SUMMARY:

• 8 years of hands on experience in network engineering, designing, integrating, deploying, maintaining and supporting broad range of communication systems.
• Expert level knowledge on configuring Cisco Wireless Solutions, Prime Infrastructure, Aruba Mobility controller, and Airwave solutions.
• Expertise in Cisco ISE, ACS and Aruba Clearpass Radius and TACACS solutions.
• Expert Hands On Experience in 802.1x, AAA Wired and Wireless Configurations.
• Comprehensive understanding of the technologies involved with network security firewall products Checkpoint, Palo Alto and Cisco ASA.
• Hands on Experience in setting up Checkpoint configuration for Firewall and Web filtering managed by Checkpoint smart dashboard in smart domain manager/Provider - 1 environment.
• Experience in Implementing Check Point Firewalls NG, NGX, NG R55, NGX 60, NGX R65, R70, R75, R76, R77.10, R77.30.
• Experience in troubleshoot network issues including boundary protection devices, CiscoNortel /Avaya and Bluecoat Proxy Servers.
• Good understanding of NAT & Firewall on Aruba Controllers
• Supporting and troubleshooting Checkpoint/Cisco site-to-site VPN and IPSec functionality.
• Experience in layer 2 protocols configuration for Virtual Local Area Network (VLAN), VLAN Trunking Protocol (VTP), Spanning Tree Protocol (STP), and Rapid STP.
• Experience in Layer 3 Routing Protocol configurations: OSPF, EIGRP and BGP.
• Experience in HSRP and VRRP redundancy Protocols.
• Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Hands-on experience in using network monitoring tool Solarwinds Orion .
• Day to day hands on VMware ESX Administration like VMotion, Storage VMotion and Maintenance of VM's include monitoring of ESX systems for Performance.
• Having experienced in Agile Methodologies, Scrum stories and sprints experience in a Python based environment, along with data analytics, data wrangling and Excel data extracts.
• Good knowledge of CISCO NEXUS data center infrastructure with 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2248).
• Familiarity with WAAS, VoIP, and next-gen datacenter networking (SDN, Cisco ACI).
• Experience with installing and managing IT services such as Active directory, site replication, DNS, SSH, DHCP, DNS, NAT and Terminal service.
• Deploying Cisco ASA and Bluecoat ProxySG (Web Security Appliance) S170 for URL Filtering Policies.
• VMware NSX installation, Configuration and Maintenance.
• Network Monitoring using SNMP and other management tools such as SPLUNK, Wireshark, Solarwinds, and Gigamon.
• Experience in vulnerability scanning activities for over end interfaces and provided technical support for all scanning issues with Metasploit, Tenable Security Center.
• Experience in physical cabling, IP addressing and Subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies.
• Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Ability to Install, Manage & Troubleshoot Large Networks & Systems Administration on Windows & Linux platforms in Development, Lab & Production Environments.

TECHNICAL SKILLS:

Operating Systems: Cisco IOS, Windows NT 4.0 (Desktop/Server), Windows 2000/2003/2008 Server, Windows XP/Windows 7/8, LINUX, UNIX, MS Exchange server, Solaris, Active Directory.

Equipment’s (Switches Routers): Cisco routers (7600, 7200, 3900, 3600, 2800, 2600,2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series, juniperSRX, MX, EX Series Routers and Switches.

Routing: OSPF, EIGRP, BGP, RIP, RIP-2, PBR, Route Filtering, Redistribution, Summarization, Static Routing.

Switching: VLAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing &Multi-Layer Switching, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging.

Firewalls: ASA 5500 series, Cisco firepower 2110,4110, checkpoint, Juniper Netscreen Firewall ISG100, 2000, SSG, SRX .

Load Balancer: ACE Module, GSS &F5 LTM

LAN Technology: Workgroup, Domain, HSRP, DNS, DHCP, Static, VLAN, STP, VTP, Ether Channel, Trunks.

WAN technology: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET.

Various Features &Services: HSRP, VRRP, GLBP, NAT, SNMP, SYSLOG, NTP, CDP, DNS, TFTP, FTP, IOS and Features, Management. Wireshark, IXIA chariot, Packet Sniffer, Packet Analyzer and Solar Winds Breaking Point, TCPDump, Python.

