Sr. Network Engineer Resume
St Louis, MO
SUMMARY:
- CCNA, CCNP, JUNIPER and AWS CERTIFIED professional with Over 8 years of experience in network design, implementation, and support. Routing, switching, firewall technologies, system design, implementation and troubleshooting of complex network systems.
- Extensive experience in configuring and troubleshooting of protocols RIP v1/v2, EIGRP, OSPF, BGP and MPLS.
- Extensive knowledge with VLAN’s, Trunking, RSTP, SNMP, Ether Channels, HSRP, Port Security, ACL’s, QoS, Traffic Policing, Shaping, EIGRP, OSPF, NAT, PAT, Inspections, VPN’s, DHCP, WireShark etc
- Expertise in configuring and troubleshooting of Palo Alto, Juniper NetScreen & SRX Firewalls and their implementation
- Working Knowledge of Cisco IOS, Junos & basic Nexus (7K, 5K&2K).
- Switching tasks include VTP, ISL/ 802.1q, VLAN, Ether Channel, STP and RSTP.
- Strong hands on experience on PIX (506, 515, 525, 535), ASA (5505/5510) Firewalls. Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
- Responsible for Check Point and Cisco ASA firewall administration across global networks.
- Experience in testing Cisco routers and switches in laboratory and deploy them on site production.
- Hands of experience on AWS (Amazon Web Services).
- Expertise on complex Checkpoint, Cisco ASA & Palo Alto firewalls Environment.
- Has experience in working on cloud AWS cloud EC2, S3, RDS, Load Balancer, Auto Scaling with AWS command line interface and AWS python SDK.
- Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
- Systems integration projects included Routers, Switches, Load balancers, DNS Servers, Firewalls, Virtualized servers, Multimedia, Remote Access, Wireless, Proxy servers, File Servers, Main Frames, multicast networks and much more
- Experience in physical cabling, IP addressing and subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies.
- Experienced in Cisco and Juniper design and implementation projects. Specific tasks include Integrated, Integrations, configurations, support and maintenance of routers and switches.
- Designed, configured and implemented LAN/WAN/Wireless networks in 30 remote offices domestic and globally consisting of Cisco 4510R - E and 3850X Core switches, Cisco 2921 WAN router, Aruba Mobility controller, and Palo Alto firewalls.
- Well experienced in configuring HSRP, GLBP, ICMP, PPP, PAP, CHAP and SNMP.
- Experience in installing and configuring DNS, DHCP server
- Expertise in installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800)
- Expertise in installing, configuring and troubleshooting Juniper Routers (J, M and MX-series)
- Experienced in Administrating and diagnostics of LAN and WAN with in-depth knowledge of TCP/IP, NAT, PPP, ISDN and associates network protocols and services.
- In-depth knowledge and hands-on experience in ISP Routing Policies, Network Architecture, IP Sub netting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
- Experience in site-to-site and remote access VPN solutions.
- Multicast routing/switching, Rosen draft, IPTV solutions.
- Experience working with Nexus 9k, 7K, 5K and 2K.
- Hands on Knowledge/experience on F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs.
- Worked extensively on Palo Alto, Juniper Net screen and SRX Firewalls.
- Provided services in many industries such as Consulting, Telecommunications and IT Infrastructure. Specializing in LAN, WAN, WLAN, and Data Center networks
- Implemented Guest WLAN.
- Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, MPLS QOS.
- Deployed RAP controllers (Remote Access Points) in the DMZ to provide direct secure connection from remote locations to corporate LAN.
- Worked with team to implement NAC solution on Aruba wireless and LAN.
- Extensive experience in configuring Layer3 routing and layer2/3 switching of Juniper & Cisco based J2320,MX,EX,2950,2960,3600,3750,4500,6500,1700,1800,2600 and 3700 series routers & Switches.
- Troubleshooting & implementation of Vlan, STP, MSTP, RSTP, PVST, 802.1Q, DTP, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5, VTP & SVI.
- Proficient in setting up IT infrastructure including wide area networks (WAN) local area networks (LAN), security management systems network device administration.
- Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments
- Experience working with ARISTA switches like 7100, 7500 for cloud computing, datacenter and low latency networks
- IOS/JUNOS upgrade for Cisco & Juniper routers cum switches.
- Experience in testing Cisco & Juniper routers cum switches in laboratory scenarios and deploy on site for production.
- Moderate knowledge in configuring and troubleshooting Cisco Wireless networks; LWAPP, WLC, WCS, stand-alone apps, roaming, wireless security basis, IEEE 802.11a/b/g, RF spectrum characteristics.
- Experience working on Cisco ASR 9001&ASR 1006.
- Installation of IP Voice System PBX and Voice gateway Cisco SPA 8000
- Configured Site to Site VPN with Checkpoint to AWS Virtual Gateway.
TECHNICAL SKILLS:
Cisco Platforms: Nexus 7K, 5K, 2K and 1K, Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900, 6807 series)Juniper Platforms
SRX, MX, EX Series Routers and Switches
Access: lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi
Firewall: ASA Firewall (5505/5510/5520 ), Checkpoint (R75/R76), Palo Alto (2k, 3k, 5k), Juniper SRX (240).
Network Tools: Solarwinds, SNMP, Cisco Works, Wireshark, Netcool, Netbrain
Load Balancers: Cisco CSM, F5 Networks (Big-IP)
WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1,DS3,OC3, T1 /T3 & SONET
LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q
IKE, IPSEC, SSL: VPN
Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6
Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix
PROFESSIONAL EXPERIENCE:
Confidential, St. Louis, MO
Sr. Network Engineer
Responsibilities:
- Makes recommendations on existing projects to improve network security Created Change Requests, Method of Procedures (MOPS) and assisted on-call migrations and changes.
- Performed Level 3-4 troubleshooting and analysis of disaster recovery issues, security implementations, firewall configurations, vulnerability assessments, and intrusion detection and analyze, customer consultation.
- Creating network object groups and Access Control lists and Object group services on Cisco ASA 5500 as per client needs.
- Telnet into Cisco router to configure and update interface, and subnet TCP/IPv4.
- Used Visio diagram to support the verification of switches and servers in the DMZ.
- Manage the firewall deployment, rules migrations, and firewall administration.
- Responsible for converting existing rule base onto new platforms.
- Used QRadar to check logs for troubleshooting firewall as well as network issues.
- Migrated network from EIGRP to OSPF.
- Demonstrated experience with IPSEC VPN design connection and protocols, IPSEC tunnel configuration, encryption and integrity protocols.
- Management of proxies, firewalls and F5 load balancers.
- Configuring IRules on F5 Load balancers.
- Migrated from Cisco ASA to Palo Alto.
- Work on Change Management for migration from Cisco ASA to Palo Alto.
- Used KIWI monitoring tool to troubleshoot network issues.
- Implemented VLAN, VTP domain, Trunking and Ether Channel on Cisco 5500 switches.
- Responsible for performing the engineering lifecycle functions of detailed design, implementation and hand-over to production for part or all of a network technical solution to the client, in accordance with an agreed technical architecture.
- Monitors network performance and implements performance tuning when necessary.
- Worked with IPSEC VPN and B2B VPN design connection and protocols, IPSEC tunnel.
- Provides Local & Wide Area Network and Network Security Support.
- Upgraded with Nexus 9k,7k and 5k switches to deal with the vulnerability issues.
- Manage firewall/security systems by establishing and enforcing policies.
- Configured and Managed Virtual F5 and Virtual Checkpoint in AWS Cloud.
- Performs network and security hardware and software maintenance.
- Create and maintain detailed network documentation and procedures.
- Performs maintenance and management of assigned security technologies and functions that include firewalls, authentication devices, encryption, event log monitoring, reporting, incident response, security analysis and/or
- Researches, evaluates, designs and implements new/improved security software and/or devices that meet risk management objectives.
- Upgraded Panorama version 7.0 to 8.0 on Palo Alto Firewalls.
- Performs security analysis of assigned systems and functions. Reports findings and makes recommendations for remediation to management.
- Implementing new routing architecture for AWS implementation with edge device termination.
- Worked on Cloud automation using AWS Cloud Formation templates.
- Develops, documents and implements new processes and procedures which improve the department’s ability to provide World Standard client service
- Provide support for DMZ’s creating and developing DMZ designs IDS signatures to meet new and emerging technologies threats.
- Troubleshoot, diagnose and resolve complex security attacks.
- Performed DDOS mitigations and analysis.
- Troubleshooting the Network Issues onsite and remotely depending on the severity of the issues.
- Perform research and provide direction on new and emerging security technologies.
- Help to develop response processes, rules and alert notifications.
- Provide communications to management on the threat/risk profile for various networks and data.
- Install, configure and maintain Network Security devices. This includes software installation, patches, and upgrades.
- Basic knowledge configuring CISCO networking devices.
- Hands-on experience with all phases of firewall and network operations, firewall change requests, firewall configuration, network services, and network security.
- Ability to troubleshoot complex multi-vendor network issues in the LAN and WAN networks and working with multiple application and system teams to identify bottlenecks and other network configuration issues
- In-depth knowledge in the area of deep packet troubleshooting with Wireshark and/or Riverbed ACE Analyst and tcp-dump.
Environment: Cisco Routers, Cisco Switches, Juniper Routers, Juniper Switches, Nexus 7k/5k/2k Routing protocols, Palo Alto, Checkpoint, Aruba, F5, Load Balancer, AWS, BlueCoat, HSRP, VRRP, IPSEC VPN, VPN, QOS, ASA firewall, Load balancer, SONET, Multicast, MPLS, VLANS, VTP, RSTP, ACL, NAT, IDS/IPS, SIP, RTP, RADIUS, TACACS+, Juniper SRX, ASR 9000, Catalyst 6500, CRS, Cisco ASR Firewall
Confidential, San Jose, CA
Sr. Network Security Engineer
Responsibilities:
- Responsible in Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
- Configuring, testing, troubleshooting multiple vendor device platforms like Cisco routing and switching: Cisco ASR9010, ASR901, ASR903, Catalyst Cisco 7609, 2960, and Juniper routing and switching devices: MX960, MX 480 and SRX5200, ACX2200, ALU service aggregation router 7705 and 7750 service router.
- Networking includes rebuilding existing multicast network infrastructures. Technologies included Cisco Routers, Nexus switches, Juniper FWs, BGP, EIGRP, sparse mode multicasting, MSDP and IP PIM Anycast.
- Security policy review and configuration in Palo Alto and Juniper SRX Firewall in Datacenter.
- Troubleshooting of CISCO routers like ping, trace route and basic issues.
- Configured Splunk on AWS VPC that collects and indexes log messages, analyses them to deliver real time operational intelligence anywhere across the organization
- Ensuring connectivity and communication among networks, servers and clients inside and outside department.
- This global role helped expand my expertise into other areas such as Cisco UCS, Checkpoint Firewalls, Cisco ASA, and VMware NSX.
- Migration from Cisco to Palo Alto firewall & Cisco to Checkpoint firewall.
- Troubleshoot of LAN, WAN networking issues using Wireshark, Netflow and other advanced tools and methodologies.
- Support Checkpoint firewall and Provider 1 versions of R55, R65, R70, SPLAT, and VSX.
- Monitor and configure Alta Vista, Check Point, Cisco firewalls and IDS, and F5 Load Balancers.
- Responsible for all Cisco, Juniper, Aruba, and telecommunications contracts and maintenance agreements.
- Resolved downed backup VPN tunnels giving visibility to potential ISP out stages using NetflowAnalyzers.
- Designed, Installed and configured Aruba Wireless network in an HA environment using AGN 125 access points with 802.1X authentication.
- Responsible for distributed applications across hybrid AWS and physical data centers.
- Configured multicast groups and QoS.
- Creating and testing Cisco router and switching operations using OSPF routing protocol, ASA Firewalls for stable VPNs.
- Administration of the AWS cloud environments and Working with virtual environments.
- Installed controller and light weight access point coordination with JTAC.
- Maintenance and trouble-shooting of LAN, WAN, IP Routing, Multi layers Switching.
- IOS upgrade for Cisco routers & switches.
- Responsible for DNS, and TCP/IP support.
- Integrated, Integration and trouble-shooting of routing protocols like static and dynamic.
- Implemented site to site VPN in Juniper SRX as per customer.
- Configuring & managing around 500+ Network &Security Devices that includes Cisco Routers & Switches, Nexus Switches, Juniper and Palo Alto Firewalls, F5 Big IP Load balancers, Blue Coat Proxies and Riverbed WAN Optimizers.
- Installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800)
- Operations and management of company LAN, WAN, and wireless networks, including routers, switches, Access Points, Firewalls and other network i.e. Riverbed, Bluecoat, F5 LTM/GTM.
- Configure networks to ensure their smooth and reliable operation for fulfilling business objectives and processes.
- Re-designed and implemented in-house network to support VoIP and multicast traffic.
- Designed and maintained the VLAN architecture, IP address scheme, security architecture, security policies, OS hardening, ADS architecture, and DNS Name Space across a Globally dispersed infrastructure. Implemented various EX, SRX & J series Juniper devices.
- Maintain high level Run manuals and SOP's on each project implemented including Aruba wireless, Cisco switches, and firewall solution.
- Procured, installed, configured, and maintained Cisco switches, Cisco routers, ASA/PIX firewalls, Checkpoint Firewalls (on Sun Solaris hardware), F5 Big IP Load balancers, Nortel VPN Hardware, Avaya Firewall/VPN Hardware, and Dell Windows 2000/2003 Servers.
- Regular upgrade and maintenance of Infrastructure including Cisco Router and Switches, Juniper Routers and Firewalls, Nexus 7k,5k & 2k, F5 BIG IP, Palo Alto Firewalls, BlueCoat Proxy and Riverbed Steelhead appliances.
- AWS cloud management - for e.g. creating VPC, installing VM using AMI and creating AMI for different environments. Creating network connectivity and ensuring security parameters are correct. Ability to troubleshoot issues in a cloud hosting environment. Installed, configured multiple operating systems onsite and provisioned similar instances on AWS cloud.
- Worked on AWS EBS Volumes, Cloud Formation and Cloud Watch services.
- Create and maintain documentation and Visio diagrams as it relates to network configuration, network mapping, processes, and service records.
- Ensure network connectivity of all servers, workstations, telephony equipment, fax machines, and other network appliances.
- Experience with Virtualization technologies like Installing, Configuring and administering VMware and created and managed VMs (virtual server) and also involved in the maintenance of the virtual server.
- Improved network capabilities and reliability by evaluating, testing, purchasing, and implementing new SONET, SDH, DWDM, IP/MPLS, Ethernet, and wireless technologies
- Practice network asset management, including maintenance of network component inventory and related documentation and technical specifications information
Environment: Cisco Routers, Cisco Switches, Juniper Routers, Juniper Switches, Nexus 7k/5k/2k Routing protocols, Palo Alto, Checkpoint, Aruba, F5, Load Balancer, AWS, BlueCoat, HSRP, VRRP, IPSEC VPN, VPN, QOS, ASA firewall, Load balancer, SONET, Multicast, MPLS, VLANS, VTP, RSTP, ACL, NAT, IDS/IPS, SIP, RTP, RADIUS, TACACS+, Juniper SRX, ASR 9000, Catalyst 6500, CRS, Cisco ASR Firewall
Confidential, Bellevue, WA
Network Test Engineer
Responsibilities:
- Managed firewall policy lifecycle process from review, approval, implementation, publishing, verification Network Engineer
- Worked on a project to help clean up legacy FW policies and create migration path from current ASA’s. Cleaned up around 50000 rules based on activity within 3 months prior to the migration project.
- Implement IPSEC, SSL VPN solutions including Palo Alto Networks Global Protect with single and multiple
- Gateway solutions including integration of PKI certificates.
- Worked on setup and installation of Cisco ASAs with Firepower and configured it for URL filtering.
- Check for DNS issues by pinging the server’s name. Experience with Wire shark, Test TCP& OPNET.
- Perform bandwidth metrics analysis using various tools (IXIA, Cisco Works and Cisco Network Analysis Module.
- Provided tier 3 support for Checkpoint Firewall -1 software to support customers.
- Work on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing and supporting Checkpoint Gateways
- Experienced in Netbrain 5.x in network troubleshooting and network mapping.
- Managing &Troubleshooting DHCP issues.
- Provide Level 3 support for Aruba WLAN mobility controllers, Access Points and Aruba Instant Access Points.
- Built several Red Hat Linux servers to provide file storage, system backups and UPS monitoring.
- Configuring and troubleshooting static and dynamic DNS servers.
- Trouble-shooting end-user reported problems, thoroughly and accurately documenting problem in trouble management tool.
- Analyzing and resolving a high percentage of initial customer contact in the areas of PC/LAN.
- Escalating customer problems to management and support groups utilizing standard escalation model.
Environment: Shortel, AVAYA, f5, Upgrades and backup, Network monitoring
Confidential, Dallas, TX
Network Engineer
Responsibilities:
- Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
- Regular upgrade and maintenance of Infrastructure, Installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800) Cisco Router and Switches, Juniper Routers and Firewalls, Nexus 7k,5k & 2k, f5 BIG IP, Palo Alto Firewalls, BlueCoat Proxy and Riverbed Steelhead appliances
- Configuring various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
- Deployed the Nexus 7000/5000/2000 architecture into production securing competitive advantage across multiple verticals.
- Worked extensively in Configuring, Monitoring and Troubleshooting Juniper security appliance, Failover DMZ zoning & configuring VLANs/routing/NATTing with the firewalls as per the design.
- Converting CatOS to Cisco IOS Config Conversion on distribution layer switches
- Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPsec/GRE to Get VPN.
- Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco PIX Firewall, Nortel VPN Concentrators TCP/IP, NAT and Checkpoint ESX/GSX firewall.
- Handling Complaints for Intranet and Extranet over MPLS backbone. Checking the connectivity between different locations.
- Installed doors on Cisco ASR9010s that do not currently have them.
- Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
- Planning, Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.
- Involved in Configuration of Access lists (ACL) on Juniper and Palo Alto firewall for the proper network routing for the B2Bnetwork connectivity.
- Switching technologies like VLAN, Inter-VLAN Routing, Ether-channel, VTP, MLS, HSRP, VRRP, UDLD, Spanning Tree Protocol 802.1d, 802.1s and 802.1w.
- Experience of IP/MPLS/Optical Transmission network for access transport & back haul network to facilitate 2/3/4G Network.
- Multisite distributed ISE 2.0 (10 VM nodes) Design, Implement, Configure, Planned and migrated ACS existing configured devices like WLC, Radius, Tacacs+,802.1x, Guest portal, posture policies and VPN authentication
- Experience in design and troubleshoot of WLAN.
- Understanding of mobile backhaul network on IP, Ethernet, ATM, PW & TDM.
- Knowledge of BTS/ BSC/ NB/ RNC integration on IP network, MPBN integration with SGSN/GGSN including the interfaces like Gi/Gn/Gb/Iub/Gy/Gx/IuPS/IuCS
- Understanding of 2/3G services and traffic flow.
- Troubleshooting and management Cisco, Juniper, Huawei, Redback and Extreme devices.
- Troubleshooting and management of NetScreen and SRX Firewalls.
Responsibilities: Nexus 9k, 7K, 6K, 5K, 2K; 4500, 6500 VSS pairs; Cisco IOS, Arista switches; Cisco IOS & IOS-XE routers; ASA, Checkpoint and Juniper Firewalls; F5, Cisco aACE load balancers; Cisco UCS, Dell, HP Chassis; Linux, Python 2, BASH, VMware.