SUMMARY:

• CISCO Certified Network Engineer with over 8.3 years of experience in Networking, including hands - on experience in IP network design, support, installation, analysis and troubleshooting.
• Implemented Cisco Advanced Malware Protection for endpoint security systems.
• Implemented Cisco ASA 5540 firewall & Palo Alto 5060, 5260, 3050 firewalls for firm’s security
• Good knowledge of TACACS+, RADIUS implementation in Access Control Network.
• Installing and configuring DNS, and DHCP server.
• Experience with network security protocols such as IPSEC tunnels, GRE tunnels, NAT/PAT, ACLs, VPN and BGP.
• Implemented Palo Alto network firewalls such as security NAT, Threat prevention URL filtering.
• Implementing, maintaining and troubleshooting L2 switches tasks such as VLAN’s, VTP, VLAN trunking and Inter-VLAN routing.
• Currently held responsibilities to configure, install and administer network infrastructure.
• Demonstrated success in managing multiple tasks with proven ability to meet deadlines and proactively identifying the problem to solve complex technical issues.
• Installing, configuring and troubleshooting Cisco Routers, Cisco Switches, Load Balancers & Cisco Firewalls.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: OSPF, EIGRP, RIP MPLS & BGP.
• Experience with AWS and python
• Experience in T1/E1/T3 technologies and different LAN&WAN technologies.
• Updated and maintained inventory of all network hardware, Management and Monitoring by use of SSH, NTP.
• Ability to Install, Manage & Troubleshoot Large Networks & Systems Administration on Windows platform in Development, Lab & Production Environments.
• Configure servers to meet specific requirements, including hard drives, memory, & CPU.
• Adapt in preparing Technical Documentation and Presentation using Microsoft VISIO/Office.
• Capable of quickly learning, effectively analyses results and implementation.
• Proficient in using MS Visio for documentation purposes.

TECHNICAL SKILLS:

Cisco Platforms: Nexus 7K,5K,2K & 1K, Cisco routers (7600, 7200, 3900,3600, 2800,2600,2500,1800 series & Cisco Catalyst switches (1900, 2900, 3550, 3750, 6500 series) PIX Firewall, ASA (5505/5510) Firewall, CatOS, Cisco IOS 11.x, 12.x, PIX OS 6.x, 7.x, Meraki Aps, UBR10K, CBR8K

Juniper Platforms: MX, EX series Routers and Switches

SMTP, VLAN, Inter: VLAN Routing, VTP, STP, RSTP, Light weight access point, WLC.

WAN Technologies: MPLS, VPLS, Frame Relay, PPP, HDLC, (E1/T1/E3T3), DS3, OC192

Network Security: Cisco ASA, Juniper SRX.

OS products/Services: DNS, DHCP, Windows (2000/2003/2008, XP), UNIX, LINUX

RIPv2, OSPF, EIGRP, IS: IS, BGP, PBR, Route Filtering, Redistribution, Summarization, and Static Routing

Gateway Load Balancing: HSRP, VRRP, GLBP

Various Features / Services: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP.

Network Management Tools: Wireshark, Net flow Analyzer Net Scout, SNMP, Cisco Prime, Ethereal, HP open view

Load Balancers: F5 Networks (Big-IP) LTM 6400

Operating Systems: Windows (98, ME, 2000, XP, Server 2003/2008, Vista, 7, 10), Linux

Firewall & Security: Checkpoint (NGX R65, R77-80), Cisco ASA, Palo Alto, ASA 5505 Firewall, Juniper Net Screen firewall

Languages: Perl, C, C++, SQL, HTML/DHTML, Python scripting

Virtualization & Cloud: VMware vSphere Suite, AWS Solution Architecture.

