SUMMARY

• 8+ Years of experience in networking, security, installing, configuring and maintaining network devices.
• I have knowledge of Cisco Meraki and pretty much knowledge of cisco ISE.
• Hands - on experience in configuring Meraki devices and creating device and feature templates required for SD-WAN implementation.
• Mature background in network design, installation, configuration, maintenance, support, administration and monitoring of all aspects of IT devices and networks with emphasis on Cisco and Meraki SD WAN. Continuous professional development in technical knowledge, management technologies and customer satisfaction skills. Strong Network Management Skills. Excels under pressure, accustomed to working long hours in pursuit of company goals. Team Leader or Player as required.
• Experience with Cisco Meraki wireless managed network infrastructure.
• I can be debugging and designing or supporting AAA identity-based access solutions for WLAN deployments
• Expertise in Configuration of VLANS, using Cisco Multilayer switches and supporting STP, RSTP, PVST, RPVST along with troubleshooting of inter-VLAN routing and VLAN trunking using 802.1Q.
• Proficient in using firewall technologies including general configuration, security policy, rules creation and modification of cisco ASA and checkpoint.
• Configured Cisco Unified Communications Manager (CUCM) and unity connections to support Call transfer, Conferencing and Voice mail.
• Strong experience in creating firewall policies as per the requirements on Checkpoint, Palo Alto, Cisco ASA.
• Responsible for all components of Office 365 including one drive, Skype for business, yammer and SharePoint.
• Experience on F5 Local Traffic managers (LTM), Global traffic manager (GTM) of series 6400, 6800, 3400, 5100, 3600 and 3DNS migration to GTM.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST. Implementation of HSRP, VRRP for Default Gateway Redundancy.
• Strong understanding of current and future technologies including TCP/IP, IPv4/v6, RIP, EIGRP, OSPF, BGP, Frame Relay, ACL, VPN, Wireless LAN and configuration of VLANs.
• Expert level knowledge in IP Routing and WAN protocols (BGP, EIGRP, OSPF, ISIS).
• Proficiently implemented traffic filters using Standard and Extended access-lists, Distribution lists, Route-maps and Route Manipulation using offset-list.
• Great knowledge and good hands on experience in CISCO source fire and its products.
• Experience with converting Cisco 6500 IOS to Cisco Nexus NX-OS in the data center environment.
• Network security including NAT/PAT, ACL, VPN and IPSEC on DMVPN (GRE Mode).
• Expert level internetworking troubleshooting in a large-scale network environment. Undertake support as designated Advanced Services engineer for large-scale networks.
• Extensively worked on Cisco catalyst 6509 and implemented VSS along with VDC and VPC on Nexus 5505, 7009 switches.
• Experience in configuring and Troubleshooting BIG-IP F-5 load balancer LTM.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Designed 10 gigabit networks using Cisco Nexus 7000 series switches, Checkpoint NGX firewall and Cisco 3800 series routers
• Good understanding of VoIP implementation and protocols such as H.323, RTP, and SIP.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs.
• Strong knowledge of TACACS+, RADIUS implementation in Access Control Network.
• Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.
• Access control server configuration for RADIUS and TACACS+.
• Responsible for check point and Cisco ASA firewall administration across global networks.
• Worked on ASR 1000 series routers.
• Worked on Load balancer F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Established relationships and network connectivity with vendors via site to site VPN.
• Configure all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale Firewall deployments.

TECHNICAL SKILLS

Network Design Tools: OPNET, GNS3 and Packet Tracer

Network Monitoring Software: Cisco-Works, Wireshark, Packet Analyzer

Routing Protocols: RIP, RIP-2, EIGRP, OSPF, HSRP, VRRP and GLBP.

Layer 2 Protocols: VTP, STP, RSTP, MST, VLANs, 802.1Q, ISL.

Infrastructure Services: DHCP, DNS, SMTP, FTP, TFTP, ICMP, SNMP.

Routers: 2600, 2800, 2900, 3600, 3700, 3800, 3900, 7200, 7600,10k,12k.

Switches: 2900, 2950, 3500, 3550, 3560, 3750, 3850, 4000, 4500, 4900, 6509, 75009.

AAA Architecture: TACACS+, RADIUS, Cisco ACS

Features and Services: IOS and Features, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP, FTP

WAN: PPP, HDLC, Channelized links (T1/T3), Fiber Optic Circuits, Frame Relay, MPLS, VPN

IP Services: L2VPN, L3VPN, VPLS, VPRN

LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet

Network Security: Cisco ASA 5505, ASA 5510, ACL, IPSEC, Checkpoint

PROFESSIONAL EXPERIENCE

Confidential

Network Engineer

Responsibilities:

• Assisted in the migration from DMVPN to Cisco Meraki SDWAN.
• Integrated Meraki SD-WAN into the infrastructure during the design process.
• Developed a roadmap and migration plan for SD-WAN solution deployment globally in conjunction with internal support teams.
• Management of Checkpoint and Cisco ASA Firewalls.
• Experience on Multiple Contexts in ASA firewalls and implemented different failover mechanisms among ASA firewalls.
• Installed Meraki SD-WAN solution Confidential remote branches to better utilize carrier circuits and mitigate packet loss and latency.
• Deployed and Manage SD-WAN network (Cisco Meraki Solution) for WAN connectivity.
• Rolled out 40 sites in a hub-spoke setup with migration from DMVPN to Meraki SDWAN.
• Responsible for developing traffic engineering in Meraki SDWAN to support intelligent traffic flow across the networks Involved in deployment of Meraki SDWAN solution across the Corporate offices.
• Provide 24*7 supports for day to day operational activities including Change Implementation, Handling Work order access Request, High Priority incident handling/troubleshooting for Security Devices (Firewalls, Proxies, IPS, SSL, VPN Devices etc.)
• Provided support for 2Tier and 3Tier firewall, which includes various Checkpoint, Cisco ASA firewalls and Fortinet Firewalls.
• Configured gateway to support calls using different call control and signaling protocols
• Implemented a Cisco Unified Border Element (CUBE) gateway to connect to an Internet Telephony Service Provider
• Configured Session Initiation Protocol (SIP) and Media Gateway Control Protocol (MGCP)
• Configured phones for Class of Service using the line, device approach
• Configured phones for voice mail.
• Configured Cisco Unity Connection users.
• Troubleshoot and Worked with Security issues related to Cisco ASA, Checkpoint, Fortinet, IDS/IPS.
• Configured and Administered Cisco ASA 5500 firewalls which includes setting up the different zones.
• Configuring and implementing Remote Access Solution: IPsec VPN, any connect VPN, SSL VPN.
• Primary responsibility is to maintain, monitor and make production changes on R77.30 checkpoint firewalls.
• Adding rules and monitoring checkpoint firewall traffic through Smart Dashboard and Smart View Tracker applications
• Closely works with the team to develop and maintain a comprehensive firewall engineer program, including policies, processes and standards for administration and engineering of firewalls.
• Monitor and maintain health of all firewalls.
• Worked with different project teams to provide firewall solutions to meet security requirements and business needs.
• Configured CUCM and unity connections to support Call transfer, Conferencing and Voice mail.
• Hands-on experience configuring and deploying Gateways, CUBEs, Quality of Service, and troubleshooting VoIP networks.
• Configure gateway interconnections to support VoIP and PSTN calls
• Develop and maintain the documentation of firewall procedures and standards.
• Worked on firewall tickets and provided support with production outages, assisting with product migrations/installations as per business requirement.
• Experience on checkpoint firewall upgrade from R75 to checkpoint GAIA R 77
• Experience on Smart update, user Management and Authentication in checkpoint.
• Experience on troubleshooting rules and user-based authentication issues.
• Experience on checkpoint Identity collector server
• Configured ACLs in Cisco 5500 ASA firewall for Internet Access requests for servers, Protocol Handling, Object Grouping and NAT Control using Object NAT.
• Managed a TACACS server for VPN user authentication and network devices authentication.
• Upgrading the network by translating protocols like EIGRP to OSPF.
• Performed VSS on cisco catalyst 6500 series switches.
• Configured and managed Cisco access layer routers, switches carried out route redistribution and manipulated route updates using distribute lists, route-maps, administrative distance, offset-lists.
• Extensive experience in configuring Layer3 routing and layer2/3 switching Cisco based series routers and Switches.
• Configured routing protocols like RIP, MPLS, EIGRP, OSPF& BGP and troubleshooting layer3 issues.
• Implemented redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
• Worked on Cisco IOS for configuration & troubleshooting of routing protocols: OSPF, EIGRP, RIP, BGP, BGPv4.
• Troubleshoot issues related to connectivity, STP, VLANs, Trunking, VTP, Layer 2/3switching, Ether Channels, Inter-VLAN routing, log messages, high CPU utilization and parameters that can degrade Performance of the network.
• Tested BGP features such as as-override, Local pre, EBGP and load balancing
• Maintained complex LAN/WAN networks with several VLANS and provided support for routing protocols and provided secure sessions over network using IPSec, SSL encryption.
• Worked on Remedy Ticketing system, Change Management, Incident Management and solving issues.

Confidential

Sr. Network Engineer

Responsibilities:

• Information security skills: Network Security (IDS/IPS, Firewall, Wireless Security, Nessus Scanner, Metasploit, Wireshark, Nmap), Network Traffic Analysis, IPsec VPN
• Implementing security Solutions using Cisco ASA, Checkpoint firewalls R75, R76, R77.30 Technologies: Cisco ASA firewalls, IDS/IPS, Symantec HIDS
• Installed and configured Cisco ASA 5500 series firewall and configured remote access IPSEC VPN on Cisco ASA 5500 series.
• Worked on disaster recovery, Perform On prem VM migration to Azure using Azure Site Recovery, database restore and recovery, database mirroring.
• Used OpenStack to simulate the test case to test virtual machines and also troubleshoot OpenStack.
• Implementation of Tenant Office 365 with Azure AD connect and ADFS for single Sign ON.
• Working and Deployed with upgraded Microsoft Exchange 2013 to Office 365 Environment.
• Monitoring, alerting, preventive action framework for Brocade SAN switches.
• Experience in Cisco Routing and Switching using 3600, 3700, 3800, 5300, 6500, 7200, 7600Nexus 7k, Nexus 5k, Nexus 2k& ASR 9000, 1000 series routers, Meraki products.
• Implemented single-sign ON Authentication method with Office 365 and configured DirSync and ADFS for Active Directory Synchronization.
• Worked on the SD-WAN implementations Confidential all Greenfield and Brownfield medical facilities/hospitals by deploying Meraki hardware.
• Migrated and implemented new solutions with Cisco ASA Firewall (5500) series.
• Experience configuring VPC, VDC and ISSU Software upgrades on Cisco Nexus 7010.
• Troubleshooting of protocol-based policies on Palo Alto firewalls and changing the policies as per the requirement and as per traffic flow.
• Create ACI migration plans (brownfield) create L2/L3 transitions. Map traffic flows for EPGs and BDs. Handle drivers for ML2 and GBP OpenStack integrations.
• Migration from 2007 to 2013 as well 2013 to Office 365.
• Implemented Quality of Service (QoS), Policy Maps, ACI, Class-maps, and Policy Routing in the network infrastructure throughout all the different sites.
• VLAN configuration, Troubleshooting and Firewall ACLs and Object-Groups configuration and support.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
• Worked as Cloud Security Consultant in Information and Cloud Security domain across verticals like Banking and Finance, Healthcare, Retail and Manufacturing.
• Involved in deployment of Meraki SDWAN solution across the Corporate offices.
• Provide second/third level technical support for ACI (Application Centric Infrastructure), APIC technologies
• Configuring/Managing Intrusion Prevention System (IPS): Cisco IPS/Fortinet& Checkpoint UTM.
• Configuration and maintenance of PIX and ASA firewall systems.
• Cisco WebEx Meeting Server /Cisco Meeting Rooms (CMR) Cloud Based (SAAS) Integration /Support/Rollouts (WBS30).
• Configured Cisco VOIP sets; 7975, 7940, 7941, 7960, 7937/8831 Polycom and 8841 SIP Devices.
• Configuring, maintaining and troubleshooting with Fortinet firewall and security.
• Conversions to BGP WAN routing, which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Configure/upgrade wireless access points and am familiar with Cisco wireless controllers.
• Worked with Cisco Layer 3 switches 3750, 4500, 6500; Cisco Nexus 2248, 5548, 6001 and 7018 in multi VLAN environment with the use of inter-VLAN routing, 802.1Q trunk, ether channel.
• Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs.
• Configuring the F5 LTM both by the GUI and Tmsh scripts. Composition of Virtual Servers, Pools, and Nodes in accordance to the application.
• Adding security rules and pushing the security policy on Checkpoint and Fortinet consolidated.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.
• Demystifying Terraform modules creating custom IAM policies with JASON. Worked on EC2 instances, remote backend using S3 storage.
• Experience parsing the CLI, semi structured text with Ansible. Network debug and troubleshooting socket path issues.
• Implemented Contracts, Multi-tenants between Endpoint groups using SDWAN in ACI.
• Working with leading cloud providers like AWS, Azure to align solutions as per RFPs, RFI.
• Experience with converting Cisco 6500 IOS to Cisco Nexus NX-OS in the data center environment.
• Redistribution of OSPF and EIGRP into BGP with the correct tagging parameters from the old legacy network to route and to utilize the correct MPLS VRF VPN’s provided from the bearers.
• Checkpoint, Cisco ASA, Fortinet and Palo Alto installation, upgrade, Monitoring and patch management.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
• Deployed and Manage SD-WAN network (Cisco Meraki Solution) for WAN connectivity.
• Participated in data center upgrade from Cisco IOS platforms to NX-OS platforms.
• Configure Cisco ASR 9001/9010/9910 and Catalyst 6509 routers for L3 VLans with HSRP and advertise network in BGP and OSPF in complex DC environment.
• Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series and ASR 9k, GSR 12K routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Installed high availability Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers.
• Managed the F5 BigIP GTM/LTM appliances to include writing i-Rules, SSL offload and everyday task of creating WIP and VIPs.
• Responsible for service request tickets generated by helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
• Experience with converting checkpoints VPN rules over to the Cisco ASA Solution. Migration with Cisco ASA VPN experience.
• Advanced proficiency with Cisco Wireless (APs, Controllers, ISE, Prime).

