SUMMARY

• Young, energetic and result oriented Technical Specialist in Data Center, Network and Security with over 20+ years of experience, with Enterprise Infrastructure, Military Satellite Ground Terminals (including Flyway’s, Transportable satellite terminals and fixed satellite terminals) and Service Provider networking background.
• Persuasive communicator with exceptional relationship management skills with the ability to relate to people at any level of business and management; highly ethical, trustworthy and discreet.
• Hands on experience in Application Centric Infrastructure (ACI), SD - WAN (Cisco Viptela and Vmware velocloud)
• Administration, Engineering and Support for various technologies including proficiency in LAN/MAN/WAN, routing, switching, security and application load balancing.
• Experience with the escalation problems for Routing, Switching and WAN connectivity issues using ticketing system remedy.
• Solutions oriented VoIP Network Engineer with noted accomplishments in implementation and support of complex corporate networks and VoIP networks.
• Experience with Spine Leaf Architecture VXLAN and EVPN Configuration and operational experience with Cisco ACI.
• Worked on Cisco UCCE (7.0, 8.0, 9.0, 10.5), CVP, Cisco Unified Communications Manager (6.X, 7.X, 8.X, 9.X & 10.X), CUSP, CISCO GATEWAYS and CISCO PGW.
• Implementation, Configuration and Support of Palo Alto Firewall (VM-500, PA-220, PA-820, PA-3k, PA-5k, PA-7k), Checkpoint firewall (NGX R65, R70, R71, R75, R77 and R80), Cisco Firewall (ASA 5505, 5520, 5506-X, 5585), Juniper (SRX 5400, SRX 5600, SRX 5800).
• Experience of routing protocols like EIGRP, OSPF, RIP, and BGP.
• Worked on Cisco 7200, 3800, 3600, 2900, 2800, 2600, 1800 series Router and Cisco 2900, 3500, 4500, 5500, 6500, 7000, 9000 series switches.
• Configured and troubleshoot IP sec Site to Site VPN and Remote Site VPN on Checkpoint, Cisco ASA, Palo Alto and Juniper Firewalls.
• Extensive hands-on experience with complex routed LAN and WAN networks, routers and switches
• Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution, and Core layers.
• Experience to migrate the infrastructure on Amazon Cloud Service - AWS.
• Extensive experience with Juniper portfolio including JUNOS, EX switching and SRX firewall annetworks firewall.
• In-depth expertise in the implementation of analysis, optimization, troubleshooting and documentation of LAN/WAN networking systems.

TECHNICAL SKILLS

• Cisco Routers - 800, 1800, 1900, 2900, 3900, 7200, ASR1000, 3K, 4K.
• Juniper Router - MX40, MX80 and MX240.
• Cisco Switches - 2960, 3560, 3750, 4500, 6500, 9300,9400 & 9500.
• Juniper Switches - EX2200, EX4200, EX4300, QFX 5100 & 5200
• Nexus Switches - 2224, 2248,3016, 3048, 5548, 5596, 7009 &7010, 9000 series.
• Cisco ASA 5505, 5510, 5512-X, 5515-X, 5520, 5525-X, 5540, 5545-X, 5550,5555-X & 5585.
• Juniper SRX 110/220/300/550/1500 Series
• Dell Sonicwall NSA 6600/5600/4600/3600/2600 , TZ300/400/500
• Fortigate 1000/600/300/200/100 Series
• PaloAlto - Panorama GUI, PA3060, PA2000, PA220, PA5020 & PA850
• ASA VPN configuration SSL, IPSec, Site to Site VPN. Cisco Router VPn . Palo Alto VPN
• 1500, 2000, 3500 and 4000.
• 2110, 4100 & 4120
• F5 BIG-IP LTM 2000/4000/5000 series.
• Python (Cisco Devices)
• Static Route, RIP, RIPnG, EIGRP, OSPF & BGP, MPLS, DMVPN, Traffic Engineering, Policy Based Routing, Route Filtering, Redistribution, Summarization, Tunnel Technique: 6t04, ISATAP, MPLS- L3 VPN, L2 VPN, MP-BGP & LDP
• FRAME RELAY, PPP, MPLS & Leased lines
• CEF, Multi-Layer Switching, Ether Channel. VTP, STP, RSTP, MSTP, VLANs,PAgP, and LACP. Trunking (ISL & 802.1Q), Inter-Vlan Routing, 802.1Q tunneling, Storm Control, SPAN/RSPAN, Private VLAN, Flex links, HSRP, VRRP and GLBP. vPC, VDC and OTV. Ethernet, Fast Ethernet, GigabitEthernet, NAT/PAT, FDDI. Cisco Secure Access Control Server (ACS) for TACACS+/Radius. Virtual Chasis
• Python (Cisco Devices)
• Solar Wind NPM, Naigos & CA Spectrum
• ACS, ISE2.0, AAA, Multiple Context Mode, NAT, IP Routing, Higher Availability, Cisco ASA with FirePower Services, ISE, 802.1x authentication, ISE for NAC provisioning, VPNs (Site-to- Site, IPSec, SSL WebVPN, DMVPN), Cisco Any-Connect Client, Radius, TACACS+, Cisco Authentication Proxy, Access-Lists, Prefix-list, IOS Security, Cisco IPS.
• DHCP, NAT, DNS, SNMP, FTP, TFTP, NTP, QOS and IP SLA.
• Risk Assessment (Tufin Secure App), Risk Management, Penetration Testing (Kali).
• Aruba LACP, Captive Portal Authentication, 802.1X Authentication, Virtual AP, Wireless Intrusion Prevention, LLDP, RSTP, Routing Protocol. RF site surveys.
• PRTG, IP SLA, SNMP ver 1, 2c and 3
• GNS3, Microsoft Visio 2010, 2013
• Solving issue tickets on Service Now Ticketing system. Attending CAB Meetings to make sure proper permissions to make systems changes.

PROFESSIONAL EXPERIENCE

Confidential

Sr. Network Security Engineer

Responsibilities:

• Manages, delivers and deploys aspects of network architecture, design, engineering and detail network specifications in order to migrate client from current network environment to the new environment.
• Assist in configuration and troubleshooting of Cisco Routers/Switches, Cisco ASA, Juniper Router/Switches, Juniper SRX Firewall, Riverbed, Checkpoint, Aruba Controllers, Aruba Access Points, Aruba ClearPass, ISE2.0, ACS and MPLS network. Lead network capacity planning, monitoring, reconfiguring and tuning of network hardware.
• Data Center Design/install/Configure on Cisco Nexus 9k, 7K, 5K & 2K Switches (Nexus Switches Nexus5548, 5596, 7009) for Implemented feature like ACI, VDC, VPC, fabric path and OTV. Worked on configuring Nexus 2K Fabric Extenders. ISSU software upgrade in Nexus switches.
• Implement code upgrades on the DDoS environment using A10 and Radware. Detect and take appropriate action to mitigate DDoS attacks with a wide level of independence
• Successfully implemented iWAN technology more then 1000+ site. Played a key role in Implementing QoS in Cisco and Juniper hardware based on user traffic.
• Working closely with Support teams/Clients and offshore development teams to understand capture and implement new business tactics.
• Configured and deployed various Palo Alto PA-200. PA-500. PA 3060, PA-5060 series.
• Tufin Secure Track for Firewall Rule, protocol, ports Analysis. Rule usage, network objects monitoring. Managed firewall/IDS provider to ensure network security and upgrade project works for network.
• Configured PaloAlto, Cisco ASA/ Juniper SRX firewall in HA Pair, migrated all the site to site VPN’s from cisco routers, Palo Alto firewalls and netscreen firewalls to Cisco ASA and Juniper SRX. Installation and troubleshooting of firewalls like Cisco ASA and Juniper SSG/SRX firewalls. Knowledge and experience with Cisco Firepower 9300 and 4120 Fire Sight.

Confidential, New York, NY

Systems Engineer

Responsibilities:

• Extensive implementation of dynamic routing and switching protocols on Cisco routers and switches.
• Configured Virtual Device Context (VDC) on Cisco Nexus 7000 series switch to logically segment into 4 different virtual switches for easy administration and management.
• Deployed AWS and Azure public cloud infrastructure.
• Responsible for configuring, administering and troubleshooting the Palo Alto and ASA firewall.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500.
• Configured NAT policies viz. Static NAT, Dynamic NAT and Dynamic PAT in Cisco ASA Firewall.
• Configuration and troubleshooting of Cisco Security Manager (CSM), integrated with ASA devices.
• Implementation of Site-to-Site VPNs and DMVPN over the internet using IKE Phase 1 and IKE Phase 2 based on traffic with ASA 5500 series Firewalls.
• Designing and implementing DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA 5500 Firewalls.
• Utilized Cisco AAA to setup access control on routers and access servers.
• Configured rules and maintained Palo Alto Firewalls & analyzed of firewall logs using various tools.
• Implemented & administered of Zoning Architecture project (Implementation of various zones like Server, Intra & Internet Zone)
• Configured SSL Decryption and URL blocking on Palo Alto Firewall.
• Firepower Series using Cisco ASA for additional vulnerability scanning
• Actively monitors security event logs and reports on computer viruses and malware using Fireeye
• Coordinated with network operations center for change notifications, alerts & escalation of security incidents.
• Experience in Cisco Routing, Switching and Security with strong Cisco hardware/software.
• Proficient with network hardware and technologies including routers, switches, firewalls, Ethernet, Fast Ethernet, Gigabit Ethernet.
• Configured Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
• Configured Cisco Catalyst 2960, 3750, 4500, 6500 and Nexus 3000, 5000, 6000, 7000 series switches.
• Supervised installation and configuration of Cisco 3550 Layer3 Switch.