SUMMARY

• Over all 8+ years of professional experience and having Certifications Cisco CCNA, CCNP in Network & security engineering, performing network analysis, design, implementation, capacity planning with a focus on performance tuning and support of large Networks.
• Strong knowledge in cisco routing, switching and security with cisco hardware /software experience.
• Experience with the escalation problems for Routing, Switching and WAN connectivity issues using ticketing systems like remedy and Magic.
• Worked on Cisco 7200, 3800, 3600, 2800, 2600, 1800 series Routers and Cisco 2900, 3500, 4500, 5500, series switches. Advanced knowledge in design, installation and configuration of Juniper Net Screen Firewall, SSG series and NSM Administration.
• Strong hands on experience in installing, configuring and troubleshooting of Cisco 7600, 7200, 3900, 3600, 2900, 2600, 2500 and 1800 series routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
• Expertise in installing, configuring, and troubleshooting of Cisco Routers (3800, 3600, 2800, 2600, 1800, 1700, 800).
• Protocols working experience/Awareness: OSPF, EIGRP, RIP, BGP, HSRP, ACL, VTP, NAT/PAT, CDP, SSH, HTTP, HTTPS, NTP, SNMP, ARP, STP (802.1D), SNMP, DNS & DHCP.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP - BGP, OSPF, LDP, EIGRP, RIP, MPLS and BGP v4.
• Advanced knowledge of OSI model, TCP/IP, Internet technologies, system security, firewall infrastructure, network architecture and Cisco network routing / switching (Layer 2 and 3) experience, including LAN and WAN, design and implementation which includes Layer 1 to Layer 7 experience.
• Experience with SDN controllers, including Open Daylight
• Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs.
• Strong experience in Network security using ASA Firewall, Checkpoint, Palo Alto, Cisco IDS/IPS and IPSEC/ SSL VPN, F5 Load Balancer.
• Proficiency in configuration of VLAN setup on various Cisco Routers and Switches.
• Extensive Knowledge on the implementation of Cisco ASA firewalls.
• Experience of Intrusion Detection, DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels, MPLS/ VPN, SSL/VPN.
• Work as Layer 3 IP Network Engineer on ASR9k Edge router with IOS-XE Platform in a network lab environment.
• Worked on Load Balancer F5 LTM, GTM series like 6400, 6800, and 8800.
• Good Understanding of ASR and CRS routers and the configuration of MPLS, VRF's and BGP.
• Extensive knowledge of deploying and troubleshooting L2/L3, TCP/IP, Multilayer Switches.
• Architecture, design, install, configure VMware ESX, ESXi, within VI3, vSphere 4 and vSphere 5 environments with Virtual Center management, Lab Manager, vCloud Director.
• Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point R65, R70 & R77, Palo Alto and Cisco ASA.
• Experience working with Juniper EX, MX, QFX, PTX and SRX series.
• Experience working with SDN controllers (old, HP controller), orchestration
• Sound knowledge of virtual firewalls like checkpoint VSX, IDS, IPS, encryption techniques including virtual systems.
• Experience in migration with both Checkpoint and Cisco ASA VPN.
• Experience in installing, configuring and troubleshooting of Checkpoint and Palo Alto Firewall.
• Configure all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale Firewall deployments.
• Worked extensively on Palo Alto, Juniper Net screen and SRX Firewalls.
• Utilized Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), forensics, sniffers and malware analysis tool.
• Advanced Technical support for the Symantec Management Platform.
• Experience administering, configuring and supporting McAfee EPO.
• Experience on IPS and/or DLP, Administration of McAfee anti-virus.
• Worked on VxLAN and/or Application Centric Infrastructure (ACI). worked on leading research and engineering team on rapid prototyping next generation cloud computing and software defined networking (SDN) products and services.
• Experience on Web Filtering solutions from Blue Coat.
• Scripted import/export tasks using REST APIs in Perl and Python
• L2 knowledge of Spanning Tree and related technologies
• Installed and configured the Linux servers in the network per specifications of clients.
• Maintained existing programs/scripts and extended Linux system functionality as needed.
• Proficient in using Solar Winds Network Management tools like Network Performance Monitor (NPM), Net flow Traffic Analyzer, Network Configuration Manager (NCM) and Cisco Prime.
• In-depth knowledge on routing policies Network architecture, IP sub netting VLSM, TCP/IP, Nat, DHCP, DNS.
• Experience on dealing with VoIP information deployment including troubleshooting protocols like Session Initiation Protocol (SIP)
• Experience in designing and deploying enterprise-wide network security and high availability solutions for ASA.
• Implementing security policies using cryptography, ACL, ASDM, IPsec, VPN and AAA Security on different series of routers.
• Experience installation and maintenance of various Aruba products and extending support to Enterprise customers and partners worldwide.
• Experience working on Aruba wireless controllers.
• Experience with SDN protocols, including Open Flow, NETCONF, or PCEP
• Installed and configured all the Linux servers in the network per specifications of clients
• Maintained existing programs/scripts and extended Linux system functionality as needed
• Mesh networks, etc.
• Moderate knowledge in configuring and troubleshooting Cisco Wireless networks; LWAPP, WLC, WCS, stand-alone apps, roaming, wireless security basis, IEEE … RF spectrum characteristics.
• Experience working with Cisco Nexus 2148 fabric extender and Nexus 5000 series to provide a flexible access solution for data center access architecture and involved in installing, configuring, and troubleshooting Juniper Ex switches (EX2200, EX2500).
• Designing 802.11n wireless networks for diverse scenarios: considering architecture, range, performance and RF issues.
• Palo Alto Firewall Management-Panorama

TECHNICAL SKILLS

Routers: Cisco 7600, 7200, 3800, 3600, 2900, 2800, 2600, ASR 1K, ASR9K, Juniper MX 480, MX 960 Routing Protocols OSPF, EIGRP, BGP, RIP v1/v2, MPLS PBR, Route Filtering, Redistribution, Summarization, and Static Routing

Switches: Nexus 2K/5K/7K, Cisco Catalyst 6500, 4500, … 3750, 2960, Juniper JunOS

Switching Protocols: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Ether channels, Transparent Bridging

Multicast Protocols: IGMP, IGMP version 2 and 3, CGMP, PIM-Sparse and Dense Mode. DHCP, FTP, TFTP LAN technologies Ethernet, Fast & Gigabit Ethernet, VLANS, VTP, STP, RSTP, 802.1W, Cisco Prime WAN technologies Leased lines 128k - 155Mb (PPP / HDLC), Channelized links … Fiber Optic Circuits, Frame Relay, ISDN and ATM

Load Balancer: F5 Networks (Big-IP) LTM 8900 and 6400

Network security: Cisco ASA … ACL, IPSEC, F5 Load Balancer, Checkpoint, Palo Alto, IPSec VPN, GRE VPN

Network Management: SolarWinds, Proteus, Xilinx 9.21, HP Open-view, Wireshark, Spirent, SNMP

Operating systems: Windows XP/ 7/ 8, Windows Server 2003/ 2008, Mac OS X and Linux Language skills C, C++, Python, Bash, SQL

Various Features & Services: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP, FTP Applications MS (Office, Word, Outlook, Excel, PowerPoint, Visio), VMware, Adobe Photoshop and Illustrator VOIP Devices & Wireless Technologies

Cisco: IP phones, Avaya, Cisco IP phones, QOS, Avaya, CUCM, UCCX, CIPC and UCS.

Wireless: LWAPP, WLC, WCS, Standalone APs, Client Roaming, Wireless Security Basics, AP groups, WLANS, Cisco Prime Site Maps.

PROFESSIONAL EXPERIENCE

Sr. Network Engineer

Confidential, St. Louis, MO

Responsibilities:

• Involved in configuring and implementing of composite Network models consists of Cisco ASR 1K, 7600, 7200, 3800 series routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Designing and implementing LAN/WAN solutions across locations.
• Configured OSPF redistribution and authentication with type 3 LSA filtering to prevent LSA flooding.
• Configured OSPF over frame relay networks for NBMA and point to multipoint strategies.
• Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path.
• Managing location specific Cisco ASA Firewalls and also data center internet gateway firewalls.
• Firewall policy administration and support on PIX Firewalls as well as Cisco ASA Firewalls.
• Responsible for setting up the infrastructure environment with majority of Cisco & Palo Alto appliances.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Handling new application load balancing requirements through F5 LTM devices.
• Configured NAT and SNAT in F5 12.0 LTM. Managed virtual servers in F5 12.0 LTM.
• Maintain BIG IP F5 configuration for modules LTM, ASM, APM and future GTM.
• Upgrading and deployment of Nexus 7k, 5k and 2k
• Configured VPC, FEX and VDC's on Nexus 5K, 7K.
• Created ACI EPGs (End Point Groups) contract policies, VRFs and bridge domains for tenants
• Experience with Cisco ASR's, Catalyst 6500 series switches, 2800 series, and 3800 series. 2900 series and 3900 series routers.
• Coordinating with service providers like AT&T, Verizon etc. for all network outages /restoration/new implementations.
• Integrating new locations with existing MPLS Network and enabling standard corporate application access.
• Implementation of Site to Site VPN s with direct vendors and customers.
• Built site-to-site IPSec VPNs over Frame-relay & MPLS circuits on various models of Cisco routers to facilitate adding new business partners to new and existing infrastructures.
• Deployed a Cisco Identity Services Engine (ISE) solution (wired, wireless, and VPN users) for a commercial client with converged access switches and Cisco ASA firewalls.
• Responsible for Cisco ASA firewall administration across our global networks.
• To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Performed Network address translation on Cisco ASA 8.2,8.3 and 9.1 versions.
• Worked on Windows layered products including MS Exchange, DNS and Active Directory.
• Used Infoblox for documentation and tools updates.
• Configuration and maintain Active Directory, DNS, DHCP and Domain Controllers.
• Advanced knowledge, design, installation, configuration, maintenance and administration of Junos, Juniper SRX Firewall, Juniper EX and Juniper MX devices.
• Attending weekly CAB meetings and ensuring all changes were going through the change process.
• Capacity planning and providing recommendations for infra upgrades
• Infrastructure upgrades and new Infra deployments.
• Managing IT Security & Disaster recovery Management Deployment of Palo Alto Firewall into the network. Configured and wrote Access-list policies on protocol based services.
• Troubleshooting of protocol based policies on Palo Alto Firewalls and changing the policies as per the requirement and as per traffic flow.
• Responsible for all aspects of TCP/IP functionality across multiple Enterprise environments.
• Performed OSPF, BGP, DHCP profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Configure and deployed BIG-IP LTM 6900 for providing application reduancy and load balancing.
• Performed Network address translation on Cisco ASA 8.2,8.3 and 9.1 versions.
• Used DHCP to automatically assign reusable IP addresses to DHCP clients.

ENVIRONMENT: Cisco 6506/4948/4510 switches, Cisco 3660/3845/7609 Routers, Cisco ASA, Palo Alto, F5 Load Balancers, OSPF, BGP, MPLS, HSRP, Juniper MX 960, Nexus 2K, 5K, 7K.

Network Security Engineer

Confidential, Wilmington, DE

Responsibilities:

• Installation of Palo Alto (Application and URL filtering, Threat Prevention, Data Filtering).
• Successfully installed Palo Alto PA-3060 Firewalls to protect Data Center.
• Implemented Positive Enforcement Model with the help of Palo Alto Networks.
• Administration and L3 support of our Infoblox DDI deployment and F5 GTM's and configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, and HA) on F5 BIG IP appliances.
• Installed Solar Winds Network Performance Monitor with emphasis on traffic analysis and virtualization management.
• Handling of citrix farm creation, zone creation, citrix servers installation, and configuration and managing of citrix servers.
• Configuration of Cisco unified computing system (UCS) and using UCS manager performs operation. Such as device discovery, inventory, configure, monitoring, fault detection, auditing and statistics collection implemented Azure VM storage good understanding on Implementing images and disks Configure, monitor Azure VM networking resiliency
• Configuring and Troubleshooting the Juniper SRX100 and 110 series, Juniper Net Screen routers
• Deploying and decommission of VLANs on core ASR 9K, Nexus 9k, 7K, 5K and its downstream devices
• Implemented Azure Site Recovery and Azure Backup.
• Implemented virtual Linux server and Windows server using VMware and Xen when needed for testing.
• Configured and troubleshooting Cisco unified UC560 manager VoIP systems
• Created standard access lists to allow SNMP, NTP and logging servers.
• Configuring rules and maintaining Palo Alto Firewalls & Analysis of Firewall logs.
• Implemented Zone-Based Firewalling and Security Rules on the Palo Alto Firewall.
• Researched, designed and replaced aging Checkpoint Firewall architecture with new next generation Palo Alto appliances serving as Firewalls and URL and application inspection.
• Configured and maintained IPsec and SSL VPN's on Palo Alto Firewalls.
• Investigation and resolution of 3rd line network support incidents.
• Configuration, support and administration of Palo Alto and Checkpoint and to migrate all gateways and management servers to new hardware and software
• To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPsec/GRE to VPN.
• Experience on dealing with Cisco ISE Secure Network Server 3515 and other network security products.
• Monitor mitigate threats using Cisco Firepower IPS using custom correlation events and built-in tools
• Installed, tested and deployed monitoring solutions with Splunk services
• Implemented Zone-Based Firewalling and Security Rules on the Palo Alto Firewall.
• Configured and maintained IPsec and SSL VPN's on Palo Alto Firewalls.
• Maintained and managed assigned systems, Splunk related issues and administrators
• Web Filtering solutions from Bluecoat/Websence/Cisco etc.
• Worked on bluecoat web application firewall to improve application performance and to perform checks on HTTP, HTTPS, TCP, ICAP and ICMP in order to monitor web content servers.
• Experience in enterprise anti-virus/anti-spam/anti-malware solutions, including Symantec Endpoint Protection
• Implemented the Inter VDOM Routing through the Fort iGATE Firewalls and also the Router.
• Implemented the Policy Rules, DMZ and Multiple VDOM's for Multiple Clients of the State on the Fortigate Firewall
• Installation of ESX server and creation of VMs and install different guest OS
• Problem resolution of leveraged and dedicated SIEM Environment.
• Hands-on experience on Cisco switches 2960, 3750, 3560, Cisco routers 2821 ISR
• Experience analyzing both log and packet data to include the use to Wire Shark, tcpdump and other capture/ analysis tools
• Migration and implementation; new solutions with Palo Alto Next-Generation Firewall series PA-500, PA-3060, PA-5060, PA-7050, PA-7080.
• Responsible for planning, documenting and implementation of complex Firewall and VPN solutions
• Experience on working with Palo Alto Next Generation firewall with security, networking, and management features such as URL filtering, Anti-virus, IPsec VPN, SSL VPN, IPS, Log Management etc.

ENVIRONMENT: Cisco 2948/3560/4500/3560/3750/3550/3500/2960/6500 switches.Cisco 3640/12000/ 7200/3845/3600/2800 routers, PAL ALTO 2k,3k, checkpoint firewall, PA 3060 Cisco ASA remembering, RIP, OSPF, BGP, EIGRPMPLS, LAN, WAN, VPN, HSRP.

Network Engineer

Confidential, Waltham, MA

Responsibilities:

• Responsible for testing and documenting hosted VoIP/PBX. Programming of VoIP/SIP endpoints, Routers, switches, cabling, DHCP/ FTP/ TFTP servers and firewalls.
• Networks using routing protocols such as RIP, OSPF, BGP, EIGRP and manipulated routing updates using route-map, distribute list and administrative distance.
• Juniper Firewall Policy management using NSM and Screen OS CLI.
• Day-to-day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
• Managing and administering Juniper SRX and Checkpoint Firewalls at various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
• Troubleshooting the Juniper SRX100 and 110 series, Juniper Netscreen routers with Site-Site VPN, and firewalls for Confidential Retail sites.
• Train the Customer's design, implementation and support personnel to configure and operate the Juniper Networks products.
• Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments.
• Troubleshooting various network security related issues using Cisco SDM.
• Monitoring links using Solar Winds.
• Performed switching technology administration including VLANs, inter-VLAN routing, Trunking, port aggregation
• Hands on experienced in Telecom/ Datacom testing tools like Spirent
• Experience with Cisco ASR's, Catalyst 6500 series switches, 2800 series, and 3800 series. 2900 series and 3900 series routers.
• Configured VPC, FEX and VDC's on Nexus 5K, 7K.
• Coordinate with Server, Security, Application teams along with 3rd party vendors to provision and setup third party servers, network devices in Data Center environment.
• Worked on ASA 5510/5520 firewalls configuration and Implementation for the network.
• DNS Updates/Removals/New Adds via InfoBlox DNS Appliance.
• Used Infoblox for documentation and tools updates.
• Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Configuration of OSPFv3, BGPv6 on Juniper M and J Series Routers.
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path.
• Worked on documentation to create Visio diagrams using MS Visio.
• Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability.
• Worked on F5 and CSM load balancers deploying many load balancing techniques with multiple components for efficient performance.
• Worked on team that designed and implemented F5 BigIP Load Balancers for use with in-house web and database applications.
• Troubleshooting issues related to Layer 1/2/3 skills like switching / routing, WAN /Hardware and critical network links by coordinating with the vendor.
• Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
• Juniper Firewall Policy management using NSM and Screen OS CLI.
• In-depth expertise in the implementation, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Involved in Switching Technology Administration including creating and managing VLANS's, Port security, Trunking, STP, Inter-VLAN routing, LAN security etc. Deploying Layer 2 security in Server Farms by configuring switch for 802.1x port based authentication.
• Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).

ENVIRONMENT: Cisco 7600/7200/3800 routers, Cisco 2950/3500/5000/6500 switches, Cisco ASA Firewall 5510/5520, Juniper SRX100, OSPF, BGP, EIGRP, RIP, VLAN, LAN, WAN, VPN, F5 BIG-IP LTM 8900, Nexus 5K/7K, VOIP.

Network Engineer

Confidential

Responsibilities:

• Monitored, troubleshot, tested and resolved Frame Relay, ATM, MLPPP, PPP, and Dial-up.
• Configured/Troubleshot issues with the following types of routers Cisco (7200, 6500, 4500, 1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP, as well as assisting with customer LAN /MAN.
• Installed and configured various types of Personal Computers and Printers. Installed different operating systems on Intel based PC's.
• Implemented virtual Linux server and Windows server using VMWare and Xen when needed for testing
• Experience in troubleshooting SAN related issues and firmware up gradations of SANs in VMware and different environments
• Installed Operating System and configured kernel parameters for Linux /Unix servers.
• Installed Linux OS, and configured required network on the virtual machines.
• Configured VLAN'S, VTP's, and enabling trunks between switches.
• Assisted in network engineering efforts consistent with the infrastructure of an Internet Service Provider and support of such network services. Helped in designing and implementation of VLAN for the new users.
• Planed, coordinated, implemented and supported the LAN / WAN hardware, software and Internet /Intranet integration network connectivity, diagnose network failures and resolve any problems.
• Documented and Log analyzing the Cisco PIX series firewall.
• Excellent Troubleshooting Skills and Customer Centric approach.
• Configured OSPF on CISCO devices with multiple routing processes and redistributed them. Tested and hands on experience in multi area OSPF topologies.
• Configured, managed and troubleshot networks using routing protocols like RIP, EIGRP and OSPF (Single Area and Multi Area).
• Assisted with troubleshooting all network issues with routers and switches when necessary and consulted with on call tech as needed for client.

ENVIRONMENT: Cisco 2990/3550/6550 switches, Cisco 7200/3845/3600/2800 routers, EIGRP, RIP, OSPF, BGP, VPN, Ether Channels, and Sniffer, Data center.

Jr. Network Engineer

Confidential

Responsibilities:

• Managed network connectivity and network security, between Head offices and Branch office
• Worked on Cisco routers 7200, 3800, 2800 and Cisco switches 4900, 2900
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols OSPF, RIP & BGP
• Configured BGP for CE to PE route advertisement inside the lab environment
• Spearheaded meetings & discussions with team members regarding network optimization and regarding BGP issues
• Implemented the concept of Route Redistribution between different routing protocols
• Switching related tasks included implementing VLANS, VTP, STP and configuring on Fast Ethernet channel between switches
• Responsible for configuring GLBP between multilayered switch networks
• Installed and configured Cisco ASA 5500 series firewall and configured remote access IPSEC VPN on Cisco ASA 5500 series
• Responsible for Configuring SITE-TO SITE VPN on Cisco ASA 5500 series firewall between Head office and Branch office
• Hands on Experience working with security issue like applying ACL's, configuring NAT and VPN
• Documented and Log analyzed the Cisco ASA 5500 series firewall
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security
• Responsible for Validate existing infrastructure and recommend new network designs.
• Implementation of TCP/IP Networking & related services HCP/DNS/WINS
• Network Monitoring and Network Efficiency Analysis.
• Configure and maintain Site-to-site VPN and VPN concentrators solution for Remote users.

ENVIRONMENT: Cisco Routers 2900, 2600, 3600; Cisco Switches 1900, 2900, 3500, 3700 and 450 Series;