SUMMARY

• Network professional with 6+ years of experience in routing, switching, firewall technologies, systems design, and administration and troubleshooting
• Experience in testing Cisco and Juniper routers and switches in laboratory scenarios and deploy on site for production
• Experience on Cisco Catalyst and Nexus and Juniper EX and QFX switches
• Experience on Cisco ISR and ASR series routers and CUBEs and Sonus SBCs
• Experience on F5, Citrix and Cisco load balancers
• Experience on Cisco ASA, Juniper, Checkpoint, PaloAlto and Fortinet firewalls
• Experience on IDS, IPS and ISE
• In - depth knowledge of Cisco ISE, ACI, Prime, ASA and Juniper Netscreen Firewall security, spanning-tree, vlans, TCP/IP, RIP, OSPF, QOS, VRRP and VPN technologies.
• Experience on Cisco UCS and VMware ESXi hosts, vSphere, vCloud
• Knowledge and experience on Wireless LAN, Access points, WLAN Controllers and Wireless networks
• Working on Voice and Data circuits such as Ethernet, T1, T3, SONET and SDH
• Experience with design of MPLS MPLS Traffic Engineering and MPLS QOS, DIA and SAB
• Working on Datalink Layer protocols such as Ethernet, PPP, HDLC, VLANs, STP
• Working on routing protocols such as BGP, OSPF, EIGRP, RIP
• Working on Transport Layer protocols such as TCP, UDP
• Working on redundancy protocols such as HSRP, VRRP, GLBP
• Extensive experience with different networking protocols DHCP, DNS, FTP, VOIP (SIP and SCCP) and Gateway protocols H.323, SIP, MGCP
• Experience with 802.1X EAP, RADIUS and TACACS+ for AAA
• Hands on experience of Cisco UCM, Cisco UCCX, Cisco UC, Cisco ER, Cisco Expressway C and E, Cisco Jabber and Cisco IM and P
• Hands on experience of Singlewire Informacast Paging and Bridge Operator Console
• Experience on Cloud services such as Amazon AWS and Microsoft Azure and O365
• Experience in Versa, Cisco Meraki and Cisco Viptela SD-WAN technologies
• Experience on monitoring tools like SolarWinds, PRTG and Cisco Prime
• Familiar with network and application security tools and concepts like SIEM tools (Splunk), Nmap, Wireshark, Nessus
• Experience on Remedy, Spceworks and ServiceNow
• Coursework and knowledge on programming languages like C, Python and Perl

PROFESSIONAL EXPERIENCE

Confidential, Tulsa, OK

Network Design Engineer

Responsibilities:

• As a Network Design Engineer, worked on customer’s WAN and LAN designs. Daily tasks were selecting right managed router and provisioning it with suitable routing protocols and redundancy as per customer’s requirements and in compliance of PCI, CPNI, SOX and HIPAA
• Worked on MPLS, DIA and SAB WAN designs and worked on EVPL and VPLS designs
• Worked on provisioning of service provider’s Managed Router (CPE) which are deployable at customer premises
• Configure Cisco IOS based IPS like Control Plane Policing on branch routers
• Worked on IPv4 and IPv6 subnetting and provisioning
• Configured WAN and LAN on Managed Router (CPE)
• Worked on routing protocols such as BGP, EIGRP, OSPF and RIP
• Worked on provisioning and configuration of PPP, VLANs and STP
• Worked on provisioning of DHCP and DNS and configured them on CPE as per customer’s requirements
• Worked on EtherChannel and MLPPP
• Worked on SNMP and Net flow
• Worked on Multicast
• Worked on MPLS Layer 3 VPNs, IPsec VPNs and Policy Based Routing
• Worked on Fortinet FortiGate Firewall rules, NAT, PAT and ACLs
• Worked on FortiGate Threat Protection, SSL inspection, and ultra-low latency for protecting internal segments and mission critical environments
• Implementation and administration of PaloAlto and Checkpoint firewalls, and network policy management
• Creating policy and procedural documentation to ensure proper control in logging, access and auditing
• Worked on BGP Multipath, BGP passthrough and BGP Blackholing
• Worked on MPLS Traffic Engineering (QoS) such as DSCP, IP precedence, 802.1P (PCP) and EXP
• Worked on provisioning of UNIs, NNIs and NIDs
• Worked on voice gateways, SIP, PRI and BRI
• Worked on provisioning of Amazon AWS, Microsoft Azure and O365 and validation of AWS Account Number and Azure Layer 2 and Layer 3 keys
• Worked as a Subject Matter Expert (SME) of SD-WAN
• Documented network topologies and technical details using Microsoft Visio, Excel and InfoPath

Environment: Cisco ISR and ASR series routers, MPLS, DIA, SAB, Routing protocols BGP, EIGRP, OSPF and RIP, Ethernet, PPP, DHCP, DNS, EtherChannel, MLPPP, AWS, Azure, O365 and SD-WAN, IPS

Confidential

Network Engineer

Responsibilities:

• Worked as a part of Unified Communications team where our tasks were configuring Cisco UCM, Cisco UC, Cisco CCX, Cisco ER, Cisco ISR 4331 for voice gateways, Cisco voice gateway VG350 for analog phones and faxes, Cisco Expressway C and E, Cisco IM and P, Cisco IP Phones and Cisco CSF, dual mode for iPhone, dual mode for Android for Jabber and Cisco Finesse for agents
• Worked on Checkpoint firewalls and configured ports to allow traffic between Expressway C and E
• Configure dynamic, static and manual NAT policies as required
• Back up, restore and upgrade check point firewalls
• Worked on Cisco Unified Computing Systems and VMware
• Configured Bridge operator Console for Cisco environment and set up BOC attendant console on operators’ workstations.
• Worked on Singlewire Informacast Paging system, configured paging gateways and set up paging through Cisco IP phones
• Worked on Sonus SBC 2000 series SIP gateway and configured SIP for voice calls and PRIs for Faxes.
• Daily tasks were configuring IP phones 7841s, 8841s and 8851s with sidecars and Unified Messaging for users
• Configured Cisco Unified SRST for call processing back up redundancy during network failures at remote sites.
• Worked on various issues such as UCS hardware issue. Replaced RAID controller and TMM of UCS as they were faulty.
• Worked on an issue that inbound calls were failing on redundant WAN connection. Changed transport layer protocol to TCP on the remote GW to communicate with CUCM at main campus as logs were showing communication between GW and CUCM failed.
• Worked on Cisco WLAN indoor Aironet 2800 and 3800 series and outdoor Aironet 1560 series Access Points
• Worked on Cisco 8500 series Wireless Controller
• Worked on ACLs and NATting
• Worked on Microsoft SCCM and SCOM
• Worked on Microsoft Internet Information Services
• Worked on day to day tickets and resolved them
• Worked on documentation, Visios

Environment: Cisco ISR 4300 Routers, Cisco voice gateways VG350, Cisco UCM, Cisco UC, Cisco UCCX, Cisco ER, Cisco IM and P, Cisco Expressway C and E, Cisco Jabber, Cisco UCS, Cisco IP Phones 7841s,8841s and 8851s with Sidecars, Bridge OC, Singlewire Informacast

Confidential, Bothell, WA

Network Engineer

Responsibilities:

• Worked as a part of network team where my daily tasks were configuring Cisco ASR 1000/9000 routers and Cisco 800 series routers, and Cisco ASA 5555-X firewalls
• Configure site-to-site VPNs on cisco ASA, manage policies and rules
• Implemented IPsec SMVPN tunnels from Confidential facility to customer’s end
• Worked on migrations of 5000+ VPN tunnels to new Cisco ASR routers from Legacy 7000 series routers
• Supported and helped customers to implement VPN tunnels, policies, ACLs and NATting on Cisco ASAs, Palo Alto, Juniper, Checkpoint and Fortinet firewalls
• Worked on Cisco IDS/IPS and ISE
• Worked on troubleshooting of VPN tunnels to support customer’s end medical devices
• Worked on configuring DMVPN hub and spoke routers to support hospital’s onsite routers
• Worked on WAN technologies frame-relay and DSL to plot VPN tunnels on ISP’s leased lines
• Worked on redundancy protocols HSRP and VRRP to maintain connectivity
• Administered Citrix Netscaler and evaluated common crashes, identifying new bugs and new use cases involving Citrix products
• Worked on Microsoft Active Directory and SCCM and SCOM
• Worked on Blue Coat ProxySG and SSL traffic, content caching and traffic optimization, bandwidth management, streaming media and splitting and caching
• Worked on ProxySG Web 2.0 threat protection and Proxy avoidance blocking
• Worked on de-configuring and decommission of Cisco Nexus 3000 series switches, Cisco ISR 1900 series routers and decommission of HPE ProLiant data storage devices

Environment: Cisco ASR 1000 and 2000 routers, Cisco ISR 1900 routers, Cisco 800 series routers, Cisco Nexus 3000 switches, HPE ProLiant data storage devices, SMVPN, DMVPN

Confidential, IL

Network Engineer

Responsibilities:

• Worked as part of delivery team where my daily tasks included code upgrades, prefix-list addition, and access-list addition using python script and on Linux platform
• Worked on Automation tool called Autopilot an internal tool used for code upgrades and configuring of new devices at different data centers
• Installed and configured LAN and WAN Networks, Hardware and Software on Cisco Routers and Switches
• Implemented IPv6 addressing scheme for routing protocols on Cisco ISR routers 2800, 2900, 3800 and 3900 and VLANs on switches
• Experienced working with Juniper devices like EX2200, EX4200, EX4500, MX480, SRX650, SRX240 and Juniper J230, M 320 and MX960 routers
• Migration and implementation of Palo Alto Next-Generation Firewall series PA500, PA3060, PA5060, PA7050, PA7080
• Installed and maintained production servers for client services (Web, DNS, DHCP, Mail)
• Worked on BGP routing protocol, configuring BGP sessions and troubleshooting on Nexus 1K, 5K, 7K, Juniper MX-960 routers and cisco ASR routers
• Responsible for planning, documenting and implementation of complex Firewall and VPN solutions
• Experienced on working with Palo Alto and Fortinet Next Generation firewall with security, networking, and management features such as URL filtering, Anti-virus, IPsec VPN, SSL VPN, IPS, Log Management etc.
• Designed perimeter security policy, Implemented Firewall ACL's, allowed access to specified services, Configured Client VPN technologies including Cisco's VPN client via IPsec
• Configuring firewall rules in Juniper SRX firewall using cli and NSM
• Worked on configuration of new VLANs and extension of existing VLANs onto the necessary equipment to have connectivity between different data centers
• Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability and knowledge on implementing and configuring F5 Big-IP LTM-6400 load balancers
• Coordinated with the Application Teams to develop effective Application validations involving F5 LTM and GTM components
• Worked on Cisco wireless LAN technologies and Switching. Configured Virtual server, service groups, Session persistence, Health monitors and Load balancing methods in new F5 and A10 LTMs. Configured WIDE IP and WIDE IP pool on F5 GTM’s to support load balancing between data centers.
• Installation and configuration of Microsoft Proxy Server 2.0 and Inflobox DNS, DHCP and IP Address Management
• Identified opportunities for implementation of network best practices, particularly F5 load balancer implementations
• Worked on Inflobox to update the DNS host and records to assist the part of the migration
• Security configuration on Wireless LAN using protocols PEAP, EAP-FAST
• Assigning RADIUS and TACAS for new deployments in production environment. AAA for users to implement changes on production devices. Most of these devices are cisco propriety
• Generating audit reports by running automated scripts on various devices in order to check the layer 2 issues like errors on the links, port flapping
• Implemented IPv4 and IPv6 on PTX platforms

Environment: Routers (1K, 5K,7K, Juniper MX-960), switches (6500/3750/3550 3500/2950 ), F5 Load balancing (LTM, GTM, APM, AFM, ASM), EIGRP, RIP, OSPF, BGP, VPN, MPLS, Cisco Catalyst Switches, Firewalls (Cisco ASA, Palo Alto), Python, Shell and Perl Scripting

Confidential

Lab Assistant

Responsibilities:

• Assembled computer peripherals and configured operating system on computers for University Labs, student’s PCs and mobile devices (BYOD)
• Installed Anti-Virus on computers and monitored vulnerability checks, Phishing and threats
• Installed education related applications on computers in Labs and student’s PCs and BYOD
• Installed Microsoft Office Suite on computers in Labs and on student’s PCs and BYOD
• Installed Cisco Routers and Switches and configured Local Area Network (LAN) in University Campus
• Installed Cisco Access Points and configured Wireless Controller for Campus Wireless LAN
• Troubleshot software and hardware related issues and LAN issues
• Learned about configuration of Cisco Firewalls and threat management

Environment: Assembling computer peripherals, installing Operating Systems, installing Anti-Virus, installing User Applications, and Microsoft Office suite, configuring LAN, troubleshooting software, hardware and LAN issues as well as configuring student’s BYOD and installing OS and Applications, Wireless LAN connectivity

Confidential

Network Engineer

Responsibilities:

• Worked primarily as a part of the security team and daily tasks included firewall rule analysis, rule modification and administration
• Worked on configuring and troubleshooting of routing protocols such as OSPF and BGP for effective communication
• Maintain LAN communication between Servers/Workstations
• Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls, installing and configuring new juniper SRX series, Checkpoint and Fortinet firewalls to meet day to day work
• Adding and removing checkpoint firewall policies based on the requirements of various project requirements
• Worked on Layer 4 load balancing to direct traffic based on data from network and transport layer protocols, such as IP address and TCP port
• Worked on Layer 7 load balancing and content switching to make routing decisions based on application layer data and attributes, such as HTTP header, uniform resource identifier, SSL session ID and HTML form data
• Worked on Citrix Global server load balancing (GSLB) to extends the core L4 and L7 capabilities so that they are applicable across geographically distributed server farms
• Installed and configured SSH (Secure Shell) encryption to access securely on Ubuntu and Red hat Linux.
• Worked on configuration and implementation of voice gateways (H323/MGCP/SIP), SRST for remote sites, CUCME and CUE distributed design
• Performed troubleshooting, fixed and deployed many Python bug fixes of the two main applications that were a main source of data for both customers and internal customer service team
• Worked on load balancers like F5 10050s, 10250v, GTM 2000s, 2200s to troubleshoot and monitor DNS issues and traffic related to DNS and avoid DDoS
• Deployment of Palo Alto firewall into the network. Configured and wrote access list policies on protocol-based services
• Configured network access servers and routers for AAA security (RADIUS/ TACACS+)
• Troubleshot protocol-based policies on Palo Alto firewalls and changing the policies as per the requirement and traffic flow
• Worked on DNS server involving configuration and resolving DNS related issues
• Wrote rules for NAC servers as per the authentication and authorization of systems within the company.
• Monitoring the network access points with the help of IBM Q Radar and Cisco prime infrastructure.
• Implemented and troubleshot IPsec VPNs for various business lines and making sure everything is in place
• IPv6 is implemented at a larger scale using cisco ASR 7200 and 9000 series routers delivering flexible service
• Installing and configuring new cisco equipment including Cisco 1900, 2900, 3900 series routers, Cisco catalyst switches 6807, Nexus 7010, Nexus 5500 and Nexus 2k as per the requirement of the company
• Worked on regular troubleshooting of BGP, EIGRP routing protocols
• Adding and modifying the servers and infrastructure to the existing DMZ environments based on the requirements of various application platforms
• Developed CTI applications with CTIOS
• Managing and providing support to various project teams with regards to the addition of new equipment such as routers, switches and firewalls to the DMZs
• Worked on Blue Coat ProxySG Web 2.0 threat protection, content filtering and inline threat analysis
• Worked on Pulse Connect Secure SSL VPN gateways
• Working closely with Data center management to analyze the data center sites for cabling requirements of various network equipment
• Involved in developing code using C and Linux.
• Worked on server side to implement the capture the packets. Unit testing and bug fixing
• Debugging and optimizing the code for better system performance.
• Problem Solving and maintain documentation throughout the project life cycle
• Work with project team members to resolve the issues identified in testing

Environment: Routers (Cisco 1900, 2900, 3900, ASR 7200, 9000), Switches (Cisco catalyst switches 6807, Nexus 7010, Nexus 5500 and Nexus 2k), Firewalls (Juniper SRX, Cisco ASA, Palo Alto), F5 Load balancer, Cisco Voice (H323/MGCP/SIP, CUCME, CUE), protocols BGP, EIGRP, OSPF and DNS server and C programming