SUMMARY

• CCNP, CCNA Certified Network Engineer with over 6 Years' experience in network design, implementation, and support. Routing, switching, firewall technologies, system design, implementation and troubleshooting of complex Network Systems.
• Involved in design of network layouts, configuration and maintenance, Commissioning Routers & Switches, firewalls, IPS and ensuring maximum uptime during site deployment to VoIP.
• Advanced knowledge of OSI model, TCP/IP, Internet technologies, system security, firewall infrastructure, network architecture and Cisco network routing / switching (Layer 2 and 3) experience, including LAN and WAN, design and implementation which includes Layer 1 to Layer 7experience.
• Working knowledge of routing protocols for voice: VoIP, IPSEC, Multicast, MPLS, DSCP/QoS, Cisco IOS and Wireless security protocols (I.E. 802.1x, EAP, WPA2)
• Expertise in deployment and configuration of routing protocols such as OSPF, EIGRP and BGP. Experience on F5 LTMs & GTMs to improve web application delivery speed and replication through and between distributed global data centers.
• Worked on F5 Enterprise Manager 3.1 version to manage multiple F5 LTM devices from single - pane view. Worked on Panorama firewall management tool which provides centralized monitoring and management of multiple Palo Alto devices from single window.
• In depth knowledge with network monitoring and performance tools such as Solar Winds and Wireshark. Well experienced in configuring gateway redundancy protocols like HSRP, GLBP, PPP and SNMP.
• Strong hands on experience implementing and troubleshooting Switch technologies such as STP, RSTP, MSTP and VTP along with troubleshooting of inter-VLAN routing. Implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology.
• Experience configuring and testing F5 iRules using Browser (IE), HTTP watch. Knowledge in working with F5 Load Balancers and their implementation in various networks.
• Knowledge of network security protocols such as IPSEC tunnels, GRE tunnels, NAT/ PAT, ACLs and VPN - MP-BGP. Experienced in trouble-shooting both connectivity issues and hardware problems on Cisco based networks.
• Experience in installing and configuring DNS and DHCP server Migrated and implemented new solution with Cisco ASA firewall series 5505,5510,5540.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX series security appliance. Worked on various blades like IDS/IPS, URL filtering on Cisco ASA.
• Experience in configuration of Checkpoint 600,1100,4800,12000 appliances. Implement duo security two factor authentications for remote access VPN on Cisco ASA.
• Experience with devices Palo Alto Network firewalls such as security NAT, Threat prevention URL filtering.
• Worked on various security tools like Cyber Ark, Qualys Guard and Rapid 7 for effective rule utilization on Checkpoint firewalls and accessing network devices securely.
• Strong knowledge on networking concepts like TCP/IP, Routing and Switching. Hands on experience on Up-gradation of Cisco IOS & Firmware of different Cisco devices & modules.
• Worked with Cisco ISE to identify threats in the network for rapid containment and remediation. Experience managing and maintaining Infoblox IP Address Management Appliances.
• Adapt in preparing Technical Documentation and presentations using Microsoft VISIO/Office.

TECHNICAL SKILLS

Routers: Cisco 1900, 2600, 2800, 2900, 3600, 3800, 3900, 7200, 7600, GSR 12000, 7500, ASR-901, ASR-903, ASR 5500

Switches: Cisco Catalyst 3550, 3750, 4500, 4900, 6500 sq. 2248, 5548 and 7010

Firewalls & Load Balancers: Cisco ASA 5540 series, Checkpoint, Palo alto PA2020, PA3050, PA5050, IPSEC and SSL VPN, IPS/IDS, IOS Firewall features, DMZ set up, F-5 LTM.

Routing: OSPF, EIGRP, BGP, RIP, PBR, Route Filtering, Redistribution, Summarization, Static routing

Switching: VLANs, Dot1Q, VTP, STP, RSTP, VLAN Maps, HSRP, GLBP, CEF, DCEF, Port Security

LAN/WAN Technologies: Ethernet, Frame relay, MPLS, HDLC, PPP, T1, T3, OC Standard, DSL, ISDN

Protocols: IP, TCP, UDP, ICMP, NAT, DHCP, SNMP, IPSEC, SSL, HTTP, SSH

AAA Architecture: TACACS+, RADIUS, Cisco ACS

Network Monitoring and Management Tools: Solar winds, Wire Shark, SNMP, Elastic Search, Log stash and Kibana and What Sup Gold

Operating Systems: Windows Server 2008 R2/ 2003, Windows XP Professional, Red hat Linux, UNIX Sun Solaris 9/8

PROFESSIONAL EXPERIENCE

Confidential, Atlanta GA

Network Security Engineer

Responsibilities:

• Hands on experience working on Visa Vulnerability Management System (VVMS). Execute patch and vulnerability management practices to prevent the exploitation of technical vulnerabilities that exist within the infrastructure.
• Monitor network infrastructure with Solar Winds for treading, and analysis on all Cisco routers, switches, and firewalls.
• Involved in QIP data quality effort. As part of this effort I pulled out all the configurations from all over network devices by parsing the Python Script and filled up all the subnets and other data on QIP.
• Skilled in troubleshooting complex network issues on a global enterprise network.
• Complex troubleshooting to include network protocol and log analysis, raw data captures, and the correlation of disparate events spanning multiple devices and platforms.
• Worked with Cisco Nexus 2148 Fabric Extenders and Nexus 7010, 5000 series switches to provide a Flexible Access Solution for datacenter access architecture
• Deploying and decommission of VLANs on core ASR 9K, Nexus 9K, 7K, 5K and its downstream devices and configure 2k, 3k,7k series Routers.
• Configured and troubleshooting the F5 LTM APM and providing level 2 support for the customers.
• F5 build-out of the base F5 BIG-IP infrastructure, including the BIG-IP 10200v platforms and vCMP guest instances.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Support the SolarWinds platform for monitoring the network for any network related issue
• Worked in setting up Inter-VLAN routing, redistribution, access-lists and dynamic routing.
• Implemented SNMP on devices to allow for network management.

Environment: Cisco routers, switches, ASA Firewalls, Palo alto Firewalls, F5, OSPF, EIGRP, BGP routing protocols, Solar winds, Net brain, VLANs, VVMS and Qualys Guard.

Confidential, Draper UT

Network Engineer

Responsibilities:

• Configured, deployed and maintained Core and Access network switches.
• Configuration of Cisco 3750 and 6509 multilayer switches for secure network access using tools such as VLANs and port security
• Configured DFC3 with DFC4 while upgrading 6509 to SUP2T
• Experience managing and maintaining Infoblox IP Address Management Appliances.
• Involved in IP addresses allocation for all the Networking devices including switches, routers, firewalls through DNS entry using Infoblox.
• Configured back door local admin passwords on more than 1000+ various devices through NETMRI Script. Modified Script as per device type.
• Worked on Qualys Guard for security scans and vulnerability management
• Engineered and authored enterprise implementation plans, correcting security vulnerabilities and standardizing configurations.
• Performed as a Network Engineer in Migrating Cisco ACS deployment to Cisco ISE Deployment.
• Troubleshooting the VPN tunnels by analyzing the debug logs and packet captures. Advanced knowledge in Design, Installation & configuration of Palo Alto.
• Configured SNMP on Palo Alto firewalls 3060, 5060, 7050 for receiving incident alerts and notification and wrote SSL decryption policies for decryption of traffic to provide Anti-virus, Malware protection.

Environment: Cisco routers, switches, ASA Firewalls, OSPF, EIGRP, BGP protocols, VLANS, wire shark, Infoblox,IP, TCP, UDP, NAT, DHCP, HTTP, SSH.

Confidential, Sacramento CA

Network Engineer

Responsibilities:

• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Built site-to-site IPSec VPNs over Frame-relay & MPLS circuits on various models of Cisco routers to facilitate adding new business partners to new and existing infrastructure.
• Configured and resolved various OSPF issues in an OSPF multi area environment.
• Setting up VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K, 2k and its downstream devices.
• Responsible for building and managing field enablement and training, channel partner go to market strategy and engagement for Cisco Nexus 9K and ACI.
• Experienced in installation, configuration and maintenance Cisco Nexus 7010, 5548, 2148
• Troubleshooting the various issues while upgrading and installing the new supervisors on Nexus 7K.
• Worked on Datacenter Migration project to migrate the existing 6509, 4509 devices to a Nexus 7010, 5010 and Nexus 2248 FEX based solution.
• Upgraded with Nexus 9k,7k and 5k switches to deal with the vulnerability issues.
• Hands on experience in configuring Cisco Catalyst 2960, 3750, 4500 and 6500 switches.
• Optimized performance of the WAN network consisting of Cisco 3550/4500/ switches by configuring VLAN
• Worked on F5 LTMs & GTMs to improve web application delivery speed and replication through and between distributed global data centers.
• Used F5 GTM for external DNS resolutions configured all listeners and created all zone files, A record and Names.
• Worked on F5 Enterprise Manager 3.1 version to manage multiple F5 LTM devices from single-pane view.
• Worked on F5 VIPRIONS 2400 model with dual blades also had licensed this chassis with vamps which can run multiple instances and versions of BIG-IP.
• DNS administration like adding/modifying/deleting IP and DNS assignments using log messages
• Established network design standards that focus on current and future global security requirements via PCI-DSS.
• Regularly conduct Audits on tools that I manage, and provide documentation to show compliance for PCI-DSS Audits
• Proactively monitor and manage all productions network systems to maximize system availability in NetScaler.
• Worked on FortiGate 5000-series security appliance to maintain SSL Inspection, Application control, Firewall and VPN management
• Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
• Successfully installed Palo Alto Next-Generation PA-3060, PA-5060 firewalls to protect Data Center with the use of IPS feature
• Configuring rules and Maintaining Palo Alto with IPS module & Analysis of firewall logs.
• Configuration and Installation of Cisco firewalls ASA (5510,5520 and 5540).
• Implemented Duo Security two-factor authentication as a service to access data centers via VPN.
• Worked with IDS/IPS to identify threats in the network for rapid containment and remediation.
• Shared the data with integrated partner solutions to accelerate the capabilities to identify and remediate threats using Cisco ISE.
• Establishing VPN tunnels using IPSec encryption standards and configured and implemented site-to-site VPN, Remote VPN.

Environment: Cisco routers, switches, ASA Firewalls, Palo alto Firewalls, OSPF, EIGRP, BGP routing protocols, VLANs, F5 load balancers, checkpoint, wireless access points, IP, TCP, UDP, ICMP, NAT, DHCP, SNMP, IPSEC, SSL, HTTP, SSH protocols.

Confidential

Network Engineer

Responsibilities:

• Hands on experience in configuring high end routers like GSR 12000 series, 7500 series and Catalyst Switches like 7600, 6500, 4500 series.
• Configured and resolved various OSPF issues in an OSPF multi area environment.
• Installing, configuring Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, BGP v4. Configured IP access filter policies.
• Installed and configured high availability Big IP F5 LTM and GTM load balancers like 6600, 6800 to provide uninterrupted service to customer applications and monitoring the availability.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Worked on firewall technologies including general configuration, optimization, security policy, rules creation and modification of Palo Alto.
• Detailed knowledge of Palo Alto PAN-OS and experience in feature like Panorama, Hashing, Definition, Wildfire, URL filtering, Zone creation, Intrusion Detection System (IDS), Intrusion Prevention (IPS), DNS sinkhole, Zero-day attack protection, Advanced Endpoint protection and SaaS Security. Deployed Python scripts to perform admin tasks, report generation and push new changes.
• Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco ASA and Check Point firewalls.
• Deployed & Implemented rules and created various zones in Palo alto firewalls like PA2020 and PA2050.
• Experience with Check Point Firewall Management station operations. Maintained and Configured Check Point VSX with firewall virtualization.
• Installing and configuring F5 Load balancers and firewalls with LAN/WAN configuration.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Developed and executed datacenter migration plan for all managed security services such as firewalls, IDS, VPNs and authentication servers with no impact on production environments.
• Worked with Cisco ISE to identify threats in the network for rapid containment and remediation.
• Initially analyzed the data for critical to moderate vulnerabilities as detected by a Vulnerability Scanner such as Qualys Guard or Nessus. Filtered out as much false positive or redundant vulnerabilities as necessary.
• Performing URL filtering and content filtering by adding URL's in Bluecoat Proxy SG's.
• Installation, Maintenance, Troubleshooting Local and Wide Areas Network by using ISDN, Frame relay, DDR, NAT, DHCP, and TCP/IP
• In depth knowledge with network monitoring and performance tools such as Solar Winds, Fore scout and Wireshark.
• Provide Tier II Level Load Balancer expertise on F5 BigIP Local Traffic Managers (LTM). Designing F5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.
• Implementing MPLS VPN for the Branch locations
• Expertise in configuring of MPLS, IP Multicast, VPN and Policy Based routing
• Made DHCP and DNS changes through Infoblox.
• Used Infoblox to create and manage newly created DHCP scopes.
• Responsible for Enterprise DHCP Server (Infoblox) and VPN, SSL, and Net Motion Accounts.

Environment: Cisco routers, switches, Palo Alto Firewalls, OSPF, EIGRP, BGP routing protocols, VLANs, F5 load balancers, checkpoint, Palo alto, wireless access points, IP, TCP, UDP, ICMP, NAT, DHCP, SNMP, IPSEC, SSL, HTTP, SSH protocols.