TECHNICAL SUMMARY:

• Cisco certified Network Engineer with 8+ years of experience in IP network design, Network integration, Routing, Switching, Data center, Firewall technologies, Deployment and troubleshooting of complex network systems
• Experience in Configuring and maintain security policies on multi - vendor firewalls and manage through Algosec fire emblem flow
• Configured ACLs on multi-vendor firewalls for Internet Access requests for servers, Protocol Handling, Object Grouping and NAT Control using Object NAT
• Strong in SD-WAN and DMVPN experience
• Have worked on ASR 1002 series Routers, Cisco Catalyst series 6500, 4500, 3750, 2950 and 3500 switches
• Experience in configuring all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments
• Good Understanding of Multiple Contexts in ASA firewalls and implemented different failover mechanisms among ASA firewalls
• Experienced on working with cisco switches 3850, CISCO 6880, Nexus 9k, 4500 access switches for deploying as well as configuring it, and installation of malware detection FireEye
• Worked with multiple models of cisco ASA including 5520, 5515-X, 5580 in single context and multiple context mode and configured them in Routed and Transparent mode
• Worked on Cisco 7200, 3800, 3600, 2900, 2800, 2600, 1800 series Router and Cisco 2900, 3500, 4500, 5500, 6500 series switches
• Worked with Juniper high performance edge Routers M320, T640, MX960 and Switches EX2200 and EX4300
• Extensive hands-on experience with complex routed LAN and WAN networks, routers and switches
• Worked on multi-vendor load balancers including F5 Big IP LTM, Cisco ACE and VMware NSX between multiple centers
• Troubleshoot and Worked with Security issues related to Cisco ASR 9K, Checkpoint, IDS/IPS and Juniper ASA firewalls
• Worked extensively on Cisco Firewalls, Cisco PIX & ASA 25/5585), Palo Alto 200 Series
• Worked on Checkpoint Firewalls, create the policies and push the policies on checkpoint and as well as other firewalls like Cisco ASA and Fortinet firewalls
• Configuring ACL on ISE for making policies
• Monitor the network traffic through Orion Solar Winds and Spectrum syslog server
• Implemented multiple VDC's and VPC's along the 9k, 7K and 5K, utilizing VRF's to segregate routing and configuring the FEX modules with the parent switch
• Enhanced level of experience with OSPF, BGP, and TCP/IP
• Configuring and implementing Remote Access VPN Solution: IPsec VPN, any connect VPN, SSL VPN
• Experience with the implementation of multicast/MPLS/l2vpn
• Experience in Network Management Tools and sniffers like SNMP, HP-Open view, Wireshark and Cisco works to support 24 x 7 Network Operation Center
• Experience in physical cabling, IP addressing and Sub-netting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies
• Currently working on migration to Cisco ACI and Nexus 9K, 7K, 6K, 5K switching in a fully fault-tolerant design model
• Support third party technologies within the ACI ecosystem such as VMware ESX, Open Stack.
• Create and deliver ACI training to HTTPS engineers globally
• Experience with CISCO ACE Load Balancer and CISCO ACE to F5 LTM migration
• Expertise with 802.11x wireless technology
• IP addressing and IP address scalability by configuring NAT/PAT
• Ability to Install, Manage & Troubleshoot Large Networks & Systems Administration on Windows & Linux platforms in Development, Lab & Production Environments
• Good knowledge of CISCO NEXUS data center infrastructure with 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (2232, 2248)
• Sound knowledge of virtual firewalls like checkpoint VSX, IDS, IPS as well as encryption techniques.
• Worked on webserver in DMZ network configuring the firewalls units, added virtual IPs, creating security policy
• Advanced knowledge, design, installation, configuration, maintenance, migration and administration of Checkpoint Firewall R55 up to R77, all ASA models and Palo-alto firewalls including PA-5060 and PA-5050
• Experience with Blue Coat URL filtering with whitelisting and blacklisting URL, creating rules for content filtering.
• Deployed virtualized Network Router functionality using Cisco CSR1000v, Brocade Vyatta 5600 vRouter and Vmware NSX.
• Expertise on cisco IOS, Cisco IOS-XR, Cisco Cartos, Cisco NX-OS, JUNOS.
• Finely tuned analytical/critical thinking and debugging skills with excellent verbal and written communication skills
• Highly enthusiastic, creative team player, project implementation, analytical, interpersonal and communication skills

TECHNICAL SKILLS:

Cisco Routers: Cisco ASR9k, GSR 12000, 7600, 7500, 7200 VXR, 3800, 3700, 2800, 2600

Cisco Catalyst Switches: Catalyst 6500, 4000, 3550, 2900

Nexus Switches: Nexus5548, 5596, 6000, 7009, 7018; Cisco Catalyst: 6506, 6509, 4928, 4948, 4507,4510, 3750,3560, and 2960

Juniper MX40, MX10, PTX: 3000

Juniper EX4300, EX2200, EX: 3400

IP Routing Protocols: BGP, OSPF, EIGRP, IGRP, RIP v1 & v2, IS-IS

MPLS: LDP, MPLS L3 and L2 VPN

Load Balancing: Cisco ACE 4700 series, F5 LTM, F5 GTM

Palo: Alto, Cisco ASA 5500, Cisco PIX 500, CheckPoint r60, Checkpoint r77, Bluecoat, Juniper SRX

LAN technology: Ethernet, Fast Ethernet, Gigabit Ethernet, 10Gigabit, Ethernet, Port Channel, VLANS, VTP, STP, RSTP, 802.1.Q

ATM, Frame: Relay, ISDN, PPP, HDLC, Channelized links T1/T3

VoIP Devices: Cisco IP phones, Cisco 5500, 6500 series controller, Avaya 3000, 6000, 7200 series Controllers

Wireless Technology: Cisco AP, LWAP, Access Points, WLC

Connect Wise, Remedy system, Service: Now

Networking Monitoring Tools: Solarwinds, SNMP, Wireshark

IPSEC/VPN Configuration: PIX to Router, Router to Router, PIX to VPN wildcard client, Router to VPN wildcard client, PIX to PIX, fully meshed configurations

Operating Systems: Windows Server/8/7/Vista/XP, Nexus OS, Cisco IOS-XR, Linux, Unix (Mac OS)

Microsoft Office: Visio, Excel, PowerPoint, Word

Languages: Unix, Python, Basic in Perl and shell scripting

PROFESSIONAL EXPERIENCE:

Confidential, Atlanta, GA

Network Security Engineer

Responsibilities:

• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs
• Configuration 7609, 7606 with OSPF and Catalyst 6500, 4500, 3550 switches with various VLAN
• Worked on Cisco Switches (6509, 6513, and 4510) for LAN requirements that include managing VLANs, Port Security and troubleshooting LAN issues
• Worked on Cisco Firewall ASA 5500(5510/5540) Series. Performed Security operations in terms of pushing new policies and deploying new rules
• Handling the Configuration and troubleshooting nexus different series switches
• Performing security troubleshooting in terms of checking ACLs and ACEs and traffic flow analysis using packet capture features
• Adding and removing checkpoint firewall policies based on the requirements of various project requirements
• Implemented site to site VPN in Juniper SRX as per customer and various EX, SRX & J series Juniper devices
• Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1
• Migrated previous corporate Checkpoint 4.0 Firewall-1/VPN-1 on Windows NT
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA 5500 Firewalls
• Configured Cisco IOS Feature Set, NAT and Simple Network Management Protocol (SNMP) for Network Security implementation
• Monitored WildFire, Threat Protection, PAN-DB, and Global Protect
• Negotiate VPN tunnels using IPsec encryption standards and also configured and implemented site-to-site VPN, Remote VPN
• Advanced knowledge in Design, Installation & configuration of Palo Alto & Checkpoint Provider Environment
• Monitoring and capturing the traffic using network management tools like solar winds and InfoBlox
• Team member of Configuration of Cisco 7206 router with VPN and Configuration of Catalyst switches
• Designing and implementing wireless architectures (Cisco Aironet APs and Cisco 5500 series controllers)
• Configuring secured connection between routers using GRE tunneling to achieve IPsec
• Experience in Implementation and configuration of F5 Big-IP LTM-6400 load balancers
• Experience in Handling F5 LTM, GTM series like 6400, 6800, 8800,8950 for the corporate applications and their availability
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture
• Advanced knowledge in Design, Installation & configuration of Palo Alto & Checkpoint Provider Environment
• Performed on Palo Alto Firewall on network security software and hardware, security monitoring systems, encryption software, threat and vulnerability management services and software, identity management solutions and network objects on global group, clean up unused rules, decommission etc.
• Experience in configuring troubleshooting and implementation of A10 networks
• Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers
• Providing Technical Support and solutions for Network Problems
• Upgrading IOS, troubleshooting network outages
• Participate in all technical aspects of LAN, WAN, VPN and security Internet Service projects including, short and long term planning, implementation, project management and operations support as required
• Configured and troubleshoot Cisco WAP, and Cisco Prime
• Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center including patching the cables in the Patch Panel. Design and implemented network infrastructure and configured the entire network Infrastructure devices including Network Printers and Register
• Plan and implement complex network changes as per ITIL specifications
• Hands-on experience in the network management of circuits using TDM and Frame Relay network, performing configuration and provisioning management, fault management and performance monitoring
• Deliver IT Services Management (ITSM) solutions based on ITIL best practices that focused on the people, process, and technology, and information perspectives of providing business solutions within the IT infrastructure
• Other responsibilities include documentation and updating changes made in networking devices

Environment: Cisco 3560/2950/2924/6509/6513/5500 switches,Cisco 1800/2800/2500/2600/2800/1600/3800/3900/7204/7606 routers, Palo Alto, BMC Remedy, Cisco ASA 5540, BIG-IP LTM 8900, QOS, Policy-maps, Class-maps, Vlans, STP, RSTP, PVSTP, VTP, HSRP, Ether Channel, BGP, OSPF, EIGRP, MPLS, ATM, PPP, HDLC. SNMP, TACACS+, DNS, DHCP, InfoBlox, SolarWinds, Checkpoint, F5 Load balancer, Nexus 7K,5K,2K, Juniper 3600, 5600, Cisco AP’s

Confidential, Charlotte, NC

Network Security Engineer

Responsibilities:

• Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security Settings of the networking devices (Cisco Router, switches) co-coordinating with the system/Network administrator during any major changes and implementation
• Worked with Complex Routed IP networks, routers, layer 2/3 switches, firewalls, LAN/WAN networking hardware and protocols
• Comprehensive elementary configurations on the F5 Big-IP LTMs load balancer on prevailing network to divide traffic on web-servers
• Worked on Cisco 2950,2960, 4507, 6509 series switch for LAN requirements, that includes managing VLANs, Inter-VLAN Routing, VTP, STP, RSTP, PVST+, Port-Securities and troubleshooting LAN issues
• Responsible for Level 3 support Firewall Engineer (Cisco ASA)
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed
• Troubleshoot TCP/IP, and troubleshoot connectivity issues in multi-protocol Ethernet
• Troubleshooting the issues and outages on Trunks and Router interfaces comprehensively
• Provided technical assistance for LAN/WAN management & troubleshooting
• Developed deployment solutions for network technologies, including Optical, VoIP, VPN, switching and routing
• Experience configuring VPC, Virtual Device Context in Nexus 7010
• Configuring STP for loop deterrence and VTP for Inter-VLAN Routing
• Installing and configuring Routers, Switches and CSU/DSU's to support WAN links
• Product analysis and support for Access-layer switches such as Cisco 4510, 4948, 4507, distribution layer switches such as 6513, 6509, 6504 and a routed core
• Setting VLANS and configuring trunk on Fast-Ethernet channel between switches
• Installed and maintained CISCO 3600, 2600, 2900 and provided Gateway Redundancy by HSRP, VRRP
• Expanding the network and providing proper routing such as OSPF, EIGRP, static route and default route
• Used Network Troubleshooting Tools such as Ping, Telnet and Trace route to verify network diagrams proposed network changes and IP services
• Troubleshooting issues and outages on Trunks and Router interfaces extensively

Environment: Cisco Routers 7600, 7200, 3800, 3700, 2800, 2500; Cisco Catalyst switches: 6500, 4500, 3500, 3750, 3850, 2900; Cisco ASA 5550, 5520; VTP, VLAN and 802.1Q trunking; Routing Protocols OSPF, EIGRP, Static Route; Sniffer tools: Wire shark, MS Visio

Confidential, ST. Louis, MO

Network Engineer

Responsibilities:

• Involved in the Configuration & Troubleshooting of Routing Protocols MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access Filter policies
• F5 Big-IP load balancer Configuration, layer 7 load balancing using I-Rules (TCL)
• Windows Server Administration (Windows 2000, 2003 & 2008)
• Identify, Design and Implement Flexible, Responsive, and Secure Technology services
• Experience with Firewall Administration, Rule Analysis, Rule Modification
• Implemented Positive Enforcement Model with the help of Palo Alto Networks
• Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing
• Creating and provisioning Juniper SRX firewall policies
• Created standard access lists to allow SNMP, NTP and logging servers
• Documented new VPN enrollments in a database and create standard procedures for further improvement
• Experience with proxy automatic configuration (pac) and SMTP protocol
• Troubleshoot traffic passing managed firewalls via logs and packet captures
• Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team. The LAN consisted of Cisco campus model of Cisco 3550 at access layer, Cisco 6513 at distribution/core layer
• Analyzed and tested network protocols ( Ethernet, TCP/IP ) using Wireshark tool.
• Configure VRRP & GLBP and VLAN Trucking 802.1Q & ISL, STP, Port Security on Catalyst 6500 switches
• Negotiate VPN tunnels using IPSec encryption standards and also configured and implemented site-to-site VPN, Remote VPN
• Provided proactive threat defense with ASA that stops attacks before they spread through the network
• Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms
• Responsible for Checkpoint and Cisco ASA firewall administration across global networks
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems
• Co-ordinated with the Data Network and Security team and came up with possible solutions
• Work on Physical Site Inventory verification, gather information of various Cisco Network devices and Security Devices to develop Run book and Spec Book
• Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network
• Dealt with monitoring tools like Xymon, Cacti and Solar Winds
• Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards
• Experience with implementing and maintaining network monitoring systems (Cisco works and HP Open view) and experience with developing complex network design documentation and presentations using VISIO
• Estimated Project costs and created documentation for project funding approvals
• Monitoring and troubleshooting network issues between client site and 85 remote sites with legacy switches and routers
• Performed and presented network analysis as a part of network migration. Involved in knowledge transfer to vendors and provided them network support as required
• Good Experience on ITIL framework
• Worked as a single point of contact for the whole migration
• Worked on Snort and Suricata detection systems, security devices
• Configuration and maintenance of EIGRP and BGP network on router 7200 and 6500 MLS.
• Configuration and maintenance of 3750 stack and 6500 VSS for improved efficiency of the data plane
• Configuration and management of NEXUS network in the existing network infrastructure
• Created LAB Setup with 7k and 5K NEXUS switches for application testing
• Experience on Bluecoat proxy server
• Dynamic IP Routing protocols (OSPF, EIGRP, BGP, Multicast)
• Lead Engineer for Network refresh project for Multinational insurance company. Providing remote assistance for replacing exiting switches with new Cisco switches
• Configuring routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGPV4

Environment: Cisco 3750/3550/3500/2960 switches and Cisco 3640/ 0/3845/3600/2800 routers, Cisco ASA5510, Checkpoint, Palo Alto, Cisco Nexus7K/5K, 2248/3560/5020/6509 , ASA, Checkpoint, LAN, OSPF, BGP, RIP, EIGRP

Confidential

Network Engineer

Responsibilities:

• Involved in the redistribution into OSPF on the core ASA firewall
• Also prepared documentation for various VLANs and Voice sub networks and worked on Visio for the same
• Installed and configured DNS and DHCP server
• Involved in troubleshooting of DHCP and other IP conflict problems
• Performed switching technology administration including VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation
• Configuration of Access List ACL (STD, Ext, Named) to allow users all over the company to access different applications and blocking others
• Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security
• Working on Cisco 6509 and 4507 series switches for LAN requirements that include managing VLANs, Port Security and troubleshooting LAN issues
• Configured and installed Cisco 2500, 3640, 7200, and 7940 Routers
• Troubleshot network bandwidth performance, mismatched framing and line coding
• Coordinated with LAN/WAN engineers the development and implements security policy
• Monitored usage of network resources with Cisco works, and using sidewinder in PIX Firewall
• Defined policies, NAT and anti-spoofing for internal, external networks as well as Internet gateways
• Responsible for Checkpoint and Cisco ASA firewall administration across global networks
• Configured remote users to access corporate LAN with VPN connectivity
• Configured and installed new IP addresses for new users by using IP Addressing and Subnetting Scheme
• Configured Frame-Relay, ISDN, ATM, Protocols, & load balancing switches.
• Configured IPX/SPX, HDLC, PPP, TCP/IP, BGP, EIGRP, RIP, & HSRP
• Configured TCP/IP addressing scheme to assigned IP blocks
• Designed network architectures and implementation of network Switches
• Worked on a migration project which involved the removal of all static routes from core devices
• Worked on the redistribution of connected routes on all OSPF devices so that all connected subnets are advertised via OSPF
• Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
• Working on Network design and support, implementation related internal projects for establishing connectivity between the various field offices and data centers
• Ensure Network, system and data availability and integrity through preventive maintenance and upgrade
• Supporting EIGRP and BGP based PwC network by resolving level 2 &3 problems of internal teams & external customers of all locations

Environment: Cisco routers (7900, 3600, 2500), Cisco switches (4500, 6500), Cisco ASA Firewall (5510), Routing Protocols (EIGRP, RIP, BGP), Switching protocols (VTP, STP)

Network Engineer

Confidential

Responsibilities:

• Configured Routing protocols such as RIP, OSPF, EIGRP, Static Routing and policy based Routing, infrastructure and configured the entire network Infrastructure devices including network printers
• Managed 5000 user accounts and group policies for users belonging to various accounts such as Citibank using Active Directory server, and Internet Information Services (IIS), Mail and File servers, DNS and DHCP servers
• Troubleshot Lotus Notes and Exchange mailbox issues, software issues and network connectivity issues
• Participated in design and implementation IPv4 Subnetting in the company network
• Worked with Network Operations Center (NOC) by managing and monitoring LAN/WAN network services
• Scheduled maintenance for routers/servers by running maintenance commands through SSH connections
• Performed Windows Server 2003 and 2008 administration, desktop support and network maintenance
• Created Virtual Machine templates for Windows server 2003/2008 using VMware vSphere and cloned them
• Performed switching tasks and implemented VLANS, VTP, RSTP and Port security
• Provided 24/7 rotational on call supports for branch offices
• Implemented security measures using ACL and configured NAT according to the connectivity requirement

Environment: Cisco Routers, Cisco Switches, Routing protocols (RIP, OSPF, EIGRP), VLAN, VTP, RSTP, NAT, ACL, SSH, Cisco CLI, QOS, Subnetting, IP Phones, Microsoft Lync, Server Administration, Cisco Access Points, VMware