SUMMARY:

• CCNA, CCNP professional with 8 years of experience in network design, implementation, and support. Routing, switching, firewall technologies, system design, implementation and troubleshooting of complex network systems.
• Extensive experience in configuring and troubleshooting of protocols v1/v2, EIGRP, OSPF, BGP and MPLS.
• Extensive knowledge with VLAN’s, Trunking, RSTP, SNMP, Ether Channels, HSRP, Port Security, ACL’s, QoS, Traffic Policing, Shaping, EIGRP, OSPF, NAT, PAT, Inspections, VPN’s, DHCP, WireShark etc
• Expertise in configuring and troubleshooting of Palo Alto, Juniper NetScreen & SRX Firewalls and their implementation
• Working Knowledge of Cisco IOS, Junos & basic Nexus (7K, 5K&2K).
• Switching tasks include VTP, ISL/ 802.1q, VLAN, Ether Channel, STP and RSTP.
• Strong hands on experience on PIX (506, 515, 525, 535), ASA (5505/5510) Firewalls. Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Responsible for Check Point and Cisco ASA firewall administration across global networks.
• Experience in testing Cisco routers and switches in laboratory and deploy them on site production.
• Hands of experience on AWS (Amazon Web Services).
• Expertise on complex Checkpoint, Cisco ASA & Palo Alto firewalls Environment.
• Has experience in working on cloud AWS cloud EC2, S3, RDS, Load Balancer, Auto Scaling with AWS command line interface and AWS python SDK.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Systems integration projects included Routers, Switches, Load balancers, DNS Servers, Firewalls, Virtualized servers, Multimedia, Remote Access, Wireless, Proxy servers, File Servers, Main Frames, multicast networks and much more
• Testing the wireless coverage, Throughput, data rates, interference using predictive surveys.
• Experience in physical cabling, IP addressing and subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies.
• Experienced in Cisco and Juniper design and implementation projects. Specific tasks include Integrated, Integrations, configurations, support and maintenance of routers and switches.
• Designed, configured and implemented LAN/WAN/Wireless networks in 30 remote offices domestic and globally consisting of Cisco 4510R - E and 3850X Core switches, Cisco 2921 WAN router, Aruba Mobility controller, and Palo Alto firewalls.
• Well experienced in configuring HSRP, GLBP, ICMP, PPP, PAP, CHAP and SNMP.
• Experience in installing and configuring DNS, DHCP server
• Expertise in installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800)
• Hands on experience in configuring Cisco 2800, 2900, 3800, 3900, 4300 and 7200 Series routers.
• Expertise in installing, configuring and troubleshooting Juniper Routers (J, M and MX-series)
• Experienced in Administrating and diagnostics of LAN and WAN with in-depth knowledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
• In-depth knowledge and hands-on experience in ISP Routing Policies, Network Architecture, IP Sub netting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
• Experience in site-to-site and remote access VPN solutions.
• Multicast routing/switching, Rosen draft, IPTV solutions.
• Experience working with Nexus 9k, 7K, 5K and 2K.
• Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs.
• Worked extensively on Palo Alto, Juniper Net screen and SRX Firewalls.
• Provided services in many industries such as Consulting, Telecommunications and IT Infrastructure. Specializing in LAN, WAN, WLAN, and Data Center networks
• Implemented Guest WLAN.
• Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, MPLS QOS.
• Deployed RAP controllers (Remote Access Points) in the DMZ to provide direct secure connection from remote locations to corporate LAN.
• Worked with team to implement NAC solution on Aruba wireless and LAN.
• Extensive experience in configuring Layer3 routing and layer2/3 switching of Juniper & Cisco based J2320,MX,EX,2950,2960,3600,3750,4500,6500,1700,1800,2600 and 3700 series routers & Switches.
• Troubleshooting & implementation of Vlan, STP, MSTP, RSTP, PVST, 802.1Q, DTP, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5, VTP & SVI.
• Proficient in setting up IT infrastructure including wide area networks (WAN) local area networks (LAN), security management systems network device administration.
• Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments
• Experience working with ARISTA switches like 7100, 7500 for cloud computing, datacenter and low latency networks
• IOS/JUNOS upgrade for Cisco & Juniper routers cum switches.
• Experience in testing Cisco & Juniper routers cum switches in laboratory scenarios and deploy on site for production.
• Highly motivated with the ability to work independently or as an integral part of a team and committed to highest levels of professional.
• Experience with Change management process and Project documentation tools like Excel and VISIO.

TECHNICAL SKILLS:

Protocols & Standards: LAN, WAN, WLAN,VRF, VDC, TCP/IP, NAT, PAT, MPLS, GETVPN, GDOI, DMVPN, IPv4, IPv6, VPN,L2TP, IPSec / ISAKMP, IKE, VoIP, VSS, OSPF, OSPFv3, EIGRP, BGPv4, VLANs, ACLs, Layer 3, Switching, HSRP, GLBP, AWS, VRRP, QoS, TACACS+, RADIUS, 802.1X, PKI, LDAP, POE

Cisco Platforms: Nexus 7K, 5K, 2K & 1K, Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series) Huawei AR Series Routers

Juniper Platforms: M, J and MX Series Routers

Firewall: Cisco ASA/PIX/FWSM, Checkpoint (IP Series/NGX R65/IPSO), Palo Alto, Juniper NetScreen and Juniper SRX.

Load Balancers: F5 Networks (Big-IP/IQ)

Network Tools: IBM ITNM, Splunk, StealthWatch, Solarwinds, SNMP, CiscoWorks, Wireshark,BMC Remedy, Tufin Secureapp, Tufin Securetrack, Infoblox IPAM (IP Address Management Solutions), JIRA, ServiceNow,QRadar, NETDATA, KIWI, Infoblox NETMRI, SecureCRT, Putty, VMware NSX, VMware Onecloud, Citrix Netscaler

WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q

Networking Protocols: OSPF, EIGRP, MULTICAST, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA

IKE, IPSEC, SSL: VPN

Operating System: Windows 7/XP, Windows Server 2008/2003, Linux, Unix

PROFESSIONAL EXPERIENCE:

Confidential, Chicago, IL

Senior Network/Security Technical Specialist

Responsibilities:

