SUMMARY:

• Accomplished Network and Security engineering professional with over 8 years of real time experience in designing, deploying, migrating and supporting critical multi - site redundant network environments
• Extensive hands-on experience with complex routed LAN and WAN networks, Cisco routers, switches, ASA’s and firewall’s
• Configured Security policies including NAT, PAT, Route-maps and Access Control Lists.
• Extensive knowledge of deploying & troubleshooting L2/L3 TCP/IP, Multilayer Switching, IPSec, UDP, WLAN, MPLS, Multicasting, Ethernet(E-Net), IP Routing Protocols RIP, OSPF, EIGRP, GRE & BGP Cisco routers, switches, ASA and PIX firewall deployment, Fortinet firewalls.
• Aruba wireless troubleshooting, installation, Upgradation.
• Hands on with corporate compliance programs such as SOX, NERC CIP, PCI environments
• Worked on cisco 3900, 2900, 2800, 800, 1700 series routers and 1000 series ASR's
• Worked on cisco 3500, 3700,3800, 2900, 6500,6880,4500, 3500X series, POE and non-POE switches
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
• Knowledge and experience with Cisco product line, including routers, switches (Catalyst and NEXUS), firewalls (ASA/PIX) and UCS platforms, FWSM module.
• Implemented traffic filters on Cisco routes using Standard and extended Access lists
• Expert Level Knowledge about TCP/IP, UDP, ICMP and OSI models
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
• Worked on software blade container for MLM and MDS servers.
• Experience working with Cisco Application centric infrastructure (ACI) and access control system (ACS) 4.2 server in providing access control platform that implements authentication, authorization, and accounting (AAA).
• Experience in configuring HSRP and redistribution between routing protocols troubleshooting them
• Knowledge on TCP/IP, DHCP, DNS, MPLS, VPN protocols and concepts
• Worked on autonomous WAP's 1142 series
• Hands-on experience with complex routed LAN and WAN networks, Cisco Routers, Switches and Juniper Routers
• Understanding of JUNOS platform and worked with IOS upgrade of Juniper devices.
• Exposure to Cisco ASA/ Firewall and F5 LTM (Versions 10.x and 11.x) Load Balancer
• Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, BGP ability to interpret and resolve complex route table problems
• Strong hands on experience on Palo Alto, PIX Firewalls, ASA (5540/5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS)
• Experience with Aruba wireless controllers & Access points (AP)
• Technical understanding of wireless standards and experience in data packet capture and analysis
• Experience in Network Analysis, Optimizations, Enhancements and Implementations
• Familiar with the eyes on glass network security monitoring infrastructure for an extensive analysis of the network.

TECHNICAL SKILLS:

LAN Technologies: VLAN, VTP, VPC, VDC, Inter-VLAN routing, STP, RSTP, PVST

WAN Technologies: Frame Relay, ISDN, PPP, ATM, MPLS, exposure to DS1, DS3, OC3, OC12OC48, T1 /T3 & E1/E3

WLAN Technologies: Autonomous AP’s, Lightweight AP’s, SDWAN, WLC, WDS, WLSE, Standards -802.11a, 802.11b, 802.11G

Network Hardware Cisco and other vendor equipment: Cisco routers (10008, 7200, 3800, 3600, 2800, 2600, 2500, 1800 series), Cisco Catalyst switches (6500, 4900, 3750, 3500, 2900, series), Cisco Nexus Series PIX Firewall 506/515/525/535, ASA Firewall 5520/5550, CatOS, Cisco IOS 11.x, 12. x, PIX OS 6.x, 7.x; Load Balancers (Cisco), Junipers M320, T640, HP switches and routers, Checkpoint Firewall, Juniper M, E, T series.int

Network Security: NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration (L2 and L3), LPN, GTN, SSL, VPN, Internet Content Filtering, Load BalancingIDS/IPS, URL Filtering Cisco ASA5550/ 5540, Net Screen, Juniper SRX, Palo Alto, Checkpoints, AAA

Database and Web Technologies: Oracle, PLSql, Java, .Net etc.

Routing Protocols: RIP, IGRP, EIGRP, OSPF, AND BGP.

Infrastructure Services: DHCP, DNS, SMTP, FTP, TFTP, IIS

IP Telephony: VOIP, SIP, H.323, RTP, voice gateways, CCM, CCP

Documentation: MS office, MS Visio

Network Monitoring Tools: Wire shark, Cisco works, Netscout, Riverbed, PRTG, Solar winds

PROFESSIONAL EXPERIENCE:

Confidential, Denver, CO

Network Engineer III

Responsibilities:

• Worked as Operations and implementation engineer building the DCs with various DC technologies like VPC, Fabric path, VRF, Switch-Profiles.
• Perform Layer 2 switching and Layer 3 routing within a Data Center Environment, between Core, Distribution & Access Layers.
• Experience working on OSPF, BGP, IS-IS routing protocols.
• Experience with large Scale Enterprise Networks with more than 26,000,000 Customers around 41 states.
• Worked on deploying Cisco routers and switches with the L1 engineers based on the cable cutsheets
• Hands on experience in creating Access-lists, Prefix-lists and route maps, distribution-lists (PBR and PFR)
• Strong exposure on various operation systems like IOS, NX-OS, IOS-XR, IOS-XE and Junos-OS
• Exposure to F-5 Load balancers worked on creating VIP, Nodes, Pool members, Certificate upgrades, created route-domains, Upgrading the F5 using hot-fix.
• Day to Day Management, troubleshooting F5 LTMs & GTMs for the Web Applications/ corporate applications, their Speed & availability.
• Extensively worked on deploying ASA and Juniper SRX firewalls and worked on operation work like adding security policies, NAT, configuring Site-to-site VPN.
• Had experience on upgrading various vendor routers (Nexus 7K, Nexus 5K, ASR9K, Cisco 3850, Arista) and worked on implementing security policies like port security in LAN infrastructure.
• Experience in configuring HSRP active-active in the DCs, VRRP and had exposure to GLBP redundant protocols.
• Good knowledge in implementing STP, VLAN, Subnetting as we have the DCs to support multi tenants.
• Management of F5 LTMs & GTMs Load Balancers. This Includes Incident Resolution Tickets, Service Request Tickets, Certificate renewals
• Was part of TWC operations teams as well and used to support the network 24/7 during weekends.
• Had experience troubleshooting various DC technologies like VPC, Fabric path, Port-channels.
• Also work with Vendors like Cisco and Juniper to find the root causes if we come across any issues.
• Had experience working on configuring and troubleshooting Multicast issues as we support Video applications.
• Efficient use of Microsoft VISIO as for technical diagrams, technical documentation and various office suite tools.
• We also used to work with different teams and check the network paths to resolve the outages we come across.
• Had experience in creating Change Documents (MOP) and Implementing them on change window following all the guidelines.

Environment: BGP, OSPF, EIGRP, Nexus 5K, 7K, 2K, ASR, CRS routers, Juniper MX, EX, SRX devices, A10 LB, Big IP F5, Cisco ASA firewalls, Palo alto Firewalls, DHCP, DNS, TACACS, VxLAN, VPC, Fabric Path.

Confidential, Anaheim, CA

Sr. Network Engineer

Responsibilities:

• Performed network implementation that includes configuration of routing protocols, leased lines, ISDN lines, VLANs and IOS installations.
• Troubleshot the network issues onsite and remotely, depending on the severity of the issues.
• Implementation, Configuration and Support of Checkpoint (NGX R65, R70 and R71), Palo alto firewalls, Juniper Firewalls (SRX5400, SRX5600, SRX5800)
• Managing and supporting large scale MPLS & Frame relay on Cisco & Juniper environment for more than 5000 Retail sites, 100 Distribution centers, 100 offices and 3 datacenters.
• Site Survey, Designing High Level Design, Low Level Design and standardizing the zebra locations all over the world.
• Created VDC’s and vPC’s and ensure that those vPC’s are formed between VDC’s.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Configured Security policies including NAT, PAT, Route-maps and Access Control Lists.
• Experience in configuring and Troubleshooting BIG-IP F5 load balancer LTM
• Hands on experience with Palo Alto Firewall, Cisco 4451, ASA firewall
• Configured and deployed VPC, OTV, FABRIC PATH between Nexus 7010 and Nexus5596,5548 switches along with FEX2248.
• Implemented Contracts, Multi-tenants between Endpoint groups using SDWAN in ACI.
• Implemented new ultra-secure networks in multiple data centers that included Cisco, Juniper security devices.
• Managed certified platforms using Aruba wireless and cisco prime. Aruba wireless troubleshooting, installation, Upgradation.
• Implemented EIGRP internally between VDC’s and externally Between Nexus and Service Provider Routers.
• Designed and implemented IT security policies and networked backup systems.
• Provider-1 experience with checkpoints to provide security to MDS and MLM servers
• Supervised the installation and configuration of multiple server roles including Exchange, SQL, DNS, DHCP, TFTP, etc. for continuous function of Datacenters.
• Worked on tuning networks based on client requirements using Aruba devices.
• Experience with Bluecoat Proxy servers, LAN & WAN management, Wireless connectivity using Server client mode.
• Worked with layer 2 switching technology architecture and Implemented L2 and L3 switching functionality, which includes the use of VLANS, STP, VTP and their functions as they relate to networking infrastructure requirements including internal and external treatment, configuration and security.
• Responsible for the secure development lifecycle for Cisco's Nexus line of products, including Application Centric Infrastructure (ACI), Application Policy Infrastructure Controller (APIC) - Cisco's Software Defined Network (SDN) solution, as well as the Cisco Nexus 9000, 7000, 6000, 5000, 4000, 2000.
• Worked on tuning networks based on client requirements using Aruba devices.
• Great exposure to SDN and network function virtualization (NFV) technologies like Cisco ACI.
• Provide second/third level technical support for ACI (Application Centric Infrastructure) technologies.
• Supported core network consisting of Cisco 7200 series routers running multi area OSPF.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configured and maintained IPSEC and SSL on Palo Alto Firewalls.
• Configured EIGRP and OSPF as interior gateway protocols with route filtering and route redistribution. Troubleshot complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF and BGP.
• Responsible for all aspects of TCP/IP functionality across multiple enterprise environments.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Worked on migration of ASA Firewalls to Palo Alto firewalls.
• Maintained DNS security via DNS ACLs and other DNS security measures. Implemented IP security measures and cured areas of DNS vulnerability.
• Daily responsibilities included design, implementation, support and administration of multiple security product running Checkpoint Provider-1 and VSX, Sourcefire, and ISS Real secure.
• Responsible for the secure development lifecycle for Cisco's Nexus line of products, including Application Centric Infrastructure (ACI), Application Policy Infrastructure Controller (APIC) - Cisco's Software Defined Network (SDN) solution, IDS & IPS.
• Involved in Implementation and Configuration (Profiles, I Rules) of F5 Big-IP C-4400 load balancers
• Worked extensively on firewalls and configuration of Cisco (AAA) ACS server, RADIUS and TACACS+ for VPN users and implementation of secured VPN on Cisco routers, PIX and VPN concentrator appliances.
• Configuration of Network and Security devices such as Cisco routers and switches (Cisco 7600/3500/Nexus 7K/5K).
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering)
• Configured ASA 5500-X Series firewalls to provide highly secure and high performance connectivity between the site locations.
• Worked on L4-L7 module, Fabric modules and also implemented ISIS protocol for communication between spines and leafs.
• Deployed F5 Enterprise manager of 4000 series for all the cluster devices over the network for easier management of configurations like SSL certificates, disable and enable of nodes states.
• Configuring Big-IP F5 LTMs (virtual servers, pools, SNATs, health monitors, irules) for managing the traffic and tuning the load on the network servers.
• Worked on Juniper SRX 5800 firewalls to create policies using J-Web User Interface.
• Performed Network Address Translation on Cisco ASA 8.2 and 8.3
• Used DHCP to automatically assign reusable IP addresses to DHCP clients.
• Performed the ACL request changes for various clients by collecting source and destination information from them.
• Actively use, smart view tracker, and Checkpoint CLI (to security gateways) for troubleshooting.
• Troubleshoot the BIG-F5 1600 LTM through constant contact with the vendor.
• Created MOPS (Method of procedures) and sought the approval of peers to perform configuration changes.

Environment: TACACS+, RADIUS, SolarWinds, Solaris, SSL, Juniper switches EX 2200, EX 2500, EX4200, EX4500 and Cisco Nexus 7k, 5k, Cisco 12000/7200/3845/3600 routers, ALU 7705, Cisco ASA5520, Fortinet firewalls, Open Stack, VMware, Cisco AIR-CAP2602I-E-K9, Checkpoint, F5 Load Balancers (LTM).

Confidential, Atlanta GA

Sr. Network Engineer

Responsibilities:

• Deployed a large-scale HSRP solution to improve the uptime of collocation customers, in the event a core router became unreachable
• Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers
• Firewall Policy Provisioning and troubleshoot connectivity issues through firewall.
• Worked on Check Point Security Gateways and Cisco ASA Firewall.
• Firewall Clustering and High Availability Services using Cluster XL on Check Point.
• Configuring and tweaking Core XL and Secure XL acceleration on Check Point gateways.
• Black listing and White listing of web URL on Blue Coat Proxy Servers.
• Responsible for designing and engineering of a virtual network infrastructure which included Cisco ACI support technologies.
• Monitoring and managing the network security with firewall devices like Cisco ASA, Palo Alto and FortiGate firewall, also Confidential IPS/IDS.
• Supported wireless LAN access points(AP) and Wifi connectivity using Aruba 3000, Aruba 7000 series.
• Responsible for setting up the infrastructure environment with majority of Cisco & Palo Alto appliances apart from various other equipment.
• Upgraded and designed wireless network based on network capacity and bandwidth using Aruba devices.
• Configuration, Administration of Cisco Application Centric Infrastructure ACI, IPS and WAN Optimizers.
• Experience with working on latest cisco switches like Nexus 2000,5000,6000 and 7000 series switches while implementing advanced features like VDC,VPC,OTV and Fabric path.
• Improved system reliability in data center by replacing existing cabling with new certified CAT-5 cables.
• Experience with Running Junos which network enhances the reliability, performance, and security of your existing applications.
• Worked on migrating Cisco routers and switches to Juniper environment.
• Monitored tenants and nodes health using ACI GUI.
• Deployed Nexus 2248 fabric extenders with features like VPC,VDC,OTV and Fabricpath.
• Troubleshoot User connectivity issues on Checkpoint and Cisco ASA using CLI utilities.
• Packet capture on firewalls and analyzing the traffic using Wireshark utilities.
• Troubleshot Clustering issues on Check Point and Sync issues monitoring and fix.
• Deployed and decommissioned the VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Upgrade of Checkpoint Gateways in Cluster with Minimal downtime.
• Monitored and conducted the nightly backups using Net-worker software in Datacenters.
• Implemented Active/ Standby HA configuration on Cisco ASA Firewalls.
• Configuring Cisco ASA firewalls in Single and Multiple Context Mode firewalls.
• Worked on Juniper Net Screen Firewalls like, NS50, SSG 550M, SSG520M, ISG 1000, ISG 200 and Cisco PIX 535, 520, 515, ASA -5500 and 5505.
• Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Configured and designed and replaced switches as Cisco 2960XR and 3950
• Implementing, Monitoring, Troubleshooting and Convergence in Frame-Mode MPLS inside the core
• Troubleshooting and monitored routing protocols such RIP, OSPF, EIGRP & BGP
• Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers.
• Implemented TCP/IP and related services like DHCP/DNS/WINS.
• Design and deployment experience with Juniper and Palo Alto firewalls
• Configured BPDU Guard, port-fast, uplink fast and another spanning tree features
• Replaced old 6500 and WAN routers from DR testing site and configured Nexus 7K and ASR 1006 routers.
• Experience with Juniper SRX 240 Firewalls.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
• Implementing and maintaining security systems: Firewalls, IPS and VPN solutions (Palo-Alto, Cisco, Juniper)

Environment: Cisco 3750/3550/3500/2950 switches, Cisco 7200/3845/3600/2800, Cisco Nexus 7k, 5k, Checkpoint routers, Fortinet firewalls, IT Security Policies, TACACS, EIGRP, RIP, OSPF, BGP, VPN, MPLS, VMware, Ether Channels, SSL, CISCO ASA, DHCP, DNS, ALU 7750, F5 Load Balancers, Spanning tree, Inmost, paloalto Firewalls SolarWinds, Wireshark

Confidential, Dallas, TX

Network Engineer

Responsibilities:

• Worked as a member of Global Data Center Engineering and Development, which is responsible for designing, Implementing and troubleshooting of all kind of network requirements pertaining to the Data Center environment (Nexus, UPS etc.)
• Designed and implemented the LAN IP infrastructure using Layer 2/Layer 3 switching, VLAN, VPC, HSRP and Trunking/channeling technologies and using routing protocols EIGRP, OSPF, BGP.
• The data centers consisted of various Cisco platforms Cisco 3550, Cisco 4510, Cisco 6509, Cisco 5500, Cisco Nexus 5000 & 7010 series switches and LoadBlancer Cisco ACE, CSS and Big IP
• Experience in configuring and Troubleshooting BIG-IP F5 load balancer LTM
• Documented Engineering work orders as per the changes going in data center and implemented the changes as per the schedule and worked on FCoE to maintain LAN and SAN traffic.
• Configured Security policies including NAT, PAT, VPN and Access Control Lists.
• Configuring Rules and Maintaining Palo Alto 3060 & Analysis of logs using various tools.
• Design and configuring Overlay Transport Virtualization (OTV) on Cisco NX-OS devices like Nexus 7000.
• Experienced with Server patching and network maintenance of LAN
• Worked on Load Balancers to act upon data found in networks and protocols such as FTP, IP, and HTTP etc.
• Managed and implemented Layer 4 Cisco ACE and CSS load balancer, Migration of CSS to ACE load balancer and created SSL and Digital Certificates
• Used PLC’s to configure commercial installations for decades of trouble-free operation and monitoring
• Was a part of team members in the configuration of Juniper 4350, 6350, and 2320 routers as well as EX 2200, 4200, 6200 and 8200 switches
• Configure and setup Cisco and Palo Alto Firewalls, VPN and Security appliances.
• Worked on Cisco VoIP by CUCM (Cisco Unified Communications Manager) using PBX etc.
• Worked on Virtual routing and forwarding (VRF) included in IP which allow multiple instances of a routing table, as well as with Check Points
• Provided support for teams in activities such as Load testing, troubleshooting and managing VIP, Sticky Ness
• Experience with convert PIX rules over to the Cisco ASA solution.
• Experience in Trunking by connecting two switches
• Implemented Access Control List (ACL) on inside and outside interfaces of Firewall
• Configured ASA and PIX Firewall, Sonic Firewalls to allow site to site VPN access and configuring authentication, encryption and compression ACL to ensure better security
• Implemented traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF). Implemented various OSPF scenarios on networks consisting of 7600 routers and performed End to End testing.
• Hands on experience with IPS (Intrusion Prevention System)/ IDS (Intrusion Detection System)
• AAA, PAP and CHAP implementation using Cisco Secure ACS (TACACS+, RADIUS)
• Configured all the end ports as access ports using port fast and implementing BPDU guard.
• Configured and managed VLAN’s, 802.1Q Trunk, RPVST+, Inter-VLAN routing, HSRP and LAN security for
• Layer-2 and Layer-3 switching domains as per the organization’s requirement plan.
• Worked on Cisco ACS, Cisco Mars, Cisco works, HP, NNMI, tools for ticketing system and authentication
• Conducted Pre-site surveys by preparing a checklist obtaining WAN, LAN ports quantity and type, VLAN information, physical connectivity network diagrams, IP ranges, NAT policies, QOS policies, network equipment inventory lists, network cabling plan for every single network equipment and reviewed Network trouble tickets for every site

Environment: Cisco routers (7200, 3800, 2800) and Cisco switches (6500, 3700, 4900, 2900), Nexus (7K, 5K & 2K) Routing Protocols (EIGRP, OSPF, BGP), Switching protocols (VTP, STP, GLBP, HSRP), Cisco PIX (525, 535), ASA (5505, 5510), Firewall 80C, 100d, 1240b

Confidential

Network Security Engineer

Responsibilities:

• Designed and Implemented DMZ for FTP, Web and Mail Servers with CISCO PIX 506, PIX515
• Configured NAT and PAT on the Cisco PIX Firewalls for the Internal Systems
• Placed access control list (ACL) on inside and outside interfaces on the PIX Firewall
• Member of Network testing team also worked with QOS and configured Turbo ACL.
• Worked on all Windows based support including file and print servers, accounting systems, end user systems, software development systems, and all other Windows systems
• Responsible for helping integrate the Windows server and desktop environments with the Unix server and desktop environments.
• Managed network security processes using ASA firewalls.
• LAN/WAN Diagnostic & Configuration: In this process, I have handled tickets generated for troubleshooting of customer's Network issues like Routing Issues, Backup Issues, and BGP issues
• Change Management & Configuration: Involved in changing the configurations of Customer's Routers as per Customer’s request (E.g. Adding/Advertising routes, Change in Configurations, Configuring DHCP, Changing routes to ISP)
• Analyzed and implemented complex firewall rules on Checkpoint firewalls.
• Managed customer Cisco access points(AP) for wireless access into LAN networks
• Contributed to the design, testing, and roll out of new company system developed in house to replace failing 3rd party hardware solution
• Contributed to the design, testing, and roll out of workstations
• Worked on escalation procedures and customer notifications
• Designed service for upgrade/configure ALU’s IP/MPLS products e.g. 7705 SAS, 7210
• Configured Cisco Routers for OSPF, IGRP, RIPv2, EIGRP, Static and default route
• Worked on HSRP and GLBP for first hop redundancy and load balancing
• Configured the Cisco router as IP Firewall and for NATting
• Prepared, updated, and maintained technical and logistical network documentation
• Member of Network Test team and responsible for routine Network test
• Responsible for resolve any issue in routine Network test and need to escalate higher technical team, if there is any major issue
• Worked on comprehensive test strategy and test plan based on the features to be tested, with focus on customer deployment and use-case scenarios
• Worked with cross-functional teams throughout the project life cycle

Environment: Cisco 6505/4500/3550 Switches, Cisco 6500/7500/7200 Routers, LTM, GTM, TACACS+, ASA, OSPF, BGP, EIGRP, RIP, LAN, WAN, SSL/VPN