SUMMARY:

• 12+ years of Experience and having multiple Certifications on Cisco (CCNA & CCNP) in designing, deploying and troubleshooting Network & Security infrastructure on routers, switches (L2/L3), Firewalls of various vendor equipment.
• Strong hands on experience in layer - 3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K, 2K series, Cisco router models like ASR 9K, ASR 1K, 7200, 3900, 2900, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3850, 3750, 3500, 2900 series switches, ASA (5505/5510/5540/5585 ) Firewalls, Juniper (SRX 110/210/220/550 ).
• Implementation, Configuration and Support of Checkpoint (R80, R77 Gaia, R75 and R71), VSX, MDM/MDS, Provider-1, Juniper Firewalls (SSG 550M, SSG520M, ISG 1000, ISG 200, SRX5400, SRX5600, and SRX5800), Fortinet Firewalls 3950B/ 3810A/Enterprise 5000 series, Cisco Firewalls (ASA 5505, 5506-X, 5585 with firepower), Palo Alto Networks Firewall models (Panorama M-100, PA-2k, PA-3k, and PA-5 k).
• Real Hands-on experience on MPLS-VPN Cloud, P2P WAN, 40+ VRF and Fully redundant data center hand-over for over 200 sites,
• Hands-on experience in managing Infoblox DNS & DHCP Managing Tools, Skilled at implementing and organizing IP addressing schemes based on topology analysis to meet network requirements in different environments.
• Agency project involves site review, requirements gathering, provide them an alternative design using cisco solutions that includes NEW MPLS WAN (Provider Edge Router), Layer 3 LAN (Customer Edge Switches) Voice Gateways and SRST’s for redundant 911 Emergencies topologies and the cut-over plan for every single project.
• Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Experience in Network Management Tools and sniffers like SNMP, Wireshark and Cisco works to support 24 x 7 Network Operation Center.
• Performs installation of communications hardware - routers, firewalls, switches, access points including Cisco Meraki and HP Aruba mesh networks.
• Developed monitoring tools using Python 3.x for the Network. Also developed deployment interface using Python 3.x for the network.
• Access control server configuration for RADIUS & TACACS.
• Administered Active Directory, GPOs, Office 365, Cisco ASA firewall, Cisco switches
• Technology and Infrastructure consultant for Cisco and Juniper design and implementation projects. Specific tasks include installations, configurations, support and maintenance of routers and switches.
• Provided technical support, integration, and configuration Cisco Meraki switching, Cisco ISE, Aero hive Wireless LAN, network monitoring software, and User based authentication such as 802.1x
• Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, MPLS QOS
• Diverse industry exposure - Finance, Telecom, and IT consulting Markets.
• Knowledgeable with Tenable/Nessus/Security Center
• Developed and implemented new policies and procedures for transformation work flow.
• Responsible for IP assignment based on CLASS and other infrastructure requirements.
• Hands-on experience in managing Infoblox DNS & DHCP Managing Tools, familiar with all record insertions and modifications. T-shooting lot of incidents and handled ticket open process with Infoblox helpdesk
• Performed daily operations, weekly on call rotations and handled P1, P2, and other low priority incidents and task
• Hands on experience working on Ansible Automation environments, supporting containers, Dockers and writing Python Scripts for Pre-ingest, post-ingest, migration tests.
• Extensive experience in configuring Layer3 routing and layer2/3 switching of Juniper & Cisco based J2320,MX,EX,2950,2960,3600,3750,4500,6500,1700,1800,2600 and 3700 series routers & Switches.
• Troubleshooting & implementation of Vlan, STP, MSTP, RSTP, PVST, 802.1Q, DTP, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5, VTP & SVI.
• Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments
• Experience configuring & troubleshooting routing protocols like RIP, OSPF, BGP, and EIGRP.
• Hands-on experience with Juniper SRX - Juniper SSL VPN
• Proficient in Cisco IOS installation, Upgrading and Configuring, Troubleshooting routing protocols like RIP, EIGRP, OSPF, BGP (E-BGP, I-BGP.
• Configuration and troubleshooting end-to-end between two, and multiple sites.
• Native communication skills and a team player, Effective inter-personal skills, adaptive to any environment, with the latest technologies and delivering solutions as an individual and as part of a team

TECHNICAL SKILLS:

Routing Protocols: RIP, BGP, OSPF, EIGRP, Static Routing, IP Addressing, Subnetting, VLSM

Communication Protocols: TCP/IP, UDP, DHCP, DNS, ICMP, SNMP, ARP, PPP

Redundancy Protocols: GLBP, HSRP, VRRP

Topologies: MPLS, Ethernet, Cable Modem, and Wireless

Switch Technologies: VLANs, VTP, STP, DTP, ISL and dot1q

Network Hardware: Cisco switches (2960, 3550, 3560, 4500, 6509, and 6513),Cisco Nexus Switches(2248,2232,5548,5596,7010,7718),Cisco routers (1900, 2900, 3900, 7200, ASR-1k/9k), Cisco ASA 5500 series, CSU/DSU s, network cards, Modems and F5 Network Load Balancer

Network Management Tools: MRTG, HP Open view, Cisco WAN manager, Cisco works 2000, Solarwinds Orion, and Zenoss

Security: NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration, Internet Content Filtering, URL Filtering -Web-sense, SSL, IPSEC, IKE, Static, Dynamic, Reflexive ACL, and authentication AAA (TACACS+ & RADIUS).

Firewall: Cisco ASA, Juniper SRX, Palo Alto

Network Simulators: GNS3, Packet Tracer, Wire shark

OS: Windows, UNIX, LINUX

PROFESSIONAL EXPERIENCE:

Confidential, Santa Ana, CA

Sr. Network Security Engineer

Responsibilities:

• Responsible for Orange County Data Center Design Engineering, project implementation, monitoring, troubleshooting, and problem resolution of large WAN/LAN Cisco environment (routers, switches, Wireless and VOIP) in a complex, challenging operational environment.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, EIGRP, RIP, BGP v4, MPLS.
• Implemented Cisco Application Centric Infrastructure ( Cisco ACI ) as a solution for data centers using a Spine and Leaf architecture
• Providing network security, cyber security, application security consulting service on AWS, AZURE, UNIX/Linux, AIX, Windows operating systems, Cisco networks, ASA firewall, IDS/IPS etc.
• Assist and train clients on how to use Office365 features such as SharePoint, OneDrive, office365 portal.
• Providing technical security proposals, detailed RFP responses, security presentation, installing and configuring ASA firewalls, VPN networks and redesigning customer security architectures.
• Migrated Juniper EX series switches from Cisco 3500 series and 6500 series switches
• Dealt with implementation of Cisco ASA 5585 devices and Juniper SRX 550 devices to apply security policies on it.
• Performed Configuration on ASR 9K Pairs includes HSRP, Bundle Ethernet Config, Assigning DHCP profiles.
• Proficiency on WAN-BGP, LAN-OSPF and EIGRP MPLS & IP SEC Tunneling for secured agencies.
• Provided technical support, integration, and configuration Cisco Meraki switching, Cisco ISE, Aero hive Wireless LAN, network monitoring software, and User based authentication such as 802.1x
• Hands-on experience in managing Infoblox DNS & DHCP Managing Tools, Skilled at implementing and organizing IP addressing schemes based on topology analysis to meet network requirements in different environments.
• Preparing new WAN / LAN Topology diagram for external vendor meetings and providing them a 360-degree view starting from creating a BOM till signing off an Client UAT.
• Acted as escalation point for troubleshooting advanced network/systems issues; consistently earned 100% issue-resolution scores by providing excellent service to internal and external customers.
• Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT
• Setup tested with Juniper QFX 5100 and Nexus 7010, Nexus 5548 devices for testing interoperability with Juniper/Cisco Devices.
• Involved in configuration of access-control lists on juniper and Palo Alto firewalls for proper network routing and B2B connectivity.
• Develop python /bash scripts to aid in the network monitoring, information gathering and expedited resolution of network issues.
• Deployed new security tools such as Tenable Security Center and Cisco ACS server for CaaS global data centers.
• Implementation and Configuration (Profiles, I Rules) of F5 Big-IP LTM-3600 and 6400 load balancers
• Configured Cisco IOS FeatureSet, NAT and Simple Network Management Protocol (SNMP) for Network Security implementation.
• Implemented Riverbed WAN optimization hardware and SaaS across global networks to improve CRM and Office365 Email performance.
• Deployed, configured and maintain compute for hosting complex application workloads on Azure
• Configured F5 GTM solutions, which includes Wide IP, Pool Load Balancing Methods, probers and monitors
• Provided technical support, integration, and configuration Cisco Meraki switching, Cisco ISE, Aerohive Wireless LAN, network monitoring software, and User based authentication such as 802.1x
• Experience with setting up IPSEC VPN on Cisco 5585 Firewalls towards the multiple vendors
• Experience working with Nexus 7010/Nexus 7018, 5020, 2148, 2248 devices
• Experience working with data center deployment where we converted from Cisco 6500 to Nexus.
• Experience with configuring FCOE using Cisco nexus 5548.
• Experience in configuring all Palo alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments
• Experience working with F5 LTM 3600/6400 and GTM 2200/4200 in data center
• Performed switching technology administration including VLANs, interVLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/Juniper security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Multipoint VPN: IPSec, IKEv2, DES, 3DES, AES (-128, -192, -256), Pre-Shared Key, X.509v3 Certificate, MD5, SHA-1, NAT-T, firewall rules for each VPN connection, configuration assistance via web interface, remote-controlled activate/ deactivate connection.
• Organizing Induction programs for new joiner’s and providing support and training to resolve all IP network issues to reduce waste and downtime while also ensuring client Service Level Agreements.
• Troubleshoot various network issues affect solutions and collaborate with staff and outside vendors to resolve complex problems.

Confidential

Network Security Engineer

Responsibilities:

• Configure, manage, and maintain security tools for DHHS including Palo Alto firewalls 3K, 5K, 7K, 9K Firepower(Sourcefire), Bluecoat, FireEye.
• Configured/Automate 500+ Dell S4048/S6000 bare metal network switches with Cumulus open platform for data center using Ansible and Python.
• Scripting for automation of processes for Windows Servers. Familiarity with main script languages like Power Shell, PHP, Shell, Perl, Python
• Experience in implementation, configuration & troubleshooting of Access Control Lists (ACL), NAT and Cisco IOS.
• Experienced in installation, configuration, and troubleshooting of Cisco 7600 series Juniper M320 and SRX series routers.
• Cisco IOS-based switch(3750, 3560, 2900, 3500, 4500, 5500, 6000 & router(2500, 2600, 3600, 3800, 6500, 4000, 7200, 7500)
• Designed architecture and implemented Tenable Security Center solution for the deployment of Continuous Monitoring to help with patch remediation and vulnerability scanning.
• Assisted in the development of a full orchestration of OS and company software using Foreman, Ansible, and Rundeck.
• Exceptional knowledge about dealing with F5 BigIP Load Balancing, handling the Checkpoint Firewall, SolarWinds, Wireshark, PKI, IPSEC, SAM, Nagios, and Tenable.
• Experience in deploying the Azure Cloud infrastructure and integrating it with Cisco ACI Fabric including the APIC Cluster, Leaf and Spine Switches and integrate them with different Cisco Nexus 2232, 2248 fabric extender for better Network Performance and Manageability.
• Support cloud-based Office 365 Email system and Active Directory Sync
• Experience in setting up the VMware VDI and integrating it with the Microsoft Active Directory for Authentication and Cisco ACI for Network.
• Exchange and/or Office365 migrations
• Analysed network traffic, addressed risks and managed network security incidents using network monitoring tools (WhatsUp Gold, SolarWinds, Cisco Meraki and Aerohive HiveManger).
• Build out and manage the Windows/VMware Virtual and Cloud Infrastructures and integrate them with Cisco ACI.
• Specific Technologies handled include but not limited to Cisco ISRs/Meraki MX, Cisco Catalyst/Nexus Switches
• New exposure and critical hands-on experience with cloud based and SD-WAN platforms - Viptela and Cisco Meraki.
• Migrated production applications into Azure with a combination of Azure Migration
• Designed and implemented dual ISP, redundant SD-WAN, Azure VNET, VMWare 5.5, 6.5
• Involved in Configuration of various Cisco Routers & L2/L3 Switches and implementing OSPF and BGP on the routers.
• Configuration and Integration of Cisco Identity Services Engine (ISE)
• Configuring, upgrading and deployment of Nexus 7010, 5596 and 2248.
• Designing and installing new branch network systems. Resolving network issues, running test scripts and preparing network documentation.
• Working with Cisco Nexus 2248 Fabric Extender and Nexus 5500 series to provide a Flexible Access Solution for datacenter access architecture.
• Design, Installation and consolidation of local server farms in multiple branch locations with Cisco 4500-X at distribution and 4948’s replacing the 3750’s at access level.
• Configuring and deploy Cisco Catalyst 2960 and Meraki MS350 switches along with MerakiMR52 wireless access points, and Meraki MV21 security cameras for upgrading existing sites
• Worked as a part of data center deployment where we converted from Cisco 6500 to Nexus.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls (160+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Configuring GLBP, VLAN Trunking 802.1Q, STP, Port security on Catalyst 6500 switches.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
• Working on HP open view map for Network Management System and Ticketing.
• Deployed and configured Cisco ASR 1000, 7000, 9000 series routers
• Involved in L2/L3 Switching technology administration including creating and maintaining VLANs, Port security, Trunking, STP, Inter VLAN Routing, LAN security.

Confidential

Network Engineer

Responsibilities:

• Troubleshoot the TCP/IP networks for connectivity, outages and slow network issues and recommended appropriate and cost-effective solutions for the congestion.
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP.
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
• Configured various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.

Confidential

Responsibilities:

• Responsible for handling, troubleshooting all Hardware and operating system related problems for several leading IT Companies.
• Effectively handling the end user tickets (problems), resolving their issues within the given SLA.
• Completed 60 DELL certifications in various system models includes the latest E-series
• Recognized for attending the highest number of service calls per day with in the scheduled ETA.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies. Cisco CLI, Cisco works, Network Security, Network Analysis Tools.
• Estimated Project costs and created documentation for project funding approvals