SUMMARY

• Over 7 years of experience as a Network Security Engineer with expertise in design, development, implementation, troubleshooting and maintenance of security environments with Firewalls, Proxy, VPN’s, IPsec, NAT, Load Balancer’s, DMZ, SSL in Data Centers
• Expertise in design, configuring, supporting and administrating Data Centers, Cisco routers, switches, Nexus switches, Load balancers (F5) and firewalls.
• Strong hands on experience in installing and troubleshooting Cisco routers such as 7600, 7200, 3800, 3600, 2800, 2600, 2500, 1800 series and Cisco Catalyst switches like 6500, 4500, 3750, 2950 and 3500XL series.
• Hands on experience in installing, configuring and administration of Firewalls including Cisco PIX, Cisco ASA, Checkpoint, Palo Alto and Load Balancers like Big - IP F5 (LTM and GTM).
• Knowledge on Juniper SRX220, SRX240 and SRX550 series firewalls.
• Expertise in installing, configuring and troubleshooting Juniper Routers (MX-480,MX960) and Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200) series.
• Experience with design and implementation of Virtual Switching System (VSS) for both User segment and server segment using 6509 catalyst switches
• Proficient in Cisco IOS installation, upgradation and Configuring, Troubleshooting routing protocols like RIP, EIGRP, OSPF, BGP (E-BGP, I-BGP).
• Expertise in configuring and troubleshooting complex layer 2 technologies such as VLANs, VTP, Ether Channels, Spanning Tree Protocol STP, RSTP and MST and redundancy protocols like HSRP, VRRP, GLBP.
• In depth knowledge and experience working with other protocols like TCP/IP, OSI model, DHCP, DNS, SMTP, IMAP, FTP, WAN, LAN, NAT, PAT, ACL, VLANs, Trunking using 802.1Q, IPv4, IPv6, LDAP, HTTP, HTTPS, UDP, VOIP, QOS.
• Expertise with IP subnetting, VLSM, CIDR.
• Proficient in implementing and troubleshooting LAN/WAN technologies.
• Experience in migrating rules from Cisco PIX into Cisco ASA firewall based rules.
• Worked on the migration to new Checkpoint R7x firewalls from Cisco ASA firewalls.
• Experience configuring SDH and SONET in the WAN environment
• Expertise in working with all OSI layers.
• Strong hands on experience with layer - 2 and layer - 3 configurations, troubleshooting and dealt with Nexus models like 7k, 5k and 2k series in data centers.
• Experience configuring Virtual Device Context (VDC) in Nexus 7010
• Design and configure VPC on cisco Nexus 2k, 5k to eliminate STP and bottleneck or single point of failure on server farm and data center.
• Configuration and Maintenance of ASA 5580, 5540, 5520, 5510, PIX 535, FWSM Firewalls.
• Vast experience working with configuring and maintaining security firewalls like ASA, Checkpoint, Palo Alto, Blue coat and expertise in VPN’s, SSL etc.
• Worked in data centers and proficient with configuring and supporting Nexus switches, Fabric Extenders (FEX), VPC and OTV.
• Experience working with Nexus 2148 FEX, Nexus 5048 and 7010 switches in data centers.
• Implementing and configuring Big IP F5 LTM and GTM
• Configuring Nodes, Pools, Virtual Servers & writing iRules for load balancing methods using F5.
• Establishing redundancies for the F5 firewall and control flow between modules.
• Good knowledge on DMZ, IPSec, Intrusion detection, proxy, tunnels, Site to Site VPN, Multicasting, MPLS, SSL, PAP/CHAP, AAA(TACACS+ and Radius).
• Hands on experience in deploying, maintaining and troubleshooting Cisco ASA firewall and implemented adding, removing and editing firewall policies and rules as per the requirements.
• Advanced knowledge, design, installation, configuration, maintenance and administration of Checkpoint Firewall R55 up to R77, Secure Platform Installation, VPN.
• Strong understanding ofVoIPQoS issues and mitigation strategies.
• Good knowledge in wireless networks.
• Upgraded configuration changes, implement the Firewall Rules, configure the NAT, implement the new VPN, troubleshooting and handling the incident on number of vendor's Firewalls (ASA, Checkpoint) and other security products.
• Installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Configuring, Administering and troubleshooting the Palo Alto firewall.
• Knowledge on working with Cisco Dynamic Fabric Automation.
• Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools
• Involved in troubleshooting network traffic and its diagnosis using ping, traceroute and tools like Wireshark, Solar Winds, Sniffer Capture, TCPdump, and Linux operating system servers.
• Configure Palo Alto Networks Firewall models like PA-2k, PA-3k, PA-5k etc.
• Experience with installing copper/fiber cables in industry.
• CCNA and CCNP certifications.
• Excellent customer management/resolution, problem solving, debugging skills and capable of quickly learning, effectively analyses results and implement and delivering solutions as an individual and as part of a team.

TECHNICAL SKILLS

Routers: Cisco 1800, 2500, 2600, 2800, 3600, 3800, 7200, 7600,Juniper MX480, MX960

Switches: Cisco 2900, 3500, 3700, 4500, 5000, 6500,Juniper EX2200, EX2500, EX3200, EX4200, EX4500, EX8200),Nexus 2000,5000,7000

Firewalls: PIX, ASA, Checkpoint, Palo Alto

Load Balancers: F5 Big IP, A10

Routing Protocols: RIP, EIGRP, OSPF, BGP, Redistribution, Summarization, Static Routing

Switching Protocols: VTP, STP, RSTP, MST, VLANs, PAGP, LACP

Security Protocols: IPSec, SSL, AAA, Access Lists, Prefix Lists, NAT, PAT, VPN

WAN Technologies: Leased lines, Frame Relay, ATM, MPLS, DSL Modems

Software’s: Wireshark, Solar winds, TCPDump, Sniffer Capture, Bluecoat Proxy

Operating Systems: UNIX, LINUX, WINDOWS 2000, 2003, XP, WINDOWS 7

Languages: Linux, C, Java, Perl and Shell scripting

VOIP Devices: Cisco IP phones

Documentation: MS Visio, MS Office

PROFESSIONAL EXPERIENCE

Confidential, Minneapolis, MN

Sr Network Security Engineer/Data Center

Responsibilities:

• Experience in Configuring, deploying & upgrading the NX-OS operation system in the data center
• Involved in design and implementation of Data Center Migration and worked on implementation strategies for the expansion of the VPN networks.
• Involved in design, production and maintenance of data centers.
• Install and support temperature sensing monitors, power strips, server cabs, wireless access points.
• Responsible for updating and maintaining Data Center, NOC and Data Processing procedures.
• Participated on Disaster Recovery process for Data Center and their support alternate locations.
• Configured IPsec site-to-site VPN connection between Cisco VPN 3000 Concentrator and Cisco 3800
• Extensively worked with Cisco Routers, Switches, Nexus Switches, Load Balancers and Firewalls.
• Configured and installed VOIP devices and IP Phones such as 7940, 7942, 7960, 7961.
• TroubleshootingVoIPprotocols SIP, RTP, RTCP
• Configuring EIGRP, OSPF and BGP on cisco routers.
• Responsible for enabling BGP peering relationships, and debugging BGP routing problems.
• Worked with LAN protocols (VLAN, VTP, STP, RSTP, MST) & Port Channel Protocols (LACP, PAGP).
• Experience working with Nexus 7010, 5020, 2148, 2248 devices
• Experience with design and configuring Overlay Transport Virtualization (OTV) on Cisco NX-OS devices like Nexus 7000 in data centers.
• Experience with migrating the Partner IPSEC VPN tunnels from one data center to another.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 with ACL, NAT, Object Groups, Failover, Multi-Contexts.
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trucking, deployed port security when possible for user ports
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN.
• Extensively worked on TCP/IP protocols and transport protocols like TCP and UDP.
• Implemented Site-to-Site VPNs over the internet utilizing security standards such as 3DES, AES/AES-256 with ASA 5580 Firewalls.
• Responsible for cabling the switches, assigning IPs, port turn up and also troubleshooting the connection.
• Worked on migration from F5 LTM to A10 LTM
• Experience with GTM F5 component to provide High Availability with providing services across data centers.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Troubleshoot SSL certificates issues that were encountered at the time of deployment or in production
• Performed weekly backups and storage of Checkpoint management servers and firewall configurations.
• As a member of firewall security group, responsible for performing daily performance status report on all security devices.
• Checkpoint firewall Log Maintenance and Policy Maintenance. Troubleshooting complex Checkpoint issues, Site-to-Site VPN related.
• Support, Firewall Administrator (Cisco ASA and Checkpoint), on-call support for 40 Cisco and 3 Checkpoint firewalls, Cisco routers and level 3 switches.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a datacenter access architecture Expertise in installing, configuring and troubleshooting Juniper EX Switches EX2200, EX2500, EX3200, EX4200, EX4500 series
• Excellent customer management/resolution, Organizational, analytic, problem solving, debugging skills and capable of quickly learning, effectively analyses results and implement and delivering solutions as an individual and as part of a team.
• Knowledge on different kinds of cables used to connect different devices in data centers and within the industry.

