SUMMARY:

• 10+ years of experience in Enterprise IT Management with specialization in Network Security and extensive experience on Systems Management, Data Center Management, Third Party - Customer Integration, and Customer ODC setup. Actively involved in implementing & supporting LAN/WAN/IT Security/VPN network infrastructure for large organizations. An enthusiastic and project-oriented team player with solid communication and leadership skills to develop creative solutions as per client needs.
• Network & Security project implementation, testing and commissioning to meet the project deadline.
• Designed, installed, configured and managed complex LAN, MAN and WAN networks.
• Implemented firewalls using Cisco ASA, Cisco PIX, Fortigate Firewalls, Juniper Netscreen and SRX firewalls, PaloAlto 5060, Checkpoint NGX R65 and VPN gateways.
• Configured and deployed Nexus 5k and 7K switches as per client requirement.
• Expertise in configuring security technologies: IPSec VPN, SSL VPN, DMVPN, VLAN’s, port-security, policy based routing.
• LAN Technologies - configuring and troubleshooting of VLANS, VTP, STP, RSTP, PVST, MST, Ether-channel, HSRP and VRRP.
• Experience working in NOC and Data Center providing high uptimes for Infrastructure services.
• Experience in setting up an ODC - Physical infrastructure, Communication Link, Security and Confidentiality for BFSI, Manufacturing, Product Engineering, & Healthcare Domains.
• Experience in building & troubleshooting Site-to-Site & Client based VPNs..
• Experience in Firewall Security protocols NAT, PAT, IPSec, PPTP, L2TP, SSL, SSH.
• Experience in Planning, Configuration, Implementing and Troubleshooting ISDN (PRI/BRI), Leased Lines, ATM, Ethernet, Fast Ethernet, Giga Ethernet, OFC, WLAN, Wi-Fi, T1, E1, T3 etc.
• Experience with TCP/IP, EIGRP, HDLC, PPP, & ISDN, ACL’s. Knowledge of BGP & OSPF, EIGRP routing protocols.
• Extensive experience in Layer 3 routing on Cisco 7200, 3800 and 2800 routers and Layer 2 switching on Cisco 6500, 4500, 3700, 3900, 2900 switches.
• Highly skilled in implementation, configuration and support of security solutions Intrusion detection/prevention and Security Information Management solutions.
• Knowledge on DHCP, DNS, Active Directory, Group Policy objects, Patch management & Anti-Virus Server.
• Knowledge on VM Ware EXS 3.0 & 4.0 Servers installed on Dell Blades and ESX Boxes.
• Implementation of security policies, access-lists and inspection rules.
• Implementation of NAT, PAT, Dynamic NAT and static NAT.
• Configuring of IPS, IDS and HIPS.
• Conducting security audits
• Configuring HA for firewall platforms.
• Configuring CSC modules on Cisco ASA.
• Securing the networks with routers and switches by configuring the L2 and L3 level security.
• Implementation Unified Threat Management on both Juniper SRX and Palo Alto 5060.
• Configuring link-state routing protocol OSPF in single and multiple areas, ABR & ASBR, stub & total stub, NSSA, route summarization, authentication & virtual links.
• Configure advance distance routing protocol EIGRP in which load balancing across equal & unequal cost paths was implemented, EIGRP stub, authentication and summarization.
• Configuring policy based routing (PBR) by using path attributes and path vectors in BGP
• Resourcefully planning & designing IP address scheme for an enterprise network, with scope for future expansion using VLSM.
• Route redistribution among all IP routing protocols.
• Implementation of ACL’s, NAT & PAT on routers and firewalls as required.
• Backups and restore of IOS and configuration files.
• Creating VLANs in Layer 2 and Layer 3 Switches.
• Assigning ports to VLANs to enhance LAN security.
• Configuring VLAN trunk using ISL & 802.1q (dot1q).
• Implementing STP, PVSTP and MST.
• Implementing RSTP to avoid delay.
• Propagating VLAN information with VTP implementation.
• Configuring link aggregation with etherchannel.
• Configuring Layer 3 redundancy with HSRP, VRRP & GLBP.
• Implementing port security, port-fast, uplink fast and backbone fast.
• Implementing VPNs on routers and firewalls.
• Implementing Site-to-Site IPSec VPN.
• Configure GRE tunnel over IPSec.
• Implementing Easy VPN.
• Configuring the VPN redundancy.
• Building the site to site VPN redundancy for cloud services( Amazon Cloud)
• Configuring F5 VLAN extensions and routing.
• Configure the virtuals, pools, profiles, monitors and Irules.
• Configure F5 High Availability.
• Implementing F5 SNAT pools and Outbound SNAT.
• Implementing http redirections and persistence.
• Troubleshooting F5 load balancers.

PROJECT EXPERIENCE SUMMARY:

Confidential

Network Security Analyst

Platforms used: Cisco ASA 5585, 5540 and 5520, Juniper SRX 650 and 240, Palo Alto 5060, Juniper MAG 6611, 4610 and 2610Certes Encryption (CEP 10G).

Responsibilities:

• Designed and completed Unified Threat Management (UTM) project at DTO Enterprise level to secure the State agency’s resources from malware, spyware, vulnerabilities using Palo Alto Firewall.
• Designed and completed encryption project using Certes 10G devices between DTO Columbia and DR Clemson to secure the mainframe data passing through 10G link.
• Designed and completed the State Remote Access SSL VPN project using PulseSecure (formerly Juniper) access devices.
• Handling whole State of South Carolina agency security Operations and also working with Project team to bring up the new agencies on board.
• Worked as part of the Network Security Team to provide firewall and UTM security to 80+ state agencies.
• Participated in kickoff meetings and pilot meeting for drafting a check list of activities, phases/stages, deadlines etc.
• Ensure verification of deliverables as per the quality assurance plan and final inspection.
• Ensure project risk identification and mitigation planning.
• Completed vulnerability assessments for DTO and DTO supported agencies.
• Vendor Management and negotiations.
• Building the Site-Site VPN tunnels between multiple agencies on different firewalls.
• Code upgrade on Cisco ASA, Palo Alto, Juniper SRX.
• Played a major role in Juniper SRX project between DTO and DIS (Department of Information Security).
• Configured the Active-Passive failover in multi-context mode on Cisco ASA 5585.
• Configured the Juniper Chassis cluster on DTO SRX 650 firewalls.
• Design and configure new context when new agency was on-boarded by DTO.
• Provide the solutions for agency network teams on multiple complex issues.
• Network documentation using Confidential Visio 2010.
• Administration of Cisco Secure Access Control Server 3.3. (Cisco Secure ACS) and Tacacs+ config.

Confidential, Rockville, MD

Advisor Data Network Services

Platforms used: Cisco ASA 5585, Cisco ACS, Palo Alto firewall, Juniper 5200 SSL VPN, Juniper Netscreen and SRX firewallsCisco Nexus Switches 3k, 5k and 7K, Cisco IOS based switches 4500, 6500, F5 BIG IP LTM, GTM load balancers.

Responsibilities:

• Led the technical implementation of the project.
• Technical requirement analysis, design and creating the necessary technical documentation.
• Identify the scope of project deliverables, and create project-specific documentation.
• Participate in the project kick of meetings and pilot meeting draft a check list of activities, phases/stages, deadlines etc.
• Function as a point of escalation for resolution of technical matters within the project.
• Ensure verification of deliverables as per the quality assurance plan and final inspection.
• Liaison between the customer and/or onsite/offshore team (case-specific), to identify routine issues and keep the stakeholders updated on the status of the project.
• Ensure project risk identification and mitigation planning.
• Designing Security Architecture - Cisco 5585 Firewalls, VPN, SSL VPN, VLAN, Network segmentation.
• Security Change Management and day-to-day operations. Reporting of Security Incidents to Security Operations Managers.
• Vulnerability assessment of critical network, security & systems using tools WebSense tool.
• Provided network & systems support for US and Nationwide remote offices.
• Planning & participating DR-BCP exercise for internal and external customers.
• Vendor Management and negotiations.
• Successfully migrated Juniper SSL VPN to Cisco ASA Any-Connect and client-less VPN using multifactor authentication.
• Firewall policy configuration on Cisco ASA and Juniper Firewall.
• Site to Site and remote access VPN configuration on Cisco ASA 5585.
• Wide-IP configuration on F5 BIG IP GTM.
• Successfully migrated the monitoring system from CA EHealth to Solar winds.
• Network devices log monitoring using Solar winds, CA health and Kiwi Syslog server.
• Follow-up with AT&T on remote offices MPLS commission and decommission.
• Managing and implementation of Confidential wireless controllers and access points.
• Code upgrade on Cisco ASA, routers, switches and Juniper firewall/SSL appliance on failover setup.
• Network sniffing using Wireshark, Palo Alto firewall.
• Network documentation using Confidential Visio 2010.
• Administration of Cisco Secure Access Control Server 3.3. (Cisco Secure ACS) and Tacacs+ config.

Confidential

Network and Security Administrator

Platforms used: Cisco ASA firewalls, checkpoint VPN gateways Juniper Net screen and SRX firewalls, Juniper NSM, Cisco Nexus Switches 3k,5k and 7K,cisco IOS based Switches 4500,6500,F5 BIG IP load balancers and Netscaler devices.

Responsibilities:

• Supported for Confidential Global network services team on 24*7 support basis which can handle requests raised by the Confidential properties.
• Worked on Cisco Nexus 3K, 7K and Cisco IOS 4500 switches for LAN requirements that include managing VLANs, Port Security and troubleshooting LAN issues.
• Maintained for BGP based network by resolving level 3 problems of internal teams and external customers of all locations.
• Configured the F5 load balancers as per the customer requirements like virtuals, pools, Irule, Persistence and SNAT.
• Involved in effective communication with vendors, peers and clients in resolution of problems, equipment.
• Worked extensively in configuring, Monitoring and Troubleshooting Juniper SRX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design and monitoring 1000 group of firewalls using NSM.
• Part of Deployment Team for upgrading existing network 6500 to Nexus 7K.
• Deployed new Nexus 7K, Nexus 5K, Nexus 2K, Catalyst 4500s, Catalyst 3700s and 2900 series routers in to production.
• Knowledge on VDCs (Virtual Device Contexts) and VPC (Virtual Port channels) for Nexus 7Ks
• Worked with Sup- 6 and Sup- 7 for Catalyst 4500s.
• WAN migration and Hardware Decommission - being actively participated
• Having fully knowledge of Network Upgrading Process
• Configure Firewall policy on Cisco ASA firewalls.
• Configured NAT on both Checkpoint and ASA firewalls.
• Installation and administration of F5 BIG IP LTM.
• Network devices Log monitored using solarwinds.
• Site to site VPN implementation on ASA Firewalls
• ASA software upgrade on Failover setup.
• Code upgrade on checkpoint firewalls
• Best practice implemented on Cisco Routers and Switches.
• Fine tuning of Firewall policies based on Information security policy.
• Network documentation using Confidential Visio 2010.
• Configured scheduled backup for checkpoint firewalls
• Configured scheduled backup for ASA devices on solarwinds NCM
• Operation activities like VLAN, Port activation, code upgrade on Cisco Switches
• Followed the process of Change, Incident, Problem, capacity and service management to meet the defined SLA's.
• Ability to handle high-pressure, Root Cause Analysis (RCA) and preparation of Incident Report of high severity failures.
• Vendor Relationship Management and Negotiations.

Confidential, Charlotte, NC

Network and Security engineer

Platforms used: cisco ASA 5520 and 5540 firewalls, fortigate 110c,30b and 3600 firewalls, Juniper netscreen firewalls, cisco routers 7200,3500 and FWSM, cisco ACE load balancers.

Responsibilities:

• Monitor performance of network and servers to identify potential problems by using HP NNM, Cisco Mars, Cisco ASDM and Juniper NSM.
• Provide front-line management of day-to-day operations in Operations Center.
• Worked on 3500 and 3700 Catalyst switches for the purpose of LAN requirement and for troubleshooting LAN issues.
• Involved in troubleshooting of DHCP and other IP conflict problems.
• Performed switching technology administration including VLANs, inter-VLAN routing, trunking, STP, RSTP, port aggregation & link negotiation.
• Involved in new Branch network systems. Resolved network issues, ran test scripts and prepared network documentation.
• Performed RIP & OSPF routing protocol administration.
• Involved in troubleshooting IP addressing issues and Updating IOS images using TFTP.
• Troubleshoot problems on a day to day basis & provide solutions that would fix the problems within their Network.
• Maintenance and Troubleshooting of LAN connectivity problems using Ping, Trace route and packet capture.
• Configuring the security policies and implementing NAT,VPN and ACL’s on Fortigate, netscreen firewalls.
• Configuration and Maintenance of ASA 5580-20, ASA 5540, ASA 5520, ASA 5510, PIX 535, FWSM Firewalls.
• Migration of data centre based on the traffic flow.
• Installation of Cisco ASA 5500 series firewalls, Cisco 3500, 4500, 6500 series switches.
• Installation and administration of Checkpoint R 75.40 Firewall.
• VLAN and Port channel configurations on Cisco 4500 and 6500 series switches
• OSPF configuration
• Firewall Log monitoring using RSA Envision and Q RADAR
• Site to site VPN implementation on ASA Firewalls
• Managing and troubleshooting of Cisco Unified Communications Systems, including Call Manager / Unified Communications Manager 6.x, 7.x Unity .
• Managing and troubleshooting of Cisco Analog and Digital voice gateways and devices.

Confidential

Network Engineer

Platforms used: Cisco ASA 5520 and 5540 firewalls PIX 515, Cisco Routers 7200,3500 and FWSM, cisco ACE load balancer, cisco switches 4500,6500 and 3500.

Responsibilities:

• Provide front-line management of day-to-day operations in Operations Center.
• Provided network consulting services to customers deploying DSL networks.
• Responsible for identifying, specifying and verifying network equipment needs including IP routers, switches and frame-relay.
• Performed Network operations by health monitoring using NMS such as solar winds and wire shark, issue and incident resolution using ticketing system and workflow software.
• Scheduled preventive maintenance for fire-protection systems, including new protocol. Utilize MS Windows, Word, and Excel for reporting/documenting process.
• Ensure problems are satisfactorily resolved in timely manner with focus on providing a high level of support for all customers.
• Prepared engineering documents and network diagrams in Confidential visio.
• Deliver departmental efficiency through advanced engineering, technical support, and documentation procedures.
• Perform OSPF, BGP routing protocol administration.
• Router memory & IOS upgrade with TFTP
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches, fixes, and all around technical support. configuring and troubleshooting of VLANS, VTP, STP, RSTP, PVST, MST, Ether-channel, HSRP and VRRP.