SUMMARY

• 9 years of experience in Networking & Security spanning across Datacenter, Enterprise & SMB application switches & environment.
• Experience in installing, configuring, and troubleshooting of Cisco 2921, 2911,3960, 2800, 1921 and 1911 series Routers, Cisco Catalyst 2960, 3560, SM - D-ES3G-48-P, SM-ES2-24, 3500 series switches
• Experience in Designing & setting up networks including Configuration and troubleshooting on EIGRP, OSPF, VLAN, WAN, LAYERS.
• Plan, design and implement network planning, system management, security/firewall management and network trouble shooting, Server management.
• Security Assessment, risk recovery, security infrastructure design implementation and testing for Data Management.
• Experienced & skilled with various network security, information security & firewall solutions
• Moderate noledge in configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone APs, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics
• Net Screen Firewall, Palo Alto Next-Generation firewalls, Bluecoat proxies and Cisco ASA
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Advanced Knowledge in IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
• Experience in Configuring, maintaining and troubleshooting IPS and IPS-1 in Checkpoint
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Using Smart Update, User Management and Autantication in Checkpoint Firewall.
• Configure and troubleshoot Remote access and site to site-in Checkpoint & ASA firewalls
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point R65, R70 & R77, Palo Alto and Cisco ASA
• Experience with network security design implementation Assessment, evaluation, design, and implementation of solutions.
• Knowledge of Intrusion Detection and Prevention System, DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels, MPLS/VPN, SSL/VPN.
• Experience with F5 load balancer, administration, management and upgrades to support 24x7 operations.
• Hands on experience using diagnosis tools like TCPDUMP, Wireshark for analyzing the real time statistics during the packet flow.
• In-depth noledge of deploying and troubleshooting Cisco IOS LAN, WAN, QoS, Frame-Relay, Etherchannel, IP Routing Protocols - (RIPV2, OSPF, EIGRP & BGP), ACL's, NAT, VLAN, STP & VTP
• Experienced in design, installation, configuration, administration and troubleshooting of LAN/WAN infrastructure and security using Cisco routers/Switches/firewalls.
• Security monitoring process with the halp of Log management tools (me.e. Splunk) and Security Information Event Management (SIEM) tools (me.e., Orion)
• Strong ecommerce, general management, negotiation, inter-personal, communication and team building skills.
• Preparation of write-ups for installation procedures and configurations of new tools/server.
• Given technical presentations to the team.
• Experience in using tools like IxNetwork, IXIA and MG-Soft mib browser.
• Filed around defects in various projects/products on Broadcom Software for system, switching, routing features.
• Hands on experience in reproducing and verification of TroubleShootReports(TSRs) raised by customers.
• Had an experience in working under Agile model.
• Good communication skills, both written and verbal.
• Quick learner of new technologies and proven ability to work efficiently under tight deadlines.

TECHNICAL SKILLS

Networking Protocols: TCP/IP suite, ARP

Hardware: Routers Cisco 7609, 7200, 3800, 3745, 3640, 2600, 2800 Switches Cisco 3500, 5000, 6500 Catalyst Series Cisco 7000, 2000 Nexus 2K/5K/7K HP, Compaq, Dell, IBM Servers

Layer 2 Protocols: Vlan, STP, RSTP, MSTP, PVSTP

Layer 3 Protocols: OSPFv2, EIGRPv2, BGPv4, PBR, IS-IS

Security Protocols: TACACS, RADIUS, Cisco ACS

Firewalls: Cisco ASA (5505/5510), F5, F10, Fortigate, ANS, PaloAlto

IP Services: DHCP, DNS, FTP, TFTP, SMTP

WAN Technology: ATM, PPP, MPLS

Programming Languages: Basics of Python

Operating system: WINDOWS, Linux, Unix

Packet Tracer: Etheiral, Wire shark, TCP Dump, Solar winds, Netflow, Cisco NCM

Network Tools: WhatsUp Gold, IXIA, Shenick, N2X, MG-Soft MIB browserPROJECTS HANDLED

PROFESSIONAL EXPERIENCE

Network Security Engineer

Confidential, Huntsville, AL

Responsibilities:

• Responsible for implementing Port Level Security across entire North America offices.
• Co Lead major infrastructure projects: gather requirements, write proposals, design system architecture, lead deployment efforts
• Configuration of Juniper Radius Servers, DHCP servers, DNS entries.
• Troubleshoot all issues related to Port Level Security in voice and data networks.
• Use Network monitoring tools to ensure network connectivity and Protocol analysis tools to assess and pinpoint networking issues causing service disruption.
• Provide Tier 2 support for network (Layer 3) related issues for the customer.
• Modifying ACLs to permit/ deny access to groups of users
• Created domain services, users and groups using admin console.
• Involved in switching technology administration including creating VLANS’s, trunking, STP, InterVlan routing.
• Configuration of OSPF and BGP in Cisco 4507, 4510, 6509, 6513 Switches
• Backend testing of Supervisors Modules in Cisco 3750, 4507, 4510, 6509, 6513 switches.
• Testing and Deployment of Cisco 7900 series phones with dot1x. Experience with CUCM.
• Configured Cisco Nexus 5548 SAN switches.
• Setting up network security parameters using 802.1x protocol.
• Configured and implemented Remote Access VPN using IPSEC.
• Maintained and managed the TCP/IP tracking table.
• Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches.
• Convert Branch WAN links from point to point circuits to MPLS and to convert encryption from IPSec/GRE to Get VPN.
• Configured various Router interfaces like ATM interface, T3 & Channelized T1 interfaces
• Configuring and troubleshooting CISCO catalyst 6509, 7609, 7613 with Supervisor cards, Cisco 3640, Cisco GSR 12416, 21418(with PRP and RPR processors)
• Implemented Positive Enforcement Model with the halp of Palo Alto Networks.
• Exposure to Wildfire feature of Palo Alto.
• Configuring rules and maintaining Palo Alto Firewalls & Analysis of Firewall logs.
• Configured and maintained IPsec and SSL VPN's on Palo Alto Firewalls.
• Troubleshooting connectivity issues within the server zones of the Data center (between application servers database and web servers) as well as user requests and user connectivity issues from various branch locations, office locations and third party sites to data center.
• Plan Design and assist in deploying enterprise wide Network Security and High Availability Solutions for ASA
• Modify and implement ACL changes on store routers and assist the user when their are any issues using Network Authority. Autantication to dis is also done through TACACS
• Troubleshooting connectivity issues within the server zones of the Data center (between application servers, database and web servers) as well as user requests and user connectivity issues from various branch locations, office locations and third party sites to data center.
• Perform advanced troubleshooting using Packet tracer and tcpdump on firewalls.
• Cisco ASA Firewall configuration and troubleshooting.
• Schedule and participate in weekly meetings with various teams involved in the project to discuss the bottlenecks if any and contribute to design a solution framework. Maintain Configuration, Documentation (Visio's) and Records Management.

Network Engineer

Confidential, San Jose, CA

Responsibilities:

• Designed configured and implemented BGP, EIGRP, and OSPF in multi-protocol network environment.
• Installed, configured and maintained Cisco 7200 series VPN Router.
• Built LAN/ WAN TCP/IP network comprised of Cisco Switches (6500, 7000, 3750, 3500, and 2900).
• Do technical mentorship in interactions with internal and external stakeholders
• Subject matter expertise on Routing especially on OSPF, RIP
• Developed an optimum IP Addressing schemes, VLAN tables, and network documentation and diagrams (Visio).
• Configuration and extension of VLAN from one network segment to other segment between Different vendor switches (Cisco, Juniper)
• Experience working with OTV & FCOE on the nexus between the datacenters
• Hands on experience on Subnetting and VLSM, STP, VTP, VLAN Trunking.
• Design, and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls
• Troubleshooting on all Cisco IOS and Catalyst switches on the network which included but was not limited to; 3700, 7200 and 7500 series routers and catalyst 6513 and 6509 switches.
• Monitored network traffic via network monitoring tools and sniffers in an attempt to troubleshoot network outages and intrusions by tracing their origin and destination.
• Work closely with configuring, maintaining and troubleshooting WAN links - MPLS VPN.
• Configured and Implemented Site-to-Site VPNs at branch sites using IPSEC.
• Performing duties that included distribution of IP hostnames and IP addresses to devices in existence as well as newly added devices. Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of
• Responsible for Cisco ASA firewall administration across our global networks
• Used Kiwi-Cat tools to manage configurations from desktop for network devices, including routers, switches and firewalls. Generate network device configuration reports, such as port, MAC, APR and version details
• Worked on a migration project which involved the removal of all static routes from core devices
• Responsible for the Global engineering and support of existing network technologies / services and the integration of new network technologies / services
• Replace branch hardware with new 2851 routers and 2960 switches.
• Involved in complete LAN, WAN development (including IP address planning, designing, installation, configuration, testing, and maintenance).
• Used Layer 3 protocols like EIGRP, OSPF, BGP to configure Routers in the network.
• Provided Tier 2 support for network (Layer 3) related issues for the customer.
• Implemented and configured HSRP with EIGRPv2 with Cisco CLI.
• Performed switching technology administration including VLANs, inter-Vlan routing, trunking, port aggregation & link negotiation.
• Installed and configured DHCP server. Involved in troubleshooting of DHCP and other IP conflict problems.
• Configured VPN, ACL, and NAT in the Cisco ASA 5550 firewall to allow only authorized users to access the servers of the internal network
• Involved in troubleshooting various layer 2 and layer 3 issues related to MPLS, Multicasting, VRF and BGP routing
• Performed route redistribution & manipulated route updates using distribute lists, route-maps & administrative distance.
• Created domain services, users and groups using admin console.
• Used Network monitoring tools to ensure network connectivity and Protocol analysis tools to assess and pinpoint networking issues causing service disruption.
• Worked on the security levels with RADIUS, TACACS+.
• Configuring HSRP between the 3845 router pairs for Gateway redundancy for the client desktops.
• ConfigureVRRP & GLBP andVLANTrunking802.1Q & ISL, STP, Port Security on Catalyst 6500 switches.
• Configuration and Installation of Voice Interfaces like E1 & T1 Lines (CAS and PRI), BRI,FXS, FXO
• Responsible for service request tickets generated by the halpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support
• Implementation, configuration and support of Checkpoint and ASA firewalls for clients.
• Complete rename of all firewall objects and rules.
• Provide best practice security consulting for multiple compliance initiatives, with a focus on highly resilient solutions.
• Performing network monitoring, providing analysis using various tools like Wireshark, SolarWinds etc.
• Experience working with Cisco IOS, IOS-XR, NXOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS.
• Implementing, configuring, and troubleshooting various routing protocols like RIP, EIGRP, OSPF and BGP
• Implemented, configured redundancy protocols HSRP, VRRP, GLBP for Default Gateway Redundancy.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500.
• Creating technical implementation plans, project plans, and worked closely with internal and external customers to supply solutions that fulfill their needs.

Network Engineer

Confidential

Responsibilities:

• Responsible for building the Test Topology to verify the customer scenarios.
• Performed daily maintenance, troubleshooting, configuration, installation and documentation of all network components within the network.
• Configuration of CISCO Routers (2800 Series) and 3550, 6500 series switches.
• Performed IOS upgrades on Catalyst 3550, 2950, 1900 switches, and 3600, 2600 and 2500 routers.
• Provided support for global network including T1/T3, ATM connections using HDLC and Frame Relay on 2600, 4000 series Routers.
• TCP/IP network planning, Implemented IPv4 addressing, subnetting, route summarization and distribution.
• Configured routing with EIGRP, static routes and switching with VLANs, VTP, and STP.
• Configured Access lists on the boundaries of the network either inbound or outbound.
• Installed/upgraded operating system, anti-virus and monitoring tools. Setting up & maintenance of LAN & WAN networks.
• Completed service requests (me.e. - IP readdressing, bandwidth upgrades, IOS/platform upgrades, etc)
• Identify, design and implement flexible, responsive, and secure technology services
• Enabled SNMP traps for Cisco Monitoring tool to monitor traffic and check the regular health of Servers and Network Devices.
• Configured wireless protocols, autantication mechanisms (802.11*, WPA, etc) and installed the Access Point as per the client requirements.
• Responsible for implementing and testing secure access for outside business partners into the client network for secured data transport.
• Respond to all system problems on a 7X24 basis and take part in on-call rotation
• Sunlife project includes monitoring & troubleshooting of backbone network
• Providing remote hand support to National and International customer having their Co-located server and network devices installed in Data Centre
• Actively involved in Customer interaction and Tracking the status.
• Co-coordinating with customers and providing support on occasion of new server implementation and providing network connectivity to it. Monitoring batch jobs using Control/M
• Taking back-up’s on time to time using Tivoli Storage manager TSM Network Change Coordination, trouble ticket handling on priority basis
• Assisted in troubleshooting complex layer 1, 2 and 3 connectivity using WireShark protocol analyzer and recommended solution for better performance
• Configuration and troubleshooting L3 switches with VLAN, STP, SPAN, ETHERCHANNEL, HSRP, VRRP and GLBP

From Trainee engineer to Engineer

Confidential

Responsibilities:

• Responsible for implementing, supporting, and maintaining 24x7 network services.
• Coordinated efforts with Engineer's to ensure all network devices conformed to defined network standards.
• Manage and maintain the FIC Monitoring Systems
• Responsible for Fault handling and escalation
• Analyzing system and network performance using monitoring and graphical data
• Monitor Network components like Hub Switch Router using Net View tool. Monitoring the network link using NMS tool WatsupGold
• Co-ordinate with Level 2 support & work towards solution, raising tickets in HP Service center
• Provided Tier 2 support for network (Layer 3) related issues for the customer.
• Configured and troubleshooting HSRP, BGP, OSPF, EIGRP, MPLS WAN, QoS and Route Maps.
• Configured and maintaining Cisco 7200, 4400, 5000 and 6500 platforms.
• Troubleshoot connectivity issues involving VLAN's, OSPF, QoS etc.
• Support, monitor and manage the IP network.
• Performance monitoring of various applications and web servers to maintain quality of service and network stability.
• Maintained core switches, creating VLAN's and configuring VTP.
• Designed IP Addressing schemes, VLAN tables and Switchport assignments, Trunking and Ether-channel implementation.
• Gained hands on experience with VLSM, STP, VTP, VLAN Trunking.
• Completed service requests (me.e. - IP readdressing, bandwidth upgrades, IOS/platform upgrades, etc.)
• Installed and set up Cisco routers and switches according to deployment plans.
• Applied access lists and NAT configurations based on implementation guidelines.
• Managed and developed network projects designed to strengtan network continuity and deploy security elements in an attempt to meet and exceed contract requirements, including system analysis and troubleshooting.
• Change management, monitoring network performance with network tools.
• IP Distribution for existing devices and new devices as they were added.
• Preformed maintenance on equipment as necessary, performing device upgrades, modification of configurations, password changes and diagnostic testing.
• Worked with vendors and Engineering team to test new hardware and procedures.
• Prepared and maintained documentation using MS Visio.
• Route configuration and point code checks for System Technician and Network Technician.
• Knowledge and experience of 802.11 a/b/g/n Ethernet standard for wireless Technology.
• Worked with other team members in testing of the network architecture.
• Participated in quality system implementation project.
• Experience in migration of VLANS.
• Installed various network hardware including concentrators, bridges, and hubs to establish communication connections with remote locations.
• Involved in network upgrades and implementation
• Used Layer 3 protocols like RIP, OSPF, to configure Routers in the network.
• Configured Routing Protocol: single-area OSPF, RIPv2
• Diagnosed problems through troubleshooting skills, logic, research, and isolation steps
• Performed routine maintenance of network hardware and software of LAN/WAN (Frame-Relay, NAT, DHCP, SNMP)
• Involved in troubleshooting various layer 2 and layer 3 issues related to Multicasting, IPv4 routing
• Participated routing protocols RIP, OSPF, testing and replicated customer live issues
• Coordinated with higher-level support and external vendors for resolution
• Monitor devices in Netcool and Event Manager