PROFESSIONAL SUMMARY:

• Around 9 years of hands on experience in network engineering, designing, integrating, deploying, maintaining and supporting broad range of communication systems.
• Extensively worked on Confidential Routers, Switches, and Load Balancers & Firewalls.
• Knowledgeable in Router memory & IOS upgrade with TFTP.
• Configured application load balancing using F5 LTM.
• Experience in converting Checkpoint VPN rules over to the Confidential ASA solution. Migration with Confidential ASA VPN experience.
• Performed Manual Test execution, Defect logging, Tracking the defect fixes, Updating Test results and generating Test reports.
• Enterprise routing and troubleshooting experience using protocols such as Static, RIP, EIGRP, OSPF and BGP.
• Implemented Site - to-Site VPNs between ASA Firewall and Router.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN, Trunk, VTP, Ether channel, STP, RSTP and MST.
• Configured Security policies including NAT, PAT, Route-maps and Access Control Lists.
• Experience with Load Balancers for administrating and monitoring global & local traffic.
• In-depth expertise in the implementation of analysis, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Switches and supporting STP, RSTP, PVST, RPVST along with trouble shooting of inter VLAN routing and VLAN trunking using 802.1q.
• Expert Level Knowledge about IP Addressing, Sub netting, VLSM, ARP, OSI and TCP/IP models.
• Dealt with the escalation problems for Routing, Switching and WAN connectivity issues using ticketing system such as Remedy Ticketing System.
• Strong hands on experience on PIX Firewalls, ASA (5540/5550) Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS , AAA ( TACACS+ & RADIUS ).
• Experience in designing, deploying and troubleshooting LAN, WAN, Frame-Relay, Ether-channel, IP Routing Protocols - (RIPV2, OSPF, EIGRP & BGP), ACL's , NAT, VLAN, STP, VTP, HSRP & GLBP .
• Working knowledge with monitoring tools such as Solar Winds & network packet capture tools such as Wireshark and Confidential packet tracer.
• Sound knowledge in virtual firewalls such as checkpoint VSX, IDS, IPS as well as encryption techniques.
• Familiar with the eyes on glass network security monitoring infrastructure for an extensive analysis of the network.
• Implemented SNMP on devices to allow for network management
• Configured Security policies ( Juniper ) and Access Control Lists.
• Experience in SAN storage and data networks and implemented Fiber Channel and Internet SCSI protocols.
• QoS configuration using FIFO, Weighted Fair Queuing, Priority Queuing, Custom Queuing, CoS-DSCP Mapping.
• Migration of network devices (Palo Alto, F5, Juniper, Aruba, Riverbed, Routers& switches) from one zone to other. Changing the management IP address.
• Worked Lancope’s “stealthwatch” to obtain comprehensive, scalable enterprise visibility and security context on a day to day basis.
• Familiar with Low Latency Networking and Design.
• Familiar with the architecture of complex global DNS infrastructure.
• Monitored network activity within the Department of Education for intrusion and malware incidents using Sourcefire, Bluecoat, McAfee ePolicy, Symantec end point protection.
• Experience with monitoring and configuration of homogeneous and heterogeneous network.
• Experienced in working with SIP, ICM, CVP scripting and VOIP, IVR related technologies.
• A highly organized individual who adopts a systematic approach to problem solving, effectively analyzes results and implements solutions.
• Excellent communication skills, Enthusiastic, and a team player.
• Highly motivated with the ability to work independently or as an integral part of a team and committed to highest levels of professional.

TECHNICAL SKILLS:

Routing: RIPV1, RIPV2, IGRP, EGIRP, OSPF, BGP, Route Filtering, Redistribution, Summarization, and Static Routing

Switching: VLANs, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Ether channels, Transparent Bridging, CEF, DECF, Port Security, VSS Confidential 2960, 3560, 4500, 6500, 4900, 2900, 3750,Nexus 5000,Nexus 7000, WS-C4948, Juniper EX, QFX and Alcatel 7705 SAR

Router: Confidential 7600, 7606, 7609, 7613, 7200, 4400, 3900, 3800, 2900, 1900, ASR-901, ASR-903, ASR 5500, ASR-9010, 7206 VX, MWR 2941, Alcatel 7705 SAR,Juniper ACX, E, M, MX960 and SRX 240 series

Switches: Confidential Catalyst 6500, 4500, 3560, 3750, 2960, Nexus 7000, Nexus 6000, Nexus 5000,Juniper EX, QFX and Alcatel 7705 SAR series

