PROFESSIONAL SUMMARY:

• A CCNA / CCNP Certified professional with over 8 years of experience in Networking and Security, including hands - on experience in providing network support, installation and analysis for a broad range of LAN/WAN/MAN communication systems.
• Detailed understanding of different layer 2 protocols like VLANs, VTP, STP, RPVST, Port Security, and Ether Channels (LACP and PAGP).
• Experienced in Data-CenterNexus 7009, 7018, 5548P, 5596T, 2148T, 2224Tand 6000switches.
• Worked on configuring the Nexus 5K Aggregation Switch and Nexus 2K Fabric Extenders.
• Implemented VDC, VPC, VRF and OTV on the Nexus 5505 and 7009 switches and also implemented VSS on Cisco catalyst 6509 and 6513switches.
• Worked on Cisco 1800, 2600, 3600, 7200 and 7600 routers.
• Experiencedand skilled in configuring Routing Protocols RIP,EIGRP, OSPF and BGPV4 on Cisco routers like 2600, 2900, 3600, 3900, 7200 and 7600 series.
• Designed Redundancy Gateways for Campus Network using HSRP/VRRP/GLBP.
• Hands on experience in configuring and supporting site-to-site and remote access Cisco, IPsec, VPN solutions using ASA/PIX firewalls, Cisco and VPN client.
• Experience in deploying Cisco 6900, 7800, 7900, 8800 and 3900 series VoIP phones.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP, Ether channel, STP, RSTP and MST. Implementation of HSRP, VRRP for Default Gateway Redundancy.
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems.
• Responsible for Check Point and Cisco ASA firewall administration across global networks.
• Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
• Worked on F5 LTM, GTM, ASM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Ability to manage complex multi-organizational projects . Outstanding organizational skills; handle multiple projects simultaneously and meet strict deadlines .
• 2 years of project leadership experience. Develop project plans and insure scheduled completion dates are met.
• Experience in testing Cisco routers and switches in laboratory and deploy them on site production.
• DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Working experience with 6500 series switches at layer 2 and layer 3.
• Working experience with Wireless LAN Controller (WLC) and Light Weight Access Point (LWAP).
• Experience in configuring and troubleshooting various layer 3 routing protocols like RIP, OSPF, EIGRP and BGP.
• Expertise is maintaining stable STP topology using protocols such as Port fast, BPDU guard, root guard and UDLD.
• Experience in Trunking protocols 802.1q and ISL.
• Good scripting skills in bash and Python.
• Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Expertise in creating groups and pruning traffic flow using VLAN, VTP, ISL, 802.1Q.
• Familiar with REMEDY for ticket change management process.
• Some knowledge in documentation and updating client’s network documentation using Visio.
• Responsible for up gradation and maintenance of client website with latest networking products and offerings using HTML 5.0 with some amount of java scripting.
• Troubleshooting and monitoring application issues using tools like Wire-shark.
• Excellent inter-personal skills with the ability to work in a team of large members with minimum supervision necessary.
• Experienced in Microsoft Visio creating a detail physical and logical network diagrams.
• Supported Large Frame-Relay, MPLS, E1/T1, ISDN, Analog networks.
• Provided input and recommendations for equipment purchasing to maximize added value and scalability

TECHNICAL SKILLS:

Routers: Cisco 7600, 7200, 3800, 3600, 2900, 2800, 2600

Routing Protocols: OSPF, EIGRP, BGP, RIP v1/v2, PBR, Route Filtering, Redistribution, Summarization, and Static Routing, IS-IS, ICMP, FTP, SMTP, HTTP/HTTPS

Switches: Nexus 2K/5K/7K, Cisco Catalyst 6500, 4500, 3850,3560, 3750, 2960; UCS-C, UCS-D, UCS-M, CUCM

Switching: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Ether channels, Transparent Bridging.

Network Security: Cisco ASA 5540, ACL, IPSEC,F5 Load Balancer, Checkpoint, Blue Coat, Palo Alto, SCADA, Process Control Domain(PCD)

Juniper Platforms: SRX, MX, EX Series Routers and Switches

Load Balancer: F5 Networks (Big-IP) LTM 8900 and 6400,GTM, Cisco CSM, APM

LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet

WAN: PPP, HDLC, Channelized links (T1/T3), Fiber Optic Circuits, Frame Relay

WLAN: Autonomous AP s, Lightweight AP s, WLC, Channels- 802.11b/g; Air Magnet, Ekahau, Map Info

Various Features & Services: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP, FTP.

AAA Architecture: TACACS+, RADIUS, Cisco ACS.

