SUMMARY:

• 6+ years of experience in networking, installing, configuring and maintaining network devices.
• Hands on experience in configuring Cisco Catalyst 2960, 3750,3850, 4500, 6500 and Nexus 3000, 5000, 6000, 7000, 9000 series switches and Cisco 2600, 2800, 3600, 3800, 7200, 7600 series routers.
• Implementing IP addressing schemes, LAN/WAN protocols, IP Services, to meet network requirements in different environments.
• Expertise in Configuration of Virtual Local Area Networks (VLANS) using Cisco routers and multi - layer Switches and supporting STP, RSTP, PVST, RPVST along with trouble shooting of inter-VLAN routing and VLAN Trunking using 802.1Q.
• Implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology (LACP, PAgP).
• Proficiently implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, Route Maps and route manipulation using Offset-list.
• Hands on experience in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN.
• Extensively worked on Cisco catalyst 6509 and implemented VSS along with VDC and VPC on Nexus 5505, 7009 switches.
• Performed configuration, deployment and support of cloud services including Amazon Web Services(AWS) and deploy monitoring, metrics, and logging systems on AWS.
• Comprehensive expertise in the implementation of optimization, analysis, troubleshooting and documentation of LAN/WAN networking systems.
• Working knowledge on configuring access lists. Troubleshooting DNS/DHCP issues within the LAN network.
• Involved in troubleshooting network traffic and its diagnosis using tools like ping, traceroute, WireShark, TCP dump and Linux operating system servers.
• Implemented many number of security policy rules and NAT policy rules on Palo Alto, created Zones, Palo Alto Firewall interface, Palo Alto IDS and VLAN.
• Hands-on experience on Checkpoint Firewall R77, Palo Alto and Cisco ASA 5520 firewalls.
• Experience with Network Automation using Python.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP, V4, V6, MPLS
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution.
• Migration with Checkpoint, Cisco ASA and VPN experience.
• Experience in configuring Virtual Device Context in Nexus 7010.
• Responsible for Check Point and Cisco ASA firewall administration across global networks.
• Experience in Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering)
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.

TECHNICAL SKILLS:

Cisco Routers: 2600, 2900, 3600, 3800, 7200 and 7600

Juniper Routers and firewalls: MX240, MX480, MX960, SRX1500 and SRX5600

Cisco L2 & L3 Switches: 2900, 3560, 3750, 3850,4500, 4900, 6500, Nexus 5K/7K/9K

LAN Technologies: Ethernet, Fast Ethernet, and Gigabit Ethernet, SMTP, VLAN, Inter-VLAN Routing, VTP, STP, RSTP, Light weight access point, WLC.

Leased lines 128k: 155Mb (PPP / HDLC), Fiber Optic Circuits, Frame RelayISDN, Channelized links (T1/DS3/OC3/OC12), Load Balancing.

Network Security: Cisco ASA, ACL, IPSEC, Juniper SRX, QFX, EX.

OS products/Services: DNS, DHCP, Windows (2000/2003/2008, XP), UNIX, LINUX.

MPLS, OSPF, EIGRP, BGP, RIP: 2, PBR, IS-IS, Route Filtering, RedistributionSummarization, Static Routing, IPv4,IPv6.

Gateway Load Balancing: HSRP, VRRP, GLBP

Various Features / Services: IOS and Features, HSRP, GLBP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP,TFTP and FTP Management

Network Management Tools: Wireshark, Netflow Analyzer, Cisco Works, Ethereal, SNMP, HP open view, Ethereal, Solarwinds, Splunk.

Security Server Protocols: TACACS+, RADIUS, Cisco FirePOWER

Facilities: DS0, DS1, DS3, OCX, T1/T3

Load Balancers: Cisco CSM, F5 Networks (Big-IP) LTM 8900, Cisco ACE 4710.