Network Security: Confidential ASA5550/ 5540,NetScreen, Juniper SRX, Palo Alto, Checkpoints, AAA, Firemon, FREE RADIUS, CADA, LDAP, IPsec VPN, SSL VPN, IDS, IPS, Source Fire, Fire Eye, Confidential NAC (4.9.3), Confidential ISE, Aruba, RSA, RSA 2 Factor, SIEM, Qradar, Tripwire

Network Management: Wire shark, SNMP, Ethereal, Solar Winds, Net cool, Science Logic, Log Logic, EM7, Indeni, nCircle, PRTG, Blue Coat, Websense, Manage engine MIB Browser, Confidential NAC, ISE, Active Directory

Operating Systems: Windows (98, ME, 2000, XP, Sv2003, Sv2008, Sv2012, Vista, 7, 8), Ubuntu, Linux, Kali Linux, CentOS, FreeBSD, Red Hat

Software s: VMware ESX 5.x, VMware Workstation, vCenter Server, System Center 2012 R2, MS SharePoint, C &C++.

PROFESSIONAL EXPERIENCE:

Confidential, CA

Sr. Network Security Engineer

Responsibilities:

• Involved in Configuring and implementing of Composite Network models consists of Confidential 7600,2600,3800 series routers and Confidential 2950, 3500,5000, 6500 Series switches.
• Implementing NAT solutions on Confidential IOS routers
• Responsible for Confidential ASA firewall administration across our global networks.
• Efficiently utilized Confidential Nexus 7K, 5K, and 2K in managing and deploying data center switch upgrade to a 10GB infrastructure, resulting to a new virtual port channel technology.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Work on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing and supporting Checkpoint Gateways.
• In-depth knowledge and proven expert proficiency in designing, engineering, configuring, and maintaining of large enterprise firewalls such as Fortinet UTMs.
• Working on the project of F5 LTM and GTM code upgrade project.
• Successfully installed Palo Alto PA-3060 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Integrating Configuring Confidential Wireless LAN Controllers WLC with ISE to perform Dot1x authentication for Wireless users.
• Implemented Positive Enforcement Model with the help of Palo Alto Networks.
• Responsible for setting up the infrastructure environment with majority of Confidential & Palo Alto appliances apart from various other equipment.
• Deployed F5 VIPRION B2150 blades to Exchange and recommended to turn on ASM module when web mail goes live to protect against L7 attacks.
• F5 BIG-IP application load balancing subject matter expert with particular concentration on layer 7 load balancing using I-Rule scripting in TCL.
• Involved in iRule management like loading rules, writing iRule syntax using TCL language and iRule extension to TCL Researched, designed, and replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Maintained a Network with more than 600 Network devices and 20K end hosts.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Exposure to wild fire feature of Palo Alto. Configured SNMP3, DHCP on Palo Alto 5050.
• Configuration UDLD, Loop guard, IP source guard, BPDU guard and other spanning tree features on Confidential switches. Worked on Infoblox for creating the DNS entries, A records and CNAMEs.
• Tasked with transitioning multiple disparate backup environments from merging datacenters into a single Netbackup Enterprise solution, utilizing both SAN and IP backup technologies.
• Planning and deployment of Confidential Identity Service Engine Solution
• Migration of network devices (Palo Alto, F5, Juniper, Aruba, Riverbed, Routers& switches) from one zone to other. Changing the management IP address.
• Completed upgrades when necessary on all Aruba controllers via Airwave, CLI and/or WebUI
• Performed load Balancing using F5 Networks Big IP.
• Configured access layer switches in the ISE lab for implementation testing
• Designed and implemented IT security policies and networked backup systems.
• Configured route redistribution between OSPF and EIGRP in a multi-area OSPF network.
• Implemented Hot Standby Router Protocol (HSRP) by tuning parameters like preemption.
• Daily responsibilities included design, implementation, support and administration of multiple security products running CheckPoint Provider-1 and VSX, SourceFire, and ISS Realsecure.
• Regularly performed firewall audits around CheckPoint Firewall-1 solutions for customers.
• Provided tier 3 support for CheckPoint Firewall-1 software to support customers.
• Work on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing and supporting Checkpoint Gateways.
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols (EIGRP, OSPF and BGP).
• Experience with Running Junos which network enhances the reliability, performance, and security of your existing applications.
• Troubleshot and configured the Juniper NetScreen firewalls (SRX).
• Monitored network activity within the Department of Education for intrusion and malware incidents using Sourcefire, Bluecoat proxy, McAfee ePolicy.
• Daily monitoring of network traffic using sniffers (Wireshark) and access logs to troubleshoot and identify network issues.
• Configured and maintained SolarWinds, Broadcast Station Manager, and CACTI to monitor and maintain cellular networks.
• Understand the flow of traffic through the Check Point Security gateway cluster and troubleshoot connectivity issues using advanced troubleshooting from Command Line Utilities.
• Worked with Confidential Nexus/NX-OS I Sr. routers and Confidential Catalyst Switches
• Worked with vendors and Engineering team to test new hardware and procedures.
• Consulted with engineering team to resolve tickets and troubleshoot L3/L2 problems.
• Monitored LAN/WAN network activity utilizing CA/Spectrum monitoring tools.
• Also prepared documentation for various VLAN's and Voice subnetworks and worked on Visio for the same.
• 24x7 on-call escalation support as part of the security operations team.

Environment: Confidential Routers 7600, 2600 and 3800, Confidential Nexus 7k,5k and 2k, Confidential Switches 6500, 5000, 3500 and 2950, BIG IP F5 LTM, Checkpoint and Palo Alto Firewalls, IT Security Policies, OSPF, EIGRP, HSRP, BGP, Sniffers, Resolving tickets, LAN and WAN networks.

Confidential, Macon, GA

Sr. Network Engineer / Administrator

Responsibilities:

• Troubleshoot, analyze data traffic, and validate the turn up of a new VoIP network
• Experience with convert Checkpoint VPN rules over to the Confidential ASA solution. Migration with both Checkpoint and Confidential ASA VPN experience.
• Designed and Implemented Nexus 7K/5K/2K and Catalyst 6500/4900/3750- X in a complex DC Core/Aggregation/Access layer on a 10G backbone in Production and DR Data Center
• Maintained the Network Infrastructure, installation, migration and configuration of routers and switches for clients.
• Provided alternative means from dial-up connection to bring down the damage or loss that occurs for the client.
• Commissioning and decommissioning, configuring, URL and Web filtering, SSL Certifactes, monitoring, SNMP traps, logging, blocking on Pala Alto devices, migrating from one network to other.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering)
• Configuring Rules and Maintaining Palo Alto 3060 & Analysis of logs using various tools
• Successfully installed Palo Alto PA 3060 to protect Data Center and provided L3 support for routers/switches/firewalls
• Expert working knowledge (including the ability to setup, configure, upgrade, manage and troubleshoot Confidential routers, switches, VPN concentrators, firewalls, IDS, IPS, 802.1x, Internet Proxy, 802.11 wireless access points and load balancers.
• Support of firewall technologies includes Fortinet firewalls. Administration, troubleshooting and engineering background is required. Knowledge of other firewall technologies (Checkpoint/PIX/Net screen a Plus).
• Installation & troubleshooting Mcafee endpoint encryption. Maintaining Mcafee endpoint encryption server & Client.
• Hands on experience on Security issues like DDoS, SSL, SNMP, Telnet, Open SSH, RC4 Ciphers.
• Problem solved network issues related to IP video multicasting, layer 2 and layer 3 services (VPLS and IES), DHCP issues, remote access, hardware failure, and link redundancy.
• Architected, Designed, and maintained Confidential UCS, boot from SAN solution.
• Lead the installation and configuration of corporate wide rollout of the Confidential Catalyst 3550, 3750, 4500, and 6509 switches.
• Installed and Configured Confidential ASA G Firewall Confidential Database & App Server Layer
• Experienced working with Nexus OS , IOS, CATOS and Nexus 7K, 5K & 2K Switches
• Worked extensively in Configuring, Monitoring and Troubleshooting Confidential 's ASA 5500.
• Experience in migration of VLANS.
• Configure and setup Confidential and Palo Alto Firewalls, VPN and Security appliances
• Experience configuring and administering Confidential /Juniper/Palo Alto firewalls (NAT/PAT, ACL, VPN)
• Live upgrade
• Expertise in implementing L2 technologies including VLAN's, VTP, STP, RSTP and trunking.
• Configuring and Troubleshooting Route Redistribution between static, RIP, EIGRP OSPF & BGP protocols.
• Configured RIP, OSPF, EIGRP, BGP, MPLS, QOS, ATM and Frame Relay.
• Configured Security policies including NAT, PAT, VPN's and Access Control Lists.
• Configuring IPSec VPN on Confidential Firewall.
• Live upgrade on 40 Nexus 7010 for both kickstart & system image code from version 5.1(1) to 5.1(3) and applied 5.2(5).
• Experience with Voice over IP (VOIP) and Installation of VOIP Confidential switching and routing phone network .
• Configured and managed VLAN’s, 802.1Q Trunk, RPVST+, Inter-VLAN routing, HSRP and LAN security for Layer-2 and Layer-3 switching domains as per the organization's requirement plan.
• Proxy servers and other methods that bypass URL filtering or monitoring.
• Live upgrade on 120 Nexus 5200 for both kickstart & system image code from version 4.2(x) to 5.1(x).
• Maintained, upgraded, configured, and installed Confidential ASA 5510, 5520, & 5505 Firewalls from the CLI and ASDM and use Confidential command line CLI, Confidential CSM, ASDM for day-to-day administration.
• Maintained DNS security via DNS ACLs and other DNS security measures. Implemented IP security measures and cured areas of DNS vulnerability.
• Worked with F5 Virtual Clustered Multiprocessing (vCMP) technology, coupled with Clustered Multiprocessing (CMP) technology, application delivery software, purpose-built hardware.
• Implementing and configuring F5 LTM's for VIP's and Virtual servers as per application and business requirements.
• Aided in troubleshooting potential network issues in rolling out ISE
• Managed network IP access via Dynamic Host Configuration Protocol (DHCP).
• Managed network security processes using ASA firewalls.
• Prepared technical documentation of configurations, processes, procedures, systems and locations.
• Redistribution of routing protocols and Frame-Relay configuration.
• Researched and implemented upgrade process to support Confidential VPN solution.
• Researched, designed, tested and implemented Confidential 's VPN solution for remote clients.
• Responsible for designing and implementation for customer network infrastructure.
• Upgrade Confidential Routers and Switches IOS using TFTP. prepared documentation for various VLAN's and Voice sub networks and worked on Visio for the same.
• 24x7 on-call escalation support as part of the security operations team.

Environment: Confidential ASA Firewalls 5510, 5520 and 5505, Checkpoint Firewall, Confidential Catalyst 3550, 3750, 4500 and 6509 switches, VLANs, VTP, STP, RSTP, Trunking, RIP, EIGRP, OSPF, BGP, NAT, PAT, VPN and DHCP.

Confidential, Franklin lakes, NJ

Network Administrator

Responsibilities:

• Implementation, configuration and support of Checkpoint and ASA firewalls for clients.
• Converted Branch WAN links from TDM circuits to MPLS and converted encryption from IPSec/GRE to Get VPN.
• Work on Big IP Load balancer LHA requests. Create Nodes, Virtual pool, Virtual
• Firewall Policy administration and work with user requests submitted by users. Use HP Service Manager Ticketing System for change and incident management.
• Developed and implemented core network consolidation plan. Included redundant configuration of Juniper EX8200.
• Implemented routing protocols and networking technologies (EIGRP, OSPF, BGP, DHCP, SNMP, SSH, QoS configuration, CoS/DSCP Mapping, NAT, IPSec, MPLS VPN, Frame Relay, ATM, leased line, etc.)
• Worked on Data Center WAN cloud comprising of OC12/OC3/DS3/T1/E1
• Manage checkpoint Firewalls split through multiple CMA's and administer using provider-1. (R71)
• Confidential ASA Firewall configuration and troubleshooting.
• Involved in the configuration & troubleshooting of routing protocols such as MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, and IP access filter policies.
• Worked on configuring and troubleshooting Nodes, Pools, Profiles, Virtual Servers, SSL Certificates, iRules, and SNATs on the F5 Big IPs using the Web GUI and CLI.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto 3060
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto 3060
• Monitoring and managing the network security with firewall devices like Confidential ASA, Palo Alto and Fortigate firewall, also IBM IPS/IDS
• Involved in various POC to test drive new Products/Technologies that would Value add to our Data Center Operations
• Troubleshooting connectivity issues within the server zones of the Data center (between application servers, database and web servers) as well as user requests and user connectivity issues from various branch locations, office locations and third party sites to data center.
• Actively use, smart view tracker, and Checkpoint CLI (to security gateways) for troubleshooting.
• Perform advanced troubleshooting using Packet tracer and TCP dump on firewalls.
• Built and support VRRP / Cluster based HA of Checkpoint firewalls.
• Firewall Policy Optimization using third party tool Tufin.
• Perform Firewall OS upgrades using CLI, Splat and Voyager GUI.
• Backup and restore of checkpoint Firewall policies.
• Black listing and White listing of web URL on Blue Coat Proxy servers
• Review Firewall rule conflicts, unused rules and misconfigurations and clean up.
• Checkpoint firewall policy administration and support between various zones.
• Modify and implement ACL changes on store routers and assist the user when there are any issues using Network Authority. Authentication to this is also done through TACACS
• Designed and implemented VLAN using Confidential Layer 3/2 switches on a Gigabit Fiber Backbone for a campus of 1500+ users
• VPN User access management on check point firewalls. Use LDAP for identifying user groups
• Schedule and participate in weekly meetings with various teams involved in the project to discuss the bottlenecks if any and contribute to design a solution framework. Maintain Configuration, Documentation (Visio's) and Records Management.
• Support Store Migration Project involving physical re-locations and DR testing involving various store locations.
• Part of migrating the entire store Confidential ACL's to Fortinet UTM devices. Use CSM to manage Confidential ASA Firewalls.
• Build and support Site to Site IP Sec based VPN Tunnels for all B2B and 3rd party communications.
• Work on Confidential based Routing and Switching environment with Rapid Spanning tree and using Routing Protocols such as BGP and OSPF.