Network Management: Wireshark, SNMP, Solar winds, HP Open View, KTLO, Cisco Prime

PROFESSIONAL EXPERIENCE:

Confidential, Menomonee Falls, WI

Senior Security/Network Engineer

Responsibilities:

• Involved in Integration, configuration and maintenance of Cisco Router, Catalyst Switches and Firewalls.
• Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers.
• Responsible for all routing, switching, VPN, network security, and server load balancing.
• Using PBR with Route Maps for route manipulation/filtering. Troubleshooting routing issues like suboptimal routing and asymmetric routing
• Implemented various EX, SRX & J series Juniper devices
• Have created lot of site to site IPSEC VPN tunnel with Checkpoint, Juniper Net screen firewalls and Cisco PIX/ASA firewalls. Completed a project to update the patch HFA50 across all the firewall to overcome the bugs in the existing version of R65.
• Remotely deploying configuration files to devices through python automation.
• Strong engineering and implementation skills especially around the Cisco (switches/routers/wireless controllers), Fortinet Firewalls.
• Strong technical acumen with TCP/IP, VLANS, WANS, routing and switching (Cisco)
• Experience with Cisco hardware implementation, maintenance and support
• Expert knowledge of WAN, LAN, TCP/IP, Firewalls, Routers, Switches and troubleshooting these devices
• Support and implement required improvements, regulatory requirements, strategic improvements, and operational improvements through the planning and execution of company projects and tasks.
• Worked on writ ing technical documents and manage projects from concept to production.
• Professional understanding of Firewalls (Cisco ASA, Cisco ISE, Cisco Firepower,Palo Alto, Fortinet, Checkpoint, end user authentication, remote access,security network segmentation, security compliance other).
• Extensive hands-on in network equipment of Cisco, Fortinet etc.
• Configure Firewalls (Cisco ASA, Palo Alto, Fortinet, Checkpoint, other) within the CNO Environment.
• Build and maintain virtual environments such as Hyper-V, VMware, Veeam & Azure
• Good knowledge with Cloud Environment management e.g., AWS, Azure, etc.
• Experience building out intercloud connectivity using SD WAN solutions .
• Assume operational responsibility for SD-WAN/LAN/WAN, wireless and monitoring systems as assigned.
• Good understanding in areas of IP routing, Wide Area Networking technologies, MPLS, SD-WAN, VLANs, Cloud Services, ISE, Firewalls, Load balancers, Security Compliance and disaster recovery solutions.
• Responsible for supporting Azure, AWS Cloud infrastructure and on-perm infrastructure.
• Technical oversight for development, implementation, troubleshooting and migration of Avaya CC and UC solutions.
• Experience working with Avaya solutions at architecture, design, configuration and implementation.
• Responsible for supporting Azure, AWS Cloud infrastructure and on-perm infrastructure. hands-on experience in troubleshooting cloud and windows server infrastructure including virtualization with Hyper-V.
• Good Understanding of Cloud computing, SAAS, hosted systems.
• Observe, manage, and maintain constant operational monitoring of network and server environments through the management suite SolarWinds .
• E xperience managing and monitoring of network and server environments through the management suite SolarWinds.
• Ability to work on multiple projects at Avaya’s direction.
• Strong Avaya UC and CC experience at solution level spanning multiple Avaya products.
• Integration of Avaya systems with other third-party non-Avaya adjuncts - CRM, Call Recording, Workforce Optimization, AI solutions and others.
• Toubleshoot issues related to Zscalar and proofpoint.Implement security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA(TACACS+ & RADIUS)
• Good knowledge and experience in Proxy (ZScalar and AWS).
• Experience with Zscaler cloud-based proxy and firewall, routing all traffic through its software to apply corporate and security policies.
• Strong understanding of large scale shared storage platforms such as Amazon S3 or Azure Storage services.
• Hands on experience with C2, ECS, S3, LBS, API Gateway, VPC, IAM, CloudTrail, CloudWatch.
• Experienced with S3, EC2, APIGateway, SQS, Postgres, Kafka, Spark and Airflow, and Prefect.
• Hands on experience on Cisco, Checkpoint and Fortigate firewalls and management systems.
• Experience with NGFW support and implementation; preferably FortiNet Fortigate family.
• Good knowledge with Cisco (IOS NX-OS, ASA), Checkpoint (IPSO, SPLAT, GAIA), Fortigate, Juniper NetScreen, Juniper JunOs, F5.
• Install and configure Avaya Equinox conferencing management and media servers for audio/video/web conferencing.Integrate Avaya Equinox conferencing servers with System Manager, Session Manager, AADS and Avaya Web Gateway.
• Lead engineering efforts across a wide variety of network security products (e.g. next generation firewalls, intrusion detection/prevention systems (IDS/IPS), VPN, Network Access Control (NAC), SIEM).
• Strong technical expertise in firewalls, next-gen firewalls, network intrusion detection and prevention systems (IDS/IPS), Network Access Control (Cisco ISE), and VPNs.
• Direct experience with managing network security tools NextGen Firewall, IPS/IDS, NAC, and/or SIEM.
• Experience with Security Architectures, Endpoint Security, NextGen Firewall Platforms, Identity Access Management, and Enterprise Segmentation.
• Worked on F5 Enterprise Manager 3.1 version to manage multiple F5 LTM devices from single-pane view.
• Hands on Experience configuring and testing F5 I Rules using Browser (IE), HTTP watch.
• Experience on cloud AWS cloud EC2, S3, RDS, Load Balancer, Auto Scaling with AWS command line interface and AWS python SDK
• Hands-on and management experience specific endpoint security discovery tools such as Armis, ZingBox, Claroty, etc.
• Performing maintenance and sustainment of all DHA Armis components to ensure performance, stability and availability conforming to established service level agreements (SLAs).
