SUMMARY:

• 7 Years of Experience in Designing, Deployment and Operations of complex enterprise and service provider networks.
• Well Experienced in configuring protocols like HSRP, GLBP, VRRP, ICMP, IGMP and SNMP.
• Experienced working with Nexus 7010, 5020, 2148 and 2248 devices.
• Experience with Firewall Administration, Rule Analysis, Rule Modification.
• Responsible for designing and deploying various network security & High Availability products like Cisco ASA and Checkpoint Firewall products.
• Experience in configuring and troubleshooting Palo Alto devices like PA - 3050, PA-5060 and PA-7050.
• Implementation of F5 includes configuration/creation of Network Element, Pool, pool members and virtual server.
• Extensive experience in configuring and troubleshooting of protocols RIP v1/v2, EIGRP, OSPF, BGP and MPLS.
• Expertise on complex Checkpoint, Cisco ASA & Palo Alto firewalls Environment.
• Experience in Configuring and implementing VLAN, VTP domains, LAN switching and STP/RSTP
• Proficiency in configuration of VLAN setup on various CISCO Routers and Switches.
• Experience configuring & troubleshooting routing protocols like RIP, OSPF, BGP, EIGRP.
• Knowledge on configuration of I Apps (BIG-IP) application service in implementing F5 load balancer.
• Working and opening trouble tickets (TAC) and Smart net with Cisco for new product orders, device diagnostics and hardware/insurance.
• Experience with products such as Cisco ISE, Cisco ASA 5500 series firewalls and Cisco ACE 4710 Load balancers.
• Experienced in various Juniper products: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210 and SRX240.
• Responsible for the installation and configuration of Cisco ASA and Palo Alto Firewalls
• Working Knowledge on Devices like Juniper SRX 210, 240 and 550.
• Experience with Cisco ACI (Application Centric Integration) technology implementation.
• Experience in NAT Configuration on Cisco ASA Forti Gate and Palo-Alto Firewall.
• Experience in installing and configuring DNS, DHCP server.
• Experience in configuring Site-to-site and remote access VPN solutions.
• Experience on F-5 load balancers LTM and GTM.
• Migration of checkpoint firewall into Palo Alto networks using PAN.
• Experience in implementing and configuring F5 Big-IP load balancers 6400-LTM (V9).
• Strong knowledge on Wireless Standards and Technologies, i.e. Ethernet, WAN, LAN, IEEE 802.11 (Wi-Fi). Very good knowledge on IEEE 802.15.1 (Bluetooth), Mesh networks, etc.,
• Well experienced in configuring various routing protocols like RIP, EIGRP, OSPF, BGP and MPLS.
• Experience with network monitoring tools like Solar winds in regular backups and monitoring network inflow and outflow on various network devices and servers.
• Configured Security policies including NAT, PAT, VPN, Route-maps and Access Control Lists.
• Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, and Route Maps.
• Performed Configuration on ASR 9K Pairs includes HSRP, Bundle Ethernet Config, Assigning DHCP profiles.
• Experience in Checkpoint Firewall on SPLAT and VPN technologies, State full inspection, and Global rule base, address spoofing.
• Performed all maintenance tasks on the Nexus Switches, F5 Load balancers Infoblox DNS and Cisco ACI.
• Enterprise Switching with VLANs, Trunks, Spanning Tree, Port Spanning etc.
• Well experienced in configuring gateway redundancy protocols like HSRP, GLBP, PPP and SNMP.
• Worked on Load Balancer F5 LTM, GTM series like 6400, 6800, and 8800.

TECHNICAL SKILLS:

Routing Protocols: RIP, BGP, OSPF, EIGRP, Static Routing, IP Addressing, Subnetting, VLSM

Switch Technologies: VLANs, VTP, STP, DTP, ISL and dot1q

Communication Protocols: TCP/IP, UDP, DHCP, DNS, ICMP, SNMP, ARP, PPP

Redundancy Protocols: GLBP, HSRP, VRRP

Network Hardware: Cisco switches (2960, 3550, 3560, 4500, 6509, and 6513), Cisco Nexus Switches (2248, 2232, 5548, 5596, 7010,7718),Cisco routers (1900, 2900, 3900, 7200, ASR-1k/9k), Cisco ASA 5500 series, CSU/DSU s, network cards, Modems and F5 Network Load Balancer

Network Management Tools: MRTG, HP Open view, Cisco WAN manager, Cisco works 2000, Solarwinds Orion, and Zenoss.

Security: NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration, Internet Content Filtering, URL Filtering -Web-sense, SSL, IPSEC, IKE, Static, Dynamic, Reflexive ACL, and authentication AAA (TACACS+ & RADIUS).

Firewall: Cisco ASA, Palo Alto

Juniper: EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240.

