SUMMARY

• Network Engineer with Over 8 years of experience in testing, troubleshooting, implementing, optimizing and maintaining enterprise data network and service provider systems.
• Strong hands on experience on Cisco Catalyst (3550, 3750, 6500) series switches, Cisco (2500, 2600, 2800, 3600, 3800, 7200) series Routers, ASA Firewall (5505/5510), Load Balancers using Cisco ACE, F5 LTM/GTM, Security Device Manager (SDM), Cisco Works, HP Open View, Solar Winds, Sniffer, Palo Alto Networks Firewall models (PA - 2k, PA-3K and PA-5K).
• Experience in Cisco: Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay & MPLS), Routing protocol configurations (RIP, EIGRP, OSPF, BGP)
• Proficiency in the configuration of VLAN setup on various CISCO Routers and Switches.
• Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution, and Core layers.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP, and MST.
• Access control server configuration for RADIUS & TACAS+.
• Working configuration of new VLANs and extension of existing VLANs on/to the necessary equipment to have connectivity between two different data centers.
• Implementation, working analysis, troubleshooting and documentation of LAN, WAN& WLAN architecture with excellent work experience on IP series.
• Experienced working on network monitoring and analysis tools like SOLAR WINDS, CISCO works and RIVER BED and Wireshark. Extensive experience in configuring and troubleshooting of protocols RIP v1/v2, EIGRP, OSPF, BGP, and MPLS.
• Designing, developing, testing, and maintaining Tableau reports and dashboards based on user requirements. Used Tableau Desktop to analyse and obtain insights into large data sets.
• Well experienced in configuring First Hop redundancy protocols like HSRP, GLBP, and VRRP.
• Excellent communication skills, enthusiastic, motivated and a team player.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS, switching (VLANS, VTP Domains, STP, and trunking).
• Implementation and maintained Sourcefire intrusion detection/ prevention (IDS/IPS) system to protect enterprise network and sensitive corporate data. For Fine-tuning of TCP and UDP enabled IDS/IPS signatures in Firewall
• Worked on configuring the Nexus 5K Aggregation Switch and Nexus 2K Fabric Extenders.
• Implemented VDC, VPC, and OTV on the Nexus 5K and 7K switches.
• In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
• Experience with Linux Command Line Interfaces For logging into access points, etc.
• Experience in installing and configuring DNS and DHCP server.
• Experience in CheckPoint IP Appliances R65, R70, R75, R77 &Cisco ASA Firewalls.
• Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1
• Provide L3 support for checkpoint and Palo Alto firewalls.
• Involved in the integration of F5 Big-IP load balancers with CheckPoint firewalls for firewall load balancing and was responsible was troubleshooting and maintenance.
• Provided administration and support on Bluecoat Proxy for content filtering and internet access between site and VPN client users.
• Deployment and Management of Bluecoat proxies in the forward proxy scenario as well as for security in reverse proxy scenario.
• Proficient in using Solar Winds Network Management tools like Network Performance Monitor (NPM), Netflow Traffic Analyzer, Network Configuration Manager (NCM) and Cisco Prime.
• Provide 24/7 support.

TECHNICAL SKILLS

Router platforms: Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900, 6807 series), Nexus 7K, 5K, 2K & 1K.

Switch platforms: Cisco 2900XL, 2950, 2960, 3560, 3750, 4500 and 6500, Nexus (2K, 5K, 7K and 9K)

Juniper Platforms: SRX, MX, EX Series Routers and Switches

Networking Concepts: Access-lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi

Firewall: Juniper Netscreen 6500, 6000, 5400, Juniper SSG, SRX5600, SRX5800, CheckPoint (NGX, R65, R70 and R71), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks (PA-2K, PA-3K and PA-5K).

Network Management/Monitoring: Solar winds, HP NNMi 8xi (Network Node Manager), Net flow and Cisco prime, Ethereal / Wireshark, TCP Dump.

Load Balancers: F-5 BIG-IP LTM 2000, 3900, 5000, 6400, 6800 AND 8900, Bluecoatt SG8100, AV 510.

WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q

Security Protocols: IKE, IPsec, SSL, AAA, Access-lists, prefix-lists, SSL-VPN

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6

Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix

PROFESSIONAL EXPERIENCE

Confidential, Littleton, CO

Sr. Network Engineer

Responsibilities:

• Deployed and maintained security/network devices and data centers for Service provider network.
• Involved in the configuration & troubleshooting routing protocols like MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, and MPLS.
• Experience with Installing and troubleshooting Data center migration with 24/7 support.
• Expert in configuring Cisco Routers, Catalyst Switches, Nexus Switches.
• Upgraded Cisco 6500, 3750, 2960s, Nexus 5000, Nexus 2000 and Nexus 7000 switch software.
• Worked extensively with ASR 9K( ), Nexus 7000, 5000, 2000, Cisco 6500 series multilayer switches, Cisco 2960s series switches and Cisco 3560/3750s switches.
• Creating object, groups, updating access-lists on Check Point Firewall, apply static, hide NAT using smart dashboard.
• Monitor performance of network appliances and WAN utilizing using network analyzer like Wireshark.
• Working on Wireless networks across multiple sites locations worldwide with multiple ISP to resolve issues with clients.
• Experience with the connectivity of Cisco Networking Equipment with F5 Load Balancer.
• Implemented Zone-Based Firewalling and Security Rules on the Palo Alto Firewall.
• Configuration and providing management support for Palo Alto and Checkpoint Firewalls (R75, R76 and R77).
• Configuration, Troubleshooting, and Maintenance of Palo Alto Firewalls (36+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Successfully configured and maintained Site to Site IPSEC and SSL VPN's on Palo Alto firewalls.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Helped installed F5 VIPRION load balancers for one of our new data centers.
• Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN Controllers, Catalyst Switches, and Cisco ASA Firewalls.
• Created and maintained database objects, complex Stored Procedures, Triggers, Cursors, and Tables, Views and SQL joins and other statements for various applications.
• Transformed data from one server to other servers using SQL Server Integration Services (SSIS).
• Design and implement Wireless Intrusion Prevention Systems (WIPS) to enforce security policies
• Installing Cisco Wireless Controllers and Wireless Access Points.
• Install and upgrade Cisco Wireless LAN equipment including but not limited to: 1100, 1200, 1300 and 3500 series Access Points; 4400 and 5500 series Wireless LAN controllers; 6500 & 3750 Core switch routers; 2960, 3560 & 3750 series switches.
• Monitor and troubleshoot BGP, EIGRP, TI circuits, and cellular backup circuits via ICMP and SNMP ticketing systems.
• Working on Cisco 6509 and 4507 series switches for LAN requirements that include managing VLANs, Port Security and troubleshooting LAN issues.
• Implementation of various protocols like RIP, OSPF, BGP and STP.
• Blacklisting and Whitelisting of web URL on Blue Coat Proxy servers.
• Worked on design, configuring and managing of Blue Coat Proxy Servers.
• Deploying Cisco ASA and Bluecoat ProxySG (Web Security Appliance) S170 for URL Filtering Policies.
• Worked on Blue Coat Proxy SG to safeguard web applications (Blacklisting and Whitelisting of web URL) in extremely untrusted environments such as guest Wi-Fi zones.
• Adding agents (IDS/IPS) at Host and Network level to Sentinel.
• Working on Enterprise AV Solutions, IDS\IPS, Firewalls, and SIEM (IBM QRadar\HP ArcSight) tools.
• Expertise in networking technologies like LAN, MAN, WAN and peripheral devices.
• Develop Engineering Documentations to record F5 environment and change processes LTM/GTM/iRules.

Environment: Juniper routers and switches, Cisco routers 7200; Cisco Catalyst switches 6500, 4500, 2950; Cisco PIX Firewalls 535, 525 Routing Protocols OSPF, BGP; STP, VTP, VLAN; VPN, MPLS, HSRP, GLBP, Big-IP F5 Load Balancer, Cisco Works; MS Visio, Checkpoint, Cisco ASA and Palo Alto firewalls, Blue Coat Proxy.

