SUMMARY:

• Experience in EIGRP, OSPF and BGP routing protocols
• Extensive hands of experience with complex routed LAN networks, Cisco Routers and Switches
• Experience in the setup of Access - lists, EIGRP and tunnel installations
• Proficient in configuring VLANs and VTP database on various CISCO catalyst and Nexus Switches
• Excellent soft skills such as Teamwork, Negotiation, Analysis and Effective Communication
• Cisco Certified Network Engineer with 8+ years of experience in the areas of Routing, Switching, Security and Load Balancing
• Hands on experience in designing the Network, Remote-site design etc.
• Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, BGP and ability to interpret and resolve complex route problems.
• Maintained/Created Information Security programs for monitoring and updating corporate-owned web domains and web servers
• Monitored internal control systems to ensure that appropriate access levels are maintained
• Recommended, implemented and monitored policies and procedures for appropriate network security Incident Response
• Implementation of traffic filters on Cisco routes using Standard and extended Access list
• Expert Level Knowledge about TCP/IP and OSI models
• In-depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts
• Configuration and troubleshoot HSRP, VRRP, GLBP, RSTP, MST. 10G related issues coming in network environment
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as MSTP, VLAN Trunks, HDLC, STP, and RSTP
• Experience in configuring HSRP and redistribution between routing protocols & troubleshoot them
• Hands on experience on Cisco Nexus 9k,7k, 5k and 2k switches
• Implementation of HSRP, VRRP and GLBP for Default Gateway Redundancy
• Hands on experience with F5 Load balancer and DNS
• Excellent communication skills to interact with team members and support personnel and also can act as a mentor to less experienced personnel
• Expertise in concepts of wireless standards
• Expertise in implementation of traffic filters using Standard and Extended access-lists, Distribute-Lists, Prefix-List and Route Maps
• Hands on experience on Network Monitoring tools Solar winds, Cisco Prime Infrastructure, CUCM.

TECHNICAL SKILLS:

Cisco Platforms: Nexus 9k, 7K,5K,2K & 1K,Cisco routers (9500,9200,7600,7200,3900,3600, 2800,2600,2500,1800 series & Cisco Catalyst switches (6500,4900,3750,3850, 3500, 4500,2900 series ) ASR1001,2900,3900,7200,7600 & ASR9000 series

Juniper Platforms: MX,EX series Routers and Switches

LAN Technologies: SMTP, VLAN, Inter-VLAN Routing, VTP, STP, RSTP, Light weight access point, WLC.

WAN Technologies: MPLS, VPLS, Frame Relay, PPP, HDLC, (E1/T1/E3T3), DS3, OC192

Network Security: Cisco ASA, Juniper SRX

OS products/Services: DNS, DHCP, Windows (2000/2003/2008 , XP), UNIX, LINUX

Routing: RIPv2, OSPF, EIGRP, IS-IS, BGP, PBR, Route Filtering, Redistribution, Summarization, and Static Routing, Policy-based Routing

Gateway Load Balancing: HSRP, VRRP, GLBP

Various Features / Services: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP.

Network Management Tools: Wireshark, Netflow Analyzer NetScout, SNMP, Cisco Prime Infrastructure, Ethereal, HP open view

Load Balancers: F5 Networks (Big-IP) LTM 6400, Citrix Load Balancer

Operating Systems: Windows (98, ME, 2000, XP, Server 2003/2008/2012 , Vista, 7, 10), Linux

Firewall & Security: Checkpoint ( NGX R65, R77-80), Cisco ASA’s, Palo Alto,Juniper Net Screen firewall

PROFESSIONAL EXPERIENCE:

Confidential, Milwaukee, Wisconsin

Sr. Network Engineer

Responsibilities:

• Migrated the Internet Edge Firewall Juniper SRX 240 to Cisco Firepower2130 in the Datacenter
• Installed, Configured Cisco Firepower boxes in HA mode. Also installed FMC, upgraded FMC and FTD2130 devices as well
• Expertise in Cisco Firepower FTD managing with FMC.
• Experience with security zones, security policies, NAT in Firepower and Juniper Firewalls.
• Created pre-filter rules, access-control polices, Intrusion policies, Malware polices on Firepower (IPS, IDS, Malware Detection)
• Built IP-Sec VPN tunnels from Cisco Firepower to SRX-220’s in remote sites using I KE pre-shared keys, AES-128, SHA and DH5.
• For ERP Project, Built IP-Sec VPN tunnel’s from FTD2130 to Cisco ASA5520 which is in other Enterprise using AES-256,SHA and DH5.
• Configured, Deployed ISR 1941 Router’s for a Specific project in the Network
• Built IP-Sec over GRE tunnel from ISR 1941 to Verizon Network Router.
• Configured, Maintained different IPS, IDS policies on FTD2130.
• Configured Remote Access VPN (Any Connect) on FTD2130. Also configured User based VPN, creating access-control policies directing from the AD server.
• Designed the Network for Segmentation project
• Handled Network -segmentation project which included delete vlans, rename, create vlan document, create IP document, im plemented Qos
• Hands on experience on Juniper SRX, Pulse secure VPN.
• Created Visio diagrams per site including data center, also different documents like vlan document, IP document, Cab document etc
• Hands on experience on various Network monitoring tools Nagios, Wire-Shark etc
• Hands on experience on various tickets involving Network issues
• Provided on call support during the Weekends
• Configured, Maintained, Upgraded Cisco Catalysts switches 2660X,3650X,3950 etc
• Hands on experience with Aero-Hive access points

Environment : Cisco Firepower2130, ISR1941, Cisco Catalyst 3650X, 2960X, 3950, Juniper SRX 240, Aero-hive access points, Nagios,Wire-shark, DHCP, DNS, Cisco Any Connect, Pulse Secure VPN, IPSEC VPN,GRE,Radius,SNMP,NTP

Confidential, Mount Laurel, NJ

Sr. Network Engineer

Responsibilities:

• Worked for a OK/SD Network Remediation Project
• Hands on experience in designing the Remote sites for Network Remediation Network.
• Configured Cisco2900, 3900, 4300 series routers upgraded IOS Images and installed respective licenses in all the routers.
• Configured Cisco Catalyst Switches 3560-CX, 2960-CX in LAN Campus.
• Configured Cisco Catalyst 4500-X for Core and Distribution purposes.
• Created and updated Visio diagrams for the same and stored in the Share file.
• Configured Cisco AP’s using WLAN controller.
• Hands on experience on configuring Cisco AiroNet 2700, 3700 series Access points in WLAN Controllers 5508, 8540.
• Hands on configuring Cisco ASA 5525 FW in the Network Remediation Project.
• Implemented QOS to conform the ACA standard.
• Strong hands on Network Circuit WAN upgrades, MPLS Circuit upgrades.
• Worked with ISP providers for Circuit upgrades for LAN Campuses.
• Hands on Cisco Cube Experience and VOIP Infrastructure.
• Configured, Managed Cisco Prime Infrastructure, Cisco ISE.
• Brought up sites replacing old routers, switches with new routers.
• Also replaced EOL and EOS routers and switches in the firm.
• Created and implemented DUO VPN for dual authentication for Cisco any connect. For the same created VPN tunnels.
• Hands on experience on various tickets involving Network issues.
• Strong hands Network Monitoring tool Solar winds to monitor control and mitigate the Network.
• Active On-call Resource Engineer for Network issues in the firm.
• Configure Monitor and Troubleshoot Cisco WAAS devices 0E294, OE594, OE694.
• Installed Security licenses for Cisco Firepower FP4110 NGFW appliances

Environment: Cisco ISR 4451, ISR4331, ISR 2951,Cisco Catalyst switches, Cisco AP’s 2700, 3700, WLAN Controller, ASA 5585, Solar winds, Cisco Prime Infrastructure, VPN, Confidential -Radius, Tacacs, ACS, SNMP, Infoblox, DNS, DHCP, OE294,OE594,OE694

Confidential, Rhode Island

Sr. Network Engineer

Responsibilities:

• Key contributions include troubleshoot of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP
• Hands on experience on architectural design of LAN/WAN infrastructure.
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking, deployed port security when possible for user ports
• Hands on experience on Network Access Control(NAC)
• Hands on experience on NAT (Network Address Translation )
• Hands on Experience testing iRules using Browser(IE), HTTP watch
• Convert Campus WAN links from point to point to MPLS and to convert encryption from IPsec /GRE to g et VPN
• Implemented and configured GLBP (on core switching and also for VPN redundancy), HSRP on different location of office on the switched network and managing the entire multilayer switched network
• Hands on experience configuring Fortinet NGFW 3000 series.
• Troubleshoot and installing of CRS, ISR, GSR, ASR9000
• Configured and implemented VDC and VPC on Nexus 9K,7K,5K switches in the Datacenter
• Created documents for various platforms including Nexus 9k, ASR1k enabling successful deployment of new devices on the network
• Experience with configuring Nexus 5548 with nexus 2248 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 7010.
• Perform ISSU upgrades on nexus devices with nexus OS 6.2 on nexus 7010 devices with SUP2E line card.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls
• Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls
• Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with PIX Firewalls
• Best practice implemented on Cisco & Juniper routers and switches.
• Implemented new devices Juniper MX-80 and MX-104 series as per policy reviewed by network architect.
• Worked on F5 LTM series like 7050, 5050, 2200 for several applications and their availability.
• Responsible for the configuration of Virtual Servers, Nodes, and load balancing Pools and configuring load balancing algorithms.
• Configured Session based persistence and I have leant configuring writing i-Rules for specific redirection purpose and i-rules for persistence
• Configuring various advanced features (Profiles, monitors, I Rules, Redundancy, SSL Termination,
• Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital
• Certificates executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Experience with leadership of staff within the Information Security Management function
• Configured IPSEC VPN tunnels between Checkpoint and other non-Checkpoint endpoint devices using IKE pre-shared keys, 3DES and MD5
• Handled RFC4510 is an Internet protocol for accessing distributed directory services that act in accordance with X.500 (LDAP) Lightweight Directory Access Protocol.
• Responsible for multivendor firewall administration across our corporate networks
• Hands-on familiarity with Microsoft Certificate Services and rela ted components
• Worked on Active Directory and its integration with Microsoft PKI
• Support development, maintenance, and management of PKI policies in accordance with the department Directives and local Instructions
• S pecifications, techniques, and standards such as but not limited to public key cryptographic key standards, certificate management protocols, and certificate validation
• Follow all Change Management Policies and Procedure Experience with certificate-enabled applications, such as SSL/TLS, S/MIME, authentication, EFS, 802.1X, Code Signing, etc.
• Large enterprise IT consulting, administration, or support experience
• Assist and troubleshoot Cisco Meraki solutions remotely including 802.11a/b/g/n/ac Wireless networks
• Involved in the redistribution into OSPF on the core ASA firewall
• Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
• Involved in the modification and removal of BGP from the MPLS routers
• Also prepared documentation for various Vlans and Voice sub-networks and worked on Visio for the same.
• Performed basic security audit of perimeter routers, identifying missing ACL’s, writing and applying ACL’s

Environment: Cisco Catalyst 7509, 6500, 4500, 4000, 3750, 3850, 3560, F5 BIGIP LTMs-6900,Cisco ASA 5525 firewalls, Power Connect Switch 5548,Infoblox,MPLS,Multicast,Nexus-7k, Palo Alto 5060,PCI,SOX,OTV,VPC,Nexus-FEX,IOS,IOS-XR,NX-OS,IPSEC, OSPF, EIGRP, BGP, IS-IS, ASR 1k,9k,cryptography,L2&L3 VPN, Metro Ethernet,802.1Q,Riverbed Steelhead, Prime Infrastructure, UCS, Multicasting.

Confidential, Detroit, MI

Network Engineer

Responsibilities:

• Hands on experience of working with OTV & FCoE on N exus between the datacenters and Nexus 9 000 series
• Negotiate VPN tunnels 10G using IPSec encryption standards and also configured, implemented site-to-site VPN, Remote VPN
• Proactively involved in upgrade, maintenance, monitoring and support for the PA500 Palo Alto devices.
• Configured IPSEC VPN on SRX series firewalls
• Configuration and troubleshoot on HSRP, VRRP, GLBP, RSTP, MST. 10G related issues coming in network environment
• Handled Various Cables and allotted networks(NAC)
• Configuration and extension of VLAN from one network segment to their segment between different vendor switches (Cisco, Juniper)
• Configured STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches
• Worked on Network design and support, implementation related internal projects for establishing connectivity between the various field offices and data centers.
• Designed and configured of OSPF, BGP on Juniper Routers and SRX Firewalls Juniper MX series Internet service providers
• Experience configuring Virtual Device Context in Nexus 9k, 7k,5k series switch
• Managed teams of front line security analysts, investigators, and change/incident engineers
• Developed a deep understanding of the prospective customer purchase process and assist with pre-sales activities
• Troubleshoot and installed CRS, ISR, GSR, ASR9000 and Nexus devices
• Ensure Network, system and data availability and integrity through preventive maintenance and upgrade
• Supported EIGRP and BGP based network by resolving level 2 &3 problems of internal teams & external customers of all locations
• Handled all the Firewall Migrations from Cisco ASA to Fortinet on a Global Scale.
• Worked on the migration to new Checkpoint R75 firewalls from Juniper firewalls
• Firewall Policy implementation on Checkpoint NGX R52 and R54.
• Provided daily network support for national wide area network consisting of MPLS, VPN and point-to point site
• Worked on different Cisco & Juniper devices of access, distribution and core
• Experienced with Juniper: EX-2200, EX-4300, EX-4500, MX-480 and SRX550 trouble shooting
• Having hands on experience with f 5 Local and Global Traffic Managers (LTM >M )
• Configured objects such as Load Balancer pools for local traffic management on F5 Load Balancers
• Worked on commissioning and decommissioning of the MPLS circuits for various field offices
• Worked on F5 BIG-IP LTM 6900, configured profiles, and provided and ensured high availability
• Completed service requests (i.e. - IP readdressing, bandwidth upgrades, IOS/platform upgrades, etc)
• Experience on modules like APM, ASM and AFM .
• Configuring HSRP between the 3845 router pairs for Gateway redundancy at various sites
• Configuration and extension of VLAN from one network segment to their segment between Different vendor switches (Cisco, Juniper)
• Ability to self-direct and work independently when necessary and clearly articulate technical concepts / issues to both technical and non-technical peers and management
• Contribute to overall process improvements and network documentation
• Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling
• Configure VRRP & GLBP and VLAN Trunking 802.1Q & ISL, STP, Port Security on Catalyst 6500 switches
• Updated the HP open view map to reflect and changes made to any existing node/object
• Handled SRST and implemented and configured the Gateways, Voice Gateways
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support
• Having Hands on experience with (LDAP) Lightweight Directory Access Protocol
• Designed and implemented Cisco VoIP infrastructure for a large enterprise and multi-unit office environment. Met aggressive schedule to ensure a Multi-office reconfiguration project which was successfully delivered
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security
• Experience with the quality department Cisco QOS and maintenance teams

Environment: Checkpoint-R65,R70,NGX,VPN,Solar Winds, IP, IPSEC, Confidential -Radius, Tac-acs, ACS, SNMP, Infoblox, DNS, DHCP, OSPF Troubleshooting, Bigip, F5-LTM-1600, 3600, GTM, Viprion, Active Directory, OSPF, EIGRP, Out-look servers,Nexus-9k,7k,5kCisco Routers-7600, 7200, 3800, Cisco Switches-2950, 3500, 5000, 6500,HSRP,GLBP,ACE-GSS-4400,VM-ware-ESXi-6,Vsphere,Vcenter,UCS

Confidential, Tampa, FL

Network Engineer

Responsibilities:

• Monitor the operability and reliability of the network
• Configured STP for loop prevention and VTP for Inter-VLAN Routing
• Configured and troubleshooting of EIGRP, OSPF, BGP, LACP
• Configuration of Standard and Extended ACLs for Security
• Technical assistance for LAN/WAN management and complex customer issues
• Troubleshoot the issues related to routing protocols
• Have hands on experience on Nexus 9k,7k,5k/ACI network in Datacenter
• Managing, troubleshooting and monitoring the network using Network Monitoring tool
• Network Security implementation with Cisco IOS Feature Set, NAT, and Simple Network Management Protocol
• Provided support for troubleshooting and resolving Customer reported issues
• Performed IOS upgrades on Catalyst 3550, 2950, 1900 switches, and 3600, 2600 and 2500 routers
• Provided support for global network including T1/T3, ATM connections using HDLC and Frame Relay on 2600, 4000 series Routers
• Installed wireless access points (WAP) at various locations in the company
• Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP and VRRP
• Implemented and configured routing protocols like EIGRP, OSPF and BGP
• Responsible for SNMP Monitoring and Performance Tuning software
• Designed WAN structure to prevent single point of failure in case of link failure
• Maintenance and Troubleshooting of connectivity problems using PING, trace route
• Planned and Implemented Subnetting, VLSM to conserve IP addresses
• Experience with the quality department Cisco Qos and maintenance teams

Environment: Cisco Catalyst 7509, 6500, 4500, 4000, 3750, 3850, 3560, F5 BIGIP LTMs-6900,Cisco ASA 5525 firewalls, Power Connect Switch 5548,Infoblox,MPLS,Multicast,Nexus-9k,7k,5k Palo Alto 5060,PCI,SOX,OTV,VPC,Nexus-FEX,IOS,IOS-XR,NX-OS,IPSEC,Frame Relay, OSPF, EIGRP, BGP, IS-IS, ASR 1k,9k,cryptography,L2&L3 VPN, Metro Ethernet,802.1Q.

Confidential

Jr. Network Engineer

Responsibilities:

• Provided estimated bandwidth requirements for data replication, to best determine adequate timing for Migration service levels
• Configured HSRP between VLANs, Configuring Ether-Channels, and Port Channel on 6500 catalyst
• Switches Replaced branch hardware with new 2851 routers and 2960 switches
• Implemented WLAN Aruba Wireless Access Points and its Controllers at various corporate sites fort
• 802.11n Infrastructure and its legacy technologies
• Experience in working with Cisco Nexus 5000 series switches for data center
• Configured OSPF on CISCO devices with multiple routing processes and redistributed them. Tested and hands on experience in multi area OSPF topologies
• Configured, managed and troubleshoot networks using routing protocols like RIP, EIGRP and OSPF (Single Area and Multi Area)
• Assisted with troubleshooting all network issues with routers and switches when necessary and consulted with on Call tech as needed for client
• Monitor, troubleshoot, test and resolve Frame Relay, ATM, MLPPP, PPP, and Dial-up
• Configured/Troubleshoot issues with the following types of routers Cisco (7200, 6500, 4500, 1700,
• 2600 and 3500 Series to include bridging, switching, routing, Ethernet, NAT, and DHCP
• Assisted with customer LAN MAN, router/firewalls
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating

Environment: Cabling, OSPF, ASA, IP, DNS, IP addressing DHCP, VLAN, VTP, CSS, HTTP, HTTPS, Access Control Lists, Standard and Exrended Access lists, Vmware