Network Engineer Resume
Tyler, TX
SUMMARY:
- An accomplished Cisco Certified Network Professional with over 8 years of experience in fast - paced, sensitive and stressful environments. Proven ability in network design, implementation, management, monitoring, security and systems integration. Consistently accomplishes measurable results while elaborating LAN/WAN integration projects.
- Hands-on experience with design, configuration, and troubleshooting of routing protocols: BGP, OSPF, EIGRP, RIP v1 and v2 and ISIS.
- Experience working on Cisco ASR 9922, ASR 9912, ASR 9910, ASR 9010, ASR 9006, ASR 9001, ASR 901, ASR 903, ASR 920.
- Experience working on various switches such as Cisco Catalyst 3850, 3750, 4900, 6500; Cisco Nexus 7000 Series chassis (7010, 7710), Cisco Nexus 5000 Series Switches.
- Successfully completed projects to upgrade code for 1200+ ASR901’s, 600+ ME3400’s, 50+ ME3800’s, 25+ C3750’s, 50+ ASR9001’s, 10+ ASR9006’s, 10+ ASR9010’s.
- Experience in designing and configuring routing protocols such as OSPF, BGP on Juniper routers MX960 and MX480.
- Performed Functionality testing on Layer2 Protocols like Service OAM, Traffic Engineering, Customer tag and Service tag, Traffic Policing and Shaping, Class of Service, CFM, EVC, EVPL, LACP, Y.1731, Y.1564, 802.1ag protocol.
- Experience in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC and SNMP.
- L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trucking, STP, RSTP, MST, VTP, Inter-VLAN routing and Port Channel Protocols like LACP, PAGP.
- Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for datacenter access architecture.
- Ability to perform layer 2 and layer 3 audit of core network infrastructure.
- Good understanding of OSI model, TCP/IP. In-depth knowledge and experience on IP Addressing, Subnetting.
- Experienced in preparing network designs like HLD, LLD based on the business requirements.
- Configuring/Installing Cisco ACI fabric networks. Worked on Application Centric Policy (based on Cisco Application Policy Infrastructure Controller or APIC).
- Experience in establishing VPN Tunnels using IPSec encryption standards and also configuring and implementing site-to-site VPN.
- Worked on F5 and CSM load balancers deploying various load balancing techniques with multiple components for efficient performance.
- Experience in deploying and decommission of VLANs on core ASR 9K, Nexus 9K, 7K, 5K and its downstream devices and also configure 2k, 3k, 7k series Routers.
- Advanced knowledge in designing, installation, configuration and maintenance of Juniper SRX Firewall, Juniper EX and MX devices.
- Experience with Layer 2 and Layer 3 protocols like LDP, RSVP/ TE, QOS and VPLS. Experience in configuring HSRP and redistribution between routing protocols and troubleshooting them.
- Working experience on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
- Extensive experience in activities like monitoring of the Client’s network, performance monitoring, maintaining uptime for the network as per the SLA of the client, network operation & designing, network security for LAN.
- Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions using cisco security manager (CSM) for management of ASA and responsible for Check Point and Cisco ASA firewall administration across global networks and configuring NAT, PAT & advanced Firewall rules implementation.
- Hands on experience in configuring and supporting site-to-site and remote access Cisco, IPsec, VPN solutions using ASA/PIX firewalls, ACL, Cisco VPN client and AAA Security on different series of routers.
- Performed network audits to identify software bugs, security updates and hardware failures.
- Expertise in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
- Great exposure to SDN and network function virtualization (NFV) technologies like Cisco ACI.
- Thorough understanding of basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 load balancer and general troubleshooting of the F5 load balancers.
- Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA 5500 Firewalls.
- Experience in installing and configuring DNS, DHCP servers.
- Provided on call 24x7 support to provide services in case of network outage. Also maintained and monitored circuits till the network stabilizes.
- Experience with designing and deployment of MPLS Traffic Engineering.
- Excellent in documentation and updating client’s network documentation using VISIO.
- Experienced working on network monitoring and analysis tools like, SOLAR WINDS, and Wireshark.
TECHNICAL SKILLS:
Networking Hardware: Cisco Switches, Cisco Routers, ASA/Pix firewalls
WAN Technologies: Frame Relay, ISDN, PPP, ATM, MPLS
VPN: L2VPN, L3VPN, VPLS
Routing Protocols: OSPF, IGRP, EIGRP, RIP, IS-IS, BGP
L2 Protocols: VTP, STP, RSTP, MSTP, PVST, ISL, 802.1q
Redundancy Protocols: HSRP, VRRP, GLBP
Switching: VLANs, Private VLANs, Ether-Channel
Security Technologies: PAP, CHAP, Cisco PIX
Network Monitoring: Cisco Works 2000, Wire Shark, SolarWinds
Routers: CISCO 2600,, Cisco ASR 9k series, Juniper M Series
Switches: CISCO 2900, Nexus 7k,5k,2k
Firewalls: Juniper net screen Juniper SRX Pix ASA Checkpoint, Palo AltoMcAfee Web Gateway
AAA Architecture: TACACS+, RADIUS, Cisco ACS
Load Balancers: Cisco CSM, ACE 4710, F5 Networks (Big-IP, Viprion 4400, 2400)
Application Protocol: HTTP, HTTPS, FTP, TFTP, SNMP, SMTP, NTP etc
PROFESSIONAL EXPERIENCE:
Confidential, Tyler, TX
Network Engineer
Responsibilities:
- Configured route policy for BGP and manipulated BGP attributes using route-maps, ACL, AS-Path list according to customer requirement.
- Configuring, testing, troubleshooting multiple vendor device platforms like Cisco ASR 9922, ASR 9906, ASR 9912, ASR 9910, ASR 9010, ASR 9006, ASR 9001 and Cisco 7609, Cisco Catalyst 3850, 3750, 2960 and Juniper devices: MX960, MX480.
- Responsible for MPLS/VPLS Layer 2 & the Layer 3 VPN network(s) as well as the Internet IP Core / edge network.
- Worked with TFTP/FTP server for upgrading Cisco IOS software and also used TFTP/FTP server to backup and restore configuration and IOS image files for Cisco ASR routers and Cisco Catalyst switches. Upgraded code on large number of Cisco Catalyst 3850, 3750, ME3800 and also on ASR9001, ASR9006, ASR9010, ASR901, ME3400, ASR920, and ASR903.
- Extensively tested IPSLA / Y.1731 Performance monitoring using CPE edge devices in our MPLS network.
- Quickly resolved all IP network issues to reduce downtime while also ensuring client SLA's.
- Implemented routing protocols (OSPF, BGP), switching (VLANS, VTP Domains, STP, and trunking), security on devices hardening (authentication, authorization, and accounting).
- Design, configure and deploy point to point and DIA.
- Built circuits in lab setup for extensive testing and evaluation of NID devices (ADVA) using MPLS lab network.
- Modified OSPF costs for links to divert traffic to reduce the delay and bandwidth consumption across the links.
- Configure iBGP and eBGP peering between L3 routers and core routers.
- Supported in decommission of Juniper MX960, MX480, ME3800 and replacing with Cisco ASR 9001, ASR 9006 and Cisco Catalyst 3850.
- Used Netflow as Network monitoring tool for analysis of CPU, memory utilization of network traffic.
- Managed the rollout of MPLS-TE protocol to control bandwidth usage for guaranteed delivery and reroute of voice and video traffic across the coast to coast network backbone
- Greatly enhanced network manageability using SNMP.
- Involved in evaluation and testing of ASR920 as CPE as a replacement of ME3400 in lab network.
- Enhance application performance and stability through consistent routing policy design, QOS profiles, and traffic engineering.
- Installing new equipment to RADIUS and worked with MPLS-VPN and TACACS configurations.
- Various refresh projects to replace older Cisco devices such as Cisco 7609 with newer ASR and older switches with various Nexus devices.
- Support OSPF and BGP network by resolving level 2 & 3 problems of internal teams & external customers of all locations.
- Troubleshooting MPLS connectivity issues on CE/PE connectivity.
- Implemented and also troubleshoot complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
- Configuring and testing Multicast for both IPv4 and IPv6 routing in Data Environment.
- Implemented redundancy protocols such as HSRP, VRRP, and GLBP for Default Gateway Redundancy.
- Configuring VTPs, port fast, uplink fast on access layer switches.
- Involved in designing and implementing QOS and policy map to ASR 9K series routers for multiple customer markets.
- Responsible for the IPAM (IP Address management) system for a very large WAN/LAN network
- Implemented Layer 2 security policies to mitigate attacks by hard coding access port, Port-security violation policies, configuring all unused port in Black hole VLAN.
- Involved in the manual conversion of ACLs from MX960 to Cisco ASR 9010.
- Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues.
- Contributed to the implementation and support of SNMP monitoring software and other network
monitoring tools.
- Developing and maintain Network Documentation. (Visio diagrams, Excel spreadsheets, Word documents, etc.).
Confidential, Atlanta, GA
Network Engineer
Responsibilities:
- Designed, validated and implemented LAN, WLAN & WAN solution to client’s needs.
- Installed and configured Cisco 7200 series router, Cisco ASR 9006, ASR 9001 and Cisco Nexus 6004, 6001 switches.
- Implemented Layer 2 security by enabling STP BPDU & Root guard, locking down VLAN trunking.
- Worked on Cisco's Application Centric Infrastructure (ACI) implementation (Nexus 9K, APIC).
- Involved in configuring and troubleshooting of Cisco 7600 series routers, Cisco ASR 9k series routers and Cisco 4500, 5000, 6500 series switches.
- Responsible for complete datacenter layout and migration to nexus 9k, 7k, configured ACI.
- Migrated production applications from a traditional network to a policy based network model (ACI) which enabled faster application deployment and delivery.
- Centralized visibility with real-time, application health monitoring with ACI.
- Migrated Catalyst 6K to Nexus 3k/5k/7k in production Datacenter.
- Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, Spanning Tree, 802.1q, etc.
- Simplified automation by an application-driven policy model through ACI.
- Implemented F5 BIG-IP application delivery controllers for load balancing using Virtual servers, irules and iApps.
- Implemented switched highly available LAN IP infrastructure using VLANs, VTP, Spanning Tree, Fast/Gigabit Ethernet and trunking/channeling technologies (Catalyst 2950, 3750, and 4500)
- Performed LAN operations and troubleshooting which involves working on VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.
- Implemented redundancy with HSRP, Ether channel technology (LACP, PAgP) etc.
- Worked with enterprise level Wi-Fi configuration, troubleshooting, IP routing, network design, architecture and protocols and topologies
- Design Layer 2/Layer 3 network for cloud hosting data centers and enterprise networks.
- LAN technologies supported: 802.11a, 802.11b, 802.11g, 802.11n, WDS, point to point technology, ADSL, VDSL, HPNA, VLAN and 802.3 and 802.3af Ethernet technologies.
- Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling.
- Troubleshoot the network issues onsite and remotely depending on the severity of the issues.
- Implementing, Monitoring, Troubleshooting and Convergence in Frame-Mode MPLS inside the core.
- Worked with LAN protocols like STP, RSTP, MST, VTP, VLAN and Port Channel Protocols like LACP, PAGP.
- Troubleshooting and monitored routing protocols such OSPF and BGP.
- Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
- Provided Load balancing towards access layer from core layer using F5 Network Load Balancers.
- Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
- Configured and troubleshooting of HSRP on Cisco routers.
- Configuring and implementing F5 BIG-IP, LTM, GTM load balancers to maintain global and local traffic
- Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
- Write & review test plans for IEEE 802.11a/b/g, 802.11e, 802.11R, 802.11n etc. as well as proprietary features.
- Implement ATM/Frame Relay between data centers utilizing Cisco routers & switches.
- Design Layer 2/Layer 3 network for cloud hosting data centers and enterprise networks.
- Reviewing, analyzing, approving and executing all changes in the network.
- Responding to inquiries from staff, administrators, service providers, site personnel and outside vendors etc. to provide technical assistance and support.
- Developing and maintain Network Documentation. (Visio diagrams, Excel spreadsheets, Word documents, etc.).
- Participated in a rotating 24x7 support schedule for the Network operation Center.
Confidential, Mclean, VA
Network Security Engineer
Responsibilities:
- Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per company policy. It also includes the configuration of port channel between core switches and server distribution switches.
- Experience on HSRP for load balancing.
- Utilize in depth testing procedures to update firmware, apply current security patches, verify functionality of all devices, and test configurations for equipment such as Cisco routers, ASA firewalls, switches, and Windows OS computers.
- Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
- Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
- Configuring AAA using Tacacs+ and ACS server.
- Successfully installed Palo Alto PA-3000/PA-5000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
- Configuring HSRP for network redundancy and High availability
- Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
- Troubleshooting of complex LAN/WAN infrastructure that include routing protocols OSPF & BGP.
- Configuring, Installing and troubleshooting on Check Point Devices.
- Configured networks using routing protocols such as OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
- Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
- Deploy, configure, and support Aruba wireless controller and AP devices globally, also a direct escalation path for all wireless issues.
- Configuration and Maintenance of Cisco ASA, ASA 5540, ASA 5520, ASA 5510 series firewalls.
- Manage project task to migrate from Cisco ASA firewalls to Check Point firewalls.
- Experience in configuring & upgrading of Cisco IOS.
- Hands on Experience with blocking of IP's on Checkpoint that are suspicious. Responsible for Checkpoint firewall management and operations across our global networks. Implementing security Solutions using Palo Alto PA-5000 and Checkpoint Firewalls R75, R77.
Confidential
Network Engineer
Responsibilities:
- Worked primarily as a part of the Security team and daily tasks included firewall rule analysis, rule modification and administration.
- Administrating LAN and WAN connectivity for Client Sites.
- Responsible for advanced enterprise wireless LAN administration and design, mesh networks, and point-to- point and point-to- multipoint topologies.
- Responsible for Cisco ASA firewalls configuration and administration across global networks.
- Installation, Integration and maintenance of LAN, WAN and MAN setup and Member of Network testing team worked with QoS.
- Replaced old 6500 and WAN routers from DR testing site and Installed Nexus 7K and ASR 1006 routers.
- Configuration and Maintenance of ASA 5525, ASA 5510, Firewalls and Cisco IPS 4240 using Cisco Security Manager (CSM).
- Provided ongoing administration and support for authentication service using RSA SecurID and Cisco AAA servers (Radius, TACACS+) for internet-based IPSEC Site to Site and remote access VPN solution.
- Experience configuring EIGRP, BGP, Frame Relay and PBR.
- Configured Cisco 6500, 3500 and 3750 Catalyst Switches at the core and distribution/access layer respectively with port-securities, VLAN, VTP, RSTP, connected switches with 802.1Q Trunking Protocol.
- Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
- Configured Solar winds products for Network Performance.
- Monitored and maintained client firewall, intrusion detection systems and VPN systems including (VPN-1/ Secure VPN / Secure IDS).
- Expertise in VPN configuration, routing, NAT, access-list, Security contexts, and failover in ASA firewalls.
- Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tuning AS-path.
- Tested and implemented various BGP attributes such as Local Preference, MED, AS-PATH, Community, Extended community using route-maps.
- Conduct network Packet Analysis using Wireshark.
- Installed Solar Winds Network Performance Monitor with traffic analysis, application & virtualization management, configuration management and other modules additionally installed.
- Analysis IDS/IPS sensors to ensure the policies and settings follow the clients’ proposed goals.
- Supported Infoblox appliances grid environment for DNS, DHCP and IP Address Management tools (IPv4).
- Designed documentation by using Microsoft Office Suite / Visio.
Confidential
Network Engineer
Responsibilities:
- Installing, configuring and troubleshooting Cisco 7200, 3600, 2800, 2600 series routers.
- Configured Cisco Routers for RIPv2, EIGRP, Static and default route.
- Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external escalation procedures and customer notifications.
- Deployed a large-scale HSRP solution to improve the uptime of collocation customers, in the event a core router became unreachable.
- Created VLAN and Inter-Vlan routing with Multilayer Switching.
- Upgrading and troubleshooting Cisco IOS to the Cisco Switches and routers.
- Configured and designed LAN networks with Access layer switches such as Cisco Catalyst 4510R-E, 4948, 4507R-E switches.
- Installing new equipment to RADIUS and worked with TACACS configurations.
- Installing and maintaining local as well as network printers.
- Validating existing infrastructure and suggesting new network designs.
- Maintained redundancy on Cisco 2610XM, 2651XM, 2691, 2851, 2811, 2801, 3660, 3640, 3620 routers with HSRP.
- Monitor performance of network and servers to identify potential problems and bottleneck.
- Working on creating new load balancing policies by employing BGP attributes including Local Preference and AS-Path.
- Configuring all the required devices and equipment for remote vendors at various sites and plants.
- Installation and maintenance of new network connections for the customers.
- Provided technical support on hardware and software related issues to remote production sites.