SUMMARY

• 8+ years of IT experience in design, development, implementation, troubleshooting and maintenance of complex Network & Security devices, Network Security, Linux Kernel Programming.
• Extensively worked on Cisco Routers, Switches, Load Balancers & Firewalls
• In - depth Cisco technology experience/knowledge in design, implementation, administration and support.
• Strong hands on experience in installing, configuring, and troubleshooting of Cisco 7600, 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950, ASR 9K Juniper SRX, MX960 and 3500XL series switches.
• Network security including NAT/PAT, ACL, VPN Concentrator.
• Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Worked on Load Balancer F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Primary responsibility is to design and deploy various network security & High Availability products like Cisco ASA and other security products.
• Strong Hands on experience in installing, configuring and troubleshooting of Cisco 12404,12406,7600, 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
• Designing, Implementing and Troubleshooting Cisco Routers (2800,2900,3900,3800,7600) using Static, RIP, IGRP, OSPF, EIGRP, BGP, MPLS & experience with Checkpoint, Cisco PIX & ASA devices
• Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, NAT, sub-netting, also including DNS, WINS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols
• Excellent Verbal, written communication skills and Interpersonal skills with ability to work with large teams as well as independently with minimum supervision & Team Player
• In-depth knowledge of Linux Kernel Programming (Module Programming)
• Good domain knowledge in Linux source code 2.6x & Shell scripting
• Network Security - Anomaly Detection in Attack Prevention System, Network and Host IPS/IDS, Cisco PIX firewall, Vulnerability scanning, Penetration testing, Buffer Overflows, Cross Site Scripting,

TECHNICAL SKILLS

Programming: C Programming, Linux Kernel Module Programming, TCL/TK, Perl, Network Processors (Programmable Chips), Red hat Linux

Security: Anomaly Detection in attack prevention system, IPS/IDS, Penetration Testing and Web application testing, Buffer Overflows, Cross Site Scripting, Session Management, Cisco PIX, and Security attacks like DoS, DDoS, Spoofing, Nessus & Cisco IOS, Cisco Works

Protocols & Standards: TCP/IP Protocol Suite, Ethernet, Token Ring, FDDI, OSPF, EIGRP, Rip, BGP, HSRP, L2/L3/L4/L7 Switching, VLAN’s, VTP, IPv4, IPv6, ATM, VoIP, LAN, SSL, SNMP V1, V2. T1, DS3.

Networking: Network Design & Engineering, Operations Research, Cisco Routers (800, 2600, 2800, 3800, 4500), Switches (2950, 3560, 6500), ASR 9K Snort network intrusion detection systems (IDS). Network penetration testing tools like NMAP, Netfilter, IPTables, Ethereal, SONNET, MPLS, DSU/CSU

PROFESSIONAL EXPERIENCE

Confidential, San Francisco

Sr. Network Engineer

Responsibilities:

• Experience in working with Nexus 7010, 5548, 5020, 2148, 2248 and ASR 9K devices.
• Implementing and Maintaining Network Management tools (OPAS, Solar Winds, Cisco Works)
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed
• Experience with migrating the Partner IPSEC VPN tunnels from one data center to another data center.
• Experience with deploying the Layer 3 MPLS VPN in all the Branches and Campus locations.
• Replace Campus Cisco 6509 End of Life hardware with new 4507/4510 devices.
• IOS upgrade in Nexus 7010 through ISSU (In service software upgrade)
• Worked on Juniper J series j230, M 320 routers and EX 3200 series switch.
• Involved in the modification and removal (wherever necessary) of BGP from the MPLS routers.
• Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
• Responsible for Checkpoint firewall management and operations across our global networks.
• Working with Checkpoint Support for resolving escalated issues.
• Implemented various EX, SRX & J series Juniper devices.
• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments
• Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series and ASR 9k, GSR 12K routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Configuration of Voice FX0 ports on the routers for SRST (Survivable Remote Site Telephony) and SRST testing after carrier numbers are ported over.
• The Citibank North America (CBNA) Network Redesign for 2000 branches & 100 Campus Locations. This includes changes to both the voice and data environment.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Designed, validated and implemented LAN, WLAN & WAN solution to suite client’s needs.
• Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
• Configuring Virtual Chassis for Juniper switches EX-4200, Firewalls SRX-210
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems.

Confidential, Boston, MA

Sr. Network Engineer

Responsibilities:

• Experience in configuring routing protocols like EIGRP, RIP v2, OSPF & BGP and Cisco ACS protocols like RADIUS and TACACS
• Designed MPLS VPN and QoS for the architecture using Cisco multi-layer switches
• Cisco IOS experience on 3600/7200 class hardware in complex WAN environment and experience on Cisco OS and IOS on CAT6500 in a complex data center environment
• Coordinated with senior engineers with BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks
• Converting access-lists to Firewall rule sets on FWSM module with 6509-E Catalyst switches
• Experience working with Juniper EX-Series Ethernet Switches and Juniper SRX Series
• Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst switches
• Configuring PAGP and LACP protocol along with BFD link detection protocol
• Experience with hybrid CatOS to Native Cisco IOS code migration involving Catalyst 6503 to Catalyst 6504 switches
• Involved configuring PPP multilink group, dialer group, PPP authentication protocols like PAP, CHAP
• Experience with migrating from IOS to IOS-XR on ASR 9K
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Working knowledge of Terminal server and the configurations
• Installation of L3 Switching Engine Policy Feature Card & Distributed Forwarding Card DFC3C
• Experience with design and implementation of Data center migration at NBC Universal
• Data center migration was involved in Access, Distribution and Core layers.
• Experience with design and implementation of Virtual Switching System (VSS) for both User segment and server segment using 6509-V-E catalyst switches
• Working knowledge with 10 gigabit Supervisor Engine 720 on 6500 catalyst switches
• Implementing 3750 Rack/Stack switches using Cisco Stack Wise technology
• Experience with migration Hybrid based Cisco CatOS and Native Cisco IOS on 6500 catalyst switches.
• Working knowledge of configuring VOICE VLANS on core, Distribution layer switches
• Configured Access ports with Voice VLANS and Service Policy for VOIP Phones
• Experience in working with Cisco Nexus 2148 Fabric Extender and Nexus 5000series to provide a flexible Access Solution for a datacenter access architecture.
• Design and implement campus switch network with Cisco Layer 3 switches (3750, 4500, 6500) in multi VLANs environment and inter-VLAN routing, HSRP, ISL trunk, ether channel.

Confidential, St. Louis, Missouri

Sr. Network Design Engineer

Responsibilities:

• Hands on experience with Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them with various modules like Gig card, VPN SPA card, WIC card.
• Applying crypto maps and security keys for the branches, ISAKMP (Internet security association key management protocol) for establishing Security associations (SA) cryptographic keys.
• Experience in configuring routing protocols like EIGRP, RIP v2, OSPF & BGP and Cisco ACS protocols like RADIUS and TACACS
• Experienced in WAN environments, installing and troubleshooting data circuit problems (MPLS, T1)
• Involved in designing and applying QOS and policy map to 2800 series routers for all the branches
• Involved in designing GRE tunnels for encryption of data flow from source to destination
• Experience in migration of Frame-relay based branches to MPLS based technology using multi-layer stackable switch like 6500 series and 2800 series router
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks
• Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system.
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS
• Working with Juniper JUNOS operating system and working on M/ MX/ series routers. And SRX devices
• Designing, Installation and configuration on Checkpoint, ASA, Net Screen and Juniper Firewalls
• Implementing & Troubleshooting of T1, MUXES, CSU/DSU and data circuits.
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems,
• Involved in configuring IP Quality of service (QoS)
• Have experience with Cisco Works LAN Management Solution
• Implementing VoIP solutions using SIP & H.323, also have sound knowledge of Avaya VoIP products
• Experience with Project documentation tools & implementing and maintaining network monitoring systems (Cisco works & Net info, Infoman Virtual Change) and experience with developing network design documentation and presentations using VISIO
• Understanding & Implementation of IPSEC & GRE tunnels in VPN technology
• Experience with network based F5 Load balancers with software module GTM & Checkpoint
• Experience with connectivity of Cisco Networking Equipment with F5 Load Balancer
• Experience with GTM F5 component to provide high availability with providing services across data centers

Confidential

Sr. Network Engineer

Responsibilities:

• Involved in redesign of traffic anomaly system to increase the detection method and algorithm efficiency.
• Capturing data in the kernel stack and analyze the packets in various locations on the network stack
• Analyze the vulnerabilities/threats in traffic patterns and Design a methodology to prevent diff. attacks.
• Hands on experience with firewalls, firewall rules & Tool Net Cool
• Distributed denial-of-service (DDoS) attacks on public servers have recently become more serious. A detection and defense mechanism against SYN flood Attacks has been proposed in previous work.
• Experienced in WAN environments, installing and troubleshooting data circuits (OC, T1, E1, T3, MUXES)
• Experience with SONET Multiplexing protocols and DWDM technologies.
• Experience in security consulting, support and/or engineering, security architecture, planning, design and implementation of Cisco security products.
• Understanding current vulnerabilities attacks and counter measures, assessing the impact of traffic on customer networks, conducting research on emerging security threats.
• Mentoring and training security analysts, creating and maintaining documentation for Traffic Anomaly Sys.
• Troubleshooting and installing of CRS, ISR, GSR, ASR9000 and Nexus devices.
• Deploying and decommissioning the VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Experience in designing, installing & configuring of Cisco PIX, ASA & FWSM (Firewall service module)
• Evaluate, Analyze & Implement firewall policies to meet business requirements
• Experience in creating and maintaining firewall configurations, updating documentation and log analysis.
• Responsible for the implementation and maintenance of firewall based security zones (DMZ*s).
• Provide support to internal project teams by adding firewalls, switches and routers to managed DMZs.
• Assist internal project teams by determining rules that need to be added to the firewalls and identifying the proper routing and addressing for new devices in managed DMZ.
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems
• Experienced in SYSLOG analysis & Proxy servers
• Experience with Using LTM F5 component to provide 24“7 access to applications
• Experience with using F5 Load balancer in providing worldwide data and file sharing, continuous internet connectivity, optimized web performance.