SUMMARY

• Network Engineer & Security Engineer with 7+ years of working experience in Network Infrastructure, Security which includes designing, deployment and providing network support, installation and analysis for a broad range of LAN / WAN protocols, routing, switching, configuring, implementation, troubleshooting of complex networking system.
• Strong knowledge in Cisco/Juniper Routing, Switching and Security with Cisco hardware/software (heavy Cisco shop) experience.
• Configure all Palo Alto Networks Firewall models (PA - 2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments.
• Experience working with Palo Alto GUI Panorama and orchestration tools i.e. Appview x and central management tools like Algosec, Tufin, Sol Soft.
• Strong hands on experience in configuring and troubleshooting of Load Balancers (Big-IP F5) & Cisco ASA Firewall such as 5545, 5585-X, Palo Alto and checkpoint devices.
• Providing offshore support on Checkpoint firewalls on Nokia boxes and UTMs, Cisco ASA, Palo Alto, Bluecoat Proxy and directly interacting with customer and work with them for any new request comes.
• Responsible for Check Point, Palo Alto and Cisco ASA/PIX firewall administration across global networks.
• Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, BGP,RIP V1,V2 ability to interpret and resolve complex route table problems and implemented strategies for the expansion of MPLS VPN network.
• Profound knowledge on various WAN technologies like E1/T1/E3/T3, HDLC, Frame-Relay and PPP.
• Proficient in configuring Cisco Catalyst and high performance data center switch like Nexus devices.
• Hands on experience in Deploying and Troubleshooting Cisco 2900, 2960, 3560, 3750, 4500, 4900, 6500 series including Nexus 2248, 5548 and 7010 switches.
• Experiences with Cisco Nexus Fabric Extender (FEX) (222, 2248).
• Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series).
• Hands-on experience in implementing and troubleshooting Switch technologies such as STP, VTP, 802.1q, VLAN and MPLS.
• Experience in set up, configuration and management of Cisco ASA Firewall in various domain such as Internet, DMZ, Business-Partner and Remote-Access VPN etc.
• Experience in installing, configuring and administration of Firewalls including Palo Alto, Cisco ASA, Checkpoint and Load Balancers like Big-IP F5 (LTM and GTM).
• Strong hands on experience on Firewalls, ASA (5540/5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Administering Firewalls access control requests to ensure security standards and policies, application security reviews using vulnerability assessment tool i.e. ISS Internet Security Systems (IBM's) for application level vulnerability assessment & Solar Winds for performance monitoring.
• Experience in IPsec and SSL VPN using Cisco any connect and Global connect PAN in a dual-factor integration.
• Experience in design, Deploying & Troubleshooting F5 Load Balancer Includes BIGIP Series 5050V, 10000V, 8900, 6900, and 3900.
• Hands on Experience in configuring F5 objects, components and provisioning various modules like LTM. GTM, ASM, APM.
• Experience with MacAfee and Splunk SIEM tools for log analysis and threat management analysis.
• Generating Presentation and Usage report for users accessing external sites on Web proxies to compile with Security Compliance.
• Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools.

TECHNICAL SKILLS

Cisco & other vendor equipment’s: Cisco Routers (7200, 3800, 3600, 2800, 2600, 2500, 1800, 1700 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 2900 series). Juniper Routers (E, J, M & T- Series). Juniper EX Switches (EX8200, EX4500, EX4200, EX2500, EX2200 Series). PIX Firewall (506/515/525/535 ), ASA Firewall (5505/5510). Cisco ACE Load Balancers.

Routing Protocols: RIP, RIP V2, EIGRP, OSPF, IS-IS, IGRP, BGP, MPLS

Switching Protocols: VTP, STP, RSTP, MSTP, VLANs, Ether Channel, LACP, VSS, MLS

Load Balancing Protocols: HSRP, GLBP, VRRP

IP Services Management: NAT, DHCP

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Wi-Fi, FDDI, Token Rings

WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET

Firewalls: Check Point Nokia Firewalls IP350, IP550 & IP750, Juniper Net screen, Firewalls ISG 1000/2000, Cisco PIX 505/515E/525 & ASA 5500 Series

Security: IPsec, IPsec VPNs, GRE over IPsec

AAA Protocols: RADIUS, TACACS+

Infrastructure services: DHCP, DNS, SMTP, FTP, TFTP

Load Balancer: CISCO CSS, F5 Networks

Administration & Troubleshooting: CDP, TELNET, SSH, ICMP, PING and TRACEROUTE, SNMP and SYSLOG, CISCO IOS software and configurations.

