SUMMARY

• Over 7years of strong IT experience in Network Security tasks such as day - to-day site monitoring and maintenance, infrastructure configuration, network design, network management, security, tier support of network, system installation, system backup and restoration, tuning, quality of service management, security implementation and application migration.
• Experience in Networking, including hands-on experience in IP network design providing network Support, installation and analysis.
• Over 2+ years of experience as a Network Engineer with expertise in design, development, implementation, troubleshooting and maintenance of network & security environments with mixed vendors such as Cisco routers and switches, Fortinet firewalls, SolarWinds, PRTG, LANDesk, Microsoft RDM and Office 365.
• Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and Dynamic routing protocols such as EIGRP, OSPF, BGP; ability to interpret and resolve complex route table problems.
• Expert Level experienced in Wireshark for network analysis purposes and to Analyze packet traces.
• Worked on IOS/NX-OS upgrade with different Cisco images, different Cisco device.
• Hands on Experience testing iRules using Browser (IE), HTTP watch, curl, Scripts (shell/batch file/Perl) and host files.
• Automated network implementations and tasks and designed monitoring tools using python scripting
• Experience in configuring VXLAN on Nexus 9k switches in Data center environment.
• Intensive applications of Network automation tools and testing for network automation and configuration management using Ansible, Python scripting.
• Expert in installing and configuring Splunk forwarders on Linux, UNIX, and Windows.
• Deep technical experience with architecture, design and hands-on diverse technology platforms including different Cloud Platforms (AWS/Azure), Virtualization, Database Technology
• Upgrading code on Palo alto firewalls PA5050/3020 to meet company security policy
• Install and support various MPLS/BGP, Metro Ethernet deployments and configure routing and switching platforms and Aruba Wireless Solutions.
• Experienced in working on Cloud Computing Virtualization using VMware NSX and Windows Hyper-V.
• Splunk log monitoring & report monitoring for Data, Network, and Application device & user activities.
• Strong working knowledge of Active Directory, DNS, DHCP, TCP/IP, VPN, VLAN, LAN/WAN, SDWAN, networking concepts.
• Develop/capture/document architectural best practices for building systems on AWS
• Configuration and administration of firewalls, which includes Checkpoint, Juniper, and Cisco ASA firewalls.
• In-depth knowledge and experience in LAN and WAN technologies including MPLS, SD-WAN, DIA, Point to Point (Dark Fiber).

PROFESSIONAL EXPERIENCE

Confidential, Atlanta, GA

Network Security Engineer

Responsibilities:

• Experience working with data center deployment where we converted from Cisco 6500 to Nexus.
• Expert knowledge of Cisco ACI, NxOS and IOS, other SDN products Tiered Domains, QoS, data center network design, cloud infrastructure design and management, OSPF, BGP, VLAN Trunking
• Experience working with Nexus 9k, 7k, 5k, 2k devices.
• Performed IOS Software upgrades on switches 6509, 4510, 3750 and Cisco ASR for compatibility with Cisco ISE
• Worked on Juniper devices like M, MX, T routers on advanced technologies like MPLS VPNs, TE and other service provider technologies.
• Designed Continues Delivery platform using Jenkins, Bit Bucket, Artifactory and Ansible tower.
• Involved in several projects setting up builds using Jenkins, Ansible, Puppet and Chef.
• Datacenter experience create new cable run list (L1), document runbook and Solution planning and upgrading, architect VXLAN, ACI and ASA cluster firewall with NAC, ISE. Deployed Cisco ISE integration with LDAP for domain user authentication.
• Configure, Manage, Analyze, and Optimize Network Performance, Traffic, SDWAN, VPNs, Security, Firewalls, & Policies.
• Advanced Automation and scripting using but not limited to Puppet, Python, Bash & PowerShell
• Experience with Network Automation, Firewall Migration (FTD, FMC) and experience with configuring onsite to cloud connectivity using AWS.
• Provided tier 3 support to SAN and Citrix application development environment, which consisted of Cisco Catalyst and Nexus switching lines, Brocade VDX 8770, 6710, 6720 Platforms, Juniper-Net screen & Junos, Cisco ASA Firewalls, and CUCM deployment, Fortinet and Palo alto Firewalls.
• Migrated datacenter from ethernet switching network to a VXLAN EVPN IP fabric (Brocade VDX)
• Worked on Design implementation of new data center with products ranging from cisco, ASA with Firepower, Dell Switches, Cisco Meraki and VMware NSX.
• Worked on network monitoring tools such as NMAP, Solar Winds, Wireshark, Turin Secure Track and Splunk.
• Cisco ACI fabric networks, including python automation. Worked on Great exposure to SDN and Network virtualization technologies like Cisco ACI.
• Designed & Integrated cloud networks using VMware NSX, VMware distributed firewall, HPC7000 chassis, Cisco Nexus 9Ks, and Brocade VDX platforms.
• Aiding in design and implementation of a data center fabric utilizing Juniper QFX10000 for spine and leaf, EVPN, VXLAN replacing VSS configuration in our mission network.
• Implemented Cisco ISE 1.2 for Wireless 802.1x Authentication and Authorization with Flex Connect.
• Worked with the installation of Palo Alto firewall, migrated with a team from predominantly checkpoint environment to Palo Alto global solution.
• Implemented Contracts, Multi-tenants between Endpoint groups using SDWAN in ACI.
• Performed system administration tasks associated with remote site installations on the following platforms: WhatsUp Gold, Cisco ISE, Cisco Prime, Microsoft DHCP, and Microsoft Active Directory.
• Configuration of BGP on both Nexus and Palo Alto, moved SVI (server VLAN) interfaces from ASA core to Palo Alto.
• Proficient in AWS services like VPC, EC2, S3, ELB, Auto Scaling Groups(ASG), EBS, RDS, IAM, Cloud Formation, Route 53, Cloud Watch, Cloud Front, Cloud Trail
• Deploy Azure IaaS VMs and Cloud services PaaS with high availability by designing availability sets, VMSS
• Checked routing and ports, WAF configuration, Azure Firewall, NSG, NVA, Load Balancer configuration.
• Worked on Splunk and IBM Qradar SIEM tool to monitor the traffic and analyze the traffic.
• Developed python/bash scripts to aid in the network monitoring, information gathering and expedited resolution of network issues.

Confidential, Sanjose, CA

Network Security Engineer

Responsibilities:

• Involved in Configuration of various Cisco Routers & L2/L3 Switches and implementing OSPF and BGP on the routers
• Configuring, upgrading and deployment of Nexus 7010, 5596 and 2248.
• Configure, add and deploy Cisco Meraki MX appliances. Pushed firmware updates for switches, appliances, and access points.
• Performed IOS Software upgrades on switches 6509, 4510, 3750 and Cisco ASR for compatibility with Cisco ISE.
• Used python Libraries like Napalm and Netmiko to Automate the VLAN configuration of Cisco Switches and Juniper routers
• Maintained and created scripts in Python that assisted in pulling in the necessary data to meet audit and reporting requirements.
• Worked on SDN/NFV technologies including Open Stack Neutron, VM ware NSX, Open flow, Open daylight, Open v Switch, Open Contrail, or Cisco ACI.
• Implementation and troubleshoot on Brocade VDX (VDX6720, 6730, 6740, & 8770) devices.
• Used Splunk Search Processing Language (SPL) and Regular expressions to filter Firewall logs AIX TCP/IP DCT team works on Security Vulnerability issues, customer reported PMRs, internal defects and features on TCP components. Work on new enhancements includes FRS, Design Doc and coding
• Worked on F5 LTMs & GTMs to improve web application delivery speed and replication through and between distributed global data centers.
• Configuring HA pair for two Palo VM-300 series AWS instance firewalls and testing the failover activity as well as ENI migration.
• Collected requirements from the client and selecting appropriate AWS service with required capacity and to design and deploy applications based on given requirements
• Provided connectivity to On-premise devices to Azure VNET by using Azure VPN, Express Routes and Virtual Network peering.
• Design, configuration, and support of Cisco Catalyst Switches and Nexus Switches, Cisco ISR/ASR/CRS Platforms, Cisco ACI, Brocade VDX, Nortel/Avaya/HP Switches, Cisco Routers and Load Balancers like F5, ACE.
• Implemented VXLAN tunnels between leaf switches in the data plane
• Design and manage VXLAN network virtualization using ESGs, UDLRs and logical
• Worked on Splunk SIEM to gather generated logs for the firewalls, to maintain application flow on firewalls
• Creating ACLs as per user's requirement to getting access for different servers like internal firewalls, DMZ firewalls and Internet firewalls and also worked on Splunk for troubleshooting.
• Experience in designing cloud based networks on top of AZURE, AWS, and Alibaba frameworks
• Experience with configuring FCOE using Cisco nexus 5548 ? Part of the New Product development team and responsible for User Acceptance Testing (UAT), SDWAN, Viptela, Versa, Meraki.
• Worked on F5 Enterprise Manager 3.1 version to manage multiple F5 LTM devices from single-pane view.
• Worked on upgrading Cisco ISE 3300 Appliances and 1.0.4 Cisco ISE software on VMware.
• Migration from Cisco firewalls to Palo Alto firewalls platforms PA 4000 and PA 500 and PA- 200 firewalls network technologies including Optical VoIP VPN SAN switching and routing.
• Maintenance and troubleshooting of Cisco ISE Servers
• Upgrading Cisco ISE Appliances Company wide. Recently rolled out OpenDNS including onsite VM appliances.
• Design and Build Software-Defined Data Center environment, including Vmware, VCenter,NSX and Cisco ACI.

Confidential, Boston, MA

Network Engineer

Responsibilities:

• Configuring ACL to allow only authorized users to access the servers.
• Maintain effective communications with vendors, peers and clients in resolution of trouble-tickets, equipment
• Implementation and configuration of F5 2400 Viprion series using Brocade devices in a multipath network environment.
• Develop python/bash scripts to aid in the network monitoring, information gathering and expedited resolution of network issues.
• Configuration of overlay VXLAN VTEPs with EVPN control-plane on Nexus switches.
• Worked on data center segmentation project to create segmentation between the user and server traffic by deploying Palo Alto firewalls (5250s) in the datacenter including cabling to the Nexus 7K VDCs and HA. Hands on Experience testing iRules using Browser (IE), HTTP watch, curl, Scripts (shell/batch file/Perl) and host files.
• Experience in working with Splunk authentication and permissions and having significant experience in supporting large-scale Splunk deployments.
• Implemented Cisco ISE 1.2 for Wireless 802.1x Authentication and Authorization with Flex Connect.
• Checkpoint Firewalls, Firemon, VPN, Datacenter, Cisco, Nexus, ACS, WAN Optimization, Riverbed Cascade, Riverbed Profiler, Net flow, Planning, Budgeting, Supervising, Setting Standards, Documenting MOP, Managing Multiple Projects
• Monitor, support and implement virtualized environments and disaster recovery procedures for hosted applications and on premises infrastructure-based VMware, utilizing resources such as Nimble, Netapp, Cisco Nexus and SDwan devices.
• Performed all maintenance tasks on the Nexus Switches, ASR Routers, Checkpoint Firewalls, F5 Load balancers Infoblox DNS and Cisco ACI
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Installed and configured Cisco Meraki (MR66,MR18) wireless Access points in the warehouses.
• Extensive experience in cloud management systems and integrated with Azure for AD.
• Deployed and configured Cisco DNA Center 1.1.7 into the Data Center.
• Troubleshooting Cisco APs and Meraki appliances.

Confidential, Newark, NJ

Network Administrator

Responsibilities:

• Responsible for the configuration, implementation and operation of Cisco 3745 routers Cisco 6509 and 3560 L2/L3 switches
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience
• Working on Cisco ISE to authorize users based on protocols PEAP and EAP-TLS, also manage and monitor user's access privileges.
• Experience on dealing with Cisco ISE Secure Network Server 3515 and other network security products.
• Removed Cisco 3600 and 2600 series routers and Cisco 2900 series switches from the current infrastructure and replaced them with the Cisco 6509 or 3560 L2/L3 switches.
• Served a platform for other services that are required within the data center or cloud environment using Cisco ACI.
• Configuration of BGP on both Nexus and Palo Alto, moved SVI (server VLAN) interfaces from ASA core to Palo Alto.
• Install and maintain customer software including Office 365
• Deployed a new Meraki cloud base Guest and Corporate Wireless system. Personally, built, installed and maintained Meraki MR42 Access point and cloud system. Maintained the Aruba Wireless cloud systems in the branches. Confer with network users to resolve wireless issues
• Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco ASA Firewalls, NAT and Juniper SRX firewall.
• Configured RSTP, MST and used VTP with 802.1q trunk encapsulation. Provided port binding and port security wherever required. Provided router redundancy through HSRP.
• Installed over 700 new Meraki Access points in all Fidelity Investment Centers.
• Configured ether channels using PAgP and LACP.