Confidential

Network Security Engineer

Responsibilities:

• Configure, implement, maintain, and administer Cisco LAN and WAN switches, routers, firewalls.
• Configure of IGP Dynamic Routing Protocols Like as RIP, IS-IS, EIGRP and OSPF.
• Experience with Cisco ASA firewalls (5510, 5520 and …).
• Experience on F5 BIG-IP Local Traffic Management (LTM) Module. (3900, and 6900 Load balancers).
• Configured Client-to-Site and Site to Site VPN using SSL Client on Cisco ASA 5520 ver8.2.
• Configuring the Access lists (ACL) on Cisco firewalls for proper network routing for the B2B network connectivity.
• Switching technologies like VLAN, Inter-VLAN Routing, Ether-channel, VTP, HSRP, VRRP, GLBP, Spanning Tree Protocol 802.1d, 802.1s and 802.1w.
• Installation and configuration Cisco router IOS 12.x, CatOS 12.x, Nexus NX-OS 6.x.
• Configure of EGP Border Gateway Protocol (BGP).
• Configure and implementation of BGP Confederation and BGP Route Reflector.
• Configure and implementation of BGP Attributes Like as Weight, Local Preference and MED for traffic direction.
• Configure Of MPLS-VPN, VRF and BGP Tunneling.
• Dynamic Multipoint Virtual Private Network (DMVPN).
• Coordinated with Vendors for creating and modifying firewall and NAT rules and Maintaining Site to Site IPSEC VPN and SSL VPN.
• Working as Cloud Administrator on Microsoft Azure, involved in configuring virtual machines, storage accounts, resource groups.
• Design/Create/Implement Cisco Telepresence Management Suite (TMS 15.5) w/ Cisco Cloud Connect Audio (CCA) cloud.
• Cisco WebEx (WBS31/SaaS) Cloud Based “Collaboration Meeting Server / Collaboration Meeting Room (CMR) provisioning, administration and enterprise rollout.
• Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment.
• Experience with AWS and Azure Security Architecture.
• Worked with Netmiko for SSH connections to routers and switches. Configuration of network devices with Python, NAPALM for network automation.
• Backup and restore of Check Point and Cisco ASA Firewall policies
• Experience on Administration and Troubleshooting of Microsoft Azure Networking (VM, Storage, VNET, OMS, NSG, Site to Site VPN, Point to Site VPN, ExpressRoute, Load Balancers, Application Gateway, Availability Sets).
• Experience with Microsoft Azure’s web Deployment and SQL Database Deployment.
• Migrated Sites from EIGRP to OSPF.
• Configuring switch ports (VLAN tagging, switch port mode, Port Channel) Confidential distribution and Access layers for new server builds and critical server movement as per requirement.
• Good understanding of OSI Model, TCP/IP col suite (IP, ARP, ICMP, TCP, UDP, SMTP, FTP, TFTP)
• Infrastructure trouble shooting and TCP/IP Protocols Experience.
• Troubleshot complex issues with Wireshark Confidential source and destination which can’t be resolved by the basic troubleshooting like ARP, firewall logs, switch logs and TCP dump.
• Performs regular maintenance and support of workstations, servers, and virtual machines. Includes maintaining the health and performance of databases.
• Cisco WebEx Meeting Server /Cisco Meeting Rooms (CMR) Cloud Based (SAAS) Integration /Support/Rollouts (WBS30).
• Experience working with Azure Cloud based services a plus.
• In corporate Cisco Nexus 9000 NXOS to ACI fabric to work in concert with existing Nexus 7000s and ASRs for MPLS.
• Regular upgrades and maintenance of Infrastructure, Installations, configurations of Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800).
• Troubleshoot network connectivity and performance problems.
• Communicate to all levels of the organization on project status.
• Basic Configuration of Juniper Routers, Nexus 7k, 5k & 2k.