Network Monitoring Tools: Wireshark, TCPDUMP, Packet Sniffer

PROFESSIONAL EXPERIENCE

Confidential, Portland, OR

Network security Engineer

Responsibilities:

• Involved in configuring and implementing of composite Network models consists of Cisco7600, 7200, 3800 series routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Responsible for setting up the infrastructure environment with majority of Cisco & Palo Alto appliances apart from various other equipment.
• "Rack and Stack" equipment installation and configurations in the Data center
• Configuring failover for redundancy purposes for the security devices. Implemented the stateful & serial failover for ASA firewalls, Checkpoint Clustering and load balancing features.
• Successfully installed Palo Alto PA-3060, PA-5000 series firewalls to protect Data Centre and provided L3 support for routers/switches/firewalls.
• Migration from Cisco firewalls to Palo Alto firewalls platforms PA 5000 and PA 500 and PA 200 firewalls.
• Worked with Palo Alto firewalls PA 250, PA 3020, PA 5020 using Panorama performing changes if required.
• Successfully installed Palo Alto PA 3060 Firewalls to protect Data Center and provided L3 support for routers/switches/Firewalls.
• Researched, designed, and replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Configuring various advanced features, Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances.
• SSL termination and initiation, Persistence, Digital Certificates, Executed various migration/upgrade projects across F5 and hands on with F5 5100(D51), 6400 (D63) BIGIP LTMs/EM.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto PA-3000 series Firewalls.
• Working on converting PIX rules into ASA rules as per the requirement.
• Has expertise in LAN/WAN technologies (fast Ethernet, Layer2 & 3 switched/routed LAN, and Frame Relay). Implemented NAT solution's on WAN applications.
• Worked on bluecoat Proxy servers, initial setup of proxy server and configuration of URL filtering appliances.
• Involved in improving the Wide area network performance by delivering optimization (WAN optimization) using the Riverbed technology.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.
• Configured policy based routing for BGP for complex network systems.
• Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers and Juniper M series Edge Routers.
• Responsible for Checkpoint firewall management and operations across our global networks.
• Extensively worked on Checkpoint Support for resolving escalated issues
• Experienced in virtualization technologies like VMware, Open Flow
• Extensively worked on Nexus 5k and 7k, troubleshooting and configuration.
• Configured and managed Cisco IDS/IPS, Cisco secure Intrusion Prevention System (IPS/IDS).
• Configured site-to-site & client VPNs. Identify and resolve firewall and VPN connectivity issues.
• Other responsibilities included documentation and supporting other teams.
• Provide on call support on rotational basis.

Confidential, ST.Louis, MO

Network Security Engineer

Responsibilities:

• Responsible for network design, bandwidth allocation, IP addresses allocation, supervising installation, configuration and maintenance on major network technologies.
• Worked with various internal organizations during pre/post deployment phase of different type of circuits.
• Installed and configured Cisco 2600, 2800, 3600, 3800 routers and 2950, 3700, 6500 switches.
• Worked on Catalyst 4506E, 4507, 6503E and 6506E series switches along with Nexus 5020 switches in change of configurations and maintenance.
• Upgradation of nexus OS from 6.2.2a to a higher version to increase performance and support new features on both N7010 & N7710 chassis.
• Hands on experience with Catalyst L3 switches and Cisco Nexus switches: 2232, 2248, 5548, 6001 and 7018(Sup 2E).
• Scheduled maintenance of Nexus 2248, 5548 and 7010 switches so that there are no Orphan ports in the network.
• In the process of Data center fabric migration from legacy Catalyst to Nexus switches, deployed, configured and maintained 5548, 7018 switches.
• Proficient in Configuring VPC between the Cisco Nexus 7k, 5k.
• Configured, Maintained and managed networks running OSPF and BGP routing protocols on Cisco routers.
• Configured route redistribution between OSPF and EIGRP in a multi-area OSPF network.
• Creating BGP multi-homed network using BGP attributes like AS-PATH, MED and local-preference as per the environment.
• Configure various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
• Configuration and troubleshooting of CSM, integration with ASA devices.
• Experience in migration of VLANS & Configured VLANs with 802.1q tagging, Ether channels,
• Configured ACL, Implemented security policies using ACL, Firewall, IPSec, VPN, AAA Security TACACS+, and Radius on different series of routers.
• Implementing and troubleshooting (on-call) IPsec VPNs tunneling and SSL for various business lines and making sure everything is in place.
• Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Hands on experience in Installing and Configuring Palo Alto PA-3060 Firewalls to protect Data Center.
• Implemented Positive Enforcement Model with the help of Palo Alto networks.
• Implemented Palo Alto solution for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.
• Implemented Positive Enforcement Model with the help of Palo Alto networks.
• Configure outbound web flow policies on Palo Alto devices.
• Experience on working with Palo Alto GUI PANORAMA.
• Implemented Palo Alto solution for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.
• Creating Virtual IP address, Pools and Persistence profiles on F5 LTMs.
• Configuring policies on ASM using manual policy enforcement and auto policy enforcement with F5 ASM, LTM, APM.
• Knowledge in implementing and configuring F5 Big-IP LTM load balancers.
• Build and maintain Visio documentations for Clients.
• Managing User accounts using Active Directory.

