SUMMARY

• Overall 6+ years of Experience in designing, implementing and operating enterprise data networks as a Network Engineer.
• Worked in NOC environment monitoring, troubleshooting, backup and restore and reporting issues.
• Well experienced in configuring gateway redundancy protocols like HSRP, GLBP, PPP and SNMP and routing protocols: MP - BGP, OSPF, LDP, RIP v2, EIGRP, RIP, BGP v4, MPLS.
• Hands on experience in Azure Development, worked on Azure web application, App services, Azure storage, Azure SQL Database, Virtual machines, Fabric controller, Azure AD, Azure search, and notification hub
• Highly experienced in AWS Cloud platform and its features which includes EC2, VPC, ELB, AMI, SNS, RDS, EBS, Cloud Watch, Cloud Trail, Cloud Formation, AWS Config, Auto Scaling, Cloud Front, IAM, S3 and Route53
• Excellent knowledge in configuring ACL, IPS/IDS, Cisco DNAC, Site-to-site IPSec and Remote SSL VPN on router IOS platforms, Cisco ACI, Cisco ISE and firewalls policies (Cisco ASA, Palo Alto, Fortinet, Checkpoint, PIX).
• Experience in Meraki Wireless Switches (MX 33), SDWAN (MX100) and FortiGate Secure SD-WAN (FortiOS 6.2).
• Implemented traffic filters using ACL Standard and Extended access-lists, Distribute-Lists, and Route Maps.
• Experience with convert PIX rules over to the Cisco ASA solution and Cisco ASA firewall administration.
• Expertise in working with Cisco Nexus Switches, Arista, ASR 900, Juniper and Cisco Catalyst switches.
• Experience in implementing and configuring DNS, DHCP, TCP/IP, IPAM, UDP, VLAN, NAT/PAT, ACL, VPN, route-maps, frame relay, Cisco DNA solutions (SDA), ATM and VPC solutions.
• Experience working on network design, network topologies, SD-WAN and SDN architecture.
• Good knowledge in configuration of Voice VLAN’s (VOIP), prioritizing voice traffic over data traffic.
• Help operations maintain VMWare infrastructure for about 400 VM's and used Linux and Windows CLI.
• Worked on F5load balancer LTM and GTM (6400/6800/8800 ) for the corporate applications.
• Experience implementing automation using Python, Netbrains, Ansible and Bash.

TECHNICAL SKILLS

Network Configuration: Advanced switch/router configuration (Cisco IOS access list, Cisco DNAC. Route redistribution/propagation), citrix remote access, SDN, SD-WAN, Azure, AWS, Cisco ACI, L2/ L3 technologies.

Routing and WAN Protocols: IGRP, EIGRP, OSPF, BGPv4, MP-BGP, HDLC, PPP, MPLS.

Programming Languages: Python, YAML, JSON, SQL, JQL, XML, Bash.

Operating System Administration: Cisco IOS, NX-OS, Active Directory, Arista OS, FortiOS, PAN-OS, Linux, Windows

Network Fundamentals: TCP/IP, ARP, DHCP, DNS, HSRP, GLBP, TACACS, RADIUS, trunking, switchport, CDP, LLDP, VXLAN, IPAM, VLAN, STP, DTP, dot1q, ISL, VTP, OSI model, VMWare, Troubleshooting etc.

Hardware: Arista 7010/7020/7280 , Cisco Nexus and Catalyst 7200/3800/7600/2500/1800/6500/4500 , Avocent ACS6K, Fortinet 200D/2600F/ /5000, Palo Alto 7000/3200/800 , Checkpoint 26000/28000/7000/6200 , Cisco 3800 AP, Juniper EX-2200/EX-4200/EX-4500/MX-480/M Series/SRX210/SRX240.

Additional Skills: Communication, Teamwork, Professionalism, Problem Solving

Application Software and Tools: JIRA, Cisco DNA SDA, HP ALM, Confluence, Cisco Prime Home, Packet Ping, Wireshark, Splunk, iPerf3, Assoclist, InSSIDer, MS Teams, Slack, MS Exchange, Jira, Confluence, Telnet, SSH, backup and restore, DOCSIS CPE, NetBrains, Cisco Packet Tracer, Office 365

Security Technologies: Cisco FWSM/PIX/ASDM/firepower, AAA, ACL, CyberArk, Palo Alto and Checkpoint NGFW, AWS MFA, proofpoint email security, FortiGate 3000, Cisco ISE, IPSec, SSL, Juniper SRX

Cisco Routers: Cisco GSR 12416, 12418, Cisco 7200vxr, Cisco 2900/3600/3900/4400

Physical interfaces: Fast Ethernet, Gigabit Ethernet, Serial, HSSI, Sonnet (POS)

PROFESSIONAL EXPERIENCE

Confidential, Chicago, IL

Network Engineer

Responsibilities:

• Installed Ansible and ansible galaxy collection on CentOS server .
• Created ansible scripts to gather information from IOS-XE, NXOS, PANOS, DellOS 10 and Dell EMC and put them into an excel.
• Worked on Azure and AWS technologies like ELB, global accelerator and MFA.
• Worked on resolving DNS, IP subnet and DHCP issues on various network devices.
• Troubleshot MTU issue between switches.
• Monitored network regions using various third party as well as inbuild monitoring tools.
• Worked on on-call duty for network configuration across different regions.
• Used Python program to parse values from various CLI outputs to pick only the relevant data.
• Whitelisted sites on Palo Alto Firewall and created ansible scripts to automate the same.
• Worked on collecting VIPs from A10 load balancers and created a script to automate the same.

Confidential, New York, NY

Network Administrator

Responsibilities:

• Installing, configuring, troubleshooting, upgrading and maintaining Cisco Nexus TOR switch pairs, BORs.
• Configuring BGP, OSPF, TACACS, AAA, ACL, switchport, VLAN and trunking on layer 3 switches.
• Administrating Azure cloud with virtual machines, storage accounts and resource groups.
• Documentation of computer networks using CDP and LLDP on Visio.
• Worked on IPAM to configure subnets, DHCP, and DNS.
• Migrating subnets from /30 to /31 between access and core switches to conserve usable IP addresses.
• Design and define cloud solutions in a Virtualized environment using SDN network elements.
• Worked on implementing Policy rules, VDOMs and DMZ on FortiGate firewalls.
• Worked on implementing WAN connections, security policies and SSL decryption on FortiGate FortiOS 6.2 Secure SD-WAN.
• Used Azure Automation, Netbrains, PowerShell and Jenkins to automate applications.
• Performed rule analysis, rule modification. URL filtering, SSL decryption and SSL forward proxy on Palo Alto firewalls.
• Worked on Cisco DNAC dashboard to control network devices.
• Using QIP for subnets, Aquilon, Readyworks, DSDB, CMDB and NMDB for documenting switch data.
• Worked on L2/L3 technologies like switches and routers from Cisco, Arista and Juniper.
• Created a Python script to parse relevant subnet and subnet type data from switch patch management data files using Python, JSON, YAML and XML.
• Worked on Cisco's Nexus line of products like Cisco ACI (SDN)
• Strong knowledge in Cisco Routing, Switching and Security with Cisco Nexus and Catalyst OS.
• Cisco ASA 5500, PIX phase out to Palo Alto, Check Point and Juniper replacements
• Configuring port channels, DHCP helper addresses, VLAN with HSRP, VXLAN and BGP routes on switches.
• Worked on Palo alto PAN-5020 firewalls, performing changes to monitor, block and allow various traffic.
• CLI troubleshooting and audits on Panorama by implementing Palo Alto Rule changes on PA-2000/PA-4000.
• Setting up Azure Virtual Appliances (VMs) to meet security requirements as software-based appliance functions (firewall, WAN optimization and intrusion detection)
• Network Cabling, labeling and troubleshooting various network drops onsite.
• Configuration of Cisco 6500 (sup 720), 4500 (SUP 6) & 3750 Catalyst switches for network access.
• Experience with identity management using Cisco ISE especially on MFA.
• Configuring RIP, OSPF and static routing on JuniperM and MX series Routers

Confidential, New York, NY

Network Engineer

Responsibilities:

• Migrating networks between datacenters and remote offices from MPLS to SD-WAN.
• Configured LAN network design for a small office using Visio.
• Worked on database management for variety of hardware devices using NMDB and CMDB.
• Implemented SSL inspection, multicast forwarding, intrusion prevention, security policies and firewall rules on Checkpoint and Palo Alto firewalls.
• Implemented policies on client computers using Active Directory from Windows 2016 Server.
• Used Python programing language and Netbrains to create test for various network scenarios and to upgrade access layer Cisco Nexus switches.
• Automated the monitoring system for Azure resources using App Service Monitor and Power BI dashboards
• Configured and managed AAA, TACACS+, RADIUS, Trunking, VLANs, STP, HSRP, OSPF, BGP and RIP on various Cisco Nexus, Arista and Catalyst switches.
• Configured uplinks on Access layer switches, downlinks on Core layer switches and sidelinks n TORs.
• Implemented Solarwinds and Splunk for network monitoring at various points.
• Deployed Virtual machines (VM) and PaaS cloud services using Azure.
• Worked on various AWS applications like CloudWatch, EC2, S3, Lambda, ELB, SNS, SQS, IAM and Azure applications.
• Helped with migration of switches load balancers from Netscalar to F5 and implemented F5 BIG IP LTM/GTM.

Confidential, Bethpage, NY

Network Engineer

Responsibilities:

• Experience working with Network management database software.
• Implemented Fort ADC, SSL inspection, VDOMs, multicast forwarding, intrusion prevention, security policies and firewall rules on Fortinet firewalls.
• Installed, configured and troubleshot security policies on Palo Alto and Fortinet firewalls.
• Worked on TV UI and HP ALM making sure user experience using these devices was up to the mark.
• Carried out network performance analysis using iPerf3 and interoperability test on various end user devices.
• Performed fall-back from 2.4G to 5G band and vice-versa by simulating crash tests on CLI on new products.
• Worked on configuring and managing issues related to Cisco CUCM.
• Worked on automation of various network tasks using Python, Bash, NetBrains, Ansible and YAML.
• Worked on L2/L3 devices like Cisco, Arista, Juniper switches and routers, DNAC and Cisco ACI in data center.
• Security filtering and Mission critical needs, LAN/WAN design using SDN/NFV.
• Worked on initializing proofpoint security.
• Handling Internet content filtering through bluecoat SG-900 proxies for around 600 users in AAA.
• Built tunnels with on-prem firewall to the AWS related auto scaling firewalls.
• Configuration and troubleshooting issues related to IPAM (DNS/DHCP) issues on LAN networks.
• Worked on the Cisco wireless LAN (WLAN) controller to troubleshoot issues like onboarding devices and internet inaccessibility.
• Configuring, installing and troubleshooting the routers and switches on VoIP (L2/L3), IOS layers, LANs, VoIP phone system, VoIP monitoring and IPv4 addressing routing protocols likes RipV2, HSRP, VRRP, OSPF, IGRP, EIGRP and BGP.
• Designed and configuredAzure Virtual Networks(VNets), subnets,Azure network settings, DHCP address blocks, DNS settings, security policies and routing.
• DeployedAzure IaaS virtual machines(VMs) andCloud services(PaaS role instances) into secure VNets and subnets.

Confidential, San Jose, CA

Network Engineer

Responsibilities:

• Configuring IPSEC VPN on SRX series firewalls
• Worked extensively in configuring, monitoring and troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with Fortinet firewalls as per the design.
• Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches.
• Worked on commissioning and decommissioning of the MPLS circuits and SD-WAN for various offices.
• Deploying and decommissioning VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Performed OSPF, BGP, RIP, DHCP Profile, DNS, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Supported applications running in private cloud developed using VMWARE and public cloud (AWS)
• Worked with engineers and managers on VMWare virtualization, SAN storage systems, routers and switches, Microsoft OS and Exchange, and firewalls.
• Extensive understanding and knowledge using load balancers like F5 and Citrix NetScaler Load Balancer.
• Worked on Palo-alto Next-Gen PA-5000 Firewalls implementing NAT, IPsec, site-to-site and remote VPNs, advanced inspection, anti-spoofing and AAA policies and SDN applications like Cisco ACI.
• Worked on Microsoft Azure (Public) Cloud to provide IaaS support to clients. Created VMs through Power Shell Script and Azure Portal
• Performed network analysis and evaluation for environment consisting of 7 remote offices and 2 data centers. connected via MPLS and IPSEC VPN utilizing Cisco ASA's and Meraki firewalls, Solarwinds NMS, Cisco 9K, ASA 5520, Catalyst 6500/3750 and Meraki AP's
• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Configured SSL VPN connections for third parties connecting to client offices
• Involved in L1/L2 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter VLAN routing and LAN security.
• Experience working with technical solutions for OTV, STP on the Nexus series between the Datacenters
• Cisco ASA and PIX phase out to Palo Alto, Check Point and Juniper replacements
• Implementing and Maintaining Network Management tools (Fluke Network, Nortel ENMS, JFFNMS, SNMP, MRTG, and NMIS)
• Managed the F5 Big IP GTM/LTM appliances to include writing I Rules, SSL offload and everyday task of creating WIP and VIPs
• Deployment of Cisco 6500 switches in standalone and VSS modes with SSO and NSF
• Supporting EIGRP, OSPF and BGP based network by resolving level 1 &2 problems of internal Sites.
• Providing daily network support for Global wide area network consisting of MPLS, VPN and point-to point site.

Confidential

Network Engineer

Responsibilities:

• Experienced in Planning and Organizing Change Managements.
• Set up of distributed core LAN using Cisco 6500 series switches
• Coordinating with service providers for WAN link outages.
• Performed switching technology administration including VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.
• Responsibilities also include technical documentation of all upgrades done
• Attending meetings and technical discussions related to NOC changes.
• Network Cabling, dressing, labeling and troubleshooting various network drops onsite.
• Worked on Active Directory Group Policy creation
• Design, execution of installation and configuration of VPN/IVPN, LAN/WAN as per organizational requirements.
• LAN Segments monitoring/Trouble shooting LAN related issues.
• Carryout periodic backup (and restore) of Router/Switch configurations.
• Planning and Implementing New Infrastructure in the Data Center.
• Analyzing the Bandwidth Utilization of the Links.
• Timely Escalations within SIFY and to Service providers.
• Troubleshooting on the devices by remote login to determine the RFO (Reason for outage) and RCA (Root cause analysis) to minimize the consequences of malfunctions. Troubleshoot of Leased Lines like STM4, DS3, E1 Links, Metro, NLD ILD Services and RF links.