SUMMARY

• Cisco Certified Network Engineer with around 8+ years of work experience in design, installation, configuration, administration and troubleshooting of LAN/WAN Infrastructure and security using F5/routers/switches/firewalls.
• Hands on experience on network support, installation and analysis of broad range LAN/WAN/MAN communication systems.
• Knowledge of IPV4/IPV6, implementation of Sub - netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, EIGRP, RIP, ISIS, BGP v4, MPLS.
• Involved in development of ISE MDM application which integrates with different Partner MDM applications using https REST webservicesand updating the database with non-compliant endpoints.
• Responsible for Check Point and Cisco firewall administration across globalnetworks.
• Configuration and Support of Checkpoint (NGX R65, R70 and R71), Juniper Firewalls (SRX5400, SRX5600, and SRX5800), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo AltoNetworks Firewall models (PA-2k, PA-3k, and PA-5k).
• Most recently supervisor of IT Network Engineering and Security. I have extensive experience with many different Cisco L2 and L3 switches such as Catalyst 6500 (including VSS1440), 4500, 3850 (stackwise), Nexus9Kand 5K, etc., various routers (2800, 2900, 7200,ASR1000, and others), PIX and ASA firewalls, ACLs, ACE load balancer, a bit with NetScaler, IDS/IPS.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design. Experience with Bluecoat Proxy servers, LAN & WAN management.
• Implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology (LACP, PAgP) etc.
• Experience inQRadarand Splunk SIEM tool as Cyber Security Analyst to secure Organization Network.
• Experienced with staging, configuring and managing virtual machines (VMs) on ESX infrastructure.
• Experienced with managing the power standards of the data center.
• Experience in trouble shooting of MPLS with Cisco and Juniper Routers.
• Assisted in MPLS migrations, implemented a backup for existing WAN connection using site-to-site IP sec VPN tunnels.
• Implementing and managingwebsencesoftware for securing and filtering enterprise wide web traffic.
• Experience innetworktroubleshooting and analysis using Wireshark and tcpdump.
• Cisco wireless deployment and support: 2504, 2106, 4402, 5508 and8510WLC
• Experience using Microsoft Visio to create and updatenetworkdiagrams.
• Experience working with Layer-2 and Layer-3 Switching and Security, Data Center.
• Good working knowledge of OSI Model and TCP/IP networking standards.
• Worked on Configuring, Monitoring and Troubleshooting Cisco ASA, configuring VLANs/routing with the firewalls as per the design.
• Create or modify users account on Cisco Access Control Server (ACS), and troubleshoot Cisco AnyConnect Client andSSLVPN issues
• Experience in F5 LTM, APM and ASM 4500 appliances to include of creating pools and nodes.
• Implementations ofSSLVPN, providing secure web-based access to intranet web and HTTPS sites, FTP servers
• Worked onArubasolution to monitor the wireless networks and troubleshoot the problems by convertingany of the existing Access Points into synthetic clients
• Have extensive experience in setting up LAN and troubleshooting related issues. Have WAN awareness and assisted in setting up and troubleshooting various WAN related issues.
• Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution layer.
• Administered complete Office 365 E3 environment for local and remote users including Exchange, Lync, Office and local on premises Active Directory syncing withAzureAD (ADFS)
• Hands on configuration of VLAN setup on various Cisco, Juniper Routers and switches.
• Performing network monitoring, providing analysis using various tools like Wireshark, tcpdump, Solarwinds etc.

TECHNICAL SKILLS

Routers: Cisco 26XX, 28XX, 37XX, 38XX, 39XX &72XX series with IOS, Avaya routers, IOS-XE, ASR 9K, 1001 & IOS XR.

Switches: Cisco Catalyst 4500,3550, 3750, 45XX, 65XX series, Nexus

9000,7000, 5000, 2000, Aruba 3500, 2800 & NX-OS, Cat-OS, IOS AristaSwitches:

Load Balancers: Cisco CSS, ACE Module, GSS, F5 Networks (Big-IP), ASM, LTMAPM, A10.

IPS: Cisco IPS 4240, Cisco IDS 4250, Snort, Sourcefire.

Routing Competencies: OSPF, EIGRP, BGP, ISIS, RIP-2, PBR, Route Filtering, RedistributionSummarization, Static Routing.

Switching Competencies: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging, Data Center Switching, VPC, VDC, OTV, RBAC.

URL Filtration: Websense, Email security, Web Security.

Firewall Tools: Checkpoint (NGX, NG AI), Cisco ASA, PIX, FWSM, Palo Alto Networks (PA 2000 series), McAfee EPO.

Services: IOS and Features, Infoblox, Cloud, Embedded LINUX, XMLFreeRTIOS, C, C++, IDS/IPS, Sourcefire, Firepower, Riverbed, Aruba Wireless, Websence, cisco ISE, Jun OS, SSL, HSRP, GLBP, VRRP, Python, Perl, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, DNS, TFTP and FTP Management.

AAA Architecture: TACACS+, RADIUS, Cisco ACS, LDAP.

Monitoring Tools: Wire shark, TCP dump, Fiddler, Splunk, Service NOW, Microsoft Network, Solarwinds, Riverbed, Email Monitoring, And Cisco Works, IT360.

Microsoft Soft wares: Microsoft Office, Azure, Visio.

Operating Systems: Windows 9X, XP, Vista, Windows 2000, 2003(Active Directory), Linux (Red hat 9.0, Ubuntu), UNIX.

PROFESSIONAL EXPERIENCE

Confidential, Cleveland, OH

Network Security Engineer

Responsibilities:

• Worked on Multi-vendor platform with checkpoint and Cisco firewalls requesting net flow for security compliance, coding, and pushing firewall rules after approval and troubleshoot incidents as required.
• Provide necessary problem determination in the Checkpoint firewall environment which has Gaia R77, R75, SPLAT, Provider-1 and VSX.
• Worked on the upgrade process from R7 .10 in the lab environment.
• Have experience in fresh installation of checkpoint R80
• Good Understanding of Multiple Contexts in ASA firewalls and implemented different failover mechanisms among ASA firewalls
• Experience in working on migrating Cisco ASA 5540 to Checkpoint R77 Gaia firewalls.
• Firewall configuration using Untangle Linux sever.
• Moved all 3rd party VPN's from legacy Cisco ASA firewall to Checkpoint firewall.
• Experience in working on migrating Legacy Checkpoint open server platforms to Palo Alto firewalls.
• Installing and Configuring Palo Alto Pa-500 series and Pa-2000 series firewalls using Panorama.
• Responsible for Palo Alto App ID migration from the legacy based port rules for PA 5060, 7050.
• Worked and configured Palo Alto-7050 firewalls and added them to panorama to manage.
• Responsible for administering (Create, modify & add) Palo Alto and Cisco Firewall security policy and rule base.
• Used Palo Alto 7.0 ACC for monitoring network activity, threat activity, and blocked activity.
• Setup and maintained Check Point security policies including NAT, VPN and Secure Remote access.
• Provide 24*7 supports for day to day operational activities including Change Implementation, Handling Work order access Request, High Priority incident handling/troubleshooting for Security Devices (Firewalls, Proxies, IPS, SSL, VPN Devices etc.)
• Used firewall optimization tool Firemon for generating usage reports and disable the unused rules accordingly.
• Administer Checkpoint firewalls with cluster gateways including pushing policies and processing user requests to allow access through the firewall using Smart Dashboard and identify unused rules and schedule change to mark it for permanent deletion at later point of time
• Used Splunk SIEM tool to check the logs, create reports and dashboards.
• Lab Implementation of multiple security contexts in ASA firewalls and Checkpoints configures redundancy (Active-Active failover and active-standby failover) among them
• Provide support for 2Tier and 3Tier firewall architecture, which includes various Checkpoint and Cisco ASA firewalls.
• Install and upgrade Bluecoat proxy SG (900, 810 and SG9000 series) and Proxy AV (510,810 and 1400 series) in all the Datacenters.
• Configure policies on the Bluecoat VPM, local database and PAC files to filter the traffic flow by Creating custom rules, URL categories and routing policies.
• Configured ACLs in Cisco 5540 ASA firewall for Internet Access requests for servers, Protocol Handling, Object Grouping and NAT.
• Troubleshoot and Worked with Security issues related to Cisco ASA, Checkpoint, IDS/IPS
• Install and configure Bluecoat ProxySG in the network for web traffic management and Policy configuration
• Managed global policy, global groups and global objects in checkpoint Provider-1/ Multi Domain Manager.
• Monitor the network traffic through Orion Solarwinds and Spectrum syslog server.
• Configured and Administered Cisco ASA 5585 firewalls which includes setting up the different zones.
• Monitor mitigates threats using Cisco Firepower IPS using custom correlation events and built-in tools.
• Upgrading from Cisco 5580 firewall to Cisco 5585 firewall with firepower module.
• Implemented Cisco 5500-X Firepower and Cisco Sourcefire IPS &FireEye.
• Designed/deployed/maintain Cisco Source Fire Next Generation Firewall and Intrusion Prevention System (IPS) with Firepower sensors and Fire Sight Management Console.
• Managed cisco IDS and IPS modules with Firepower Management Center.
• Configuring and implementing Remote Access Solution: IPsec VPN, any connect VPN, SSL VPN.
• Carrying out documentation for tracking network issue symptoms and large scale technical escalations
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring Vlan's/routing/NATing with the firewalls as per the design.
• Involved in the Team of Data Center Operations to perform duties like administration and monitoring of Cisco Routers and Switches according to the organization requirements.
• Configured ACLs in Cisco 5585 ASA firewall for Internet Access requests for servers, Protocol Handling, Object Grouping and NAT Control using Object NAT.
• Remedy Ticketing system, Change Management, Incident Management and solving the SR's assigned to me.

Environment: Cisco Routers: 7200, 3600, 2800; Cisco catalyst switches: 3560, 3750, 6500; Nexus: 2000, 5000, 7000 series switches; Redundancy protocols: HSRP, GLBP; Inter-Vlan routing, Port-fast, STP, VTP, RSTP, ACL's; Routing protocols: OSPF, BGP; Cisco ASA, Checkpoint firewalls, Juniper SRX 240, SRX220, SRX550, Palo Alto Firewalls PA5000, PA3000; Network Security: NAT, PAT, IPSEC, GRE, VPN; Load balancer: BIG-IP F5; Ethernet, Fast Ethernet, Gigabit Ethernet, Fiber optic; solar winds.

Confidential, Birmingham, AL

Network Security Engineer

Responsibilities:

• Troubleshoot and hands on experience on security related issues on Checkpoint R75, Cisco ASA and Juniper Netscreen, Junos firewalls.
• Configuration and maintenance of Juniper Net Screen SSG -550.
• Administer and support Juniper Firewalls Using NSM (Netscreen SSG and ISG firewalls).
• Involved in large firewall configuration, deployments, and implantation rollouts for several companies’ security needs including SSL VPN tunnels.
• Administering multiple Firewall of Juniper SRX and Netscreen in a managed distributed environment. Fulfilling routine change requests of Net Screen OS Firewall and resolving trouble tickets, maintain and monitoring firewalls.
• Knowledge of Juniper environment including SRX and Junos NSM.
• Worked on the conversion of Juniper SSG to SRX firewalls.
• Configuring rules and Maintaining Palo Alto Firewalls with IPS & Analysis of firewall logs.
• Experience in Palo Alto SSL decryption installation and configuration on PA 3060.
• Troubleshooting and configuring Palo Alto 7050, 5060, 3060.
• Assisted in restructure of work flow process to suit the customer’s IT security needs
• Remotely controlling Checkpoint firewalls getting large scale production environments.
• Debug firewall process activity in a shell command format.
• Creating MOPs (Method of Procedure) and Provided On-call support to Clean-up the changes in configuration on migrated Cisco routers.
• Support end to end Security devices checkpoint & Cisco PIX/ASA.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience.
• Working on HP open view map for Network Management System and Ticketing
• Working configuration of new Vlan's and extension of existing Vlan's on/to the necessary equipment to have connectivity between two different data centers
• Configured ASA 5520/5500to ensures high-end security on the network with ACLs and Firewall.
• Experience with Firewall Administration, Rule Analysis and Rule Modification on cisco ASA 5540, 5585.
• Responsible for Cisco ASA firewall administration across our networks.
• Co-ordinate with the Data Network and Security team and come up with possible solutions.
• Provide solutions to Tier 1/2 escalated issues and tickets.
• Implementation and configuration of F5 Big-IP LTM-6400 load balancers
• Configuring and resolving various OSPF issues in an OSPF multi area environment,
• Implemented, configured BGP WAN routing, converting OSPF routes to BGP (OSPF in local routing).
• GRE tunneling & Site-to Site VPN configuration between other two sites in USA.

Environment: Netflow, TACACS, EIGRP, RIP, OSPF, BGP, VPN, MPLS, CSM, SUP720, Ether Channels, Cisco 7200/3845/3600/2800 routers, Fluke and Sniffer, Cisco 6509/ 3750/3550/3500/2950 switches, Cisco ASA firewalls.

Confidential, Los Angeles, CA

Network Security Engineer

Responsibilities:

• Configured RIP, EIGRP, BGP and OSPF routing.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Identify, design and implement flexible, responsive, and secure technology services
• Experience with Firewall Administration, Rule Analysis, Rule Modification
• Implemented Positive Enforcement Model with the help of Palo Alto Networks.
• Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.
• Creating and provisioning Juniper SRX firewall policies.
• Created standard access lists to allow SNMP, NTP and logging servers.
• Documented new VPN enrollments in a database and create standard procedures for further improvement.
• Troubleshoot traffic passing managed firewalls via logs and packet captures
• Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team. The LAN consisted of Cisco campus model of Cisco 3550 at access layer, Cisco 6513 at distribution/core layer.
• ConfigureVRRP & GLBP andVLANTrunking802.1Q & ISL, STP, Port Security on Catalyst 6500 switches.
• Negotiate VPN tunnels using IPSec encryption standards and configured, implemented site-to-site VPN, Remote VPN.
• Provided proactive threat defense with ASA that stops attacks before they spread through the network.
• Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Responsible for Checkpoint and Cisco ASA firewall administration across global networks.
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
• Co-ordinated with the Data Network and Security team and came up with possible solutions.
• Work on Physical Site Inventory verification, gather information of various Cisco Network devices and Security Devices to develop Run book and Spec Book.
• Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards.
• Experience with implementing and maintaining network monitoring systems (Cisco works and HP Open view) and experience with developing complex network design documentation and presentations using VISIO
• Estimated Project costs and created documentation for project funding approvals.
• Monitoring and troubleshooting network issues between client site and 85 remote sites with legacy switches and routers
• Performed and presented network analysis as a part of network migration. Involved in knowledge transfer to vendors and provided them network support as required
• Worked as a single point of contact for the whole migration
• Configuration and maintenance of EIGRP and BGP network on router 7200 and 6500 MLS.
• Configuration and maintenance of 3750 stack and 6500 VSS for improved efficiency of the data plane.
• Configuration and management of NEXUS network in the existing network infrastructure.
• Created LAB setup with 7k and 5K NEXUS switches for application testing.

Environment: Cisco 3750/3550/3500/2960 switches and Cisco 3640/12000//7200/3845/ 3600/2800 routers, Cisco ASA5510, Checkpoint, Palo Alto, Cisco Nexus 7k/5k, ASA 2248/3560/5020/6509 , Checkpoint, LAN, OSPF, BGP, RIP, EIGRP

Confidential

Network engineer

Responsibilities:

• Provided Level 1 Support for Broadband Connection to Virgin Media customer
• Worked as a Technical Support Executive under Virgin Media.
• Received inbound calls of technical nature, independently resolved customer complaints, concerns and inquiries regarding their Internet connection.
• Managed LAN and Wireless Network and performed troubleshooting on LAN, WLAN, Customer Modems (NTL 250, TERAYON, and MOTOROLA) And CPE Router (Cisco-Linksys, Belkin, D-LINK and Dynamode).
• Set up Home Network and provided troubleshooting and full support on virgin- media security Software (PC-guard).
• Troubleshoot a wide range of technical support issues and connectivity problems such as authentication, connection speed, e-mail configuration, and loss of synchronization.
• IOS upgrades on catalyst series switches like 2900, 3560, 3750.
• Troubleshoot TCP/IP problems and connectivity issues in multi-protocol Ethernet environment.
• Implemented trunking protocols like 802.1q on 3750 switches.
• Configured ACLs to provide accessibility and restrict unauthorized users.
• Involved in maintaining STP, RSTP and PVST+ for the catalyst switches I worked on.
• Configured and maintained RIP, OSPF and routing protocols on 2600 and 3600series Cisco routers.
• Maintaining and troubleshooting of connectivity problems using Ping, Traceroute.
• Assisted in racking and stacking.
• Technical assistance for LAN/WAN management and customer issues.
• Other responsibilities also included documentation.

Environment: Cisco 2990/3550/6550 switches, F5 GTM & LTM, Cisco 7200/3845/3600/2800 routers, EIGRP, RIP, OSPF, BGP, VPN, Ether Channels, and Sniffer, Data center.

Confidential

Network Engineer

Responsibilities:

• Provided Level 1 Support for Broadband Connection to Virgin Media customer
• Worked as a Technical Support Executive under Virgin Media.
• Received inbound calls of technical nature, independently resolved customer complaints, concerns and inquiries regarding their Internet connection.
• Managed LAN and Wireless Network and performed troubleshooting on LAN, WLAN, Customer Modems (NTL 250, TERAYON, and MOTOROLA) And CPE Router (Cisco-Linksys, Belkin, D-LINK and Dynamode).
• Set up Home Network and provided troubleshooting and full support on virgin- media security Software (PC-guard).
• Troubleshoot a wide range of technical support issues and connectivity problems such as authentication, connection speed, e-mail configuration, and loss of synchronization.
• IOS upgrades on catalyst series switches like 2900, 3560, 3750.
• Troubleshoot TCP/IP problems and connectivity issues in multi-protocol Ethernet environment.
• Implemented trunking protocols like 802.1q on 3750 switches.
• Configured ACLs to provide accessibility and restrict unauthorized users.
• Involved in maintaining STP, RSTP and PVST+ for the catalyst switches I worked on.
• Configured and maintained RIP, OSPF and routing protocols on 2600 and 3600 series Cisco routers.
• Maintaining and troubleshooting of connectivity problems using Ping, Traceroute.
• Assisted in racking and stacking.
• Technical assistance for LAN/WAN management and customer issues.

Environment: Cisco Routers 2900, 2600, 3600; Cisco Switches 1900, 2900, 3500, 3700 and 450 Series; LAN/WAN: Frame relay, NAT, DHCP, TCP/IP