SUMMARY:

• 8 years of practical experience in the IT field as a network engineer, with proficient hands - on experience in the areas of Wi-Fi portfolio, Routing, Switching and Troubleshooting
• Strong knowledge in configuring and troubleshooting routing protocols like OSPF, VOIP, IPT, IS-IS, SNMP, EIGRP and BGP.
• Installing and Configuring Cisco switches 2960, 3560, 4500, 6500, 4900, 2900, 3750, Nexus 5000, Nexus 7000,Nexus 9000 WS-C4948, Juniper EX, QFX and MX series.
• Hands-on expertise with routers 2800, 2900, 3800, 3900, 7200, 7600, ASR9010, ASR1002 and Juniper ACX, EX 4300, MX 480, MX960 series.
• Working Knowledge on Devices like Juniper SRX 210, 240 and 550.
• Implementation, working analysis, troubleshooting and documentation of LAN, WAN & WLAN architecture with excellent work experience on IP series.
• Working knowledge with Load Balancers F5 LTM like 2200, 4200v, 7050 for various applications.
• Knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, BGP ability to interpret and resolve complex route table problems.
• Experience in deploying applications through Microsoft azure.
• Experience in troubleshooting and deploying applications to azure.
• Experience in Design, configuration, and support of Cisco Nexus Platforms (Nexus 2000/5000/7000/9000 ).
• Worked on Cisco Routers 2800, 2900, 3800, 3900, 3750, 4500, 7600, (6500- sup720), ASR9K and ASR1002.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
• Working knowledge of Firewall, LDAP, AAA, TACACS/RADIUS, and IPSEC.
• Proficient with TCP/IP, OSI models and Cisco IOS.
• Experience with Security policy configuration including NAT, PAT, VPN, SSLVPN, Route-maps and Access Control Lists.
• Strong experience on Juniper SSG series Firewalls and Checkpoint R75, 76 Firewalls, Juniper SRX 240 Firewalls.
• Strong practical experience in IP addressing, Sub-netting, VLSM and ARP, proxy ARP, and ping concepts.
• Expertise in troubleshooting and configuring DNS, DHCP, TFTP, TELNET, SSH, FTP and NFS.
• Excellent hands-on experience in designing and implementing IP addressing that includes both IPV4 and IPV6
• Implementation of Access lists, route maps, and distribute lists.
• Strong fundamental knowledge in implementing Layer-2 level technologies including VLAN's, VTP, STP, RSTP and Trunking.
• Working Knowledge of SD-WAN technologies Such as Meraki, OpenStack and Silverpeak.
• Technical support for improvement, up-gradation & expansion of the network architecture.
• Good understanding and working knowledge of Protocols like IEEE 802.1, IEEE 802.3& IEEE 802.11, 802.1x, EAP, PEAP & EAP-TLS.
• Hands-on experience of Python scripting, automation using Python, string parsing, libraries, API's, regexp and more.
• Familiar with security products such as Cisco ISE
• Expertise on various Operating Systems and software's like Win8, Win7, Win 2008, Win Vista, Ubuntu, Kali Linux, Red Hat Linux, Asterisk and MS Office Suite.
• Working Experience in SONET, DWDM & ATM Networks.
• Working Experience in VMware ESX 5.x, VMware Workstation, VMware vCenter Server, Microsoft SharePoint, System Center 2012 R2, C++.
• Worked on security products such as Cisco ISE
• VoIP Installation and troubleshooting, configuring Cisco Phones and setting up VoIP, IPT over VLAN.
• Good understanding and working knowledge of ITIL standards.
• Hands on experience on several Ticketing Tools like JIRA, Change Management, Service Catalog, ePCR, SR, Remedy, IP center, etc.,
• Working Experience on web content filter and gateways like Blue Coat, Websense.
• Working Experience on Network Scanning, Management, Alerting &Logging tools like Solar Winds, PRTG, and Wireshark.
• Comprehensive understanding of OSI Model, TCP/IP protocol suite (IP, ARP, ICMP, TCP, UDP, SNMP, FTP, TFTP).
• Planning, Designing, Implementation of small, medium organizations including LAN, VLAN, WLAN and WAN on wired and wireless networks
• Moderate knowledge in configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone Aps, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics.
• Moderate knowledge in implementing and configuring F5 Big-IP LTM-6400 load balancers.
• Adept in preparing technical documentation and presentations using Microsoft Visio/ Office.

TECHNICAL SKILLS:

Cisco Platforms: Nexus 9K 7K, 5K, 2K and 1K, Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900, 6807 series)

Juniper Platforms: SRX, MX, EX Series Routers and Switches

Networking Concepts: Access-lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi

Firewall: ASA Firewall (5505/5510/5520 ), Checkpoint (R75/R76), Palo Alto (2k, 3k, 5k), Juniper SRX (240).

Network Tools: Solarwinds, SNMP, Cisco Works, Wireshark, Netcool, Netbrain

Load Balancers: Cisco CSM, F5 Networks (Big-IP)

WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1,DS3,OC3, T1 /T3 & SONET

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q

Security Protocols: IKE, IPSEC, SSL-VPN

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6

Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix

PROFESSIONAL EXPERIENCE:

Confidential, Phoenix, AZ

Sr. Network Security Engineer

Responsibilities:

• Worked on data center segmentation project to create segmentation between the user and server traffic by deploying Palo Alto firewalls (5250s) in the datacenter including cabling to the Nexus 9K, 7K VDCs and HA.
• Worked on providing management connectivity, HA configuration, setting up RSA for MFA, license and updates management, VSYS support, L3, aggregate Ethernet and sub interfaces configuration, configuration of BGP on both Nexus and Palo Alto, moved SVI (server VLAN) interfaces from ASA core to Palo Alto.
• Validated routing throughout the environment and created test plans for failover including using link monitoring and path monitoring.
• Collected data to determine which permit rules to create between the user and server VLANs based on the logs.
• Developed and implemented Python scripts to automate retrieval, parsing and reporting of configuration parameters from Network Devices connected to customer networks.
• Experience using Source fire IPS and Firesight management console
• The created script in python for calling REST APIs.
• Review and analyze events from logs and Source Fire IDS/IPS
• Experience working with Nexus 7018/7010, 5020, 5548, 2148, 2248 devices.
• Experience working with OTV & FCOE on the nexus between the datacenters
• Deployed Nexus switches 2248, 5548, 7018 and implemented features like FEX Links, VPC, VRF, VDC, and OTV, Fabric Path.
• Created VSYS Builds from Checkpoint to Palo Alto Panorama Database Zone, Access Zone.
• Performed Routing protocol migration from EIGRP to OSPF to allow for optimal performance inside a 100% cisco environment.
• Determined the VPN connectivity requirement for users, VPN pool and gateway information, integration of RSA for VPN authentication, defined rules for non-console administrative access, implemented and tested non-console admin rules for firewalls.
• Used routing protocols (OSPF) internal and BGP to connect to ISP
• Worked on creating SNMP, Syslog, Email profiles, log forwarding, data filtering profiles according to the client’s requirement.
• Experienced provisioning SD-WAN service as automated failover solution for MPLS VPN by Cisco Meraki MX 80 Firewall
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Handling Checkpoint and Checkpoint firewalls appliances, Checkpoint Provider-1/Multi-Domain-Mgmt. the, Check point Smart Console R70.20 & R75.40, R77.10, R77.20.
• Provided day-to-day support in the maintenance and troubleshooting of OSPF at the core layer
• Working on Cisco ISE to authorize users based on protocols PEAP and EAP-TLS, also manage and monitor user's access privileges.
• Implementation of Juniper Firewall, SSG Series, Net screen Series ISG 1000, SRX Series
• Upgraded the existing Panorama to V8. Integrating the new firewalls to Panorama and responsible for working on change tickets for existing 3250 Palo Firewalls in the environment.
• Worked with the Info security team to closely monitor threats, incident handling, working with the network administration team to provide them with the remediation steps.
• Updated configuration standards to meet the PCI DSS compliance requirement. Made config changes to the existing firewalls in the CDE to the configure standards to make them PCI compliant.

Environment: Firewall migration, Rule cleanup, Firewall remediation, F5 Cisco ISE, Ticketing change management

Confidential, Atlanta, GA

Sr. Network Security Engineer

Responsibilities:

• Worked on cleanup of several legacy rules of ASA and created a migration path to Palo Altos, configured for Global protect VPN, User ID, Wildfire set up, SSL decryption, license and policy management on Palo Alto appliances.
• Reviewed and optimized firewall rules using Netscout firewall monitoring tool by creating customized firewall audit reports. Migrated datacenter firewall rules based on Zenoss Analysis/query and Reports.
• Staged, planned and deployed Palo Alto 5060 within Data Centres. Worked with Palo Alto firewalls using Panorama performing changes to monitor/block/allow the traffic on the firewall.
• Cisco Meraki Appliance MX (400, 80, 60) and Meraki wireless Access points (MR66,MR18),
• Installed and configured Meraki (MX80,MX60) Appliance via Meraki MX400 Cloud.
• Installed and configured Cisco Meraki (MR66,MR18) wireless Access points in the warehouses.
• Troubleshooting Cisco APs and Meraki appliances.
• Responsible to evaluate, test, configure, propose and implement network, firewall and security solutions with Palo Alto networks.
• Experience with products such as Cisco ISE, Cisco ASA 5500 series firewalls and Cisco ACE 4710 Load balancers.
• Palo Alto/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Configure and maintain site to site VPN using Netscreen firewalls.
• Configuration of Arista DCS7300, 7010, MX960s to replace end-of-life devices
• Manage Arista core and distribution environment
• Installed Arista core and distribution solution to replace current Cisco environment
• Working experience on tools and devices like Source Fire, Cisco ASA, Cisco ISE
• Installed and configured Cisco Nexus 9k/7k/5k/3k switches for VPC, Vlans, MST and 802.1q for Top of the Rack switches and Distribution layer switches
• Instituted a vulnerability management program to scan and report on all machines for vulnerabilities on the network using various vulnerability management tools on a weekly schedule to meet external audit requirements.
• Provided in depth analysis using but not limited to Vitalnet, NetQoS, Net screen Manager (NSM), Wireshark, Netcool Monitoring and Infinistream Management Console.
• Configuring HP procurve switches and Microtik routers by providing VPN access and setting pools for dedicated tunnel for internal customers. Worked on Palo-alto configuration for L2, L3 deployment on Vendor-list firewall. Experience on configuring fiber-optic between 2 data centers with 10GB of bandwidth availability. Configured active directory domain, DNS and DHCP on Windows 2012 R2 standard.
• Extensive work with MPLS, configuring BGP, policy-based routing, redistribution, VPN etc.
• Worked on troubleshooting of tickets in complex LAN/WAN infrastructure using packet captures, protocol analyzers, syslog servers etc. Worked on CA spectrum network monitoring tool.
• Corrected configuration issues and implemented best practices for configuration of VDC, VPC, VRF, FEX

Environment: Architectural layout, Firemon, Unused rule and policies, Qos, Monitoring, VOIP,PbX, HP procurve switches.

Confidential, Memphis, TN

Network Engineer

Responsibilities:

• Managed firewall policy lifecycle process from review, approval, implementation, publishing, verification Network Engineer
• Worked on a project to help clean up legacy FW policies and create migration path from current ASA’s. Cleaned up around 50000 rules based on activity within 3 months prior to the migration project.
• Implement IPSEC, SSL VPN solutions including Palo Alto Networks Global Protect with single and multiple
• Gateway solutions including integration of PKI s.
• Worked on setup and installation of Cisco ASAs with Firepower and configured it for URL filtering.
• Check for DNS issues by pinging the server’s name. Experience with Wire shark, Test TCP& OPNET.
• Perform bandwidth metrics analysis using various tools (IXIA, Cisco Works and Cisco Network Analysis Module.
• Provided tier 3 support for Checkpoint Firewall -1 software to support customers.
• Work on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing and supporting Checkpoint Gateways
• Experienced in Netbrain 5.x in network troubleshooting and network mapping.
• Managing &Troubleshooting DHCP issues.
• Provide Level 3 support for Aruba WLAN mobility controllers, Access Points and Aruba Instant Access Points.
• Built several Red Hat Linux servers to provide file storage, system backups and UPS monitoring.
• Configuring and troubleshooting static and dynamic DNS servers.
• Trouble-shooting end-user reported problems, thoroughly and accurately documenting problem in trouble management tool.
• Analyzing and resolving a high percentage of initial customer contact in the areas of PC/LAN.
• Escalating customer problems to management and support groups utilizing standard escalation model.

Environment: Shortel, AVAYA, f5, Upgrades and backup, Network monitoring

Confidential, Bellevue, WA

Network Engineer

Responsibilities:

• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience
• Involved in configuring Juniper SSG-140 and Check point firewall
• Created effective network security by migrating from Check Point FW-1 NG to ASA 5510 Firewalls
• Has a good experience working with the Trouble Tickets on F5 Load balancers and ASA Firewalls
• Working with Cisco Nexus 2148 Fabric Extender and Nexus 5500 series to provide a Flexible Access Solution for datacenter access architecture
• Working with CISCO Nexus 7000, Nexus 5000, and Nexus 2000 platforms
• Performed network troubleshooting, second level technical support, and tape backup operations.
• Served as a main escalation point of contact for level II personnel.
• Configured Wireless Access Points in order to control them with RADIUS server
• Coordinated with higher-level support and external vendors for resolution.
• Configured VLAN's on Switches for Wireless Access Points.
• Monitored Network Management System and responded to events, alarms and trouble tickets.
• Included network services such as DNS, email, web, Servers, VPN and Firewall. .

Confidential

Jr. Network Engineer

Responsibilities:

• Check the condition of the physical connection i.e. the network cable. Setting up Cisco wireless router and setting up access points. Check the IP address, default gateway and subnet mask are all correct.
• Troubleshooting network issues like by pinging the host or by pinging the default gateway. Contacting ISP (PerunaNet) for assistance.
• Setting up VOIP network in the engineering building. Check for DNS issues by pinging the server’s name. Experience with Wireshark, TestTCP& OPNET. Managing &Troubleshooting DHCP issues.

Environment: Troubleshooting L1, L2 issues, Managing phones and Desktop systems for call center.