Operating Systems: Windows (98, ME, 2000, XP, Server 2003/2008, Vista, Windows 7), Linux

Firewall & Security: Checkpoint, Palo Alto, Cisco ASA 5520, PIX 501, 515E, 520, API

PROFESSIONAL EXPERIENCE:

Confidential, Phoenix, Arizona

Network Security Engineer

Responsibilities:

• Installing and configuring new Cisco equipment including Cisco catalyst switches 6500, Nexus 7010, Nexus 5548 and Nexus 2k as per the requirement of the Organization.
• Experience in implementing Next Generation Firewalls (NGFW) such as Bluecoat Proxy and other vendors such as Palo Alto networks NGFW for URL filtering.
• Experience in configuring VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 7010/7018.
• Configured Palo Alto Networks Firewall models PA-3k & PA-5k (PA 3060, PA 5060 and PA 7050) as well as a centralized management system (Panorama) to manage large scale Firewall deployments.
• Help customers build scalable, resilient, and high-performance applications and services on AWS.
• Involved in migrating the architecture from regular VM's to AWS Cloud Management.
• Assist in the fulfillment of cloud-based infrastructure and migration of applications and data.
• Supported the implementation of cloud-based IT environments using virtualization and data center technologies.
• Built and managed Azure cloud based systems for rapid deployment and integration with Azure infrastructure.
• Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/ switches/ firewalls.
• Worked with Palo Alto firewalls PA 5050 using Panorama servers and performing changes to monitor/block/allow the traffic on the firewall.
• Implementation of several enterprise customer data cloud environments with Microsoft on UNIX/Linux/Windows platforms for data transformation of telecommunication and networking applications.
• Worked on Pulse Secure desktop client added new features such always-on and on-demand VPN to meet the specialized needs of its customers.
• Participated in many large-scale network projects and possessed profuse experience regarding the design, deployment, configuration and maintenance of Cisco network products for enterprise-class customers.
• Monitoring projects on Siems, Logs, and IDS.
• Daily responsibilities included design, implementation, support and administration of multiple security products running CheckPoint Provider-1 and SourceFire.
• Provided Tier 3 support on SourceFire IPS/NGFW sensor placement and deployments.
• Monitoring and analyzing network traffic, Intrusion Detection Systems (IDS) and Instruction Prevention Systems (IPS), security events and logs.
• Monitoring Network using Network Auditor and follow up IDS and ISP and do reports weekly.
• Review the Security Information Management (SEIM) tool interface, as the tool correlates and aggregates alert data from multiple IDS sensor types and additional security devices.
• Robust Cisco voice skills for Cisco Unified Communications Manager, Cisco unity connection and Cisco voice gateways deployment and post implementation support.
• Help to build API capability including various aspects like security, services governance and policy management.
• Enterprise cloud computing and virtualization for tier 1 enterprise applications.
• Worked on Pulse Mobile Security Gateway (MSG) product. MSG manages security and policies on mobile devices including Android and Windows Mobile. Major wireless service providers use MSG.
• Configured Firewall, IPS, and QoS by SDM and provide security by Prefix list, Access- List and by Distribution List.
• Automated network implementations and tasks and designed monitoring tools using python scripting.
• Advanced understanding of IT Security, OSPF, VRF, BGP, Cisco DMVPN, Multicast, IPSEC, and IP management deploying Cisco routers, switches, and ASA firewalls, Juniper MX, SRX, and EX devices.
• Supported design and planning of Juniper MX and SRX products and associated solutions within the Customer infrastructure.
• Configured Site to Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
• Installation using Cisco 7500, 8500, 5508 Wireless LAN controllers, Cisco Prime Infrastructure equipment and Cisco Identity Services Engine (ISE).
• Troubleshoot connectivity issues using Aruba ClearPass, SolarWinds NPM/NCM and other technological resources as required.
• Expertise in document creation with technical configurations, security standards design and network documentation using MS Visio.

Confidential, Fort Worth, TX

Network Firewall Engineer

Responsibilities:

• Involved in migrating physical Linux/Windows servers to cloud (AWS) and testing.
• Installed, configured and maintained DNS systems using Route53 (AWS) and used Cloud watch for basic and detailed monitoring of AWS resources.
• Designing, implementing LAN/WAN configurations on Cisco Nexus 5K, catalyst 6500 switches.
• Configuration and Installation of Juniper EX 4500, MX-480, M Series, and SRX210.
• Configured RIP, OSPF and Static routing on Juniper M and MX series Routers.
• Be able to identify and troubleshoot VoIP service-impacting troubles and provided technical support for Residential and Business VoIP customers.
• Replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as Firewalls and application inspection.
• Reviewed and recommend appropriate action on network data from IDS/IPS, routers, and firewalls devices deployed on customer networks as it relates to internal and external attack.
• Made recommendations for the findings, what rules and which ones to be turned on within the IDS.
• Daily management of activities to include DMZ, Enterprise, Wireless and Data Center Network.
• Wrote and edited team technical documentation across multiple topics, with an emphasis on IPS/IDS .
• Deployment and support for Cisco Unified Communications Manager, Cisco Unity Connection, and Cisco Voice Gateways.
• Expertise in maintenance of layer2 switching tasks - VLAN, VTP, RSTP, configuration of ether channel with LACP and PAGP along with troubleshooting of inter-VLAN routing.
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525) & ASA 5500(5510/5540) Series.
• Experience with converting PIX rules over to the Cisco ASA solution.
• Configured Cisco switches 6500, 4500, 3750 to support voice and data with custom QoS policy.
• Performing network monitoring, providing analysis using various tools like Wireshark, Splunk, Solar winds etc.
• Experience working in Datacenter environment, configuration changes as per the needs of company.
• Configured Cisco ISE server to authenticate wired and wireless clients with certificate and MAC options.
• Networking responsibilities included Cisco Routers, Switches, Wireless, Optical and Electrical cabling, security applications, VPN and firewall.
• Worked on F5 BIG-IP LTM 8900, configured profiles provided and ensured high availability.
• Buildout and integrated Cisco ISE at 2 data centers.
• Helping them to set up point to point OSPF connection on their Cisco and juniper routers like MX, EX, ASR series devices with their current network.
• Configure, deploy, maintain, and troubleshoot Networking equipment such as security and NAT policies on firewalls, routing policies on Juniper MX, EX, SRX in both Corporate Infrastructure and Website Production networks.
• Implemented site-to-site VPN in Juniper SRX as per customer.
• Installed, Configured and tested Cisco Wireless (Aironet 3700, 2700,1600, 700W) and Aruba wireless devices.

Genentech, San Francisco, CA

Network Engineer

Responsibilities:

• Experience with Checkpoint Firewall policy provisioning.
• Migrating the policy from Checkpoint Firewall to Cisco ASA firewall.
• Identify, design and implement flexible, responsive, and secure technology services.
• Experience with Firewall Administration, Rule Analysis, Rule Modification.
• Configured and resolved various OSPF issues in an OSPF multi area environment.
• Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing.
• Installed different software on the systems. Install and managing network devices including Hubs, Switches.
• Experience working on F5 load balancers and ASA firewalls.
• Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards.
• Planned resources and presented project status to higher management.
• Created and delivered internal trainings for BGP.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support
• Supporting EIGRP and BGP based PwC network by resolving level 2 &3 problems of internal teams & external customers of all locations

System Engineer

Confidential

Responsibilities:

• Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external escalation procedures and customer notifications. Configured Cisco Routers for OSPF, RIP, IGRP RIPv2, EIGRP, Static and default route.
• Configured the Cisco router as IP Firewall and for NATting.
• Worked with the Help Desk for circuit troubleshooting to give Support to the Tech persons at the site.
• Switching (Ethernet) related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
• Troubleshooted and escalated issues to identify and repair network issues for WAN, Voice, Video, Internet connections and end-user issues.