SUMMARY

• Cisco Certified Network Engineer with over 9+ years of experience in the industry, which includes expertise in the areas of Routing, Switching and Firewall.
• Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, BGP and ability to interpret and resolve complex route table problems.
• Implementation of traffic filters on Cisco routes using Standard and extended Access list.
• Expert Level Knowledge about TCP/IP and OSI models.
• In - depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services.
• Cisco ASA Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Extensive Knowledge on the implementation of Cisco ASA 5500 series and checkpoint R 75 firewalls.
• Hands on experience working with Cisco Nexus 7K, 5K & 2K Switches.
• Worked on NXOS, IOS, and IOS-XR BXB to N7K-NXOS (MPLS) system test.
• Experience in F5, Cisco ACE 4710 Load balancers.
• Extensive understanding of the Application Security Module (ASM) technology.
• Experience in working with load balancer for converting CSS to ACE.
• Experience deploying BIG-IP F5LTM Load Balancers for load balancing and traffic management of business application.
• Hands-on deployment, tuning, and troubleshooting experience, ideally with Palo Alto Networks, Check Point, Juniper, or Cisco security product suites.
• Strong hands on experience in installing, troubleshooting, configuring of Cisco 7200, 3800, 3600, 3400, 2800, 2600, 2500 and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
• In-depth knowledge and hands-on experience in ISP Routing Policies, Network Architecture, IP Addressing, Sub netting, ARP, VLSM, TCP/IP , MPLS, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Ping Concepts.
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
• Experience in working with video from end-point in the network to the backend.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
• Experience with working on Juniper Devices like, M320 and MX80, MX960, MX480 and Juniper EX Devices such as EX2200, EX2500.
• Extensive knowledge in different networking protocols DHCP, DNS, FTP, VOIP (SIP, H.323, MGCP), Quality of Service (QOS).
• Experience with Layer 2 and Layer 3 protocols like LDP, RSVP/ TE, QOS, COS L2 VPWS and VPLS, FRR.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Experience in configuring HSRP and redistribution between routing protocols troubleshooting them.
• Experience on Virtual Private Network (VPN) for operating Network and Data Center.
• Network analysis and troubleshooting tools - Sniffer Pro, Wire shark.
• E fficient at use of Microsoft VISIO/Office as technical documentation and presentation tools.
• Strong problem-analysis talent, driven by a global view/attention-to-detail approach. "Hands on" technical knowledge Experience with different Network Management Tools and Cisco works support 24 x 7 Network Operations Center.
• Exceptional experience working in fast-paced, deadline-oriented environments.

TECHNICAL SKILLS

• LAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, NAT, PAT, STP, RSTP, PVST, MSTP.
• Cisco Switches, Cisco Routers, ASA/Pix firewalls, VMware.
• OSPF, IGRP, EIGRP, RIP, MPLS, IS-IS, BGP , Multicasting.
• Cisco PIX, Blue Coat.
• Cisco Works 2000, Solar Winds, Wire Shark, AppNeta, HRPing.
• Windows 7, Vista, XP , 2000, LINUX, Cisco IOS, IOS XR. Cisco ASR 1002/1004, 2911/2921/2951 , Cisco VG 202/204 XM, Cisco VG310, Juniper M& T series.
• Cisco works, SevOne.
• Cisco 2960, 3560,3850,4500,6500, Nexus 7k, 5k, 2k Juniper SRX (300/550), Pix (525/535), Fortinet Firewalls ASA (5520/5550/5580 ), Palo Alto 3060/5020/5050 TACACS+, RADIUS, Cisco ACS.
• IOS and Features, HSRP, GLBP, IPAM, NAT, NerMRI, NTP, DHCP, DNS, TFTP and FTP Management.

PROFESSIONAL EXPERIENCE

Confidential, Santa Ana, CA

Sr. Network Engineer

Responsibilities:

• Involved in complete LAN, WAN, Extranet redesign (including IP address planning, designing, installation, Pre-configuration of network equipment, testing, and maintenance) in both Campus and Branch networks.
• Working with local IT personnel on troubleshooting, problem determination, diagnosis of performance issues, bandwidth issues, throughput traffic prioritization to improve overall application response time across WAN.
• Participating in the design and planning aspects of the network infrastructure installed in the new building.
• Worked with MPLS for redirecting data from one network node to another network node based on the shortest paths.
• M anaging the entire OC data center, configure, troubleshoot and support Cisco routers (2900 and 3900 series, 1002/1004 ASR), Switches (3800, 6500, 4500 series, Nexus 7K, 5K and 2K).
• Monitor and maintain wireless Access Point Network for Confidential sites via Cisco Prime. This includes AP Alarms, Up/Down alerts, Configuration issues, Break / Fix requests and Facilitate Replacement reinstallation with third party hands and feet vendors at remote sites Wireless Troubleshoot tickets and Database Maintenance. AP’s include 1100 series, 3500 series and 3700 series
• Provide network engineering and technical support for complex network related incidents, changes and projects.
• Experience working with Infoblox Management tool and worked with Extreme networks wireless devices like Access points AP3705, AP3610.
• Coordinate, install and maintain appropriate network systems and hardware as part of ongoing transformation/migration project in the county.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
• Performed layer 2/layer 3 switching configurations like 802.1q trunking, Inter-VLAN routing, port- security, STP and Ether channel configurations.
• Responsible for Cisco ASA firewall Administration; troubleshoot ACLs, NATs, and VPNs.
• Deploy ASA firewalls in Active/Active with multi-context to support a multi-tenant environment using VRF-Lite.
• Configured ASA 5540 to ensure high-end security on the network with ACLs and Firewall. Assigned a security level (0-100) on Cisco ASA and the number vary with the trust issues.
• Plan, design, implement new cisco network infrastructure for voice and data services from scratch on every single site part of multiple government agencies across OC, evaluating and interacting with third party power, cable and circuit vendors to meet client requirements according to the migration project.
• Installed and configured storage VMware and worked Flex team for Configuring and installing Dell Power Connect switch 5548 and increasing their Bandwidth Usage.
• Troubleshoot/Implement Wan Connectivity in an enterprise MPLS environment: PE / P / CE Routers.
• Configuring and implementing F5 BIG-IP,LTM,GTM load balancers to maintain global and local traffic.
• Worked with MPLS to improve quality of service (QoS) by defining LSPs that can meet specific service level agreements (SLAs) on traffic latency, jitter, packet loss and downtime .
• Update the IOS, VLAN changes, Port configurations, Test Fiber connections, Install UPS’s, Update all databases (CMDB), work trouble tickets.
• Worked with InfoBlox (a DNS, DHCP, IPAM appliance) updating DNS & DHCP configurations within multiple network views through InfoBlox and MS DNS/DHCP consoles.
• Worked with voice team for transformation of sites and provided Network cut-over from Confidential Data Center.
• Worked on Checkpoint Firewalls primarily tasks involving NAT policy changes, policy management.
• Handled SRST and implemented and configured the Gateways, Voice Gateways.
• Troubleshoot/Maintained/Implemented Routing in an MP-BGP enterprise environment.
• Perform troubleshooting and monitoring of incidents queues and executing network changes as required.
• Analysis of current system configuration and use to provide recommendations for future project planning, improved efficiency, and capacity planning.
• Opening and Managing Cisco TAC Cases.
• Participate on the On-call network support schedule.

E nvironment: LAN/WAN, DNS, DHCP, DDNS, TFTP, IP4, SevOne, VPN, F5 Load balancers, Cisco Catalyst 6500/4507/3850/3560 Switches Nexus 7K/ 5K /2K, Cisco ASR 1002/1004, ISR 2911/2921/2951 , VG 202/204/310, Cisco ASA 5545 Firewall, NAT / PAT, IPsec.

Confidential, NYC, NY

Sr. Network Engineer

Responsibilities:

• Configuration and installation of LAN switches and wireless network infrastructure equipment and cabling all uplink and user network connections.
• Participated in testing the internal network infrastructure in the new building, troubleshooting and remediating any issues.
• Deployed Cisco Catalyst 6500, 4500, 3750, 3850, 3560 (Layer 2 through 7) and Cisco ASR 1000, 7000, 9000 series routers.
• Involved in Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Intervlan routing and LAN security.
• Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
• Expertise in configuring and troubleshooting of Palo Alto, Fortinet, Juniper NetScreen & SRX Firewalls and their implementation.
• Enable LDAPS on Infoblox and addition of subnets in DNS and IPAM in Infoblox.
• Experience configuring VPC, VDC and ISSU Software upgrades on Cisco Nexus 7010
• Configuring Palo Alto policies and setting different device configurations.
• Experienced working with Nexus OS, IOS, CATOS and Nexus 7K, 5K & 2K Switches.
• Configured session persistence and web services.
• Wirelesses network troubleshoot and support based on CISCO Aironet 1100,1200, Cisco 1520/1522 Mesh Access Points.
• Deployed Juniper switches EX4500 and EX4200, M7i, M10i and MX480 routers.
• Involved in software development and testing using C language on Linux and Unix Platforms.
• Expertise in Cisco ASA 5525 firewalls with ACL security in a multi-VLAN environment.
• Configured Firewall DMZ zones.
• Troubleshooting the Juniper SRX 210 and 240 series, Juniper NetScreen routers with Site-Site VPN, and firewalls.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Responsible for the oversight of all security devices on the network i.e. Checkpoint firewalls (IPSO), IDS.
• Design and Implement DMZ for FTP, Web and Mail Servers with Cisco PIX 506, PIX515.
• Configured RSTP, MST and used VTP with 802.1q trunk encapsulation. Provided port binding and port security wherever required. Provided router redundancy through HSRP.
• Experience with configuring OTV between the data centers as a layer 2 extension.
• Worked with Palo Alto firewalls PA5050 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall.
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
• Worked and performed troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP , OSPF, and BGP ability to interpret and resolve complex route table problems.
• Experience with Security- Firewalls, NAT / PAT, IPSEC, S2S.
• Implemented many number of security policy rules and NAT policy rules on Palo Alto, created Zones, Implemented Palo Alto Firewall interface, Palo Alto IDS and VLAN.
• D esigned and implemented F5 Big IP load balancers that resulted in improving application performance.
• Performed successfully physical to virtual and virtual to virtual conversions of physical/virtual machines using VMware Converter.
• Installed and monitored extreme networks S-series, 7100 stackable switches and E4G-400, 1800 router to support VMware machines.
• Configured static NAT, dynamic NAT, dynamic NAT overloading.
• In-depth expertise in the implementation, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Analysed the Policy rules, monitor logs and documented the Network/Traffic flow Diagram of the Palo Alto Firewalls placed in the Data Center with MS Visio.
• Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA) on F5 BIGIP appliances.
• Interacted with various inter and intra-department groups on both a technical and a personal level.
• Installed, configured and set security policies on cisco and checkpoint firewalls, VPN.

Environment: LAN/WAN, DNS, DHCP, DDNS, TFTP, IP4, IP6, VPN, F5, CISCO ACE 4710 Load balancers, GSS, Cisco Catalyst 6500/4500/4000/3750/ 3850/3560 , Nexus 7K/ 5K /2K, Juniper EX4500/EX4200, M7i/ M10i Firewalls, NAT / PAT, IPSEC, S2S, Juniper SRX 210/240 and Palo Alto Firewalls.