SUMMARY:

• Network Engineer with over 7+ years of experience in design, installation, configuration, administration and troubleshooting of LAN/WAN infrastructure and security using Cisco devices in network, server and virtualization infrastructure.
• Experience working on Cisco Catalyst Series 3750, 4500, 4900, 6500; Nexus 2K, 5K, 7k and 9K series switches.
• Extensive work experience with Cisco Routers, Cisco Switches, Load Balancers and Firewalls.
• Experience in layer - 3 Routing with, Cisco ASR 9k, ASR1002X, 7200, 3845, 3945, 2811, 1800 series
• Worked on Cisco 7200, 3900, 3800, 2900, 2800, 1900 series Routers and Cisco 6500,4500,3850 and 3750 series switches
• Expert in configuration of routing protocols and deployment OSPF, EIGRP & BGP over Cisco Routers in Production environment.
• Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
• Experience with load balancing on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Worked extensively on Cisco ASA 10/5540) Series firewalls
• Experience in configuring all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k) as well as a centralized management system (Panorama) to manage large scale firewall deployments.
• Good exposure on Analysis and Designing of Documents like Software requirement Specifications (SRS) and specification design documents (HLD and LLD).
• Worked on Network Automation using Python.
• Worked on MPLS-VPN designs for the migration of Frame relay to MPLS system.
• Implemented redundancy with HSRP, GLBP, Ether channel technology.
• Worked on Network Monitoring tools like Cisco Network Assistant, Solar winds, Wireshark.
• Efficient in preparing Technical Documentation using Microsoft VISIO/Office and in preparing presentations.
• Worked as part of the Technical Support Team by involving in the documentation and training of the end-users, and in solving the network issues.

TECHNICAL SKILLS:

Cisco router platforms: 2811, 3600, 3745, 3845, 7206, 7609, ASR1002X, ASR9K.

Cisco Switch platforms: 2900XL, 2950, 2960, 3560, 3750X, 4500X, 4510, 6509E.

Firewalls: Cisco PIX 501, 510, 515E, Cisco ASA 5520, 5540, Checkpoint.

WAN Technologies: FRAME RELAY, PPP, MPLS, leased lines, DSL modems.

LAN Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, NAT/PAT.

VOIP Devices: Cisco IP phones, Avaya. Implemented Cisco Secure Access Control Server (ACS) for TACACS+/Radius

IPSEC/VPN Configuration: PIX to Router, Router to Router, PIX to VPN wildcard client, Router to VPN wildcard client, PIX to PIX, fully meshed configurations.

Routing Protocols: RIP, OSPF, EIGRP, and BGP

Switching Protocols: VTP, STP, RSTP, MSTP, VLANs, PAgP, and LACP

Layer 3 Switching: CEF, Multi-Layer Switching, Ether Channel.

Carrier Technologies: MPLS, MPLS-VPN.

Redundancy protocols: HSRP, VRRP, GLBP.

Security Protocols: IKE, IPsec, SSL, AAA, Access-lists, prefix-lists.

PROFESSIONAL EXPERIENCE:

Confidential, Bellevue, WA

Sr. Network Security Engineer

Responsibilities:

• Experiencesupporting EIGRP, OSPF and BGP based network by resolving level 2 & 3 problems of internal teams & external customers of all locations.
• Troubleshoot wan related problems including OSPF, EIGRP, BGP routing and design.
• Convert Branch WAN links from point to point circuits to MPLS and to convert encryption from IPSec/GRE to get VPN.
• Experience with setting up IPSEC VPN on Cisco 5585 Firewalls towards the multiple vendors.
• Working on to set up OSPF dynamic routing on Cisco ASA Firewalls by using and following their current network structure.
• Migration and implementation of Palo Alto Next-Generation Firewall seriesPA-500, PA-3060, PA-5060, PA-7050, PA-7080.
• Implemented zone based Firewalling and Security rules on the Palo Alto Firewall.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Migrated the policies from Cisco ASA firewall to Palo Alto Firewall.
• Primary responsibility is to design and deploy various network security & High Availability products like Cisco ASA other security products.
• Setup VPN tunnels and migrate existing vendor VPN tunnels from Legacy Cisco ASA 5585 devices to SRX550 devices. Implement Next-gen Features with Juniper AppSecure Policy based enforcement for application traffic traversing the datacenters.
• Experience working with Nexus 7010/Nexus 7018, 5020, 2148, 2248 devices.
• Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for datacenter access architecture.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
• Automated network implementations and tasks and designed monitoring tools using python scripting.
• Experience working with data center deployment where we converted from Cisco 6500 to Nexus.
• Replaced the Legacy 3750 stack wise with Juniper EX 4200 switches in the LAN Environment.
• Experience with setting up IPSEC VPN on Cisco 5585 Firewalls towards the multiple vendors.
• Apply Cisco ISE configuration to switches.
• Experience working with F5 LTM 3600/6400 and GTM 2200/4200 in data center.

Confidential, Minnetonka, MN

Network Security Engineer

Responsibilities:

• Designing and Implementation of VLANs, VTP, STP, Trunking (Dot1q and ISL) and Ether channel.
• Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco ASA Firewalls, NAT and Juniper SRX firewall.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Proactively involved in upgrading, maintaining, monitoring and support for the PA500 Palo Alto devices.
• Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
• Involved in Configuring and implementing of Composite Network models consists of Cisco 7600, 7200, 3800 series and ASR 9k and Cisco 2950, 3500, 5000, 6500 Series switches.
• Preparing failover configuration updates for datacenter firewalls Cisco 5525.
• Troubleshoot issues related to VLAN, VLAN Trunking, VRRP failovers, related issues.
• Managing enterprise BGP setup by configuring and troubleshooting BGP related issues.
• Configured networks using routing protocols such as OSPF, BGP and manipulated routing updates using route map, distribute list and administrative distance for on-demand Infrastructure.
• Responsible to add new BGP peers for remote branch offices and business partners.
• Configured VPN tunnels to multiple vendors with end devices terminating at vendor end being a Cisco/Juniper firewall.
• Configured Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000 to connect servers and storage devices.
• Perform ISSU upgrade on Nexus 7010 devices by operating the supervisors in active/standby mode on the devices by determining ISSU compatibility.
• Dealt with implementation of deployment related to Cisco ASA 5585 devices, Juniper SRX 550 devices to apply security policies on it.
• Responsible for configuration and troubleshooting issues related to F5 GTM/LTM devices such as 4200v, 5200v, Viprion 2200 and F5 APM.
• Used Python Scripting to load completely new configuration file.
• Perform Configuration changes on BIG IP (F5) Load balancers and monitored the Packet Flow in the load balancers.
• Provide Load Balancer expertise on F5 BigIP LTM and GTM devices like 7050 and 2200 and Troubleshoot application slowness.
• Experience in configuring Virtual Device Context in Nexus 7010.
• Worked on a project to migrate vendor DMZ's from a disaggregated cisco environment to a unified SRX 550 firewall cluster leveraging Confidential 's services.
• Monitored network traffic and developed capacity-planning initiatives, making necessary recommendations, additional resources or hardware.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems during the conversion of existing point-to-point circuits to MPLS.
• Implemented Dual homed connections between multiple Confidential sites to connect to primary and redundant datacenters
• Responsible for monitoring alerts through tools like Solar winds Orion, Opsview in the Production environment as a part of first response for the service desk.
• Implemented changes in projects in accordance with the change management process and responsible for MOPS, Post-Implementation handoff documents and Visio drawings.

Confidential, Richmond, VA

Network Firewall Engineer

Responsibilities:

• Key contributions include troubleshoot of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP.
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking, deployed port security when possible for user ports.
• Securing LAN and server infrastructure with configuring and maintaining Cisco PIX and Juniper firewall.
• Convert Campus WAN links from point to point to MPLS and to convert encryption from IPsec /GRE to get VPN.
• Implemented and configured GLBP (on core switching and also for VPN redundancy), HSRP on different location of office on the switched network and managing the entire multilayer switched network.
• Troubleshoot and installing of CRS, ISR, GSR, ASR9000 and Nexus devices.
• Created documents for various platforms including Nexus 7k, ASR1k enabling successful deployment of new devices on the network.
• Experience configuring Virtual Device Context in Nexus 7k series switch.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with PIX Firewalls.
• Best practice implemented on Cisco & Juniper routers and switches.
• Implemented new devices Juniper MX-80 and MX-104 series as per policy reviewed by network architect.
• Worked on F5 LTM series like 7050, 5050, 2200 for several applications and their availability.
• Configured IPSEC VPN tunnels between Checkpoint and other non-Checkpoint endpoint devices using IKE pre-shared keys, 3DES and MD5.
• Involved in the redistribution into OSPF on the core ASA firewall.
• Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
• Involved in the modification and removal of BGP from the MPLS routers.
• Performed basic security audit of perimeter routers, identifying missing ACL’s, writing and applying ACL’s.

Confidential

Network Engineer

Responsibilities:

• Troubleshooting the Network failure issues and thereby making the changes to Network Infrastructure.
• Designing, installation, configuration and maintenance of routed LAN and WAN networks.
• Configuring site to site primary and backup VPNs between multiple corporate sites and datacenter locations
• Working with Nexus 5000, and Nexus 2000 platforms.
• Experience troubleshooting tickets on ASA firewalls and F5 load balancers
• Configured Routers with EIGRP, OSPF, BGP, Static and default route.
• Installed and maintained various network services and related equipment and devices.
• Oversaw software security procedures and restored protocols.
• Ensured that backup systems were properly maintained and prepared.
• Supported network and computing infrastructures.
• Responded to reports of network problems.
• Install and maintain voice, video and data communications infrastructure systems and cabling.
• Used various Network sniffers like Ethereal, TCP dump.
• SNMP network management using MRTG and Cisco works. Participated in 24 x 7 incident & problem support.