SUMMARY

• Overall 8 years of experience in Routing, Switching and Firewall Security, including hands - on experience in network support, installation and analysis for a broad range of LAN / WAN/MAN communication systems.
• Working knowledge of installing, configuring, and maintaining Cisco Switches (2900, 3500, 3700, 6500,6800 series) and Nexus 3000, 5000, 6000, 7000 series switches and Cisco 2600, 2800, 3600, 3800, 7200, 7600 series routers.
• In depth on working experience on Firewalls and Cisco ASA 5540/5550.
• Experience in Juniper Routers (MX960, MX480) and SRX Firewall (SRX240, SRX550) and Juniper Switches.
• Hand on experience on IP Addressing, Sub netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
• Hands on experience in Cisco Meraki and Controllers.
• Hands on experience in c programming.
• Provided support, troubleshooting of VLAN's, and have operational knowledge of STP, PVST, RSTP, inter VLAN routing, VLAN Trunks, port security, VTP Ether-channel, LACP protocol and ISL/802.1q, HTTP, HSRP, VRRP, GLBP, PPP, CHAP, LACP, PAGP.
• Experienced in implementing and managing F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Knowledge in wireless 802.11a/b/g/n, dot1x, mac authentication for troubleshooting.
• Extensive experience in RIP, OSPF, BGP, EIGRP.
• Troubleshooting DNS/DHCP issues within the LAN network.
• Working knowledge in Configuring, Monitoring and have Troubleshooter on Checkpoint security appliance, Failover DMZ zoning and configuring VLANs/routing/NATing with the firewalls per design.
• Subject matter expert (SME) in network concepts like OSI Reference Model, TCP/IP, ACE, F5 load balancer, DNS, IPV4, IPV6 and Subnetting.
• Extensive Knowledge on the implementation of checkpoint R75 firewalls.
• Experience in working on Palo Alto networks.
• Implementing site-site (IPSEC VPN) and remote VPN connections to communicate between branches using Cisco network devices, access NAC Appliances.
• Extensive knowledge in implementing and maintaining McAfee end point security.
• Managed inventory of all network hardware, Management, and Monitoring by use of SSH, Syslog, SNMP, NTP.
• Experienced working on network monitoring and analysis tools like, Tcpdump, Solar Winds, cisco works, Cisco Prime, Riverbed, Wireshark, Gigamon.
• Proficient in setting up IT infrastructure including WAN\LAN, security management systems network device administration.
• Real time experience in backup and restoration of Cisco IOS on TFTP server and routers.
• Escalated problems for Routing, Switching and WAN connectivity issues using ticketing system like Remedy Ticketing System.
• Proficient in using MS Visio, Excel, and Word for documentation.
• Good knowledge and understanding of Python, UNIX, Linux shell scripting.
• Good understanding on Wireless LAN Controller.

TECHNICAL SKILLS

SKILLS: checkpoint, Cisco, Cisco ASA, Nexus, Vlan

Cisco Routers: 3600, 3800, 7200, 7600 ASR 100X, ASR 9000.

Cisco: L2 & L3 Switches 3560, 3750,3850, 4500, 4900, 6500, Nexus 2K/5K/7K/9K.

Juniper Platforms: M, J and MX series routers.

LAN Technologies: Ethernet, Fast Ethernet, and Gigabit Ethernet, SMTP, VLAN, Inter-VLAN Routing, VTP, STP, RSTP, Light weight access point, WLC.

WAN Technologies: Frame Relay, PPP, HDLC, (E1/T1/E3T3), ATM, MPLS and SONET Network Security Cisco ASA, ACL, Checkpoint R77.

Networks Protocols: RIP v1/v2, OSPF, EIGRP, IS-IS, BGP, PBR, Route Filtering, Redistribution, Summarization, Static Routing, TACACS+, radius, AAA.

Gateway: Load Balancing HSRP, VRRP, GLBP.

Various Features: Services IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP.

Network Monitoring Tools: Wireshark, SolarWinds, Cisco Works, Cisco prime.Load Balancers F5 Networks (Big-IP) LTM, Cisco ACE 4710.Firewall & Security Checkpoint, Cisco ASA 55XX, Palo Alto, Bluecoat.

Operating Systems: Windows (XP, Server 2003/2008, Windows 7, Linux.

PROFESSIONAL EXPERIENCE

Lead Security Engineer

Confidential, Houston, TX

Responsibilities:

• Experience in setup cloud based solution in terms of Network security.
• Built new data center such as switches and firewalls, Racking, installation.
• Configuring and troubleshooting Next generation checkpoint firewalls with clusters, DLP, Antibot/Antivirus using R80.10 console.
• Configuring and troubleshooting Meraki MX firewall and MR access point in all remote locations including DC.
• Hands on experience in Trend Micro appliance.
• Experience in configuring centralized monitoring for Trend Micro using DDAN appliance.
• Hands on experience in implementing Vasco solution 2 factor authorization for remote access.
• Implementing and Troubleshooting IPsec tunnels on external firewalls.
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, SNMP, Inter-Vlan routing, LAN security.
• Troubleshooting DHCP, DNS and network issues
• Day to day meetings with customer and different vendors on different network, security solutions and SDWAN setup.
• Troubleshooting checkpoint/Meraki firewalls like building/modifying the rules, analyzing the packet capture/ logs.
• Hands on experience in MPLS setup.
• Configured Zscaler cloud based proxy solution for content filtering, DLP tools.
• Initiated GRE tunnels for Zscaler configuration.
• Experience in using service now ticketing tool.
• Experience in raising change management process and approvals, raising service request, incident request, normal change and standard change.
• Capacity planning and providing recommendations for infra upgrades.
• Experience in monitoring the network tools in solar winds.

Environment: Cisco Nexus 5K, 2248, Cisco 3750/3550/3500/2960 switches and Cisco 3640/12000/7200/3845/3600/2800 routers, Cisco ASA5510.PIX, Checkpoint, Palo Alto), Juniper Networks, F5 LoadBalancers, Zscaler, Trend Micro, Cisco Meraki firewall and Access points, Solar Winds, Service Now (Trouble ticketing system)

Senior Network Engineer

Confidential, IL

Responsibilities:

• Involved in configuring and implementing of composite Network models consists of Cisco 7600, 7200, 3800 series routers and Cisco 2950, 3500, 5000, 6500 series switches.
• Used Fabric Extenders like 2248TP GE series for the top of the rack solution and used 5548P for the end of the row solution.
• Worked on internet links upgrade project, wireless standardization, and core switch upgrade project.
• Scheduled maintenance of Nexus (2248, 5548, and 7010) switches so that there are no Orphan ports in the network, and all Users to be dual homed, so that they have sufficient redundancy.
• Worked on OTV to extend L2 VLANs between data centers over IP on Nexus 7010 switches.
• Configures Nexus 7010 including NX-OS virtual port channels, Nexus port profiles, Nexus version 4.2, 5.0, Nexus VPC peer link.
• Maintained VPCs with 7010 and 5548 in the network. Also, configured and maintained VDCs in 7010 switches, maintained VRFs in those separate VDCs.
• Performed layer2 switching configurations like trunking, DHCP IP helper, on MX80, MX240.
• Involved in troubleshooting Juniper switches.
• Created site to site IPSEC VPN tunnel with Checkpoint and Cisco ASA firewalls.
• Configure Cisco Meraki hardware remotely for high-value customers with strict maintenance windows.
• Configuration of ACLs in Cisco 5540 series ASA firewall for Internet Access requests for servers in LAN and DMZ and also for special user requests as authorized by management.
• Implementation and configuration of F5 BIG-IP LTM-6400, 6900, 3900 load balancers.
• Implemented F5 ASM layer 7 web application firewalls for DMZ network.
• Managed network boards, triage incoming tickets and monitored SLA.
• Troubleshoot network related issues and end-user technical problems over the phone or remote access.
• Setup of a new Cisco Secure ACS server for secure login to remote equipment using TACACS + and SSH connected in disturbed deployment mode and migrated devices between two active directories.
• Assisted Network Engineering with WCCP route/ACL implementation, customer L2L/IPSEC implementation and maintenance.
• Hands on experiences in Websense, Checkpoint URL filtering, Palo Alto URL filtering.
• Involved RE-IP of a 4 building blocks, reconfiguration of 80 closet switches using GBIC Backbones, 120 new VLans and routing advertisement.
• Proficient with the use of CLI (Command Line Interface) and GUI (Graphical User Interface).
• Troubleshoot the Network Issues(Packet capture analysis) onsite and remotely depending on the severity of the issues.
• Maintain and monitor ACI IT infrastructure.
• Performing network monitoring, providing analysis using various tools like Wireshark, Solar winds, riverbed etc.
• Attending weekly CAB meetings and ensuring all changes were going through the change process.
• Capacity planning and providing recommendations for infra upgrade.
• Infrastructure upgrades and new Infra deployments.

Environment: Cisco Nexus 7K/5K, 2248/3560/5020/6509 , Cisco 3750/3550/3500/2960 switches and Cisco 3640/12000/7200/3845/3600/2800 routers, Cisco ASA5510.PIX, Checkpoint, Palo Alto), F5 LoadBalancers, TMS, DMP, S&S, Cisco Works, Solar Winds, Cisco ACS, Cisco NCS, Cisco SmartNet, CMS, Firemon, NetMRI, Service Manager (Trouble ticketing system), ASDM, Riverbed.

Network Engineer

Confidential, MN

Responsibilities:

• Worked on 2600, 3500, 7613, ASR9K, CRS-1 Cisco Routers and 4500, 6500 series Cisco Switches.
• Configured STP for loop prevention and VTP for Inter-VLAN Routing.
• Performed Tier3 switching configurations like ISL/802.1q trunking, Inter-VLAN routing, port Configuring Virtual Chassis for Juniper switches EX-4200, Firewalls SRX-210.
• Implementing, Monitoring, Troubleshooting and Convergence in Frame-Mode MPLS inside the core.
• Configured URL Rewrite policy for several application & web server's load balanced on internal NetScaler VPXs.
• Configuring and supporting UCS B/C-Series for various customers.
• Deployed Unified Communications, VMware vSphere 5.0, 4.1, 4.1, Data Center Virtualization, UC on Cisco UCS.
• Implementation of 802.11 wireless LAN solutions from several vendors, including HP, Aruba, Meraki.
• Implemented a lab datacenter environment to support troubleshooting and recreates for various cisco technologies including Cisco voice, datacenter, and security.
• Involved in day to day management of Citrix NetScaler 11.0 for view, managed users, servers and monitored health of servers and load balance.
• Supported Cisco VoIP solutions from an infrastructure standpoint such as 2900/3900 series ISR configurations.
• Installed and configured Meraki (MX80, MX60) Appliance.
• Troubleshooting IPSEC VPN on Cisco 2900 series, ASAs 5525 and Azure.
• Implementation of Gigamon GigaVUE-2404 Traffic Visibility Nodes.
• Developed a Python script to automate the data fetching and processing mechanism for the network
• Configured DUO dual factor authentication integrated with Cisco ASA VPN and NetScaler 5500 FIPS.
• Experience in Working as a (SME) Subject Matter Expert in network security in firewalls and IPS. On a daily basis, I am working with Palo Alto Network firewalls and Sourcefire IPS, configuring them for access policies, VPNs, SSL decryption policies.
• Implemented VPN connections using Palo Alto firewalls. Performed multiple firewall changes on the PIX, ASA, and Palo Alto firewall based on the requirements and monitored firewall changes using firemon Tool
• Involved in SAN Switch administration using CLI, Brocade Web tools and Cisco Fabric manager and Cisco Device Manager.
• Troubleshooting Brocade 48000 director, DCX -8510 class fiber channel switches, Cisco director fiber channel switches.
• Configuring VLAN, spanning tree, VSTP, SNMP on Juniper EX series switches.
• Understand the JUNOS platform and worked with IOS upgrade of Juniper devices.
• Configured OSPF, BGP on Juniper Routers and SRX Firewalls.
• Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers.
• Implemented firewall policy change on the Checkpoint clusters.
• Deploy and configured Federation using SAML 2.0, Federation Security Services (FSS).
• Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability.
• Worked on F5, ASM and APM load balancers deploying many load balancing techniques with multiple components for efficient performance.
• Worked with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Responsibility for the Core Security of the Network. Managing the entire Network Security Products deployed in the network such as Checkpoint (GAIA R 75.40/77.20 ).
• Worked with server team on some servers and cisco ACE load balancers.
• Maintained TACACS+ and RADIUS servers for AAA.
• Provide second/third level technical support for ACI (Application Centric Infrastructure) technologies.
• Creating dedicated VLANs for Voice & Data with QOS for prioritizing VOICE over DATA.
• Support third party technologies within the ACI ecosystem such as VMware ESX, OpenStack.
• Configuration of Access Control Lists (ACL), Quality of Service (QoS), VPN, NAT/PAT policies.
• Performed installation, configuration, and testing of Aruba's wireless Access points.
• Maintained F5 BIG-IP LTM 6900 for providing application redundancy, load balancing and policies.
• Deliver IT Services Management (ITSM) solutions based on ITIL best practices that focused on the people, process, and technology.
• Perform monitoring and support of internal network security.
• Provided technical assistance for LAN/WAN management and troubleshooting the complex customer issues using Network monitoring tool's such as Solar winds, Cisco Prime.