• Providing administration and technical support for Armis servers, containers, or other such infrastructure hosted within the AWS GovCloud.
• Practical experience with the design, deployment and troubleshooting of wireless networks, including complex inter-domain authentication processes.
• Implement, maintain and operate routers, switches, wireless access points and controllers, VPN devices and related services in support of the Network Operations Center by leveraging technologies including OSPF/BGP .
• Providing administration and technical support of physical and/or virtual Armis systems hosted throughout the DHA MecCOI to include site-local Collectors appliances.
• Delivering timely and responsive technical support of all DHA Armis components to address service degradations, interruptions or other such impactful events in accordance with established service level agreement.
• Hands-on experience with python scripting to generate code reviews for bigger changes.
• Worked on F5 LTM series like 1600, 6400 and Viprions for the corporate applications and their availability.
• Installing and configuring F5 Load balancers and firewalls with LAN/WAN configuration.
• Worked on F5 LTMs & GTMs to improve web application delivery speed and replication through and between distributed global data centers.
• Onboard new resources (security badge, workspace, phone, parking, network access, email, VPN, etc.), manage workspace relocations (location, computers, phones, etc.), communicate workspace usage and needs. Populate the
• Resource Hub system with requests for new contractors, track for approvals, and generate Work Orders for signature(s)
• Coordinate and develop new infrastructure solutions including cellular and wireless systems .
• Provide support for telecommunications infrastructure, including Avaya analog, digital and VoIP/SIP phones, Motorola trunked radio system, and cellular booster systems.
• Possess a strong understanding of wired and wireless communications systems and technologies including but not limited to: RF (HF, VHF, UHF), SATCOM, Cellular (4G, LTE, 5G), Microwave, 802.x.
• Experience managing AWS infrastructure such as Route 53, Elastic Load Balancers, Security Groups, NACL’s, VPC’s, Private Links, VPC Endpoints, NAT Gateway, Virtual Private Gateway, Transit Gateway.
• Thorough understanding of protocols including ICMP, ARP, IP, TCP/UDP, DHCP, DNS, SNMP, NTP, RADIUS, 802.1X, HTTP, SSL/TLS, NFS, SMB/CIFS, LDAP.
• Deep understanding of protocols such as DNS, DHCP, HTTP, SSL, OSI Model, and TCP IP.
• Hands-on experience with AWS (VPC, EC2, S3, Route 53, etc.).
• Knowledge of Networking Fundamentals and ability to troubleshoot issues with related tools e.g. ICMP, traceroute, Route 53, netstat, pcap, etc.
• Good knowledge on Research, test, document, and perform firmware updates, basic commands, and general patching on a variety of infrastructure devices and appliances to include but not limited to KVMs, Network Switches, Routers, Firewalls, Hyper-V virtual appliances, PDUs, UPSs, infrastructure applications, and other specialized server equipment.
• Utilizeing and understanding TGW Core Technologies CD, TGW Technical Application Bulletins, Blueprints, CAD drawings and exchanges this information with TGW/VGW associates and customers.
• Further develop the TGW LTS portfolio in order to enable steep growth in line with the overall strategy of the company
• Experience in ensuring utilization, organize trainings and network with other TGW entities on an international level with a focus on best practices.
• Experience in operating a 33,000 VGW straight truck.
• Maintain, monitor, and administer AWS Environment to include EC2 instances, IAM, NACLs, Subnets, Security Groups, VPN connections, CloudWatch, and CloudTrail
• Good Knowledge on EC2 Route53VPC subnets internet gateway NAT route tables and managing security groups NACL on Amazon web services.
• Good knowledge in Core AWS security and auditing capabilities including IAM, Security Groups, NACLs, GuardDuty, Inspector, CloudTrail, and AWS Config.
• Deep experiences with AWS resources, such as CloudFormation, EC2, S3, RDS, IAM, Lambda, Infrastructure scripting,deployment of VPCs, Subnets, NACL, Route53, Kinesis, Serverless Technologies, etc.
• Experience with Network Switches, Routers, Firewalls, Hyper-V virtual appliances, PDUs, UPSs, infrastructure applications, and other specialized server equipment.
• Responsible for 6500, 3500, Nexus switching, ASA, FWSM Firewalls, CSS and F5 load balancers, Riverbed WAN accelerators, IronPort Proxy, and Linux/Bind DNS servers.
• Responsible for supporting Azure, AWS Cloud infrastructure and on-perm infrastructure.
• Provision environments (production, test, and development) in AWS, Azure & on-prem environments.
• Troubleshoot, Implement & provide operational support for security technologies such as next generation firewalls, VPN, anti-denial of service technologies, IDS/IPS, ACS/ISE, MFA, WAF, End Point Security, Cloud Security (AWS/Azure) & Network controls.
• Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Configured PPP, HDLC, BGPv4, EIGRP, MPLS and OSPF routing.
• Configured CIDR, IP, RIP, PPP, BGP and OSPF routing.
• Skills in creation of data center solution documentation, including artifacts done using Microsoft Visio.
• Experience In Developing and updating Network Diagrams using Microsoft Visio®.
• Solid documentation experience with Visio, Lucid Chart, Word, Excel.
• Fluent with Design and Implementation of Cisco networking technologies, including one or more of the following: Cisco SD-WAN, Meraki, Cisco DNA-C, advanced switching, routing, and firewall technologies.
• Experience installing troubleshooting and configuring Cisco DNA Center environment.
• Experience in network security, demonstrating strong experience with Cisco Prime Infrastructure, understanding of IEEE 802.11 protocols, familiarity with TCP/IP (specifically Layers ¾), and switching and routing protocols (internet standards and general architecture) and associated hardware.
