SUMMARY

• 9+ years of hands on experience in Network Engineering, Designing, Integrating, Deploying, Maintaining and Supporting broad range of Communication Systems.
• Strong hands on experience in Installing, Troubleshooting, Configuring of Cisco900x, ASR1k, 7200vxr, 3900, 3800, 2900, 2800 series routers and Cisco Catalyst 6500, 4500, 3850T, 3750, 2950 and 3500XL series Switches.
• Hands on experience working with Cisco Nexus 7K, 5K & 2K Switches. Configuration of VPC, VDC, Peer Gateway, HSRP and FEX on Nexus family.
• Hands on experience in Cisco IOS/IOS - XR/NX-OS, Juniper JUNOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, BGP v4, MPLS, NAT, VLAN, STP, VTP, HSRP & GLBP.
• Hands on experience working with Cisco CSR1000v. Experience in fiber channel infrastructure.
• Experience with capacity planning, Fiber Channel and mirroring, backup/archive and recovery solutions, high availability, storage consolidation/migration, performance and tuning.
• Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, BGP ability to interpret and resolve complex route table problems.
• Experience in working with Cisco Identity Services Engine (ISE) and ACS. Worked on Security groups, tags, AAA profiles on ISE.
• Cisco ASA Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series
• Extensive Knowledge on the implementation of Cisco ASA 5500 series and Checkpoint R 75 firewalls.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series. Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Worked on Next Gen Firewall features like URL filtering, SSL Forward Proxy, SSL Decryption, APP ID and ThreatID, Panorama in PA firewalls.
• Experience in F5 BIG IP and Cisco ACE Load balancers for load balancing and traffic management of business applications. Migration Experience from ACE to F5.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability. Experience with Virtual servers, Pools, Monitors, SNAT, proficient in iRule scripting, Persistence, Profiles, WideIP’s, Zones, Listener IP, Static and Dynamic Load balancing techniques on LTM and GTM.
• Configured F5 Viprion load balancers for MS Exchange, Skype for Business, Citrix ICA, Airwatch SEG as well as other business applications. Worked on LTM guest Operating Systems and created multiple Route Domains to separate the traffic between different tenants.
• Design and configuring of OSPF, BGP on Juniper Routers (MX960, MX480) and SRX Firewalls(SRX240, SRX550)
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
• Worked on the design, implementation, and support of IP telephony projects, such as Cisco Unified Communications Manager, Cisco Unified Messaging System, and Cisco Unified Contract Center Express.
• Implemented Cisco Unified Communications Manager Applications like CUPS, IPMA, Extension mobility and Attendant console as per customer requirement
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
• Regularly review the configuration and controls of Palo Alto Networks firewalls and Sourcefire Intrusion Detection System(IDS), further follow up to mitigate the risks.
• Experience with Layer 2 and Layer 3 protocols like, FRR CEF, MLS, Ether Channel VLAN, VTP, VMPS, ISL, dot1q, DTP, Spanning-tree, PVSTF, HSRP, VRRP and GLBP.
• Extensive knowledge in all Wi-Fi Standards including 802.11a,b,g,n,ac. Worked on installing of Cisco and Aruba Wireless Controllers. Worked on Cisco CWAP, LAWP, Aruba 225, 325, AP groups, SSID’s, Authentication rules, 802.1X for Wireless etc.

TECHNICAL SKILLS

Routers: Cisco 1800, 2600, 2800, 3700, 3800, 3900, 7200, 7600 series, ASR 9k, juniper ACX series routers.

Switches: Cisco Catalyst 3550, 3750, 4500, 6500 series & nexus 7k, 5k, 2k, 1000v, juniper Ex4200, Ex9208, ACX 1000

Load Balancer: Cisco CSS, F5 Networks (BIG-IP)

WAN Optimization: Cisco WAAS, PPP Multilink, Riverbed

Routing: OSPF, EIGRP, BGP, PBR, Route Filtering, Redistribution, Summarization, Static Routing

Switching: VLAN, VTP, STP, RPVST+, Inter VLAN routing & Multi-Layer Switching Layer 3 Switches, EtherChannels, Transparent Bridging

LAN: Fast Ethernet & Gigabit Ethernet.

WAN: Leased lines 64k - 155Mb (PPP / HDLC), Fiber Optic Circuits, Frame Relay, MPLS, DMVPN

Voice: Cisco call manager 8.x, 7.x

IP Telephony: VOIP, ISDN, PRI, Unified Call Manager

Wireless: Cisco 4400, 5500 Wireless Controller (WLC) and 3500, 3700 series Access Points

Firewalls: Cisco ASA, Juniper SRX, Palo Alto, Checkpoint FW’s

Features & Services: IOS and Features, HSRP, GLBP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, FTP and FTP Management

Network Monitor Tool: MRTG, Netbrain & Solarwinds & Cisco Prime Infrastructure

Protocol Analyzer: Wireshark, Netflow

Operating System: Windows ( XP, 7, 10), Cisco IOS/XR/XE, JunOS, Pan-OS, Linux

PROFESSIONAL EXPERIENCE

Confidential, Boston, MA

Senior Network Engineer

Responsibilities:

• Worked on 3750, 2960, 3850, CAT 9300 series switches in Access Layer. (Migration from, 2960, 9300 and Aruba 2980 switches). Expert in Stacking, IOS upgrades in Install and Bundle modes, Port configs, dot1x.
• Worked on 3750 Gig, 4500-X switches in Distribution layer. Worked on Cat 6509 and Nexus 7K in Core layers. Experience in VPC, VSS, OSPF in Distribution and Core routers. Worked on ASR 9K in Edge routers for connections from Campus to Data center through IPS (MWG sensors).
• Configured WCCP on Edge routers to point required traffic to IPS sensors.
• Worked on Nexus 2K, 3k, 5k, & 7k in Data center. Worked on OTV Layer 2 connection from one Data center to another. Worked on ASA and PA firewalls for VPN and perimeter security.
• Worked with Storage team, Virtualization team, Application team on configuring and provisioning ports on access/leaf switches. VPC configurations. Worked on VMware NSX for rules on ESX host level. Worked on projects that include ISILON, VMAX, VNX, VXRAIL, IPV6 multicast between data centers for VXRAIL.
• Implementation, configuration & troubleshooting the issues related to Virtual Servers, pools, nodes & SSL certificates, self IPs, iRule scripting for External monitors on F5 Load Balancer.
• Experience setting up physical VE F5 BIGIP Versions. Upgrading Hotfix and IOS. Workedon LTM, GTM (WideIP, Zones, Listener IP, Generic servers etc.), and APMmodules. IntegratingAPM with ADFS and Improvita for 2 Factor Auth.
• Experience with VCMP and Viprion series in F5.
• Experience with converting Cisco ACE load balancer to F5 LTM load Balancer in data center environment. Configured F5LTM for Bluecoat and MWG proxies.
• Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIG-IP appliances SSL termination and initiation, Persistence, Digital Certificates, executed various migration/upgrade projects across F5and hands-on with F5 BIG-IP LTMs. Worked on critical troubleshooting on F5 that requires in-depth knowledge of TCP, HTTP headers. Worked up to 12.1.2 version in BIGIP.
• Strong knowledge of networking concepts like TCP/IP, Routing and Switching and Firewalls. Worked onSev1tickets on OSPF, BGP, ASA and ASA and PA firewalls.
• Dealt with monitoring tools like (Solar Winds). Worked on NPM, NCM, IPAM in solarwinds. Worked on integrating IPAM with DHCP servers. Experience in configuring SNMP V2C and V3 on all kinds of network nodes, configuration of Alerts for nodes and Uplinks.
• Worked on Infoblox and windows DHCP and DNS servers. Configured Scopes in DHCP servers. Worked on windows and Infoblox for DNS host entries, pointer records, delegations to F5 GTM etc.
• Experience with applications like EPIC, GE PACS, Stanley healthcare HUGS, Xcellera, Citrix ICA proxy config on F5, VMware VDI, Exchange, Skype, TMG to F5 migration for Reverse Proxy Architecture on F5.
• Used service now for change controls, requests and incidents. Worked with other teams to open firewall ports, switch ports VLAN config, VIPS, wireless AP’s using tickets assigned to team/me.
• Worked on Configuration of Clearpass (RADIUS and TACACS), dot1x configuration on switches, Migration from Cisco ACS to Aruba Clearpass. Migration to Cisco ISE.
• Switching tasksinclude VTP, ISL/ 802.1q, IPsec and GRE Tunneling, VLANs, Ether Channel, Trunking, Port Security,STP, and RSTP. Configured HDLC, PPP, BGP, EIGRP, OSPF, & HSRP.
• Good knowledge of the technologies VPN, WLAN, and Multicast. Knowledge ofSpine LeafArchitecture. Knowledge ofVTEPS, VXLANS, IBGP routing,EPVN technologyand SDN related network protocols.
• Network security including NAT/PAT, ACL, and ASA/PIX Firewalls.Experience working on perimeter firewalls. Worked onPA 200/5000series of firewalls. Upgrading the code fromPanOS 7.1.X to 8.0.X.Experience working on Panorama M100. Migration from Cisco ASA to PA firewalls.
• Palo Altodesign and installation(Application and URL filtering, Threat Prevention, Data Filtering). Configured and maintained IPSEC and SSL VPN's onPalo AltoFirewalls.
• Experience withService now ticketing tools. Good with communicating with various teams and management forchange controls and maintenance windows.
• Experience in Cisco Unified Communication Manager (CUCM), VCS, Call Manager Express (CME), Cisco Unified Connection (CUC) and Voice Gateways.
• Experience Branch Relocation: Connect workstation, servers, etc. Rack and stack Pre-configured new hardware and connect the circuits. Work with Carrier to test and turn-up circuits. Involved in configuring IP Quality of service (QoS).
• Implementing end-to-end customized IPV4/IPV6Enterprise’s QoS-enable IP Network,IPsec or SSL VPN Network and Wi-Fi (Cisco and Aruba) Network.
• Designing, Configuring and troubleshooting QoS, SIP, H.323, RTP, SCCP, Session Border Controllers, Voice Gateways, Voice Circuits IP/TDM, Cisco Telepresence Infrastructure, QoS.
• Designed and implemented complex Network solutions using SDN,CI/CD solutions.

Environment: Router 2900, 3900; Cisco Catalyst Switch 3550, 2960. T1 Controllers, Juniper J series, Checkpoint R70 to R75.20, Cisco ASA, DS3 Lines (T3 Lines), Fiber and Ethernet cabling.

Confidential, Tarrytown NY

Senior Network Security Engineer

Responsibilities:

• Hands on experience in the configuration, troubleshooting of Juniper SRX firewalls as well as experience working directly with customer in a service/support environment.
• Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
• Deployment and Management of Bluecoat proxies in forward proxy scenario as well as for security in reverse proxy scenario.
• Demonstrated understanding of network security concepts and systems including F5, WSA, Palo Alto, ASA
• Worked on Blue Coat Proxy SG to safeguard web applications in extremely untrusted environments such as guest Wi-Fi zones.
• Performing URL filtering and content filtering by adding URL’s in Bluecoat Proxy SG’s.
• Managing & administering Cisco WSA.
• Day-to-Day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
• Active/Standby and Active/Active HA configuration on Cisco ASA and Palo Alto Firewalls.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
• Managing and administering Juniper SRX and Checkpoint Firewalls at various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
• Expert in Next Gen Firewall Techniques for traffic filtering such as URL Filtering, SSL decryption, Forward proxy, Security policies, Zones, NAT/PAT, ACL, policy-maps etc.
• Configured and deployed VPC, VSS, OTV, FABRIC PATH between Nexus 7010 and Nexus5596, 5548 switches along with FEX2248
• Performing network monitoring, providing analysis using various tools like Wireshark, Riverbed and Solar winds.
• Deep understanding of IDS/IPS such as Sourcefire and Foresight.
• Assisted with the transition from the current Cisco ASA FW platform to the Cisco Firepower FPR 4150 NGFW
• Implementing Security Solutions in Juniper SRX and Netscreen SSG firewalls by using NSM.
• Juniper Firewall Policy management using NSM and Screen OS CLI.
• Working on the network team to re-route BGP routes during maintenance and FW upgrades.
• Cisco ASA security appliances including Sourcefire, Fire POWER services and Fire Sight Management Console.
• Configure B2B VPN with various business partners and 3rd parties and troubleshoot VPN Phase 1 and Phase 2 connectivity issues including Crypto map, Encryption Domain, PSK etc.
• Implemented configuration back-ups using WinSCP, Cyberfusion to automate the back-up systems with the help of public and private keys.
• Follow information security policies, methods, standards, NIST standards, and practices to organize information systems, IT reference material, and interpret regulations.
• Monitor Intrusion Detection Systems (IDS) console for active alerts and determine priority of response.

Environment: Cisco ASA 5580/5540/5520 , Checkpoint R70, R75, R77.20 Gaia, Palo Alto PA-5000/3000, Big IP F5 LTM/GTM, Solarwinds, Nexus switches, TCP/IP, VPN, Cisco Sourcefire, Splunk, Bluecoat Proxy servers, IDS/IPS. SIEM and Monitoring.

Confidential, Hartford, CT

Senior Network Engineer

Responsibilities:

• Responsible for the implementation and maintenance of firewall based security zones (DMZ*s).
• Provide support to internal project teams by adding firewalls, switches and routers to managed DMZs.
• Configure the layer 2 and layer 3 on Cisco Nexus 7K, 5K, 6509, 9710, 5596 UP, 4500, 3850, 3950, ASR and 2960
• Worked with Checkpoint, Cisco ASA, and Palo Alto Networks solutions
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS.
• Implementing & Troubleshooting of T1, MUXES, CSU/DSU and data circuits.
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems,
• Have sound knowledge of Firewall architecture, routing and VPN.
• Have experience working on HP Open view Network Node Manager.
• Upgrade firewalls in accordance with change management & Document changes to firewalls.
• Monitor traffic and access logs in order to troubleshoot network access issues.
• Have experience with Cisco Works LAN Management Solution.
• Implemented Positive Enforcement Model with the help of Palo Alto Networks
• Experience in migration of Frame-relay based branches to MPLS based technology using multi-layer stackable switch like 6500 series and 2800 series router.
• Testing VPC, BGP, OSPF, EIGTP, RIP, SPAN, Sflow, VlanTrunking, SVI and power supplies on Nexus and ASR devices
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Hands on experience with Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them with various modules like Gig card, VPN SPA card, WIC card.
• Cisco IOS experience on 3600/7200 class hardware in complex WAN environment and experience on Cisco OS and IOS on CAT6500 in a complex data center environment.
• Involved in configuring IP Quality of service (QoS).
• Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system.
• Experience in designing, installing & configuring of Cisco PIX, ASA & FWSM (Firewall service module).
• Evaluate, Analyze & Implement firewall policies to meet business requirements
• Experience in creating and maintaining firewall configurations, updating documentation and log analysis.
• Worked extensively in configuring, monitoring and troubleshooting Cisco's ASR 5500
• Applying crypto maps and security keys for the branches, ISAKMP (Internet security association key management protocol) for establishing Security associations (SA) cryptographic keys.
• Experience in configuring routing protocols like EIGRP, RIP v2, OSPF & BGP and Cisco ACS protocols like RADIUS and TACACS.
• Experienced in WAN environments, installing and troubleshooting data circuit problems (MPLS, T1).
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment.
• Involved in designing and applying QOS and policy map to 2800 series routers for all the branches.
• Involved in designing GRE tunnels for encryption of data flow from source to destination.
• Implementing VoIP solutions using SIP & H.323, also have sound knowledge of Avaya VoIP products.
• Implemented and deployed VoIP using ASR 1k series SBC (Session Border Controller).
• Experience in configuring VLAN’s STP (Spanning tree Protocol) & RTSP (Rapid Spanning Tree Protocol).
• Experience with Project documentation tools & implementing and maintaining network monitoring systems (Cisco works & Netinfo, Infoman Virtual Change) and experience with developing network design documentation and presentations using VISIO.
• Understanding & Implementation of IPSEC & GRE tunnels in VPN technology.

Environment: Router 2800, 3800, 7200, 7600; Cisco Catalyst Switch 6500, 6509, 3550

Confidential

Senior Network Engineer

Responsibilities:

• Maintaining the Network Infrastructure, Installation, migration and configuration of routers and switches for clients.
• Provide alternative means from dial-up connection to bring down the damage or loss that occurs for the client.
• Configured Routing protocols such as OSPF and policy-based routing.
• Team member of Configuration ofCISCO7206 router and Configuration of Catalyst switches.
• Configuration 7609, 7606 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
• Create and testCisco router and switching operations using OSPF routing protocol.
• Configuration and troubleshooting link state protocols like OSPF in multiple areas.
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches.
• Optimized performance of the WANnetworkconsisting of CISCO 3550/4500/6500 switches by configuring VLANs.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
• Configured IP access filter policies.
• Providing Technical Support and solutions forNetwork Problems.
• Implementing NAT solutions on Cisco IOS routers.
• Upgrading IOS, troubleshootingnetworkoutages.
• Worked on Cisco Routers, Active /Passive Hubs, Switches.
• Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center including patching the cables in the Patch Panel. Design and implemented network infrastructure and configured all the network Infrastructure devices including Network Printers and Registers.

Environment: Cisco 3550/4500/6500 switches and Cisco 2500, 2600, 3000, 6500, 7500, 7200 routers, Checkpoint.