SUMMARY:

• Having 11 years of IT experience in Network engineering, Network security, designing maintaining, managing and troubleshooting heterogeneous enterprise networks.
• Implementation of LAN/WAN network technologies. Outstanding customer service skills resolving technical issues and educating end - users.
• Hands on configuring and implementing Juniper Firewalls, secure policies,VPN’s, and routing.
• Hands on Configuring Juniper M7i, MX 960,MX 80 routers:
• Hands on Cisco switches/routers, VLAN,VTP configurations IP routing and subnetting
• Cisco IOS upgrades
• Hands on configuring F5 and Citrix Load Balancers,
• Hands on configuring Intrusion detection system
• Host based Server sensors for Windows
• Internet Security Systems (ISS) Site Protector Console for managing Intrusion detection system
• TCP/IP concepts and maintaining TCP/IP based Networks and Subnetting
• Hands on Routing protocols like OSPF, EIGRP, RIP,BGP
• Implemented SNMP on devices to allow for network management
• Implemented traffic filters using Standard and Extended access-lists
• Implementing and Managing DHCP, DNS, SNMP.
• Hands on configuring Windows 2003 Active directory configuration and DNS
• Experience with test tools such as IXIA and Packet Analyzers (Ethereal)
• Knowledge of ISDN (BRI&PRI),
• Checkpoint NGX VPN configuration
• Hands on configuring Nokia IPSO devices
• Experience working on SSL VPN
• Security compliance using Tripwire software.
• Experience with Niksun tool

TECHNICAL SKILLS:

Firewall Feature Set: Juniper, Check point,Nokia, Fortigate Security platforms

Router/Switches: Cisco routers/Switches/Juniper router/Brocade foundary

Load Balancers: Big IP /F5 Local Traffic Manager and Global Traffic Manager/Citrix Net scalar

IPS: Top layer Intrusion Prevention system

IDS: Proventia G 200/ GX 4002 Intrusion detection System. ISS Site Protector and Real secure server sensors

Storage: Confidential SAN Switches

OPERATING SYSTEMS: Linux (Red Hat), MS Windows 2000/2003/XP, Visio

MANAGEMENT: MRTG, Solarwinds/Nimsoft

ANALYZERS: TCPdump, Ethereal, Network General Sniffers,

PROTOCOLS: TCP/IP, SNMP, SMTP, NFS, DHCP,DNS, FTP, RIP, OSPF,BGP

LANGUAGES AND SCRIPTS: C, ASP, HTML, VBScript

PROFESSIONAL EXPERIENCE:

Confidential, Germantown, MD

Senior Network Engineer - Network Engineering

Responsibilities :

• Manage customer networks Confidential the Datacenter (NOC)
• Updating the Customer networks to meet the customer application needs.
• Building the Backhaul to meet the retail business model
• Involved in configuring the Data Center Firewalls, configuring Virtual private networks
• Configuring Cisco 3800 series routers for the enterprise routing.
• Troubleshooting network issues including issue related to VPN, routing.
• Working in the lab to set up and test the new design networks that would improve the network performance
• Testing and reproducing the issues noticed in real time customer networks and working towards providing the needed resolution.
• Involved in configuring the routers for BGP peering with the customer routers
• Involved in building redundant networks to support disaster recovery
• Designing and Configuring the HA networks
• Working on routing protocols such as ospf, Eigrp, RIP,BGP
• Redistributing various network traffics and protocols to and from the enterprise networks.
• Providing the needed documentation from technical and design perspectives, as well for the changes in the network.
• Implemented AAA for making the network componetns PCI complaint.
• Collaboratively work with other teams and drive them together towards problem solving.
• Educating the team members of the known issues and making them aware of the network related problems and issues noticed
• Following the company security standards, and PCI compliance in the networks
• Implementing PCI to make sure we have audit data, log reports and authorization for accessing the devices

Confidential, Annapolis, MD

Network Designing -Provisioning Engineering-Infrastructure

Responsibilities:

• Working on Target Architecture -05 and BA-10 architectures. Building the devices to establish the connectivity between all the devices included in the design and rolling them out to production with all the required layer 2 and layer 3 configurations.
• Configuring vlan, port channel and vlan trunking between the distribution and access switches.
• Performing IOS upgrades
• Configuring ospf /bgp and peering with the neighboring production devices to establish the uplink connectivity to the pre-production devices.
• Verifying bgp neighbor connections and perform any required trouble shooting in case of turn up failure during a change window.
• Working on F5 load balancers and roll them to production.
• Working on configuring firewall rules and site to site vpn tunnels as per the requirement.
• Also includes operation readiness testing (ORT)of the devices before handing them to operations team.
• Preparing Method of procedure (MOP) document for any changes on production devices during change windows
• Adding/installing line cards to the devices as per the customer requirements
• Performing trouble shooting as needed with the IDC tech thus resolving any issues related to layer1/console connectivity.
• Involved and participated in design reviews calls for the project architectures
• Following the standard encryptions for the VPN traffic flow to meed the PCI needs.
• Implementing best practice for the Password enabled /protected devices.

Confidential

Responsibilities:

• Installed and configured Juniper firewalls Confidential each datacenter.
• Configured secure firewall policies to secure all the transactions.
• Configured Site to Site VPN tunnels.
• Configured IBM-Proventia, Intrusion detection system
• Monitor all the system events reported in Site Protector Console.
• Perform the system event analysis using IBM-ISS Site protector console
• Managing and monitoring the Top Layer IPS 5500 Intrusion Prevention system traffic flowing in and out of the network.
• Configure Access control lists on Intrusion Prevention system to make sure only the approved user community has access to the application.
• Configured Juniper M7i router - ATM frame relay circuits.
• Troubles shooting the ATM-frame relay configurations.
• Manage and monitor Cisco switches, configuring Vlans, VTP, and ISL trunking.
• Global and local load balancing using F5 Global Traffic Manager(GTM)and Local Traffic Manager
• Configure load balancing methods on Global Traffic Manager(GTM)for the user sessions to be load balanced between the Datacenters as required by the client
• Configure nodes/pools in Local Traffic Manager(LTM) for session load balancing between web servers with in each Datacenter
• Configuring the Local traffic Manager and Global Traffic Manager (GTM) to be in sync with in the site and also synching the Global Traffic Managers (GTM) between the sites.
• Configured Windows 2003 Active directory servers. Configured primary and back up domain controllers.
• Configured Active directory replication with in the site and between the Datacenters. Configured Distributed File system on the server.
• User authentication and user management using active directory
• Configuring monitoring tools like Nimsoft for servers and network devices.
• Documenting workflow process, managing and implementing Standard policy and procedures. Installing and configuring new systems and modifying existing systems configuration.

Network Engineer

Confidential

Responsibilities:

• Worked on IPSO-SB, which is the Proprietary secure OS for the all NOKIA IP platforms, which is designed to install on DISK, DISK LESS platforms for all SOHO (IP40), SME (IP300 series etc) to Large Enterprise levels (IP 2200/1200/700 series etc).
• Experience in IPSO-SB which is designed & coded with various new state-of-art technology features like VRRP, Cluster, Tunnels, Various routing protocols, Multicast support and also to support Check-point firewall features like SXL, VPN, UTM and High availability.
• Responsibilities Includes configuring of routing protocols like RIP, OSPF, and VRRP.
• Designing of topology and writing test cases such that all parts of the modules covered.
• Regression testing of the features and cross functionality testing before final release.
• Good knowledge of configuring IPSO with check point installed on the device
• Knowledge of configuring VRRP, along with check point configured on the device
• Configuring Check point secure XL (SXL)
• Configuring check Point Basic policies and establishing a vpn tunnel between two end gateways.
• Generating various kinds of traffic Using various tools like ISIC, TCPSIC, UDPSIC and NETCAT
• Configuring of VLANs between the Nokia and the Cisco devices
• Configuring Link Aggregation (channel grouping) on both Nokia switches and Cisco switches.
• Configuring an external Authentication servers
• Interoperability testing with third party network components.
• Configuring static NAT, dynamic NAT in check point
• Setting up VLANs and configuring ISL trunk on fast Ethernet channel between switches

Network Engineer

Responsibilities:

• Good understanding about the QA process and software development life cycle.
• Excellent experience with Router configurations, understanding subnetting and routing protocols
• Good Knowledge on SNMP network management and troubleshooting.
• Design, maintain and implementing both the logical and physical network layers.
• Verify system functionality, performance and scalability and report defects in protocol/Functionalities/Features of the products under test.
• Worked on SSL VPN’s in network simulation scenarios, setting up test topologies to verify protocol implementations
• Worked on high Availability (HA) load balancing in SSL VPN
• Knowledge on configuring End Point security (EPS)
• Configuring Network ACL in the SSLVPN product
• Good knowledge of Network design to simulate customer scenarios and issues resolution.
• Knowledge of configuring browser based certificates.
• Working knowledge of Authentication access mechanism such as Radius server

Network Support Engineer

Confidential

Responsibilities:

• Study and understanding of the topology being used and network architecture assuring of performance of the Optical Fiber and UTP Cabling done by contractor with industrial standards.
• Interacting with the customer and reviewing of the work and testing the material up to customer satisfaction and providing report to superiors.
• Testing of network devices like switches and routers in the lab environment with simulated test bed and full traffic pumping using smart bits
• Implementation of data networks and recording of configurations on these devices and securing them with passwords..
• Testing of actual network with traffic simulators and commissioning of network with Server clients implemented.
• Extended support after commission for real time issues and trouble shooting of them by coordinating with actual vendors of the product.
• Participated in upgrade of Cisco IOS and also installed and configured Cisco 2950 switches for HSBC bank.
• Excellent knowledge on configuring VLANs and VTP.
• Monitoring the links, using the core routers located Confidential the server room.
• Worked on Cisco 3600 and 3750 core routers.
• Coordinating with NOC (network operating center) in trouble shooting the customer issues
• Analyzed and resolved Network issues and performances issues fulfilled the role of Network Coordinator for HSBC bank.