PROFESSIONAL SUMMARY:

• Senior Network Engineer with Over 8+ years of Professional IT Infrastructure experience in Migration, testing, troubleshooting, implementing and maintaining enterprise data network, service provider systems (CISCO & JUNIPER networks) and Telecommunication systems.
• Expertise in installing, configuring, and troubleshooting of Cisco Routers (7600, 7500, 7200, 3800, 3600, 2800, 2600, 1800, 1700, 8000).
• Working knowledge of installing, configuring, and maintaining Cisco Switches (2900, 3500, 3700 series, 6500 series).
• Implementation, Configurationand Support of Checkpoint ( NGX R65, R70, R71, R75 and R77 ), Juniper Firewalls (SRX5400, SRX5600and SRX5800), Cisco Firewalls (ASA 5505, 5506 - X, 5585), Palo Alto Networks Firewall models (PA-2k, PA-3kand PA-5 k).
• Configuring and deploying all equipment, including, Juniper Routers, Extreme Switches, CIENA Optical transport, DWDM technologies to interconnect all these locations together enabling them to carry a very high volume ofinternet traffic.
• Worked extensively on Juniper MX Series Routers and EX Series Switches.
• Protocols working experience / Awareness in Static routing, Default routing and dynamic routing protocols like EIGRP, OSPF, RIP, BGP and MPLS, VTP, NAT/PAT.
• Working Knowledge on troubleshooting complex layer 2 technologies such as of Spanning Tree Protocol (STP), Per VLAN Spanning Tree (PVST), Rapid STP (RSTP).
• Designed, developed and executed automated tests using Python.
• Extensive experience in upgrade, backup and password recovery of Cisco IOS.
• Knowledge and configuration of redundant router protocols like HSRP, VRRP and GLBP.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Expert knowledge of Cisco ASA, Cisco CSM and FMS, Checkpoint, Fortinet and Palo Alto firewalls.
• Firewall technologies including general configuration, risk analysis, security policy, rules creation and modification of Check Point R65, R70 & R77, Palo Alto and Cisco ASA.
• Implementation, Configuration of Palo Alto Networks Firewall models (PA-2k, PA-3k and PA-5 k) Checkpoint (NGX R65, R70, R71, R75 and R77), Juniper Firewalls (SRX5400, SRX5600and SRX5800) Cisco Firewalls (ASA 5505, 5506-X, 5585).
• Hands on experience on F5 load balancers - LTM, GTM series like 6400, 6800, 5000 and 2000.
• Creating Virtual Servers, Nodes, Pools and iRules on BIG-IP F5 in LTM module.
• Implemented and Configured Cisco Identity Services Engine (ISE) with connectivity to Microsoft Active directory for Authentication including Based Authentication.
• Testing and documentation for ISE rollout for Center Point Energy with distribution layer switches, wireless controllers and ISE nodes.
• Have Extensive Work Experience on Python Scripting and create Framework as Ansible.
• Configuration and troubleshooting of CISCO&ARUBA wireless devices, enforcing wired and wireless policy. Aruba Airwave Manager, ClearPass Policy Manager Server.
• Experienced in network monitoring/management tools like TCP Dump, Cisco Prime, Net Flow, Solar Winds.
• Supported Netscaler utilizing firewalls and content filtering devices.
• Building AWS/Azure secure environments with Network Segmentation, Elastic EC2 and VPC.
• Have performed scripting and development of tools to monitor networks using Python.
• Great team player and able to work under pressure 24x7 duty rotation.
• Experience in Network Management Tools and sniffers like SNMP, HP-Open view, Wireshark and Cisco works to support 24 x 7 Network Operation Center.
• Access control server configuration for RADIUS & TACAS+.
• Hands on experience in configuring, Installing VMware virtual environment which includes VMware NSX.
• Excellent leadership with good written and oral communication.
• Installed, configured and deployed Cisco IP Telephony and good knowledge of Cisco RSA .
• Good knowledge of IPv4 and IPv6 Addressing, Fixed Length and Variable Length Subnet Masking (VLSM), OSI.
• Design and implement Cisco wireless network. Troubleshoot RF WLAN system networks.
• Worked in configuring VOIP device like IP Phones and designed call center using SIP protocol.
• Good knowledge of Bluecoat proxy server SG
• Knowledge of advanced technologies like VOIP, H.323, SIP, QoS, Multicasting, MPLS, and MPLS-VPN.
• Good knowledge of CISCO NEXUS data center infrastructure with 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2248).
• Hands on experience in Network Support, Delivery/Project, NOC, Implementation.
• Performed characteristics of TCP and UDP packets are captured using WIRESHARK.
• Used Wireshark for capturing live network traffic, analyze and deduce various protocol parameters and performance.

TECHNICAL SKILLS:

CISCO PLATFORMS: Nexus 7K, 5K, 2K & 1K, Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900, 6807 series), ASR 9k, Nexus 7k, 5k, 2k

JUNIPER PLATFORMS: SRX, MX, EX Series Routers and Switches

Access: lists (ACL), Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi

FIREWALLS: ASA Firewall (5505/5510), Checkpoint R 65, R70, R75, R77 Gaia, Cisco ASA, PIX, Juniper

NETWORK TOOLS: Solar Winds, SNMP, Cisco Works, Wireshark, AppDynamics, Wily, SiteScope, Netcool, ELK, Nagios, BMC Remedy, Citrix Netscalar.

LOAD BALANCERS: Cisco CSM, F5 Networks (Big-IP)

WAN TECHNOLOGIES: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET

LAN TECHNOLOGIES: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port-channel, VLANs, VTP, STP, RSTP, 802.1Q

NETWORKING PROTOCOLS: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6

OPERATING SYSTEMS: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix, Python Shell 2.x and 3.x, PEARL.

PROFESSIONAL EXPERIENCE:

Confidential, Burns Harbor, IN

Network Firewall/Cyber Security Engineer

Responsibilities:

• ACS 5.6 migration into Cisco ISE 2.1 due to the functional gap.
• Migrating 4000+ UDN (Utility device Network) to cisco ISE in the first phase of the project. Second phase is to migrate 6000+ ODN (Operation device Network) to ISE.
• Extensive working experience on Aruba controllers and switches like Nexus G), Cisco catalyst 4500, 3850, 3750, 2960-X and so on.
• Configured PA-7050, PA-5260, PA-5020, PA-3050, and PA-3020 and also configured PA-200 for lab environment.
• Upgrade the existing Panorama. Integrating the new firewalls to Panorama.
• Responsible for working on change tickets for existing Palo Alto Firewalls in the environment.
• Conduct network, endpoint, and log analysis by utilizing various consoles on a regular basis to analyze and triage cyber security events e.g. SIEM (Qradar, Splunk, Cylance) IDS, IPS, firewall, etc. and perform continuous hunt activities across the environment.
• Successfully migrated from Cisco over to Checkpoint and Palo Alto Firewalls in given change window.
• Configured Checkpoint Firewall in distributed deployment and also maintaining Site-to-Site VPN Connection through the Firewalls.
• Monitor, operate and support network security devices such as cisco ASA, juniper firewalls.
• Experience with converting 6500 to Cisco Nexus in the data Center environment.
• Configuring OSPF and Static routing on Juniper M and MX series Routers.
• Experience configuring Virtual Device Context in Nexus 7010.
• Implemented antivirus and web filtering on Juniper SRX 240 at the web server.
• Design and Configuring of OSPF, BGP on Juniper Routers (MX960, MX480) and SRX Firewalls (SRX240, SRX550).
• Experience in troubleshoot network issues including boundary protection devices, Cisco Nortel/Avaya and Bluecoat Proxy Servers.
• Configured and maintained 26th NOS network security team devices including IDS, Palo Alto firewalls, Bluecoat web proxies, and load-balancers.
• Maintenance of 27 Cluster gateways across Internal, External, Multi and AWS Cloud environment.
• Created 802.1x wires policy for the ODN access switches.
• Experience Configuring BGP, OSPF on MX routers at Core and sites.
• Involved in configuring and implementing of composite Network models consists of Cisco/Juniper routers and switches.
• Having experience in Migration from Cisco ASA's to Fortinet's Fortigate firewalls.
• Designed 10-gigabit networks using Cisco Nexus 7000 series switches, and Cisco 3800 series routers.
• Worked on Juniper MX series Routers and Cisco 2900, 3500, 4500, 5500, 6500 and Nexus 5K series switches.
• Configuring all the devices per their type with AAA commands for the device authentication using AD, RSA and the ISE internal users depending on the user type.
• Setting up the Radius policy for F5, Palo Alto, WLC and ACME security devices for the PG&E users.
• Addressed technical issues and questions regarding Cisco ISE including troubleshooting and modifications.
• Managing, monitoring, configuration and installation of Aruba controller (7205), AP’s IAP’s - configuration, monitoring & installation of AP and IAP (105, IAP 103, IAP 205, IAP 207) Provisioning of AP’s in Controller, various Licenses (FEP, RF-Protect, and E-LTU) installation for AP’s in controller, Monitoring & troubleshooting of AP’s in controller.
• Worked with F5 Load balancing, IDS/IPS, Bluecoat proxy servers and Administrating.
• Strong experience in network infrastructure - WAN, LAN, WLAN (especially Aruba wireless solution ClearPass-MAC authentication) and associated enterprise equipment.
• Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN.
• Configuration and Integration of Cisco Identity Services Engine (ISE) 2.1.
• Configuring, making policy’s, troubleshoot and upgraded ASA, Palo Alto, NSX FIREWALL and Checkpoint Firewalls for clients.
• Experience working on NetMRI, Infoblox, Tufin & Panorama Pan firewalls and Onecloud NSX.
• Opened, resolved, or updated Tier II Support tickets for Manage Firewall clients.
• Provided Manage Firewall Clients' with regular status reports of their trouble tickets.

Environment: Environment: STP, RSTP, Cisco IOS-XR, Juniper SRX, Juniper EX (Junos enterprise witching), ASA, VTP, VOIP, DMZ, Palo Alto, check point, Port-Channel, BGP, OSPF, EIGRP, SD-WAN, PPP, HDLC, iSCSI, SNMP, DNS, DHCP, solar winds, Firemon, web sense, LINUX, Junos pulse, Fortigate, Cisco spark, Ekahau, Python, Bash, F5 LTM, GTM, ASM, APM.

Confidential, IL

Sr. Network Security Engineer

Responsibilities:

• Expert working knowledge including the ability to setup, configure, upgrade, manage and troubleshoot Cisco routers, switches, VPN concentrators, firewalls, 802.11 wireless access points and load balancers.
• Designed and implemented security systems including various Cisco IOS ACLs, Context-Based Access Control, PIX Firewall (PIX 506, 515), Network Intrusion Detection Systems, AAA Cisco Secure Access Control Server (Radius/TACACS+) and Linux syslog servers. Planned, configured and operated IPsec VPNs.
• Involved in installing Hardware Network devices such as Cisco switches, routers and Wireless access points at MBUSA location sites.
• Involved in Configuring and implementing of Composite network models consists of Cisco7600, 7200, 3800 series and ASR 9k, GSR 12K routers and Cisco 2950, 3500, 3550, 3750, 5000, 6500 Series switches .
• Worked on ASA 5505, 5510 models and migration from PIX to ASA .
• Configured and maintained rule sets in the firewalls and updated them on the daily basis.
• Monitors the network traffic and maintain the records with the help of SPLUNK.
• Knowledge of Cisco ASA firewall, VPN, GRE over IPSec tunnel configuration and Route-maps.
• Provide support to help desk for complex/major network problems. Build the rules for the application access across the IPSEC VPN tunnel.
• Worked with the physical server migration to AWS data center.
• Involved in designing and implementation of AWS network and connectivity b/w physical and AWS DC.
• Used any connect VPN for secure connections with the Cisco ASA Firewalls (5585, 5550, and 5540) and use command line CLI, Cisco CSM, ASDM for day-to-day administration.
• Lead task to configure Cisco Spark to aid in team collaboration with various groups of our organization
• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6 , Bundle Ethernet implementation on ASR 9K redundant pair.
• Designing Azure public and private peering and confidential Data encryption.
• Experienced in configuring IPsec VPN tunnels, site-to-site and remote VPN’s.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP
• Provides Level-3 incident response and problem management support for IP Telephony platforms, interfacing with other key Corporate IT teams, such as LAN, WAN, Security and/or IT Service Center
• Worked on F5 and CSM load balancers deploying many load balancing techniques with multiple components for efficient performance.
• Configuration and maintenance of routers, firewalls , and load-balancers. Included configuration of Juniper ISG 2000, Juniper EX4200, F5 BIG-IP 3600, and Cisco 6500 . Includes protocols such as MPLS, BGP, OSPF, and VRRP
• Worked on NAT (Network address translation) configurations and its analysis on troubleshooting issues related access lists (ACL).
• Configuring and troubleshooting site-to-site IPSEC VPN tunnels using Cisco ASA 5540 for third-party connectivity.

Environment: Cisco ASA 5580/5540/5520 , CheckpointR70, R75, R77.20 Gaia, Palo AltoPA-5000/3000, Big IP F5 LTM/GTM, Nexus switches, TCP/IP, VPN, Bluecoat Proxy servers, IDS/IPS. SIEM and Monitoring, Service Now

Confidential, CA

Network Operations Engineer

Responsibilities:

• LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
• Vlan design and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and Port channels creation.
• Working with OSPF as internal routing protocol and BGP as exterior gateway routing protocol.
• Configuring static NAT, dynamic NAT, Inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation on Cisco ASA Firewalls.
• Installation & Maintenance of Juniper switches routers &firewalls.
• Implemented Juniper firewall &switches.
• Implementing and maintaining WAN/LAN and WLAN networks in different diagrams
• Involved in troubleshootingL3VPN issues and updating Junos images, UTM Anti-virus and IDP.
• Configuring RIP, OSPF and Static routing on Juniper M and MX Series Routers.
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX-series switches.
• Identified opportunities for implementation of network best practices, particularly F5 load balancer implementations .
• Monitor performance of network appliances and WAN utilizing using network analyzer like Wireshark.
• Responsible for providing support for IT infrastructure in the laboratory. Surveillance activities for physical and virtual switches,OpenFlow, 802.1x and MAC authentication test.
• Deployed BIG IP Enterprise manager to cluster all the F5 LTM, GTM, ASA, Netscreen devices for easier management and common configurations.
• Involved in the migration of F5 Local traffic managers of LTM 5100 series to LTM 6800 series for higher security.
• Cloud design: Participate in Amazon AWS / Microsoft Azure network design and implementation.
• BigIP ASM Positive and Negative Policy Reinforcement, iRule, Full proxy for HTTP, Server Performance Anomaly Detection.
• Design and integration of Juniper SSG series firewalls , SA VPN Appliances, J series Routers and EX-series switches.
• I have used Pandas library in python to create inventory csv files and configure csv files to help in Network configuration Automation.
• Create a process and automation to generate a combined report and clean up the unused policy.
• Configuring Routing protocols like BGP, OSPF, MPLS, multicast and L2 protocols in ASA to check it is passing through via ASA in customer deployments.
• Maintenance and trouble-shootingof LAN, WAN, IP Routing, Multi-Layer Switching.
• Perform Packet shaper Bluecoat 75000 OS upgrade, maintenance and configurations
• Shipping Aruba bundle to work with home users
• Palo Alto/Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Assisted in network engineering efforts consistent with the infrastructure of an Internet Service Provider and support of such network services. Helped in designing and implementation of VLAN for the new users.
• Plans, coordinates, implements and supports the LAN / WAN hardware, software and Internet /Intranet integration network connectivity, diagnose network failures and resolve any problems.
• Troubleshoot Frame Relay; T1, T3, IP and OSPF related router and circuit issues.
• Documenting and Log analyzing the Cisco PIX series firewall.
• Configuring and troubleshooting perimeter security devices such as Checkpoint NGX R77 Gaia, Provider-1/MDM, Secure Platform, Palo alto and ASA Firewalls.
• Installation of Palo alto (Application and URL filtering, Threat Prevention, Data Filtering)

Environment: Cisco 2990/3550/6550 switches, Cisco 7200/ 3845/3600/2800 routers, EIGRP, RIP, OSPF, BGP, VPN, Ether Channels, and Sniffer, Data center, Palo Alto Firewalls, Big IP F5 LTM/GTM, TCP/IP, FortiGate, Service Now.

Confidential

Junior Network Engineer

Responsibilities:

• Configured Cisco Routers for OSPF, RIP, IGRP RIPv2, EIGRP, Static and default route.
• Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external escalation procedures and customer notifications.
• Supporting Development team for the access to corporate network and outside world. Providing access to specific IP, Port filter, and port access.
• Monitoring Memory/CPU on various low-end routers in a network.
• Configured the Cisco router as IP Firewall and for NAT. Switching (Ethernet) related tasks included implementing VLANs and configuring ISL trunk on Fast-Ethernet channel between switches.
• Installing new equipment to RADIUS and worked with MPLS-VPN and TACACS configurations.
• Installing and maintaining local as well as network printers.
• Validating existing infrastructure and suggesting new network designs.
• Working on creating new load balancing policies by employing BGP attributes including Local P, AS-Path, and Community, MED.
• Providing technical support to LAN & WAN systems.
• Configuring all the required devices and equipment for remote vendors at various sites and plants.
• Installation and maintenance of new network connections for the customers.
• Installing and maintaining Windows NT Workstations and Windows NT Server.
• Monitor performance of network and servers to identify potential problems and bottleneck.
• Real-time monitoring and network management using Cisco Works LMS.
• Configuring routers and send it to Technical Consultants for new site activations and gives online support at the time of activation.
• Provided technical support for hardware and software related issues to remote production sites.
• Performed administrative support for RIP, OSPF routing protocol.
• Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
• Involved in Configuration and management of networks using L3 protocols like RIPv2, OSPF and EIGRP.
• Responsible for initial MPLS configurations for customers such as various interface configuration and routing protocols such as EIGRP, OSPF, & BGP, and COS.
• Experience in Configuring VLANs, Private VLANs, VTP and trunking on switches.

Environment: Cisco 2990/3550/6550 switches, Cisco 7200/ 3845/3600/2800 routers, EIGRP, RIP, OSPF, BGP, VPN, Ether Channels, and Sniffer, Data center

Confidential

Junior Network Engineer

Responsibilities:

• Involved in configuration and management of different Layer 2 switching tasks, which includes address learning, efficient switching etc.
• Dealt with the escalation problems from Level1, Level 2 & Level 3 for routing, switching and WAN connectivity issues using ticketing system Remedy.
• Configured & maintained LAN, WAN, VPN, and WLAN on Cisco Routers.
• Managing and configuring of Wide Area Networking Protocols like HDLC, PPP.
• Configuring Routing Protocols like EIGRP and OSPF.
• Implemented the concept of Route Redistribution between different routing protocols.
• Involved in HSRP, VRRP, GLBP configuration and troubleshooting and Port channel management of the network.
• Dealt with NAT configuration and its troubleshooting issues related access lists and DNS/DHCP issues within the LAN network.
• Switching related tasks included implementing VLANS, Ether channel and configuring ISL trunk on Fast - Ethernet channel between switches.
• Configuration included VTP, STP port features, enterprise security using Cisco Port Security.
• Involved with the Systems team to Install, configure, & maintain AD, DNS, DHCP on Windows Server, and configured a FTP server.
• Analyze Log messages using Syslog server and analyze the issues related to high CPU utilization and parameters that can degrade performance of the network.

Environment: Cisco Routers 2900, 2600, 3600; Cisco Switches 1900, 2900, 3500, 3700 and 450 Series; LAN/WAN: Frame relay, NAT, DHCP, TCP/IP.