SUMMARY

• 8 years of experience in design, installation, configuration, administration and troubleshooting of LAN/WAN infrastructure and security using Cisco devices in large network infrastructure environment.
• Extensive work experience configuring and troubleshooting Dynamic routing protocols RIP, EIGRP, OSPF and BGP and Enterprise LAN switching.
• Proficiency in configuration of Virtual Local Area Networks (VLANS) and SVI’s using Cisco multi - layer Switches supporting VTP, STP, RSTP, PVST along with inter VLAN routing and 802.1Q VLAN trunking.
• Expertise in physical infrastructure like structured cabling, IP address management, racking, stacking and Data Center concepts.
• Experience in Configuring and aggregating FEX (2148, 2248, and 2232) switches to the NEXUS aggregator switches (5548, 5596, 5020 and 5010) and NEXUS 7010.
• Extensive experience on Cisco Nexus platform configuring VDC and VPC.
• Proficiency in configuring, troubleshooting various Routing Protocols (BGP, OSPF, EIGRP, RIP, STATIC) and management of routes using manual summarization, default-routes and redistribution.
• Experience Implementing Cisco ASA (5512/5550/5585 ) series firewalls and configured DMZ interfaces to restrict traffic flow.
• Network security skills include NAT/PAT, ACL, TACACS+, NTP, TFTP and SNMP.
• Experience in Configuring IPSEC Site-to-Site VPNs and good knowledge of Remote access VPNs.
• Experienced in configuring and troubleshooting MPLS, building MPLS-VPN and Multicast support.
• Experience in configuring ACLs, NAT, IPv4 Subnetting, VLSM, Syslog Server, DHCP Server, DHCP relay on Cisco routers.
• Good understanding on Wireless LAN Controller.
• Hands on experience in upgrading Cisco IOS & Firmware on different Cisco devices & modules.
• Good knowledge working on Big IP/F5 load balancer and Checkpoint Firewalls.
• Provided Teir-3 technical support for LAN/WAN issues and on-call for technical escalation on a rotational basis.
• Worked in the Network Operations team to support a 24 x 7 critical operational environment.
• Excellent Verbal, written communication skills and Interpersonal skills with ability to work with large teams as well as independently with minimum to no supervision & Team Player.
• Experience with Project documentation tools & implementing and maintaining network monitoring systems and experience with developing network design documentation and presentations using VISIO

TECHNICAL SKILLS

Cisco Router Platforms: 7200, 3900, 3800, 2900, 2800, 2500, 1900, 1800 series.

Cisco Switch Platforms: NEXUS 7K,5K, 2K FEX, 6500,4900, 4500, 3850, 3750, 3500 series.

Firewalls: Cisco ASA 5512, 5520,5550, Checkpoint and Palo Alto PA-3020.

Load Balancers: F5 Load Balancers (LTM and GTM), APM, Fire Pass

Network Management: Cisco NCM, Cisco Prime Infrastructure, Zenoss Monitoring, Cisco ACS, nGenius, InfoBlox and Gigamon Observer.

Change Management: ITSM (HP Service Manager), BMC Remedy, ATOS Remedy.

Documentation: MS office, MS Visio.

PROFESSIONAL EXPERIENCE

Confidential, Cranston, RI

Sr. Network Engineer

Responsibilities:

• Deliver network design solutions and implementing projects as Level-3 Network Engineering Support also part of Network Operations Team in the 24 X 7 to support critical bank production environments during my tenure.
• Installation, configuration and troubleshoot the bank’s network Infrastructure including routers & switches (3750,2960,2921,2811, ASR1002-X,6509,3560,2851 etc.), ASA 5500 series Firewalls, F5 Load Balancers (LTM and GTM).
• Worked with Nexus Platform to deploy SPINE and LEAF Fabric Path Topology deploying Nexus 7010 Core with VDC configuration, Nexus 5672 AGG and FEX Gear Access.
• Involved in DR Data Center Build project deploying Cisco ASA Firewalls for the LAN/DMZ segment and Palo Alto PA-3020 with HA for WI-FI environment from scratch.
• Worked on Branch Network Resiliency project wherein we deployed Cisco819 model router as a Backup connection to Secondary ISP from Branches.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Extensively worked on implementation of Palo Alto Firewall ACL’s, designing perimeter security policy, allowing access to specified services, enabling IDS/IPS signatures in Firewall and fine-tuning of TCP and UDP.
• Part of Cisco End of Life project wherein we did the NXOS/IOS code upgrades for network devices across the infrastructure and the configuration standardization was rolled out.
• Restructured existing Core LAN infrastructure and replaced EOL switches with Nexus 7K, 5K along with FEX Gear. Worked on creating VDCs and VPCs in this environment.
• Worked on Palo Alto Firewalls to open application layer ports and also monitor live traffic/connections on them.
• Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Worked on Cisco ISE to configure and maintain services like VPN, BYOD Configuration, Policy and Profile Configuration.
• Integration of Cisco ISE with Active Directory and continuous monitoring of policies and Gust based services on ISE.
• Implemented Positive Enforcement Model with the help of Palo Alto Networks.
• Responsible for setting up the infrastructure environment with majority of Cisco & Palo Alto appliances apart from various other equipment.
• Worked with internal IT-INFOSEC team to fulfill Firewall Port open requests on Cisco ASA, Checkpoint firewalls and URL filtering on Palo Alto Firewalls.
• Worked with other vendors to build IPSEC site to site VPNs on head end firewalls from client data center to various vendors.
• Work on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing and supporting Checkpoint Gateways.
• Worked with Cisco Prime 3.0 on Network Management services to create automated scripts for bulk configurations on Network Devices, IOS Upgrades, heat maps for WI-Fi Environment etc.
• Worked on 2232-TM-10G copper and 2248-PQ 10 fiber FEX’s which requires specified NXOS version to use.
• Nexus 7010 hitless upgrade on core as a part NXOS bug scrub version requirement suggested by CISCO.
• Worked on F5 LTMs to create Virtual servers (VIPs), Configure nodes into a Pool for load balancing traffic to the high end bank applications.
• Worked on tickets based on priority using ticketing/ Change management system ITSM (HP service Manager).
• Regularly performed firewall audits around CheckPoint Firewall-1 solutions for customers.
• Provided tier 3 support for CheckPoint Firewall-1 software to support customers.
• Mutual redistribution between OSPF and BGP in internal networks with specific requirements of client with on - demand routing.
• Worked on network transitioning project wherein we provided access to the vendor by rolling out ACL, SNMP and VTY session settings on the entire bank network for a successful migration.
• Conducted Knowledge transfer sessions with the vendors to explain the production readiness process for the bank environment.

Confidential, Montvale, NJ

Network Administrator

Responsibilities:

• Duties included monitoring network performance using various network tools to ensure the availability, integrity and confidentiality of data network and to provide support for Cisco network infrastructure.
• Work alongside with Project Managers and Implementation Engineers to provide hands on approach prototyping and Pen Testing of the infrastructure.
• Build complete new LAN environment having 4500-x VSS, NEXUS 5576 & 2248 VPC FEX. Access layer switch 4510 chassis and stacks of WS-C U.
• Configured network routing using dynamic routing protocols such as EIGRP, OSPF and BGP.
• Performed route redistribution & manipulated route updates using distribute lists, route-maps & administrative distance.
• Designed and Implemented Nexus 7K/5K/2K and Catalyst 6500/4900/3750- X in a complex DC Core/Aggregation/Access layer on a 10G backbone in Production and DR Data Center
• Worked on server migration from End of life and End of support switches from 3560, 3750, 3850 etc. which are having no dual power source to the Nexus-5K as part of power redundancy.
• LAN refreshment including design & implementation from collapse core to 3-tier architecture and WAN redundancy with a new service provider.
• Worked on Cisco Prime Infrastructure for Networking Performance Monitoring and generate reports for analysis.
• Involved in iRule management like loading rules, writing iRule syntax using TCL language and iRule extension to TCL Researched, designed, and replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Configuring VPN access, Testing and Monitoring Compliance-Based Access Cisco ISE.
• LAN refreshment making a NON VSS 4500 replacing with 6510 VSS and replacing all end of life switches to 3850 switches and depend on the requirement and port density replacing 4500 chassis.
• Experienced in Configuring Site-to-Site and Remote Access VPNs, NAT/PAT policies on Palo Alto Firewalls.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto 3060
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto 3060
• Monitoring and managing the network security with firewall devices like Cisco ASA, Palo Alto and Fortigate firewall, also IBM IPS/IDS
• Worked on MPLS complex routing changes on BGP, OSPF & EIGRP where P2P circuits are implemented and preferred.
• Responsible for assignment of switch ports to server builds as well as Port open request fulfillment allowing the user traffic to access the applications.
• Responsible for Configuring SITE TO SITE VPN on Cisco ASA 5500 series firewall between Client and Vendors.
• Designed and Implemented Checkpoint interfaces with FTP, DNS, HTTP servers in DMZ with different Security Zones.
• Implemented and maintained Big-IP F5 load balancing solution across multiple datacenters.
• Extensively worked on designing perimeter security policies, allowing access to specified services, enabling IDS/IPS signatures in Palo Alto Firewall and fine-tuning of TCP and UDP.
• Installed software upgrades on checkpoint firewall and Image upgrades to Cisco ASA firewalls.
• Provided on call supports 24/7 and worked in NOC (Network operations center) involving in management team.
• Designed and installed new Branch network systems. Resolved network issues, ran test scripts and prepared network documentation.
• Scheduling and attending Kick off meetings with the clients and get their requirements related to the deployments based on the architecture

