SUMMARY:

• Over 7 plus years of Experience and having multiple Certifications Cisco (CCNA&CCNP) in designing, deploying and troubleshooting Network & Security infrastructure on routers, switches (L2/L3) & firewalls of various vendor equipment.
• Technology and Infrastructure consultant for Cisco and Juniper design and implementation projects. Specific tasks include installations, configurations, support and maintenance of routers and switches.
• Experience configuring & troubleshooting routing protocols like RIP, OSPF, BGP, and EIGRP.
• IOS/JUNOS upgrade for Cisco & Juniper routers/switches.
• Experience working on ASA (5505/5510/5540/5585 ) Firewalls, Juniper (SRX 110/210/220/550 ).
• Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA(TACACS+ & RADIUS).
• Worked aggressively on complex Palo Alto firewalls Environment.
• Strong hands on experience in layer - 3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K, 2K series, Cisco router models like ASR 9K, ASR 1K, 7200, 3900, 2900, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3850, 3750, 3500, 2900 series switches
• Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, MPLS QOS.
• Hands-on experience with Juniper SRX - Juniper SSL VPN.
• Diverse industry exposure - Finance, Telecom, and IT consulting Markets.
• Extensive experience in configuring Layer3 routing and layer2/3 switching of Juniper & Cisco based J2320,MX,EX,2950,2960,3600,3750,4500,6500,1700,1800,2600 and 3700 series routers & Switches.
• Troubleshooting & implementation of Vlan, STP, MSTP, RSTP, PVST, 802.1Q, DTP, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5, VTP & SVI.
• Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments
• Experience in testing Cisco & Juniper routers/switches in laboratory scenarios and deploy on site for production.
• Native communication skills and a team player, Effective inter-personal skills, adaptive to any environment, with the latest technologies and delivering solutions as an individual and as part of a team

TECHNICAL SKILLS:

Routing Protocols: RIPv1, RIPv2, BGP, OSPF, IS-IS, IGRP, EIGRP

Security: Cisco ASA, Check point, Juniper SRX, Palo Alto

Switches: Cisco Catalyst 2960, 3500, 3750, 3850, 4500, 4900, 6500, Nexus-

2k, 5k, 7k, 9k series:

Routers: Cisco 2800, 2900, 3800, 3900, 7200 and 7600 series routersJuniper M & T Series

L2 Switching: VLAN, VTP, STP, Dot1Q, RSTP, DTP, PVST and MST

L3 Switching: Ether channels, HSRP, GLBP

CISCO ISE: Cisco Integrated Services Engine (ISE) 2.3, 2.1, 2.4

Communication Protocols: TCP/IP, UDP, DHCP, DNP, ICMP, SNMP, ARP, RARP, PPP

WAN: Frame Relay, ATM, T1, T3, OC3, OCX, OC48, MPLS VPN

Physical: Ethernet, Fast Ethernet, Gigabit Ethernet, Serial

Network Management Tool: MRTG, HP Open view, Cisco WAN manager and Cisco works

AAA Architecture: TACACS+, RADIUS, Cisco ACS

Tools: Wireshark, VMWare, tcpdump

Operating System: DOS, Windows XP, Vista/7/8/10, Cisco IOS, Linux, Mac OS, Cisco IOS.

PROFESSIONAL EXPERIENCE:

Confidential, Boston, MA

Sr. Network Security Engineer

Responsibilities:

• Installed and configured Cisco ASA 5500 series firewall and configured remote access IPSEC VPN on Cisco ASA 5500 series
• Experienced working on CISCO NEXUS data center infrastructure with 2k, 5k and 7k series switches by enabling networked devices to communicate effectively.
• Providing technical support and solutions for the wireless products of Cisco
• Worked on Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering)
• Configured rules and maintained Palo Alto Firewalls & analysis of firewall logs using various tools
• Configuring all the devices per their type with AAA commands for the device authentication using AD, RSA and the ISE internal users depending on the user type.
• Supporting EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations
• Worked on to set up OSPF dynamic routing on Cisco ASA Firewalls by using and following their current network structure
• Deployed VXLAN on the Nexus 9000 to map the physical VLANs to the Virtual Overlay VLANs
• Configuration and Integration of Cisco Identity Services Engine (ISE) 2.1.
• Configured Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000 to connect servers and storage devices.
• Worked on troubleshooting, implementing and configuring new devices and helping them to build new data center and moving devices from one data center to another by moving all devices
• Perform ISSU upgrade on Nexus 7010 devices by operating the supervisors in
• Active/standby mode on the devices by determining ISSU compatibility.
• Configured and maintained VDCs in 7018 switches, maintained VRFs in those separate VDCs. Operated in OTV to extend L2 VLANs amongst data centers over IP on Nexus 7018 switches.
• Scheduled maintenance of Nexus 2248, 5548 and 7010 switches so that there are no Orphan ports in the network.
• Upgradation of nexus OS from 6.2.2a to a higher version to increase performance and support new features on both.
• Worked on configuring cisco 3850, 4500E series switches to implement information sharing and resource allocation for increased productivity
• Experienced in Automated network implementations and tasks and designed monitoring tools using python scripting
• Responsible for setting up point to point OSPF connection on the Cisco and juniper routers like MX, ASR series devices in the customer network
• Developed a python script, which will parse all trace files and calculate throughput, latency and drop rate.
• Managed data center and network by using solar winds, NPM, NTA, NCM and F5 load balancer
• Experience in F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs
• Created an automated backup procedure for all F5 load balancer appliances like 7050, 5200V and 4200V.
• Create complex iRules using TCL language for URL redirections, HTTP header-insertion and HTTP header modification.
• Tested JUNOS images on juniper MX router platforms covering various protocols and technologies like OSPF, BGP, LDP, MPLS, Layer3 VPNs
• Deployed the Nexus 9000 Application Virtual switch to support network telemetry applications and 9000 Core with VPC and 3172 TOR
• Configured IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls
• Experienced in Working with AWS technologies that support automation using cloud formation to create EC2 instances
• Configured and managed tool that auto discovers auto scaling EC2 instances in VPC.

Confidential, Chicago, IL

Network Security Engineer

Responsibilities:

• Provided administration and support on Bluecoat Proxy for content filtering and internet access to head quarter, remote site offices and VPN client users.
• Addressed technical issues and questions regarding Cisco ISE including troubleshooting and modifications
• Automated network implementations and tasks and designed monitoring tools using python scripting
• Migrating the policy from Cisco ASA firewall into Palo Alto.
• Worked on wild fire advanced malware detection using IPS feature of Palo Alto
• Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Dealt with creating VIP (virtual servers), pools, nodes and applying I Rules for the virtual servers like cookie persistency.
• Configured, maintained and troubleshoot dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, Prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E.
• Experience in Configuring, upgrading and verifying NX-OS operation system with OSPF, BGP
• Troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP,
• Experience configuring Virtual Device Context in Nexus 7010
• Configure / Troubleshoot CISCO 12000, 7500, 3800, Juniper MX 480, MX960 series routers and EX4200 & EX3200, 3560 series switch for LAN/WAN connectivity.
• Establish AWS technical credibility with customers and external Vendors.
• Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN.
• Help customers build scalable, resilient, and high-performance applications and services on AWS
• Develop/capture/document architectural best practices for building systems on AWS
• Implementation and Configuration (Profiles, I Rules) of F5 Big-IP LTM-3600 and 6400 load balancer.
• Worked extensively on Big IP LTM and GTM. Configured F5 GTM solutions, which includes Wide IP, Pool Load Balancing Methods, probers and monitors
• Implemented antivirus and web filtering on Juniper SRX 550 at the web server
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5585 Security appliance
• Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for datacenter access architecture.
• Experience with deploying PIM Sparse-mode/Dense-mode multicasting in Campus locations.
• Tested various networks which works on the protocols like of TCP/IP (IP, TCP, UDP, SNMP, DNS, DHCP, FTP, HTTP, HTTPS, ICMP, SMTP, ARP, IPSEC, and NAT)
• Experience working with ASR 9000 series switches with IOS-XR
• Implemented Access lists and policy mapping on Juniper router installed in each branch across all the locations.
• Worked on external customer wireless network infrastructure
• Worked with VMware hypervisor and virtualization monitoring tools

Confidential, Atlanta, GA

Sr. Network Engineer

Responsibilities:

• Responsible for the conversion of the existing environment from an EIGRP to OSPF setup to facilitate the migration of Core from Cisco to Juniper.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems during the conversion of existing point to point circuits to MPLS.
• Implemented Dual homed connections between multiple customer sites to connect to primary and redundant datacenters in Dallas/ Roseland.
• Added Trunks, Spanning Tree protocol, Port-Security, VLAN-MAPs and DOT1X for Switches and Wireless.
• Configured rules and Maintained checkpoint VSX, Palo Alto Firewalls & Analysis of firewall logs using various tools
• Dealt with implementation of deployment related to Cisco ASA 5585 devices and Juniper SRX 550 devices to apply security policies on it.
• Implemented MX-960 router and configured virtual chassis in the core to enable inter chassis redundancy.
• Troubleshoot issues related to VLAN, VLAN Trunking, VRRP failovers, related issues.
• Involved in Planning for upgrade of IOS on devices and performing the upgrade.
• Assisted in the architecture, evaluation and recommendations related to purchasing and installing hardware, software related to IP Networking.
• Worked as part of a team to manage Enterprise Network Infrastructure as a Tier 3 Support Engineer.
• Responsible for Juniper SRX firewall management and operations across our corporate networks.
• Provide Load Balancer expertise on F5 Big IP LTM and GTM devices like 7050 and 2200 and troubleshoot application slowness.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for datacenter access architecture.
• Experience configuring Virtual Device Context in Nexus 7010
• Configured Juniper MX80s, EX4300s, and SRX240s to be implemented as a part of the branch.
• Good experience working with the Trouble Tickets on F5 Load balancers.
• Perform Configuration changes on BIG IP (F5) Load balancers and also monitored the Packet Flow in the load balancers.
• Managing enterprise BGP setup by configuring and troubleshooting BGP related issues.
• Experienced with Juniper: EX-2200, EX-4300, EX-4500, MX-480 and M Series, SRX210 and SRX240 troubleshooting.
• Responsible for Configuration of Palo Alto 5050 devices with layer 7 filtering of traffic traversing the internet.
• Configured VPN tunnels to multiple vendors with end devices terminating at vendor end being a Cisco/Juniper firewall.
• Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series and ASR 9k, GSR 12K routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Configured networks using routing protocols such as OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel
• Administration of ASA and Juniper SRX firewalls in the DMZ and FWSM in the Server Farm to provide security and controlled/restricted access.
• Responsible for monitoring alerts through tools like Solarwinds Orion, xenoss, scrutinizer in the Production environment as a part of first response for the service desk.

Confidential, Boca Raton, FL

Data Center Network Engineer

Responsibilities:

• Configuring Cisco Router and ASA 5505 firewall, Configuring suphos firewall (UTM)
• Configured HSRP and VLAN trunking 802.1Q, VLAN Routing on Nexus 9k, 7k, 5k, and Catalyst 6500 switches.
• Configuration of Port Channels and VPC on Nexus 9K, 7K, and 5K.
• Migration of resources done in batches of a specific number of resources everyday using Active Directory Migration Tool.
• Perform Layer 2 switching and Layer 3 routing within a Data Center Environment, between Core distribution & Access Layers.
• Provide timely troubleshooting measures for all of our customers to ensure a satisfactory resolution is provided, including third parties. Configure, Support, update and install Checkpoint, Fortinet Firewalls, Firemon, and DLP systems. Provide monitoring of all Checkpoint firewalls and there logs / traffic
• Worked extensively on device profiling, authentication and authorization mechanisms using AAA, RADIUS, 802.1X, Policy buildups for Posture Compliance Policies and Rules for checking the devices coming onto Network, Remediation Process, Access and Controls, and Segmenting the Global Networks for NAC Solutions for both Cisco and Fore scout NAC Appliances
• Customer reservation plugin including features like finding the best driver to make the trip and integration with payment system, mango pay. It was a LAMP Environment. .
• Migrate from legacy routing architecture utilizing Firewalls as routing devices and implement Cisco ASR with DMVPN for data center to data center connectivity over multiple providers and Internet links for backup redundancy
• Provide expert level support on Vyatta router, VPN and firewall features
• Configuring, troubleshooting and managing Networks of over 1000 devices by monitoring health of routers, switches and load balancers and working with team to fix any configuration or hardware.
• Configuration of layer 2 Cisco switches for VLAN and Trucking
• Configuring and monitored different monitor modules F5 BIG-IP LTM F5 and DNS traffic Management.
• Configure IPV4/6, SR-IOV, VXLAN, and Bonding (Failover/Load Balancing)
• Troubleshoot and coordinate the resolution of connectivity related issues
• Serve as the customer’s go-to resource for all matters related to the Palo Alto next-generation firewall.
• Used F-5Load balancers to increase capacity (concurrent users) and reliability of applications.
• Deliver best practices guidance for managing Palo Alto Networks firewalls.
• Installation, configuration and maintenance of Cisco Routers like 2600, 2800 and 3600 series.
• Experience with the Configuration on BIG IP F5 Load balancers and monitored the packet flow.
• Configured High availability and implemented it on F5 Load balancer.
• Configuring and troubleshooting F5 BIGIP LTM load balancing and implementing, Creating I rules, Virtual servers, Pools, Nodes with health, Profiles, SNAT, SSL, NAT, Traffic Policies and QoS.
• Used Python scripts to update content in the database and manipulate files.
• Designing, Implementing and Managing WLAN Distribution Network.

Confidential

Network Engineer

Responsibilities:

• Installed and configured the ACE and CSM for firewall/Server Load balancing for Cisco Catalyst switches.
• Configured the Cisco router as IP Firewall and for NATting.
• Maintenance of ERP and troubleshooting of ERP.
• Managed and installed Firewall (Sonic wall).
• Installed & configured PIX 520, 525, 535 series firewalls, configured standard & extended access-lists & policy- based filters.
• Configured ASA 5510 appliance and VPN.
• Troubleshooting network systems and performance, and remediating issues professionally and concisely.
• Evaluating project fit and design, utilizing best practices and vendor comparison techniques to provide customer with best business solution.
• Provided estimated bandwidth requirements for data replication, to best determine adequate timing for Migration service levels
• Configured HSRP between VLANs, Configuring Ether-Channels, and Port Channel on 6500 catalyst
• Switches Replaced branch hardware with new 2851 routers and 2960 switches
• 802.11n Infrastructure and its legacy technologies
• Experience in working with Cisco Nexus 5000 series switches for data center
• Configured OSPF on CISCO devices with multiple routing processes and redistributed them. Tested and hands on experience in multi area OSPF topologies