Wireless & Wi-Fi: Canopy Wireless Device (point to point/point to multipoint), DLink Wireless (point to point), DLink Access Point, CISCO 1200 series Access Point, and Linksys Wireless/Wi-Fi Router.

PROFESSIONAL EXPERIENCE:

Network Engineer

Confidential - Bloomington, IN

Responsibilities:

• Provided operational and configuration support for F5 Big IP LTM. Configured and troubleshoot F5 OS version, 9.x, 10.x and 11.x.
• Wrote BASH scripts containing TMSH commands to create / modify virtual servers, pools, nodes, profiles, and monitors. Successfully migrate 10,000+ server farms / virtual servers from Cisco Application Control Engines (ACE) to F5 Local Traffic Managers (LTMs). Migrated 1000's of VIPs from shared LTM pairs to dedicated LTM pairs using BASH scripts with TMSH VIP management commands.
• Implemented a script to automatically create a syntax for Nodes, Pools, VIPs, Profiles, Persistence in TMSH, based on requirement using Python.
• Security infrastructure engineering experience as well as a Microsoft Windows, UNIX, Juniper firewalls, Palo Alto firewalls, Bluecoat Proxies, Juniper Intrusion Prevention devices, and wireless switch security management.
• Good knowledge on IRules with Tool Command Language (TCL) code to perform custom URL parsing and redirects based on values contained in URL suffixes.
• Deployment of Palo Alto firewall into the network. Configured and wrote Access-list policies on protocol-based services.
• Providing support Palo Alto 3000/5000 and 7000 series Firewall through Panorama Management Console.
• Designed VNets and subscriptions to conform to Azure Network Limits.
• Hands on experience on dealing with Microsoft Azure cloud computing including implementing access lists in the Network Security Group.
• Analyzed traffic pattern and implemented URL filtering using the Palo Alto Firewall. Troubleshooting and configuring Palo Alto FW's 3060 & 5060.
• Developed Engineering documentation to record F5 environment and change processes.
• Performed architectural changes to improve security and network efficiency. Provided operational support and data analyses.
• Add Wireless controllers and F5 Load Balancer to Cisco ISE. Customize Guest Portal using Cisco ISE.
• Hands on Experience in Bluecoat -Proxy set up, troubleshooting production issues and analysis.
• Experience in VMware, Microsoft Active Directory, Puppet, security settings, group policies.
• Perform upgrade of Cisco ISE and apply security patches.
• Configured and performed software upgrades on Cisco Wireless LAN Controllers WLC's (8510, 5508, 5706) for Wireless Network Access Control integration with Cisco ISE.
• Support customers with upgrades, deployment, and configuration of Cisco Prime Infrastructure.
• Configured and Managed: Cisco Wireless LAN Controller 5508 and Cisco 3802, 2802, 3702, 3602, 2600, 1550, 1242 and 1131 Light Weight AP's. Wireless Configuration, Management and Support with Prime Infrastructure.
• Extensively used Netmiko lib in python to configure VLAN, and remotely execute router commands.
• Migrated complex, multi-tier applications on AWS. Defined and deployed monitoring, metrics and logging systems on AWS. Migrated existing on-premises applications to AWS
• Interfaced with middle/senior levels of management and external equivalents and disseminated information to team members.
• Firmware upgrades on both wired and wireless network equipment using Cisco Prime Infrastructure.
• Deploying wireless in both local controller mode and flex-connect mode dependent upon location.
• Performed IOS upgrade on various Cisco routers and switches platforms.
• Reviewed and redesign wireless for more than 100 remote offices. Performed Offline Wireless Site Surveys and created wireless heat maps based on building/suite floor plans with Cisco Prime Infrastructure

Sr Network Engineer

Confidential - Hopkinton, MA

Responsibilities:

• Deployment of Palo Alto firewall into the network. Configured and wrote Access-list policies on protocol-based services.
• Providing support Palo Alto 3000/5000 and 7000 series Firewall through Panorama Management Console.
• Analyzed traffic pattern and implemented URL filtering using the Palo Alto Firewall. Troubleshooting and configuring Palo Alto FW's 3060 & 5060.
• Design & Installations from ground up of the F5 appliances and the solution delivery.
• Upgrades and Migration from old infrastructure to new infrastructure.
• Implementing VMware NSX Micro segmentation, logical switch, DLR/Edge configuration and maintenance.
• Have strong VMware vSphere, vRealize Automation, NSX, VSAN knowledge Resolving certificate related issues like chain, ca, san, ica etc. and client training with documentations.
• Perform network engineering, design, planning LTM & GTM, APM load balancing implementation and scheduling infrastructure related tasks by coordinating with other teams.
• Managed the F5 Big IP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Deployment and Management of Bluecoat proxies in forward proxy scenario as well as for security in reverse proxy scenario.
• Configured application load balancing using F5 LTM.
• Administrating on F5 LTM, GTM, ASM, APM on series 5050 .
• Experience with configuring VIP, Pools on F5 LTM and working with irule management on LTM.
• Worked on Converting the Partner IPSEC VPN from one Data Center to Another Data Center.
• Utilizes network tools like Gigamon and Wireshark for troubleshooting and monitoring.
• Experience working with Nexus 7010, 5020, 2148, 2248 devices.
• Experience in configuring Juniper Layer 3 EX4200 & EX3200 switches. Design, implement and administer IPv4/IPv6 enterprise network infrastructure utilizing Juniper routers.
• Migrating Cisco ASA firewalls policy to new Checkpoint appliance with support of vendor specific tool.
• Hybrid cloud management of the enterprise using VMware vRealize Automation(vRA).
• Managing URL Content Filtering on Websense Proxy Adding exemption, editing policy groups on Websense Management Server.
• Adding/removing ARM bypass rules on Websense appliances.
• Perform Firewall OS upgrades using CLI, Splat and Voyager GUI.
• Establish AWS technical credibility with customers and external parties
• Experience on designing and troubleshooting of complex BGP and OSPF routing problem.
• Convert Branch WAN links from TDM circuits to MPLS.
• Implemented, analyzed and recommended appropriate system for the out of band management monitoring. utilizing Solarwinds for primary and disaster recovery site.
• Monitored and responded to network anomalies utilizing Solarwinds/Orion's software and recommended appropriate network solutions for issues.
• Good Knowledge on Juniper SRX configurations on various platforms of Junos.
• Worked on Juniper J series j230, M 320 routers and EX 3200 series switch.
• Complete understanding of feature testing of switches (RFC 2889 and RFC 2554) using IXIA's IP testing system.
• Replace branch hardware with new 2851 routers and 2960 switches.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a data center access architecture.
• Implementing security controls (ISO/IEC 27000, NIST, CIS, etc.) to match regulatory compliance requirements (PCI, HIPAA, SOX, ITR, GDPR, etc.).
• Implementing & Troubleshooting of T1, MUXES, CSU/DSU and data circuits.
• Involved in designing and implementing QOS and policy map to 2800 series routers for all the branches.
• Worked on Layer 2 protocols such as STP, VTP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment.
• Involved in configuring IP Quality of service (QoS).
• Involved in Datacenter build and support, Implementation, migrations network support, Interconnectivity between an old Datacenter and new Datacenter.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Installed new purchased Hardware to the new DC, Migrate data over WAN connection, also greatly involved in virtualization of physical servers.

Environment: Router 2900, 3900; Cisco Catalyst Switch 3550, 2960. T1 Controllers, Juniper J series, Checkpoint R70 to R75.20, Cisco ASA, DS3 Lines (T3 Lines), Fiber and Ethernet cabling, Palo Alto 3000/5000 and 7000 series, Nexus 7010, 5020, 2148, 2248.

Sr Network Engineer

Confidential

Responsibilities:

• Configuration and setting a lab for the testing of Checkpoint R80.10 Gaia operating system on both Management and Gateway.Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability.
• Knowledge in implementing and configuring F5 Big-IP LTM-6400 load balancers.
• Used load balancers ACE and load balancing technique with multiple components for efficient performance and to increase reliability through redundancy.
• To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Load Balancing using F5 Networks Big IP.
• Hands on Experience in configuring F5 objects, components and provisioning various modules like LTM, GTM, ASM, APM.
• Configuring policies on ASM using manual policy enforcement and auto policy enforcement with F5 ASM.
• Using tools like TT for ticketing, GenevaBuilder, NetworkConfig Builder, Git, AWSdeployment dashboard, NetCircuit etc.
• Participate in planning, implementation, and growth of our customer's Amazon Web Services (AWS)foundational footprint.
• Analyzing firewall change requests and implementing changes into existing firewall policies by maintaining the security standards of the organization.
• Change Management: Need to make sure that all the change designs and implementations are completed and tested as per the schedule required by the customers.
• Configured Checkpoint Firewall in distributed deployment and also maintaining Site-to-Site VPN Connection through the Firewalls.
• Responsible for configuration and Virtualization of Checkpoint firewalls across the enterprise.
• Assisting in configuration of Multi-Domain Security Management server and consolidation of CMA's
• Maintaining 8 gateways using Smart Center Server as a Management Station.
• Hands on experience dealing with different blades on checkpoint appliance other than Firewall, IPSec, Application Control and URL Filtering, IPS, SecureXL.
• Installing Jumbo Hot Fix take 151 by removing Shell Shock and Installing Gypsy to the Multi-Domain Security Managements on R76 Gaia platform and upgrading to R77.10.
• Upgrading Checkpoint Gaia and Security management from R 76 and R 7 .30 and R77.30 respectively with the latest hotfix take 216.
• Managing URL Content Filtering on Websense Proxy.
• Perform Firewall OS upgrades using CLI, Splat and Voyager GUI.
• Configuration and Maintenance of Splunk, Gigamon Network Visibility.
• Migrated to R75.xx in various Checkpoint 4k/11k/21k appliances from R65, R62, R60, etc., and building the new Smart Center server.
• Configuring VLAN trunking Protocol (VTP) on core switches.
• Configured HSRP and VLAN trunking 802.1Q, VLAN routing on catalyst 6500 switches.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Study single point failures & design WAN structure in such a way that there are no failures in network in case of any device or link failure.
• Knowledge about setting up Python REST API Frame work using Django.
• Implementing, Monitoring, Troubleshooting and Convergence in Frame-Mode MPLS inside the core.
• Configured Routing Protocols such as OSPF and policy-based routing.
• Design OSPF Areas for reliable Access Distribution and for Core IP Routing.
• Fine-tuned OSPF metrics to avoid routing loops and ensure redundancy in case of link failures.
• Redistribution of routing protocols and Frame-Relay configurations.
• Setup simplified and traditional VPN communities and CISCO Anyconnect.
• Implemented LAN/WAN utilizing CISCO 7200, 7204, 7206.
• Installed and configured Routers, Bridges, Terminal Servers and CSU/DSU's to support WAN links.
• Work with application developers and systems engineer to migrate applications and systems to a new Border Gateway network.
• Patch and Package administration for installation of patches as per company policy and installation of packaged application.
• Leveraged two Nexus 2232 Fabric Extenders and two 2248 Fabric Extenders, making them 'dual-homed' to both N5Ks and implementing Enhanced Virtual Port-Channel (EvPC).
• Worked with networking teams to install an Avaya VoIP phone system and test phone system connectivity and functionality.
• Involved smart view tracker to check the firewall traffic.
• Documented all the work done by using MOPS, Visio, Excel and MS word.

Environment: Cisco 3750/3550/3500/2960 switches and Cisco 12000/7200/3845/3600 routers, Cisco ASA5510, Checkpoint.

Sr Network Engineer

Confidential

Responsibilities:

• Responsible for the implementation and maintenance of firewall based security zones (DMZ*s).
• Provide support to internal project teams by adding firewalls, switches and routers to managed DMZs.
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS.
• Cisco ASA firewall service and Citrix NetScaler Load balancing service deployment on ACI with Microsoft Azure Pack configuring Cisco Application Centric Infrastructure (ACI) and Cisco APIC
• Work with our current application teams to understand our current applications and make migration recommendations and to-be architectures in AWS
• Implementing & Troubleshooting of T1, MUXES, CSU/DSU and data circuits.
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems,
• Have sound knowledge of Firewall architecture, routing and VPN.
• Have experience working on HP Open view Network Node Manager.
• Upgrade firewalls in accordance with change management & Document changes to firewalls.
• Monitor traffic and access logs in order to troubleshoot network access issues.
• Have experience with Cisco Works LAN Management Solution.
• Experience in migration of Frame-relay based branches to MPLS based technology using multi layer stackable switch like 6500 series and 2800 series router.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Hands on experience with Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them with various modules like Gig card, VPN SPA card, WIC card.
• Cisco IOS experience on 3600/7200 class hardware in complex WAN environment and experience on Cisco OS and IOS on CAT6500 in a complex data centre environment.
• Involved in configuring IP Quality of service (QoS).
• Conducted vulnerability assessments using Nexpose. Helped with creating patch management program.
• Install and configure Bluecoat Proxy SG in the network for web traffic management and policy configuration.
• Performing URL filtering and content filtering by adding URL's in Bluecoat Proxy SG's.
• Helped customer to utilize Nexpose tool after security breach. Ensured the consistency and quality of Payment Card Industry (PCI)
• Perform risk analysis of all software and hardware configuration changes.
• Perform vulnerability scanning of all network assets to determine potential weaknesses in the security posture using Tenable Security Center.
• Performing URL filtering and content filtering by adding URL's in Bluecoat Proxy SG's
• Integrated NetScaler into complex enterprise environments in short periods of time taking into consideration the functioning production environment.
• Configured reverse proxy access via NetScaler per customer requirements.
• Worked with customers to confirm NetScaler was performing requested duties from Layer 1 to Layer 7 while being fully redundant for DR and business continuity. Used AJAX coding techniques to send the requests to server and receive the results from server.
• Experienced in WAN environments, installing and troubleshooting data circuit problems (MPLS, T1).
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment.
• Understanding & Implementation of IPSEC & GRE tunnels in VPN technology.

Environment: Router 2800, 3800, 7200, 7600; Cisco Catalyst Switch 6500, 6509, 3550.

Network Engineer

Confidential

Responsibilities:

• Configured CIDRIP, RIP, PPP, BGP and OSPF routing.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4.
• Experience with Firewall Administration, Rule Analysis, Rule Modification.
• Configured and resolved various OSPF/IS-IS issues in an OSPF/IS-IS multi area environment.
• Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team. The LAN consisted of Cisco campus model of Cisco 3550 at access layer, Cisco 6513 at distribution/core layer.
• Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing.
• Layer 2 switching technology architecture, implementation and operations including L2 and L3 switching and related functionality. This includes the use of VLANS, STP, VTP and their functions as they relate to networking infrastructure requirements including internal and external treatment, configuration and security.
• Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards.
• Experience with implementing and maintaining network monitoring systems (Cisco works and HP Open view) and experience with developing complex network design documentation and presentations using VISIO.
• Design, implementation and operational support of routing/switching protocols in complex environments including.
• IS-IS, BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.

Environment: Cisco 6509/ 3750/3550/3500/2950 switches, Cisco 7200/3845/3600/2800 routers, Checkpoint firewalls (SPLAT), Net Flow, TACACS, EIGRP, RIP, OSPF, BGP, VPN, MPLS, CSM, SUP720, Ether Channels, Fluke and Sniffer.

Jr. Network Engineer

Confidential

Responsibilities:

• Administration and diagnostics of LAN/WAN with in-depth knowledge of TCP/IP, NAT, network protocols and services.
• Configured RIP and EIGRP on 2600, 2900 and 3600 series Cisco routers.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems • Performed IOS upgrades on 2900, 3500 series Cisco Catalyst switches and 1800, 2600, 3600 series Cisco routers using TFTP.
• Implemented VTP and Trunking protocols (802.1q and ISL) on 3560, 3750 series Cisco Catalyst switches.
• Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series and ASR 9k, GSR 12K routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Working on Nexus (7k, 5k) implementation for Data centers and large remote sites globally.
• Configured Access List (Standard, Extended, and Named) to allow users all over the company to access different applications and blocking others.
• Configured STP for loop prevention and VTP for Inter-VLAN Routing.
• Done troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
• Worked on network-based IT systems such as Racking, Stacking and Cabling.
• Other responsibilities included documentation and change control • Performed routine network maintenance checks as well as configure and manage printers, copiers, and other miscellaneous network equipment.
• Maintenance and Troubleshooting of connectivity problems using Ping, Trace route.
• Performing Backups of Cisco router configuration files to a TFTP server.
• Troubleshoot LAN related problems, provided Desktop support for local and remote end-users.
• Log messages using Syslog server and analyze the issues related to high CPU utilization and parameters that can degrade performance of the network.

Environment: Cisco 2900/3560/3750 switches. TFTP, LAN/WAN, VLAN, STP, RSTP, TCP/IP, DNS, WINS/DHCP, STP, RSTP.