Confidential, New York City, NY

Enterprise Network Engineer

Responsibilities:

• Implementation of Cisco Security manager 4.5 for managing all the firewalls right from installation, roles assigning, backups, HA and deployment.Involved in project planning and reviewing based on the requirements and deploying within the existing network.
• Need to provide Knowledge Transfer (KT) sessions to the team who work on firewalls and explain them how to handle and work with CSM 4.5.
• Worked with the datacenter planning groups, assisting with network capacity and high availability requirements.
• Configured ASA 5525,5540 and 5550 to ensure high-end security on the network with ACLs and Firewall.
• Created and design network layout and documented network system design with detail information using Visio software.
• Designing and configured Gigamon 420 for our network and deployed successfully in our data center as a replacement of fluke taps.
• Worked on Data Center WAN cloud comprising of OC12/OC3/DS3/T1/E1
• Worked on Nexus platform 7010,5K series (5548, 5020 and 5010) and FEX (2248, and 2232) and deployed VPC, VDC and successfully implemented VSS on the Cisco switches.
• Deployed catalyst switches 6500, 4508, 4500 and 3750 in the distribution and access layer.
• Part of team implemented data center disaster recovery and responsible for configuration and testing purpose before production.
• Involved in managing the Routing Protocols OSPF and BGP on 7200 and 7600 and on ASR.
• Tested various BGP attributes like local preference, MED, Weight and replicated customer issues in the testing environment lab
• IP Allocation for all applications and servers with high availability throughout the company.
• Involved in providing access to user machines and partners outside our network by SSL and IPsec VPN tunneling.
• Troubleshooting connectivity issues within the server zones of the Data center (between application servers, database and web servers) as well as user requests and user connectivity issues from various branch locations, office locations and third party sites to data center.
• Involved in designing WAN infrastructure for redundancy in case of link failure.
• Responsible for technical evaluation, troubleshooting, overall project management, problem solving and turn-up of the service with the ISP.
• Created and design network layout and documented network system design with detail information using Visio software.

Confidential

Network Administrator

Responsibilities:

• Responsibilities included taking care of the IP Addressing in the organization which included designing new subnets based on the requirements.
• Involved in implementing & Designing the switched network. Configured STP, VTP and DOT1Q in switching network.
• Implementation, configuration and support of Checkpoint and ASA firewalls for clients.
• Created VLAN & Inter-VLAN Routing with Multilayer Switching.
• LAN Cabling in compliance of CAT5 standards infrastructure like Racking and Stacking.
• Assisted in Troubleshooting LAN connectivity and hardware issues on the networking gear.
• Maintained Redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
• Performed RIP, OSPF, EIGRP routing protocol administration
• Involved in monitoring the performance of the network, thereby identifying the bottlenecks in the network, troubleshooting the connectivity problems using Ping, Trace route, and Telnet.
• Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP.
• Worked on troubleshooting customer related issues related to router configuration, L1/L2 issues.
• Daily responsibilities included monitoring network connectivity, administration of the remote location, assisted in design guidance for infrastructure upgrade.
• Installed Wireless Access Points (WAPs) at various locations in the company.
• Analyzed and studied Client requirements to provide solutions for network design, configuration, administration and security.

Confidential

Jr. Network Engineer

Responsibilities:

• Worked on Troubleshooting and Maintenance of LAN/WAN infrastructure of the Enterprise.
• Configured and troubleshoot Routing protocols such as OSPF, EIGRP and BGP on Cisco routers.
• Worked on Cisco switches to modify, create and delete VLANS, VTP, STP, Routing between VLAN’s.
• Interconnected 3560, 3750 and 4500 series Cisco Catalyst switches using trunking protocols (802.1q).
• Performed Level 1 support for troubleshooting of the Network related tickets.
• Performed maintenance and troubleshooting of connectivity problems using PING, and Trace route
• Project design of computer networks inclusive of structured cabling (fiber-optic or UTP, voice and data alike), active devices (servers, switches, routers and other network appliances).
• Configured Access-Control lists (Standard and Extended) to manage IP traffic for users all over the company to access different applications and blocking others.
• Provided support services for troubleshooting and maintaining network security.
• Gained good knowledge working on Cisco ASA firewalls configuring static routes, ACLs (standard & extended), Object groups.
• Provided Technical support for improvement, upgrading and expansion of the existing network architecture.
• Troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment.