SUMMARY

• Network Engineer around 8 years of experience in the industry, which includes expertise in the areas of Routing and Switching.
• Thorough knowledge of the installation, termination and troubleshooting of the physical, data link, network layers of the OSI model.
• Hands on experience of data center environment and implementation of VPC, VDC and Fabric path on Nexus 9K, 7K, 6K, & 2K Switches.
• Implementation of HSRP, VRRP for Default Gateway Redundancy and Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: BGP, OSPF, EIGRP, RIP, BGP v4, MPLS.
• Experience working with Cisco IOS - XR on the ASR9000 devices for MPLS deployments. Installation, configuration, and maintenance of Cisco ASR 9K, 7200, 3900, 28XX and 1800 series Router.
• Worked extensively on Cisco Firewalls, Cisco PIX (506E, 515E, 525E) & ASA (5500, 5520, 5540) cisco Fire Power Series. Administered Cisco Catalyst 29xx, 35xx series switches.
• Monitoring logs on Cisco ISE for endpoint profiling and posturing by using 802.1x and MAB (MAC Authentication Bypass) method.
• Experience in configuring IPSec VPN Tunnels, GRE Tunnels and DMVPN, MPLS VPN Tunnels.
• Configured Palo Alto Firewalls like PA-7050, PA-5050, PA-3060 devices with Panorama for Management.
• Responsible for Check Point and Cisco ASA & Palo Alto Firewallsenvironment.
• Hands on Experience in design, installation, configuration, maintenance, and administration of Checkpoint Firewall R55 up to R77.20 version, Blue Coat Proxy Server Secure Platform Installation, VPN.
• Configuring/Managing Intrusion Prevention System (IPS): Cisco IPS/Fortinet& Checkpoint UTM.
• Strong hands-on experience on PIX Firewalls, ASA (5540/5550) Firewalls.
• Participated in troubleshooting SDN/SD-WAN deployments
• Provide consultation regarding segmentation, security, and policy of the SDN network
• Experience working with JUNOS OS on Juniper Routers and Switches.
• Experienced with Juniper: EX-2200, EX-4200, EX-4500, MX-480, and M Series, SRX210, SRX240.
• Experience in system engineering with strong background in IP, Network technologies and network virtualization, with solid understanding of SDN/NFV.
• Expertise in network design -ability to lead a WLAN design-related discussion with leading questions to fully vet a customer's requirements and develop a proposed design fulfilling said requirements, identify potential impacts of a given design
• Experience in emerging technologies such as IoT, SDN, NFV, 5G, and MEC, with a focus on Enterprise use cases.
• Experience of Cisco Wireless network functions, Implementation & troubleshooting (Cisco,).
• Experience with adjacent domains - hosting, virtualization, containers (VMware, AKS or similar) Monitoring/alerting and event management, disaster recovery, inventory management, automation/orchestration using tools or scripting (NetMRI, Tufin, Ansible, Python).
• Experience with Public Cloud Networking, including but not limited to Hub and Spoke, VNET, Peering, VPN Gateways, AWS Direct Connect and Azure Express Route.
• Expertise in the following fundamental AWS Services (VPC, Subnet, Elastic Network interface, Internet Gateway, Route table, NAT Gateway, Network ACL, Direct Connect, VPC Peering, VPN, EC2).
• Highly experienced in VPN Implementation IPsec VPN and SSL VPN Server-to-Server and Client-to-Server.
• Experience working on network monitoring tools like, SOLAR WINDS, CISCO works, Wireshark and Splunk.
• Working Knowledge of Virtual Machines VMWare
• Handled multi-Vendor / platform Security technologies including Firewall, IDS-IPS, ISE, VPN, Proxy
• Working on Quality of service QOS and class of service COS implementations for business-critical applications and prioritize traffic for voice and other critical applications utilizing classification techniques like DSCP, NBAR, Traffic shaping and Policing.
• Experience deploying F5 Load Balancers for load balancing and traffic management of business application
• Worked on F5 LTM 8900,CitrixNetScalerconfigured profiles, provided, and ensured high availability.
• Extensive work experience on Load Balancers and Firewalls.
• Build, document and support new infrastructure components of the Citrix environment including Provisioning servers
• Good knowledge about spoofing attacks and mitigating them using DHCP snooping, IP source guard.

TECHNICAL SKILLS

Networking Technologies: LAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, NAT, PAT, STP, RSTP, PVST, MSTP, SDN, SDWAN

Networking Hardware: Cisco Switches, Cisco Routers, ASA/Pix firewalls, APIC.

Routing Protocols: OSPF, IGRP, EIGRP, RIP, MPLS, IS-IS, BGP, Multicasting

Security Technologies: PAP, CHAP, Cisco PIX, Blue Coat, ISE.

Network Monitoring: Cisco Works 2000, Wireshark, HRping

Operating Systems: Windows 7, Vista, XP, 2000, LINUX, Cisco IOS, IOS XR

Routers: CISCO 2600, 2800,3600,3800,7200, Juniper M & T Series, Cisco CRS 1/3, GSR

Load Balancers: Cisco CSM, F5 Networks (BIG-IP)

Capacity & performance: Cisco works

Switches: CISCO 2900, 3500,4500,5000,6500, Nexus 7k,5k,2k

Programming Languages: C, C++, Perl, Power Shell, Python

Simulation Tools: GNS3, VMware, OPNET IT GURU, OPNET Modeler, Cadence

Firewalls: Juniper Net Screen (500/5200), Juniper SRX (650/3600), Pix (525/535), ASA (5520/5550/5580 ), McAfee Web Gateway, Checkpoint, Palo Alto firewalls.

AAA Architecture: TACACS+, RADIUS, Cisco ACS

Features & Services: AWS, IOS and Features, HSRP, GLBP, IPAM IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management, Open Stack, IVR’s, HLD and LLD documents, Dell equal logics

PROFESSIONAL EXPERIENCE

Confidential, NJ

Senior F5 Network Engineer

Responsibilities:

• Engineering traffic management solutions, including the design, low level engineering, and application load balancing solutions for client applications across the pre-provisioned ADC infrastructure.
• Collaborating with Application team/owners to migrate from Legacy A10 Load Balancer to F5 VE LTM
• Migrated around 30 physical devices including models BIG-IP VPR-C2400, BIG-IP 10250(vCMPs), BIG-IP 4200 and including GTMs, LTMs, and vCMPs to F5 Virtual Edition.
• Migrated A10 Load Balancers to F5 Virtual Edition LTM.
• Engineering and configuring Virtual Server, Pools, Nodes, Persistence, and monitor on F5 LTM.
• Monitoring and capturing the traffic using network management tools like Solar Winds, Forti monitor and Infoblox
• Configured and troubleshooting the F5 LTM, F5 GTM and F5 AFM and providing level 2 and level 3 support for the customers
• Licensing and provisioning F5 modules such as LTM, GTM, ASM and AFM.
• Extensively worked on code upgrades fro V11 to V13/14, V /16, and V
• Extensive knowledge in configuration via TMSH and Advanced shell.
• Creating custom profiles, health monitors, Application Firewall policies and rules, syslog, and SNMP.
• Good knowledge on basic iRules scripting and debugging.
• Extensive knowledge and experience regarding F5 BIG-IP LTM VIP configuration and health check as well as hosting SSL certificates on F5 platforms.
• Worked extensively in configuring the IPSEC VPN for different CHI sites from the CHI HQ. Details include ACL's, Object NAT, setting up DMZ networks, HA firewalls.
• Worked on Python Scapy for providing automated security to the networks and analysing traffic.
• Building configurations for Juniper MX 2010 and MX 2020 routers with features like port security, VLANS, VTP, PVST+.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Executed changes on various Firewalls proxies and scripts over entire network infrastructure using Service
• Integrated Panaroma with Palo Alto firewalls, for managing multiple Palo Alto firewallswith single tool.
• Managed rules on Cisco checkpoint NGX firewall.
• Provided support for server, Network and Unified Communication services with ASCOM Handsets.
• Configuration of Juniper SRX series firewalls for outbound traffic via blue coat proxy server.
• Worked on Palo Alto PA-3000 Series to manage network traffic flows using dedicated processing and memory for networking, security, threat prevention and management.
• Part of the F5 team taking care of the regular business requirements, change controls and incident management.
• Working on the F5 LTM, GTM platforms, Experience on 2400 Viprion model, creating Guest's, upgrading.
• Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability.
• Handling of new F5 hardware, installing, licensing, configuring and upgrading when required, Teaming up with the app teams, setting of new application on the F5 as per their design and requirement.
• Created subnets (on these switches) from the given Class B and Class C addresses to support the VLANs.
• Responsible for developing and deploying, SolarWinds which includes WAN/LAN and server monitoring, reporting, and alerting and Configure Orion alerts.
• Monitored system logs and root's email for important messages such as errors and warnings or hardware failure errors.

Confidential, Long Island, NY

Senior Network Engineer

Responsibilities:

• Responsible for Check Point, Cisco ASA firewalls configuration and administration across global networks.
• Configured datacenter technologies like VPC, VDC on Nexus 7010 Core Switches, Configured Layer 2 & Layer 3 interfaces and port channels on Nexus 9508.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems. Mutual redistribution of OSPF and BGP routes using route maps. Troubleshoot connectivity issues involving VLAN's, OSPF, QoS etc.
• Implemented Quality of Service (QoS), Policy Maps ACI, SOAP, Class-maps and Policy Routing in the network infrastructure throughout all the different sites.
• Provide second/third level technical support for ACI(Application Centric Infrastructure), APIC technologies.
• Supported end user network cisco ACI infrastructure and troubleshoot several implementations of LTM and APM configuration.
• Plan, build, deploy, and maintain ACI data center lab utilized by internal parties.
• Used ACI SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment.
• Experience with partners on installation and configuration problems and issues related to SDN-NFE, DNAC.
• Recognized for performance excellence and contributions to success in network design projects. Strength in Cisco ISE and DNAC backed by extensive training in routing/switching.
• Created design and implementation of Cisco DNAC managed networks utilizing industry best practices and Cisco hardware, overseeing new and existing equipment as well as hardware and software upgrades.
• Implementing and troubleshooting firewall rules in Checkpoint R77.20 Gaia, Cisco ASA 5540, 5580.
• Worked with a successful Cisco Partner to migrate Palo Alto 5050 firewalls to Cisco Fire POWER 9300 firewalls with throughput up to 1.2Tbps crushing the current slow Palo Alto 5050s.
• Provided daily Palo Alto firewalls administration such as Threat prevention, URL filtering, IPSEC and SSL VPN's, zone-based integration, and analyzing syslog's, and utilizing wild fire feature in Panorama 7.1.
• Worked with Palo Alto firewalls PA 3050/5020/5050 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall.
• Focused on next-generation IDS/IPS and firewall capabilities and malware behavioural solutions to cover network and host-based threats.
• Developed and worked on QRadar monitoring platform, maintaining current QRadar installation and user interface.
• Implemented, analysed and recommended appropriate system for the out of band management monitoring. Utilizing QRadar for primary and disaster recovery site.
• Excellently used QRadar to research and monitor incident management and incident resolution issues.
• Implementing AWS Direct Connect and Azure Express Route back to enterprise networks with an infrastructure-as-code mentality
• Gathering and reporting within a federal enterprise environment.
• Monitor intrusion detection and prevention systems and other security event data sources.
• Correlate data from intrusion detection, prevention systems and SIEM tool ArcSight.
• Analyse indicators by tactics, techniques, and procedures TTP
• Provide intelligence and threat analysis and production support.
• Work with client for new migrations - Cloud, SD-WAN, SDN and traditional setup
• Analysing, collecting and leveraging indicators cyber threat intelligence activity using Intelligence Community.
• Design requirements utilizing SDN and NFV networking architectures and solutions.
• Worked extensively on Data Center Palo Alto firewalls and F5 BIG-IP LTM.
• Installation, configuration and maintenance of Palo Alto Firewalls, Cisco ASA firewalls, Configured and monitored Firewall logging, DMZ’s and related security policies.
• Worked on creating policies in the network through app-id’s and content-id’s for the internal hosts.
• Configured Intrusion Detection and Prevention on Juniper SRX firewalls.
• Administered Juniper SRX firewalls in the DMZ and FWSM in the Server Farm to provide security and controlled/restricted access.
• Upgrading code onPalo altofirewalls PA5050/3020 to meet company security policy.
• Firewall: Palo Alto PA version 5.0/6.0/7.0. Checkpoint R75/R76/R77. Cisco ASA Version 8/9.
• Worked with Palo Alto firewalls PA 3050/5020/5050 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall.
• Configured systems log on the Palo Alto firewall and moved the logs to Splunk. Policy Reviewing, Audit and cleanup of the un-used rule on the firewall using Splunk
• Written iRules for redirecting the traffic, configured Virtual Servers, Profiles, Policies and issued/created SSL server and client certificates
• Incident logging, change and problem management using Service Now tool.
• Worked on Migration of Cisco routers to new Amazon hardware in the core team
• Implementation and Configuration (Profiles, I Rules) of F5 Big-IP LTM-6400 load balancer. Installed high availability Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers.
• Provide integration and implementation of existing and new application infrastructure capabilities specifically related to Windows and the Citrix Remote hosted managed services.
• Citrix Implementation Engineer for all clinical remote hosted sites.
• Coordinate Citrix related implementation activities across various functional groups to help prioritize and schedule appropriate resources.
• Configured Citrix NetScaler ADC for load balancing and assigned virtual server IP (VIP) address to virtual servers.

Environment: Palo Alto 5020,3050,5050. Checkpoint, Cisco Nexus 7K/5K, Cisco 3560/5020/6509 , Check PointFirewallsR75, R77.20 Gaia, F5 BIG-IP LTM. Routing Protocols (EIGRP, RIP, OSPF, BGP), Cisco ASA 55XX, Citrix, F5.

Confidential, Wilmington, DE

Cloud Network Engineer

Responsibilities:

• Cisco 5520 ASA appliance, Wireless LAN upgrade project. Assisted infrastructure team with the installation of 60 Cisco 3700 series AP, around the building.
• Configured Security policies including NAT, PAT, VPN's and Access Control Lists.
• Configured VDC's on NEXUS 7K for creating multiple logical switches and HSRP and VLAN trunking 802.1Q, VLAN Routing on Catalyst 6500 switches.
• Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments in data center.
• Worked exclusively on designing Data Center as well as Edge side.
• Created comprehensive project plans, and coordination of team members, third-party contractors, and consultants
• Assisted with strategic plans and roadmaps for future Infrastructure initiatives; tracking project milestones and deliverables; identifying and mitigating issues; resolving conflicts with the project; and developing/presenting proposals, reports, and project plans to management.
• Interface daily with customers and NOC reporting production milestones and any issues. designing Public Cloud environments like AWS and Azure for large scale enterprise environments; experience with Microsoft's Cloud based services.
• Performed virtualization and deployed various VMs using VMware ESXI 6.5
• Working with software defined network solutions such as OpenFlow, OpenStack, Cisco SDWAN (Viptela), Cisco ACI, DDI Implementation (e.g. Infoblox), Cisco Meraki, VMware NSX, etc.
• Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with Cisco ISE.
• Configure Amazon Web Services (AWS) F5 ASM to protect block chain cloud applications.
• Planning and development of designs for Migrating to AWS cloud.
• Cloud technologies like Azure, AWS and network skillset is used to redesign the network.
• Analyze network traffic PCAP and Tcpdump with Wireshark.
• Hands on experience with Upgrading and troubleshooting Cisco / Juniper on the edge side.
• Configured Juniper EX series Layer2 and Layer3 and supervised equipment installation work
• Experienced in develop, deploy, monitor, and improve business processes that make use of these support systems.
• Performed NX-OS upgrades on all nexus platform, Experience in Configuring VDC, vPC (single sided and double sided) on N7K and N5K.
• Writing ACL's as per the request of customers on ASA/SRX firewalls.
• Worked on maintaining the system, code upgrades, reviews, configuration changes, and monitoring. Backup cycles and security reviews are performed on an ongoing basis
• Configured Citrix NetScaler responder policy and to maximize the performance and availability of all applications and data, and also provide secure remote access to any application from any device.
• Installed and configured Firewall in Internet Edge and Firepower Series using Cisco ASA.
• Firepower Series using Cisco ASA for additional vulnerability scanning.

Environment: Nexus 2k/5k/7k, Cisco 6500/7500/7200 Routers, Cisco 3550/4500/6500 switches, Juniper SRX100, LAN, WAN, OSPF, BGP, EIGRP, HSRP, VPN, Cisco ASA.

Confidential, Charlotte, NC

Network Security Engineer / Cloud Data Network Engineer

Responsibilities:

• Configuration and troubleshooting on HSRP, VRRP, GLBP, RSTP, and MST related issues coming in network environment.
• Plan, Design and assist in deploying network devices in Enterprise wide Network.
• Worked on different networking concepts and routing protocols like BGP, EIGRP, OSPF, DNS and other LAN/WAN technologies. NAT and PAT configuration and troubleshooting.
• Performed redistribution with OSPF, EIGRP, RIP version 1 and 2 to enable communication with backbone.
• Worked on migration, deployment, and break fix activities as and when required and worked on migration of LABS and Dev rooms and VLAN migration and installing new switches. Worked on Cisco 9k (9006) routers and its prefix lists.
• Worked on adding the switch management IP and static IP’s reservation in DHCP store and add a new scope on appropriate DHCP server (give the name, starting and ending ip's) and configuring for fail over and activating the scope and replicating them on to the redundant servers.
• Worked on MPLS for QoS, and to reduce traffic latency, jitter, down time and packet loss.
• Worked on Cisco ASA writing the ACL’s, Cisco IOS XS, and XR. ConfiguringCiscoASA and DeployingAnyConnectVPN client
• Hands on Experience with blocking of IP's on Checkpoint that are suspicious. Responsible for Checkpoint firewall management and operations across our global networks.
• Extensive Packet level debugging and troubleshooting on Checkpoint Firewalls to resolve numerous network issues.Analyzed the Policy rules, monitor logs and documented the Network/Traffic flow Diagram of the Checkpoint Firewallsplaced in the Data Center with MS Visio.
• Manage various Security platforms; Juniper, Cisco ASA, Next-Gen, Check Point, Microsoft Azure, AWS Cloud.
• Deploy and configure Cisco Meraki SDWAN at 30 sites globally.
• Experience with Versa SD WAN for remote site connectives over MPLS network, configuration of routing and application policies in SD-WAN.
• Supporting connectivity to MS-Azure, AWS, and other Outsourced Hosting services.
• Configured SDWAN router Viptela to connect remote sites over the Internet.
• Worked with Palo Alto FirewallsPA250, PA4050, PA3020 using Panorama servers, performing changes to monitor/block/allow the traffic on the Firewall.
• Managed VPN, IPSec, Endpoint-Security, status policy, Application control, IPS, Monitoring, Anti-Spam, Smart Provisioning, DLP using Checkpoint Firewalls.
• Installed, configured and set security policies on cisco and checkpoint firewalls, VPN.
• Worked on IPsec VPN tunneling, configuring the tunnel on both the end routers, Hub routers and event routers during Hackathon Events. Worked on infoblox to assign IP addresses to applications.
• Worked on DHCP store and DNS servers and worked on the DHCP lease times of the AP’s when we were swapping/upgrading the Aruba models and worked on WLANS and Aruba and cisco LAN controllers, provisioning the AP’s.
• The AP’s on the Wireless Controllers (WLC’s), Cisco Prime. Hard resetting the AP’s.
• Performing network monitoring, providing analysis using various tools like WireShark, Solarwinds etc.
• Firepower Series using Cisco ASA for additional vulnerability scanning.
• Licensing, Provisioning and installing of F5 devices, RMA of F5 and F5 software upgrade- version 11.5.1.
• Worked on F5 devices, health monitoring of servers and load balance solutions.
• Build, set up and configure VPX NetScaler's and XenApp 7.6/7.8 Provisioned Citrix farms.
• Administered and developed Citrix XPE and 5.0, 4.5 consisting of 10 Citrix farms, 1000 servers and 600 applications. Performed general application support, scripting and standardization on server builds and applications.

Environment: Palo Alto 5020, 5060, Infoblox, Checkpoint 41K and 61 K series, Routing Protocols (EIGRP, RIP, OSPF, BGP), Cisco 6513, 6504, 6503, 6506, 6500 series switches, Switching protocols (VTP, STP, GLBP),Citix,F5.

Confidential

Technical Support Engineer

Responsibilities:

• Provide support to internal users and external clients on various hardware and software issues.
• Installed and configured DNS, DHCP Client/Server.
• Troubleshoot traffic passing managed firewalls via logs and packet captures.
• Performed switching technology administration including VLANs, inter-VLAN routing, Trucking, STP, RSTP, port aggregation & link negotiation.
• Designed ACLs, VLANs, troubleshooting IP addressing issues and taking backup of the configurations on switches and routers.
• Troubleshoot with the customer and with the vender for L3 MPLS and BGP related cases.
• Configured Cisco Routers for OSPF, IGRP, RIPv2, EIGRP, Static and default route.
• Responsible for Configuring SITE TO SITE VPN on VPN Concentrators series between Head office and Branch office.
• Performed maintenance and troubleshooting of connectivity problems using PING, and trace route.
• Configured Access List (Standard, Extended, and Named) to allow users all over the company to access different applications and blocking others.
• Provided technical support on hardware and software related issues to remote production sites.
• Support 24x7 operations and answer calls from the customers on network emergencies and resolve issues.
• Implemented TACACS+ for administering user accounts.
• Installation & configuration of Cisco VPN tunnel with Cisco VPN hardware & software client and PIX firewall.
• Configured Firewall logging, DMZs & related security policies & monitoring.
• Hands on Experience working with security issue like applying ACL's, configuring NAT and VPN
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security.
• Planning and configuring the entire IP addressing plan for the clients' network.
• Worked on Extensively on Cisco Firewalls, Cisco ASA 5500(5510/5540) Series.
• Installed and configured Cisco ASA 5500 series firewall and configured remote access IPSEC VPN on Cisco ASA5500 series.
• Assist the certification team and perform configuration of LAN\WAN technologies such as Ethernet, Fast Ethernet and Gigabit Ethernet.
• Projects on Network design, Installation, troubleshooting and suggesting them.
• Worked on physical and virtual networks to provide functionality on additional layers on VMware NSX.
• Monitoring servers like domain controllers, exchange servers and connectivity.
• Managed network connectivity and network SSL Security, between Head offices and Branch office
• Troubleshooting problems pertaining to Performance Tuning, Network Administration and Application Conflicts.

Environment: Router series (2800, 3800, 7200) and switch series (3750, 3550, 4509E, 6509E) Routing Protocols (EIGRP, OSPF, BGP), Switching protocols (VTP, STP)., Cisco ASA 5500(5510/5540) Series.