SUMMARY

• Over 8 years of experience in providing solutions, implementation, configuration and troubleshooting of Cisco Routers and switches, fine tuning of firewalls, VPN configuration, troubleshooting network related problems in Enterprise Network.
• Experience in configuring Cisco switches and Cisco routers and F5 Load Balancers. Experience with various LAN and WAN technologies and protocols like: - TCP/IP, VLAN, VTP, STP, EIGRP, OSPF, BGP, IKE/IPsec VPNs, NAT and access list.
• Knowledge and experience on Protocols such as TCP/IP, SNMP, ICMP, NAT, PAT, Firewall technologies including general configuration, security policy, rules creation and modification of cisco ASA and Palo Alto.
• Experience in addressing Cisco infrastructure issues, monitoring, debugging like routing, WAN outages, Network Hardware/Software failure, configuration and performance issues.
• Practical experience in DNS, DHCP, Group policy, Replication, Active directory domain trust relationship.
• Worked on F5 LTM series like 6400, 6800 for the corporate applications and their availability. Configuring, Administering and troubleshooting the Palo Alto firewall.
• Also proficient in handling Network Monitoring tools and Packet capture tools, technical documentation and presentation tools and also has excellent analytical, organizational, problem solving & resolution skills.
• Configuring and troubleshooting CISCO catalyst 6509, 7609, 7613 with Supervisor cards, Cisco 3640, Cisco GSR 12416, 21418. Extensive experience in designing and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls. Implement/Maintain a Juniper Environment of 600 data collection units across USA.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST. Implementation of HSRP, VRRP for Default Gateway Redundancy.
• Experience in testing cisco routers and switches in laboratory and deploy them on site production. In-depth knowledge and hands-on experience in IP Subletting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3, Firewalls.
• Adept in preparing Technical Documentation and presentations using Microsoft VISIO/Office. Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Experience with Palo Alto Networks Next Gen firewalls. Installing and configuring FWSM and ACE modules on Cisco 6509 distribution switches.
• Experience in Juniper NetScreen OS, JunOS SRX, Cisco, and Pulse Secure systems.
• Implemented firewalls using Cisco ASA, Cisco PIX, Check Point Provider-1 /SiteManager-1 NGX R65, Firewall-1/VPN-1 NGX R65 Gateways, Secure Platforms. Migration of all the PIX firewalls to ASA firewalls.
• Configuring, Administering and troubleshooting the Checkpoint, Palo Alto, Imperva and ASA firewall

TECHNICAL SKILLS

Cisco routers: 2600, 2941, 2960, 7200, 7609, ISR 4331, 4551 and CRS-100v

Cisco switches: Cisco 3550, 3750, 3850, 45XX, 65XX series

Nexus: 7k, 5k and 2k

Switching: LAN, VTP, STP, PVST+, RSTP, Inter VLAN routing & Multi-Layer Switch, Multicast operations, Layer 3 Switches, Ether channels, MPLS

Firewalls: Juniper (Net screen 5200,5400), SRX-650, SRX-480, (ASA (5510,5520,5540,5550,5580-20), FWSM, PIX (515,525,535), Palo Alto (PA-2k, 3k, 5k), Checkpoint NGX R-55, R-60, R-65

Network Routing Protocols: OSPF, EIGRP, BGP, VRRP, HSRP, Policy Based Routing, Route Filtering, Redistribution, Summarization, Static Routing

Security: ACL, IPsec, VPN, Port-security, Zone-Based Firewalls, NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration, Internet Content Filtering, Load Balancing, DS/IPS, URL Filtering

Load Balancer: F5 Networks (Big-IP), ACE

IP Services: L2VPN, L3VPN, VPLS, QOS

WAN: Frame Relay, ISDN, PPP, MPLS, exposure to DS1, DS3, OC3, OC12, T1 /T3

PROFESSIONAL EXPERIENCE

Confidential

Sr. Network Engineer

Responsibilities:

• Working on Site migration from Partner network to separate network to SD-WAN solution.
• Documented and developed technical procedures for the maintenance, operation and sustainment of the operating environment.
• Deployed cisco switches and routers from scratch for migrated sites.
• Assisted with code upgrades for cisco environment and operational procedures.
• Assisted with legacy wireless controller and Meraki deployments.
• Experience to review and evaluate current and future design issues as required maintaining network integrity.
• Configuring and maintaining Radius and TACACS server for all network authentication and accounting of network infrastructure.
• Worked on route settings and reconfigure cisco switches (3750,3650,3900,4500,6500) to harden IOS policies according to standard operational procedures.

Confidential, Miami, FL

Network Operations Engineer

Responsibilities:

• Campus LAN and WAN solutions were implemented on Cisco products, network segmentation and access control Confidential campus.
• Supported 5 cruise ship with different architecture to every ship and worked on standardization among ships. Moreover, we have supported and administered over 10,000 devices across five ships.
• Worked on Solar winds migration project, migrated NPM from 12.3 to 12.5 with dedicated resources allocated.
• Integrated IP address management and network traffic analyzer module to solar winds to better visibility of devices Confidential ships.
• Working knowledge of dynamic network routing protocols such as Eigrp, OSPF and BGP.
• Working knowledge and providing support with Cisco Nexus 7K, 5K, 2K, VPC, VDC, Port-channels and 802.1q trunks.
• Supported and administered with 3750 and 3850 stacks, ISR WAN 4551-X, 4331 and CSR routers
• Good experience with major routing protocols EIGRP, OSFP, BGP This includes advanced routing techniques such as Policy Based Routing, VRF, and Qos Campus network switching design and configuration including FHRPs, VSS, VTP, Multicast, and Spanning Tree.
• Hands-on technical experience working with VPN technologies like (IPSEC, SSL VPN, and DMVPN,).
• Responsible for the implementation, organization and operation of Palo Alto Firewalls based on perimeter security network (PA-3020, PA-5220). Create and maintain documentation of standards, best practices for supported technologies.
• Good experience of firewall configuration and maintenance, experience with Cisco ASA equipment such as (5525-X, 5545-X and 5585-X along with firepower services.).
• Work within established configuration and change management policies to ensure awareness, approval and success of changes made to the network infrastructure.
• Supported and administered Cisco wireless and Aerohive wireless network on both ships and campus side.
• Maintaining and administering cisco network environments including systems software, hardware, and configurations.
• Troubleshooting network problems and outages and collaborating with network architects on network optimization.
• Providing Level-2/3 support and troubleshooting to resolve issues and I have been on 24/7 on-call rotation support.

Confidential, Kansas City, MO

Network Operations Engineer

Responsibilities:

• Experienced in supporting Nexus 5k, Nexus 7k, catalyst 9300, 6800, 3850, 3650, ASR 1001-x, 1002-x routers and switches.
• Demonstrated success in dealing with firewalls, IDS/IPS, SEIM, access control and load-balancing.
• Configured and performed troubleshooting with routing and switching protocols, including BGP, OSPF, MPLS, and HSRP.
• Coordinated with various teams for disaster planning and performed network backup and monitored recovery processes.
• Logged, resolved and escalated on-site and off-site issues.
• Installed patches and performed backups, system builds and image updates.
• Managed and ensured the stability of all network and wireless services throughout the enterprise.
• Monitored the stability of the network and wireless services to ensure comprehensive stability.
• Monitored network performance and provided network performance statistical reports for both real-time and historical measurements.
• Managed firewall, network monitoring and server monitoring both on- and off-site.
• Maintained Cisco Wireless Network devices, to include Prime, ISE, Cisco Wireless Controllers, and configuring Aruba and Cisco Access Points in a Secure environment for the DoD.
• Migrating Cisco ASA firewalls policy to new Checkpoint appliance with support of vendor specific tool.
• Deployed Cisco FireSight, ISE using certificate authority signed certs with pxGrid remediation module.
• Worked on ISE 802.1X, ISE wired/wireless guest and ISE trustsec implementations.
• Deployed, configured, and managed of 802.1x solutions to include Cisco Identity Services Engine (ISE), ACS (Radius and TACACS+), and Cisco Prime Infrastructure.
• Assistance provided with initial installation and configuration for SDA (ISE, DNAC+Assurance, Stealth watch, APIC-EM, Catalyst 9k and programmability) Assessment for the newly implementing customers.
• Firewall technologies including general configuration, optimization, security policy, rules creation and modification of Palo Alto. Experience with working on Palo Alto centralized management GUI PANORAMA.
• Experience with working on Palo Alto Next-Generation firewalls security profiles and Cisco ASA VPN. Exposure to wildfire advance malware detection using IPS feature of Palo Alto.
• Configure all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments. Palo Alto design and installation, which includes Application and URL filtering Threat Prevention and Data Filtering.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls - PA200, PA2000 series, PA3000 series, PA4000 series, PA5000. Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs. Installing and Configuring Palo Alto Pa-500 series firewalls using Panorama.
• Configure all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments. Hands On experience in push Policy from Panorama to Firewall in Palo Alto. Worked with Palo Alto Firewalls PA250, PA4050, PA3020 using Panorama servers, performing changes to monitor/block/allow the traffic on the Firewall.
• Experience on Palo alto with ACLs, Firewalls, and/or Intrusion Prevention Systems (IPS)
• Experience with monitoring solutions, correlation tools, and identity and access control systems. Solid knowledge and experience with Layer 2-7 protocols and technologies
• Strong knowledge and experience with routing, security protocols, ACLs, Firewalls, and Intrusion Prevention Systems. Prioritized simultaneous projects to perform effectively under shifting deadlines in a fast-paced environment.
• Reviewed technical specifications from clients and vendors to confirm adequacy, accuracy and functionality.

Confidential, Minneapolis, MN

Sr. Network Operations Engineer

Responsibilities:

• Configured, deployed and managed firepower/Sourcefire and legacy IPS (Intrusion Prevention System) across Ameriprise Environment.
• Worked on upgrades for Legacy IPS and Sourcefire IPS from first version 5.3.1 to newest version 6.1. Worked on migration project from Palo alto IPS to Firepower IPS for guest wireless. Troubleshooting and provided solutions that would fix the problems for Legacy and Sourcefire IPS modules.
• Design, Deploy and installation wireless controller (2500) and access points high profiled site Confidential One world trade center, NY.
• Worked on wireless controller upgrade 5508 and involved in cisco Prime infrastructure upgrade as well.
• Dealt with 3650,3750 and 3850 stack and wan router ASR 1001, 1002, 1001-X, 1002-X upgrades across all the datacenters Confidential Ameriprise networks and Nexus 5k upgrades as well.
• Involved in major project as part of bug fixes and vulnerabilities we upgraded Next generation ASA firewalls like 5515-X, 5525-X, 5545-X, 5585-X.
• Worked as lead engineer for VPN performance to identify client bandwidth issues and worked for VPN bandwidth capacity planning for Super bowl event. Responsible for troubleshooting network and firewall problems, specifically Palo Alto and Cisco ASA’s.
• Responsible for the implementation, organization and operation of Palo Alto Firewalls based on perimeter security network (PA-5020, PA-5050). Create and maintain documentation of standards, best practices for supported technologies.
• Deployed Impulse network access controller and designed policies to prevent unknown devices from connecting to the internal network.
• Supported VoIP infrastructure and its associated software, including IP-PBXs, call management systems, voice mail, and interactive voice response.
• Manage project task to migrate from Cisco ASA firewalls to Check Point firewalls. Deploying of Cisco ISE on Nexus 5000/7000 routers, Cisco switches, and Cisco ASA and Firepower firewalls. Executing RADIUS pre-deployment tasks like ISE setup, loading templates into Cisco Prime.
• Worked as team member on administration, operations, diagnosis and maintenance of the Unified Communications, Call Center and Collaboration platforms.
• As part of SOC2 audit documentation, I am responsible to provide evidence for controls. Worked QOS standardization across the network and troubleshooting video pixilation issues between sites. I have used Putty to perform configuration and implementation on cisco routers and switches.
• Design, setup and configure Cisco wireless networking that supports open or secured access. Troubleshooting failed radius authentication on wired, wireless and guest Wi-Fi in Cisco ISE.
• Worked on NETMRI Infoblox network automation tool to identify standard configuration on routers and switches using Regex and CCS scripting.
• Worked closely with cisco for scrub version recommendations on weekly basis to make sure Ameriprise networks are not vulnerable. Testing and migration of corporate Internet Zscaler tunnel from Washington node and Denver node.
• Manage day-to-day networking engineering and support. Log work and track service problem tickets in centralized ticket tool (service now). Good team player capable of working independently or with other network engineers.

Confidential

Sr. Network Engineer

Responsibilities:

• Manage all Network and Firewall devices to include Cisco routers, switches, SSLs, VPNs, Checkpoint as well as content delivery networks (Citrix Netscaler, F5 BigIP LTM and GTM load balancers)
• Work with the following routing/switching protocols: BGP, OSPF, EIGRP, HSRP, VRRP, GLBP, VTP, 802.1d, and 802.1q, ISL, VLAN’s and Port-Channels.
• Configure switch ports connecting to the WAN and LAN networks with separate subnets and VLAN’s, Experience with Checkpoint Firewall policy provisioning. Configuring OSPF as the Routing Protocol between PE and CE routers. Worked on MPLS enabled Backbone
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5K and 7K .
• Deployment, configuration, and management of 802.1x solutions to include Cisco Identity Services Engine (ISE), ACS (Radius and TACACS+), and Cisco Prime Infrastructure. Address, ISE Endpoint Information, which is used to estimate the failure, risks before change windows.
• Experience working with design and deployment of MPLS Layer 3 VPN cloud, involving VRF, Route Distinguisher (RD), Route Target (RT), Label Distribution Protocol (LDP) & MP-BGP . Implemented Access lists and policy mapping on Juniper router installed in each branch across all the states.
• Performed circuit provisioning. Coordinated with engineering team and onsite technician for remote configuration of Cisco routers, switches, monitoring the cable design
• Verify the VLAN ID’s are allowed through Unicast filter in MSS in case of troubleshooting, Configured OSPF, MPLS, BFD, QoS, creating VC/VP’s and assigning traffic parameters per the target profile Verification, Validation, Monitoring and Documentation after every day’s work by checking KPI
• Tracked customer network Confidential NOC 24x7, prepared forecasts of network traffic and capacity, and recommend modifications to the network configurations which reduce costs or improve quality of service
• Experience with UC or voice technologies such as Cisco CUCM or SIP. Develop, test and update network and voice plan and operating procedures. Responsible for ongoing maintenance and updates of network and voice infrastructure.
• Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with Cisco ISE.
• Worked on Cisco ISE to prevent unauthorized access to the network.
• Cisco ISE supports AAA, 802.1X and mobile device management.
• Integrating Configuring Cisco Wireless LAN Controllers WLC with ISE to perform Dot1x
• Performed upgrade on Cisco ISE from version 1.4 to version 2.0. After performing upgrade took advantage of TACACS and onboarded new network equipment into ISE instead of the unsupported Cisco ACS server.
• Troubleshooting problems on a day to day basis & providing solutions that would fix the problems within their Network Preparing various project reports for identifying areas of obstruction, conducting troubleshooting to rectify the network.
• Ensuring execution of preventive maintenance of networks, including schedules maintenance to ensure trouble free and seamless operations.