Environment: ASA Firewalls, Blue Coat Proxy Servers, Checkpoint Firewall, Packet Tracer, VRRP, Firewall OS upgrades using CLI, Microsoft Visio, TACACS, BGP, OSPF and STP.

Confidential, Dallas, TX

Network Engineer

Responsibilities:

• Perform daily operational and maintenance checks on EWSD Switch and DSL Broadband network.
• Monitor and configure changes on installed Confidential networking devices such as Routers and Switches to address network related issues/problems.
• Integration routers, switches, firewalls and other SNMP capable devices in one network management system.
• Troubleshoot and repair all related network problems including replacement of heavy electronic parts, and works closely with technical support groups to expedite circuit repairs.
• Analyzed and corrected network troubles and system performance issues.
• Project design and proposal of large networks to key account customers and enterprises such as SDH, PBX, Frame-Relay (other WAN project designs) and offshore systems.
• Maintenance of client wide area networks (WAN) and local area networks (LAN).
• Analyze client system needs and requirements for the project proposal and design.
• Project design of computer networks inclusive of structured cabling (fiber-optic or UTP, voice and data alike), active devices (servers, switches, routers and other network appliances).
• Maintains system log and documentation.
• Worked on configuring and troubleshooting Nodes, Pools, Profiles, Virtual Servers, SSL Certificates, iRules, and SNATs on the F5 Big IPs using the Web GUI and CLI.
• Conduct surveys for structured cabling and network troubleshooting.
• Evaluation of new and upcoming IT equipment to be used for prospect projects.
• Supplier outsourcing.
• Subcontractor project coordination.
• Support of operations and maintenance projects of the company.
• Sales support on technical meetings.

Environment: EWSD Switch, DSL Broadband Network, SDH, PBX, Frame Relay, LAN, WAN, Structured Cabling, Maintaining System Log and Network Troubleshooting.

Confidential, Austin, TX

Network Engineer

Responsibilities:

• Configured Confidential Routers for OSPF, IGRP, RIPv2, EIGRP, Static and default route.
• Worked on HSRP for hop redundancy and load balancing.
• Configured the Confidential router as IP Firewall and for NATing Configured RSTP, MST and used VTP with 802.1q trunk encapsulation.
• Provided port binding, port security and router redundancy through HSRP.
• Designed ACLs, VLANs, troubleshooting IP addressing issues and taking back up of the configurations on switches and routers.
• Secured configurations of load balancing in F5, SSL/VPN connections, Troubleshot Confidential ASA firewalls.
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet and Gigabit Ethernet channel between switches.
• Experience in Confidential switches and routers: Physical cabling, IP addressing, Wide Area Network configurations.
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security
• Assisted in backing up, restoring and upgrading the Router and Switch IOS
• Assisted university campus for VOIP network management and troubleshoot
• Settings of the networking devices ( Confidential Router, switches) co-coordinating with the system/Network administrator during any major changes and implementation
• Routing protocols OSPF, RIP & BGP
• Implementation of name resolution using WINS & DNS in TCP/IP environment
• Configured FTP server for inside/outside users & vendors.

Environment: s: HSRP, OSPF, IGRP, RIPv2, EIGRP, RSTP, MST, BGP, DNS and VLANs