Confidential, Chicago, IL

Network Support Engineer

Responsibilities:

• Configuring Static, IGRP, EIGRP, and OSPF Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers.
• Deployed on Nexus 7000, 5000 and 2000 series with V-Block servers and Cisco UCS E-series.
• Experience in working with Cisco Nexus 2148 Fabric Extender and Nexus 7010, 5000 series to provide a Flexible Access Solution for datacenter access architecture.
• Experience in configuring, upgrading and verifying the NX-OS.
• Documented migration of data center from legacy switches to nexus switches.
• Expansion and implementation of current data center for different phases of migration.
• Perform extensive testing around the upgrade, migration and configuration functionality of our software.
• Responsible for entire company network infrastructure that includes Cisco Switches, Routers, Firewalls, Access Points, Servers and PBX.
• Design, Implement & troubleshooting of Juniper switches, routers and Firewalls EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240, SRX 3600/650.
• Configuring and implementation of Juniper Firewall, SSG Series, Net screen Series ISG 1000, SRX Series.
• Experience with configuring OTV between the data centers as a layer 2 extension.
• Implementation of Site-to-Site VPNs and DMVPN over the internet using IKE Phase 1 and IKE Phase 2 based on traffic with ASA 5500 series Firewalls.
• Configure various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
• Configuration and troubleshooting of CSM, integration with ASA devices.
• Experience in migration of VLANS & Configured VLANs with 802.1q tagging, Ether channels, and Spanning tree for creating Access/distribution and core layer switching.
• Creation of firewall rules on Checkpoint Smart Dashboard and install policies.
• Developed a Python script to automate the data fetching and processing mechanism for the network
• Developed various Splunk search scripts to process and filter the network data as per the requirements
• Management of corporate Checkpoint Firewall implementing security protocols and alleviating network attacks
• Deployed Palo Alto Firewalls for web filtering and application control.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
• Experience in Juniper Net screen 5200 firewall and VPN Security Systems in large Enterprise and Data Centers.
• Created Visio Dean / Visio Documentation to give complete picture of network design for each building.

Confidential

Network support Engineer

Responsibilities:

• Handling network devices such as Switches (Cisco Catalyst 2900 and 3500 series), Routers (Cisco 2600, 2800 and 7200 series), Firewalls, Load balancers etc
• Experience configuring Virtual Device Context in Nexus 7010
• Experience in Configuring, upgrading and verifying the NX-OS operation system
• Configuring IP, RIP, EIGRP, OSPF and BGP in routers
• Implemented Voice VLANS, UDP, SIP, and RTP and provide QOS by DSCP and IP Precedence
• Used DHCP to automatically assign reusable IP addresses to DHCP clients
• Implementation and configuration of F5 Big-IP LTM-6400 load balancers
• Integrate VoIP with PSTN and setup voice Gateway ensuring QOS for Cisco based Voice over IP and CDR for voice call Accounting
• Configuration and extension of VLAN from one network segment to other network segment between different vendor switches (Cisco, Juniper)
• Automated network implementations and tasks and designed monitoring tools using python scripting
• Experience in working with Cisco Nexus 2148 Fabric Extender and Nexus 5000series to provide a flexible Access Solution for a datacenter access architecture
• Design and implement campus switch network with Cisco Layer 3 switches (3750, 4500, and 6500) in multi VLANs environment and inter-VLAN routing, HSRP, ISL trunk, ether channel
• Designed MPLS VPN and QoS for the architecture using Cisco multilayer switches
• Implement Cisco Works 2000 device to manage Cisco routers, switches, PIX and ASA firewall, Access Points, Concentrators
• Maintain Security policy by monitoring PIX firewalls (515 and 520)
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525) & ASA 5500(5510/5540) Series

Confidential 

Network Operations Engineer

Responsibilities:

• Good Experience in Troubleshooting and monitored routing protocols such OSPF, EIGRP & BGP
• Responsible for troubleshooting guidelines for MPLS VPN and also in customer escalations and troubleshooting issues related to connectivity, STP, VLAN, Trunking, VTP, Layer 2/3 switching, Ether channels, Inter-VLAN routing, log messages, high CPU utilization and parameters that can degrade performance of network
• Administered Frame-Relay and networks and also assisted in configuring ACL & NAT through CLI
• Technical support and problem solution for the LAN and its environment
• Experience with protocols such as Frame Relay, IEEE 802.11 and VLAN, OSPF and BGP, DNS, DHCP, FTP, NTP, SNMP, SMTP and TELNET
• Installed configured (through CLI & SDM) and managed CISCO routers and Catalyst switches
• Set up Internet, implementing Networking products like Servers, Proxy servers, Switches, Firewalls, Routers
• Ensure standard Router and Switch Configurations are maintained and also Responsible for Capacity planning, Contingency planning & disaster recovery
• LAN Segments monitoring/Troubleshooting LAN related issues and periodic backup of Router/ Switch Configurations
• Worked on Network Operations using Ticketing system using SIFY TAC
• Monitoring the NMS system for different Network Alerts
• Performed switching technology administration including VLANs, inter-VLAN routing, Trunking, STP, RSTP, Port Aggregation & link negotiation