SUMMARY

• 8 years of Experience and having multiple Certifications Cisco (CCNA&CCNP), in designing, architecting, deploying and troubleshooting Network & Security infrastructure on routers, switches (L2/L3) & firewalls of various vendor equipment.
• Certified Amazon Web Services (Cloud) engineer with 2 years of experience in Cloud computing, Infrastructure Solutions and services, Datacenter virtualization and Database Services. Deep technical experience with design and implementation of highly available and scalable 3 tier architecture, hands - on experience with different Cloud Platforms (AWS/Azure). Also Experience in using VMWare vSphere.
• In-depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services to meet network requirements in Enterprise and Data Center Network.
• Managing IT/Cloud projects.
• Implementation of traffic filters on Cisco routes using Standard, dynamic and extended Access list.
• Design, configuration, and support of Cisco Nexus Platforms to include Nexus 2000 (FEX) /5000/7000).
• Worked extensively on Nexus Switches and technologies including VDC, VPC, OTV, Fabric path.
• Experience with Network Automation using Python and PowerShell.
• Experience using Identity Authentication technologies, including Active Directory, LDAP, NTLM and RADIUS TACACS, RSA, 802.1X, NAC, and token based systems
• Experienced in configuring CISCO ASA firewalls in single and multimode context to have the network secure. Maintained remote and Site-to-Site VPN tunnels through the Firewalls and configuration of NAT, ACLS etc.
• Deployed Cisco ASA firewalls and configured DMZ on Cisco ASA firewalls. Also, worked on Cisco Security manager (CSM) and FWSM.
• Worked on Palo Alto, Checkpoint firewalls. Migrated rules from Checkpoint and PIX to ASA firewalls
• Extensively worked on Juniper models EX-2200, EX-4200, EX-4500, MX-480, M Series and Juniper SRX firewalls, SRX210 and SRX240.
• Worked on Source Fire, Tipping Point IPS/IDS Systems, vulnerability assessment tools like Nessus, Qualys, and SIEM tools like Arcsight, splunk and packet capture tools like wireshark, tcpdump.
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse &proxy ARP, Ping Concepts.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST.
• Performed complex Network installations, upgrades and patches following established guidelines under broad direction.
• Expert Level Knowledge about TCP/IP and OSI models. Performed advanced network tuning and troubleshooting.
• Experience in configuring HSRP and redistribution between routing protocols troubleshooting them. .
• Configured LTM (Local Traffic Manager) and GTM (Global Traffic Manager) using F5 Load Balancers.
• Worked on Load Balancers F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications.
• Worked on Wireless Controllers (WLC) and wireless access points (APs) to setup wireless network across the organization.
• Worked extensively with customers to troubleshoot firewalls, VPN and Wireless access points.
• Expert knowledge of cable connectors and replacement as RJ-11, RJ-45, V.35, RS-449.
• Excellent communication skills to interact with team members and support personnel and also can act as a mentor to less experienced personnel. Also, performed capacity planning and IP address allocation.
• Worked on MPLS Design, implementation from the PE to CE. Experience with MPLS VPNs.
• Upgrading WAN link using PPP Multilink and by implementing Cisco WAAS
• Supported Infoblox appliances grid environment for DNS, DHCP and IP Address Management tools (IPv4), for the enterprise network.
• In depth knowledge withNetworkMonitoring systems like solar winds, whatsup gold, zenoss and tools like IXIA,Spirent.

TECHNICAL SKILLS

Routers: Cisco 17XX, 18XX, 26XX, 28XX, 37XX, 38XX, 39XX &72XX series.

Switches: Cisco Nexus 7k, Nexus 5K, Nexus 2K, 3550, 3750, 45XX, 65XX series, Brocade

AWS Networking Services: Amazon VPC, Direct Connect, Elastic Load Balancing, Amazon Route53, security groups

Firewalls: Cisco ASA 5510, 5550, 5585, Juniper, Checkpoint, Palo Alto, Cisco PIX

Load Balancer: Cisco ACE, Net scalar 10k, 12k series, F5 (Big IP) LTM, GTM

WAN Optimization: Cisco WAAS, PPP Multilink

Routing: OSPF, EIGRP, BGP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing, layer2 Switching, layer 3 switching Multicast Operations, Ether channels, Transparent Bridging, VDC, vPC, OTV

LAN: Ethernet, Fast Ethernet, Gigabit Ethernet, FDDI, CDDI, Token Ring, ATM LAN Emulation

WAN: Leased lines 64k - 155Mb (PPP / HDLC), Channelized links (E1/T1/E3/T3), Fiber channelsFrame Relay, ISDN, Load Balancing, MPLS VPN.

Wireless Devices: Motorola Wing NX R0-WR, AP US Features &Services iOS and FeaturesHSRP, GLBP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management

AAA Architecture: TACACS+, RADIUS, Cisco ACS.

Monitoring systems: Zenoss, Solar Winds, Whatsup Gold

PROFESSIONAL EXPERIENCE

Confidential, Dallas, TX

Sr. Network Security Engineer

Responsibilities:

• Experience in developing cloud strategies, roadmaps, architecting (hands-on) new cloud solutions end to end or enterprise level AWS/Azure migrations
• Consulting engagement management experience including selling and delivery of projects covering envisioning, effort estimation, cost/pricing/margin analysis, proposal development, and successful delivery.
• Designing and Deploying dynamically scalable, highly available, fault tolerant and reliable applications on AWS
• Migrated complex, multi-tier on - premise applications to AWS and picking the right AWS services for the application.
• Automated various network implementations and tasks using python scripting.
• Define and deploy monitoring, metrics and logging systems on AWS.
• Implementing and controlling the flow of data to and from AWS
• Monitoring of Infrastructure with Nagios like Firewalls, Servers, Services, Network devices, applications, web portals etc.
• Resolution of tickets fresh & pending.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls. Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling
• Configuration and Administration of Palo Alto Networks Firewall to manage large scale Firewall deployments.
• IPSO Versions and Checkpoint SW are currently being remediated to current target version of IPSO 6.1 Build 38 running Checkpoint R65 Build 63, currently remediating Running in Active/Active Cluster mode into VRRP High Availability setups.
• Configured checkpoint firewall mainly VSX according to client topology and checkpoints features such as Application & URL filtering, Identity Awareness etc.
• Performed firewall load testing.
• Setup and administration of Source Fire, Tipping Point IPS/IDS Systems and worked on VulnerabilityAssessment Scanners like Nessus, LanGuard, Qualys, Nmap, Metasploit and open source tools.
• Used packet analysis tools like WireShark, TCPDump and vendor proprietary packet captures and monitoring using Splunk, Zabbix, Tripwire, Syslog servers.
• Maintained the security standards across the security devices as per the security policies. IDS/IPS Signature updates and CSM Management.
• Failover DMZ zoning & configuring VLANs/Routing/NATing with the firewalls as per the design.
• Experience with moving data center from one location to another location, from Cisco 6500 based data center to both Cisco 6500 & Nexus based data center.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 7010, 5000 series to provide a Flexible Access Solution for datacenter access architecture.
• Configured port-profiles as part of the NX-OS command structure that allows for configuration of multiple ports and port-types via inherited configuration
• Perform extensivetestingaround the upgrade, migration and configuration functionality of our software
• Configured Frame-Relay, ISDN, ATM, Protocols, & load balancing switches.
• Configured IPX/SPX, HDLC, PPP, BGP, EIGRP, OSPF, & HSRP.
• Implemented configuration scripts and necessary changes on switches & routers as per IBM.
• Worked on ACE load balancers. Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• F5 load balancer configurations, including migrating configurations from Cisco ACE to F5.
• Configured and resolved various OSPF issues in an OSPF multi area environment.
• Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy It also includes the configuration of port channel between core switches and server distribution switches.
• Act as first point of contact to diagnose an issue and drive it to closure.
• Troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP

Confidential, Pittsburgh, PA

Network Engineer

Responsibilities:

• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Work on different networking concepts and routing protocols like BGP, EIGRP, OSPF and other LAN/WAN technologies. Implementing, Monitoring, Troubleshooting and Convergence in Frame-Mode MPLS inside the core.
• Automated network implementations and tasks and designed monitoring tools using python scripting
• Working with MPLS Designs from the PE to CE.
• Experience with designing and deployment of MPLS Traffic Engineering.
• Design and deployment of MPLS QOS, MPLS Multicasting per company standards.
• Proactively involved in upgrade, maintenance, monitoring and support for the PA500 Palo Alto devices.
• Install, Configure, and deploy Cisco Call Manager enterprise wide.
• Implemented cluster and configuration of SRX-100 Juniper firewall. Worked on Cisco ASA 5580, Cisco PIX 535, Juniper NS5400, Juniper SRX550 series firewalls.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9Kredundant pair.
• Configured Routing protocols such as OSPF, static routing and policy based routing.
• Configuration 7609, 7606 with OSPF and 6505, 4500, 3550 switches with various VLANs.
• Technical Support of Cisco Nexus Switches and Cisco routers using different troubleshooting protocols. Manage Cisco routers and switches, including performing installations, upgrades, configurations and management.
• Experience with deploying Fabric Path using Nexus 7000 Devices and configuring FCOE using NX 5548.
• Experience with configuring OTV between the data centers as a layer 2 extension.
• Implemented various EX, SRX & J series Juniper devices.
• Implementing and configuring F5 LTM's for VIP's and Virtual servers as per business needs.
• Experience in using both the TMSH and GUI. Worked on F5 iRules (F5's TCL scripting language) enabling customization of application load balancing solutions through the control and direct manipulation of the application traffic.
• Worked on SSL offloading and implementation of SSL certificate and Key, web acceleration, TCP optimization and application requirements like persistence profiles etc.
• Troubleshooting of the F5 load balancers using tcpdump, syslog servers etc.
• Monitoring alerts using Symantec Anti-virus, IBM Qradar SIEM and work with SOC team in remediating them.
• Worked on Tufin firewall optimization tool in disabling unused rules on the firewalls.
• Configuring Reverse Proxy, URL filtering and content filtering using Bluecoat proxy SG devices
• Did some Troubleshooting for LAN/WAN virtualization using different routing protocols like IGRP, EIGRP, BGP, OSPF, ISIS, MPLS, VLAN, and port security.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
• Involved in Configuring and implementing of Composite Network models consists of Cisco 7600, 7200, 3800 series and ASR 9k, GSR 12K, CSR-1 routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer’s Site.
• Installed controller and light weight access point coordination with JTAC.
• Performing onsite data center support including monitoring electrical power, switch alarms, network alerts and access logs.
• Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches.
• Worked extensively on Checkpoint firewalls for analyzing firewall change requests and implementing changes into existing firewall policies, maintaining security standards.
• Implemented site to site VPN in Juniper SRX as per customer’s requirement.
• Exhaustive hands-on experience on Cisco, Juniper and network testing gears which include Ixia, breaking point. Testing includes multicast, BGP, IS-IS and OSPF.

Confidential

Network Support Engineer

Responsibilities:

• In-depth expertise in the implementation of analysis, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Configured and troubleshoot OSPF and EIGRP.
• Planning and configuring the routing protocols such as OSPF, RIP, and Static Routing on the routers.
• WAN Infrastructure running OSPF & BGP as core routing protocol.
• Support various Routers like 2600/3600/7200 series routers.
• Tested authentication in OSPF and BGP.
• Performed and technically documented various test results on the lab tests conducted.
• Hands on Experience working with security issue like applying ACL’s, configuring NAT and VPN on Cisco ASA and Palo Alto firewalls. Also worked on implementation of master and slave configuration in ASA based cluster.
• System level monitoring on Linux and Infoblox appliances to watch process and service statuses, like Performance Monitoring & Tuning - iostat, vmstat & netstat, nfsstat, etc
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security
• Work on different connection medium like Fiber and Copper Connectivity.
• Configured Brocade SAN switches and managed the fabric through Brocade network advisor.
• Zoning the ports of Brocade switches using advanced web tools and command line mode.
• Administration of Brocadeswitches and managing them through DCFM.
• Configured Firewall logging, DMZs& related security policies & monitoring
• Planning and configuring the entire IP addressing plan for the clients'network.
• Creating LUNS on EMC Storage vnx7500 and managing them.Management of Virtual machines on vSphere.
• Worked on migrating rules from checkpoint firewall rules to Cisco ASA.
• Assist the certification team and perform configuration of LAN\WAN technologies such as Ethernet, Fast Ethernet, and Gigabit Ethernet.

Confidential

System / Network Engineer

Responsibilities:

• Troubleshooting of CISCO routers like ping, trace route and basic issues.
• Ensure connectivity and communication among networks, servers and clients inside and outside department.
• IOS upgrade for Cisco routers & switches.
• Configured and troubleshoot OSPF and EIGRP.
• Ensure reliability, stability and recoverable of specific server environments.
• WAN Infrastructure running OSPF & BGP as core routing protocol. Tested authentication in OSPF and BGP.
• Normally primary focus involves server hardware associated operating systems and general responsibilities, backup strategies. Install and upgrade operating system software configuration and optimize storage systems.
• Installed and configured Cisco ASA 5500 series firewall and configured remote access IPSEC VPN on Cisco ASA 5500 series.
• Planning and configuring the routing protocols such as OSPF, RIP, and Static Routing on the routers.
• Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware & software client and PIX firewall.
• Developing and implementing policy to ensure the integrity, protection and availability to authorized persons of department data and hardware, software and other components which are required for processing data.
• Responsible for evaluating impact and performance on the network server.
• Managing L2 switches of Cisco, VLAN configuration and assigning ports to specific VLAN as per requirement.
• Monitor and tune network to ensure acceptable levels of performance.
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security
• Evaluate application connectivity requirements.
• Worked on enterprise applications like Windows Server, Exchange, SQL, SharePoint, Microsoft Lync server etc.