PROFESSIONAL SUMMARY:

• CISCO Certified Professional with 8 years of experience in network design, implementation, troubleshooting, engineering, managing & migration of large - scale enterprise networks.
• Experienced Cisco/Juniper Firewall, Security and Network Administrator as well as a Certified Network Professional in Routing and Switching.
• Comprehensive expertise in the implementation of optimization, analysis, troubleshooting and documentation of LAN/WAN networking systems.
• Expertise in Configuration of Virtual Local Area Networks (VLANS) using Nexus 7Ks, Cisco routers and multi-layer Switches and supporting STP, RSTP, PVST, RPVST Port Channels, VPC, VDC, Fabric path & port security along with trouble- shooting of inter-VLAN routing and VLAN trunking using 802.1Q.
• Excellent experience in working with Cisco 1800, 2500, 2600, 2620, 2800, 2900, 3600, 3800, 3900, 7200, 7600 and ASR 1000, 9000 series Cisco Routers.
• Experience with NX-OS on Nexus Switches.
• Experience working on Juniper series of devices like MX-960, MX-480, MX-104, SRX-550, SRX-240, SRX-210 and EX, QFX series of switches.
• Experienced in working with Cisco 2900, 3500, 3700, 4500, 6500 series Cisco Catalyst Switches and Nexus Switches 2200, 5500 and 7000.
• Adept Confidential configuring and troubleshooting of VPC on Nexus 7Ks, 5Ks and VDC on NX7Ks.
• Hardware knowledge of various line cards in Nexus 7Ks and 5Ks.
• Implemented redundancy with HSRP, VRRP, GLBP, and Ether channel technology (LACP, PAgP).
• Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, Route Maps and route manipulation using Offset-list
• Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 5000, 2000, Viprion for the corporate applications and their availabilities.
• Expertise in OSI layer model and TCP/IP model.
• Exposed to handling and troubleshooting issues on NAT.
• Working knowledge on configuring access lists. Troubleshooting DNS/DHCP issues within the LAN network.
• Expertise in IP subnetting and worked on various designing and allocating various classes of IP address to the domain.
• Involved in troubleshooting network traffic and its diagnosis using tools like ping, traceroute, Wireshark, TCPdump and Linux operating system servers.
• Sound knowledge of Routing and Switching concepts and MPLS design.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, BGP v4, MPLS.
• Hands on in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN.
• Managed inventory of all network hardware, Management and Monitoring by use of SSH, Syslog, SNMP, NTP.
• Worked extensively on Cisco ASA 5500(5510/5540) Series.
• Strong experience on Juniper SRX series Firewalls and Checkpoint R75, 76 Firewalls.
• Knowledge in planning, design, implementing and troubleshooting complex networks and advanced technologies.
• Advanced knowledge in Cisco ASA 5000 series and Juniper SRX installation, configuration and maintenance.
• Identify, design and implement flexible, responsive, and secure technology services.
• Experience with Firewall Administration, Rule Analysis and Rule Modification, project implementations.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Working knowledge of networking devices such as Routers, Switches, Firewalls, VoIP, WAN Optimizers and Wireless Devices (Controllers and Access Points).
• Deploying Intrusion Detection System (IDS), Intrusion Prevention System (IPS) devices in the network.
• Worked on Migration projects involving the refresh of devices from Cisco to Juniper in the network infrastructure.
• Worked on Migration projects involving the refresh of devices from Cisco Catalyst environment to Nexus environment.
• In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 Sonet POS OCX / GigE circuits, Firewalls.
• Configured and deployed QOS and defined class of service (COS) WRED and WFQ for bandwidth management.
• Primary responsibility is to design and deploy various network security & High Availability products like Cisco ASA other security products
• Router configuration for L2/L3 LAN and WAN networks and Intra company networks.
• Experience in Configuring Client-to-Site VPN using SSL Client on Cisco ASA 5520. Configured Security policies including NAT, PAT, VPN, Route-maps and Access Control Lists.
• Knowledge of Solar winds Orion, Net MRI, SNMP network monitoring tools.
• Experience with Aruba Wireless technologies including Aruba Airwave, Clear Pass with QoS.
• Experience with Cisco Meraki wireless managed network infrastructure.
• Experience with Cisco VoIP, CUCM call manager.
• Configured Routers and switches to interconnect Controllers and Access points.
• Maintaining and updating inventory of all network hardware, Management and Monitoring by use of Orion, SSH, Syslog, SNMP, MySQL, Splunk, QRadar, Connection Records database, InfoBlox, Asset management tools, AlgosecNTP.
• Experience in technical documentation of MOPS, Project handoff documents and Visio Drawings.
• Aware of procedures in change management and implementation of changes in accordance to the procedures.
• Hands on experience in using Network Monitoring and Packet Sniffing tools.
• Strong interpersonal, organizational communication, customer service & presentation skills.

TECHNICAL SKILLS:

Routers: Cisco 1800, 2500, 2600, 2900, 3200, 3600, 3700, 3800, 7200 and 7600 and ASR 1000. Juniper MX-960, MX-480

L2 & L3 Switches: Cisco Catalyst 2900, 3560, 3750, 3850, 4500, 4900, 6500 Nexus 2200,5500,7000. EX-4300, EX-4200, QFX-5100

LAN Technologies: Ethernet, Fast Ethernet, and Gigabit Ethernet, SMTP, VLAN, VXLAN Inter-VLAN Routing, VTP, STP, RSTP, Light weight access point, WLC, DOT1Q.

Network Security: Cisco ASA, ACL, IPSEC, NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration, Internet Content Filtering, Load Balancing,IDS/IPS, Dynamic, Reflexive ACL, and authentication AAA (TACACS+ & RADIUS)

OS products/Services: DNS, DHCP, Windows (XP, 7, 8), UNIX, LINUX, MS Excel, MS Visio, Linux Red hat

Routing Protocols: Routing Protocols (OSPF, EIGRP, BGP), QoS, VRRP & GLBP, HSRP, TCP/IP, UDP, ESP IPsec, MPLS, PPP, PPTP, IPSEC, IKE, SSL, SSH

Gateway Load Balancing: HSRP, VRRP, GLBP

Various Features / Services: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP.

Network Management Tools: Wireshark, Net flow Analyzer, Cisco Works, Ethereal, SNMP, Fluke, Cable Analyzers, Sniffer, Infoblox, NetMRI, Solar winds, Nagios, Net Scout, Kiwi-cat, What's-Up Gold, Ethereal, BERT

Security Server Protocols: TACACS+, RADIUS, Cisco ACS

Facilities: DS0, DS1, DS3, OCX, T1/T3

Load Balancers: F5 Networks (BIG-IP) LTM 8900, Cisco ACE 4710.

Operating Systems: Windows (98, ME, 2000, XP, Server 2003/2008, Vista, Windows 7/8/10), Linux, UNIX, WINTEL

Firewall & Security & Scripting: Checkpoint, Cisco ASA, Palo Alto, Juniper-SRX Python

PROFESSIONAL EXPERIENCE:

Confidential, Richardson, TX

Sr. Network Engineer

Responsibilities:

• Implemented the Core switch cut over project from Nexus7004 to Nexus 9516 devices.
• Configured VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 9516 device
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Established BGP peering between onsite datacenter in Oakridge and AWS cloud.
• Worked with Cisco advance services to implement data center Nexus environment for new upgraded datacenter for the NX-OS in 9516 in core layer, 5548 leaf switches and cisco 6800, 2960 in access layer.
• Providing Technical Support and solutions for Network Problems and resolve tickets across sites and corporate offices.
• Configuration and troubleshooting of Cisco ASR 9910, Juniper MX-960, MX-480, MX-104 routers in the data center and branch sites
• Involved in periodic IOS/NX-OS/JUNOS upgrades, troubleshooting network outages and high severity incidents.
• Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco ASA Firewalls, NAT and Juniper MX Routers / SRX firewall.
• Creating or Modifying Firewall rules on Cisco 5555, 5520, Juniper SRX 345 and Palo Alto VM-300 devices.
• Upgrading the IOS on Network Devices including Cisco 6800, 6500 and Palo Alto VM-300 devices
• Experience in working in panorama, Palo Alto user interface version 8.0.2 and VM-300 series firewalls.
• Creating templates in panorama to manage the individual devices from it.
• Configuring HA pair for two Palo VM-300 series AWS instance firewalls and testing the failover activity as well as ENI migration.
• Creating Network objects, dynamic address groups, FQDN and assigning it to rules based on the information in tickets
• Creating custom URL profile based on the expressions and assigning it to rule to perform URL filtering.
• Configuring network interfaces, static routes, NAT rules in panorama and thereafter pushing to individual Palo Alto devices.
• Performing the software upgrade from version 7 to 8.0.2 on panorama and VM-300 series Palo Alto firewalls.
• Configuration included VLANs & VTP, STP port features, Gateway redundancy using HSRP, enterprise security using Cisco Port Security and Dot1X framework.
• Configuration included deploying of new branch locations or new network devices in the existing infrastructure. Like, 4500-X in VSS mode and 3850 switches for distribution and POE-user switches
• Troubleshooting the Network failure issues and thereby making the changes to Network Infrastructure.
• Worked on maintenance and upgraded Cisco wireless WLC, LWAPs.
• Troubleshoot issues with Wireless Access points (Cisco 3502) and configure SSID’s on 8540 Wireless LAN Controllers.
• Cisco Meraki Appliance MX (400, 80, 60) and Meraki wireless Access points (MR66, MR18).
• Installed and configured Meraki (MX80, MX60) Appliance via Meraki MX400 Cloud.
• Troubleshoot issues with Wireless Access points (Cisco 3502) and configure SSID’s on 8540 Wireless LAN Controllers.
• Configuring Node, pool, VIP, SSL client, server profile in F5 LTM 4000 series BIG-IP and thereby adding firewall rule to bring the end servers live
• Troubleshooting when the servers are down, checking logs the identify the error and thereby taking necessary steps.
• Participate in all technical aspects of LAN, WAN, VPN and security Internet Service projects including, short and long-term planning, implementation, project management and operations support as required.

Confidential, Charlotte, NC

Sr. Network Engineer

Responsibilities:

• Involved in the migration of datacenter setup from 6500 based data centers to Nexus based data center.
• Experience working with Cisco NX-OS 7010, 5020, 2148, 2248 devices.
• Involved in configuring VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 7010/7018 devices.
• Involved in the Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and ether channel across the distribution/access layer switches.
• Configured SRX-240 devices as an HA pair for redundancy and Performed JUNOS code upgrades across multiple different branch firewalls.
• Experience with setting up IPSEC VPN on Juniper SRX 3600 Firewalls towards the multiple Customer sites as backup path to the datacenter.
• Involved in the configuration of MX-80 and MX-104 routers with OSPF and peer with BGP to service providers for redundancy.
• Experience in Overlay Transport Virtualization (OTV) and FC Networks.
• Design and implement OSPF Areas for reliable Access Distribution and for Core IP Routing.
• Responsible for new site setup, migration of existing point to point circuits to an MPLS based solution.
• Involved in configuring Juniper and Cisco ASA firewalls and applying rules to pass servers and switches through firewall.
• Involved in setting up and Migrating DMZ from existing setup to an integrated new setup in the environment.
• Configuring various advanced features (Profiles, monitors, I Rules, Redundancy, SSL Termination, Persistence, SNATs, HA) on F5 BIG-IP appliances SSL termination and initiation, Persistence, Digital Certificates, executed various migration/upgrade projects across F5 and hands on with F5 BIG-IP LTMs/EM.
• Worked on F5 LTM series like 7050, 5050, 2200 for several applications and their availability.
• Responsible for the configuration of Virtual Servers, Nodes, and load balancing Pools and configuring load balancing algorithms.
• Configured Session based persistence and I have learnt writing i-Rules for specific redirection purpose and also i-rules for persistence.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a datacenter access architecture.
• Experience with migrating from IOS to IOS-XR on ASR 9k.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Implement and configured GLBP (on core switching and also for VPN redundancy), VRRP on MX 480 devices in a different location of office on the switched network and managing the entire multilayer switched network.
• Work on multiple Port open requests for multiple business units in the organization on ASA and SRX firewalls
• Experience with Firewall Administration, Rule Analysis, Rule Modification
• Configuring Vlan’s, VTP’s, enabling trunks between switches.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Involved in the Support of network security and network devices such as routers, switches and wireless access points.
• Installed and configured Cisco Meraki (MR66,MR18) wireless Access points in the warehouses.
• Troubleshooting Cisco APs and Meraki appliances.
• Hands on experience on software Upgradation of Cisco IOS, NX-OS and Wireless (WLC’S and LWAPP) of different Cisco devices & modules.
• Deployed the Cisco 3500 Access Points using Cisco Wireless controllers 5508, 4408 and 2504. WCS System and Network access enforcement for multivendor Wi-Fi, wired and VPN networks and advance policy management using.
• Configured WLC-5505 and IOS XE, Cisco IOS Platforms in 3502 wireless access points across branches.
• Ensure problems are satisfactorily resolved in a timely manner with focus on providing a high level of support for all customers.
• Responsible for Coordinating with service providers for WAN link outages.
• Experience in Configuring, upgrading and verifying the NX-OS operation system.
• Responsibilities also include technical documentation of all implementations including Visio drawings. Attending meetings and technical discussions related to current project.
• Task with being the local Tools administration of Network Monitoring tools such as: Net Scout HPNA, Opsware and CA Concord eHealth and working through the integration with Spectrum for reporting the alarms from eHealth.
• Experience using Solar winds Orion for monitoring/backing up device configurations and monitoring bandwidth.

Confidential, Memphis, TN

Network Engineer

Responsibilities:

• Implemented MX 960 router and configured virtual chassis in the core to enable interchassis redundancy.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems during the conversion of existing point-to-point circuits to MPLS.
• Implemented Dual homed connections between multiple sites to connect to primary and redundant datacenters
• Dealt with implementation of deployment related to Cisco ASA 5585 devices, Juniper SRX 550 devices to apply security policies on it.
• Troubleshoot issues related to VLAN, VLAN Trunking, VRRP failovers, related issues.
• Involved in Planning for upgrade of IOS/JUNOS on devices and performing the upgrade to the TAC recommended code.
• Assisted in the architecture, evaluation and recommendations related to purchasing and installing hardware, software related to IPV4 and IPV6 Networking.
• Add Trunks, Spanning Tree protocol, Port-Security, VLAN-MAPs and DOT1X for Switches and Wireless.
• Troubleshoot issues with Wireless Access points (Cisco 3502) and configure SSID’s on 5520 Wireless LAN Controllers.
• Responsible for Juniper SRX firewall management and operations across our corporate networks.
• Responsible for Working with JTAC/CISCO TAC for resolving escalated issues and bug fixes.
• Worked on a project to migrate vendor DMZ's from a disaggregated cisco environment to a unified SRX 550 firewall cluster leveraging services.
• Monitored network traffic and developed capacity-planning initiatives, making necessary recommendations, additional resources or hardware.
• Provide Load Balancer expertise on F5 BIG-IP LTM and GTM devices like 7050 and 2200 and Troubleshoot application slowness.
• Responsible for writing and executing Test Plan, Desk level procedures and Test Case for smooth network operations.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for datacenter access architecture.
• Experience in configuring Virtual Device Context in Nexus 7010.
• Configured Juniper MX 80’s, EX 4300’s, and SRX 240’s to implement as a part of the branch office.
• Managing enterprise BGP setup by configuring and troubleshooting BGP related issues.
• Responsible to add new BGP peers for remote branch offices and business partners.
• Experienced with Juniper: EX-2200, EX-4300, EX-4500, MX-480 and, SRX-210 and SRX-240 troubleshooting.
• Configured VPN tunnels to multiple vendors with end devices terminating Confidential vendor end being a Cisco/Juniper firewall.
• Configure, Maintain and Troubleshoot for CISCO Wireless LAN controllers (5508,4408) and on WCS (wireless control system)
• Aruba Clearpass,Configure, Maintain, Update and Troubleshoot for CISCO Wireless LAN controllers (5508,4408) and on WCS (wireless control system)
• Wireless network including vendor selection (Aruba, Cisco and Ubiquti Networks), site survey, and deployment of back-end services for secure 802.1x authentication.
• Perform Configuration changes on BIG IP (F5) Load balancers and monitored the Packet Flow in the load balancers.
• Involved in Configuring and implementing of Composite Network models consists of Cisco 7600, 7200, 3800 series and ASR 9k and Cisco 2950, 3500, 5000, 6500 Series switches.
• Configured networks using routing protocols such as OSPF, BGP and manipulated routing updates using route map, distribute list and administrative distance for on-demand Infrastructure.
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (Dot1q and ISL) and Ether channel.
• Administration of ASA and Juniper SRX firewalls in the DMZ and FWSM in the Server Farm to provide security and controlled/restricted access.
• Responsible for monitoring alerts through tools like Solar winds Orion, Opsview in the Production environment as a part of first response for the service desk.
• Implemented changes in projects in accordance with the change management process and responsible for MOPS, Post-Implementation handoff documents and Visio drawings.

Confidential

Junior Network Engineer

Responsibilities:

• Implemented support and administration of Cisco routers (3640, 3650, 3550, 2960, 2950, 7200, 2811), Cisco switches (2950, 3725, 3550, 3524, 3600 6500), Cisco Access Servers (2016, 2024)
• Migrated, troubleshoot, and deployed various current and legacy networking devices into the production environment including core and peripheral devices in a Linux based environment
• Evaluated, and made subsequent recommendations to identify root cause and/or work-around to meet the required deadlines set by the client.
• Analyzed, tested, and troubleshot the local and wide-area network utilizing root cause analysis techniques and resolved Layer 1, 2, or 3 related issues.
• Utilized various Cisco enterprise applications; Cisco Call Manager, Cisco Unity, and Cisco Works to manage, monitor, and configure devices.
• Experience with Cisco CUCM & CUC Infrastructure, troubleshooting with Cisco TAC.
• Telecommunications circuits for both WAN and PSTN/Dial-Tone (PRI, SIP)
• Assessed, evaluated, and identified customer needs and requirements of various hardware and software technologies within a desktop and local area network (LAN) environments.
• Maintained, updated, and administrated all documentation accurately and effectively within the company database.
• Sustained various hardware, software, and logical technologies used included but are not limited to OSPF, EIGRP, BGP, MPLS, VPN, Layer-2/3 hardware, firewalls, routers, switches, and access servers.