Sr. Network Engineer Resume
Minneapolis, MN
PROFESSIONAL SUMMARY:
- Over 8 years of experience as a Data Network & Security Engineer with expertise in design, development, implementation, troubleshooting and maintenance of Network & security environments with mixed vendors Routers, Switches Firewalls, Proxy, VPN's, IPsec, NAT, Load Balancer's, and Nexus Switches.
- Expertise in design, configuring, supporting and administrating Data Centers, Cisco routers, switches, Nexus switches, Load balancers (F5) and firewalls.
- Strong hands on experiences Cisco Routers 4300, 4400, 4500, 2900, 3800, Switches 3850, 4500, 9300, 9400, 9500, 6500, 6800 series.
- Hands on experience in installing, configuring and administration of Firewalls including Cisco PIX, Cisco ASA, Checkpoint, Palo Alto and Load Balancers like Big - IP F5 (LTM and GTM).
- Knowledge on Juniper SRX220, SRX240 and SRX550, Fortinet 200D series firewalls.
- Expertise in installing, configuring and troubleshooting Juniper Routers (MX-480, MX960) and Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200) series.
- Experience with design and implementation of Virtual Switching System (VSS) for both User segment and server segment using 6509 catalyst switches.
- Proficient in Cisco IOS installation, upgradation and Configuring, Troubleshooting routing protocols like RIP, EIGRP, OSPF, BGP (E-BGP, I-BGP).
- Good knowledge and experience in Installation, Configuration and Administration of Windows Servers 2000/2003, Active Directory, FTP, DNS, DHCP, TFTP, Linux OS under various LAN and WAN environments.
- Implemented LAN, WLAN environments, including configuration development based on router designs
- Proficient in design, implementation, management and troubleshooting of Cisco ASA 5500 Series,Check Point R75, Cisco PIX, NetScreen, Palo Alto and Juniper Firewalls.
- Strong hands on experience and knowledge on Software Defined WAN (SDWAN) and its architecture including the vendors SilverPeak and Cisco Viptela.
- Integrating Symantec DCS with NSX , providing server hardening.
- Expertise in configuring and troubleshooting complex layer 2 technologies such as VLANs, VTP, Ether Channels, Spanning Tree Protocol STP, RSTP and MST and redundancy protocols like HSRP, VRRP, GLBP.
- Installed and configured Cisco Firewalls, Cisco PIX (506E/515E/525) & ASA 10/5540) series.
- Good knowledge in configuration of Voice VLAN’s (VOIP), prioritizing the voice traffic over the data traffic.
- Hands-on experience with SD WAN (MPLS/Frame Relay), routers, switches, TCP/IP, routing Protocols (BGP/OSPF), and IP addressing.
- In depth knowledge and experience working with other protocols like TCP/IP, OSI model, DHCP, DNS, SMTP, IMAP, FTP, WAN, LAN, NAT, PAT, ACL, VLANs, Trunking using 802.1Q, IPv4, IPv6, LDAP, HTTP, HTTPS, UDP, VOIP, QOS.
- Expertise with IP subnetting, VLSM, CIDR.
- Proficient in implementing and troubleshooting LAN/WAN technologies.
- Worked on the migration to new Checkpoint R7x firewalls from Cisco ASA firewalls.
- Experience configuring SDH and SONET in the WAN environment
- Strong hands on experience with layer - 2 and layer - 3 configurations, troubleshooting and dealt with Nexus models like 7k, 5k and 2k series in data centers.
- Configuration and Maintenance of ASA 5580, 5540, 5520, 5510, PIX 535, FWSM Firewalls.
- Vast experience working with configuring and maintaining security firewalls like ASA, Checkpoint, Palo Alto, Blue coat and expertise in VPN's, SSL etc.
- Worked in data centers and proficient with configuring and supporting Nexus switches, Fabric Extenders (FEX), VPC and OTV.
- Implementation, working analysis, troubleshooting and documentation of LAN, WAN&WLAN architecture with excellent work experience on IP series.
- Excellent knowledge and experience on multi-vendor platforms like Cisco, Juniper, Checkpoint, F5 Big-ip LTM load balancers, Bluecoat, Riverbed, Citrix, and VMware.
- Experience in Implementing, Maintaining, and Troubleshooting L2 Switching tasks: VLANs, VTP, VLAN Trunking (ISL/802.1Q), STP, RSTP, PVST, PVST+, CST, CEF and DCEF.
- Experience in T1/E1/T3 technologies and different LAN & WAN technologies.
- Managed F5 BigIP GTM/LTM load balancer appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
- Planned and worked on design with Network team to Re-architect F5 load-balancers to load-balance traffic anywhere in the company network.
- A good knowledge on operational aspects load balancing & WAF devices.
- Actively participated in upgrading Fast Ethernet, Layer 3 switched/routed LAN Infrastructure from Cisco 3640 to Cisco 2811 ISR Routers and Switches at access level to 2950, 3550.
- Well understanding of Cisco UCS and M-Series Modular servers to enable centralized management of highly scalable system and to Speed-up IT operations.
- Worked extensively in Configuring, Monitoring and Troubleshooting Checkpoint security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls per design.
- Hands on Experience on security devices and firewall infrastructure under enterprise level network.
- Extensive hands on Experience with Complex routed LAN networks, CISCO Routers and Switches.
- In-depth expertise in the Analysis, Implementation, Troubleshooting & Documentation of LAN/WAN architecture and good experience on IP services.
- Experience with Network Automation using Python.
- Basic Experience with configuring and Managing on Snort and Suricata detection systems.
- Experience through Hands-on Experience with Configuring T1.5, Gigabit Ethernet, Channelized T3 and full T3, OCX, ATM, Frame-Relay.
- Experienced working on network monitoring and analysis tools like, SOLAR WINDS, CISCO works and RIVER BED and Wireshark.
- Configured SolarWinds Orion NPM and used it to monitor traffic on a network.
- Extensive experience in Configuring and troubleshooting of protocols RIP v1/v2, EIGRP, OSPF, BGP and MPLS.
- Well experienced in Configuring HSRP, GLBP, ICMP, PPP, PAP, CHAP and SNMP.
- Experience in Installing and Configuring DNS, DHCP server.
- Experience with Infoblox DNS, DHCP, IPAM and reporting server.
- Extensive experience in configuring and troubleshooting of protocols RIP v1/v2, EIGRP, OSPF, BGP and MPLS.
- Well experienced in configuring HSRP, GLBP, ICMP, PPP, PAP, CHAP and SNMP.
- Excellent communication skills, enthusiastic, motivated and a team player.
- Experience in installing and configuring DNS, DHCP server.
- Experience with Change management process and Project documentation tools like Excel and VISIO.
TECHNICAL SKILLS:
Routing Technology: RIP, RIPV2, IGRP, EIGRP, OSPF, BGP, TCP/IP, Static and Dynamic Routing.
Network Products: CISCO Routers 1700, 1800, 2500, 2600, 2800. CISCO High End Routers 3600, 3800, 7200, 12010, 12404. CISCO Switches 1900, 2950, 2950, 2960G. CISCO Campus Switches 3550XL, 4948 Core Catalyst 4503, 4507 RE, Catalyst 6500/6503/6507 , Nexus 5000 series
Antivirus & Endpoint protection: Cisco CSA, Symantec Enterprise Edition, MacAfee Enterprise Edition.
Security & VPN: PIX 500 Firewall, ASA 5505 Firewall, AIP SSM, CSC SSM, FWSM, Fortigate, Cisco CSM, ACL-Access Control List, IPS/IDS, NAT, PAT, Cisco ACS, Juniper NetScreen firewall, PaloAlto Firewalls, Windows Patch Management (WSUS).
LAN Technology: Workgroup, Domain, HSRP, DNS, DHCP, Static, VLAN, STP, VTP, Ether Channel, Trunks.
Leased Line, ISDN/Dial: Up, Frame Relay circuits, Metro Ethernet.
WAN Technologies: HDLC, PPP, ATM, SONET, MPLS, VPN, IPSec-VPN.
Wireless & WiFi: Canopy Wireless Device (point to point/point to multipoint), DLink Wireless (point to point), DLink Access Point, CISCO 1200 series Access Point, and Linksys Wireless/Wi-Fi Router.
Operating Systems & Tools: Cisco IOS, Open IDM, Windows NT 4.0 (Desktop/Server), Windows 2000/2003/2008 Server, Outlook 365 administration Windows XP/Windows 7/8, LINUX, Solaris, Active Directory, Apache Server, MS Exchange server, Tufin, AlgoSec, Skybox, Identity Access Management, GRC, veritas Volume Manager, Amazon EC2, Rackspace, Microsoft Azure.
PROFESSIONAL EXPERIENCE:
Confidential, Minneapolis, MN
Sr. Network Engineer
Responsibilities:
- Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E.
- Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, NAT', DNS, LDAP, DHCP, HTTP, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols.
- Hands on experience with Juniper EX-Series Ethernet Switches.
- Installed, configured and managed Cisco routers such as 7200 series, 3800 series, 3700 series, 2800 series and Cisco Catalyst switch series 6500, 4500, 3500, and 2900 along with Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches.
- Actively involved in switching technology Administration including creating and managing VLANS, Port security - 802.1x, Trucking 802.1Q, RPVST+, Inter-VLAN routing, and LAN security on Cisco switches.
- Implementing 3750 Stackable switches using Cisco Stack Wise technology. Experience to review, evaluate current and future design issues as required maintaining network integrity, efficient data flow.
- Performed Network Security Assessment and implemented security improvements such as network filtering, SSH, AAA, SNMP access lists, VTY access lists, EIGRP MD5 authentication & HSRP authentication.
- Providing Architectures and Designs for implementing security devices including Gigamonand FireEye .
- Taking designs and building them in the Versa systems to deploy a SDWAN solution for the customer.
- Design Cisco, Meraki, and Aruba WLAN/WiFi infrastructures.
- Troubleshooting and problem resolution of Virtualization (vSphere 4.1\5.1\5.5) Infrastructure.
- Responsible for Data Center Migrations and its operations including the change from 6500 switches to nexus series switches, configured VPC/VDC on nexus 2k, 5k and 7k.
- CenturyLink (APEX) SDWAN Operations Engineer 1 July 2018 • Prioritize escalations based on severity and importance • Handle incoming phone calls from customers..
- Troubleshoot circuit errors, routing and transmission problems, call fails/disconnects, authentication issues
- Involved in designing and implementing QOS and policy map to 2800 series routers for all the branches
- Performed IP address planning, designing, installation, configuration, testing, maintenance, and troubleshooting in complete LAN, WAN development.
- Supported EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations.
- Installed wireless access points (WAP) at various locations in the company.
- Created dedicated VLANs for Voice & Data with QOS for prioritizing VOICE over DATA.
- Configured Voice ports and Dial peers on the call manager for the VOIP call to reach remote destination.
- Knowledge on designing, implementing and troubleshooting complex layer 2 technologies such as VLAN, Trunks, VTP, Fabricpath, Etherchannel, STP, RSTP, MST & port security along with trouble- shooting of inter-VLAN routing and VLAN trunking using 802.1Q
- Installed and configured Cisco ASA 5500 series firewall and configured remote access IPSEC VPN on Cisco ASA 5500 series
- Implemented Virtual port channels (VPC), layer 2 routing "Fabricpath", Policy based routing and private Vlans.
- Technical Lead for s and Conversations revolving around Gigamon and FireEye security devices
- Worked on physical and virtual networks to provide functionality on additional layers on VMware NSX.
- Worked on configuration and commissioning of the MPLS circuits for various branch offices.
- Provided Daily network support for national wide area network consisting of MPLS, VPN and point-to-point site.
- Strong Knowledge of networking including OSI L2, L3 Routing Protocol, IPv4 and IPv6 L3 Forwarding and NAT.
- Hands on experience and good working knowledge with Checkpoint Firewall policy provisioning.
- Upgraded the data center network environment from Cisco ASA 5520 to Checkpoint R77 firewalls.
- Performed routine monitoring of Checkpoint firewall from security perspective and also troubleshooting the connectivity issues.
- Work on escalations and activates new turn up for new clients and also advance troubleshooting for the SDWAN deployment in both ISP and network infrastructure on both versa and Cisco viptela SDWAN Solutions.
- Planned and configured the routing protocols such as OSPF, RIP, and Static Routing on the routers
- Involved in configuring Checkpoint (R77) Firewall rule base and objects as per the requirements.
- Troubleshooting checkpoint firewall connectivity related issues using Smart view tracker.
- Experience in reviewing and re of rule sets and also involved in creation, validation and maintenance of enterprise check point(R77.30) firewall policies.
- Configured ACL's in Cisco 5520 ASA firewall for internet Access requests for servers, Protocol Handling, Object Grouping and NAT
- Daily exposure to IP based network security protocols with Juniper SRX firewalls, Operating Systems and security configurations LAN/WAN/Security solutions.
- Established IPsec VPN tunnels between branch offices and headquarter using Juniper SRX firewalls.
- Managed the F5 BigIP GTM/LTM appliances to include writing rules and everyday tasks of creating WIP and VIPs.
- Providing Architectures and Designs for implementing security devices including Gigamonand FireEye.
- Maintain a secure perimeter using Cisco ASA 5500-X with Firepower Services.
- Experience in deploying, configuring & maintaining F5 3DNS (Global traffic Manager) Controller and BigIP -LTM (local traffic manager) for wide area load balancing and global redirection using VPN and Proxy load balancing techniques.
- Packet capturing, troubleshooting on network problems with Wireshark, identifying and fixing problems.
- SC designing NetSuite EDI implementation architecture enabling supply chain integration for domestic and ocean freight leveraging SPS Commerce. Leverage of cloud API data exchange. Scope included leverage of NetSuite warehouse and manufacturing modules .
- Ensure that the clients are enforced with the EPS policy configuration.
- Management of quarantine and prevent the other systems from getting infected.
- Virus removal on the infected systems by automated or manual process.
- Advice to desktop and server team on virus detection and procedure for cleanup.
- Implementing rules in Visual policy Manager to allow and restrict access as per customer requirement.
- Packets capture using bluecoat proxy and analysis the packets and communicating them with vendor for further investigation.
- Responsible for planning optimization leveraging Quintiq supply chain logistics software with existing systems of record leveraging API Service Integration.
- Monitoring Network infrastructure using SNMP tools HP NNM, Solar-winds and Opnet.
- Coordinating with Security team for NAT configuration and troubleshooting issues related to access lists and DNS/DHCP issues within the LAN network.
- Responsible for EDI Cloud i ntegration of SPS Commerce and NetSuite for China supply chain stand up .
- Experience working with Nexus 7010, 5020, 2148, 2248 devices.
- MuleSoft Design & Develop APIs and Integration flows, Administer and Monitor Apigee, Apigee API Baas, Apigee Sense, Apigee Sonar Design & Develop APIs, Policy configuration and API governance.
- Configured and deployed VDC and VPC between Nexus 7018 and Nexus5596, 5548 switches along with FEX2248. Have a good understanding of Fabric Path.