• Hands-on experience with configuring Routers, Switches, VPN, ASA, IPS, NAC, ACS, Cisco ISE, FirePOWER, Cisco NextGen Firewalls, Cisco IronPort (Email Security and Web Security), AAA Model (RADIUS, TACACS+).
• Good General knowledge and experience of NextGen SIEMs (Arcsight, Logrhythm, etc.)
• Experience with Wi-Fi Design and Wi-Fi Planning using Ekahau, Cisco Prime or equivalent software.
• Knowledge in Network Management tools such as SolarWinds Orion, NetBrain, Cisco Prime Infrastructure, Infoblox DDI, Network Performance Management tools such as NetScout, nGeniusONE, StatSeeker.
• Good knowledge in Azure/AWS - B2B/VPC VPN tunnels.
• Cisco Experience on Cisco IOS and NXOS, Cisco ISE, Cisco UCS Networking and Configuration, Cisco ASA.
• Good knowledge and experience with Checkpoint, Palo Alto, Cisco ASA.
• Hands on experience with Cisco (IOS NX-OS, ASA), Checkpoint (IPSO, SPLAT, GAIA), Fortigate, Juniper NetScreen, Juniper JunOs, F5.
• Technical expertise in Microsoft Active Directory 2012/2016 on premise and AD Services in MS Azure, including Users & Computers, Site and Services (Establishing & Managing Trusts), Group Policies, DNS, Federation Services, SSO, and NTFS permissions.
• Experience with other infrastructure disciplines, such as (but not limited to) Storage, Cloud (AWS and Azure), Virtualization / Server Hardware (VMware), Windows Operating systems, Microsoft application suite, and Monitoring solutions a plus.
• Troubleshooting, upgrading, and supporting Brocade Fiber Channel Backbones and Switches.
• Profound knowledge in Cisco / Foundry / Brocade routing and switching equipment which includes Hardware/Software configuration and troubleshooting .
• Experience with Windows Azure, AWS or other public Cloud technologies.
• SCCM experience - patch deployment/compliance, application deployment, OSD, Azure Cloud Management Gateway.
• Skilled in creating Visio drawings and diagrams of new and existing network infrastructure.
• Configured Juniper MX480s, EX8200s, EX4500s, EX4200s, from scratch to match design.
• Worked with the Trouble Tickets on F5 Load balancers on LTM module
• Switch experience includes Cisco Catalyst switches: CISCO 3750, 4500, 6500 series switches.
• Configuration and maintenance of OSPF protocol which was the enterprise IGP. Configuration included deploying of new branch locations or new network devices in the existing infrastructure. Creating Stub Areas & configuring Summarization for effective Routing.
• Provided technical support for full setup, debugged the problems of OSPF, switching and HSRP.
• Implemented and used SDM to configure Cisco IOS security features and network connection.
• Network Segmentation-application migrations for enterprise Private Data Firewall and data behind ASA 5585-Xs
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls for stable VPNs.
• Configured Object Grouping, Protocol Handling and Code up gradation on ASA Firewalls.
• Implementation and maintained intrusion detection/ prevention (IDS/IPS) system to protect enterprise network and sensitive corporate data. For Fine-tuning of TCP and UDP enabled IDS/IPS signatures in Firewall.
• Design, implement and provide second level support for host load-balancing solutions at SWA.
• Configuration the access-list rules, network object-service group based on well-known port the port i.e. FTP/SFTP, SSH, HTTPS/HTTPS (SSL) and etc.
• Regularly attend Fore Scout Counteract, RES One Workspace, Splunk, and IBM Big Fix training.
• Switching related tasks included implementing VLANs, VTP and configuring and maintaining multi VLAN environment and inter-VLAN routing on Fast-Ethernet channel.
• Worked with different vendors and implement Site-to-Site VPNs over the Internet.
• Negotiate VPN tunnels using IPsec encryption standards and also configured and implemented site-to-site VPN, Remote VPN.
• Collaboration with Systems Administrators in the architecture and implementation of VMware, Microsoft, Linux and storage environments.
• Familiarity with a broad range of Networking Equipment Design and Configuration: Cisco, Aruba, HP, CheckPoint, ASA, Fortinet, SDWAN Principals, QOS Principals.
• Setup, troubleshoot, and understand the VMware vSphere 6.0 (VMware VCP-DCV).
• Hands-on and management experience specific endpoint security discovery tools such as Armis, ZingBox, Claroty, etc.
• Support and run vulnerability management scans of the IT and OT systems (using tools like Tenable Nessus, Qualys, OT specific tools similar to Claroty and Armis).
• Security policy review and configuration in Palo Alto and JuniperSRX Firewall in US offices and Datacenter.
• Worked with Juniper T-Series, M-Series, MX-Series, J-Series Routers.
• Working knowledge of the UNIX and CLI based command to implement the networking tools.
• Configured and monitored Firewall logging, DMZ’s and related security policies.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches, fixes, and all around technical support.
• Good Knowledge of SD-WAN technology and concepts. SD-WAN design and support experience.
• Installing, configuring, and supporting network equipment including routers, switches, SD WAN, Wireless AP & Controllers, and Firewalls.
• Worked on Networking, WAN concepts, SD-WAN and Layer 3 networking concepts.
• Hands-on experience with enterprise SD-WAN vendors such as Silver-Peak, Cisco, Meraki, Versa, Aruba, etc...
• Good Knowledge of SD-WAN architectures and concepts. Expertise with troubleshooting network connectivity, SD/WAN troubleshooting, PCI Compliance, VPN Connections, and Site to Site VPN setup/troubleshooting.
• Configuration of ACLs in Cisco 5540 series ASAfirewall for Internet Access requests for servers in LAN and DMZ and also for special user requests as authorized by management.
• Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-VLAN routing, LAN security.
• Implementing, configuring and troubleshooting routing protocols such as OSPF (v3, v2), RIPv2, BGPv4, EIGRP, HSRP, GLBP and MPLS.

Environment: Cisco Routers, Cisco Switches, Nexus, Routing protocols, Palo Alto, F5, Load Balancer HSRP, VRRP, IPSEC VPN, VPN, QOS, ASA firewall, Python, Load balancer, MPLS, VLANS, VTP, RSTP, ACL, NAT, IDS/IPS, SIP, RTP, RADIUS, TACACS+, Juniper SRX, Juniper M, MX, ASR 9000, Catalyst 6500, CRS, Cisco ASR, UNIX, Firewall FWSM.

Confidential, San Jose, CA

Senior Network Consultant

Responsibilities:

• Successfully migrated the cisco legacy environment which consist of 6500, 4500 to Cisco Nexus 7k/5k/2k.
• Migrated old Nokia firewalls to standard HP hardware’s.
• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Security policy review and configuration in Palo Alto and Juniper SRX Firewall in US offices and Datacenter.
• Configuring & managing around 500+ Network &Security Devices that includes Cisco Routers & Switches, Nexus Switches, Juniper and Palo Alto Firewalls, F5 BigIP Load balancers, Blue Coat Proxies and Riverbed WAN Optimizers.
• Implement, maintain and operate routers, switches, wireless access points and controllers, VPN devices and related services in support of the Network Operations Center by leveraging technologies including OSPF/BGP .
• Regular upgrade and maintenance of Infrastructure, Installing, configuring, and maintaining Cisco Switches (2900, 3500, 7600, 3700 series, 6500 series) Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800) Cisco Router and Switches, Juniper Routers and Firewalls, Nexus 7k,5k & 2k, f5 BIG IP, Palo Alto Firewalls, Bluecoat Proxy and Riverbed Steelhead appliances
• Configuring various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
• Responsible for supporting Azure, AWS Cloud infrastructure and on-perm infrastructure.
• Provision environments (production, test, and development) in AWS, Azure & on-prem environments.
• Deployed the Nexus 7000/5000/2000 architecture into production securing competitive advantage across multiple verticals.
• Evaluate new telecommunications technologies and offerings; complete proof of concept testing and analysis, and make recommendations to management. Specific areas of interest include software upgrades, SIP trunking, redundancy testing, and emerging phone, radio, and cellular technologies. Work with team members on planning and integration of new designs .
• Good knowledge with Networking fundamentals including BGP, OSPF, VPNs, DNS, AWS Constructs, Palo Alto firewalls.
• Experience in Microsoft products, protocols and tools: Microsoft Exchange O365, SharePoint, Active Directory, SQL, DNS.
• Design and deploy company LANs, WANs, and wireless networks, including servers, routers, hubs, switches, UPSs, and other hardware.
• Experience using Network monitoring tools like SolarWinds Orion, Netbrain and Stealthwatch .
• Experience developing and understanding network device configuration for at least one vendor (Arista, Juniper, Cisco, Brocade, Ciena, Infinera, Linux, etc.) .
• Prepare a monthly inventory report of all servers & services (i.e. route 53, cloud watch) and the applications that run on them both on premise and in the cloud with costs for each where practical/appropriate.
• Experience working on Public and private DNS (Microsoft/AWS Route 53), DHCP.
• Thorough knowledge of the following: IT concepts, strategies, infrastructure, cloud based platforms, and development tools.
• Experience leveraging typical Amazon capabilities such as AWS KMS, IAM, S3 and EFS.
• Good knowledge in configuring Zscaler to protect user and company devices based on security policies.
• Good knowledge and experience in Network proxies (Blue Coat, Zscaler, McAfee, Websense, etc.).
• Experience with AWS CloudFormation, AWS EC2, VPC, S3 or other similar technologies..
• Deep experiences with AWS resources, such as CloudFormation, EC2, S3, RDS, IAM, Lambda, Infrastructure scripting,deployment of VPCs, Subnets, NACL, Route53, Kinesis, Serverless Technologies, etc.
• Good Knowledge on EC2 Route53VPC subnets internet gateway NAT route tables and managing security groups NACL on Amazon web services.
• Experience working with Amazon AWS services like EC2, VPC, VGW & TGW, SMS-GW, etc.
• Good knowledge with SNF/TGW/MGW Enhancements, RHEL migration and maintenance work.
• Good knowledge and experience Firewall Technology (e.g. Fortigate, ASA, or others).
• Experience with NGFW support and implementation; preferably FortiNet Fortigate family. experience with LAN/WAN with modern platforms and architecture to include Arista, Cisco, Palo Alto Networks, Aruba, FireEye, Dell, Fortigate, and Juniper platforms.
• Experience with operation of FortiGate firewalls.
• Experience operating within AWS and Azure environments.
• Good knowledge in Performing various AWS administration tasks.
• Experience with NGFW support and implementation; preferably FortiNet Fortigate family.
• Experience with the following firewall platforms: Cisco ASA, Fortinet, or SonicWALL.
• Installation, configuration and management of Fortinet firewalls through FortiAnalyzer and FortiManager tools.
• Network Cloud support including design analysis and design options and impact analysis for cloud initiatives.
• Good knowledge in Variations of Cloud Computing support and analyzes all viable options, as determined by discussions with technical staff.
• Provision environments (production, test, and development) in AWS, Azure & on-prem environments..
• Knowledge of Virtual infrastructure using VMware and/or Hyper-V.
• Knowledge of and experience with systems administration of computer systems using Microsoft products (e.g., Active Directory, Failover Cluster Services, Hyper-V, SharePoint, Exchange, SQL Server, Internet Information Services, and Windows 7).
• Experience engineering, implementing, architecting and administering OT security technologies such as Armis, Zingbox, Forescout, Claroty, etc.
• Experience with computer networking (TCP/IP, Ethernet, VLANs), Cisco IOS; Cisco NX-OS and/or JUNOS; enterprise and/or datacenter applications such as Microsoft AD, LDAP, DNS, SMTP; and datacenter infrastructure such as VMware, Cisco UCS, SAN.
• Experience with VMWare, CentoOS v7, Syslog, SSH, BASH Scripting,
• Cisco WAN routing - ISR/ASR, Cisco Switching - IOS/NXOS,Cisco ASA Firewalls/IPSEC Tunnels - AnyConnect and B2B peer-to-peer tunnels .
• Good knowledge of Tripwire, Digital Guardian, IBM Guardium, ZScaler, and MS ATP.
• Experience in routing/ switching, WAN/MPLS/VPN, SD-WAN, Cisco ACI, WLAN, Load Balancing, security infrustracture,and Zscaler.
• Working experience and relevant certifications with major network security platforms such as Palo Alto, Checkpoint, ZScaler, Fortinet, Cisco, etc.
• Experience working with secure web gateway technologies such as ZScaler, Symantec, etc.
• Worked extensively in Configuring, Monitoring and Troubleshooting Juniper security appliance, Failover DMZ zoning & configuring VLANs/routing/NATTing with the firewalls as per the design.
• Converting CatOS to Cisco IOS Config Conversion on distribution layer switches
• Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPsec/GRE to GetVPN.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Planning, Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.
• Involved in Configuration of Access lists (ACL) on Juniper and Palo Alto firewall for the proper network routing for the B2Bnetwork connectivity.
• UDLD, Spanning Tree Protocol 802.1d, 802.1s and 802.1w.
• Experience of IP/MPLS/Optical Transmission network for access transport & back haul network to Facilitate 2/3/4G Network.
• Understanding of mobile backhaul network on IP, Ethernet, ATM, PW & TDM.
• Have completed two Business integrations with a very strict time line and gained some very good knowledge in understanding the road blocks in Network integration and feasible methods to fix it.
• Have maintained Riverbed for the North American offices.
• I maintain a data collection environment build of ISG1000 Clustered environment at the central site and SSG5/SSG20 at the remote site. This is an IPSEC tunnel environment of 600 sites and my primary responsibility is to maintain, install and troubleshoot. I configure and ship out Juniper SSG5/SSG20 for remote sites.
• Also SPOC for the Data center across NA, Canada and Mexico. This environment has a primary Frame-relay link backed up by the IPSEC tunnel built over 5510 and 5505 for remote sites. I configure and ship out devices for any new installation, moves and troubleshoot any day to day issues. I also maintain a F5, Link proof and Checkpoint firewall in addition to 3500 switches and core 6513 switch for the switching environment.

Environment: Cisco Routers, Cisco Switches, Cisco Nexus 7k/5k/2k, IPSEC, MPLS, VLANSVTP, RSTP, ACL, NAT, IDS/IPS, firewalls, Nokia, HP, Nexus Switches, Palo Alto, F5 BigIP Load balancers, Cisco ACE load balancers, Python, Blue Coat Proxies, Riverbed WAN Optimizers, Data center, Spanning Tree, Checkpoint Juniper Routers, Juniper SRX, Network2/3/4G.

Confidential, Columbus, OH

Network Engineer

Responsibilities:

• Involved in configuring Site-to-site and remote access VPN solutions.
• Installed and configured Cisco 7200 series router and Cisco 2950, 4500, 6500 Series switches.
• Configured network using routing protocols such as RIP, OSPF, and BGP and troubleshooting L2/L3 issues.
• Worked on multiple projects related to Branch networks, Campus networks, extranet clients and Data Center Environments involving in data center migrations from one data center to another.
• Hands-on leadership of voice projects and teams related to Avaya Aura unified communications deployments. 2+ years Avaya Aura System Manager 7.x., Avaya Aura Session Manager 7.x, Avaya Aura Communications Manager 7.x, and Avaya Aura Media Server 7.x. 3+ years Avaya Voice Gateways include G650, G450 and G430.
• Deploy, Install, Configure and Daily maintenance of the following Avaya Products.Avaya Aura System Manager (SMGR)Avaya Aura Session Manager (ASM)Avaya Aura Communication Manager (CM)Avaya Aura Media Server (AMS)Avaya Equinox Management for conferencing Avaya Session Border Controller Enterprise (ASBCE).
• Avaya Breeze with Presence and Multimedia Messaging plugins,Avaya Equinox clients for Windows, Mac, Android and iOS,Avaya Equinox Management for conferencing,Avaya Aura Device Services (AADS),Avaya Equinox clients for Windows, Mac, Android and iOS.
• Provided estimated bandwidth requirements for data replication, to best determine adequate timing for migration service levels
• Created data migration strategies to help with completion of migration of data center from one point to another.
• Configuration of Cisco 6500 (sup 720), 4500 (SUP 6) & 3750 Catalyst Switches for network access.
• Worked extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
• Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Time to time upgrade network connectivity between branch office and regional office with multiple link paths and routers running HRSRP, EIGRP in unequal cost load balancing to build resilient network.
• Design and implement Catalyst/ASA Firewall Service Module for various LAN’s.
• Key contribution includes troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF, & BGP.
• Troubleshoots in Cisco Aironet 2700 and 600 series.
• Configured Client VPN and RSA Token ID technologies including Cisco’s VPN client via IPSEC.
• Configuring ACL to allow only authorized users to access the servers.
• Participated in on call support in troubleshooting the configuration and installation issues.
• Installation, maintenance, troubleshooting local and Wide Areas Network (ISDN, Frame relay, DDR, NAT, DHCP, TCP/IP).
• Provided technical support in terms of upgrading, improving and expanding the network.
• Providing technical security proposals, detailed RFP responses, and security presentation, installing and configuring ASA firewalls, VPN networks and redesigning customer security architectures.