Environment: Cisco routers (7600, 3800, 2800) and Cisco switches (6500, 3700, 4900, 2900), Nexus (7K, 5K & 2K), Data Centers, FEX, Routing Protocols (EIGRP, OSPF, BGP), ASA, Checkpoint, F5 load balancing, STP, VLAN, MD5, 3DES, AES, OTV

Confidential, Newport News, VA

Sr. Network Security Engineer / Data Center

Responsibilities:

• Configured Nexus 7K, 5k, 2k switches in data center for hosting various servers
• Install or decommission of Nexus switches and servers in the data center.
• Monitor and responsible for access control to theDataCenterto prevent unauthorized access.
• Accountable for ensuring the data center operations meet the functionality and reliability to meet customer Service Level Agreements and expectations.
• Monitors data center devices, equipment's (HVAC, Servers, other devices) local & remote sites
• Provide visibility and support to the Facilities team when monitoring theDataCenterrequests.
• Configured Checkpoint and Cisco ASA firewalls to secure the infrastructure for the Data Center.
• Configured VDC (Virtual Device Context) for Nexus 7010 Switch.
• Upgraded distribution switches 6509 to Nexus 7010 with Sup1.
• Involved in Data Center migrations and handled proper management, maintenance, configuration, and altered management of firewall structure.
• Configured dynamic routing protocols such as EIGRP, OSPF, BGP and switch management on Cisco 6500, 2800, 2900, 3750, 3900 series.
• Responsible for enabling BGP peering and customer sessions, and debugging BGP routing problems.
• Configured VRF on the routers in the network to maintain different routing instances
• Expertise with Cisco ASA firewall based devices, configuring VPNs, IPS, and IPsec
• Experience in Designing and assisting in deploying enterprise Wide Network Security and High Availability Solutions for ASA.
• Used load balance applications based on F5 LTM 6900
• Was a part of a team that Implemented iRules on the VIPs based on applications
• Configuring and troubleshooting perimeter security devices such as Checkpoint R77 Gaia, Secure Platform, Palo Alto and ASA Firewalls.
• Remote implementation of Palo Alto firewalls PA-500 and PA 200 firewalls
• Configured, managed, troubleshooted Palo Alto firewalls and IPsec VPN's.
• Configuring, Administering and troubleshooting the Checkpoint.
• Drafted and installed Checkpoint Firewall rules and policies.
• Worked on F5 GTM, configuring Wide IPs and pools to load balance the client traffic between the two data centers
• SSL offloading on F5 LTM's, worked on both the server SSL profiles and client SSL profiles
• Troubleshooted VIPs and SSL certificates issues that were encountered at the time of deployment or in production
• Configured the F5 LTM both by the GUI and tmsh scripts
• Excellent experience with FTP, TFTP, DHCP configuration and its setup
• Hands on experience with issues related to security like NAT, IP sec, ACLs
• Used Net scalar for quality of service (QOS), offloading
• Maintenance of networks and do any possible upgradation based on the analysis.
• Was part of LAN/WAN development (IP address planning, designing, installation, configuration, testing, and maintenance and troubleshooting issues) team.
• Implemented traffic filters by using standard/extended access lists, distribute lists, & route maps
• Familiarity managing workload in Remedy Ticket System.
• Reviewed any kind of unauthorized changes in the network configuration and troubleshooting them accordingly
• Provided L2 & L3 network support
• Used Network analysis tools like Packet Sniffer and Wireshark for troubleshooting the network.

Environment: Cisco routers (7200, 3800, 2800) and Cisco switches (6500, 3700, 4900, 2900), Nexus (7K, 5K & 2K), Data Centers, LAN/WAN, Routing Protocols (EIGRP, OSPF, BGP), ASA, Checkpoint, Palo Alto F5 load balancing, VRF, VPN, IPSec, VDC

Confidential, Atlanta, GA

Sr. Network Engineer

Responsibilities:

• Installeddatacentercabinets, racks, and supporting infrastructure equipment Configuring and troubleshooting Nexus switches.
• Design and configure VPC on cisco Nexus 2k, 5k to eliminate STP and bottleneck or single point of failure on server farm and data center.
• Hands on experience in Migrating of applications from Cisco ACE to F5 LTM
• Composition of Virtual Servers, Pools, Nodes in accordance to the F5 application.
• Configured the suitable Load Balance methods, Profiles, Persistence, Monitors on virtual servers
• Was a part of a team that Implemented iRules on the VIPs based on applications
• Worked on F5 GTM, configuring Wide IPs and pools to load balance the client traffic between the two data centers
• SSL offloading on F5 LTM's, worked on both the server SSL profiles and client SSL profiles
• Troubleshooted VIPs and SSL certificates issues that were encountered at the time of deployment or in production
• Configured the F5 LTM both by the GUI and tmsh scripts
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Cisco ASA 5540 firewall experience creating access rules for various DMZ containers for both inbound and outbound traffic.
• Troubleshooting experience with networks, identifying the root cause of the network failure with other support engineers
• Maintained and analyzed the F5 networks for any possible up-gradation or forecast to meet the future needs
• Configured the VIPs, pools, iRules and profiles on F5 LTM 10.x version.
• Migrated applications from cisco ACE/CSM to F5LTM.
• Migrated CSS Configs to F5 GTM wide-IP
• Used load balance applications based on F5 LTM on V 10.X
• Configured different load balancing methods on F5 LTM & GTM and worked on one-connect profiles and HTTP compression and several persistence profiles.
• Configured Cisco ASA and Checkpoint firewall layers to secure the infrastructure for the Data Center.
• Responsible to convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN.
• Advanced knowledge, design, installation, configuration, maintenance and administration of ASA Firewalls, Checkpoint Firewall R7x series.

Environment: Cisco routers (7200, 3800, 2800) and Cisco switches (6500, 3700, 4900, 2900), Nexus (7K, 5K & 2K), Data Centers, LAN/WAN, Routing Protocols (EIGRP, OSPF, BGP), ASA, Checkpoint, Palo Alto, F5 load balancing, VRF, VPN, IPSec, VDC.

Confidential, Chicago, IL

Data Center Engineer

Responsibilities:

• Configured and troubleshooting on Nexus 2k, 5k and 7k switches.
• Configured Overlay Transport Virtualization (OTV) on Cisco NX-OS devices like Nexus 7000 in data centers.
• Monitored data centers using NOC and Data Processing procedures
• Racking, Stacking and patching of Cisco servers and switches in data centers.
• Provided support by troubleshooting routing issues with protocols OSPF, EIGRP and BGP
• Supported NAT, access-lists and routing on Cisco routers, firewalls, and layer 2, 3 switches
• Worked on Cisco 7200 and 3800 series routers for WAN connectivity
• Configuration, device management and High Availability pair of F5 LTM
• Working experience of F5 LTM 6900, creating virtual servers, pools and nodes
• Used different load balance methods, persistence and profiles on F5 LTM
• Offloading of SSL certificates on the virtual servers
• Supported layer 2, by troubleshooting issues related to VLANs, VTP, STP, Trunking
• Troubleshooting backup, restore problems and also for the end users.
• Assisted the LAN/WAN network operations, support and management complex customer issues
• Involved in network designing, DNS, IP Sub-netting, TCP/IP protocol.
• Deployment of VOIP technologies including phones, gateways, conferencing equipment and other devices.
• Worked on WAN Accelerator “River Bed “for optimization of the bandwidth and file sharing on the WAN Circuit.
• Ensured network, system and data availability and integrity through preventive maintenance and upgrade.
• Drafted, installed, and provisioned Checkpoint firewall rules and policies.
• Regularly performed firewall audits around Checkpoint Firewall
• Migrated firewalls from ASA 8.0 to Checkpoint R75.
• Taking backup configuration and upgradation of Checkpoint firewalls.
• Familiarity with standard network protocols - LACP, STP, RSTP, VRRP, 802.1x

Environment: Cisco routers (7200, 3800) and Cisco switches (6500, 3700, 4900, 2900), Nexus (7K, 5K & 2K), Data Centers, FEX, Routing Protocols (EIGRP, OSPF, BGP), ASA, Checkpoint, F5 load balancing, VOIP, NAT, VLAN, STP, WAN, LAN, IP/TCP, DNS

Confidential, Warren Township, NJ

Network Security Resident Engineer

Responsibilities:

• Involved as a team member in the design and set up of routing environment for the clients.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Worked on configuring Nexus switches (2k, 5k, 7k) series.
• Installed and configured routers and switches in the network.
• Configured and implemented protocols like RIP, OSPF, EIGRP, BGP on cisco routers.
• Team member in the design and setup of a LAN/WAN environment for clients.
• Implementing route summarization, redistribution between different IP routing protocols.
• Providing configurations for Cisco 6500, 4500 & 3750 catalyst switches with port security, VLANs, VTP, PVST+.
• Configuring WAN services (frame relay, DDR, NAT/PAT and private addressing) & LAN services (Ethernet, VLNA'S, Trunking) on Cisco routers and switches.
• Implemented STP, VTP technologies on layer 2.
• Migrated information security from Cisco PIX to ASA 5500 with LAN failover platform.
• Installation of Cisco ASA 5500 series firewalls on cisco 3500, 4500 series switches.
• Worked on 501 Cisco PIX Firewall andCheckpointFirewall
• Installed and provisioned Cisco PIX and Checkpoint firewalls rules and policies.
• Checkpoint firewall logs and policy maintenance.
• Provided technical support to routing and switching equipment's, configurations.
• Worked on troubleshooting, issues related to layer 1 and 2.
• Experience with design and implementation of Virtual Switching System (VSS) for both User segment and server segment using 6509 catalyst switches.
• Troubleshooting connectivity issues through Ping & Trace route.
• Documented network related issues and root causes which would help in future.

Environment: Cisco routers (7200,3600,2800) and Cisco switches (6500, 3700, 4900, 2900), Data Centers, LAN/WAN, Routing Protocols (EIGRP, OSPF, BGP), ASA, PIX, Checkpoint, F5 load balancing, NAT, PAT, STP, VTP, VSS, Data Centers

Confidential

Network Engineer

Responsibilities:

• Responsible for cabling the switches, assigning IPs, port turn up and also troubleshooting the connection.
• Extensively used TCP/IP tool like TELNET for remote login to the routers and SSH for secure login.
• Configuration and troubleshooting Cisco routing protocols including RIP, OSPF, EIGRP, BGP, MP-BGP and MPLS.
• Worked with BGP attributes for manipulating Inbound and outbound traffic using MED, Local Preference, Weight.
• Configured routing protocols on Juniper routers.
• Implementing and troubleshooting complex layer 2 technologies such as creating VLANs, VLAN Trunking, creating Ether channels, VTP, STP, RSTP and MST.
• Upgrading IOS on 2960 and using 2960 switch as a PAGP/LACP between VSS.
• Implemented VRRP and HSRP for default gateway redundancy.
• Performed IOS upgrades on Cisco routers 2500, 2600, 3600 series and on switches 1900, 2900, 3500 catalysts.
• Administration of Cisco ASA firewalls across global networks.
• Worked on tickets using NAGIOS and provided solutions to issues related to link failures and connectivity issues.
• Worked on Spanning Tree Protocol STP, VLAN and IP subnet issues.
• Documented network related issues and their root causes which would help in future.

Environment: Cisco routers (7200, 3800, 2800) and Cisco switches (6500, 3700, 4900, 2900), LAN/WAN, Routing Protocols (EIGRP, OSPF, BGP), ASA, VLAN, MPLS, STP, RSTP, MST, VTP, LACP, PAGP, IP Subnets

Confidential

Network Engineer

Responsibilities:

• My duties include replacing old networking devices with new devices and configuring them with necessary Config changes.
• Responsible for cabling the switches, assigning IPs, port turn up and also troubleshooting the connection.
• Attend team meetings on daily basis to understand the client’s requirements and changes.
• Configured routing protocols like OSPF, EIGRP and BGP.
• Assisted the lead and configured popular hierarchal LAN design, STP, static routing, dynamic routing, DNS, DHCP, VLANs, Port security, IOS upgradation, access lists and other networking protocols.
• Performed switching technology administration including Vlans, inter-Vlan routing, trunking, port aggregation and link negotiation.
• Configured and maintained network equipment like printers and copiers.
• Used network monitoring tools like Wireshark, Solarwinds to monitor and troubleshoot a network.
• Handled multiple complex tasks with tight deadlines.
• Prepared documentations with installation and troubleshooting steps for all processes as a future reference for all employees.

Environment: Cisco routers (2600, 2800, 3800) and Cisco switches (6500, 3700, 4900, 2900), Routing Protocols (EIGRP, OSPF, BGP), LAN, VLANs, WAN, DNS, DHCP, STP