PROFESSIONAL SUMMARY:

• 8 years of hands on experience in network engineering, designing, integrating, deploying, maintaining and supporting broad range of communication systems.
• Expert level knowledge on configuring Cisco Wireless Solutions, Prime Infrastructure, Aruba Mobility controller, and Airwave solutions.
• Expertise in Cisco ISE, ACS and Aruba Clearpass Radius and TACACS solutions.
• Expert Hands on Experience in 802.1x, AAA Wired and Wireless Configurations.
• Comprehensive understanding of the technologies involved with network security firewall products Checkpoint, Palo Alto and Cisco ASA.
• Supporting and troubleshooting Checkpoint/Cisco site - to-site VPN and IPSec functionality.
• Experience in layer 2 protocols configuration for Virtual Local Area Network (VLAN), VLAN Trunking Protocol (VTP), Spanning Tree Protocol (STP), and Rapid STP.
• Experience in Layer 3 Routing Protocol configurations: OSPF, EIGRP and BGP.
• Experience in HSRP and VRRP redundancy Protocols.
• Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Having experienced in Agile Methodologies, Scrum stories and sprints experience in a Python based environment, along with data analytics, data wrangling and Excel data extracts.
• Good knowledge of CISCO NEXUS data center infrastructure with 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2248).
• Familiarity with WAAS, VoIP, and next-gen datacenter networking (SDN, Cisco ACI).
• Experience with installing and managing IT services such as Active directory, site replication, DNS, SSH, DHCP, DNS, NAT and Terminal service.
• VMware NSX installation, Configuration and Maintenance.
• Network Monitoring using SNMP and other management tools such as SPLUNK, Wireshark, Solarwinds, and Gigamon.
• Experience in vulnerability scanning activities for over end interfaces and provided technical support for all scanning issues with Metasploit, Tenable Security Center .
• Experience in physical cabling, IP addressing and Subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies.
• Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Ability to Install, Manage & Troubleshoot Large Networks & Systems Administration on Windows & Linux platforms in Development, Lab & Production Environments.

TECHNICAL SKILLS:

Operating Systems: Windows (Server 2008/2012, Windows 7/10), Linux OS (CentOS, Fedora, RHEL 6/7)

Routers: Cisco 3800, 3600, 2800, 2600, 2500, 1800 series Routers

Switches: Cisco 6500, 4500, 3750, 3500, 2900, series switches

Routing: MPLS, OSPF, EIGRP, BGP, Route Maps and Filtering, Redistribution, Summarization and Static Routing

Switching: LAN, VTP, STP, PVST+, RPVST+, Ether channels

Network security: Cisco ASA 5505/5510, Palo Alto, Checkpoint Gaia R70, R71, R75, R77, VSX, ACL, IPSEC VPN, GRE VPN, NAT/PAT, Filtering, Load Balancing, IDS/IPS,ISE.

Load Balancer: F5 Networks (Big-IP) LTM Module, Cisco ACE 30 load balancer

LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet

AAA Architecture: TACACS+, RADIUS, Cisco ACS

Network Management: Gigamon, SNMP, Solar Winds Oraion, Metasploit (Rapid7), Tenable Security Center and Wireshark.

Wireless Technologies: Prime Infrastructure, Ekahau, Air Magnet, Airwatch and WLC s (8510, 5508, 5706), Cisco AironetAP s (2600, 3600, 3700), ISE, MSE, Aruba 225, Aruba 3000 controller & Airwave, ISE

Web Technologies: HTML, CSS, JavaScript, jQuery,and Ajax.

Cisco ISE & Aruba Clear Pass: Cisco ISE 1.1,1.2, 2.0, ACS 5.x and Clear Pass 6.0,6.2,6.5

Wireless Security: WPA/WPA2, EAP - TLS, EAP-PEAP-MSCHAPv2, GTS, FAST

Nexus Platform: Nexus 7k,5K, 2K (7010, 5020, 2148, 2248)

PROFESSIONAL EXPERIENCE:

Confidential, Bloomington, IL

Network Engineer

Responsibilities:

• Provided operational and configuration support for F5 BigIP LTM. Configured and troubleshoot F5 OS version, 9.x, 10.x and 11.x.
• Wrote BASH scripts containing TMSH commands to create / modify virtual servers, pools, nodes, profiles, and monitors. successfully migrate 10,000+ server farms / virtual servers from Cisco Application Control Engines (ACE) to F5 Local Traffic Managers (LTMs). Migrated 1000's of VIPs from shared LTM pairs to dedicated LTM pairs using BASH scripts with TMSH VIP management commands.
• Implemented a script to automatically create a syntax for Nodes, Pools, VIPs, Profiles, Persistence in TMSH, based on requirement using Python.
• Good knowledge on IRules with Tool Command Language (TCL) code to perform custom URL parsing and redirects based on values contained in URL suffixes.
• Deployment of Palo Alto firewall into the network. Configured and wrote Access-list policies on protocol-based services.
• Providing support Palo Alto 3000/5000 and 7000 series Firewall through Panorama Management Console.
• Analyzed traffic pattern and implemented URL filtering using the Palo Alto Firewall. Troubleshooting and configuring Palo Alto FW's 3060 & 5060.
• Developed Engineering documentation to record F5 environment and change processes.
• Performed architectural changes to improve security and network efficiency. Provided operational support and data analyses.
• Add Wireless controllers and F5 Load Balancer to Cisco ISE. Customize Guest Portal using Cisco ISE
• Perform upgrade of Cisco ISE and apply security patches.
• Configured and performed software upgrades on Cisco Wireless LAN Controllers WLC’s (8510, 5508, 5706) for Wireless Network Access Control integration with Cisco ISE.
• Support customers with upgrades, deployment, and configuration of Cisco Prime Infrastructure.
• Configured and Managed: Cisco Wireless LAN Controller 5508 and Cisco 3802, 2802, 3702, 3602, 2600, 1550, 1242 and 1131 Light Weight AP's. Wireless Configuration, Management and Support with Prime Infrastructure.
• Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Configured application load balancing using F5 LTM.
• Administrating on F5 LTM, GTM, ASM, APM on series 5050 .
• Experience with configuring VIP, Pools on F5 LTM and working with irule management on LTM.
• Extensively used Netmiko lib in python to configure VLAN, and remotely execute router commands.
• Interfaced with middle/senior levels of management and external equivalents and disseminated information to team members.
• Firmware upgrades on both wired and wireless network equipment using Cisco Prime Infrastructure.
• Deploying wireless in both local controller mode and flex-connect mode dependent upon location.
• Performed IOS upgrade on various Cisco routers and switches platforms.
• Reviewed and redesign wireless for more than 100 remote offices. Performed Offline Wireless Site Surveys and created wireless heat maps based on building/suite floor plans with Cisco Prime Infrastructure

Confidential, Hopkinton, MA

Sr Network Engineer

Responsibilities:

• Deployment of Palo Alto firewall into the network. Configured and wrote Access-list policies on protocol-based services.
• Providing support Palo Alto 3000/5000 and 7000 series Firewall through Panorama Management Console.
• Analyzed traffic pattern and implemented URL filtering using the Palo Alto Firewall. Troubleshooting and configuring Palo Alto FW's 3060 & 5060.
• Design & Installations from ground up of the F5 appliances and the solution delivery.
• Upgrades and Migration from old infrastructure to new infrastructure.
• Implementing VMware NSX Micro segmentation, logical switch, DLR/Edge configuration and maintenance.
• Perform network engineering, design, planning LTM & GTM, APM load balancing implementation and scheduling infrastructure related tasks by coordinating with other teams.
• Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Configured application load balancing using F5 LTM.
• Administrating on F5 LTM, GTM, ASM, APM on series 5050 .
• Experience with configuring VIP, Pools on F5 LTM and working with irule management on LTM.
• Worked on Converting the Partner IPSEC VPN from one Data Center to Another Data Center.
• Utilizes network tools like Gigamon and Wireshark for troubleshooting and monitoring.
• Experience working with Nexus 7010, 5020, 2148, 2248 devices.
• Experience in configuring Juniper Layer 3 EX4200 & EX3200 switches. Design, implement and administer IPv4/IPv6 enterprise network infrastructure utilizing Juniper routers.
• Migrating Cisco ASA firewalls policy to new Checkpoint appliance with support of vendor specific tool.
• Experience on designing and troubleshooting of complex BGP and OSPF routing problem.
• Convert Branch WAN links from TDM circuits to MPLS.
• Implemented, analyzed and recommended appropriate system for the out of band management monitoring. utilizing Solarwinds for primary and disaster recovery site.
• Monitored and responded to network anomalies utilizing Solarwinds/Orion's software and recommended appropriate network solutions for issues.
• Good Knowledge on Juniper SRX configurations on various platforms of Junos.
• Worked on Juniper J series j230, M 320 routers and EX 3200 series switch.
• Complete understanding of feature testing of switches (RFC 2889 and RFC 2554) using IXIA's IP testing system.
• Replace branch hardware with new 2851 routers and 2960 switches.
• Implementing security controls (ISO/IEC 27000, NIST, CIS, etc.) to match regulatory compliance requirements (PCI, HIPAA, SOX, ITR, GDPR, etc.).
• Implementing & Troubleshooting of T1, MUXES, CSU/DSU and data circuits.
• Involved in designing and implementing QOS and policy map to 2800 series routers for all the branches.
• Worked on Layer 2 protocols such as STP, VTP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment.
• Involved in configuring IP Quality of service (QoS).
• Involved in Datacenter build and support, Implementation, migrations network support, Interconnectivity between an old Datacenter and new Datacenter.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Installed new purchased Hardware to the new DC, Migrate data over WAN connection, also greatly involved in virtualization of physical servers.

Environment: Router 2900, 3900; Cisco Catalyst Switch 3550, 2960. T1 Controllers, Juniper J series, Checkpoint R70 to R75.20, Cisco ASA, DS3 Lines (T3 Lines), Fiber and Ethernet cabling, Palo Alto 3000/5000 and 7000 series, Nexus 7010, 5020, 2148, 2248.

Confidential, Mariatta, GA

Sr Network Engineer

Responsibilities:

• Configuration and setting a lab for the testing of Checkpoint R80.10 Gaia operating system on both Management and Gateway. Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability
• Knowledge in implementing and configuring F5 Big-IP LTM-6400 load balancers
• Used load balancers ACE and load balancing technique with multiple components for efficient performance and to increase reliability through redundancy.
• To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Load Balancing using F5 Networks Big IP.
• Hands on Experience in configuring F5 objects, components and provisioning various modules like LTM, GTM, ASM, APM.
• Configuring policies on ASM using manual policy enforcement and auto policy enforcement with F5 ASM.
• Analyzing firewall change requests and implementing changes into existing firewall policies by maintaining the security standards of the organization.
• Change Management: Need to make sure that all the change designs and implementations are completed and tested as per the schedule required by the customers.
• Configured Checkpoint Firewall in distributed deployment and also maintaining Site-to-Site VPN Connection through the Firewalls.
• Responsible for configuration and Virtualization of Checkpoint firewalls across the enterprise.
• Assisting in configuration of Multi-Domain Security Management server and consolidation of CMA's
• Maintaining 8 gateways using Smart Center Server as a Management Station.
• Hands on experience dealing with different blades on checkpoint appliance other than Firewall, IPSec, Application Control and URL Filtering, IPS, SecureXL.
• Installing Jumbo Hot Fix take 151 by removing Shell Shock and Installing Gypsy to the Multi-Domain Security Managements on R76 Gaia platform and upgrading to R77.10
• Upgrading Checkpoint Gaia and Security management from R 76 and R 7 .30 and R77.30 respectively with the latest hotfix take 216.
• Managing URL Content Filtering on Websense Proxy.
• Perform Firewall OS upgrades using CLI, Splat and Voyager GUI.
• Configuration and Maintenance of Splunk , Gigamon Network Visibility .
• Migrated to R75.xx in various Checkpoint 4k/11k/21k appliances from R65, R62, R60, etc., and building the new Smart Center server.
• Configuring VLAN trunking Protocol (VTP) on core switches.
• Configured HSRP and VLAN trunking 802.1Q, VLAN routing on catalyst 6500 switches.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Study single point failures & design WAN structure in such a way that there are no failures in network in case of any device or link failure.
• Knowledge about setting up Python REST API Frame work using Django.
• Implementing, Monitoring, Troubleshooting and Convergence in Frame-Mode MPLS inside the core.
• Configured Routing Protocols such as OSPF and policy-based routing.
• Design OSPF Areas for reliable Access Distribution and for Core IP Routing.
• Fine-tuned OSPF metrics to avoid routing loops and ensure red undancy in case of link failures.
• Redistribution of routing protocols and Frame-Relay configurations.
• Setup simplified and traditional VPN communities and CISCO Anyconnect.
• Implemented LAN/WAN utilizing CISCO 7200, 7204, 7206.
• Installed and configured Routers, Bridges, Terminal Servers and CSU/DSU’s to support WAN links
• Work with application developers and systems engineer to migrate applications and systems to a new Border Gateway network .
• Patch and Package administration for installation of patches as per company policy and installation of packaged application .
• Leveraged two Nexus 2232 Fabric Extenders and two 2248 Fabric Extenders, making them ‘dual-homed’ to both N5Ks and implementing Enhanced Virtual Port-Channel (EvPC).
• Worked with networking teams to install an Avaya VoIP phone system and test phone system connectivity and functionality.
• Involved smart view tracker to check the firewall traffic.
• Documented all the work done by using MOPS, Visio, Excel and MS word.

Environment: Cisco 3750/3550/3500/2960 switches and Cisco 12000/7200/3845/3600 routers, Cisco ASA5510, Checkpoint.

Confidential, Colorado Springs, CO

Sr Network Engineer

Responsibilities:

• Responsible for the implementation and maintenance of firewall based security zones (DMZ*s).
• Provide support to internal project teams by adding firewalls, switches and routers to managed DMZs.
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS.
• Implementing & Troubleshooting of T1, MUXES, CSU/DSU and data circuits.
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems,
• Have sound knowledge of Firewall architecture, routing and VPN.
• Have experience working on HP Open view Network Node Manager.
• Upgrade firewalls in accordance with change management & Document changes to firewalls.
• Monitor traffic and access logs in order to troubleshoot network access issues.
• Have experience with Cisco Works LAN Management Solution.
• Experience in migration of Frame-relay based branches to MPLS based technology using multi layer stackable switch like 6500 series and 2800 series router.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Hands on experience with Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them with various modules like Gig card, VPN SPA card, WIC card.
• Cisco IOS experience on 3600/7200 class hardware in complex WAN environment and experience on Cisco OS and IOS on CAT6500 in a complex data center environment.
• Involved in configuring IP Quality of service (QoS).
• Conducted vulnerability assessments using Nexpose. Helped with creating patch management program
• Helped customer to utilize Nexpose tool after security breach. Ensured the consistency and quality of Payment Card Industry (PCI)
• Perform risk analysis of all software and hardware configuration changes.
• Perform vulnerability scanning of all network assets to determine potential weaknesses in the security posture using Tenable Security Center.
• Integrated NetScaler into complex enterprise environments in short periods of time taking into consideration the functioning production environment.
• Understanding & Implementation of IPSEC & GRE tunnels in VPN technology.

Environment: Router 2800, 3800, 7200, 7600; Cisco Catalyst Switch 6500, 6509, 3550

Confidential

Network Engineer

Responsibilities:

• Maintaining the Network Infrastructure, Installation, migration and configuration of routers and switches for clients.
• Provide alternative means from dial-up connection to bring down the damage or loss that occurs for the client.
• Configured Routing protocols such as OSPF and policy based routing.
• Team member of Configuration of CISCO 7206 router and Configuration of Catalyst switches.
• Configuration 7609, 7606 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
• Create and test Cisco router and switching operations using OSPF routing protocol.
• Configuration and troubleshooting link state protocols like OSPF in multiple areas.
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches.
• Optimized performance of the WAN network consisting of CISCO 3550/4500/6500 switches by configuring VLANs.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
• Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center including patching the cables in the Patch Panel. Design and implemented network infrastructure and configured all the network Infrastructure devices including Network Printers and Registers.

Environment: Cisco 3550/4500/6500 switches and Cisco 2500, 2600, 3000, 6500, 7500, 7200 routers, Checkpoint.

Confidential

Network Engineer

Responsibilities:

• Worked as part of a team for Cisco Product Support. Troubleshooting by providing relevant knowledge base articles and other information.
• Network solutions for complex networks for VAR (Value added resellers) users of Cisco.
• Configured & maintained LAN, WAN, VPN, WLAN, and Firewalls on Cisco Routers for end users.
• Configuring MPLS, VPN (IPSEC, GRE) in VPN concentrators and QOS in integrated networks (Data, Voice, and Video).
• Installed and configured of Juniper J-Series (J2350) and M-Series (M10) routers.
• Installed and configured the ACE and CSM for firewall/Server Load balancing for Cisco Catalyst switches.
• Configuring IPS, IDS, VLAN, STP, Port security, SPAN, Ether channel in Cisco Composite Networks.
• Configured routers and modems, troubleshot issues related to broadband technologies for Residential and Business Customers.
• Apache Web Server & MRTG, BIND DNS Server configuration and optimization over UNIX and Active directory implementation of Windows 2003 Server.
• Configured & Maintained Cisco 2600, 2800, 3200 series routers including IOS upgrades.
• Prompt technical support to customers on routers and switches.
• Remote management of large networks.

Environment: Cisco Routers - 1700, Cisco GSR 12416. Cisco Switches - 1900, 6509, and 6513