Confidential, Lake Forest, IL

Sr Network Engineer

Responsibilities:

• Security infrastructure engineering experience as well as a Microsoft Windows, UNIX, Juniper firewalls, Palo Alto firewalls, Bluecoat Proxies, Juniper Intrusion Prevention devices, and wireless switch security management.
• Administering and evaluating firewall access control requests to ensure that these requests are compliant with client's security standards and policies.
• Configuration and support of Juniper NetScreen firewalls and Palo Alto firewalls.
• Successfully installed Palo Alto PA-3060 firewall then configured and troubleshot using CLI and worked with Panorama management tool to manage all Palo Alto firewall and network from central location.
• Created users, manage user permissions, maintain User & File system quota on Linux servers.
• Configured volume groups and logical volumes, extended logical volumes for file system growth needs using Logical Volume Manager (LVM) commands.
• Implemented Zone-Based Firewalling and Security Rules on the Palo Alto Firewall.
• Administer Palo Alto Firewalls to allow and deny specific traffic and to monitor user usage for malicious activity and future QoS.
• Configuring rules and Maintaining Palo Alto Firewalls& Analysis of firewall logs.
• Maintaining Checkpoint security policies including NAT, VPN, and Secure Remote access, Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
• Configuring Juniper NetScreen Firewall Policies between secure zones using Network Security Manager (NSM).
• Configuration of Palo Alto Next-Generation Firewall mainly creating security profiles and VSYS according to client topology.
• Configuration and installation of Palo Alto Networks 5050 application firewalls (NGFW).
• Expertise in Palo Alto design and installation for Application, URL filtering, Threat Prevention and Data Filtering.
• Maintained and updated Active Directory for authentication purposes.
• Configuration and troubleshooting F5 LTM, GTM series like 6600, 6800 for different applications and monitoring the availability.
• Deployment of data center LAN using Nexus 7k, 5k, 2k switches.
• I was involved in migration projects, which involves replacing legacy devices to new Nexus devices and introduced VPCs in the new architecture.
• Worked on Nexus platform 7k series, 5K series (5548, 5020 and 5010), 2248 and successfully implemented VSS on the Cisco catalyst switches.
• Used FireEye to detect attacks through common attack vectors such as emails and webs.
• Gained experience on working with migration to Check Point and Palo Alto next-generation firewalls.
• Managed successful delivery of massive security response portfolio including Splunk and Cisco ISE.
• Implemented and administered Websense Web Security Gateway for web content filtering and DLP.
• Improved network and system security through setup and ongoing maintenance of Riverbed IPS and FireEye.
• Firewall deployment, rules migrations, firewall administration and converting existing rule-based onto new Checkpoint and Palo Alto Next-Generation Firewall platforms.
• Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification, and administration.

Environment: Juniper SRX5400, SRX5600, and SRX5800 and Palo Alto PA-3060 & 5050 Firewalls, Bluecoat Proxies, Juniper IPD, Juniper NSM, Panorama, F5 LTM, GTM 6600, 6800, Nexus (2K, 5K, 7K and 9K), Splunk, Cisco ISE, Websense, Solar Winds NPM.

Confidential, Fort Worth TX

Sr Network Engineer

Responsibilities:

• Day-to-Day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
• Managing and administering Juniper SRX and Checkpoint Firewalls at various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
• Worked with site-to-site large scale network deployment and troubleshooting issues with all the site involved.
• Implementing Security Solutions in Juniper SRX and NetScreen SSG firewalls by using NSM.
• Juniper Firewall Policy management using NSM and Screen OS CLI.
• Daily technical hands-on experience in the configuration, troubleshooting of Juniper SRX firewalls as well as experience working directly with the customer in a service/support environment.
• Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
• Install, configure, manage and troubleshoot Cisco SourceFire IPS appliances and defense Center.
• Creating and provisioning Juniper SRX firewall policies.
• Worked with JUNOS OS on Juniper Routers and Switches.
• Experience on ASA firewall upgrades to 9.x.
• WebsenseWeb Security Gateway Installation, Upgrade & Configuration 8.4
• Configured Panorama web-based management for multiple firewalls.
• Worked on configuration, maintenance and administration of Palo Alto PA3000 Firewalls and migrating customers from Cisco ASA to Palo Alto in HA network.
• Configuring rules and Maintaining Palo Alto Firewalls& Analysis of firewall logs using various tools.
• Understand the flow of traffic through the Check Point Security gateway cluster and troubleshoot connectivity issues using advanced troubleshooting from Command Line Utilities.
• Install and configure Bluecoat Proxy SG in the network for web traffic management and policy configuration.
• Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and providedL3support for routers/switches/firewalls.
• Configuring and deploying Cisco ASA 5505; Cisco 594/294; I500 web sense manager at customer locations with minimum downtime possible.
• Active/Standby and Active/Active HA configuration on Cisco ASA Firewalls.
• Configuring rules and maintaining Palo Alto firewalls and analysis of firewall logs using various tools.
• Work with Software Distribution teams to develop and execute Custom Prop for Endpoint systems
• Manage and monitor security rules and policies for Endpoint Protection
• Understand different types of NAT on Cisco ASA firewalls and apply them.
• Firewall policy provisioning on Fortinet FortiGate appliances using FortiManager.
• Support Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
• Support the One to Oneproxymigration project from legacy, end of life and proxiestoBlueCoatProxySG units.
• Configuration, operation and troubleshooting of BGP, OSPF, EIGRP, RIP, VPN routing protocol in Cisco Routers &L3Switches.
• Configured MPLSL3and L2 VPNs for customers.
• FWSM configurations in single/multiple context with routed and transparent modes.

Environment: Juniper routers and switches, Cisco routers 7200; Cisco Catalyst switches 6500, 4500, 2950; Big-IP F5 Load Balancer, Cisco Works; MS Visio, Checkpoint, Cisco ASA and Palo Alto firewalls, Blue Coat Proxy, Cisco PIX Firewalls 535, 525 Routing Protocols OSPF, BGP, STP, VTP, VLAN, VPN, MPLS, HSRP, GLBP.

Confidential

Network Engineer

Responsibilities:

• Configuring/Troubleshoot issues with the following types of routers Cisco (7200, 6500, 4500, 1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP, as well as assisting with customer LAN /WAN
• Configured and troubleshoot Juniper Ex 4500 and series switches and Juniper ACX series routers.
• Involved in the deployment of Content Delivery Networks (CDN).
• Experience with SQL for extracting the data from SQL database, related to network issues.
• Experience working with Network-attached storage (NAS) to provide Local Area Network (LAN) nodes with file-based shared storage through a standard Ethernet connection.
• Configuring HSRP between VLANs, Configuring Ether-Channels and Port Channel on Cisco6500 catalyst switches.
• Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
• Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPsec/GRE to GET VPN.
• Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IPsec VPN tunnels.
• Worked on the migration of existing PIX firewall to ASA firewall and with converting PIX rules over to the Cisco ASA solution.
• Worked extensively on Cisco ASA 10/5540) Series.
• Involved in Configuration of Access lists (ACL) on ASA firewall for the proper network routing for the B2B network connectivity.
• Experienced in securing configurations of SSL/VPN connections, troubleshooting Cisco ASA firewalls and related network security measures.
• Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation.
• Experience working with Active Directory (as a centralized system) to automate network security management and user data.
• Worked with Aruba Access point as a Public Wi-Fi and successfully implemented Wireless Access Point (WAP).
• Experienced in working with Session Initiation Protocol (SIP) trunking for voice over IP (VoIP) to facilitate the connection of a Private Branch Exchange (PBX) to the Internet.

Environment: Cisco Catalyst 2960/3750/4500/6500 Series Switches, Linux, Cisco 2800/2900/3000 Series ISR's and Cisco 3640/ 0/3845/3600/2800 routers, SQL, Cisco ASA 5500, Juniper Ex switches, Active Directory, Juniper ACX series routers, Windows Server 2003/2008, ACL, SIP, RIP, OSPF, MPLS, BGP, EIGRP, Wi-Fi, LAN, MacAfee, WAN, WAP, IDS, IPS, Aruba WLAN, VPN, HSRP.