SUMMARY:

• 8.1years of IT experience in design, development, implementation, troubleshooting and maintenance of complex Network& Securitydevices, Network Security, Linux Kernel Programming.
• In - depth Cisco technology experience/knowledge in design, implementation, administration and support.
• Strong hands on experience in installing, configuring, and troubleshooting of Cisco 7600, 7200, 3800, 3600, 2800, 2600, 2500 and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
• Advanced knowledge of OSI model, TCP/IP, Internet technologies, system security, firewall infrastructure, network architecture and Cisco network routing / switching (Layer 2 and 3) experience, including LAN and WAN, design and implementation which includes Layer 1 to Layer 7 experience
• Experience with Troubleshooting tools for example protocol analyzers, load generators & network traces
• Working knowledge of frame relay, MPLS services,OSPF, BGP and EIGRP routing protocols, NATing, sub-netting, also including DNS, WINS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols
• Corporate trainer for certification like CCNA, CCNP, Hardware & Networking.
• Designing, Implementing and Troubleshooting Cisco 3750, 3550, 3560, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a datacenter access architecture Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series
• Experience with design and implementation of Virtual Switching System (VSS)
• Implementing 3750 Stackable switches using Cisco StackWise technology. Experience to review and evaluate current and future design issues as required maintaining network integrity, efficient data flow. With Cisco ASA 5500 series firewall.
• Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
• Designing, Implementing and Troubleshooting Cisco Routers (2800,2900,3900,3800,7600) using Static, RIP, IGRP, OSPF, EIGRP & experience with Checkpoint, Cisco PIX & ASA devices
• Primary responsibility is to design and deploy various network security & High Availability products like Cisco ASA and other security products.
• Well experienced in configuring gateway redundancy protocols like HSRP, GLBP, PPP and SNMP.
• Worked on Load BalancerF5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability

TECHNICAL SKILLS:

WAN: Leased lines 64k - 155Mb (PPP / HDLC), Channelized links (E1/T1/E3/T3), Fiber Optic Circuits, Frame Relay, ISDN, Load Balancing.

Firewall -, Palo Alto, ASA, Check Point, Juniper SRX:

Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240

Security: Anomaly Detection in attack prevention system, IPS/IDS, Penetration Testing and Web application testing, Buffer Overflows, Cross Site Scripting, Session Management, Cisco PIX, and Security attacks like DoS, DDoS, Spoofing, Nessus & Cisco IOS, Cisco Works

Network Security: NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration, Internet Content Filtering, Load Balancing, IDS/IPS, URL Filtering -Web-sense, Kiwi Syslog Server Logging, SSL, IPSEC, IKE, Static, Dynamic, Reflexive ACL, and authentication AAA (TACACS+ &RADIUS)

Protocols & Standards: TCP/IP Protocol Suite, Ethernet, Token Ring, FDDI, OSPF, EIGRP, Rip, BGP, HSRP, L2/L3/L4/L7 Switching, VLAN’s, VTP, IPv4, IPv6, ATM, VoIP, LAN, SSL, SNMP V1, V2. T1, DS3.

Networking: Network Design & Engineering, Operations Research, Cisco Routers (800, 2600, 2800,3800, 4500), Switches (2950, 3560, 6500), Snort network intrusion detection systems (IDS). Network penetration testing tools like NMAP, Netfilter, IPTables, Ethereal, SONNET, MPLS, DSU/CSU

PROFESSIONAL EXPERIENCE:

Confidential, Charlotte, NC

Sr. Network Security Engineer

Responsibilities:

• Support Panorama Centralized Management for Palo alto firewall PA-500, PA-200 and PA3060, to central manage the console, configure, maintain, monitor, and update firewall core, as well as back up configuration
• Configure all Palo alto Networks Firewall models (PA-2k, PA-3k, PA-5k) as well as a centralized management system (Panorama) to manage large scale firewall deployments.
• Configuring HA pair for two Palo VM-300 series AWS instance firewalls and testing the failover activity as well as ENI migration.
• Performing the software upgrade from version 7 to 8.0.2 on panorama and VM-300 series palo alto firewalls
• Configured ACLs to prevent access to internal network from unauthorized users on ASA firewalls.
• Dealt with implementation of deployment related to Cisco ASA 5585 devices
• Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
• Experience with Firewall Administration, Rule Analysis, Rule Modification
• Experience with configuring Virtual Server and Configuring Load balancing methods in F5 LTM
• Implemented Load Balancing between Cisco L3 Switch by HSRP and GLBP
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Automated network implementations and tasks and designed monitoring tools using python scripting
• Responsible for working on the vendor DMZ migration project to migrate various vendors on SRX/SSG firewalls to a unified Cisco ASA device in our primary/redunadant datacenters
• Establish AWS technical credibility with customers and external parties
• Help customers build scalable, resilient, and high-performance applications and services on AWS
• Experience in configuring VDC, fex pinning, fex port-channel, port-channel, peer keep alive, peer link.
• Experience in working and designing configurations for VPC, VPC domian, VPC peer-gateway, VPC peer-switch, auto-discovery, and VPC single sided, VPC double sided, NX-OS, VFR, Otv, fabric path.
• Experience with migrating the Partner IPSEC VPN tunnels from one data center to another data center.
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tuning AS-path.
• Experience in working with Nexus 7010, 5548, 5020, 2148, 2248 devices.
• Designed and configured the commands for QoS and Access Lists for Nexus 7K and 5K.
• Configuring Virtual Chassis for Juniper switches EX-4200,Firewalls SRX-210
• Design and implementation of GET VPN architecture used for multicast and unicast communication on an existing IP VPN.
• Monitor and respond to network intrusions and vulnerability alerts raised by automated detection systems, internal and external reports and manual investigation, using tools such as: Solar Winds Network Monitoring.
• Involved in designing and implementing QOS and policy map to 2800 series routers for all the branches
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000
• Deploy Juniper EX-4300, EX-4200 switches to replace EOL Cisco 4948, 3750 switches in the access layer
• Implementing and Maintaining Network Management tools (OPAS, Solar Winds, Cisco Works)

Confidential, Chicago, IL

SR.Network Security Engineer

Responsibilities:

• Creating Network objects, dynamic address groups, FQDN and assigning it to rules based on the information in tickets
• Creating custom URL profile based on the expressions and assigning it to rule to perform URL filtering.
• Configuring network interfaces, static routes, NAT rules in panorama and thereafter pushing to individual palo alto devices.
• Performing the software upgrade from version 7 to 8.0.2 on panorama and VM-300 series Palo Alto firewalls.
• Configuration included VLANs & VTP, STP port features, Gateway redundancy using HSRP, enterprise security using Cisco Port Security and Dot1X framework.
• Develop/capture/document architectural best practices for building systems on AWS
• Configuration included deploying of new branch locations or new network devices in the existing infrastructure. Like, 4500-X in VSS mode and 3850 switches for distribution and POE-user switches
• Troubleshooting the Network failure issues and thereby making the changes to Network Infrastructure.
• Worked on maintenance and upgraded Cisco wireless WLC, LWAPP APs
• Troubleshoot issues with Wireless Access points (Cisco 3502) and configure SSID’s on 5520 Wireless LAN Controllers.
• Worked on Network automation using Python
• Configuring Node, pool, VIP, SSL client, server profile in F5 LTM 4000 series Bigip and thereby adding firewall rule to bring the end servers live
• Troubleshooting when the servers are down, checking logs the identify the error and thereby taking necessary steps.
• Implemented the Core switch cut over project from Cisco 6509 to Nexus 7004 devices.
• Configured VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 7k/5k devices
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Established BGP peering between onsite datacenter in Chicago and AWS cloud.
• Worked with Cisco advance services to implement data center Nexus environment for new Upgraded datacenter for the NX-OS in 7004 in core layer, 6880 in aggregation layer and cisco 6800 in access layer.
• Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
• Providing Technical Support and solutions for Network Problems and resolve tickets across sites and corporate offices.
• Involved in periodic IOS upgrades, troubleshooting network outages and high severity incidents.
• Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco ASA Firewalls, NAT and Juniper SRX firewall.
• Creating or Modifying Firewall rules on Cisco 5555, 5520, Juniper SRX and Palo alto VM-300 devices.
• Upgrading the IOS on Network Devices including cisco 6800, 6500 and Palo Alto VM-300 devices
• Experience in working in panorama, palo alto user interface version 8.0.2 and VM-300 series firewalls.
• Creating templates in panorama to manage the individual devices from it.
• Configuring HA pair for two Palo VM-300 series AWS instance firewalls and testing the failover activity as well as ENI migration.
• Participate in all technical aspects of LAN, WAN, VPN and security Internet Service projects including, short and long-term planning, implementation, project management and operations support as required.

Confidential, St. Louis, MO

Network Engineer

Responsibilities:

• Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches.
• Understanding & Implementation of IPSEC & GRE tunnels in VPN technology
• Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system.
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS
• Implementing & Troubleshooting of T1, MUXES and CSU/DSU and data circuits.
• Have experience with Cisco Works LAN Management Solution
• Created effective network security by migrating from Check Point FW-1 NG to ASA 5510 Firewalls
• Responsible for Firewall Administration, Rule Analysis, Rule Modification on ASA 5585, SRX550 devices.
• Experience on working with the Trouble Tickets on F5 Load balancers on LTM module.
• Experience in migrationof Frame-relay based branches to MPLS based technology using multi-layer stackable switch like 6500 series and 2800 series router
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks
• Involved in configuring IP Quality of service (QoS)
• Experienced in WAN environments, installing and troubleshooting data circuit problems (MPLS, T1)
• Involved in designing and applying QOS and policy map to 2800 series routers for all the branches
• Involved in designing GRE tunnels for encryption of data flow from source to destination
• Hands on experience with Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them with various modules like Gig card, VPN SPA card, WIC card.
• Applying crypto maps and security keys for the branches, ISAKMP (Internet security association key management protocol) for establishing Security associations (SA) cryptographic keys.
• Experience with Project documentation tools & implementing and maintaining network monitoring systems (Cisco works & Net info, Info man Virtual Change) and experience with developing network design documentation and presentations using VISIO
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems,

Confidential, Burlingame, CA

Network Engineer

Responsibilities:

• Optimized performance of the WAN network consisting of Cisco 3550/4500/6500 switches by configuring VLANs.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
• Providing Technical Support and solutions for Network Problems and resolve tickets across sites, plants and corporate offices.
• Configured Routing protocols such as OSPF, EIGRP, static routing and policy based routing on various branch and datacenter devices.
• Team member of Configuration of Cisco 7206 router with VPN and Configuration of 6509, 4506 Catalyst devices.
• Configuration 7609, 7606 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs.
• Configuration and troubleshooting link state protocols like OSPF in single area and multiple areas.
• Involved in the Redesign of Internet connectivity infrastructure for meeting bandwidth requirements across multiple sites.
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches to be implemented in the datacenter.
• Responsible Implementing NAT solutions on WAN applications with Cisco ASA based solution.
• Planned, tested and evaluated various equipment, systems, IOSs and procedures for use within the Network / security infrastructure.
• Involved in periodic IOS upgrades, troubleshooting network outages and high severity incidents.
• Participate in all technical aspects of LAN, WAN, VPN and security Internet Service projects including, short and long-term planning, implementation, project management and operations support as required.
• Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco ASA Firewalls, NAT and Juniper SRX firewall.
• Deploy and support network load balancers, such as F5 LTM/GTM, Cisco ACE,