- Has the ability to build deployment, build scripts and automated solutions using scripting languages like Shell scripting (kasha, Bash), Python, Ruby, PHP.
- Working as Network Engineer in planning and designing our Clients global network for Network Access Solution.
- Technology support for: Cisco ACI, NSX, Open Source solutions, AWS/Azure VPC, ATT Netbond, Arista VTEP & VxLAN, Hitachi UCP, and many more.
- Implement new Active Directory sites and Domain controllers as per the growing organizations infrastructure need.
- Configured automatic updates for network clients by using Group Policy.
- Executed Customer Infrastructure on Cisco Nexus device and Cisco UCS B & C series and Installed VMware ESXi 4.0/5.0/5.5/6.0 and build VMs with Windows 7/8/2003/2008/2012 R2 OS and Centos/Linux 5, 6.0 OS.
- Working knowledge on LAN virtualization by VMware NSX and good understanding on vSphere and Citrix Xenserver.
- Installed and configured HyperV - VMware ESX (4.0), ESXi , and VSphere 4 environments with Virtual Resource Management- Configuring VMware HA, VMware DRS Clusters for load balancing.
- Design for Guest Network and Mobile Access Network for NAC Solution, comprising of an Aruba Wireless LAN Controller solution in DMZs/Internet Gateways with Fore Scout Counter Act NAC Appliances for NAC .
Environment: Cisco Routers, Cisco Switches, Nexus 7k/5k/2k Routing protocols, F5, Load Balancer HSRP, VRRP, IPSEC VPN, VPN, QOS, ASA firewall, Load balancer, MPLS, VLANS, VTP, RSTP, ACL, NAT, IDS/IPS, SIP, RTP, RADIUS, TACACS+, Juniper SRX 240, ASR 9000, Catalyst 6500, Wireshark, Check point R77, Blue coat proxy server, Symantec Endpoint protection.
Sr. Network Engineer
Confidential, Madison, WI
Responsibilities:
- Configured Checkpoint and Cisco ASA firewalls to secure the infrastructure for the Data Center.
- Configured VDC (Virtual Device Context) for Nexus 7010 Switch.
- Experience with industry recognized SIEM solutions such as ArcSight, Splunk, LogRhythm, AlienVault, etc
- Participated in the design and implementation of the next generation NS X SD-WAN product portfolio.
- Working on tools implementations rules which includes Gigamon, FireEye, Source-fire & many more tools for analysis of traffic and preventing suspicious activity in network before it impact the business .
- Citrix Netscaler Architecture and implemented Infrastructure Redundancy of Federal Home Loan Bank in addition to completing the SANS Top 20 Controls within a Scrum Agile Team.
- Configured Nexus 7K, 5k, 2k switches in data center for hosting various servers.
- Install or decommission of Nexus switches and servers in the data center.
- Monitor and responsible for access control to the Data Center to prevent unauthorized access.
- Accountable for ensuring the data center operations meet the functionality and reliability to meet customer Service Level Agreements and expectations.
- Automated network implementations and tasks and designed monitoring tools using python scripting.
- Responsible to Configuring and managing Virtual Machines, Storage, network and applications using Windows Azure portal.
- Configuration and Maintenance of Splunk, Palo Alto Firewalls, Cylance End Point Protection, Gigamon Network Visibility, and FireEye Advanced Persistent Threat Protection.
- Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls per design.
- Optimizing and monitoring the performance of a WLAN, LAN, WAN and user's segments
- Good understanding of windows and VMware server automation using scripting language Power shell, VB Script, Power CLI.
- Analyzed financial data and presented financial strategies and planning to clients.
- Monitors data center devices, equipment's (HVAC, Servers, other devices) local & remote sites.
- Provide visibility and support to the Facilities team when monitoring the Data Center requests.
- Responsible for enabling BGP peering and customer sessions and debugging BGP routing problems.
- Configured VRF on the routers in the network to maintain different routing instances.
- Expertise with Cisco ASA firewall-based devices, configuring VPNs, IPS and IPsec.
- Experience in Designing and assisting in deploying enterprise Wide Network Security and High Availability Solutions for ASA.
- Hands-on experience with SD WAN (MPLS/Frame Relay), routers, switches, TCP/IP, routing Protocols (BGP/OSPF), and IP addressing.
- Extensive exposure to Configuration Management policies and practices with regards to SDLC along with automation of scripting using BASH/Shell, Ruby and Python scripting.
- Used load balance applications based on F5 LTM 6900.
- I Was a part of a team that Implemented iRules on the VIPs based on application.
- Knowledge about wild fire feature of Palo Alto.
- Configuring, Administering and troubleshooting the Checkpoint.
- Drafted and installed Checkpoint Firewall rules and policies.
- Worked on F5 GTM, configuring Wide IPs and pools to load balance the client traffic between the two data centers.
- Tier 1 / Tier 2 support for Gigamon Network Visibility Devices, Windows Endpoints, and Mac Endpoints.
- Additional SD-WAN configuration and implementation.
- SSL offloading on F5 LTM's, worked on both the server SSL profiles and client SSL profiles.
- Troubleshooted VIPs and SSL s issues that were encountered at the time of deployment or in production.
- Experience in dealing with Windows Azure IaaS - Virtual Networks, Virtual Machines, Cloud Services, Resource Groups, Express Route, Traffic Manager, VPN, Load Balancing, Application Gateways, and Auto-Scaling.
- Configured the F5 LTM both by the GUI and tmsh scripts.
- Configuring and troubleshooting perimeter security devices such as Checkpoint R77 Gaia, Secure Platform, Palo Alto and ASA Firewalls.
- Knowledge with following Citrix infrastructure components: Web interfaces, PNAServer, NetScaler setup and administration, License Server management, Edgesight. Management and configuration of RSA SecurID Server.
- Worked with Automation script with Python module like Chef & Ansible.
- Designed, installed, configured, and troubleshot Citrix NetScaler devices in the support of NetScaler Gateway, Clientless VPN and SSLVPN implementations.
- Vendor in a SIEM technology.
- Some familiarity with Zabbix, AWS, Git, Nginx, Ansible.
- Implemented traffic filters by using standard/extended access lists, distribute lists, & route maps.
- Familiarity managing workload in Remedy Ticket System.
- Used Bluecoat ProxySG Appliances to effectively secure Web communications and accelerate delivery of business applications.
- Adding Websites to blocked list on the bluecoat proxies based upon business requirements.
- Support Blue Coat Proxy in explicit mode for users trying to access Internet from Corp Network.
- Linux System Administration (RHEL/CentOS/Scientific Linux 6).
- Worked extensively on Fortigate Firewalls.
- Configured Fortigate 60D.
- Implementing and maintaining WAN/LAN and WLAN networks in different diagrams
- Implemented the policy rules and DMZ for multiple clients of the state on the Fortigate firewall.
- Member of a 5-person team responsible for systems and policy changes to firewall infrastructure. The Firewall mesh consists of approximately 35 Fortigate firewalls and the infrastructure to maintain them. All firewalls are configured as high availability clusters.
- Physical to Virtual, Virtual to Virtual and Virtual to Physical migrations of Linux servers from and to VMware, VirtualBox, Hyper -V and other legacy hardware.
- Includes installation, testing, upgrading, loading patches, troubleshooting both physical and virtual environments.
- Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
- Installed and monitored extreme networks S-series, 7100 stackable switches and E4G-400, 1800 router to support VMware machines in NCFAST.
- Construct DellEMC EHC Private Cloud with VMware NSX SDN globally in four regions; integrate into current DC environment .
- Monitoring of data flow and troubleshooting in wireless systems for multiple clients using the cisco ISE platform and also configuring a small wireless system for VOIP and wireless activity.
- Upgraded distribution switches 6509 to Nexus 7010 with Sup1.
- Involved in Data Center migrations and handled proper management, maintenance, configuration, and altered management of firewall structure.
- Configured dynamic routing protocols such as EIGRP, OSPF, BGP and switch management on Cisco 6500, 2800, 2900, 3750, 3900 series.
- Monitored Linux server for CPU Utilization, Memory Utilization, and Disk Utilization for performance monitoring.
- Remote implementation of Palo Alto firewalls PA-500 and PA 200 firewalls.
- Provided L2 & L3 network support.
- Hands On experience in push Policy from Panorama to Firewall in Palo Alto.
- Excellent experience with FTP, TFTP, DHCP configuration and its setup.
- Hands on experience with issues related to security like NAT, IP sec, ACLs.
- Used Net scalar for quality of service (QOS), offloading.
- Used Network analysis tools like Packet Sniffer and Wireshark for troubleshooting the network.
Environment: Cisco routers (7200, 3800, 2800) and Cisco switches (6500, 3700, 4900, 2900), Nexus (7K, 5K & 2K), Data Centers, LAN/WAN, Routing Protocols (EIGRP, OSPF, BGP), ASA, Fortingate, Palo Alto F5 load balancing, VRF, VPN, IPSec, Citrix, NetScaler.
Network Engineer
Confidential
Responsibilities:
- Responsible for turning up new sites this includes designing, configuring, and coordinating in turning up the new circuits on Routers and switches.
- Using Tanium and other automation tools we were able to significantly reduce response time and man hours spent on network vulnerability's.
- Managed fast L3 switched/routed LAN/ SD WAN infrastructure as a part of Network team Configured RIPv2, BGP and OSPF routing.
- Built custom Tanium sensors to fill the gaps that where left by our other data collection tools.
- Provided accreditation support for a new Tanium installation on a large Core network.
- Experiences in creating vision, defining technology strategy, and creating innovative products and solutions for SDN, NFV, cloud, and virtualization for enterprises and service providers.
- Monitor and respond to alarms for all network and security infrastructure including Cisco 2800, 2900, 3000, and Nexus 7k series routers and equivalent switches, Aruba wireless networking devices, Riverbed load balancers, firewalls.
- Design and Build Software-Defined Data Center environment, including Vmware, VCenter,NSX and Cisco ACI.
- Hands on Experience with Cisco Wireless Controllers 5500’s and 2500’s and coming to access points, worked on 3700’s, 3500’s and 1142 access points.
- Provided members with a holistic suite of financial products to meet their financial goals.
- Troubleshoot and track offline node in Tripwire.
- Validated changes downloaded by Tripwire Logger and analyzed changes for adds, removed, and timestamp changes.
- Involved in migrating SQL Server databases to SQL Azure Database using SQL AzureMigration Wizard and then Deployed application to Azure Cloud.
- Authorized to work in United States for any employer
- Involved in migrating SQL Server databases to SQL Azure Database using SQL AzureMigration Wizard and then Deployed application to Azure Cloud.
- Authorized to work in United States for any employer.
- Developed requirements for Cisco SD-WAN relaunch plan.
- Analyzed customer requirements, process, and challenges to develop and enhance Tanium capabilities.
- Involved in migrating SQL Server databases to SQL Azure Database using SQL AzureMigration Wizard and then Deployed application to Azure Cloud.
- Authorized to work in United States for any employer.
- Designed, deployed, maintained and lead the implementation of Cloud solutions using Microsoft Azure and underlying technologies
- Designed, validated and implemented LAN, WLAN & WAN solution to suite client’s needs
- Installing the F5 TMOS upgrades, Hot-fix installations depending on Business need.
- Experience working with Nexus 9k, 7K, 5K and 2K.
- Deploying and maintaining ACI data centers lab utilized by the global support team.
- Exhibited knowledge of Wireshark to capture and analyze packet information, NMAP and TCP dump to assist in network connectivity issues and analysis, Check Point Firewall logs and rule base to analyze network behavior and isolate potential threats, and handle virus and OS updates.
- Troubleshoot and document infrastructure changes that support AV and VTC systems to include CAD drawings.
- Utilize Firemon to run traffic analysis and other reports from the firewall.
- Provide design and SDN/NFV networking support using Cisco ACI, Cisco wireless controllers, Open-Stack, Juniper Contrail and Big Switch Networks LABs and using Apple Configurator.
- Migrate Open stack underlay network from Standalone Nexus to ACI.
- Hands on Experience on Riverbed 250, 555, 570, 5050.
- Designed and configured Local Area Networks consisting of Cisco Catalyst Switches 6509E, 4500s, 3750, 3560 Wired Switches, Wide Area Networks consisting of Cisco Routers 3900s, 2951s, and Wireless LAN Networks using controllers of Cisco 5508s with Cisco APs 3502Es.
- Performed Pilot Test on Cisco Nexus Data Center Switches 7000s for compatibility issues, Cisco Carrier Routing System (CRS), Cisco Aggregation Service Routers, and Cisco 12000 GSR.
- Performed configuration and maintenance of LAN/WAN technologies such as Ethernet and Fast Ethernet. Securing the network with access lists applied on interfaces.
- Knowledge of modifying and maintaining the Bluecoat Proxy Pac file.
- Managed LAN & WAN and Bluecoat proxy servers.
- Recently refreshed data center access layer with Nexus 9k's to prepare the infrastructure for future SDA or SD WAN requirements
- Black listing and White listing of web URL on BlueCoat Proxy servers.
- Adding Websites to the URL filtering blocklist in Bluecoat Proxies and upgrading firmware on the bluecoat proxies.
- Worked directly with SD-WAN provider (Talari) to design the Talari as a Router (TaaR) solution - this was done to replace the end-of-life 1841 cisco routers that we had at our remote locations.
- Implemented IP Routing protocols EIGRP, OSPF, BGP on Cisco Routers 7600, 3600, 2800.
- Produce shell and Perl scripts to automate tasks wherever possible.
- Configured and managed Windows Firewalls, Cisco PIX, and Checkpoint firewalls.
- Generate a wide variety of reports on firewall and IDS activity notifying the end customer concerning suspicious traffic.
- Monitor IDS logs filtering potentially threatening activity from normal network traffic.
- Planned, designed, and configured ASA 5580 Firewalls with software version 8.0, Cisco Load balancers, VPN concentrators, and implemented QoS and performing traffic engineering.
- Responsible for daily administration of Windows servers including creation/deletion of new user accounts, print services, and backups.
- Installed and Maintained software license agreements: administering patch management and operating system deployment with SCCM and SCOM.
- VPC to Arista MLAG migration - Designed 3-tier leaf spine network with L3 switches, configured IP subnets, MLAG Peers, VLANs, routing (OSPF, BGP peering with ISP) and VARP for router redundancy and tested for traffic loss.
- Configuring and troubleshooting Layer 2 Ethernet switch and router interfaces for Arista, Cisco, and Juniper.
- PowerCLI/ PowerShell/Bash/Shell Scripts, C, C++, Fortran, Pascal, Visual Basic
- System level monitoring on Linux and Infoblox Appliances to watch process and service statuses, like Performance Monitoring & Tuning - iostat, vmstat & netstat, nfsstat, etc.
- Configuring and troubleshooting Layer 4 VPN on Cisco, Juniper, and Arista.
- Configured Arista switches out of the box and installed PDUs in the Datacenter.
- Key player in deployment of nationwide corporate upgrade: migrating from legacy equipment to Cisco Meraki indoor/outdoor wide area mesh networks (Cisco's largest Meraki rollout to date).
- Experience with Cisco's Guest Wi-Fi solution using ISE and Meraki Firewall.
- Designed and Implemented DMZ for FTP, Web and Mail Servers with CISCO PIX 506, PIX515.
- Built VPN tunnel and VPN encryption.
- Involved in Configuration of Access lists (ACL) on ASA firewall for the proper network routing for the B2B network connectivity.
- To secure configurations of load balancing in F5, SSL/VPN connections, troubleshooting CISCO ASA firewalls, and related network security measures.
- Working experience with Load Balancers F5 LTM like 3900, 6900, 4200V over various environments.
- Configuration, migrations, upgrades of F5 Big IP LTM 3400, 6400, 8900 running v4.x to 10.2.x, Active/Standby.
Environment: Net Flow, TACACS, EIGRP, RIP, OSPF, BGP, VPN, MPLS, CSM, SUP720, Ether Channels, Cisco 7200/3845/3600/2800 routers, Fluke and Sniffer, Cisco 6509/ 3750/3550/3500/2950 switches, Checkpoint firewalls (SPLAT)
Network Engineer
Confidential
Responsibilities:
- Installation & Configuring of Cisco 6500, 4500, 2800, 1800 and 1700 series router.
- Installed and configured DNS, DHCP Client/Server.
- Worked on Extensively on Cisco Firewalls, Cisco ASA 5500(5510/5540) Series.
- Gathering application information which are using Splunk tool and analyze their bandwidth traffic.
- Standardized Splunk agent deployment, configuration and maintenance across a variety of UNIX and Windows platforms.
- Responsible for developing and deploying Solar Winds which includes WAN/LAN and server monitoring.
- Reporting, and alerting and Configure Orion alerts.
- Implemented inter-VLAN routing (on Juniper EX 3300 and EX 3400 switches) among the VLANs to allow.
- Debugged, Configured, and Tested Routers at Access Points and WLAN Stations.
- Projects on Network design, Installation, troubleshooting and suggesting them suitable backup system.
- Configured VM networking with reserved IPs, Health Monitors, Firewall rules, VM scale sets and availability sets in the Azure Cloud.
- Worked on Juniper J series j230, M 320 routers and EX 3200 series switch.
- Building configurations for Juniper EX 3300 and EX 4200 switches with features like port security, VLANS, VTP, and PVST+.
- Accountable for ensuring the data center operations meet the functionality and reliability to meet customer Service Level Agreements and expectations.
- Configuring STP for switching loop prevention and VLANs for data and voice along with configuring port security for users connecting to the switches.
- Worked on installation, maintenance, and troubleshooting of LAN/WAN (ISDN, Frame relay, NAT, DHCP, TCP/IP).
- As a Network Engineer I worked on the Viptela SD-WAN, designed the test automation infrastructure for the entire suite of SD-WAN features.
- Expertise with Installation, configuration and troubleshooting of Cisco Routers (ASR 9K, NSX 5K, Meraki MX84, CISCO ISR 1K, 7600, 3800, 2800, 2600, 1800 series). and Juniper Routers (MX, PTX, T4000-series)
- Configured Access List (Standard, Extended, and Named) to allow users all over the company to access different applications and blocking others.
- Monitors data center devices, equipment's (HVAC, Servers, other devices) local & remote sites
- Provide visibility and support to the Facilities team when monitoring the Data Center requests.
- Configured Checkpoint and Cisco ASA firewalls to secure the infrastructure for the Data Center.
- Configured VDC (Virtual Device Context) for Nexus 7010 Switch.
- Experience with industry recognized SIEM solutions such as ArcSight, Splunk, LogRhythm, AlienVault, etc.
- Azure Storage Planning - Migrated Blob Storage for document and media file, Table storage for structured datasets, Queue storage for reliable messaging for workflow processing and file storage to share file data
- Perform monitoring and support of internal network security.
- Provide support to internal users and external clients on various hardware and software issues.
- Implemented rules on Juniper SRX 550 at the server farm.
- Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls (160+ firewalls) - PA200, PA2000 series, PA3series, PA4000 series and PA5000 series.
- Provided firewall policy configuration and services with Juniper SRX 240 & 650 service gateways.
- Configuring various advanced features (Profiles, monitors, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital s, executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
- Worked on physical and virtual networks to provide functionality on additional layers on VMware NSX.
- Azure SQL Services - Created Azure SQL database, performed monitoring and restoring of Azure SQL database.
- Monitoring servers like domain controllers, exchange servers and connectivity.
- Managed network connectivity and network SSL Security, between Head offices and Branch office.
- Responsible for Internal and external accounts and, managing LAN/WAN and checking for SSL Security Settings of the networking 3750 devices (Cisco Router, switches) co-coordinating with the system.
- Understanding the JUNOS platform and worked with JUNOS upgrade of Juniper devices.
- Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
- Used load balancers ACE and load balancing technique with multiple components for efficient performance and to increase reliability through redundancy.
- Performed migration of Cisco ACE/GSS onto F5 LTM active/passive pair.
- Troubleshoot on security related issues on JUNIPER SRX/PIX, Checkpoint and IDS/IPS.
- Environment: Router series (2800, 3800, 7200) and switch series (3750, 3550, 4509E, 6509E), SRX 550firewall, Palo Alto (PA-4000/PA-2000), Juniper EX, Routing Protocols (EIGRP, OSPF, ISIS, BGP), Switching protocols (VTP, STP), Site to Site VPN, Remote Access VPN.
- Performed IOS upgrades/Password recover on 2900, 3500 series Cisco Catalyst switches and 1800, 2600, 3600 series Cisco routers using TFTP.
- Implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, and Ether channel, STP, RSTP and MST.
Environment: Cisco routers Series 7200/7600/3800 , ASR 7000/9000; Cisco catalyst switches 6500/5000/3500/2950 and Nexus 7K; Juno OS, Cisco PIX Firewalls 535, 525 Routing Protocols OSPF, BGP; VPN, MPLS, HSRP, GLBP, Big-IP F5 LTM Load Balancer, ACE 4400, Ansible, Python scripting, Wireshark, PowerShell, Cisco Works, MS Visio, Cisco ASA and Palo Alto firewalls, Blue Coat Proxy.
Confidential
Network Engineer
Responsibilities:
- Configuring/Troubleshoot issues with the following types of routers Cisco (7200, 6500, 4500, 1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP, as well as assisting with customer LAN /MAN, router/firewalls.
- Wrote IOS and CAT OS upgrade procedures and Pre/Post checks for customer production upgrades.
- Excellent Troubleshooting Skills and Customer Centric approach.
- Switches Replace branch hardware with new 2851 routers and 2960 switches.
- Implemented Cisco Wireless Access Points and WLC’s at various corporate sites fort 11n Infrastructure and its legacy technologies.
- Experience in working with Cisco Nexus 5000 series switches for data center.
- Provided estimated bandwidth requirements for data replication, to best determine adequate timing for migration service levels
- Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst
- Configuring, managing and troubleshooting networks using routing protocols like RIP, EIGRP and OSPF (Single Area and Multi Area).
- Configured OSPF on CISCO devices with multiple routing processes and redistributed them. Tested and hands on experience in multi area OSPF topologies.
- Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
- Assisted in network engineering efforts consistent with the infrastructure of an Internet Service Provider and support of such network services. Helped in designing and implementation of VLAN for the new users.
- Installation and Configuration of various types of Personal Computers and Printers. Installation of different operating systems on Intel based PC's.
- Installed Hard disks, Floppy drives, CD Drives, Sound Blaster cards, CPU, Memory, Power supply unit, Network card, Video graphics card, Hard disk controller card on PC systems.
- Troubleshooting of personal computers. On line Support to customers concerning their computer problems.
- Assisted with troubleshooting all network issues with routers and switches when necessary and consulted with on call tech as needed for client.
- Monitor, troubleshoot, test and resolve Frame Relay, ATM, MLPPP, PPP, and Dial-up.
- Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
- Configuring Vlan’s, VTP’s, enabling trunks between switches.
Environment: ASA Firewall, VLAN, HSRP, VTP, OSPF, EIGRP, BGP, Juniper, MPLS, CISCO 3750, 4500, 6500, DMZ.
Network Engineer
Confidential
Responsibilities:
- Connected switches using trunk links and Ether Channel.
- Converted network with multiple routing protocols RIP, IGRP, EIGRP into a single OSPF domain, thus SDproviding for future network scalability.
- Configuring of IP Allocation and sub netting for all applications and servers and other needs throughout company using FLSM, VLSM addressing.
- Configuration changes automation with Ansible.
- Implemented redundant Load balancing technique with Internet applications for switches and routers.
- Configured Cisco IOS Feature Set, NAT and Simple Network Management Protocol (SNMP) for Network Security implementation.
- Addition and removal of services from virtual server configuration on Citrix Netscalar load-balancer.
- Maintaining SSL on Citrix Netscalar load balancer and managing the virtual servers.
- SIEM monitoring and investigation of any alerts using tools like Arcsight ESM, Arcsight Logger, HBSS, NetScout, Site Protector IDS, and Wireshark Protocol Analyzer.
- Evaluate and build proof of concept of HPE Cloud with Nuage SDN and EMC EHC platform with VMware NSX based SDN
- Functional Management of the Azure Network in customer as well as production perspective.
- Cloud design: Participate in Amazon AWS / Microsoft Azure network design and implementation.
- Documenting and Log analyzing the Cisco ASA 5500 series firewalls.
- Used Network Monitoring tool to manage, monitor and troubleshoot the network.
- Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS.
- Received inbound calls of technical nature, independently resolved customer complaints, concerns and inquiries regarding their Internet connection.
- Troubleshoot a wide range of technical support issues and connectivity problems such as authentication, connection speed, e-mail configuration, and loss of synchronization.
- Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
- Experience in new employee mentoring, and coaching.
Environment: Net Flow, EIGRP, RIP, OSPF, BGP, VPN, MPLS, CSM, SUP720, Anisible, Ether Channels, Cisco 7200/3845/3600/2800 routers, Cisco 6509/ 3750/3550/3500/2950 switches, Github.