Environment: Cisco Nexus 7K/5K, 2248/3560/5020/6509 , Cisco 3750/3550/3500/2960 switches and Cisco 3640/12000/7200/3845/3600/2800 routers, citrix, Cisco ASA5510.PIX, Checkpoint, Palo Alto), Brocade switches, F5 LoadBalancers, TMS, DMP, S&S, Cisco Works, Solar Winds, Cisco ACS, Cisco NCS, Cisco ACI, Cisco SmartNet, CMS, Firemon, NetMRI, Service Manager (Trouble ticketing system), ASDM, Riverbed

Network Engineer

Confidential, Vineland, NJ

Responsibilities:

• Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
• Responsible for implementing, supporting, and maintaining 24x7 network services.
• Coordinated efforts with Engineer's to ensure all network devices conformed to defined network standards.
• Configured and troubleshooting HSRP, BGP, OSPF, EIGRP, MPLS WAN, QoS and Route Maps.
• Configuring of IP Allocation and sub-netting for all applications and servers and other needs throughout company using VLSM addressing.
• Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Provided redundancy in a multi homed BGP network by tunings AS-path.
• Involved with Change ticket, priority tickets and Supporting On-call for Windows, Citrix and Virtual machines.
• Managed user accounts, networking and connectivity for Citrix connectivity.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Communicate with Spirent product teams regarding bugs and proactively conduct follow-ups to ensure fixes are received and tested by customers.
• Troubleshoot on security related issues on Cisco ASA/PIX, Checkpoint, IDS/IPS, Palo Alto firewalls.
• Installed Big IP F5 LTM, ASM and GTM load balancers to provide continues service to customers.
• Configured & maintained IPSEC Site-to-Site VPN.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
• Provided Tier 3 redundancy by implementing HSRP in the network.
• Configured pool and pool members and associated it to the virtual server.
• Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Re-addressed IPv4 OSPF wan-links due to network integration.
• Involved in Troubleshooting of DHCP and other IP conflict problems.
• Performed Switching Technology Administration including SNMP, STP, RSTP and Port Aggregation, Link Negotiation, including VLANs, inter-VLAN Routing, Trunking.
• Did supporting work on support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
• Site surveys, cabling configuration, WAP coverage, network, and voice requirements.
• Packet capturing, troubleshooting on network problems with Wireshark, identifying and fixing problems

Environment: Cisco Nexus 7K/5K, 2248/3560/5020/6509 , Cisco 3750/3550/3500/2960 switches and Cisco 3640/12000/7200/3845/3600/2800 routers, citrix, Cisco ASA5510.PIX, Checkpoint, Palo Alto), F5 LoadBalancers, TMS, DMP, S&S, Cisco Works, Solar Winds, Cisco ACS, Cisco NCS, Cisco SmartNet, CMS, Firemon, NetMRI, Service Manager (Trouble ticketing system), ASDM, Riverbed

