PROFESSIONAL SUMMARY:

• Results - driven professional offering a progressive 8+years of experience and a strong background in Network Engineering, Designing, Integrating, Deploying, Maintaining and Supporting broad range of technologies in Networking and Network Security.
• Strong hands on experience in Installing, Troubleshooting, Configuring of Cisco900x, ASR1k, 7200vxr, 3900, 3800, 2900, 2800 series routers and Cisco Catalyst 6500, 4500, 3850, 3750, 2960, Cat 9k series Switches.
• Hands on experience working with Cisco Nexus 9K, 7K, 5K & 2K Switches. Configuration of VPC, VDC, Peer Gateway, HSRP and FEX on Nexus family.
• Hands on experience in Cisco IOS/IOS-XR/NX-OS, Juniper JUNOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, BGP v4, MPLS, NAT, VLAN, STP, VTP, HSRP & GLBP.
• Hands on experience working with Cisco CSR1000v. Experience in fiber channel infrastructure.
• Experience with capacity planning, Fiber Channel and mirroring, backup/archive and recovery solutions, high availability, storage consolidation/migration, performance and tuning.
• Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, BGP ability to interpret and resolve complex route table problems.
• Design and configure various Azure Networking resources like Azure Virtual Network (VNET), IP addressing scheme, DDoS protection, Subnets, Address Spaces, BGP.
• Experience in working with Cisco Identity Services Engine (ISE) and ACS. Worked on Security groups, tags, AAA profiles on ISE.
• Cisco ASA Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series
• Extensive Knowledge on the implementation of Cisco ASA 5500 series and Checkpoint R 75 firewalls.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series. Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Worked on Next Gen Firewall features like URL filtering, SSL Forward Proxy, SSL Decryption, APP ID and ThreatID, Panorama in PA firewalls.
• Experience in F5 BIG IP and Cisco ACE Load balancers for load balancing and traffic management of business applications. Migration Experience from ACE to F5.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability. Experience with Virtual servers, Pools, Monitors, SNAT, proficient in iRule scripting, Persistence, Profiles, WideIP’s, Zones, Listener IP, Static and Dynamic Load balancing techniques on LTM and GTM.
• Configured F5 Viprion load balancers for MS Exchange, Skype for Business, Citrix ICA, Airwatch SEG as well as other business applications. Worked on LTM guest Operating Systems and created multiple Route Domains to separate the traffic between different tenants.
• Design and configuring of OSPF, BGP on Juniper Routers (MX960, MX480) and SRX Firewalls(SRX240, SRX550)
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
• Worked on the design, implementation, and support of IP telephony projects, such as Cisco Unified Communications Manager, Cisco Unified Messaging System, and Cisco Unified Contract Center Express.
• Design/Installation of Cisco Source Fire and Fire Power Management Center for large service provider on ASA and 9300s
• Solid experience configuring and supporting CheckPoint and Fortinet Firewall.
• Configuration and maintenance of Fortinet Firewalls and switches
• Experience working with cloud network infrastructure with any cloud provider such as AWS and Microsoft Azure.
• Implemented Cisco Unified Communications Manager Applications like CUPS, IPMA, Extension mobility and Attendant console as per customer requirement
• Involved in Networking Designing, Routing, DNS, IP Subnetting, TCP/IP protocol.
• Troubleshoot TCP/IP issues as necessary using for monitor, tcpdump, wireshark.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
• Regularly review the configuration and controls of Palo Alto Networks firewalls and Sourcefire Intrusion Detection System(IDS), further follow up to mitigate the risks.
• Experience with Layer 2 and Layer 3 protocols like, FRR CEF, MLS, Ether Channel VLAN, VTP, VMPS, ISL, dot1q, DTP, Spanning-tree, PVSTF, HSRP, VRRP and GLBP.
• Extensive knowledge in all Wi-Fi Standards including 802.11a,b,g,n,ac. Worked on installing of Cisco and Aruba Wireless Controllers. Worked on Cisco CWAP, LAWP, Aruba 225, 325, AP groups, SSID’s, Authentication rules, 802.1X for Wireless etc.

TECHNICAL SKILLS:

Routers: Cisco 1800, 2600, 2800, 3700, 3800, 3900, 7200, 7600 series, ASR 9k, juniper ACX series routers.

Switches: Cisco Catalyst 3550, 3750, 4500, 6500 series & nexus 7k, 5k, 2k, 1000v, juniper Ex4200, Ex9208, ACX 1000

Load Balancer: Cisco CSS, F5 Networks (BIG-IP) LTM, GTM

WAN Optimization: Cisco WAAS, PPP Multilink, Riverbed

Routing: OSPF, EIGRP, BGP, PBR, Route Filtering, Redistribution, Summarization, Static Routing, TCP/IP protocols, IPV4, IPV6.

Switching: VLAN, VTP, STP, RPVST+, Inter VLAN routing & Multi-Layer Switching Layer 3 Switches, EtherChannels, Transparent Bridging

LAN: Fast Ethernet & Gigabit Ethernet.

WAN: Leased lines 64k - 155Mb (PPP / HDLC), Fiber Optic Circuits, Frame Relay, MPLS, DMVPN

Voice: Cisco call manager 8.x, 7.x

IP Telephony: VOIP, ISDN, PRI, Unified Call Manager

Wireless: Cisco 4400, 5500 Wireless Controller (WLC) and 3500, 3700 series Access Points

Firewalls: Cisco ASA, Juniper SRX, Palo Alto, Checkpoint FW’s

Features & Services: IOS and Features, HSRP, GLBP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, FTP and FTP Management

Network Monitor Tool: MRTG, Netbrain & Solarwinds & Cisco Prime Infrastructure

Protocol Analyzer: Wireshark, Netflow

Operating System: Windows ( XP, 7, 10), Cisco IOS/XR/XE, JunOS, Pan-OS

PROFESSIONAL EXPERIENCE:

Confidential,Stamford, CT

Senior Network Engineer

Responsibilities:

• Designing and supporting the consolidation of data centers utilizing Cisco 6500, Nexus 2K, 5K and 7K Infrastructure.
• Experience with converting Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.
• Provided Level-3 Network support for Cisco Switches and Cisco ASA 5500 Series Security.
• Implemented Site-to-Site VPNs over the Internet utilizing 3DES, AES/AES-256 with ASA Firewalls.
• Experience in converting PIX rules over to the Cisco ASA solution.
• Configure and maintain all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale Firewall deployments.
• Hands on experience on all software blades of Check Point Firewall. 24x7 on-call step-up support as a part of the safety operations team.
• Configuring and testing Multicast for both IPv4 and IPv6 routing in Data Center Environment.
• Performed OSPF, BGP,HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Layer 2 Technologies:VSS,STP, VPC, SPAN, OTV, VPLS.
• Layer 3 Technologies:QoS, MPLS,OSPF, BGP, Multicast,DMVPN.
• Security Technologies: VPN and Firewall.
• Migration from Checkpoint firewall cluster to Cisco ASA 5580 firewalls in a failover pair configuration.
• Provided application level redundancy and accessibility by deploying F5 load balancers. LTM and GTM Installation and operation.
• Implementing VoIP solutions using SIP & H.323, also have sound knowledge of Avaya VoIP products.
• Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800, VIPRION for the corporate applications and their availability.
• Perform Migration from F5 BIG-IP 5000 Series to VIPRION 2200 and troubleshooting.
• Installed FortiGates 100E, 6000 & 60E, Fortinet, Forti Manager & Forti Analyzer & utilizing F5 Load Balancing with LDS and BIG, IP.LTM & GTM.
• Managed a team with several team members to Upgrade ASA's from 8.x to 9.x, Install Firepower and Fire AMP for Endpoints, Sourcefire.
• Installed and configured Firepower Management Center 6.0 on VMware and added ASA Sourcefire Agents as well as Firepower NGIPS for monitoring and management.
• Maintain a secure perimeter using Cisco ASA 5500-X with Firepower Services.
• Created and configured management reports and dashboards using Fortinet and FortiGate manager
• Troubleshooting FortiGate CPE 80 series firewalls and Fortinet manager along with fore scout Counteract.
• Worked extensively in Configuring, observation and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover demilitarized zone socialization & configuring VLANs/routing/NAT.
• Managing a TACACS server for VPN user authentication and network devices authentication.
• Performed Imperva Secure Sphere DAM on WAF Health Checks.
• Support, trouble shoot, and enhancement of prop trading system which captures data from various internal systems in Unix/Linux, oo perl, Sybase, java and Clearcase.
• Developed validation code and debugged components of the chip using ITP, Linux, and IKOS system.
• Hands-on expertise within the network management of circuit's mistreatment TDM and Frame Relay.
• Managing and providing support to numerous project groups with regards to the addition of recent instrumentation like routers switches and firewalls to the DMZs.
• Implementing traffic engineering on existing Multiprotocol Label Switching (MPLS) network and Open Shortest Path First (OSPF).
• Provided redundancy in a very multi homed Border Gateway Protocol (BGP) network by tunings AS-path.
• Handling enterprise outages effectively and driving towards the resolution. Coordination of fault escalations in conjunction with the first high-level technical management of high priority or technically complicated calls.
• Involved in complete LAN, WAN development (including IP address planning, designing, installation, configuration, testing, maintenance etc.)
• Configured and troubleshooting River bed WAN optimization software to improve the network acceleration at the user end.
• Deploy, scale and automate network across multiple global datacenters supporting Amazon Web Services (AWS).
• Hands on experience designing and implementing networking solutions leveraging multiple services within public cloud providers and/or cross platform APIs (e.g. AWS and/or Azure).
• Knowledge and skill of 802.11 a/b/g/n LAN normal for wireless Technology.
• Used Cisco ACI Fabric which is based on Cisco in 9000 Series Switches and the Cisco Application
• Worked on implementing lab for SDN using Cumulus Linux for test-driving part of DC migration to SDN.
• Coordinating, documenting and managing cases and routing support calls with the Tier 1, Tier 2, and Tier 3 Support engineers at HPE and AT&T.
• Configure best route map configurations in the new Cisco IOS XR Routing Protocol Language (RPL).
• Supporting EIGRP and BGP supported network by partitioning level two & three issues of internal groups & external customers of all locations.
• Design and Building Software-Defined Data Center environment, including Vmware, VCenter, NSX and Cisco ACI.
• Hands-on expertise with Ether Channel, Spanning Tree, Trucking, ACLs, Syslog. Expertise with the setup of HSRP, Access-Lists, and RIP, EIGRP, and tunnel installations.
• Proficiency in configuration of VLAN setup on varied Cisco Routers and Switches.
• Troubleshooting and support of ACI Contracts.
• Collaboration with Application SMEs to approve ACI Contracts.
• Test and implement cisco ACI based network infrastructure as open stack underlay network.
• Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools.
• Configured Windows Clusters, Windows NLB, H/W Load Balancers (F5, Netscaler). Deployed, configured and troubleshooting runtime errors related to .Net applications on 7.0/7.5 Web Servers and Windows Server 2008/2008 R2 in Dev, QA & Pre-prod environments.
• Experience in migrating policies from checkpoint firewall to juniper srx and Cisco ASA to Palo-alto.
• Experience with working on firewalls like CISCO ASA 5500 series (5510,5540), JUNIPER SRX series and PALO ALTO (pa-3060, pa-5060), etc.

Environment: Nexus 2k/5k/7k, Cisco 6500/7500/7200 Routers, Cisco 3550/4500/6500 switches, Juniper SRX100, Fortinet Next Generation Fire Walls, LAN, WAN, OSPF, RIP, BGP, EIGRP, HSRP, PPP, VPN, Checkpoint, Cisco ASA, AWS, TCL, Riverbed, Clustered SQL server 2014/2012/2008 R2/2008/2005, DC migration, Active-Active& Active-Passive Clustering, Windows 2012/2008R2/2008/2003

Confidential,Pleasanton, CA

Senior Network Security Engineer

Responsibilities:

• Hands on experience in the configuration, troubleshooting of Juniper SRX firewalls as well as experience working directly with customer in a service/support environment.
• Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
• Deployment and Management of Bluecoat proxies in forward proxy scenario as well as for security in reverse proxy scenario.
• Demonstrated understanding of network security concepts and systems including F5, WSA, Palo Alto, ASA
• Worked on Blue Coat Proxy SG to safeguard web applications in extremely untrusted environments such as guest Wi-Fi zones.
• Worked on Cisco ACE, F5 LTM series like Viprion 2400 series Chassis with 2150 and 2250 blade series for the corporate applications load balancing and their availability
• Performing URL filtering and content filtering by adding URL’s in Bluecoat Proxy SG’s.
• Managing & administering Cisco WSA.
• Day-to-Day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
• Active/Standby and Active/Active HA configuration on Cisco ASA and Palo Alto Firewalls.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
• Managing and administering Juniper SRX and Checkpoint Firewalls at various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
• Utilized Cisco Firepower policies to manage applications, Snort rules, and URL blocking.
• Cisco ASA security appliances including Source Fire, Firepower services and Firesight Management Console.
• Designed and implemented configuration support for routing protocols like OSPF and BGP on Firepower.
• Expert in Next Gen Firewall Techniques for traffic filtering such as URL Filtering, SSL decryption, Forward proxy, Security policies, Zones, NAT/PAT, ACL, policy-maps etc.
• Configured and deployed VPC, VSS, OTV, FABRIC PATH between Nexus 7010 and Nexus5596, 5548 switches along with FEX2248
• Performing network monitoring, providing analysis using various tools like Wireshark, Riverbed and Solar winds.
• Deep understanding of IDS/IPS such as Sourcefire and Foresight.
• Assisted with the transition from the current Cisco ASA FW platform to the Cisco Firepower FPR 4150 NGFW
• Implementing Security Solutions in Juniper SRX and Netscreen SSG firewalls by using NSM.
• Juniper Firewall Policy management using NSM and Screen OS CLI.
• Working on the network team to re-route BGP routes during maintenance and FW upgrades.
• Cisco ASA security appliances including Sourcefire, Fire POWER services and Fire Sight Management Console.
• Configure B2B VPN with various business partners and 3rd parties and troubleshoot VPN Phase 1 and Phase 2 connectivity issues including Crypto map, Encryption Domain, PSK etc.
• Implemented configuration back-ups using WinSCP, Cyberfusion to automate the back-up systems with the help of public and private keys.
• Follow information security policies, methods, standards, NIST standards, and practices to organize information systems, IT material, and interpret regulations.
• Monitor Intrusion Detection Systems (IDS) console for active alerts and determine priority of response.

Environment: Cisco ASA 5580/5540/5520, Checkpoint R70, R75, R77.20 Gaia, Palo Alto PA-5000/3000, Big IP F5 LTM/GTM, Solarwinds, Nexus switches, TCP/IP, VPN, Cisco Sourcefire, Splunk, Bluecoat Proxy servers, IDS/IPS. SIEM and Monitoring.

Confidential,San Francisco, CA

Senior Network Engineer

Responsibilities:

• Responsible for the implementation and maintenance of firewall based security zones (DMZ*s).
• Provide support to internal project teams by adding firewalls, switches and routers to managed DMZs.
• Configure the layer 2 and layer 3 on Cisco Nexus 7K, 5K, 6509, 9710, 5596 UP, 4500, 3850, 3950, ASR and 2960
• Worked with Checkpoint, Cisco ASA, and Palo Alto Networks solutions
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS.
• Implementing & Troubleshooting of T1, MUXES, CSU/DSU and data circuits.
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems,
• Have sound knowledge of Firewall architecture, routing and VPN.
• Have experience working on HP Open view Network Node Manager.
• Upgrade firewalls in accordance with change management & Document changes to firewalls.
• Have experience with Cisco Works LAN Management Solution.
• Implemented Positive Enforcement Model with the help of Palo Alto Networks
• Experience in migration of Frame-relay based branches to MPLS based technology using multi-layer stackable switch like 6500 series and 2800 series router.
• Testing VPC, BGP, OSPF, EIGTP, RIP, SPAN, Sflow, VlanTrunking, SVI and power supplies on Nexus and ASR devices
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Hands on experience with Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them with various modules like Gig card, VPN SPA card, WIC card.
• Cisco IOS experience on 3600/7200 class hardware in complex WAN environment and experience on Cisco OS and IOS on CAT6500 in a complex data center environment.
• Involved in configuring IP Quality of service (QoS).
• Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system.
• Experience in designing, installing & configuring of Cisco PIX, ASA & FWSM (Firewall service module).
• Experience in creating and maintaining firewall configurations, updating documentation and log analysis.
• Worked extensively in configuring, monitoring and troubleshooting Cisco's ASR 5500
• Applying crypto maps and security keys for the branches, ISAKMP (Internet security association key management protocol) for establishing Security associations (SA) cryptographic keys.
• Experience in configuring routing protocols like EIGRP, RIP v2, OSPF & BGP and Cisco ACS protocols like RADIUS and TACACS.
• Experienced in WAN environments, installing and troubleshooting data circuit problems (MPLS, T1).
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment.
• Involved in designing and applying QOS and policy map to 2800 series routers for all the branches.
• Involved in designing GRE tunnels for encryption of data flow from source to destination.
• Implemented and deployed VoIP using ASR 1k series SBC (Session Border Controller).
• Experience in configuring VLAN’s STP (Spanning tree Protocol) & RTSP (Rapid Spanning Tree Protocol).
• Experience with Project documentation tools & implementing and maintaining network monitoring systems (Cisco works & Netinfo, Infoman Virtual Change) and experience with developing network design documentation and presentations using VISIO.
• Understanding & Implementation of IPSEC & GRE tunnels in VPN technology.

Environment: Router 2800, 3800, 7200, 7600; Cisco Catalyst Switch 6500, 6509, 3550

Confidential

Senior Network Engineer

Responsibilities:

• Maintaining the Network Infrastructure, Installation, migration and configuration of routers and switches for clients.
• Configured Routing protocols such as OSPF and policy-based routing.
• Team member of Configuration ofCISCO7206 router and Configuration of Catalyst switches.
• Configuration 7609, 7606 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
• Create and testCisco router and switching operations using OSPF routing protocol.
• Configuration and troubleshooting link state protocols like OSPF in multiple areas.
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches.
• Optimized performance of the WANnetworkconsisting of CISCO 3550/4500/6500 switches by configuring VLANs.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
• Configured IP access filter policies.
• Providing Technical Support and solutions forNetwork Problems.
• Implementing NAT solutions on Cisco IOS routers.
• Upgrading IOS, troubleshootingnetworkoutages.
• Worked on Cisco Routers, Active /Passive Hubs, Switches.
• Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center including patching the cables in the Patch Panel. Design and implemented network infrastructure and configured all the network Infrastructure devices including Network Printers and Registers.

Environment: Cisco 3550/4500/6500 switches and Cisco 2500, 2600, 3000, 6500, 7500, 7200 routers, Checkpoint.