SUMMARY:

• 8+ years of experience in Network design, Security, Tier support of Networks in various environments.
• Experience working with security devices such as Firewalls, VPN switches and Intrusion Detection Systems.
• Experience working on Cloud Computing Virtualization using VMWare ESXi 4.0 and Windows Hyper - V.
• Experience with Cisco Meraki wireless managed network infrastructure.
• Experience in configuring HSRP and redistribution between routing protocols troubleshooting them.
• Familiar with security products such as Cisco ISE
• Implementation of HSRP, VRRP and GLBP for Default Gateway Redundancy.
• Knowledge on working with Wireless LAN Controller's, Cisco Meraki, Cisco AP's, Standalone AP's and Mesh AP's.
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
• Experience on Network Monitoring & Testing tools such as Wireshark/Ethereal, Cisco Works, and IXIA.
• Good understanding of VoIP implementation and protocols such as H.323, RTP, and SIP.
• Experience in troubleshooting NAT configurations, Access-Lists (ACL), and DNS/DHCP related issues within the LAN network.
• In-depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services.
• Extensive experience working on Cisco and Juniper routers/switches in complex environments with multiple ISPs.
• Expert in dealing with Networking Protocols and Standards such as TCP/IP, OSI, UDP, Layer 2 (VLANs, STP, VTP), Routing Protocols (RIP, EIGRP, OSPF, BGP), WAN technologies (Frame relay, IPSec, VPNs, MPLS), QoS.
• Worked on AWS to Corporate connectivity and AWS EC2, Auto scaling, NAT Gateways
• Worked on Subnetting IPv4/IPv6 addresses and IP address management.
• Good understanding of cable management such as CAT3/4/5, Fiber-Optic (Multi & Single mode fibers).
• Hands-on experience with TCP/IP, LANs, WANs, and WLANs (WiFi) Cisco VPN Concentrators, F5 Fire pass SSL VPN, 6509 Core Datacenter designs.
• Experience in F5 GTM, LTM, APM, and Viprion Series of devices. Worked on Cisco ACE 4710 Load balancers and Cisco WAAS, WAVE accelerators
• Exposure to Cisco WAAS, WCS.
• Expert Level Knowledge about TCP/IP and OSI models.
• Familiar with security products such as Cisco ISE
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
• Worked on Palo Alto Firewall
• Worked on Cisco ASA 5500 series firewalls.
• Worked on Cisco Nexus 5010 Switch.
• Experience in F5, Cisco ACE 4710 Load balancers.
• Excellent communication skills to interact with team members and support personnel and also can act as a mentor to less experienced personnel
• Worked on security products such as Cisco ISE
• Advanced proficiency with Cisco Wireless ( APs, Controllers, ISE, Prime)

TECHNICAL SKILLS:

Network Hardware: Cisco Routers (1800, 2600, 3600, 7200 and 7600) Juniper QFx 10000, 5100 series switches and MX960 series router and SRX 240, 300 and 3600. Cisco Catalyst Switches (3560, 3750, 4500, 4900 & 6500), Nexus (7010, 7700, 5548, 5510, 2248, 2148) Cisco MR33 and Cisco MR 42, Cisco MS 410 series

RIPv2, EIGRP, IS: IS, OSPF(V2,V3), BGP(iBGP and eBGP) and MP-BGP

VRF, VRF: Lite, MPLS, MPLS L3 VPN and MPLS L2VPN

Switching: VLANs, Dot1Q, VTP, STP, RSTP, HSRP, VRRP, GLBP, Port Security, BPDUGuard, BPDUFilter, Udld

Protocols: IPv4, IPv6, TCP, UDP, ARP, ICMP, NAT, DNS, DHCP, SNMP, QOS (DSCP and CoS) TELNET, SSH

Datacenter Technologies: VDC, vPC, vPC+, FabricPath, FEX, OTV for DCI

Operating Systems: Windows 2007, Windows 10 Enterprise edition, CentOS, Ubuntu and Redhat Linux.

Office Suite: Microsoft Word, Excel, and Visio

Network Monitoring: Orion Netflow Traffic Analyzer, Wireshark, Solar winds, Cisco PrimeCertifications

PROFESSIONAL EXPERIENCE:

Confidential, Arlington, VA

Sr. Network Engineer

Responsibilities:

• Worked as part of a team to manage Enterprise Network Infrastructure as a Senior Network Engineer responsible for troubleshooting operational issues and perform new implementations across multiple projects.
• Experience in Cisco Routing and Switching using 3600, 3700, 3800, 5300, 6500, 7200, 7600Nexus 7k, Nexus 5k, Nexus 2k& ASR 9000, 1000 series routers, Meraki products.
• Experience working with Nexus 7010, 5548, 5596, 2148, 2248 devices.
• Experience with configuring FCOE using Cisco nexus 5548.
• Understand customer requirements for wireless networks and explain how Cisco Meraki will integrate with current infrastructure, as well as service future needs.
• Configured Nexus 5020 with multiple distribution VDC's running EIGRP for route propagation between the devices.
• Migrated the policies from Cisco ASA firewall to Palo Alto Firewall
• Experience with Network Automation using Python
• Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010.
• Serve as part of a team of network engineers responsible for base wide network upgrade from Cisco Layer 3 switches to Juniper Layer 3 EX4300 & EX3300 switches.
• Performing administrative tasks with Palo Alto Networks (Panorama) including Security, NAT policy definitions; application filtering; Regional based rules; URL filtering, Data filtering, file blocking, User based policies.
• Continually upgraded Meraki security devices as all store locations and kept current firmware, verified Meraki was upgraded, both circuits were functioning through the Meraki and wireless clients were using the Meraki appliances.
• Configure / Troubleshoot Juniper: EX-3300, EX-4300, and EX-4500, EX 6200 series switch for LAN /WAN connectivity.
• Worked extensively with multiple wireless hardware vendors including Cisco, Cisco Meraki.
• Worked on multiple projects related to Branch networks, Campus networks, extranet clients and Data Center Environments involving in data center migrations from one data center to another
• Help customers build scalable, resilient, and high-performance applications and services on AWS
• Monitoring and running ISE reports
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Working on Cisco ISE to authorize users based on protocols PEAP and EAP-TLS, also manage and monitor user's access privileges.
• Actively involved in Switching technology Administration including creating and managing VLANS, Port security- 802.1x, Trunking 802.1Q, RPVST+, Inter-VLAN routing, and LAN security on Cisco Catalyst Switches 4507R+E, 6509-E and Nexus Switches 2232, 5596, 7009.
• Involved in the configuration of MX-80 routers at hospital sites with OSPF and peer with BGP to service providers for redundancy.
• Responsible for implementation of security policies on SRX 240, SRX 550 series of firewalls at branches and datacenter.
• Responsible for configure, test and implement network, firewall and security solution with appliances such as Cisco, Juniper netscreen and Palo Alto Networks application firewalls
• Configured SRX HA cluster for vendor DMZ migration project for high availability and to support multiple vendors connecting to the organization.
• Experience with F5 GTM/LTM installation and assist in configuration of F5 APM LTM modules for BIG IP networking equipment.
• Configured custom monitors, virtual servers, pool members and load balancing algorithms on F5 Load balancers.
• Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IP sec VPN tunnels.
• Deployed and configured Cisco AIR-CAP 3502 wireless access points across various health systems as a part of the refresh from the 1841 WAP’s.
• Configured SSID’s on WLC 5502 wireless LAN controllers and experience troubleshooting using WCS.
• Worked on configuration and commissioning of the MPLS circuits for various branch offices to replace the existing point to point circuits
• Providing Daily network support for all branches and sits in the organization’s WAN consisting of MPLS, VPN and point-to-point (P2P) circuits.
• Performed Network Security Assessment and implemented security improvements such as network filtering, SSH, AAA, SNMP access lists, VTY access lists, EIGRP MD5 authentication, and HSRP authentication.
• Configuration of ACL’s in Cisco 5520 ASA firewall for internet Access requests for servers, Protocol Handling, Object Grouping and NAT.
• Responsible for Documenting workflow process, Visio drawings and implementing changes following the change management guidelines.

Confidential, Washington, DC

Sr. Network Engineer

Responsibilities:

• Implement ATM/Frame Relay between data centers utilizing Cisco routers & switches.
• Experience with converting 6500 to Cisco Nexus in the data center environment.
• Responsible for Cisco ASA firewall administration across our global networks
• Support customer with the configuration and maintenance of PIX and ASA firewall systems
• Assist with various duties that will arise including: implementation, configuration, management,
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
• Responsible for configuration and troubleshooting issues related to F5 GTM/LTM devices such as 4200v, 5200v, Viprion 2200 and F5 APM.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools
• Experience with deployment of Palo Alto firewalls for different NAT, video conferencing traffic
• Automated network implementations and tasks and designed monitoring tools using python scripting
• Experience with upgrading SUP1 to SUP2 on cisco Nexus 7000 Series Experience working with Nexus 7010, 5020, 2148, 2248 devices
• Experience with configuring Virtual Server and Configuring Load balancing methods in F5 LTM
• Responsible for Cisco ASA firewall administration across our global networks
• Experience configuring Virtual Device Context in Nexus 7010
• Configuring IPSEC VPN on SRX series firewalls
• Experience with Firewall Administration, Rule Analysis, Rule Modification
• Experience writing Linux shell scripts
• Managing cabled LAN and wireless access, with switching technologies and wireless technologies
• Troubleshooting and monitored routing protocols such RIP, OSPF, EIGRP & BGP.
• Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers
• Implementing Routing and Switching using the following protocols; OSPF, BGP on Juniper M series routers.
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy It also includes the configuration of port channel between core switches and server distribution switches
• Experience with moving data center from one location to another location, from 6500 based data center to Nexus based data center
• Experience with convert PIX rules over to the Cisco ASA solution.
• Experience with communicating with different with different customers, IT teams in gathering the details for the project
• Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments in data center.
• Experience working with ARISTA switches like 7100, 7500 for cloud computing, datacenter and low latency networks
• Working knowledge of security products such as Cisco ISE
• Certifying products, Substantial lab testing & validation prior to implementation of Nexus 7K, 5K & 2K connecting to blade servers Rules definition, problem solving, design advice, troubleshooting, updating, maintenance.
• Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
• Design OSPF Areas for reliable Access Distribution and for Core IP Routing.
• Configuration and Troubleshooting of Outlook Express and MS Outlook.
• Responsible for Configuring SITE TO SITE VPN on Cisco ASA 5500 series firewall between Head office and Branch office
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus series to provide a Flexible Access Solution for a datacenter access architecture
• Deployed a large-scale HSRP solution to improve the uptime of collocation customers, in the event a core router became unreachable.
• Designed, validated and implemented LAN, WLAN & WAN solution to suite client’s needs.
• Provided technical support to cloud computing customers.
• Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers.
• Implemented TCP/IP and related services like DHCP/DNS/WINS.
• Load balanced the HTTP traffic by installing the Cisco CSS 11000
• Configured and troubleshooting of HSRP on Cisco routers.
• Installation and configuration of Active Directory in Windows server2003/2008
• Active Directory user’s management and planning for Authoritative and non-authoritative restore.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Implemented SNMP on Cisco routes to allow for network management.

Confidential, CA

Sr. Network Engineer

Responsibilities:

• Hands on experience installing, configuring & administering VMware platforms.
• Experience developing and maintaining comprehensive system test plans
• Experience in network performance testing
• Write test cases from a variety of documentation types; business requirements, system requirements & design documentation.
• Experience working with Nexus 7010, 5020, 2148, 2248 devices
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000
• Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco ASA Firewalls, NAT and Juniper SRX firewall
• Converting PIX rules over to the Cisco ASA solution.
• Perform network engineering, design, planning (WAN & LAN), & implementation.
• Managing Access list for PIX and Routers (Priority based, time based)
• Worked on F5 load Balancer, configured Virtual servers, pool, pool members, worked on load balancing methods for LTM.
• Configured virtual servers, nodes and load balancing pools on the F5 LTM 6400, 6800 devices for various medical/biomed applications and their availability
• Configured firewall filters, routing instances, policy options, on Juniper m320 an d T640
• Installed & configured OSPF on Frame-Relay with multi-area design in core routers (7200, 7204, and 7206).
• Design OSPF Areas for reliable Access Distribution and for Core IP Routing.
• Design and deployment of Enterprise Wireless services in facilities using Cisco product line.
• Identifying, troubleshooting and resolving incidents related to Wireless connectivity, as well as conducting wireless site-surveys and deploying Lightweight APs
• Configuration and Troubleshooting of Outlook Express and MS Outlook.
• Study single point failures & design WAN structure in such a way that there are no failures in network in case of any device or link failure.
• To Configure and maintain the hosts in SAN environment.
• Work with application developers and systems engineer to migrate applications and systems to a new Border Gateway network.
• Network Migration from RIP to OSPF
• Work with developers to document data flows and troubleshoot connectivity issues.
• Add, delete, and modify rules on Checkpoint firewalls.
• Setting up VLANS and configuring ISL trunk on Fast-Ethernet channel between switches
• Implemented SNMP on Cisco routes to allow for network management
• Installed and configured Routers, Bridges, Terminal Servers and CSU/DSU’s to support WAN links
• Redistribution of routing protocols and Frame-Relay configurations
• Configured QoS on LAN/WAN. Strong knowledge of various routing protocols including RIPV2, EIGRP, OSPF and BGP4
• Designed Network redundancy by implementing HSRP (Hot Standby Routing Protocol) on Cisco routers.
• Deployed a large-scale HSRP solution to improve the uptime of collocation customers, in the event a core router became unreachable
• Documented all the work done by using MOPS, Visio, Excel and MS word.

Confidential

Network Engineer

Responsibilities:

• Involved in redesign of traffic anomaly system to increase the detection method and algorithm efficiency.
• Capturing data in the kernel stack and analyze the packets in various locations on the network stack
• Experienced in WAN environments, installing and troubleshooting data circuits (OC, T1, E1, T3, MUXES)
• Worked on ASA firewalls and F5 load balancers
• Understanding current vulnerabilities attacks and counter measures, assessing the impact of traffic on customer networks, conducting research on emerging security threats.
• Mentoring and training security analysts, creating and maintaining documentation for Traffic anomaly Sys.
• Experience testing of a prototype Traffic Anomaly system that monitors TCP/IP network traffic. Each network packet is characterized by the (source host, Source port, destination host, Destination port, Flag). The system monitors the network for the occurrence of mismatch, which represent unusual traffic patterns within the network.
• Assist internal project teams by determining rules that need to be added to the firewalls and identifying the proper routing and addressing for new devices in managed DMZ*s.
• Experience in troubleshooting of complex BGP and OSPF routing problems
• Experienced in SYSLOG analysis & Proxy servers

Confidential

JR Network Engineer

Responsibilities:

• Used TFTP server to backup Cisco configuration files.
• Provided technical support for expansion of the existing network architecture to in corporate new users.
• Network layer tasks included configuration of IP Addressing using FLSM, VLSM for all applications and servers throughout the company
• Configured VTP to manage VLAN database throughout the network for Inter-VLAN Routing.
• Worked in setting up inter-VLAN routing, redistribution, access-lists and dynamic routing.
• Implemented various Switch Port Security features as per the company’s policy
• Configured VLANS to isolate different departments
• Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers, related issues.
• Design, installation and troubleshooting networks with hand-on experience with OSPF, BGP, VPLS, Multicast, VPN, MPLS, & Traffic engineering.
• Maintenance and troubleshooting of network connectivity problems using PING, Trace Route.
• Performed replacements of failed hardware and upgraded software
• Performed scheduled Virus Checks & Updates on all Servers & Desktops.
• Involved in Local Area Network (LAN) implementation, troubleshooting, and maintenance as per company’s requ