SUMMARY

• Experience in Network Engineer field which includes hands - on experience in providing network support, installation and analysis for a broad range of LAN /WAN/MAN communication systems.
• Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP.
• Good experience on CISCO IOS, IOS XE and IOS XR, NXOS, Fortinet Fort IOS.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST. Implementation of HSRP, VRRP for Default Gateway Redundancy.
• In-Depth Knowledge and experience of various wireless 802.11 standards, controllers, Access Points, Wi-Fi analytics from various vendors (Cisco Meraki, HPE / Aruba, D-Link and Net gear), SD-WAN (MX 65, MX100, MX400).
• Responsible for Check Point and CISCO ASA firewall administration across global networks.
• Experience working on Cisco ASR 9001&ASR 1006.
• Good experience on working with CISCONX-OS.
• Experience with deploying Fabric Path using Nexus 7000 Devices.
• F5 BIG-IP application load balancing subject matter expert with concentration on layer 7 load balancing using I-Rule scripting in TCL.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Hands on experience with load balancers (F5 & Cisco Content Switch), VPN (Cisco, NetScaler, RSA, Deo Security, Entrust & F5)
• Worked on F5 VIPRION, LTM and GTM systems
• Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
• Experience working with Nexus 7K, 5K, 2K devices.
• Experience in testing Cisco routers and switches in laboratory and deploy them on site production.
• Upgraded Operating Systems for different devices like JUNOS (Juniper), IOS (Cisco) and EOS (Arista)
• In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Sub-netting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / Gig circuits, Firewalls.
• Hands on experience in configuring and supporting site-to-site and remote access Cisco, IPsec, VPN solutions using ASA/PIX firewalls, Cisco and VPN client.
• Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.
• Strong experience on security levels with RADIUS, TACACS+.
• Hands on experience in configuring Cisco Catalyst 2960, 3750, 4500, 6500 and Nexus 3000, 5000, 6000, 7000 series switches and Cisco 2600, 2800, 3600, 3800, 7200, 7600 series routers, load balancers and Cisco firewalls.
• Hands-on experience and knowledge about VoIP technologies such as SIP, SIP Trucking, Cisco Call Manager, Asterisk
• Expertise in creating groups and pruning traffic flow using VLAN, VTP, ISL, 802.1Q.
• Excellent in documentation and updating client's network documentation using VISIO.

TECHNICAL SKILLS

Network Products: Cisco Routers CRS-1, CRS-3, CRS-X, ASR 9K, ASR1K, ASR 1002, GSR 12000, 7600, 7200, 7500, 7300 (SSG), 7200, 3945, 3800, 3900, 3845, 3745, 2800, 2600, 2900, 2500, 1800, 1700, 1600, &ERX 500 Cisco switches Cisco Nexus 7010, 5596, 5020, 5010, Nexus 1010 (1000v), Cisco 6500, 4900M, 4500, 4000, 3700, 3750, 3550, 3560, 2960, 2950, 2800, HP 2910, Dell Brocade chassis & FWS switches.

Network securities: NAT/PAT, VPN, Filtering, Juniper Net screen Firewall, Checkpoint 4.1, WEP, WPA2, IDS/IPS, IPSec, ACL, FWSM, and F-5 load balancers.

LAN Technologies: Workgroup, Domain, HSRP, DHCP, Static, VLAN, STP, VTP, Ether Channel, Trunks, PVST, RSTP.

AAA Architecture: TACACS+, RADIUS, Cisco ACS.

WAN Technologies: Frame Relay, VPN (L2F, PPTP, L2TP, GRE), ISDN, PPP, ATM, MPLS, IPv6

Network Management: SNMP, SolarWinds, Cisco Works, HP Open view, Ethereal Sniffer, NXOS, Telnet.

Load Balancers: CSS, ACE, F5, A10

Monitoring Tools: Wireshark, N-map, Nessus, OpManager, PRTG Packet Sniffer, and Infoblox, Smarbits, Spirent Test Center, Agilent Router Tester (N2X Series) and NetFlow.

Routing Protocols: VTP, STP, RSTP, MST, VLANs, ISL, 802.1q, Ether Channel, PAgP and LACP

PROFESSIONAL EXPERIENCE

Network Architect

Confidential, Rosenberg, TX.

Responsibilities:

• Integrating new locations with existing MPLS Network and enabling standard corporate application access.
• Designing and implementing LAN/WAN solutions across locations
• Managing the LAN/WAN devices across locations for day-to-day operations
• Managing location specific CISCO ASA Firewalls and also data center internet gateway firewalls.
• Handling new application load balancing requirements through F5 LTM devices.
• Experience with design and implementation of Data center migration
• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Configured CIDR IP RIP, PPP, BGP, MPLS and OSPF routing.
• Assisted in MPLS migrations, implemented a backup for the existing SD-WAN connection using site-to-site IP sec VPN tunnels.
• Experience with WCS predictive maps and RF Engineering Planning.
• Done Site Surveys and installed wireless access devices at various locations like army, navy, air force bases.
• Configured Aruba WAP and Wireless controller 66xx/57xx on Cisco Prime, VMWare NSX for proper access of Bingo wireless internet.
• Good experience on tools and devices like Source Fire, Fire eye, Aruba, Cisco ASA, Cisco ISE
• Primary platforms include, but not limited to, Enterprise Cisco and Aruba Clearpass Ruckus, etc.
• Experience with vender equipment: CISCO/Brocade Routers and Switches, Cisco Sonet, Aruba Wireless AP's/controller, CISCO ASA/PIX Firewalls/FWSM, Cisco NAM, Cisco SX20
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Configuring routing protocols OSPF, EIGRP, RIP, MPBGP, LDP and BGPV4
• Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst
• Configured remote users to access corporate LAN with VPN connectivity
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Proposal /RFI AT&T to develop and document the process for IPv6 service delivery
• Maintained complex LAN/WAN networks with several VLANS and provided support for routing protocols and also providing secure sessions over internet using IPSec and SSL encryption.
• Worked extensively on CISCO ASA 5500 (5510/5540) Series, experience with convert PIX rules over to the CISCO ASA solution.
• Supporting EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations
• Worked on migration of existing PIX firewall to ASA firewall, PIX OS upgrade from 6.3 to 7.0.
• Design and Implement DMZ for FTP, Web and Mail Servers with CISCO PIX 506, PIX515
• Building the VPN tunnel and VPN encryption.
• Involved in Configuration of Access lists (ACL) on ASA firewall for the proper network routing for the B2Bnetwork connectivity.
• To secure configurations of load balancing in F5, SSL/VPN connections.
• Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA 5500 Firewalls.

Lead Network Engineer

Confidential, Atlanta, GA

Responsibilities:

• Installed and managed of overall administration of LAN, WAN, systems involving design of network layouts, configuration and maintenance, Commissioning Routers &Switches, firewalls, IPS and ensuring maximum uptime during site deployment to VoIP.
• Experienced in working with Aruba network.
• Strong working knowledge of Cisco 5508, 4400 wireless controllers (WLCs), Aruba 7200 WLC, Cisco 1140, 1250, 1260, 2600, 3600, 3602, 3702 Access Points, Aruba 335 Access Points.
• Aruba 7200 WLC, 305 Access Point. Airwave Management platform, 8.2.6.1 ClearPass 6.7.0, 2960 Cisco Switch, 4331 Cisco Router, Live action client monitoring tool, Jira Sprint tool, Infoblox IPAM tool.
• Configured the Aruba Controller with Master-Local setup with local controller redundancy of LMS and Backup LMS IP's and provisioning of Access points.
• Develop and document the process for IPv6 service delivery to their perspective clients.
• Plan and lead team of eight employees on extensive technical analysis to ensure overall network mission integrity when transitioning from IPv4 to IPv6 protocol.
• Configure and stage Cisco wireless controllers
• Performed network administration tasks such as creation and management of VLANS, Port security, Trunking, RPVST+, Inter-VLAN routing, and LAN security.
• Configured Hyper-V LAN which decouples virtual networks from the physical network infrastructure, removing the constraints of VLAN and hierarchical IP address assignment from virtual machine provisioning.
• Configured FWSM on Cisco 7600 routers to reduce costs and operational complexity while enabling organization to manage multiple firewalls from the same management platform.
• Configured ASA 5520/5500 to ensure high-end security on the network with ACLs and Firewall.
• Co-ordinate with the Data Network and Security team and come up with possible solutions.
• Configuring and resolving various OSPF issues in an OSPF multi area environment,
• Implemented, configured BGP SDWAN routing, converting OSPF routes to BGP (OSPF in local routing)
• Expertise in maintenance of layer2 switching tasks which advocate VLAN, VTP, STP, RSTP, PVST, RPVST, configuring of ether channel with LACP and PAGP along with troubleshooting of inter-VLAN routing. Part of a team of DevOps engineer for infrastructure support on AWS and GCP cloud. Creating cloud formation scripts for hosting software on Arista cloud. Automating the installation of software through Ansible scripts
• The complete installation and hosting of cloud were automated with AWS cloud formation template and Ansible
• Configured PVSTP+ for loop prevention and VTP for Inter-VLAN Routing.

Sr. Network Engineer

Confidential, Marietta, GA

Responsibilities:

• Involved in Configuring and implementing of Composite Network models consists of Cisco7600, 7200, 3800 series routers and Cisco 2950, 3500, 5000, CAT, Series and Nexus switches.
• Configured networks using routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure.
• Worked with major vendors, (Cisco, Juniper, Fortinet, BT telecom) to develop special code to support IPv6 services.
• Configured reverse proxy access via NetScaler per customer requirements.
• Worked with customers to confirm NetScaler was performing requested duties from Layer 1 to Layer 7 while being fully redundant for DR and business continuity.
• Onboarding devices to Aruba Clearpass Policy Manager- TACACS
• Migrated from Cisco ISE to Aruba CPPM
• Expert level knowledge on configuring Aruba Mobility controller, Airwave, Aruba Clear pass, Cisco Prime Infrastructure, WCS/NCS, ISE & MSE. Worked extensively configuring Security over Wireless by Implementing Cisco ISE and Aruba Clear Pass at many client locations
• Based on network requirements defined a detail capability requirement for access equipment, Wireless LAN Controllers, Access Points and services management platforms Like Aruba Airwave and Prime.
• Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1
• Configured OSPF over frame relay networks for NBMA and point to multipoint strategies.
• Configured and maintained CISCO ASA firewalls, Cisco ACE load balancers and Cisco PIX (506E/515E/525/)
• Installed high availability Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers.
• Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF)
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path.
• Configured policy-based routing for BGP for complex network systems.
• Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer's Site.
• Cisco Secure Access Control Server (ACS) for Windows to authenticate users that connects to a VPN 3000 Concentrator.
• Worked on FTP, HTTP, DNS, DHCP servers in windows server-client environment with resource allocation to desired Virtual LANs of network.
• Responsible for day to day management of Cisco Devices, Traffic management and monitoring.

Network Engineer

Confidential

Responsibilities:

• Design, implementation and operational support of routing/switching protocols in complex environments including BGP, OSPF, EIGRP, Spanning Tree, 802.1q, etc.
• Understanding and implementation of IPSEC &GRE tunnels in VPN technologies
• Troubleshoot issues and outages on Trunks and Router interfaces and firewalls extensively
• Configured and resolved various OSPF issues in an OSPF multi area environment
• Severed as a member of the NIH IPv6 transition team that developed the strategy to implement IPv6 within the NIHnet data
• Configured RIP, OSPF and Static routing on Juniper M and MX series Routers
• Configured VLAN, Spanning tree, VSTP, SNMP on Juniper EX series switches
• Configured Cisco IOS Feature Set, NAT and Simple Network Management Protocol (SNMP) for Network Security implementation
• Part of Network Operation Center NOC offshore support team from India supporting Data Center 24x7. L2 support for Cisco PIX and ASA Firewalls.
• Created load balancing policies using BGP attributes such as Local Preference, AS-Path, MED, Community etc.
• Hands-on experience with SD-WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, and IP addressing
• Configured HSRP between the 3845 router pairs for Gateway redundancy for the client desktops
• Ability to use NAT and Firewall security policies in Checkpoint
• Troubleshoot traffic passing managed firewalls via logs and packet captures
• Maintenance of all servers & network equipment with current stable firmware, IOS images & access control lists
• According to priority, worked on multiple service request tickets as a part of Network Operation
• Maintenance of CISCO ASA 5500 firewall for DCA site, adding new rules or changing existing access lists if necessary
• Implementation of security improvements such as network filtering, SSH, AAA, SNMP access lists, EIGRP MD5 authentication, HSRP authentication and security enhancements
• Designed and Developed Internet Security policy for the company in order to build a secure and robust network Infrastructure.
• Involved in Layer2/3 Switching Technology Administration including creating and managing VLANs, Port security, Trucking, STP, Inter-VLAN routing, LAN security
• Provided technical assistance to LAN & WAN systems
• Installing and maintaining Network printers