SUMMARY

• 4 plus years of practical experience in the IT field as a network engineer, with proficient hands - on experience in the areas of Wi-Fi portfolio, Routing, Switching and Troubleshooting
• Strong knowledge in configuring and troubleshooting routing protocols like OSPF, VOIP, IPT, IS-IS, SNMP, EIGRP and BGP.
• Installing and Configuring Cisco switches 2960, 3560, 4500, 6500, 4900, 2900, 3750, Nexus 5000, Nexus 7000, WS-C4948, Juniper EX, QFX and MX series.
• Hands-on expertise with routers 2800, 2900, 3800, 3900, 7200, 7600, ASR9010, ASR1002 and Juniper ACX, EX 4300, MX 480, MX960 series.
• Working Knowledge on Devices like Juniper SRX 210, 240 and 550.
• Implementation, working analysis, troubleshooting and documentation of LAN, WAN & WLAN architecture with excellent work experience on IP series.
• Working knowledge with Load Balancers F5 LTM like 2200, 4200v, 7050 for various applications.
• Knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, BGP ability to interpret and resolve complex route table problems.
• Experience in deploying applications through Microsoft azure.
• Experience in troubleshooting and deploying applications to azure.
• Experience in Design, configuration, and support of Cisco Nexus Platforms (Nexus 2000/5000/7000 ).
• Worked on Cisco Routers 2800, 2900, 3800, 3900, 3750, 4500, 7600, (6500- sup720), ASR9K and ASR1002.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
• Working knowledge of Firewall, LDAP, AAA, TACACS/RADIUS, and IPSEC.
• Proficient with TCP/IP, OSI models and Cisco IOS.
• Experience with Security policy configuration including NAT, PAT, VPN, SSLVPN, Route-maps and Access Control Lists.
• Hands on experience on software Upgradation of Cisco IOS, NX-OS and Wireless (WLC’S and LWAPP) of different Cisco devices & modules.
• Strong practical experience in IP addressing, Sub-netting, VLSM and ARP, proxy ARP, and ping concepts.
• Expertise in troubleshooting and configuring DNS, DHCP, TFTP, TELNET, SSH, FTP and NFS.
• Excellent hands-on experience in designing and implementing IP addressing that includes both IPV4 and IPV6
• Implementation of Access lists, route maps, and distribute lists.
• Strong fundamental knowledge in implementing Layer-2 level technologies including VLAN's, VTP, STP, RSTP and Trunking.
• Technical support for improvement, up-gradation & expansion of the network architecture.
• Good understanding and working knowledge of Protocols like IEEE 802.1, IEEE 802.3& IEEE 802.11, 802.1x, EAP, PEAP & EAP-TLS.
• Hands-on experience of Python scripting, automation using Python, string parsing, libraries, API's, regexp and more.
• Expertise on various Operating Systems and software's like Win8, Win7, Win 2008, Win Vista, Ubuntu, Kali Linux, Red Hat Linux, Asterisk and MS Office Suite.
• Working Experience in SONET, DWDM & ATM Networks.
• Working Experience in VMware ESX 5.x, VMware Workstation, VMware vCenter Server, Microsoft SharePoint, System Center 2012 R2, C++.
• VoIP Installation and troubleshooting, configuring Cisco Phones and setting up VoIP, IPT over VLAN.
• Good understanding and working knowledge of ITIL standards.
• Configure, Maintain and Troubleshoot for CISCO Wireless LAN controllers (5508,4408) and on WCS (wireless control system)
• Hands on experience on several Ticketing Tools like JIRA, Change Management, Service Catalog, ePCR, SR, Remedy, IP center, etc.,
• Working Experience on web content filter and gateways like Blue Coat, Websense.
• Working Experience on Network Scanning, Management, Alerting &Logging tools like Solar Winds, PRTG, and Wireshark.
• Comprehensive understanding of OSI Model, TCP/IP protocol suite (IP, ARP, ICMP, TCP, UDP, SNMP, FTP, TFTP).
• Planning, Designing, Implementation of small, medium organizations including LAN, VLAN, WLAN and WAN on wired and wireless networks
• Moderate knowledge in configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone Aps, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics.
• Moderate knowledge in implementing and configuring F5 Big-IP LTM-6400 load balancers.
• Adept in preparing technical documentation and presentations using Microsoft Visio/ Office.

TECHNICAL SKILLS

Cisco Platforms: Nexus 7K, 5K, 2K and 1K, Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900, 6807 series)

Juniper Platforms: SRX, MX, EX Series Routers and Switches

Networking Concepts: Access-lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi

Firewall: ASA Firewall (5505/5510/5520 ), Checkpoint (R75/R76), Palo Alto (2k, 3k, 5k), Juniper SRX (240).

Network Tools: Solarwinds, SNMP, Cisco Works, Wireshark

Load Balancers: Cisco CSM, F5 Networks (Big-IP)

WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1,DS3,OC3, T1 /T3 & SONET

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q

Security Protocols: IKE, IPSEC, SSL-VPN

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6

Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix

PROFESSIONAL EXPERIENCE:

Confidential, Baltimore, MD

Sr. Network Security Engineer

Responsibilities:

• Worked on data center segmentation project to create segmentation between the user and server traffic by deploying Palo Alto firewalls (5250s) in the datacenter including cabling to the Nexus 7K VDCs and HA.
• Worked on providing management connectivity, HA configuration, setting up RSA for MFA, license and updates management, VSYS support, L3, aggregate Ethernet and sub interfaces configuration, configuration of BGP on both Nexus and Palo Alto, moved SVI (server VLAN) interfaces from ASA core to Palo Alto.
• Validated routing throughout the environment and created test plans for failover including using link monitoring and path monitoring.
• Collected data to determine which permit rules to create between the user and server VLANs based on the logs.
• Installed Arista core and distribution solution to replace current Cisco environment
• Experience using Source fire IPS and Firesight management console
• Configured redundancy protocols like HSRP and VRRP on Cisco and Arista devices respectively
• Review and analyze events from logs and Source Fire IDS/IPS
• Experience working with Nexus 7018/7010, 5020, 5548, 2148, 2248 devices.
• Experience working with OTV & FCOE on the nexus between the datacenters
• Deployed Nexus switches 2248, 5548, 7018 and implemented features like FEX Links, VPC, VRF, VDC, and OTV, Fabric Path.
• Determined the VPN connectivity requirement for users, VPN pool and gateway information, integration of RSA for VPN authentication, defined rules for non-console administrative access, implemented and tested non-console admin rules for firewalls.
• Configure, Maintain, Update and Troubleshoot for CISCO Wireless LAN controllers (5508,4408) and on WCS (wireless control system)
• Worked on creating SNMP, Syslog, Email profiles, log forwarding, data filtering profiles according to the client’s requirement.
• Experience with various switches (Cisco, HP, Blade and Arista) that are deployed in both Ultra low latency and Data center environment.
• Deployed the Cisco 3500 Access Points using Cisco Wireless controllers 5508, 4408 and 2504.
• WCS System and Network access enforcement for multivendor Wi-Fi, wired and VPN networks and advance policy management using Aruba Clearpass.
• Implementation of Juniper Firewall, SSG Series, Net screen Series ISG 1000, SRX Series
• Upgraded the existing Panorama to V8. Integrating the new firewalls to Panorama and responsible for working on change tickets for existing 3250 Palo Firewalls in the environment.
• Worked with the Info security team to closely monitor threats, incident handling, working with the network administration team to provide them with the remediation steps.
• wireless network including vendor selection (Aruba, Cisco and Ubiquti Networks), site survey, and deployment of back-end services for secure 802.1x authentication.
• Configured vPC with HSRP on Nexus devices and m-LAG with VARP on Arista devices
• Updated configuration standards to meet the PCI DSS compliance requirement.
• Made config changes to the existing firewalls in the CDE to the configure standards to make them PCI compliant.

Environment: Firewall migration, Rule cleanup, Firewall remediation, F5 Cisco ISE, Ticketing change management

Confidential, Columbus, OH

Sr. Network Security Engineer

Responsibilities:

• Worked on cleanup of several legacy rules of ASA and created a migration path to Palo Altos, configured for Global protect VPN, User ID, Wildfire set up, SSL decryption, license and policy management on Palo Alto appliances.
• Reviewed and optimized firewall rules using Netscout firewall monitoring tool by creating customized firewall audit reports. Migrated datacenter firewall rules based on Zenoss Analysis/query and Reports.
• Staged, planned and deployed Palo Alto 5060 within Data Centres.
• Worked with Palo Alto firewalls using Panorama performing changes to monitor/block/allow the traffic on the firewall.
• Responsible to evaluate, test, configure, propose and implement network, firewall and security solutions with Palo Alto networks.
• Configure and maintain site to site VPN using Netscreen firewalls.
• Experience working with ARISTA switches like 7100, 7500 for cloud computing, datacenter and low latency networks
• Involved in the deployment project of hadoop clusters (integrating RAIL) using Arista 7300 model networking devices using layer3/ECMP for east-west traffic.
• Working experience on tools and devices like Source Fire, Cisco ASA, Cisco ISE
• Installed and configured Cisco Nexus 7k/5k/3k switches for VPC, Vlans, MST and 802.1q for Top of the Rack switches and Distribution layer switches
• Instituted a vulnerability management program to scan and report on all machines for vulnerabilities on the network using various vulnerability management tools on a weekly schedule to meet external audit requirements.
• Configuring HP procurve switches and Microtik routers by providing VPN access and setting pools for dedicated tunnel for internal customers.
• Worked on Palo-alto configuration for L2, L3 deployment on Vendor-list firewall.
• Experience on configuring fiber-optic between 2 data centers with 10GB of bandwidth availability.
• Configured active directory domain, DNS and DHCP on Windows 2012 R2 standard.
• Extensive work with MPLS, configuring BGP, policy-based routing, redistribution, VPN etc.
• Worked on troubleshooting of tickets in complex LAN/WAN infrastructure using packet captures, protocol analyzers, syslog servers etc.
• Worked on CA spectrum network monitoring tool.
• Corrected configuration issues and implemented best practices for configuration of VDC, VPC, VRF, FEX

Environment: Architectural layout, Firemon, Unused rule and policies, Qos, Monitoring, VOIP,PbX, HP procurve switches.

Confidential, Charlotte, NC

Network Test Engineer

Responsibilities:

• Managed firewall policy lifecycle process from review, approval, implementation, publishing, verification Network Engineer
• Worked on a project to help clean up legacy FW policies and create migration path from current ASA’s.
• Cleaned up around 50000 rules based on activity within 3 months prior to the migration project.
• Implement IPSEC, SSL VPN solutions including Palo Alto Networks Global Protect with single and multiple
• Gateway solutions including integration of PKI certificates.
• Worked on setup and installation of Cisco ASAs with Firepower and configured it for URL filtering.
• Check for DNS issues by pinging the server’s name. Experience with Wire shark, Test TCP& OPNET.
• Perform bandwidth metrics analysis using various tools (IXIA, Cisco Works and Cisco Network Analysis Module
• Act as a part of the Migration project for Data-center switches from Cisco Nexus 7010, 5548 switches to Arista 7308 and 7300X-32Q switches, Leveraging spine-leaf architecture
• Managing &Troubleshooting DHCP issues.
• Built several Red Hat Linux servers to provide file storage, system backups and UPS monitoring.
• Configuring and troubleshooting static and dynamic DNS servers.
• Trouble-shooting end-user reported problems, thoroughly and accurately documenting problem in trouble management tool.
• Analyzing and resolving a high percentage of initial customer contact in the areas of PC/LAN.
• Escalating customer problems to management and support groups utilizing standard escalation model.

Environment: Shortel, AVAYA, f5, Upgrades and backup, Network monitoring

Confidential

Jr. Network Engineer

Responsibilities:

• Check the condition of the physical connection i.e. the network cable.
• Setting up Cisco wireless router and setting up access points.
• Check the IP address, default gateway and subnet mask are all correct.
• Troubleshooting network issues like by pinging the host or by pinging the default gateway.
• Contacting ISP (PerunaNet) for assistance.
• Setting up VOIP network in the engineering building.
• Check for DNS issues by pinging the server’s name.
• Experience with Wireshark, TestTCP& OPNET. Managing &Troubleshooting DHCP issues.