SKILLS SUMMARY:

Switching & Routing: Catalyst, Nexus, BGP, EIGRP, OSPF, IPv6, HA setups Design & Engineering

Security: Cisco ASA, Juniper SRX, Checkpoint, L2L IPSec/SSL VPNs, Fortinet

Load Balancing: F5 ADC (LTM + GTM), SSL offloading, DNS, BIND, iRules, DNSSEC

EXPERIENCE:

Confidential, East Rutherford, NJ

Sr. Network Engineer

Responsibilities:

• Engineered & deployed inter - site connectivity among Federal Reserve Banks via GRE over IPSec VPNs / using EIGRP dynamic routing on ASR routers. Designed and deployed dual homed IPv6 BGP links with ISPs for Confidential of New York. Upgraded, administered Cisco ASR and 7600 routers.
• Designed AAA enterprise wide HA solution and migrated Cisco ACS 4.x group to VMware v5.x and then to ISE
• Lead deployment of Nexus 5K + FEXs to replace existing Cisco 4500 series. Upgraded, Nexus and Catalyst switches, configured and administrated vPC, Trunks, Link aggregation, Spanning Tree, VLANs on Nexus and Catalysts.
• Lead enterprise wide hardware refresh project for Big-IP F5 LTM, GTM load balancers. Cutover from 6400 series to 6900 with minimum downtime and 6900 to 7200 platform. Upgraded, troubleshot and administered F5 LTM and GTMs for Wide IPs, iRules, monitors, VIPs, Pools, NATs etc using TMSH. Replaced/restored bad units in HA using RMA and restored from UCS backups. Synced FIPS modules, added removed GTMs to/from sync groups. Used Zone Runner to manage DNS and BIND on GTMs. Moved/migrated inline vlans from/to F5 LTMs.
• Lead project to upgrade Netscreen firewalls to SRX series HA clusters with minimum downtime. Configured Juniper SRX 650, 5400 firewalls for routing, switching and managed security policies. Administered, upgraded, configured and troubleshot Juniper SRX firewalls HA clusters, security zones and security and NAT policies.
• Designed, upgraded and deployed Cisco ASA firewalls in HA setup. Optimized firewall rule base to “least privilege” model. Administered NATs, L2L IPSec VPNs, ACLs, Policy Maps, Anyconnect users on ASA firewalls. Planned and successfully migrated legacy Cisco IPSec VPN clients to smartcard & certificate-based Cisco Secure Mobility Client solution for Bureau of Fiscal Service 1000+ users on Cisco ASA using SSL VPNs with LDAP authentication. Migrated IKev1 VPN tunnels to IKEv2 IPSec tunnels successfully. Setup ASA HA Clusters. Extensive experience with L2L VPNs.
• Upgraded checkpoint firewalls to GAIA R77.30 and to R80.10. Administered checkpoint firewalls and gateways using Smart Dashboard, Smartview Tracker, Smart monitors. Used Provider-I CMAs/domain managers to manage multiple domains. Configured global and local policies, static and dynamic NATs, Antispoofing. Troubleshot issues using CLM and Smartview Trackers.
• Implemented various type of connections with Business Partners using VPN, Internet and private circuits. Extensive experience in design, deployment and administration of firewall and NAT policies on Cisco ASA, Juniper SRX, Checkpoint, Junos SPACE, Fortimanager platforms.
• End to end connectivity troubleshooting with Wire shark, TCP dump, packet captures, packet tracers. Troubleshot wide variety of switching, routing, load balancing and server related TCP/IP issues.
• Managed VMWare infrastructure using vSphere clients, vCenter. Provisioned and managed VMs and Hypervisors.
• Lead project to deploy DoD security guidelines, passed PCI audits. Worked with auditors to achieve compliance status for the enterprise security infrastructure. Worked with vendors and customers to remediate various vulnerabilities and engineered / scheduled deployment of bug fixes, security patches and code upgrades.
• Setup syslog and HP NNMi monitoring systems to proactively catch the network alerts.
• Administered network engineering Disaster Recovery Exercises. Tested failovers, HA firewall pairs, BGP, VPN, GRE, dynamic routing failover scenarios in the event of a natural disaster.
• Documented various projects How Tos via diagrams and guides for operations team. Worked in ITIL/Remedy environment to approve, execute changes.

Confidential, Somerset, NJ

Sr. Network Engineer

Responsibilities:

• Deployed VMWare hosts and various OS instances with wide variety of hardware specs.
• Configured network load balancing on Cisco CSS, CSM. Setup and managed Zeus, F5, Netscalers.
• Migrated from CSS platforms to F5 LTM and Netscalers in HA configuration.
• Designed, managed Cisco ASA firewall with customized access control polices, Policy NAT, VPN tunnels, SSL certificates. Extensive experience with Cisco ASA IPSec VPN tunnels.
• Configured IPSec, anyconnect, WebVPN mobility clients with RADIUS and certificate-based authentication.
• Managed branch size Cisco switches to setup VLANs, Trunks, Ether channels, STP, HSRP
• Integrated firewalls, switches and load balancers to existing production infrastructure to increase capacity.
• Troubleshot wide verity of layer2, 3 and 4 networking issues involving firewalls, switches, routers and load balancers. Worked on client’s firewalls to pass PCI audits.
• Designed and integrated high availability setups with redundant switches, HA pair firewalls and fault tolerance load balancers to meet 99.9% uptime SLAs.
• Managed 500+ VPN tunnels on ASA5500, setup failovers, upgraded licenses and IOS, DDOS mitigation, configured and tested state full failovers.
• Designed setup and optimized network solutions based upon customer’s requirement.
• Upgraded licenses, IOS, hardware modules in ASAs, Routers and switches.

Confidential, Newton, NJ

Network Engineer

Responsibilities:

• Managed, installed Cisco 2900, 3700, 6500 switches, 1800, 2800, 3900 routers.
• Configured T1, DSL, MPLS circuits on Cisco routers for WAN connectivity. Setup backup circuits for automatic failover from primary.
• Upgraded routers, switches OS, Setup routing with IP SLA monitoring and tracks.
• Worked with circuit vendors to successfully resolve latency, packet loss, route flapping issues
• Inbound and outbound traffic analysis with MRTG, monitored load on managed lines.
• Established WAN connectivity between datacenter and remote sites via various WAN connectivity options DSL, Cable, T1.
• Worked on Cisco firewalls, Pix and ASA 5500 series. Setup IPSec L2L VPN, Secured traffic via access-list filtering, policy Nat, class-maps inspections, crypto maps for VPN tunnels, dynamic and static VPN tunnels management. Upgraded licenses and setup failover.
• Configured Cisco Anyconnect SSL VPNs, Cisco Secure Desktops, and Cisco IPSec VPN client connections, anyconnect Webvpn, L2LVPN turn ups and troubleshooting between Cisco firewalls and routers.

Confidential, Newton, NJ

Network Engineer

Responsibilities:

• Configured and tested Cisco firewalls, Switches and routers. Configured T1 and DSL as backup.
• Tested automatic internet and VPN failovers, static routing in monthly failover tests.
• Responsible for managing server 2003 domains, active directory infrastructure and AD administration on 2950, 2650 Dell servers,, AD permissions, rights assignment, Group policy settings, domain trusts, managed Active Directory users and groups, configured and restored backups using Symantec backup exec, Dell open manage alerts Network monitoring with IP Monitor, Server Imaging, Image restoration, hardware upgrades. Created RAID 0, 1, 5 on servers. Managed daily tape backup jobs.
• Work directly with clients and customers and provided live phone and e-mail support on various issues using TAS ticketing system. Successfully closed tickets after resolving various types of technical issues.

Confidential, Newton, NJ

Network Engineer

Responsibilities:

• Designed, Configured and implemented IP subnets in a domain, connected them securely using Cisco, Linksys, Sonic wall routers, Dell, Linksys Switches, PIX and Sonic wall firewalls by creating access list rules, trouble shooed WAN, LAN connectivity problems.
• Worked to upgrade, repair, and assemble hardware in Dell 1900 servers and workstations, Configured RAID 1, 5 and 10 on servers, skills in data recovery/integrity, disaster recovery planning and implementation.
• Fully configured DHCP, DNS servers, exchange mailboxes, SSL VPN tunnels, phone and remote support to more than 500 users using the tiger paw ticketing system.
• Set up LAN/WAN networks and resolved connectivity issues.
• Administered, optimized and supported LAN/WAN infrastructure consisting of windows 2003 Active directory and more than 300 XP, 2000 desktops. Analyzed and resolved the network connectivity issues.
• Implemented Local, domain level group polices assigned permissions and user rights in server 2003 environment.