cisco ISE for Security Policy Attributes.
• Worked on F5 BIG-IP LTM 6900, configured profiles, and provided and ensured high availability
• Worked on F5and CSM load balancers deploying many load balancing techniques with multiple components for efficient performance and F5 TMOS architecture.
• Identify and assist in developing wireless networking solution offerings in environments mixed vendor environments using 802.11 wireless access points' networks.
• Using Data Traffic generators lxia network and sprient to test the L2/L3 Protocols.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5585 Firewalls.
• Implementing security Solutions using PaloAlto Pa-5000/3000, Cisco ASA, Checkpoint firewalls R75, R77.20 Gaia and Provider-1/MDM.

Firewall/Network Engineer

Responsibilities:

• Responsible for entire LAN and WAN maintenance and troubleshooting of the company network
• Involved in the Team of Data Center Operations to perform duties like administration and deployment of Cisco Routers and Switches according to the organization requirements
• Experience with moving data center from one location to another location, from 6500 based data center to Nexus based data center.
• Configured Bluecoat as a forward proxy for all Web URL Filtering.
• Worked with the data center planning groups, assisting with network capacity and high availability requirements
• Worked on cisco IPS.
• Proficiently implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, Route Maps and route manipulation using Offset-list.
• Knowledge and skill of 802.11 a/b/g/n LAN normal for wireless Technology.
• Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments in data center
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 7010 5000 series to provide a Flexible access Solution for a datacenter access architecture
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000
• Experience with setting up MPLS Layer 3 VPN cloud in data center and also working with BGP WAN towards customer.
• Deliver best practices guidance for managing Palo Alto Networks firewalls.
• Worked on updating pools, members and nodes using the GUI interface for the local traffic managers
• Involved in project planning, deploying and reviewing based on the requirements within the existing network
• Reviewing all changes to network configuration for technical accuracy and providing solutions to Multi-Protocol Network problems
• Configured and managed VLANs, 802.1Q Trunk, RPVST+, Inter-VLAN routing, HSRP and LAN security for Layer-2 and Layer-3 switching domains as per the organization's requirement plan
• Tested various BGP attributes like local preference, MED, Weight and replicated customer issues in the testing environment lab
• Routing protocol configuration such as OSPF, EIGRP and BGP, Router redundancy configuration (HSRP, VRRP and GLBP)
• Wireless LAN (Access point, LWAPP)
• Multicasting, Route redistribution, Route Filtering using Distribute list
• IP Allocation for all applications and servers with high availability throughout the company
• Configured ASA 5540 to ensure high-end security on the network with ACLs and Firewall
• WAN Technologies (PPP, Frame Relay, ATM, ISDN, Site to Site VPN)
• Provided application level redundancy and availability by deploying F5 6500 series LTM load balancers
• Involved in designing WAN infrastructure for redundancy in case of link failure
• Responsible for technical evaluation, troubleshooting, overall project management, problem solving and turn-up of the service with the ISP
• Created and designed network layout and documented network system design with detail information using Visio.