PROFILE:

• 7+ years of experience in Network design, Security, Tier support of Networks in various environments.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
• Extensive experience working on Cisco and Juniper routers/switches in complex environments with multiple ISPs.
• Experience working on Cisco Catalyst Series3750, 4500, 4900, 6500; Nexus 2000, 5000, 6000, 7000 and 9000 series switches.
• Worked on Cisco 7200, 3800, 3600, 2800, 2600, 1800 series Routers and Cisco 2900, 3500, 4500, 5500, 6500 and Nexus 5K series switches and Sound knowledge of Routing and Switching concepts and MPLS design.
• Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
• Expert in dealing with Networking Protocols and Standards such as TCP/IP, OSI, UDP, Layer 2 (VLANs, STP, VTP), Routing Protocols (RIP, EIGRP, OSPF, BGP).
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Experience in troubleshooting NAT configurations, Access - Lists (ACL), and DNS/DHCP related issues within the LAN network.
• Overall systems and network administration of Cisco Meraki hardware
• Experience in installing and configuring DNS, DHCP server.
• Configure VRRP & GLBP and VLAN Trunking 802.1Q & ISL, STP, Port Security on Catalyst 6500 switches.
• Hands on knowledge in AAA protocols such as RADIUS, TACACS+ and Cisco ACS.
• Experience on Monitoring and Management tools such as HP Open view, Splunk, TCP dump, Solar Winds and Wireshark/Ethereal, Cisco Prime.
• Working Knowledge on deploying and troubleshooting wireless network management system (WNMS)
• Experience on designing, deploying, and operating F5 LTM/GTM products.
• Demonstrated expert experience with the operation of Aruba network devices and configuration commands
• Extensively used TCP/IP tool like TELNET for remote login to the routers and SSH for secure login.
• Working experience performing Incident, change management using ticketing tools such as ServiceNow, Remedy.
• Responsible for Configuration and administration of firewalls, which includes Checkpoint, Juniper, and Cisco ASA firewalls.
• Experience in risk analysis, security policy, rules creation and modification of Cisco ASA networks.
• Checkpoint Firewall troubleshooting and policy change requests for new IP segments that either come online or that may have been altered during various planned network changes on the network.
• Strong hands on experience in Monitoring and Troubleshooting of Cisco's ASA 5500 Firewalls.
• Replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
• Extensive skills with Aruba Airwave, Clear Pass, AP’s.
• Experience with Meraki switches, access points and Meraki dashboard.
• Established VPN tunnels between Cisco routers and Cisco Firewalls and Palo Alto Firewalls.
• Performed IOS Software upgrades on switches Cisco 6509, 4510, 3750 and Cisco ASR for compatibility with Cisco ISE.
• Implemented Cisco Application Centric Infrastructure (ACI) as a solution for data centers using a Spine and Leaf architecture
• Used Cisco ACI Fabric which is based on Cisco Nexus 9000 series switches and Cisco Application Virtual Switch (AVS).
• Good knowledge in SD-WAN technology in involving discovery design and implementation of client's network.
• Assisting with the design and deployment of a Cisco Firepower cluster in the core.
• Knowledge of JUNOS platform and worked with JUNOS upgrade of Juniper devices.
• Experience in A10 and F5 Load balancers such a BIG-IP LTM and GTM modules.
• Infoblox to provide DNS, DHCP, IPAM, administration services.
• Mapped, Network Diagrams and physical identification in MS Visio.
• Provide hands on management of Data Center services, including rack and cable management.
• Cisco Security: Telnet, SDM, NAT/ACLs, AAA, Layer 2 Security, IPS/IDS, Cisco (ASA, PIX) 5510, Cryptography, VPN, IPsec.
• Experience in physical cabling, IP addressing and sub netting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies
• Reliable and collaborative team leader, member, or independent contributor, with proven ability at managing multiple priorities / projects in fast-paced environments.

HARDWARE AND SOFTWARE TECHNICAL SKILLS:

Routers, Switches: Cisco (Nexus; 2k, 6k, 7k, 9k, ASR, ISR) Juniper (MX, M, PTX and SRX, vSRX) Alcatel (SR7750, OS6850) Nortel (DMS500, DMS250) Foundry/Brocade

Network OS and Software: SDN, Open Daylight, OpenFlow, VIRL, Nexus, NX/OS, ACI, Cisco IOS-XE, JunOS, ScreenOS, AOS, SR/OS

Load Balancers: A10, F5 BigIP/IQ, Viprion, LTM, GTM, ASM. AFM, Cisco ACE, CSS11000, Foundry/Brocade

Protocols: MPLS, VPLS, VOIP, ATM, SONET, Frame Relay, POS, BGP, EIGRP, OSPF, SNMP, ISIS, TCP/IP, IPsec, SSL/TLS, VxLan, Fabric Path, ACI, DMVPN, iwan

Packet Analysis: Wireshark, T-bird, RF Analysis

Packet and Application Firewalls: F5 BigIP ASM, AFM, Checkpoint NG, Juniper SRX, Palo Alto, Cisco ASA/PIX/FWSM

VPNs: Cisco ASA, Palo Alto, Checkpoint, Juniper, IPsec, SSL

Encryption: PKI and Symmetrical Cryptography RSA, ISAKMP, IKE, AES, 3DES, DES, RSA, RC4-6, Blowfish, DH, DSA

Network / Security Automation / SDN: SDN, Open Daylight, ACI, Firemon, Tufin, SD-WAN, Open Flow, REST

Virtualization: VMware ESXi, KVM, Containers, Zones, Hyper-V, AWS, GCE

Programming and Scripting: Bash, Shell, Python, Ansible, C++, Low-Level Assembly and C

OS: Linux, Solaris, HP/UX, AIX

PROFESSIONAL EXPERIENCE:

Confidential, Austin, TX

Sr. Network Engineer

Environment: Cisco 2960,3750,3850,4500,6500 switches and Cisco 3945, ASR 1004,1002-X routers, Cisco ASA-5585,5500,5520,5555 firewalls, Palo Alto PA-5260,5060,3060,3020,500 firewalls, Cisco Nexus 7K/5K/2K, Cisco ISE, F5 Big-IP LTM & GTM, SÁ 5500 firewall, ASR router 1002/1006, Cisco ACI, Cisco ISE, F5 LTM 1600/6400, juniper EX-2200, EX-4200, M-320 router, juniper SRX 5800 Firewall. SD-WAN, Citrix NetScaler, OSPF, BGP, EIGRP, VLANS, LAN, WAN

Responsibilities:

• Installing and configuring new Cisco equipment including Cisco catalyst switches 3850, 3750, Nexus 5548 and Nexus 2k as per the requirement of the Organization.
• Configure and installation Cisco prime infrastructure to deploy IWAN.
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel on CISCO Catalyst Switches 3500, 3650, 7600.
• Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 security appliance, Failover DMZ zoning and configuring VLANs/routing/NAT with the firewalls as per the design.
• Managed Firewall and Router configurations as well as Spam filtering. Migrated Firewall from Cisco ASA to Cisco Firepower
• Established IPSEC VPN tunnels with ASA 5500 series Firewall between some branch offices & headquarters.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Experience with working on Palo Alto Next-Generation Firewalls Security profiles.
• Configured and implemented F5 BIG-IP GLB and LTM load balancers.
• Modified and reconfigured Two factor authentication BIG-IP APM authentication.
• Created Access policies on APM module using AD and LDAP authentication for external clients.
• Worked on F5 Enterprise Manager 3.1 version to manage multiple F5 LTM devices from single-pane view.
• Worked on F5 LTM series like 1600, 6400 and Viprions for the corporate applications and their availability.
• Installing and configuring F5 Load balancers and firewalls with LAN/WAN configuration.
• Created systems architecture diagrams to implement SD-WAN
• Deployed Cisco security ASA Firepower services on two Cisco ASA 5525.
• Working with the Trouble Tickets on A10 & F5 Load balancer.
• Worked with Blue coat and handled the Trouble Tickets on F5 Load Balancers.
• Migration from Cisco firewalls to Palo Alto firewalls platforms PA 4000 and PA 500 and PA- 200 firewalls network technologies.
• Focused on working with Cisco Channel partners to build practices around Cisco ACI.
• Expert in troubleshooting production issues and resolving incident and change tickets related to Cisco ACI.
• Apply Cisco ISE configuration to switches.
• Worked with Cisco ISE to identify threats in the network for rapid containment and remediation.
• Performed Troubleshooting and monitored routing protocols such RIP, OSPF, EIGRP & BGP.
• Worked on VM Ware migration from physical servers to virtual servers.
• Coordinate with multiple vendors (Cisco, Juniper, etc.) to troubleshoot network outages and issues.
• Configuration and troubleshooting of CSM, integration with ASA devices.

Confidential, Dearborn, MI

SR. NETWORK SECURITY ENGINEER

Environment: Cisco 2960,3750,3850,4500,6500 switches and Cisco 3945, Cisco ASA-5585,5500,5520,5555 firewalls, Palo Alto PA-5260,5060,3060,3020,500 firewalls, SD-WAN, Cisco ACI, ARUBA CLEARPASS/ ARUBA AIRWAVE, juniper EX-2200, EX3200, EX3400, EX4200, EX6200 switches, M-320, MX480, MX960, PTX1000 routers, juniper SRX 5800 Firewall, OSPF, BGP, MPLS, WAN

Responsibilities:

• Responsible to support AWS network connectivity and Amazon retail website to be available without interruption.
• Performed regular upgrades to network infrastructure components and diagnosis of complex networking problems by developing detailed implementation plans including communication strategies, validation and back out procedures.
• Troubleshoot network problems in Network Operations branch.
• Working in Internet Edge team to troubleshoot BGP problems in transit center worldwide.
• Upgrading Juniper OS in MX480, MX960 and PTX1000 routers to latest version 17. .104 upgrading Juniper OS in EX Series switches to version 13. .3
• Responsible to give support after JUNOS upgradation task.
• Automating the installation of software's through Ansible scripts.
• Hands-on experience in escalating JTAC case in hardware issues.
• Assigned to communicate with peers to establish and maintain BGP sessions.
• Great experience with prechecks and post checks like network capacity, accessibility during upgradation task.
• Assisted with providing requirements for implementing SD-WAN across an enterprise.
• Assisted in migration of traditional Data Center infrastructure having Nexus 5k, 7k to Cisco ACI.
• Installed and upgraded configuration on F5 devices for approved change orders.
• Configured Virtual servers on F5 LTM Hardware load balancers
• Configured F5 LTM solutions, which includes VIP, Pool Load Balancing Methods, probers and monitors
• Worked on Cisco ACI Fabric 3.0 consisting of 9372TX Leaf nodes, 9504 Spine and UCS 220 M4 APIC.
• Having experience in traffic shifting automation and traffic engineering.
• Performing GIT operations and changes using GIT repository.
• Hands-on experience with python scripting to generate code reviews for bigger changes.
• Remotely deploying configuration files to devices through python automation in worldwide AWS Data centers.
• Coordinating with core network teams to troubleshoot OSPF and MPLS issues.
• Assigned to troubleshoot, diagnose, and solve issues across large, complex Airwave Aruba estates.
• Hands-on experience in Data Center management with Cisco Nexus switches.
• Implemented Meraki switches, access points and Meraki dashboard.
• Migrating all cisco switches (2960, 3750, 3850, 4500, and 6500) to related juniper switches (EX3200, EX3400, EX4200, EX6200).
• Implemented site to site VPN in Juniper SRX for different locations.
• Hands-on experience with Airwave Aruba Wireless issues related to RAP-303, RAP-155, RAP-3, Provisioning and Troubleshooting for Kiosk.
• Modified Ansible scripts and tools to automate the Cloud deployment and operations.
• Created S3 buckets in the AWS environment to store files, sometimes which are required to serve static content.
• Core Network Migrations and Replacements for the devices with end-of-life and end-of-support, which also includes the Cisco ASA to Palo Alto firewall migration across multiple agencies.
• Responsible for network uptime and all changes are executed on times.
• Coordinating with the network staff to develop and enhance processes and procedures for disaster recovery.
• Configuring Static, BGP and OSPF Routing Protocols on Juniper Routers.

Confidential, Hartford, CT

Network Engineer

Environment: Cisco 6500/4510/4500 X/4948/3560X switches, Nexus 9000, 5000,3000, 9504, 9300, 3200, 2308, Cisco ASR 1k/7200/3925E/2951E GSR 7000/12000 Routers, Cisco ISE, Nexus 2k/5k/9k, Cisco Nexus 7000, ASA 5500/5510/5540 fire walls, Windows 2000/2003/2008/ R2/2012, Palo Alto firewalls, F5 load balancer LTM >M, Citrix Net scalar, BGP, EGBP, VPC, VDC, OSPF

Responsibilities:

• Installing, Configuring and troubleshooting Cisco Routers (ASR1002X, 3945, 3845, 2800, 3600) and Switches to perform functions at the Access, Distribution, and Core layers.
• Installing, Maintaining and Troubleshooting of Cisco ASR 1K, 7200, 3925E and 2951E Routers and Cisco 6500, 4510, 4500-X, 4948, 3560X, 3750X and 2960S Switches for deployment on production.
• Responsibilities include software upgrade, license activation, configuring/installing Nexus switch 9000, 5000, 3000, 9504, 9300, 3200, 2308, F5-5050 and maintaining network documentation.
• Hands-on Experience with CISCO Nexus 7000, Nexus 5000, and Nexus 2000 platforms.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Configured DNS and DHCP for servers using Infoblox.
• Expert in design, configuration and deployment of F5 Solutions with extensive experience working with APM and ASM technologies.
• Responsible for configuration of A10 load balancer.
• Experience with LAN protocols like VSS, STP, RSTP, MST, VTP, and VLAN.
• Configured Cisco ISE for Domain Integration and Active Directory Integration.
• Worked with Cisco ASA 5500-X with Firepower services.
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Building the VPN tunnel.
• Optimized IPS signatures on the Cisco Fire Power management center to reduce false positives by disabling unnecessary rules and using the threshold, suppression, and pass rules features.
• Configured Easy VPN server and SSL VPN to facilitate various employees' access internal servers and resources with access restrictions
• Configured Cisco AMP (Advanced Malware Protection) for endpoint security systems.
• Working and Deployment experience with Cisco AMP to clean up the viruses and custom detection to control malware outbreaks.
• Configured EBGP load balancing and Ensured stability of BGP peering interfaces
• Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
• Maintain and configure L2 and L3 services in MPLS.
• Implemented site to site VPN in Juniper SRX as per customer.
• Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.

Confidential, Dallas, TX

Network Engineer

Environment: Cisco routers 1601, 1721, 1841, 2505, 7507 and 7513; Cisco Switches 2926, 3750, and 6509 series, OSPF, MPLS, EIGRP & RIP

Responsibilities:

• Implemented and supported local and remote using Cisco devices (Cisco routers 1601, 1721, 1841, 2505, 7507 and 7513; Cisco Switches 2926, 3750, and 6509 series).
• Implemented and supported disaster recovery facility for fail-over purpose, which included the backbone routers, VPN and DMZ networks.
• Configured static/dynamic routing for VPN customers with Managed Router Service (MRS) and customers using Proxy Radius servers. Also implemented Network Address Translation (NAT) on managed routers
• Troubleshot network connectivity/performance problems (serious fault investigation management and resolution).
• Monitored LAN and WAN links and handled capacity planning which included installation, configuration and maintenance of Cisco devices (Cisco routers 1603, 2500, 7507 and 7513; Cisco Catalyst Switches 2926, 5005, 5505, 6509 and 8540).
• Troubleshot network connectivity /performance problems and provided resolutions.
• Tested L2 protocols (VLAN, STP, flavors of STP, PVST, HSRP, and VRRP & LACP) and routing protocols (OSPF, MPLS, EIGRP & RIP). Testing network features: NAT, ACLs, Multicast, Traffic shaping, queuing on an L2 and L3 switches.
• Network maintenance and system upgrades (service packs, patches, hot fixes and security configurations).
• Worked within established configuration and change management policies to ensure awareness, approval and success of changes made to the network infrastructure
• Selected and implemented security tools, policies, and procedures in conjunction with the company's security team and liaise with vendors and other IT personnel for problem resolution
• Configured and troubleshot PPP WAN connectivity of T1 & NxT1 between access router & remote access router complexes to ATM switches.