Sr. Network Security Engineer Resume
OBJECTIVE:
Cisco, Juniper, F5 certified with MS Telecom (SMU Dallas) degree and over 12 years of technical expertise in infrastructure architecture, design, configuration, implementation, migration, administration and support in Routing, Switching, Security, Data Center environments seeks a Senior/Lead Network Engineer/Architect role.
PROFESSIONAL SUMMARY:
Degreed Network Engineering professional with hands - on expertise on Route/Switch/Security Infrastructure builds, migrations, new product/service rollouts using Cisco/Juniper/F5/Alcatel vendor equipment. Prepared design documents, procedures (MOPs), new service rollouts, performed lab testing on procedures, performed field implementations, handed-off to junior teams and oversaw implementations. Performed technical roles that ranged from Architecture to hands-on implementations including cable layout, rack/stack, device installs, configuration, implementation and completions.
HANDS-ON TECHNICAL EXPERIENCE:
Cisco Routers: Cisco CRS-1, 12,000 GSR, ASR9K, 7600, 7200, 3800, 2600 series.
Juniper/Alcatel Routers: Juniper MX-960, M320, J6350, ALU 7750 and 7705 series
Routing Protocols: RIPv2, EIGRP, OSPF, BGP, MPLS/VPNs (VRFs, RD, RT, Communities), LDP
Switches: Nexus 5K, 7K series, Cisco Catalyst 6500 to 2900 series, Juniper EX- 4200, 4300, 4500 series
Firewalls: ASA 5510, 5515, 5585, FWSM, Juniper ISG2000, SRX 3600, 5800, 4200 & F5 Big IP 5200 AFM
Load Balancer: CSS, ACE 4700 series. Basic F5 LTM configuration.
Technologies: SONET, MPLS/VPN, HSRP, VRRP, VPC, VPC+, VDC, FCOE, DMVPN
Tools: SevOne, Spectrum, eHealth, Solar Winds, SevOne, NSM, JunosSpace, Big-IQ, MS Visio, Ansible
PROFESSIONAL EXPERIENCE:
SR. NETWORK SECURITY ENGINEER
Confidential
Responsibilities:
- Provide leadership role on new security infrastructure design, implementations, new DMZ creations, Pod migrations, data center moves on F5 Big IP 5200 AFMs, Juniper SRX 3600, SRX 5800 & SRX 4200 Firewalls
- Design, deploy, implement multi-vendor equipment that includes creating & adding partitions, route domains, LTM pools & virtuals, ha-groups, Vlans, dual stack IPs, default/static routes on F5 AFMs, importing into Big-IQ and creating zones, routing instances etc. on Juniper SRX devices
- Prepare MOPs to assist installation teams to ensure successful changes to Juniper SRX 3600, SRX 5800 and F5 AFM Firewall code upgrades
- Provide consultation to multiple teams on troubleshooting, designing, on-boarding, risk mitigation and operational improvement
- Lead incident investigations, diagnosis to identify and resolve issues related to product performance, policy, connectivity, disruptions, perform network capture & analysis, verify session flows, perform lab testing to duplicate symptoms and resolve production issues
- Prepare procedures to perform ISG, SRX 5800 decoms, engage internal teams to ensure network asset management, equipment removal, document inventory for disposal/repurpose per standard guidelines
- Provide leadership in technical knowledge and assist in development of policies and procedures to effectively maintain and upgrade network infrastructure
CONSULTANT SR. NETWORK ENGINEER
Confidential
Responsibilities:
- Deployed and maintained access-lists, FW policies and VPN tunnels on Cisco ASA platform, utilizing firewall filters, policing, policy options and statements and provided support.
- Deployed, Configured Solar Winds NPM 12.0, associated modules that include SW console, Network Atlas 14.0, Orion server and worked with vendor to implement feature, capacity and performance optimization
- Created maps for global, regional, national and local locations, imported node locations in bulk, managed capacity, created groups, custom properties and prepared queries to collect, store and display info.
CONSULTANT SR. NETWORK ENGINEER
Confidential
Responsibilities:
- Developed design layout and configured NX 2K, 5K, 7K and 9K utilizing VDC, VPC peering, Virtual port-channels to perform data center expansion
- Configured FW filters, policing, policy options, statements on Juniper NetScreen, SRX & Checkpoint FWs
- Configured and implemented F5 features, applications, access control including packet filters and iRules
CONSULTANT SR. NETWORK ENGINEER
Confidential
Responsibilities:
- Developed standards, design and Engineered solutions to support BOA network infrastructure
- Prepared data center migration plans, platforms, prepared failover plans and performed migration.
- Defined requirements, evaluated design and performed device configuration to support functional releases
- Updated, managed, monitored and supported enterprise network, security operations infrastructure based on Cisco ASR, 7200 6500 routers, NetScreen ISG 2000, Juniper SRX and Checkpoint Firewalls
- Resolved escalated connectivity, performance, availability, security, performance and overall functionality
CONSULTANT SR. NETWORK ENGINEER
Confidential
Responsibilities:
- Performed migration from Cisco 7600 to MX-960 & ASR 9K routers and Nexus 2K and 5K series for data center redundancy project.
- Defined product requirements, evaluated design, optimized solutions and prepared faster reusable MOPs.
- Led network team, worked with cross functional leads to provide solutions for mission critical deployments.
- Performed configuration after change management approvals and verified services after migration.
- Performed problem analysis for complex network deployments, provided highest-level problem management.
- Participated in design and implementation of migration as per processes, standards and assessments.
CONSULTANT SR. NETWORK ENGINEER
Confidential
Responsibilities:
- Performed LAN migration from Cisco Catalyst 3750 to Juniper EX4300 switches in a virtual-chassis, prepared migration documents, configuration templates, MOPs, network diagrams for campus environment.
- Prepared migration plan, schedule and perform critical migration from Cisco LAN infrastructure to stackable Juniper EX series infrastructure and verified service restoration after migration
- Upgraded Juniper EX 4300 series switches from Layer 2 to Layer 3 on multiple sites
CONSULTANT SR. NETWORK ENGINEER
Confidential
Responsibilities:
- Developed network solutions and standards documentation including high level and detailed designs, network diagrams, configuration templates, implemented projects and monitored solution
- Configured FW ACLs, Object-groups, NAT, IPsec, AnyConnect VPNs, Policy etc.
- Configured Cisco ACE Load Balancers and resolved LAN/WAN, STP, HSRP, VRRP issues
CONSULTANT SR. NETWORK ENGINEER
Confidential
Responsibilities:
- Performed migration from Layer 2 to Layer 3 on different platforms of Cisco Catalyst 4900, 4500, 3700, 3500 series switches and configured Cisco Nexus 2000, 5000 and 7000 series switches.
- Performed configuration, upgrades, troubleshooting for global network infrastructure expansion project.
- Prepared project tasks: Site designs, flows, checklists, implemented schedules & resolved migration issues.
CONSULTANT SR. DATA CENTER ENGINEER
Confidential
Responsibilities:
- Prepared topology design, performed configuration, upgrades and troubleshooting on Juniper J6350 routers and Juniper SRX Firewalls.
- Performed Data Center migration involving EX2200 switches in a multi-location Juniper based network infrastructure & monitored network performance.
CONSULTANT NETWORK ARCHITECT
Confidential
Responsibilities:
- Performed migration for 160 PE pair Cisco 7600/6500 core routers to Juniper MX 960 platform & ASR 9K for Voice Aware Networks (VAN) backbone using IPv4 & IPv6 schemes across the globe.
- Provided guidelines for service migrations and troubleshooting on BGP, MPLS/VPN issues for MIS, PNT, AVPN customers and infrastructure issues, intra/inter service Route Reflector issues using Juniper M320.
- Performed lab tests and prepared deployment guidelines for new product/technology insertions, FFAs etc.
- Provided deployment guidelines to perform service migrations from multiple legacy models to new service models, decommissioning existing product/service elements and post migration cleanups
- Worked with Architecture team to evaluate new service features and prepare deployment guideline documents, test in lab and implement in field. Performed Element/Service/Network Validations.
- Led teams on project scope, tasks, deliverables, provided updates and resolved escalations from tier 3.
SR. NETWORK ENGINEER
Confidential
Responsibilities:
- Prepared MOPs, plan, test and implement routing/switching infrastructure projects on approved changes
- Performed configuration, troubleshooting on Cisco ASR 9K, 7600, 6500, 4900, 4500, 3700 issues that involved OSPF, BGP, MPLS, HSRP etc
- Performed configuration, failover testing, troubleshooting of devices and resolved escalated issues
NETWORK ENGINEER
Confidential
Responsibilities:
- Configured Cisco Core Routers, Catalyst Switches, Firewalls, Load balancers for LAN/WAN infrastructure, performed Vlan, port, trunk & ether-channel configurations, FW and load balancer configuration, changes etc.
- Configured Cisco ASA firewalls, contexts, access-lists, object-groups, policy changes, NAT, IPsec, SSL
- Prepared templates and configured ACE load balancer, ACE module and performed troubleshooting
- Resolved DDOS attacks & mitigated impacts by traffic engineering to alternate providers, monitored traffic based on peak flow, device management based on spectrum, performed network analysis based on e-health
- Provided configuration on Nexus 2000, 5000, 7000 series switches, VPC & VDC configuration etc.
CONSULTANT NETWORK ENGINEER
Confidential
Responsibilities:
- Performed router, switch installations, upgrades & oversaw Confidential support center migration to Raleigh, NC.