• Migration from Cisco to Palo Alto firewall & Cisco to Checkpoint firewall.
• Troubleshoot of LAN, WAN networking issues using Wireshark, Netflow and other advanced tools and methodologies.
• Cisco/802.11/b/g/n/a wireless local area networks (WLAN).
• Support Checkpoint firewall and Provider 1 versions of R55, R65, R70, SPLAT, and VSX.
• Monitor and configure Alta Vista, Check Point, Cisco firewalls and IDS, and F5 Load Balancers.
• Responsible for all Cisco, Juniper, Aruba, and telecommunications contracts and maintenance agreements.
• Resolved downed backup VPN tunnels giving visibility to potential ISP out stages using NetflowAnalyzers.
• Designed, Installed and configured Aruba Wireless network in an HA environment using AGN 125 access points with 802.1X authentication.
• Responsible for distributed applications across hybrid AWS and physical data centers.
• Configured multicast groups and QoS.
• Creating and testing Cisco router and switching operations using OSPF routing protocol, ASA Firewalls for stable VPNs.
• Responsible in Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Configuring, testing, troubleshooting multiple vendor device platforms like Cisco routing and switching: Cisco ASR9010, ASR901, ASR903, Catalyst Cisco 7609, 2960, and Juniper routing and switching devices: MX960, MX 480 and SRX5200, ACX2200, ALU service aggregation router 7705 and 7750 service router.
• Networking includes rebuilding existing multicast network infrastructures. Technologies included Cisco Routers, Nexus switches, Juniper FWs, BGP, EIGRP, sparse mode multicasting, MSDP and IP PIM Anycast.
• Security policy review and configuration in Palo Alto and Juniper SRX Firewall in Datacenter.
• Troubleshooting of CISCO routers like ping, trace route and basic issues.
• Ensuring connectivity and communication among networks, servers and clients inside and outside department.
• This global role helped expand my expertise into other areas such as Cisco UCS, Checkpoint Firewalls, Cisco ASA, and VMware NSX.
• Experience in performing wireless site surveys using Airmagnet software.
• Responsible for conducting physical wireless site surveys with Airmagnet Survey Pro and predictive site surveys with Cisco Prime and Airmagnet Planner.
• Responsible for performing predictive wireless designs/site surveys with Airmagnet Planner (Cisco 3500/3600/3700/ ) and conducting physical wireless site surveys with Airmagnet Survey.
• Responsible for conducting physical wireless site surveys with Airmagnet Survey Pro and predictive site surveys with Cisco WCS and Airmagnet Planner.
• Site surveys with Cisco WCS and Airmagnet planner, system design, deployment,
• Design and Implement multicast in networks
• Installed controller and light weight access point coordination with JTAC.
• Maintenance and trouble-shooting of LAN, WAN, IP Routing, Multi layers Switching.
• Integrated, Integration and trouble-shooting of routing protocols like static and dynamic.
• Implemented site to site VPN in Juniper SRX as per customer.
• Configuring & managing around 500+ Network &Security Devices that includes Cisco Routers & Switches, Nexus Switches, Juniper and Palo Alto Firewalls, F5 Big IP Load balancers, Blue Coat Proxies and Riverbed WAN Optimizers.
• Installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800)
• Hands on experience in configuring Cisco 2800, 2900, 3800, 3900, 4300 and 7200 Series routers.
• Operations and management of company LAN, WAN, and wireless networks, including routers, switches, Access Points, Firewalls and other network i.e. Riverbed, Bluecoat, F5 LTM/GTM.
• Configure networks to ensure their smooth and reliable operation for fulfilling business objectives and processes.
• Re-designed and implemented in-house network to support VoIP and multicast traffic.
• Designed and maintained the VLAN architecture, IP address scheme, security architecture, security policies, OS hardening, ADS architecture, and DNS Name Space across a Globally dispersed infrastructure. Implemented various EX, SRX & J series Juniper devices.
• Procured, installed, configured, and maintained Cisco switches, Cisco routers, ASA/PIX firewalls, Checkpoint Firewalls (on Sun Solaris hardware), F5 Big IP Load balancers, Nortel VPN Hardware, Avaya Firewall/VPN Hardware, and Dell Windows 2000/2003 Servers.
• Regular upgrade and maintenance of Infrastructure including Cisco Router and Switches, Juniper Routers and Firewalls, Nexus 7k,5k & 2k, F5 BIG IP, Palo Alto Firewalls, BlueCoat Proxy and Riverbed Steelhead appliances.
• Monitor network performance and troubleshoot problem areas as needed.
• Improved network capabilities and reliability by evaluating, testing, purchasing, and implementing new SONET, SDH, DWDM, IP/MPLS, Ethernet, and wireless technologies
• Practice network asset management, including maintenance of network component inventory and related documentation and technical specifications information.
• Environment: Cisco Routers, Cisco Switches, Juniper Routers, Juniper Switches, Nexus 7k/5k/2k Routing protocols, Palo Alto, Checkpoint, Aruba, F5, Load Balancer, AWS, BlueCoat, HSRP, VRRP, IPSEC VPN, VPN, QOS, ASA firewall, Load balancer, SONET, Multicast, MPLS, VLANS, VTP, RSTP, ACL, NAT, IDS/IPS, SIP, RTP, RADIUS, TACACS+, Juniper SRX, ASR 9000, Catalyst 6500, CRS, Cisco ASR Firewall.

Confidential, Phoenix, AZ

Senior Network Engineer

Responsibilities:

• Implemented VLAN, VTP domain, Trunking and Ether Channel on Cisco 5500 switches.
• Used KIWI monitoring tool to troubleshoot network issues.
• Cisco/802.11/b/g/n/a wireless local area networks (WLAN).
• Hands on experience in configuring Cisco 2800, 2900, 3800, 3900, 4300 and 7200 Series routers.
• Responsible for performing the engineering lifecycle functions of detailed design, implementation and hand-over to production for part or all of a network technical solution to the client, in accordance with an agreed technical architecture.
• Experience in performing wireless site surveys using Airmagnet software.
• Responsible for conducting physical wireless site surveys with Airmagnet Survey Pro and predictive site surveys with Cisco Prime and Airmagnet Planner.
• Responsible for performing predictive wireless designs/site surveys with Airmagnet Planner (Cisco 3500/3600/3700/ ) and conducting physical wireless site surveys with Airmagnet Survey.
• Responsible for conducting physical wireless site surveys with Airmagnet Survey Pro and predictive site surveys with Cisco WCS and Airmagnet Planner.
• Site surveys with Cisco WCS and Airmagnet planner, system design, deployment,
• Monitors network performance and implements performance tuning when necessary.
• Worked with IPSEC VPN and B2B VPN design connection and protocols, IPSEC tunnel.
• Provides Local & Wide Area Network and Network Security Support.
• Upgraded with Nexus 9k,7k and 5k switches to deal with the vulnerability issues.
• Manage firewall/security systems by establishing and enforcing policies.
• Work closely with colleagues to meet team goals and improve processes and practices.
• Performs network and security hardware and software maintenance.
• Create and maintain detailed network documentation and procedures.
• Performs maintenance and management of assigned security technologies and functions that include firewalls, authentication devices, encryption, event log monitoring, reporting, incident response, security analysis and/or
• Develops, documents and implements new processes and procedures which improve the department’s ability to provide World Standard client service
• Provide support for DMZ’s creating and developing DMZ designs IDS signatures to meet new and emerging technologies threats.
• Troubleshoot, diagnose and resolve complex security attacks.
• Performed DDOS mitigations and analysis.
• Troubleshooting the Network Issues onsite and remotely depending on the severity of the issues.
• Perform research and provide direction on new and emerging security technologies.
• Help to develop response processes, rules and alert notifications.
• Provide communications to management on the threat/risk profile for various networks and data.
• Install, configure and maintain Network Security devices. This includes software installation, patches, and upgrades.
• Basic knowledge configuring CISCO networking devices.
• Hands-on experience with all phases of firewall and network operations, firewall change requests, firewall configuration, network services, and network security.
• Ability to troubleshoot complex multi-vendor network issues in the LAN and WAN networks and working with multiple application and system teams to identify bottlenecks and other network configuration issues
• In-depth knowledge in the area of deep packet troubleshooting with Wireshark and/or Riverbed ACE Analyst and tcp-dump.
• Makes recommendations on existing projects to improve network security Created Change Requests, Method of Procedures (MOPS) and assisted on-call migrations and changes.
• Performed Level 3-4 troubleshooting and analysis of disaster recovery issues, security implementations, firewall configurations, vulnerability assessments, and intrusion detection and analyze, customer consultation.
• Creating network object groups and Access Control lists and Object group services on Cisco ASA 5500 as per client needs.
• Telnet into Cisco router to configure and update interface, and subnet TCP/IPv4.
• Used Visio diagram to support the verification of switches and servers in the DMZ.
• Manage the firewall deployment, rules migrations, and firewall administration.
• Responsible for converting existing rule base onto new platforms.
• Used QRadar to check logs for troubleshooting firewall as well as network issues.
• Migrated network from EIGRP to OSPF.
• Demonstrated experience with IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• Management of proxies, firewalls and F5 load balancers.
• Configuring IRules on F5 Load balancers.
• Researches, evaluates, designs and implements new/improved security software and/or devices that meet risk management objectives.
• Upgraded Panorama version 7.0 to 8.0 on Palo Alto Firewalls.
• Performs security analysis of assigned systems and functions. Reports findings and makes recommendations for remediation to management.
• Provides third level technical expertise in the identification and resolution of security related issues/events.

Aon Hewitt, Lincolnshire, IL

Sr. Network Engineer

Responsibilities:

• Configuring HSRP between the 3845 router pairs for Gateway redundancy for the client desktops.
• Configure VRRP & GLBP and VLAN Trunking 802.1Q on Catalyst 6500 switches.
• Negotiate VPN tunnels using IPSec encryption standards and configured and implemented site-to-site VPN, Remote VPN.
• Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches.
• Done troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment.
• Verify network status using basic utilities (including: ping, trace route, telnet, SSH, ARP, ipconfig)
• Ensure Network, system and data availability and integrity through preventive maintenance and upgrade.
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support
• Supporting EIGRP and BGP network by resolving problems of internal teams & external customers of all locations.

Confidential, Rockville, MD

L2 Network Engineer

Responsibilities:

• Troubleshoot firewall and network issues using CLI for all devices managed as well as using GUIs such as: Juniper NSM, Checkpoint Smartview Tracker, and Lucent Brick LSMS.
• Performed performance testing of IP Multicast and Class of Service over the Service Provider network using Spirent SmartBits test equipment
• Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Configured PPP, HDLC, BGPv4, EIGRP, MPLS and OSPF routing.
• Configured CIDR, IP, RIP, PPP, BGP and OSPF routing.
• Implemented SNMP on Cisco routes to allow for network management. Completed the installation and Configuration of CSU/DSU, T1, T3 & OC3 circuits.
• Experienced in Integration, configuration and maintenance of Cisco Router, Catalyst Switches and Firewalls.
• Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers.
• Datacenter upgraded from C6500s to Nexus 7k/5k/2k, double-VPC between distribution and access, single-VPC to servers
• Responsible for all routing, switching, VPN, network security, and server load balancing.
• Using PBR with Route Maps for route manipulation/filtering. Troubleshooting routing issues like suboptimal routing and asymmetric routing.
• Have created lot of site to site IPSEC VPN tunnel with Checkpoint, Juniper Netscreen firewalls and Cisco ASA firewalls.
• Monitored regular tasks like traffic, applications, routers, switches, firewall, attacks, protocols, QoS and other reports and activities on Netflow Analyzer.
• Improved network capabilities and reliability by evaluating, testing, purchasing, and implementing new SONET, SDH, DWDM, IP/MPLS, Ethernet, and wireless technologies
• Configured Juniper MX480s, EX8200s, EX4500s, EX4200s, from scratch to match design.
• Has a good experience working with the Trouble Tickets on F5 Load balancers on LTM module.
• Switch experience includes Cisco Catalyst switches: CISCO 3750, 4500, 6500 series switches.
• Configuration and maintenance of OSPF protocol which was the enterprise IGP. Configuration included deploying of new branch locations or new network devices in the existing infrastructure. Creating Stub Areas & configuring Summarization for effective Routing.
• Provided technical support for full setup, debugged the problems of OSPF, switching and HSRP.
• Implemented and used SDM to configure Cisco IOS security features and network connection.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls for stable VPNs.
• Monitored and troubleshoot WLAN, LAN infrastructure.
• Configured Object Grouping, Protocol Handling and Code up gradation on ASA Firewalls.
• Implementation and maintained intrusion detection/ prevention (IDS/IPS) system to protect enterprise network and sensitive corporate data. For Fine-tuning of TCP and UDP enabled IDS/IPS signatures in Firewall.
• Made a Couple of Cleanup Configurations on the Cisco ASR.
• Implemented, reviewed and approved the MOP's of every task created.
• Created a L2L tunnel for the Billing Access between Cisco ASA's.
• Configuration the access-list rules, network object-service group based on well-known port the port i.e. FTP/SFTP, SSH, HTTPS/HTTPS (SSL) and etc
• Switching related tasks included implementing VLANs, VTP and configuring and maintaining multi VLAN environment and inter-VLAN routing on Fast-Ethernet channel.
• Worked with different vendors and implement Site-to-Site VPNs over the Internet.
• Negotiate VPN tunnels using IPSec encryption standards and also configured and implemented site-to-site VPN, Remote VPN.
• Hands on experience in configuring Cisco 2800, 2900, 3800, 3900, 4300 and 7200 Series routers.
• Security policy review and configuration in Palo Alto and Juniper SRX Firewall in US offices and Datacenter.
• Working knowledge of the UNIX and CLI based command to implement the networking tools.
• Configured and monitored Firewall logging, DMZ’s and related security policies.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches, fixes, and all around technical support of 24*7.
• Configuration of ACLs in Cisco 5540 series ASA firewall for Internet Access requests for servers in LAN and DMZ and also for special user requests as authorized by management.
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
• Implementing, configuring and troubleshooting routing protocols such as OSPF (v3, v2), RIPv2, BGPv4, EIGRP, HSRP, GLBP and MPLS.

Confidential

Jr. Network Engineer

Responsibilities:

• Created VLAN and Inter-Vlan routing with Multilayer Switching.
• Documenting and Log analyzing the Cisco ASA 5500 series firewall.
• Monitor performance of network and servers to identify potential problems and bottleneck.
• Performed administrative support for RIP, OSPF routing protocol.
• Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP
• Migration of RIP V2 to OSPF, BGP routing protocols.
• Configured EIGRP for Lab Environment.
• Implemented ISL and 802.1Q for communicating through VTP.
• Working with Client teams to find out requirements for their Network Requirements.
• Designing solutions for frozen requirements using Cisco Routers and Switches.
• Deploying the network infrastructure to meet the requirements.
• Real time monitoring and network management using Cisco Works LMS.
• Provided technical support on hardware and software related issues to remote production sites.