Network Engineer

Confidential

Responsibilities:

• Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
• Configuration of Cisco 7206 router with VPN and Configuration of Catalyst switches.
• Configuration 7609, 7606 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
• Configured Routing protocols such as RIP, OSPF, EIGRP, static routing and policy based routing.
• Stimulated maintenance of Symantec SSL certificate, Symantec Endpoint Protection, and Symantec DLP (Data Loss Prevention) solutions.
• Maintained Symantec Brightmail scanners on Vmware environment.
• Configure VRRP & GLBP and VLAN Trunking 802.1Q & ISL, STP, Port Security on Catalyst 6500 switches.
• Requirement gathering for network projects implementing add, moves, changes, deletes on datacenter, corporate and store network consisting of Cisco 6509, 3550, 3750.
• Responsible for implementing Qos prioritizing voice traffic over a data.
• Managed and maintained Antivirus Server (McAfee, Quick heal).
• Maintained scheduled scans on McAfee.
• Configured Client-to-Site VPN using SSL Client on Cisco ASA 5520 ver8.2.
• Worked on converting Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.
• Managing the DNS entries using Infoblox.
• Implementing VoIP solutions using SIP and H.323, also have sound knowledge of Avaya VoIP product.
• Utilized high level of communication and interpersonal skills to establish and maintain positive and productive working relationships to include coordination of date and time with field techs when needed on site to re-IP various types of network equipment throughout Vertiple info tech.
• Configured using Cisco Prime and guided field technicians on installations for layer 2 and 3 devices
• Working with security issues like applying ACL's, configuring NAT and VPN.
• Managed VPN, IPSec, Endpoint-Security, status policy, Application control, IPS, Monitoring, Anti-Spam, Smart Provisioning, DLP using Checkpoint Firewalls.
• Use CUCM troubleshooting tools like Cisco unified serviceability tools, RTMT, Netdump Utility, Network Management like SNMP, SYSLOG, Packet capture, Sniffer Traces, Debug, and System History.
• Implementing and accomplishing Networking Projects under ITIL Standards.

Environment: Cisco2948/3560/4500/3560/ 3750/3550/3500/2960 6500 switches and Cisco 3640/1200/7200/3845/3600/2800 routers, Cisco Nexus 7K/5K/2K, Cisco ASA 500, Checkpoint, windows server 2003/2008: F5 BIGIP LTM, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP

Network Engineer

Confidential, IN

Responsibilities:

• Supported day to day operations of corporate LAN server environment.
• Configured Access List (Standard, Extended, and Named) to allow users all over the company to access different applications and blocking others.
• Configured STP for loop prevention and VTP for Inter-VLAN Routing.
• Done troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment.
• Configured 2600, 2900 and 3600 routers with RIP and EIGRP.
• Implemented VTP and Trunking protocols (like 802.1q and ISL) on cat 3560, 3750 and 4500 switches.
• Installation, Maintenance, Troubleshooting Local and Wide Areas Network (ISDN, Frame relay, NAT, DHCP, TCP/IP).
• Creating new load balancing policies by employing BGP attributes including Local Preference, AS-Path, and Community, MED.
• Configuring and Troubleshooting Cisco's PIX firewall.
• Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution.
• Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
• Performed IOS upgrades on 2900, 3500 series Cisco Catalyst switches and 1800, 2600, 3600 series Cisco routers using TFTP. created IVR Scripts to create reports via Seagate Crystal Report v.7 for the Symposium Call Center
• Worked on network-based IT systems such as Racking, Stacking and Cabling.

Environment: Cisco2948/3560/4500/3560/ 3750/3550/3500/2960 6500 switches and Cisco 3640/1200/7200/3845/3600/2800 routers, Cisco Nexus 7K/5K/2K, Cisco ASA 500, Checkpoint, windows server 2003/2008: F5 BIGIP LTM, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP.