SUMMARY

• Over 7+years’ experience in LAN/WAN, Layer 2, Layer 3, routing, switching technologies, systems design, administration and troubleshooting.
• Very Strong expertise in VPN technologies, and dedicated security configurations (Firewalls, IDS, Routers) and best practises in information security policies/procedures.
• Architecture, planning and design of IPsec VPN implementations for multiple sites on various VPN appliances/UTM vendors, routers and maintaining cross functionality between them.
• Efficient and Expert in EIGRP, OSPF, with knowledge on MPLS, BGP (including configuration and troubleshooting)
• Proficient in Layer2 technology STP, RSTP, HSRP, VRRP.
• Diagnose Layer1, Layer2 and Layer3 fault - related cases effectively, utilizing software diagnostics and tools.
• Administration of Cisco Routers (12410, ASR 9K, 7200, 7600), Juniper and other vendors.
• Experience on Cisco IOS (11.0, 12.0, 15.0) and JunOS and IOS-XR 3.2
• Configure, install, maintain and troubleshoot UTM Firewalls (multi-platform), Cisco PIX/ASA.
• Expert knowledge in various applications, services and network management tools including FTP, Telnet, Ping, DNS, DHCP, ARP etc.
• Knowledge in Documenting and preparing the Process related Operational Manuals.
• Experience in relating the theoretical OSI Networking Model to practical networking scenarios.
• Communicating and managing relationship with external & internal customers and ensuring customer satisfaction of service delivery in accordance to their quality & consistency of Statements of Work & Service Level Agreements.
• Experience in working with JTAC, Cisco TAC engineers on several networking issues.
• Supervised permanent and contract personnel. Excellent communication skills with an ability to interface at all levels.
• Fluent in computer software packages like MS Office (Word, Excel, Visio) for accounting purposes

TECHNICAL SKILLS

Cisco Routers: ISR 2600, 2800, 3600, 3700, 3800, 7600, 7200, ASR and other vendors

Switches: Cat3k series, Cat4k Series, Cat6k Series and other vendors

Load Balancer: Citrix Netscaler, F5(LTM, GTM)

Firewalls/Security: Cisco ASA 5500, Check Point, Juniper SRX, Junos, TACAS/RADIUS/SSO implementation, Fortinet, Confidential (NSA,SuperMassive)

Workstation Tools/OS: Visio, MS suite, Citrix clients. Windows, Linux, MacOS, iOS, Android platforms Wireshark, nmap, Nessus, Backtrack/Kali Linux IPsec and SSL VPN clients from different vendors

PROFESSIONAL EXPERIENCE

Confidential, Chicago, IL

Sr. Network Engineer

Responsibilities:

• Established policies and procedures related to Systems security and integrity.
• Skilled knowledge of RIP, EIGRP, BGP and OSPF.
• Configured/ administered/ deployed several Cisco 12000, 10000 and 6500 series.
• Configured channelized DS3 card on the Cisco 12000 series router for managing T1 lines.
• Implemented and managed network monitoring tools like Nagios and Orion.
• Experience working with 5505, 5510, 5520 and 5550 model ASA's.
• Experience working with the latest ASA IOS (8.3, 8.4,9.1)
• Extensive experience with Check Point and CISCO Security Firewall Configurations and network configurations.
• Part of the Re-IP project.
• Migration of MPLS from Confidential to Timewarner.
• Experience with Citrix Netscaler, F5 GTM Loadbalancer
• Configured with F5, Citrix Load balancers in Failover for Load balancing and SSL handling
• Configured F5 BiGip to provide Load Balancing for server farm.
• Experience with configuring VIPs on F5 and Citrix load balancer which include creating policies and creating redirection rules
• Implemented and managed SSL VPN using Radius server (Cisco any connect) on ASA 5550.
• Experience working with Cisco 3750, 4948, 2811, 2600, 7200, 6500, 12000, 10000 series switches and routers.
• Configured/ administered/ deployed several Cisco 6500 series switches.
• Implemented and administered Web sense Web Security Gateway for web content filtering and DLP.
• Managed software and hardware contracts. Audited contracts and worked with vendors to terminate unused services and reduced costs. Negotiated key contracts with vendors and reduced costs.
• Extensive experience with Juniper and Cisco ASA firewalls.
• Experience with configuring, supporting, and troubleshooting security products including Check Point, Juniper, Cisco, IDS solutions, and others.

Network Engineer

Confidential, Dublin OH

Responsibilities:

• Responsible for implementing and integrating new network technologies, troubleshooting and supporting existing technologies and devices.
• Involved in deployment of new F5 GTM to replace the existing A10 GSLBs.
• Configure the F5 GTMs to globally load balance the local brocade or F5 load balancers.
• Involved in complete LAN and WAN commissioning and deployment (IP address planning, designing, installation, configuration, testing, maintenance, and troubleshooting issues).
• Responsible for conversion of IBM Tivoli monitoring situation to Solarwind monitoring template.
• Write VBScript codes to cater to customer monitoring requirement is Solarwind.
• Create monitoring template using custom MIBs in Solarwind.
• Gather and document system functional requirement with respect to Solarwind.
• Performed configuration and troubleshooting of routing protocol such as BGP and EIGRP.
• Implemented Cisco Secure Access Control Server (ACS 3.0) for Tacacs+/ Radius.
• Performed configuration for data center connectivity with Cisco 6500 switches (Sup720) and configured BGP attributes for WAN connectivity (routing with EIGRP).
• Performed network administration tasks such as creation and management of VLANs, PVST, Inter-VLAN routing, HSRP, GLBP and LAN security for Layer-2 switching domains and Layer-3 Routing.
• Worked on firewall administration on day-to-day basis by performing Move Add Change (MAC) functions on Cisco ASA 5500 firewalls.
• Generate RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 outages.
• Ensure all data and VoIP infrastructure meet 100% SLA uptime standard and co-ordinate with vendors in case of any issue to get them fixed within SLA time frame.

Confidential, Somerset, NJ

Network Engineer

Responsibilities:

• Perform administration, optimization, and support of internal LAN/WAN infrastructure.
• Configuration and Maintenance of MPLS between satellite locations and Data center. Rule Management for MPLS routers.
• Management of BGP peering with Service Providers to ensure availability and maintain SLA with MD5 authentications and TTL security.
• Develop and support network lifecycle management, capacity planning and availability management programs and update technical documents.
• Maintenance of Cisco ASA and Barracuda Web Filter including IPSec VPN and troubleshooting L2VPN.
• Configure and maintain access points through Cisco 4400 WLAN controller.
• Design VPN tunnels between locations. Implement these tunnels using IPsec and GRE protocols and maintain the tunnels.
• Configure of VLAN, BFD, LAG Port Channel, HSRP and VRRP on Cisco/Juniper devices.
• Monitor Data and Voice network utilization to ensure proper circuit sizing. Plan for expansion based on reports of monitoring.
• Deploy F5 Edge Gateways for SSL, remote access load balancing. Create templates, SSL profiles and network ACLs.
• Assist in design and implementation of load balancing solutions.
• Assist in PoC design & evaluation for purchasing IP Networking hardware and software for expansion of the circuits.
• Configure and implement routing protocols on the routers and switches like OSPF, EIGRP and STP for LAN.
• Assist network operations and level two network engineers in the diagnosis of difficult or complex network related problems.
• Troubleshooting and documenting the L2 connectivity issues.
• Advise on projects needed to enhance performance of the network as well as the research, analysis, design, planning, and implementation of these enhancement projects.
• Apply project management skills to complete assigned projects within the project timeline.
• Plan and document the network inventory and maintenance procedure along with lifecycle management of these devices.
• Develop and assist in projects for replacement and upgrade of devices which are EOL.
• Emulate Production Network in Lab to test the network recommendations and document the result for further analysis. Document the procedure to perform the upgrade/replacement of devices.
• Work with Data Center Operations to perform the replacements in scheduled maintenance windows.

Environment: Cisco ASR 1001, 1004, 3945, 6513, 4948. Juniper MX480, Juniper SRX 110

Confidential

Network Security Analyst - Enterprise Technical Support Analyst

Responsibilities:

• Complete role configuration/troubleshooting of Confidential products
• Worked on Routing/Security/Wireless domains while ensuring multi-vendor network products compatibility at client locations.
• Involved in Firmware Pre-release testing and resolution workarounds.
• Highest level of technical support provided to enterprise clients when required

Confidential

Network Security Engineer

Responsibilities:

• Performed the configuration in routers and voice gateways for migration of ISDN PRI circuit from one service provider to another across 45 office locations.
• Maintain and load balance the web server traffic for customers using F5 load balancers.
• Configured and deployed Cisco 6500, 4500 and 3750 Catalyst switches at the core, distribution and access layers respectively.
• Designed and maintained switch network with other CISCO L3 switches (4500, 6500) in Multi-VLAN, configured 802.1Q Trunking, VTP between L3 and Access Layer Switches, and thereby provided inter-Vlan routing, maintained consistent VLAN information between switches.
• Performed the installation and configuration of Solarwind Orion Network Performance Monitor for monitoring traffic across the network.
• Installation and configuration of Websense Triton Web Security and configure them in clustered environment.

Environment: s: Routers, Voice Gateways, F5 Load Balancers, Cisco 6500, 4500, 3750, VLAN, CISCO CALL MANAGER, H323 Trunk, Websense Web Security.

Responsibilities:

• Reviewed and approved all firewall requests (ACL, NAT, VPN, etc) based upon potential security impact. Also managed all firewalls in the test, dev, R&D labs.
• Managed and maintained various web content filtering solutions including Web Sense and Blue Coat.
• Managed and maintained an internal certificate authority (CA) request along with RSA servers for two factor VPN authentication.
• Architecture, planning and design of IPSEC VPN implementations for multiple sites on Cisco VPN appliances, routers and Checkpoint firewalls.
• Analyzed firewall performance and suggested/implemented improvements.
• Installed and maintained all security infrastructures, including IPS, IDS, log managements, and security assessment systems.
• Configured with Citrix Load balancers in Failover for Load balancing and SSL handling
• ConfiguredCitrix to provide Load Balancing for server farm.
• Secure IIS Web Server Protection (Application Firewall), ISS Internet Scanner Penetration Testing, Security Access Lists, Firewall Protection, VLAN Security.
• In-depth knowledge of IP routing, virtual routing and forwarding (VRF) and routing protocols
• Well versed in different vendors L2/3 switch hardware architectures
• Detailed knowledge and hands-on experience of Layer 2 protocols includes Spanning Tree Protocols, VLAN Tagging (802.1Q), Link aggregation (IEEE 802.1AX)
• Configure Voice Gateway, Voice gatekeeper.
• Perform HP automation testing.
• Design and Implementation of enterprise-level LAN and WAN infrastructures.
• Checkpoint Firewall design and implementation and planning of rule bases
• Network refresh project that includes redesigning and relocation of ASA, Checkpoint and Fortinet firewalls.
• Implemented and maintained network performance testing software like PRTG and MRTG
• Implemented Perl scripts for network monitoring tasks.
• Perform regular vulnerability and penetrations tests utilizing NESSUS and NMAP along with recommending remediation solutions.
• Assess threats, risks, and vulnerabilities from emerging security issues.
• Troubleshoot various customer environments when issues arise, provide resolutions, and keep our customers informed as to the status of any on-going problems.