Network Simulators: GNS3, Packet Tracer, Wire shark

OS: Windows, UNIX, LINUX

Hardware: Cisco Cat Switches, Routers, Cisco IP796X/794X.

PROFESSIONAL EXPERIENCE:

Confidential, Pittsburgh, PA

Senior Network Security Engineer

Responsibilities:

• Monitor, operate and support network security devices such as cisco ASA
• Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E.
• Experience in F5 load balancers, its methods, implementation and troubleshooting on LTMs and GTMs
• Experience on the Palo Alto firewall platforms PA-7050, PA-5050, PA-2000 series, PA-200, PA-500.
• Experience in configuring all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments.
• Configured OSPF and Static routing on Juniper M and MX series Routers.
• Establish AWS technical credibility with customers and external parties
• Help customers build scalable, resilient, and high-performance applications and services on AWS
• Develop/capture/document architectural best practices for building systems on AWS
• Working on as security devices Cisco ASA series, Palo Alto firewalls.
• Working on to set up OSPF dynamic routing on Cisco ASA Firewalls by using and following their current network structure.
• Configured IPSec, SSL-VPN (Mobile Access) on Checkpoint Gaia and troubleshoot VPN tunnel connectivity issues.
• Configuring and troubleshooting type of routing to route traffic flow per customer requirement as primary, backup/F5 load balanced and load splitting.
• Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
• Supporting EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations.
• Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.
• Documenting workflow process, managing and implementing standard policy and procedures.
• Apply Cisco ISE configuration to switches.
• Experience in configuring all Palo alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments.
• Provide level 2/3 support for ISE related issues, including off-shift and weekend support functions
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Managing data center and network by using solar winds, NPM, NTA, NCM and F5 load balancer
• Working on troubleshooting, implementing and configuring new devices and helping them to build new data center and moving devices from one data center to another by moving all devices.
• Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010
• Deployed VXLAN on the Nexus 9000 to map the physical VLANs to the Virtual Overlay VLANs.
• Deployed the Nexus 9000 Application Virtual switch to support network telemetry applications and 9000 Core with VPC and 3172 TOR.
• Configured RBAC and VPN User access management on checkpoint firewalls. Used LDAP for identifying user groups.
• In corporate Cisco Nexus 9000 NXOS to ACI fabric to work in concert with existing Nexus 7000s and ASRs.
• Knowledge of Cisco ASA firewall, VPN, GRE over IPSec tunnel configuration and Route-maps.
• Reconfigured Data Center core routing with Nexus 9K in VPC using HSRP Experience working with JUNOS OS on Juniper Routers and Switches.
• Experience working on CISCO NEXUS data center infrastructure with 2000, 5000 and 7000 series switches by enabling networked devices to communicate effectively
• Automated network implementations and tasks and designed monitoring tools using python scripting

Confidential, Strongsville, OH

Network Operations Engineer

Responsibilities:

• Involved in designing new 10-Gig infrastructure with Security team on Gigamon HC2.
• Assisting Networking with installation and implementation of Gigamon Giga VUE HC2 into production environment to provide monitoring taps for Security appliances
• Experience in configuring Load balancers and Riverbed WAN optimizers.
• Areas of responsibility include routing and switching, SSL VPN and Site-to-Site VPN using Cisco ASA 5505 and 5520, Riverbed WAN optimization.
• Implementation and troubleshooting F5 Load balancers.
• Implementation, configuration & troubleshooting the issues related to Virtual Servers, pools, nodes & s on F5 Load Balancer.
• Experience in working with Nexus 7010, 5548, 5020, 2148, 2248 devices.
• Implementing and Maintaining Network Management tools (OPAS, Solar Winds, Cisco Works)
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed
• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Involve in deployment of new F5 LTM for Datacenter.
• Worked with OLT, ONTs, splitters and fiber optics on a campus LAN.
• Migrated to Juniper EX series switches from Cisco 3500 series and 6500 series switches
• Configure and troubleshoot Juniper EX series switches and routers.
• Design, and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Experience with configuring BGP, OSPF in Juniper M and MX series routers.
• Involved in configuring Juniper SSG-140 and Cisco ASA firewall
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
• Experience with Network Automation using Python
• Migrating the policy from Cisco ASA firewall into Palo Alto.
• Experience with deployment of Palo Alto firewalls for different NAT, video conferencing traffic
• Experience with migrating the Partner IPSEC VPN tunnels from one data center to another data center.
• Replace Campus Cisco 6509 End of Life hardware with new 4507/4510 devices.
• IOS upgrade in Nexus 7010 through ISSU (In service software upgrade)
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tuning AS-path.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Experience with Project documentation tools & implementing and maintaining network monitoring systems and experience with developing network design documentation and presentations using VISIO
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems,
• Experience working with JUNOS OS on Juniper Routers and Switches.
• Configuring Cisco ASA firewalls in single and multiple context mode firewalls.
• Deployed VXLAN on the Nexus 9000 to map the physical VLANs to the Virtual Overlay VLANs.
• Configuring & managing Security Devices that includes F5 BigIP Load balancers, Blue Coat Proxies and Plug Proxies.
• Configured VDC’s and implement layer 2 topologies using Fabric Path, L2-L3, VRFs, Port Channel and OTP functionality.
• Configured Cisco ASA 5510 Firewall to establish logical separation between legacy network & lab environment.
• Extensively worked on Juniper models EX 2200, EX 4200, MX-480, SRX 210 and SRX240.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover, DMZ zoning, & Configuring VLANs/routing/NATing with the firewalls as per the design

