We provide IT Staff Augmentation Services!

Sr. Network Engineer Resume

Sunnyvale, CA

SUMMARY:

  • Over 7+ years of experience in the design, implementation, support, and maintain 24x7 network services serving as one of the highest levels of escalation for network and security issues. Make ongoing recommendations of network policies and standards., troubleshooting and documentation of LAN/WAN networking systems in Branch, telecommunication and Data Center environments
  • Proficient with network hardware and technologies including routers, switches, firewalls, Ethernet, Fast Ethernet, Gigabit Ethernet.
  • In depth expertise in routing protocols (DWDM, SONET, BGP, OSPF, EIGRP, RIPv1&2), Switching architecture and protocols (VLAN’s, Trunking and Spanning Tree)
  • Hands - on experience in configuring Cisco routers/ Switches to perform functions at the Access, Distribution, and Core layers.
  • Installation, configuration and maintenance of Checkpoint, Cisco, Palo Alto, Juniper, Fortinet Firewalls.
  • Working experience in wireless environment like cisco ASR and CSR system.
  • Solving issues in intra wireless n/w like dealing with access controllers and access points.
  • Excellent working knowledge of TCP/IP protocol suite and OSI layers.
  • Experience with Firewall Administration, Rule Analysis, Rule Modification.
  • Implemented traffic filters using Standard, Extended and Named access-lists.
  • Experience in configuring and troubleshooting IPSEC site to site VPN solutions.
  • Working experience with Datacenter Switches such as Nexus 2K, 5K and 7K.
  • Solid understanding of GSM, UMTS & LTE Network architecture, Call flow and Traffic Engineering
  • Working knowledge of transport connectivity such as SONET, OTN, T1, CAT5&6 Ethernet, DS1, DS3, Fiber, OC3 and OC12, OC48
  • Hands on experience on Checkpoint UTM and NGX series Firewall and Application URL filtering, and strong understanding knowledge on PALO ALTO Product firewall.
  • Having proposals of change the environment form NX-OS to Application Centric Infrastructure (ACI) in Data center, implemented in the lab environment.
  • Experience in Tier- 2 support, BMC Remedy tool, EMS, NMS, ticketing system, network troubleshooting, handling escalation, and Root cause analysis (RCA) and SLA's.
  • Hands on experience with ACI (Application Centric Infrastructure) with spine and leaf architecture.
  • Understanding of latest security trends, vulnerability assessment techniques and attacks like DOS and Man in the middle attack.
  • Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment.
  • Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN, Trunks, VTP, Ether channel, STP, RSTP and MST
  • Proficiency in configuration of VLAN setup on various Cisco Routers and Switches
  • Implementation of HSRP, VRRP and GLBP for Default Gateway Redundancy
  • Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools
  • Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, AAA (TACACS and LDAP)
  • Proven ability in problem-solving, decision analysis, prioritizing work flow, multitasking and team collaboration and Demonstrated leaderships skills and have ability to lead team if necessary
  • Team player with excellent verbal and communication skills with ability to lead varied team sizes and capable of working with minimum supervision.
  • Strong hands on experience on PIX, Firewalls, and ASA Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ &RADIUS).
  • Expertise in VOIP protocols like H.323, MGCP, SIP, and SCCP.
  • Working Knowledge with monitoring tools like Solar Winds and Network packet capture tools like Wire-shark.
  • Strong understand of Security Devices (Firewalls, Load Balancers, Proxy Servers, and IDS Sensors)
  • Strong analytical skills, including knowledge and relevant experience in network management tools.
  • Experience in implementation, support and troubleshooting of VLAN's including operational knowledge of spanning tree protocol (STP), VLAN Trunking, inter VLAN routing and ISL/802.1q.
  • Provided availability and on-call support as required by the projects.
  • Experience of communicating with customers, solving complex problems in a timely productive manner.

TECHNICAL SKILLS:

Routers: Cisco 2600, 2800, 3600, 4400, 7200, 7609 Series,7600, Cisco CSR, ASR1k, ASR 9k, ISR4k, ISRG2.

Switches: Cisco 2900, 3500, 3700, 5000, 6500 Catalyst Series, Cisco 7000, 5000, 2000, Switches 9K series

High Bandwidth: Confidential XT- Series, Ciena Waveserver, EDFA, Raman Amplifiers etc…

Firewall: Checkpoint R65/R70/R75/R77/Provider-1 firewall, Palo Alto, Cisco PIX 500 series, Cisco ASA, IDS CISCO IDS 4520 Juniper, Imperva SharePoint 2010, Imperva WAF, FortiGate

Communication Protocols: TCP/IP, UDP, DHCP, DNS, ICMP, SNMP, ARP, RARP

Routing Protocols: BGP, ISIS, OSPF, EIGRP, VRRP, HSRP, GLBP, RIP2, Infoblox

Switching Protocols: STP, RSTP, PVSTP, VTP, ARP, VLAN

IP Services: DHCP, NAT, VLAN, DNS, FTP, TFTP, LAN/WAN

WAN Technologies: ATM, ISDN, PPP, MPLS, ATT, 802.11, 802.11a, 802.11b, APLUS

Network Technologies: IPsec, GRE, NAT/PAT, ACL, IPv4, IPv6

Network tools: Wireshark, Cisco Anyconnect, AirWatch

Software: Sniffer Pro, Microsoft FIM, MS Lync, MS Exchange, Trunking and STP

Operating Systems: Windows XP/7/8, Linux

Load Balancer: F5-Big-Ip, LTM, Ax10

Scripting languages: C#, Perl, Python, PowerShell, TCL, Bash

PROFESSIONAL EXPERIENCE:

Confidential, Sunnyvale, CA

Sr. Network Engineer

Responsibilities:

  • Managed multiple large-scale projects in a fast-paced environment and provided leadership to other members of the team for the 45+ branches of Confidential Corporation across. Quickly turned business problems into technical solutions. Managed configurations and the deployment of equipment in compliance with established technology policies. Recommended technical solutions that will enhance performance, increase redundancy, and add flexibility to the existing infrastructure. Troubleshoot network outages and report of network performance issues. Maintain system and network availability and monitoring of services. Participated in rotating 'on-call' schedule with engineering team.
  • Maintained the appropriate relationships with 3rd party vendors and evaluate vendor hardware, software, and communications products and to provide recommendations for purchases with our corporate objectives in mind.
  • Performed capacity planning in various scenarios. (Single/Redundant Circuits, Load Balancing, Aggregation, etc.)
  • Installed, Configured new Waps for the entire office in Aerohive manager.
  • Updated QoS and DHCP scripts on the switches/DWDM of the various branches of Confidential deployments as Optical project went live in production.
  • Updated the Network Diagrams in VISIO.
  • Experience with Aruba/Ruckus Wireless Controllers, Access Points and IAP.
  • Implement Aruba Wireless infrastructure using Aruba controllers & Access Points.
  • Configured Aruba access points troubleshoot connectivity issues with Aruba access points Surveyed, designed and implemented wireless network infrastructure solutions for both indoor and outdoor environments for multiple clients in several distinct markets.
  • Worked on various security tools like Aruba Activate, Aruba Activate, Websense, Source fire, EM7, NMS, etc…
  • Worked on Aruba Activate and Aruba Airwave for whitelisting and blacklisting the Aruba devices for the users.
  • Managed EMS, NMS monitor logs. Scan email links and attachments in Fire Eye to determine if they're malicious.
  • Triage qradar offense based on severity and type of the offense.
  • Create/modify qradar rules to reduce false positives.
  • Integrating Duo authentication to replace crypto card.
  • Providing crypto tokens for new users.
  • Creating and manage Duo accounts.
  • Maintaining Exabeam, making sure it's up to date and resolve any issues with the tool.
  • Improving process flow of Qradar offenses.
  • Making sure Qradar is working normally during business hours.
  • Administrator for SIEM Tool IBM Qradar & Monitoring.
  • Searching and Reporting, Dashboards, Graphs, Search strings, Use cases, Log Delivery/management/correlation, etc. using SIEM tool Qradar .
  • Hardware experience includes Confidential, Cisco, HP Aruba, and Ruckus wireless systems.
  • Responsible for implementation/installation of LAN/WAN/SAN, Aruba Switches, Aruba Wireless AP's and Aruba Virtual Controllers.
  • Performed wireless site surveys using industry standard tools such as Air Magnet and Cisco & ArubaSwitches Managed and completed over 100 projects installing/upgrading client's wireless infrastructure to Aruba.
  • Worked on Multi-vendor platform with checkpoint, Fortinet and Cisco firewalls requesting net flow for security compliance, coding, and pushing firewall rules after approval and troubleshoot incidents as required.
  • Good Understanding of Multiple Contexts in ASA firewalls and implemented different failover mechanisms among ASA firewalls
  • Setup and maintained Check Point security policies including NAT, VPN and Secure Remote access.
  • Experience with hybrid CatOS to Native Cisco IOS code migration involving Catalyst 6503 to Catalyst 6504 switches
  • Worked directly with customer engineers to support lab testing and performance evaluation of Confidential DWDM and IP products ( Confidential 1830 PSS/7750 SR/7210 SAS).
  • Created MoP (Method of Procedure) for customer concerning for new integration, deployment and software upgradation of Confidential, Confidential DWDM and IP products.
  • Provided training to customer engineers on Confidential IP and DWDM products and related protocols.
  • Resolved customer product issues through research using appropriate user manuals, product release notes, and lab testing.
  • Designed and implement MPLS VPN network for cell-tower backhaul of WIND Mobile consisting of 6 core routers and 100+ access routers: Confidential, Confidential, Confidential 7750 SR-7, 7705 SAR-8/SAR-F.
  • Accomplishment: Lab Testing/Evaluation of Alien Wavelength, EDFA/Raman Amplifier, 100G/200G Muxponder on Confidential 1830 PSS Systems and CPM-5 Testing on Confidential 7750 SR Platform.
  • Lab Implementation of multiple security contexts in ASA firewalls and Checkpoints configures redundancy (Active-Active failover and active-standby failover) among them
  • Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, and HA) on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
  • Familiarity with IT process and quality frameworks such as ISO, COBIT, and ITIL
  • Configuring rules and Maintaining Palo Alto Firewalls & Analysis of Firewall logs using various tools
  • Successfully installed Confidential XT-Series, CloudExpress Firewalls to protect Data Centre and provided L3 support for routers/switches/Firewalls.
  • Install and upgrade Bluecoat proxy SG (900, 810 and SG9000 series) and Proxy AV (510,810 and 1400 series) in all the Datacenters.
  • Worked with Palo Alto 4020,4060 devices from scratch by deploying them . Performing packet capturing on the Palo Alto firewall and analyzing the logs through Wireshark.
  • Troubleshooting the firewall PA-5060, 4060 and monitoring the performance.
  • Adding the rules in Palo Alto firewall for allowing the traffic and blocking them from different nodes in the network
  • Configure policies on the Bluecoat VPM, local database and PAC files to filter the traffic flow by creating custom rules, URL categories and routing policies.
  • Configure and manage XT controller module directors in active and Standby mode.
  • Working with F5 Load Balancers for LTM and GTM type load balancing between multiple centers.
  • Configured ACLs in Cisco 5540 ASA firewall for Internet Access requests for servers, Protocol Handling, Object Grouping and NAT.
  • Worked with ISR 4k, ASR 1k, CSR 1000v and other IWAN compatible routers.
  • strong hands-on experience in installing, configuring, and troubleshooting Cisco devices like Cisco CSR, ASR1k, ASR 9k, ISR4k, ISRG2.
  • Extensively worked on Data Center switching technology including Nexus 7K, 9K and 5K and Catalyst switches configuring VPC.
  • networking protocols, specifically OSPF, BGP and EIGRP in the core Switches of cisco 6500 and Nexus 7k and 9k and troubleshooting issues with the network.
  • Experience with adding Fabric extenders to Nexus 9K switches using switchport fabric mode
  • Analyzing firewall change requests and implementing changes into existing firewall policies by ma intaining the security standards of the organization.
  • Change Management: Need to make sure that all the change designs and implementations are completed and tested as per the schedule required by the customers.
  • Configured Checkpoint Firewall in distributed deployment and also maintaining Site-to-Site VPN Connection through the Firewalls.
  • Responsible for configuration and Virtualization of Checkpoint firewalls across the enterprise.
  • Assisting in configuration of Multi-Domain Security Management server and consolidation of CMA's Maintaining 8 gateways using Smart Center Server as a Management Station.
  • Hands on experience dealing with different blades on checkpoint appliance other than Firewall, IPSec, Application Control and URL Filtering, IPS, SecureXL.
  • Fixing SFP's SR and LR on both the Primary and Secondary Palo Alto 5250 appliances.
  • Troubleshoot network access problems, Strong TCP/IP understanding, Debugging checkpoint firewall
  • Using TCP Dumps and wire shark captures for determining the flow of traffic across the Intranet to Internet and vice versa.
  • Firewall risky rule remediation, assessment on firewall by using Algosec Analyzer for risk evaluation, Auditing and implementation.
  • Firewall rule optimization based on the rule risks such has High, Suspected High, Medium and low.
  • Managing Static, Dynamic and Hide NAT rules and address pools for IP filter on Smart Dash board.
  • Working on creating and exporting user groups and user identity groups in Cisco Identity Service Engine.
  • Troubleshoot and Worked with Security issues related to Cisco ASA, Checkpoint, IDS/IPS.
  • Design the firewalls changes using various NAT types in Checkpoint firewalls like, static and dynamic.
  • Confidential Muxponnder & SDN Cloud Computing Open Networking Open Flow
  • Configure and maintain security policies on Fortinet firewall and manager/ Fort Analyzer
  • Configure and maintain security policies on Fortinet firewall and manage Forti Manager/ Forti-Analyzer.
  • Installed redundant BigIP F5 LTM and GTM load balancers to provide uninterrupted service to customers.
  • Deployed VPLS for DCI for spanning the VLans across the datacenters to provide support for low latency and critical applications
  • Handled Firewall security of all external and internal traffic, intrusion detection and prevention, denial of service attacks.
  • Worked in patch management through manual and SCCM methodology.
  • Managing and Troubleshooting SCCM Servers and SCCM Clients.
  • Troubleshooting "Package Replication" on DPs among sites.
  • Troubleshooting CAZ to Primary replications\Primary to CAZ\Primary to Secondary\Secondary to primary eg(Parent to child) and (child to parent replication).
  • WSUS\SUP issues (eg: Software Update Point Not Available).
  • Client to MP communication issues (eg: client communications to MP)
  • Need to Pull out "Reports" as per the requirements, sql query or predefined reports from SCCM.
  • Worked on Migration projects from IIS 6.0 to 7.5 and IIS 6.0 to IIS 8.5 and IIS 7.5 to IIS 8.5.
  • Installed and configured IIS 6.0/7.0/7.5/8.0/8.5 web server on Microsoft Windows 2003/2008R2/2012/2012R2 server accordingly.
  • Configured multiple websites in IIS 7.0/7.5/8.0/8.5 using Virtual IPs, multiple ports and Host headers.
  • Installation of Linux and windows systems upgrades of systems as well as SSL implementation.
  • Monitor the network traffic through Orion Solarwinds and Spectrum syslog server.
  • Configured and Administered Cisco ASA 5585 firewalls which includes setting up the different zones.
  • Performed network administration tasks such as creation and management of VLANS, Port security, Trunking, STP, Inter-VLAN routing, and LAN security.
  • Configuring and implementing Remote Access Solution: IPsec VPN, any connect VPN, SSL VPN.
  • Involved in the Team of Data Center Operations to perform duties like administration and monitoring of Cisco Routers and Switches according to the organization requirements.
  • Involved in Network Designing, Routing, and DNS, IP Subnetting, and TCP/IP protocol.
  • Configured ACLs in Cisco5585 ASA firewall for Internet Access requests for servers, Protocol Handling, Object Grouping and NAT Control using Object NAT.
  • Implemented Cisco ACI infrastructure for supporting rapid application change by reducing complexity with a common policy framework that can automate provisioning and resource management.
  • From EIGRP domain to OSPF in order to maintain and support multi-vender capability.
  • Worked on BGP and peering the CE with the AT&T and Century Link MPLS providers using Local preferences and AS Path attributes.
  • Implemented VPLS and worked on Route Reflectors, Route Targets, LDP, L3VPN's, VRF's exclusively.
  • BMC Remedy Ticketing system, Change Management, Incident Management and solving the SR's assigned to me.

Environment: MXP, XT3600, XT500, CX1200, R65, Checkpoint, Fortinet, Bluecoat, Nexus 9396, 7010, 5548, 5520, 2248, Cat 6880, VPC, VDC, VRF, VSS, Alcatel 7750, Cisco ASA, BGP, VPLS, OSPF, EIGRP, QOS, VPM, SDN Solarwinds, STP, VLANS, VTP, Port-Channel, and Switch Stacking.

Confidential

Sr. Network Engineer

Responsibilities:

  • Configuring Checkpoint Firewall in IPSO, Secure Platform and GAIA platforms.
  • Configuring, Administering and troubleshooting the Checkpoint and ASA firewall.
  • Excellent analytical and problem-solving skills.
  • Perform Custer configuration, backup and restore the current Gateway installation
  • Analyzing the IPS logs and adjusting the protect mode. Using Smart Update, User Management and Authentication in Checkpoint Firewall. Ability to quickly evaluate project needs and provide appropriate solutions in a timely fashion.
  • Good understanding of OSI Layers and TCP/IP models, IP Addressing and Sub netting.
  • Strong working experience with Layer-2 & Layer-3 Protocols: VLANs, EtherChannel&Trunki MPBGP, PIM, IGMP, MPLS, LDP, RSVP-TE, VPWS, VPLS, VPRN, QoS.
  • Experienced on provisioning and management of IP/Optical network using management tools and protocols: CLI, TL1, WebUI, GUI ( Confidential XT, CX-Series, Confidential MTN, MLE, etc.., Fujitsu NetSmart1500/500).
  • Knowledge of IP networking and network security
  • Knowledge in Peripheral Component Interconnect (PCI)
  • Configuring and troubleshooting 802.1X and Inter VLAN routing
  • SME with Cisco Switches, Routers and Protocols
  • Worked with ISR 4k, ASR 1k, CSR 1000v and other IWAN compatible routers.
  • Strong hands-on experience in installing, configuring, and troubleshooting Cisco devices like Cisco CSR, ASR1k, ASR 9k, ISR4k, ISRG2.
  • Knowledge on virus prevention
  • Configure and troubleshoot Remote access and site to site-in Checkpoint & ASA firewalls.
  • Configure and Troubleshoot IPSec S2S, Remote Access and SSL VPN on ASA firewall and Checkpoint Firewalls.
  • Expert Level CheckPoint Firewalls Administrator. Network Topology Configuration Expert.
  • Windows & Red Hat Servers Network Configuration including User Management Active directory and mail servers - Exchange and Cloud.
  • Monitoring Traffic and Connections in Checkpoint and ASA Firewall.
  • Hands on experience on all software blades of checkpoint firewall.
  • Analyzing the malware, which are not detected by Antivirus and deleting.
  • Hands on experience with Trend Micro products IWSS, IMSS, Control Manager and IWSVA
  • Web security using Trend Micro InterScan Web Security Virtual Appliance (Proxy)
  • Knowledge of Intrusion Detection, DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels, MPLS/VPN, SSL/VPN
  • Strong working knowledge on Cisco Routers & Catalyst Switches and HP & Cisco servers
  • Experience with security device management and smart center management
  • Worked extensively on firewalls and VPN gateways Checkpoint, CISCO, Juniper, Fortigate GUI and Shell. Linux, UNIX and Windows Scripting.
  • IT and Help Desk Expert on Hardware and Software.
  • Knowledge on Huawei & Juniper Routers, HP & IBM blade switches . Knowledge of Active Directory, DNS, Certificate Services (PKI)
  • Configuring QOS on Routers and Switches . Experience with VMware, Cisco VPN and Citrix
  • Worked on Cisco ASA Software
  • Working experience with A10 and F5 Load Balancer
  • Installation/upgrade of antivirus server and providing end point security with Trend Micro Office scan.
  • Installation of Windows 2003 enterprise and standard editions, R2, Windows 2000 standard and advanced server editions.
  • Experienced in DHCP DNS, AD, NIS, NFS, SMTP, IMAP, ODBC, FTP, TCP/IP, LAN, WAN, LDAP, HP RDP, security management and system troubleshooting skills.
  • Experienced systems engineer and lead technician, setting scope and deliverables, timelines, budgets and maintaining communication between layered teams.
  • Thorough knowledge of the installation, termination and troubleshooting of the physical layer and data link layer of the OSI model.
  • Contributes a multifaceted data systems skillet with strong business and accounting acumen to drive successful projects and meet modern infrastructure challenges.
  • Keep the antivirus section of the network up to date with current versions of antivirus software, latest signatures and relevant documentation.
  • Configuring and managing syslog server, automatic configuration backup using event Manager, Archive command scripts
  • Vendor coordination for all Network, Security and Wireless services
  • Capture and Analyze the logs using Wireshark, Netflow, SyslogsProviding technical security proposals, detailed RFP responses, security presentation, installing and configuring ASA firewalls, VPN networks and redesigning customer security architectures.
  • Experience with managing the completed end to end site solutions
  • Involved in Datacenter build and support, Implementation, migrations network support, Interconnectivity between an old Datacenter and new Datacenter.
  • Managing and Troubleshooting SCCM Servers and SCCM Clients.
  • Troubleshooting "Package Replication" on DPs among sites.
  • Need to Pull out "Reports" as per the requirements, sql query or predefined reports from SCCM.
  • Worked on Migration projects from IIS 6.0 to 7.5 and IIS 6.0 to IIS 8.5 and IIS 7.5 to IIS 8.5.
  • Installed and configured IIS 6.0/7.0/7.5/8.0/8.5 web server on Microsoft Windows 2003/2008R2/2012/2012R2 server accordingly.
  • Configured multiple websites in IIS 7.0/7.5/8.0/8.5 using Virtual IPs, multiple ports and Host headers.
  • Installation of Linux and windows systems upgrades of systems as well as SSL implementation.
  • Implementing 3750 Rack/Stack switches using Cisco Stack Wise technology
  • Handled Firewall security of all external and internal traffic, intrusion detection and prevention, denial of service attacks.
  • Worked in patch management through manual and SCCM methodology.
  • Data center migration was involved in Access, Distribution and Core layers.
  • Installed new purchased Hardware to the new DC, migrate data over WAN connection, also greatly involved in virtualization of physical servers.
  • Integrated and evaluated Cisco ACI, VMware NSX, and Arista CVX SDN solutions.
  • Involved in migration of WLAN segment on the LAN Core. Also, involved in configuring wireless VLANS
  • Working knowledge of Firewall service module FWSM UPGRADE, FWSM RULESET conversion
  • Upgrading IOS on 2960 and using 2960 switch as a PAGP between VSS
  • Working knowledge of PPP Protocol with Enhanced Flex WAN module on 6500 catalyst switches
  • Involved configuring PPP multilink group, dialer group, PPP authentication protocols like PAP, CHAP
  • Working knowledge of Terminal server and the configurations
  • Installation of L3 Switching Engine Policy Feature Card & Distributed Forwarding Card DFC3C

Environment: 3750, 3550, 3560,3925, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches, 7206, 2611, 6748, 6708, 2960, T1 Controllers, DS3 Lines (T3 Lines), Fiber and Ethernet cabling

Hire Now