PROFESSIONAL SUMMARY:

• CCNP, CCNA & PCNSE Certified Network Engineer with over 8 Years' experience in network design, implementation, and support. Routing, switching, firewall technologies, system design, implementation and troubleshooting of complex Network Systems.
• Advanced knowledge of OSI model, TCP/IP, Internet technologies, system security, firewall infrastructure, network architecture and Cisco network routing / switching (Layer 2 and 3) experience, including LAN and WAN, design and implementation which includes Layer 1 to Layer 7 experience.
• Working knowledge of routing protocols for voice: VoIP, IPSEC, Multicast, MPLS, DSCP/QoS, Cisco IOS and Wireless security protocols (I.E. 802.1x, EAP, WPA2)
• Expertise in deployment and configuration of routing protocols such as OSPF, EIGRP and BGP.
• Experience on F5 LTMs & GTMs to improve web application delivery speed and replication through and between distributed global data centers.
• Worked on F5 Enterprise Manager 3.1 version to manage multiple F5 LTM devices from single - pane view. Worked on Panorama firewall management tool which provides centralized monitoring and management of multiple Palo Alto devices from single window.
• In depth knowledge with network monitoring and performance tools such as Solar Winds, Whatsupgold and Wire shark.
• Strong hands on experience implementing and troubleshooting Switch technologies such as STP, RSTP, MSTP and VTP along with troubleshooting of inter-VLAN routing. Implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology.
• Knowledge of network security protocols such as IPSEC tunnels, GRE tunnels, NAT/ PAT, ACLs and VPN - MP-BGP. Experienced in trouble-shooting both connectivity issues and hardware problems on Cisco based networks.
• Experience in installing and configuring DNS and DHCP server Migrated and implemented new solution with Cisco ASA firewall series 5505, 5510 and 5540.
• Strong knowledge on networking concepts like TCP/IP, Routing and Switching. Hands on experience on Up-gradation of Cisco IOS & Firmware of different Cisco devices & modules.
• Experience in migration of servers from traditional Nexus environment to ACI
• Worked on firewall technologies including general configuration, optimization, security policy, rules creation and modification of Palo Alto.
• Experience with devices Palo Alto Network firewalls such as security NAT, Threat prevention URL filtering.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX series security appliance. Worked on various blades like IDS/IPS, URL filtering on Cisco ASA.
• Experience in configuration of Checkpoint 600, 1100,4800,12000 appliances. Implement duo security two factor authentications for remote access VPN on Cisco ASA.
• Worked on various security tools like Cyber Ark, Qualys Guard and Rapid 7 for effective rule utilization on Checkpoint firewalls and accessing network devices securely.
• Worked with Cisco ISE to identify threats in the network for rapid containment and remediation.
• Experience managing and maintaining Infoblox IP Address Management Appliances.
• Adapt in preparing Technical Documentation and presentations using Microsoft VISIO/Office.

TECHNICAL SKILLS:

Routers: Cisco 1900, 2600, 2800, 2900, 3600, 3800, 3900, 7200, 7600, GSR 12000, 7500, ASR-901, ASR-903, ASR 5500

Switches: Cisco Catalyst 3550, 3750, 4500, 4900, 6500 sq. 2248, 5548 and 7010

Firewalls & Load Balancers: Cisco ASA 5540 series, Checkpoint, Palo alto PA2020, PA3050, PA5050, IPSEC and SSL VPN, IPS/IDS, IOS Firewall features, DMZ set up, F-5 LTM.

Routing: OSPF, EIGRP, BGP, RIP, PBR, Route Filtering, Redistribution, Summarization, Static routing

Switching: VLANs, Dot1Q, VTP, STP, RSTP, VLAN Maps, HSRP, GLBP, CEF, DCEF, Port Security

LAN/WAN Technologies: Ethernet, Frame relay, MPLS, HDLC, PPP, T1, T3, OC Standard, DSL, ISDN

Protocols: IP, TCP, UDP, ICMP, NAT, DHCP, SNMP, IPSEC, SSL, HTTP, SSH

AAA Architecture: TACACS+, RADIUS, Cisco ACS

Network Monitoring and Management Tools: Solar winds, Wire Shark, SNMP, Elastic Search, Log stash and Kibana and What Sup Gold

Operating Systems: Windows Server 2008 R2/ 2003, Windows XP Professional, Red hat LinuxUNIX Sun Solaris 9/8

PROFESSIONAL EXPERIENCE:

Confidential, Atlanta, GA

Sr. Network Engineer

• Experience in Spine Leaf Architecture, EVPN, VXLAN. Worked on software Defined Network solutions using Cisco ACI.
• Responsible for configuration, monitoring and troubleshooting of LAN, VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel on Cisco Cato's and IOS Switches (2960,3500,3570,3850, 4948,6500/E, 7600).
• Implemented Cisco 5500-X Firepower and Cisco Sourcefire IPS & Fire Eye, managed Cisco IDS and IPS modules with Firepower Management Center.
• Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN Controllers, Catalyst Switches, and Cisco ASA Firewalls.
• Involved in troubleshooting network traffic and its diagnosis using tools like ping, trace route, WireShark, and UNIX operating system servers.
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E) & ASA 5500(5510/5540) Series.
• Monitored network and provided analysis, improvement scopes & support using monitoring tools as Whatsup gold and Application Manager.
• Configured Access List ACL (STD, Ext, and Named) to allow users all over the company to access different applications and blocking others.
• Opening the change requests (CR) and working on the assigned tickets in the SNOW requests and following up with the appropriate teams and have meetings with them to solve the tickets

Environment: Cisco routers, switches, ACI, Cisco ACS, ISE, Cisco ASA, Firepower, Whatsupgold, Application Manager, BGP,EIGRP and Rapid 7

Confidential, Milford, Connecticut

Network Security Engineer

Responsibilities:

• Worked with Cisco Layer 3 switches 6500, 4948; Cisco Nexus 9396 and 7010 with the use of inter-VLAN routing, 802.1Q trunk, ether channel
• Planned migration of servers from traditional Nexus environment to ACI.
• Monitor network infrastructure with Solar Winds for treading, and analysis on all Cisco routers, switches, and firewalls.
• Skilled in troubleshooting complex network issues on a global enterprise network.
• Complex troubleshooting to include network protocol and log analysis, raw data captures, and the correlation of disparate events spanning multiple devices and platforms.
• Worked with Cisco Nexus 2148 Fabric Extenders and Nexus 7010, 5000 series switches to provide a Flexible Access Solution for datacenter access architecture
• Deploying and decommission of VLANs on core ASR 9K, Nexus 9K, 7K, 5K and its downstream devices and configure 2k, 3k,7k series Routers.
• Configured and troubleshooting the F5 LTM APM and providing level 2 support for the customers.
• F5 build-out of the base F5 BIG-IP infrastructure, including the BIG-IP 10200v platforms and vCMP guest instances.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Support the Solar Winds platform for monitoring the network for any network related issue
• Worked in setting up Inter-VLAN routing, redistribution, access-lists and dynamic routing.
• Implemented SNMP on devices to allow for network management.

Environment: Cisco routers, switches, ASA Firewalls, Palo alto Firewalls, F5, OSPF, EIGRP, BGP routing protocols, Solar winds, Net brain, VLANs, VVMS and Qualys Guard.

Confidential, Greensburg, Indiana

Network Engineer

Responsibilities:

• Configured, deployed and maintained Core and Access network switches.
• Configuration of Cisco 3750 and 6509 multilayer switches for secure network access using tools such as VLANs and port security.
• Distributed system and infrastructure. Clustered distributed controller for Cisco Application Centric Infrastructure (ACI), SDN. Model-based ACI/SDN controller.
• Application Centric Infrastructure (ACI) L4-L7 services deployment: Develop L4 to L7 service chaining and traffic steering for ACI controller. Develop ACI model and implement resource management for service deployment
• Configured DFC3 with DFC4 while upgrading 6509 to SUP2T
• Experience managing and maintaining Infoblox IP Address Management Appliances.
• Involved in IP addresses allocation for all the Networking devices including switches, routers, and firewalls through DNS entry using Infoblox.
• Configured back door local admin passwords on more than 1000+ various devices through NETMRI Script. Modified Script as per device type.
• Worked on Qualys Guard for security scans and vulnerability management
• Engineered and authored enterprise implementation plans, correcting security vulnerabilities and standardizing configurations.
• Performed as a Network Engineer in Migrating Cisco ACS deployment to Cisco ISE Deployment.
• Troubleshooting the VPN tunnels by analyzing the debug logs and packet captures. Advanced knowledge in Design, Installation & configuration of Palo Alto.
• Configured SNMP on Palo Alto firewalls 3060, 5060, 7050 for receiving incident alerts and notification and wrote SSL decryption policies for decryption of traffic to provide Anti-virus, Malware protection.

Environment: Cisco routers, switches, ASA Firewalls, OSPF, EIGRP, BGP protocols, VLANS, wire shark, Infoblox,IP, TCP, UDP, NAT, DHCP, HTTP, SSH.

Confidential, Lakeland, FL

Network Engineer

Responsibilities:

• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Built site-to-site IPSec VPNs over Frame-relay & MPLS circuits on various models of Cisco routers to facilitate adding new business partners to new and existing infrastructure.
• Configured and resolved various OSPF issues in an OSPF multi area environment.
• Setting up VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K, 2k and its downstream devices.
• Responsible for building and managing field enablement and training, channel partner go to market strategy and engagement for Cisco Nexus 9K and ACI.
• Experienced in installation, configuration and maintenance Cisco Nexus 7010, 5548, 2148
• Troubleshooting the various issues while upgrading and installing the new supervisors on Nexus 7K.
• Worked on Datacenter Migration project to migrate the existing 6509, 4509 devices to a Nexus 7010, 5010 and Nexus 2248 FEX based solution.
• Upgraded with Nexus 9k, 7k and 5k switches to deal with the vulnerability issues.
• Hands on experience in configuring Cisco Catalyst 2960, 3750, 4500 and 6500 switches.
• Optimized performance of the WAN network consisting of Cisco 3550/4500/ switches by configuring VLAN.
• Successfully installed Palo Alto Next-Generation PA-3060, PA-5060 firewalls to protect Data Center with the use of IPS feature
• Configuring rules and Maintaining Palo Alto with IPS module & Analysis of firewall logs.
• Worked with IDS/IPS to identify threats in the network for rapid containment and remediation.
• Worked on F5 LTMs & GTMs to improve web application delivery speed and replication through and between distributed global data centers.
• Used F5 GTM for external DNS resolutions configured all listeners and created all zone files, A record and Names.
• Worked on F5 VIPRIONS 2400 model with dual blades also had licensed this chassis with vamps which can run multiple instances and versions of BIG-IP.
• DNS administration like adding/modifying/deleting IP and DNS assignments using log messages
• Established network design standards that focus on current and future global security requirements via PCI-DSS.
• Regularly conduct Audits on tools that I manage, and provide documentation to show compliance for PCI-DSS Audits
• Proactively monitor and manage all productions network systems to maximize system availability in NetScaler.
• Worked on Fort iGATE 5000-series security appliance to maintain SSL Inspection, Application control, Firewall and VPN management
• Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
• Configuration and Installation of Cisco firewalls ASA (5510, 5520 and 5540).
• Implemented Duo Security two-factor authentication as a service to access data centers via VPN.
• Shared the data with integrated partner solutions to accelerate the capabilities to identify and remediate threats using Cisco ISE.
• Establishing VPN tunnels using IPSec encryption standards and configured and implemented site-to-site VPN, Remote VPN.

Environment: Cisco routers, switches, ASA Firewalls, Palo alto Firewalls, OSPF, EIGRP, BGP routing protocols, VLANs, F5 load balancers, checkpoint, wireless access points, IP, TCP, UDP, ICMP, NAT, DHCP, SNMP, IPSEC, SSL, HTTP, SSH protocols.

Confidential, Campbell, CA

Network Engineer

Responsibilities:

• Hands on experience in configuring high end routers like GSR 12000 series, 7500 series and Catalyst Switches like 7600, 6500, 4500 series.
• Configured and resolved various OSPF issues in an OSPF multi area environment.
• Installing, configuring Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, BGP v4. Configured IP access filter policies.
• Installed and configured high availability Big IP F5 LTM and GTM load balancers like 6600, 6800 to provide uninterrupted service to customer applications and monitoring the availability.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Worked on firewall technologies including general configuration, optimization, security policy, rules creation and modification of Palo Alto.
• Detailed knowledge of Palo Alto PAN-OS and experience in feature like Panorama, Hashing, Definition, Wildfire, URL filtering, Zone creation, Intrusion Detection System (IDS), Intrusion Prevention (IPS), DNS sinkhole, Zero-day attack protection, Advanced Endpoint protection and SaaS Security. Deployed Python scripts to perform admin tasks, report generation and push new changes.
• Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco ASA and Check Point firewalls.
• Deployed & Implemented rules and created various zones in Palo Alto firewalls like PA2020 and PA2050.
• Experience with Check Point Firewall Management station operations. Maintained and Configured Check Point VSX with firewall virtualization.
• Installing and configuring F5 Load balancers and firewalls with LAN/WAN configuration.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Developed and executed datacenter migration plan for all managed security services such as firewalls, IDS, VPNs and authentication servers with no impact on production environments.
• Worked with Cisco ISE to identify threats in the network for rapid containment and remediation.
• Initially analyzed the data for critical to moderate vulnerabilities as detected by a Vulnerability Scanner such as Qualys Guard or Nessus. Filtered out as much false positive or redundant vulnerabilities as necessary.
• Performing URL filtering and content filtering by adding URL's in Bluecoat Proxy SG's.
• Installation, Maintenance, Troubleshooting Local and Wide Areas Network by using ISDN, Frame relay, DDR, NAT, DHCP, and TCP/IP
• Provide Tier II Level Load Balancer expertise on F5 BigIP Local Traffic Managers (LTM). Designing F5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.
• Expertise in configuring of MPLS, IP Multicast, VPN and Policy Based routing
• Made DHCP and DNS changes through Infoblox.
• Used Infoblox to create and manage newly created DHCP scopes.
• Responsible for Enterprise DHCP Server (Infoblox) and VPN, SSL, and Net Motion Accounts.

Environment: Cisco routers, switches, Palo Alto Firewalls, OSPF, EIGRP, BGP routing protocols, VLANs, F5 load balancers, checkpoint, Palo alto, wireless access points, IP, TCP, UDP, ICMP, NAT, DHCP, SNMP, IPSEC, SSL, HTTP, SSH protocols.

Confidential

Network Engineer

Responsibilities:

• Performed troubleshooting, while maintaining trouble ticket tracking, following internal/external escalation procedures and customer notifications. Configured Cisco Routers for OSPF, RIP, IGRP RIPv2, EIGRP, Static and default route.
• Responsible for the configuration, implementation and operation of Cisco 3745 routers, Cisco 6509 and 3560 L2/L3 switches.
• Removed Cisco 3600 and 2600 series routers and Cisco 2900 series switches from the current infrastructure and replaced them with the Cisco 6509 or 3560 L2/L3 switches.
• Configuring routers and send it to Technical Consultants for new site activations and gives online support at the time of activation.
• Switching (Ethernet) related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
• Establish and implement design principles, policies, and strategies to ensure security and integrity of the enterprise network environment.
• Troubleshoot, identify and repair complex network issues for WAN, LAN, Internet connections and end-user issues while mentoring secondary engineering staff
• Experience in Cisco switches and routers: Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay and ATM).
• Migration of RIP V2 to OSPF routing protocols.
• Worked on HSRP and GLBP for first hop redundancy and load balancing.
• Implemented ISL and 802.1Q for communicating through VTP.
• Working with Client teams to find out requirements for their Networks.
• Designing solutions for frozen requirements using Cisco Routers and Switches.
• Deploying the network infrastructure to meet the requirements.
• Created VLAN and Inter-VLAN routing with Multilayer Switching.
• Monitor performance of network and servers to identify potential problems and bottleneck.
• Installed wireless access points (WAP) at various locations in the company.
• Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.
• Troubleshoot network problems using Packet Analysis tools like Ethereal.
• Provided technical support on hardware and software related issues to remote production sites.

Environment: Cisco routers, switches, ASA Firewalls, OSPF, EIGRP routing protocols, VLANS, Cisco work, WAP.