PROFESSIONAL EXPERIENCE:

Confidential, Denver, CO

Sr. Network Security Engineer

Responsibilities:

• Deployment of Palo Alto Firewall into the network. Configured and wrote Access-list policies on protocol-based services
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs
• Troubleshooting of protocol-based policies on Palo Alto Firewalls and changing the policies as per the requirement and as per traffic flow
• Migrating Palo Alto 5060 & 7060 firewalls and configuring IPS/IDS and content Filtering
• Implemented Zone Based firewall and Security Rules on the Palo Alto firewall
• Successfully installed Palo Alto PA 3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls
• Configured new ACI Fabrics in the Cisco Infrastructure from building of the APIC controllers, Spines and leaf architecture and have prepared detailed documentation on this.
• Successfully deployed new ASA Firewalls (5585's) dedicated to ACI infrastructure in multiple Cisco data center locations.
• Experience with implementation and support of the Cisco Nexus product line
• Implemented network security with Cisco Adaptive Security Appliance (ASA).
• Created Virtual Contexts, VLANs, and Interfaces in ASA 5585
• Configuring failover and working on SSL-VPN when in active/standby failover on ASA
• Worked with Automation script with Python module like Ansible.
• Engineered Ansible playbooks to automate the deployment of Windows based virtual machines and configuration/verification of L2 network devices
• Experience in implementation and troubleshooting of Datacenter devices like Nexus 7000, Nexus 5000 and Nexus 2000 Series devices with VDC's /VRF’s configurations.
• Perform ISSU upgrade on Nexus 7010 devices by operating the supervisors in active/standby mode on the devices by determining ISSU compatibility
• Responsible for configuration and troubleshooting issues related to F5 GTM/LTM devices such as 4200v, 5200v, Viprion 2200 and F5 APM
• Interacted with cloud team to use AWS services including EC2, S3, and Cloud front.
• Worked on F5 load Balancer, configured Virtual servers, pool, pool members, worked on load balancing methods for LTM.
• Configured virtual servers, nodes and load balancing pools on the F5 LTM 6400, 6800 devices for various medical/biomed applications and their availability
• Configured Bluecoat SG proxy for black-listing, white-listing and filtering of web URLs, thereby providing security.
• Configuring and troubleshooting OSPF and EIGRP, BGP, MPLS, static routes and NAT pools on the routers end
• Work on Physical site Inventory verification, gather information of various Cisco Network devices and Security Devices to develop Run book and Spec Book.
• Created MOPS to get approval from peers to perform configuration add/ remove changes following change management process

Confidential, St. Louis, MO

Network Security Engineer

Responsibilities:

• Implemented and configured firewall Palo Alto PA-5060 & PA-3050.
• Responsible for Configuration of Palo Alto 5050 devices with layer 7 filtering of traffic traversing the internet
• Upgrading the IOS on Network Devices including cisco 6800, 6500 and Palo Alto VM-300 devices
• Experience in working in panorama, palo alto user interface version 8.0.2 and VM-300 series firewalls
• Worked on Migrating from ASA to SRX550 Datacenter firewalls.
• Migrated existing rules from ASA to SRX and verified the working of the policies and applications post migration.
• Worked on several port open requests by various business units on both SRX and ASA firewalls
• Co-ordinated with the Data Network and Security team and came up with possible solutions.
• Performed Configuration on ASR 9K Pairs includes HSRP, Bundle Ethernet Config, Assigning dhcp profiles.
• Created documents for various platforms including Nexus 7k, ASR1k enabling successful deployment of new devices on the network
• Experience configuring Virtual Device Context in Nexus 7k series switch.
• Configuration of Port Channels and VPC on Nexus 9K, 7K, and 5K.
• Experience with configuring Nexus 5000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 7000.
• Implementing, configuring and troubleshooting routing protocols such as OSPF, BGPv4, EIGRP
• Implemented Cisco Application Centric Infrastructure (ACI) for supporting rapid application change by reducing complexity with a common policy framework.
• Implemented and configured Load Balancing F5 Big-IPLTM 6900
• Worked on F5 LTM series like 7050, 5050, 2200 for several applications and their availability.
• Worked on network Automation using Python
• Documented new VPN enrolments in a database and create standard procedures for further improvement.
• Involved in SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment.
• Responsible for monitoring alerts through tool like Solarwinds in the Production environment as a part of first response for the service desk.
• Create L2 and L3 Vlans on Juniper switches during the migration from the old switches for Prod, Dev, QA, Backup and ILO environments of different application groups and business units.

Confidential, Malvern, PA

Sr. Network Engineer

Responsibilities:

• Hands on experience of working with OTV & FCoE on N nexus between the datacenters and Nexus 7000 series.
• Negotiate VPN tunnels 10G using IPSec encryption standards and also configured, implemented site-to-site VPN, Remote VPN.
• Proactively involved in upgrade, maintenance, monitoring and support for the PA500 Palo Alto devices.
• Configured IPSEC VPN on SRX series firewalls.
• Configuration and troubleshoot on HSRP, VRRP, GLBP, RSTP, MST. 10G related issues coming in network environment.
• Configuration and extension of VLAN from one network segment to their segment between different vendor switches (Cisco, Juniper).
• Configured STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches.
• Supported EIGRP and BGP based network by resolving level 2 &3 problems of internal teams & external customers of all locations.
• Worked on the migration to new Checkpoint R75 firewalls from Juniper firewalls.
• Firewall Policy implementation on Checkpoint NGX R52 and R54.
• Experienced with Juniper: EX-2200, EX-4300, EX-4500, MX-480 and SRX550 trouble shooting.
• Configured objects such as Load Balancer pools for local traffic management on F5 Load Balancers.
• Worked on F5 BIG-IP LTM 6900, configured profiles, and provided and ensured high availability.
• Configuring HSRP between the 3845 router pairs for Gateway redundancy at various sites.
• Migration of existing IPSEC VPN tunnels from Pre-Shared key to Authority for purpose of scaling.
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
• Experience with the quality department Cisco QOS and maintenance teams.

Confidential, Herndon, VA

Network Engineer

Responsibilities:

• Installation and deployment of new class 9X and class 10 Server farms in multiple silos.
• Designing and installing new branch network systems. Resolving network issues, running test scripts and preparing network documentation.
• Configuring, upgrading and deployment of Nexus 7010, 5596 and 2248.
• Working with Cisco Nexus 2248 Fabric Extender and Nexus 5500 series to provide a Flexible Access Solution for datacenter access architecture
• Worked on commissioning and decommissioning of the MPLS circuits for various field offices.
• Implemented Access lists and policy mapping on Juniper router installed in each branch across all the locations.
• Ensuring problems are satisfactorily resolved in a timely manner with focus in providing high level of support for all customers.
• Configure and troubleshoot Juniper EX series switches and routers
• Established VPN Tunnels using IPsec encryption standards and also configuring and implementing site-to-site VPN, Remote VPN.
• Worked on F5 load Balancer, configured Virtual servers, pool, pool members, worked on load balancing methods for LTM
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Configured BGP features such as as-override, Local pre, EBGP load sharing on client connections
• Configured and resolved various OSPF issues in an OSPF multi area environment between multiple branch routers.
• Configuring HSRP between the 3845 router pairs of Gateway redundancy for the client desktops.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
• Providing Level 3 support to customers, resolving issues by attending to conference calls.
• Working on a broad range of topics such as routing and switching, dedicated voice access, planning and implementation, large-scale high-visibility outages, change management coordination, proactive monitoring and maintenance, disaster recovery exercise and core network repairs.
• Involved in L2/L3 Switching technology administration including creating and maintaining VLANs, Port security, Trucking, STP, Inter Van Routing, LAN security.

Confidential

Network Support Engineer

Responsibilities:

• Provided estimated bandwidth requirements for data replication, to best determine adequate timing for Migration service levels.
• Configured HSRP between VLANs, Configuring Ether-Channels, and Port Channel on 6500 catalyst.
• Switches Replaced branch hardware with new 2851 routers and 2960 switches.
• Monitor, troubleshoot, test and resolve Frame Relay, ATM, MLPPP, PPP, and Dial-up.
• Configured/Troubleshoot issues with the following types of routers Cisco (7200, 6500, 4500, 1700,
• 2600 and 3500 Series to include bridging, switching, routing, Ethernet, NAT, and DHCP.
• Assisted with customer LAN MAN, router/firewalls.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating.