SUMMARY

• 8 Plus years of professional experience in Networking and security including hands - on experience in providing network support, installation and analysis for a broad range of LAN/WAN/MAN communication systems.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, EIGRP, RIP, BGP v4,
• Extensive hands-on experience with complex routed LAN and WAN networks, routers and switches
• Experience with the escalation problems for Routing, Switching and WAN connectivity issues using ticketing system remedy.
• Experience of routing protocols like EIGRP, OSPF, RIP, and BGP
• Worked on Cisco 7200, 3800, 3600, 2800, 2600, 1800 series Routers and Cisco 2900, 3500, 4500, 5500, series switches
• Experience in the setup of Access-Lists, and RIP, EIGRP, and tunnel installations
• Proficiency in configuration of VLAN setup over various Cisco Routers and Switches
• Performed all maintenance tasks on the Nexus Switches, ASR Routers, Checkpoint Firewalls, F5 Load balancers Infoblox DNS and Cisco ACI.
• Strong knowledge of TACACS+, RADIUS implementation in Access Control Network
• Hands-on experience in using network stimulator tool OPNET.
• Strong knowledge on cisco ISE.
• Excellent leadership with good written and oral communication.
• Troubleshoot IPSEC overlay connectivity from SD-WAN appliance to Versa SD-WAN controllers via Internet, MPLS and WBS transports.
• Experience working on Cisco ASR 9001&ASR 1006.
• Hands on expertise with Cisco Catalyst routers/switches, Cisco Nexus equipment, Infoblox appliances, Cisco wireless, Riverbed/Cascade monitoring, and Solar winds
• Great team player and able to work under pressure 24x7 duty rotation.
• Strong knowledge in HSRP, VRRP redundancy Protocols.
• Experience in Network Management Tools and sniffers like SNMP, HP-Open view, Wireshark and Cisco works to support 24 x 7 Network Operation Center.
• Experience in physical cabling, IP addressing and subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies.
• Access control server configuration for RADIUS & TACAS+.
• Sound knowledge in CISCO firewalls, CISCO PIX, ASA 5500 series and CISCO ASA as well as encryption techniques.
• Experience in managing routers such as Juniper, Cisco, HP and load balancers such as F5, NetScaler etc.
• Expert knowledge of Cisco ACI, NXOS and IOS, other SDN products Tiered Domains, QoS, data center network design, cloud infrastructure design and management, OSPF, BGP, VLAN Trunking.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution.
• Expertise in configuring and troubleshooting of Palo Alto, Juniper Net Screen & SRX Firewalls and their implementation.
• Experience working on Big IP/F5 load balancer, Citrix NetScaler, Cisco ACE load balancer and Juniper Equipment.
• Experience in managing and Administering Cisco ASA 5515, Palo Alto, Sonic WALL, Forti net Firewall.
• Knowledge in configuring and troubleshooting Cisco Wireless networks; LWAPP, WLC, WCS, stand-alone apps, roaming, wireless security basis, IEEE 802.11a/b/g, RF spectrum characteristics.
• Experience working with Nexus 9k, 7K, 5K and 2K.
• Experience in Migration from Cisco ACS to Cisco ISE.
• Hands-on experience using Cisco Virtual Switching System (VSS).
• Knowledge of advanced technologies like VOIP, H.323, SIP, QOS, Multicasting, MPLS and MPLS-VPN.
• Implementation and Configuration (Profiles, I Rules) of F5 Big-IP LTM-6400 load balancers.
• SD-WAN technical assistance consultant with hands own on enterprise and ISP environment
• Good knowledge of CISCO NEXUS data center infrastructure with 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2248).
• Hands-on Experience with CISCO Nexus 7000, Nexus 5000, and Nexus 2000 platforms.
• Sound knowledge of virtual firewalls like checkpoint VSX, IDS, IPS as well as encryption techniques.

TECHNICAL SKILLS

Cisco Switches: Nexus 7K, 5K, 2K & 1K, Cisco routers (7200, 3800, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 2900series).

Cisco Routers: Cisco GSR 12416, 12418, Cisco 7200vxr, Cisco 3640, Cisco 3600

Routing Protocols: IGRP, EIGRP, OSPF, BGPv4, MP-BGP, IS-IS, RIP

Switches: Cisco Catalyst 6500, MSFC, MSFC2, 7600, 3700, 3500, Arista 7500, 7050, 7300 series, Cisco 2948/3560/4500/3560/3750/3550/3500/2960

Layer 3 Switching: CEF, MLS, Ether channel (PAGP & LACP, Load Balancing)

Layer 2 technologies: VLAN, HSRP, VRRP, GLBP, STP, RSTP, PVST+, MST, and PVLAN, Optimizing STP (Port Fast, Uplink Fast, Backbone Fast, Root Guard, and BPDU Guard)

Network Configuration: Advanced switch/router configuration (Cisco IOS access list, Route redistribution/propagation).

Security Technologies: Cisco FWSM/PIX/ASDM, Juniper SRX, Palo Alto, Checkpoint, F5 Load Balancer, ASA firewall

Security Firewalls: ASA, FWSM, FTD, Checkpoint, Palo Alto

WAN Protocols: HDLC, PPP, MLPPP

Circuit switched WAN: T1/E1 - T3/E3/OCX (Channelized, Fractional & full)

Packet Switched WAN: ATM, FRAME RELAY, MPLS VPNs

Network Management/Monitoring: Solar winds, HP NNMi 8xi (Network Node Manager), Net flow and Cisco prime, Ethereal / Wireshark, TCP Dump. Cisco DCNM, Firemon, MS-VISIO

Redundancy and management: HSRP, VRRP, GLBP, RPR, NSF/NSR, Wireshark, Solarwinds, SNMP

Physical interfaces: Fast Ethernet, Gigabit Ethernet, Serial, HSSI, SONET (POS)

Operating Systems: Microsoft XP/Vista/7, UNIX, Linux (Red hat, Opens use, Fedora), Windows Servers 2003/2008Windows MS-Office, VMware ESX 5.1, VMware VSphere client, Microsoft Azure, office 365, Python

PROFESSIONAL EXPERIENCE

Confidential, Queens, NY

Senior Network Security Engineer

Responsibilities:

• Responsible for designing network infrastructure and implementing RIP, EIGRP, OSPF, BGP routing protocols on various networking devices and performed troubleshooting on Remote infrastructure management of campuses in different locations
• Redefined the existing infrastructure with Arista devices and developed network design documentation and presentations using VISIO.
• Performed all maintenance tasks on the Nexus Switches, ASR Routers, Checkpoint Firewalls, F5 Load balancers Infoblox DNS and Cisco ACI.
• Designed and Implemented policies and zones on Palo Alto 7050 Chasis Internet firewall for incoming and outgoing traffic.
• Worked on Great exposure to SDN and Network virtualization technologies like Cisco ACI.
• Involved in Configuration of Access lists (ACL) on ASA and Sonic wall firewall for the proper network routing for the B2B network connectivity and added exposure to ASA fire power.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools
• Actively worked on Switching tasks that includes VTP, ISL/ 802.1q, IPSec and GRE Tunneling, VLANs, Ether Channel, Trunking, Port Security, STP and RSTP.
• Built site-to-site IPSEC VPNs over Frame-relay & MPLS circuits on various models of Cisco routers to facilitate adding new business partners to new and existing infrastructures
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPSec/GRE to Get VPN.
• Involved in testing and production support of cisco ACI Data center in network centric mode.
• Involved in migrating applications from NetScaler to F5 Big - IP environment.
• Migrated site to site VPN tunnels from router infrastructure to redundant ASA infrastructure.
• Designing F5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.
• Design, and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Well Experienced in configuring protocols HSRP, GLBP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP
• Expert in configuring Cisco Routers, Catalyst Switches, Nexus Switches.
• Upgrade Cisco 6500, 3750, 2960s, Nexus 5000, Nexus 2000, Nexus 7000 switch IOS software.
• Strong Knowledge in working with F5 Load Balancers and their Implementation in various Networks.
• Worked extensively on Cisco ASA 5555-X Series, Implemented site to site VPN’s and any connect services.
• Configured Citrix ICA policy for multiple apps both on NetScaler and F5 APM devices.
• Placed in charge of control and maintenance of the SD-WAN laboratory environments, performing version updating before user client official updating
• Implemented Palo Alto 7050 Firewall in HA Pairs as an internet firewall, Configured rules and Zones based on traffic.
• Configured and managed Cisco VSS in Distribution layer of the Data center network and arista 7010/7060 series switches.
• Designed ACLs, VLANs, troubleshooting IP addressing issues and taking back up of the configurations on switches and router
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture
• Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing
• Help customers build scalable, resilient, and high-performance applications and services on AWS
• Configuration of firewalls, implementing Site to Site and any connect VPN's and maintaining policies and zones on firewalls
• Monitored network for optimum traffic distribution and load balancing using Solar winds
• Creating and provisioning Juniper SRX firewall policies

Confidential, Lancaster, PA

Sr. Network Engineer

Responsibilities:

• Experience with configuring Cisco 6500 VSS in Distribution layer of the Data center network
• Configuration and Administration of Cisco and Juniper Routers and Switches
• Experience working with Nexus 7010, 5548, 5596, 2148, 2248 devices.
• Experience with setting up MPLS Layer 3 VPN cloud in data center and also working with BGP WAN towards customer.
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Hands on Experience testing I Rules using Browser (IE), HTTP watch for f5 load balancers.
• Configure and troubleshoot Juniper EX series switches and routers
• Experience on dealing with Cisco Application Centric Infrastructure (ACI) by integration hardware and software products as per network layout
• Network security including NAT/PAT, ACL, and ASA Firewalls.
• Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
• Migrated Juniper EX series switches to Cisco 3500 series and 6500 series switches
• Good knowledge with the technologies VPN, WLAN and Multicast.
• Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy It also includes the configuration of port channel between core switches and server distribution switches
• Installed dual DS-3 SAN replications WAN with Riverbed Interceptors and 6050 Steelhead appliances to optimize the traffic.
• Maintained and created scripts in Python that assisted in pulling in the necessary data into Splunk to meet audit and reporting requirements.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Switching tasks include VTP, ISL/ 802.1q, IPSec and GRE Tunneling, VLANs, Ether Channel, Trunking, Port Security, STP and RSTP.
• Experience in installing and configuring DNS, DHCP servers.
• Replace branch hardware with new 3900 routers and 2960 switches.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPSec/GRE to Get VPN.
• Experience in configuring all Palo alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments.
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking, deployed port security when possible for user ports
• Designing F5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.
• Configuration of firewall (Palo Alto) security policies, Global Protect VPN, URL filtering, Data filtering and file blocking Profiles.
• Installed and Configured the F5 BIG-IP LTM, configure virtual servers and associate them with pools for internal web servers.
• Involved in configuring Juniper SSG-140 and Check point firewall
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP,
• Automated network implementations and tasks and designed monitoring tools using python scripting.

Confidential, Rockville, MD

Firewalls Engineer

Responsibilities:

• Configuring, Maintaining the Routers and Switches and Implementation of RIP, EIGRP, OSPF, BGP routing protocols and troubleshooting Remote infrastructure management of offices in different locations nationwide.
• Security policy review and configuration in Palo Alto and Junipers Firewall in US offices and Datacenter.
• Involved in Configuration of Access lists (ACL) on checkpoint firewall for the proper network routing for the B2B network connectivity.
• Created effective network security by migrating from Check Point FW-1 NG to ASA 5510 Firewalls
• Built site-to-site IPSec VPNs over Frame-relay & MPLS circuits on various models of Cisco routers to facilitate adding new business partners to new and existing infrastructures.
• Configured RIP, PPP, BGP and OSPF routing.
• Configured and maintained SSL VPN's on Palo Alto and Cisco ASA Firewalls.
• Troubleshoot, Conduct Scans and Access Network issues, then patch Vulnerabilities and Mitigate DDOS attacks on Palo Alto Firewall.
• Responsible for Checkpoint firewall management and operations across our global networks.
• Data center migration was involved in Access, Distribution and Core layers
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Experience with configuring Virtual Server and Configuring Load balancing methods in F5 LTM
• Experience with design and implementation of Data center migration.
• Expert in configuring Cisco Routers, Catalyst Switches, Nexus Switches.
• Worked extensively with Nexus 7000, 5000, 2000, Cisco 6500 series multilayer switches, Cisco 2960s series switches and Cisco 3560/3750s switches
• Strong Knowledge in working with F5 Load Balancers and their Implementation in various Networks.
• Implemented Positive Enforcement Model with the help of Palo Alto Networks.
• Help customers build scalable, resilient, and high-performance applications and services on AWS
• Involved in deployment of Cisco ISE and Firepower as well as, created/modified necessary profiles that allowed authorized devices on the network.
• Experience with Firewall Administration, Rule Analysis, Rule Modification
• Deployed the switches in high availability configuration with HSRP.
• Monitored network for optimum traffic distribution and load balancing using Solar winds.
• Creating and provisioning Juniper SRX firewall policies.
• Responsible for developing and maintaining online documentation and resources pertaining to wireless network.

Confidential, Richmond, VA

Network Support Engineer

Responsibilities:

• Involved in troubleshooting LAN connectivity, hardware issues in the network, IP addressing issues, created a backup and recovery policy for software application, verified the working of peripherals and Updating IOS images using TFTP.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution.
• Migration with both Checkpoint and Cisco ASA VPN experience.
• Configured Security policies including NAT, PAT, VPN's and Access Control Lists.
• Configuring IPSec VPN on Cisco Firewall.
• Set up and troubleshoot 802.11 wireless networks.
• Implemented MPLS, IPSEC and GRE tunnel.
• Configured and maintained SSL VPN's on Palo Alto and Cisco ASA Firewalls.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls (160+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Working on configuring routing protocols (OSPF, BGP4, RIP, IGRP and EIGRP) and enterprise class switches-router management (Cisco 6509, 2800, 2900, 3750, 3800, 3900).
• Worked on supporting a wide variety of networking components including Cisco Routers, Switches, Wireless Access Points, MPLS, Frame-Relay, ATM, ISDN, BGP, EIGRP, OSPF and RIPv2
• Worked on F5 BIG-IP LTM, configured profiles provided and ensured high availability.
• Experience with devices Palo Alto Network firewalls such as security NAT, Threat prevention & URL filtering.
• Design, installation and troubleshooting networks with hand-on experience with OSPF, BGP, VPLS, Multicast, VPN, MPLS, & Traffic engineering.
• Interacted with support services to reduce the downtime on leased lines.
• Managed the IP address space using subnets and variable length subnet masks (VLSM) and Monitored the operability and reliability of the network.
• Daily responsibilities included monitoring remote site using network management tools, assisted in design guidance for infrastructure upgrade & help LAN administrator with backbone connection and connectivity issues.
• Modified and tested scripts and extended Linux system functionality as needed.

Confidential

Network Admin

Responsibilities:

• Configured the Cisco router as IP Firewall and for NATting.
• Managed and installed Firewall (Sonic wall).
• Installed & configured PIX 520, 525, 535 series firewalls, configured standard & extended access-lists & policy- based filters.
• Implemented TCP/IP and related services like DHCP/DNS/WINS.
• Configured ASA 5510 appliance and VPN.
• Managed and maintained Antivirus Server (MacAfee, Quick heal, scan).
• Check for DNS issues by pinging the server’s name. Experience with Wireshark, Test TCP& OPNET.
• Installed and configured network printer installation (HP) 3500 series.
• Configuring, supporting, and maintaining routers, switches, network appliances, firewalls, concentrators, and other communication devices.
• Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues.
• Involved in configuring and implementing of Composite Network models consists of Cisco 3750, 2620 and, 1900 series routers and Cisco 2950, 3500 Series switches.
• Providing support for advanced level and on-call support for large variety of networks, systems, and infrastructures.
• Performed administrative support for RIP, OSPF routing protocol.
• Implemented TCP/IP, TFTP and related services like DHCP/DNS/WINS.
• Troubleshooting network systems and performance, and remediating issues professionally and concisely.
• Evaluating project fit and design, utilizing best practices and vendor comparison techniques to provide customer with best business solution.