Confidential, Lehi, UT

Network Engineer

Responsibilities:

• Installation, Maintenance, Troubleshooting Local and Wide Areas Network by using ISDN, Frame relay, DDR, NAT, DHCP, and TCP/IP.
• Manage and coordinate all infrastructure related moves, adds, and changes.
• Implement, and maintain Local/Wide Area Network over 13 branches.
• Configured OSPF, BGP on Juniper M and MX series Routers.
• Configuring ACL to allow only authorized users to access the servers.
• Maintain effective communications with vendors, peers and clients in resolution of trouble-tickets, equipment.
• Design and configuring of OSPF, BGP on Juniper Routers (MX960, MX480) and SRX Firewalls (SRX240, SRX550).
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Configuring VLANs/routing/NATing with the firewalls as per the network design.
• RMAs, and support requests.
• Troubleshoot Hardware, Cisco IOS, install and configure Cisco routers and switches.
• Participated in on call support in troubleshooting the configuration and installation issues
• Worked in Configuration and extension of VLAN from one network segment to other segment between different vendor switches (Cisco, Juniper)
• Provided Technical support in terms of upgrading, improving and expanding the network.
• Project to migrate/re-design 700+ customer connections (MPLS & Frame) out of retired
• Data center to new Juniper M120.
• Knowledge of Cisco ASA firewall, VPN, GRE over IPSec tunnel configuration and Route-maps.
• Time to time upgrade network connectivity between branch office and regional office with multiple link paths and routers running HSRP, EIGRP in unequal cost load balancing to build resilient network.
• Configured network using routing protocols such as OSPF, BGP and troubleshooting L2/L3 issues.
• Configuration of NAT.
• Involved in troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP.
• Configuring VLANs/routing/NATing with the firewalls as per the network design.
• Setup internet domain name and resolved DNS, LAN/WAN connectivity issues for the Website
• Upgrade of Cisco ASA Firewall in Active/Standby mode with no down time.
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP.
• Deployment of enterprise firewalls (Palo Alto Networks, Cisco ASA, CheckPoint) in production environments.
• Check for DNS issues by pinging the server’s name.
• Configured Client VPN technologies including Cisco’s VPN client via IPSEC.
• Configure switch VLANs and inter-switch communication. Build and setup network Laboratory.
• Actively involved in troubleshooting on network problems with Wire shark, identifying and fixing problems.

Confidential, Addison, TX

Network Engineer

Responsibilities:

• Designed VLAN’s and set up both L2 and L3 logical to have it communicate to the Enterprise network.
• Scheduled preventive maintenance for fire-protection systems, including new protocols. Utilize MS Windows, Word, and Excel for reporting/documenting process.
• Provide high level technical support, including identifying and resolving problems on Cisco supported products for e-Commerce infrastructure. This included external routing and internal/intranet routing for DMZ servers.
• Prepared Engineering documents and Network diagrams in Microsoft Visio.
• Configured EIGRP, BGP, and MPLS.
• Implemented Load Balancing between Cisco L3 Switch by HSRP and GLBP.
• Provided support regarding call routing, translation patterns, media resources etc.,
• Configured redundant pair setup and synchronization between pairs on F5 load balancer.
• Involved in migrating applications from net scalars to F5 Big - IP environment.
• Configure Firewall, IPS, QoS by SDM and provide security by Prefix list, Access- List and By Distribution List.
• Configured Cisco Routers for OSPF, IGRP, RIPv2, EIGRP, Static and default route.
• Worked on HSRP and GLBP for first hop redundancy and load balancing
• Moved Core switches and several non-Cisco devices under strict deadlines to maintain network functionality
• Satisfactorily Resolved Problems in timely manner with focus on providing a high level of support for all customers.
• Implemented new ultra-secure networks in multiple data centers that included Cisco 6500s and Juniper security devices.
• Delivered Departmental Efficiency through advanced engineering, technical support, and documentation procedures.