Environment: Cisco 3750/3550/3500/2960, switches and Cisco 3640/ 0/3845/3600/2800 routers, Cisco ASA5510, Checkpoint, F5 Load Balancer Cisco Nexus7K/5K, Checkpoint,Cisco ASA.

Confidential, Cambridge, MA

Network Engineer

Responsibilities:

• Senior network engineer providing network and network security design, implementation, and level 3 escalation support
• Integrated firewall solutions for numerous client networks and enclaves
• Designed and implemented core switching and routing functionality for datacenters utilizing primarily Cisco Nexus 7000, 5000, 4000, and 2000 series switches.
• Oversaw numerous hardware upgrades, technical refreshes, and equipment migrations
• Administered and engineered Cisco ASA, NetScreen5200, Juniper ISG, Juniper SRX, and Palo Alto firewalls to provide secure connectivity and integration with F5 reverse-proxy and load-balancing
• Designed and implemented DMZ architectures
• Provided tier-3 escalation support for enterprise technologies.
• Configured crypto-maps, isakmp policies, transform sets for IPSEC-VPN connectivity
• Configured policy-based and route-based IPSEC-VPNs for Juniper ISG And ACX devices
• Designed firewall solutions to include zones, policies, NAT & PAT, address-groups, and network objects.
• Performed security audits to ensure optimal network functionality and hardening.
• Hands on Experience with Avaya Equinox Media Servers for conferencing,Avaya Web Gateway,Install and Integrate Avaya Aura Device Services with Avaya System Manager and Session Manager with high availability
• Install and configure Avaya Breeze for Instant messaging and multimedia messaging. Deploy Presence and Multimedia messaging plugins in System Manager. Configure Avaya Breeze clusters for failover and high availability of services.
• Install and configure Avaya Session Border Controllers for remote workers, Equinox conferencing services including WebRTC, STUN/TURN, HTTPS media tunneling.
• Designed and implemented McAfee 4010 and Cisco 4200 series Intrusion Prevention and Detection System solutions
• Configured data center switches for network backup, replication, and storage and resolved related technical issues.
• Managed and maintained high-availability firewall clusters utilizing NetScreenOS (NS5200 & ISG1000), JunOS (SRX 240, 1400, 3400), Palo Alto (3050) and Cisco ASA (5585x)
• Architected ACS TACACS+ solutions for client networks and administered user permissions
• Developed local standard operating procedures and configuration guides for switches, routers, firewalls, and IPS/IDS devices.
• Designed and configured F5-BIGIP-LTM reverse proxy & load balancing solutions for client networks.

Environment: Citrix desktop, Microsoft Windows servers 2003/2008, Active Directory 2003/2008, TCP/IP, WINS, DNS, DHCP, FTP, LDAP, IMAP.

Confidential

Jr Network Engineer

Responsibilities:

• Responsible for monitoring the Network performance based on company’s Service Level Agreement (SLA).
• Documented the company’s design, implementation and troubleshooting procedures.
• Configured VLANs with 802.1Q Tagging according to the Server team’s requirements.
• Tested the new zone for failover capabilities and redundancy. Connected the Distribution routers to the Core routers via OSPF Areas.
• Responsible for cabling and labeling based on day to day requirement and Racking & Stacking of various network equipment and made sure that there are no connectivity issues using ping and tracer.
• Provided Helpdesk support that involved identifying and escalating the tickets to specific groups.
• Responsible for level 2 support of existing network technologies /services& integration of new network technologies / services.
• Configured VSS on Cisco Catalyst 6509 switches in order to have redundancy. Worked on T1/E1/T3 technologies and different LAN & WAN technologies.
• Supported various LAN environments consisting of Cisco 6500 switches with Sup-720.
• Designed and implemented Cisco 7500, 7200, 6500, 3600, 2600 Series routers in lab environment to reproduce various issues and test fixes for them.
• Troubleshooting complex LAN /WAN infrastructure that include routing protocols EIGRP, OSPF.
• ConfiguredAccess-lists, Distribution-lists, Offset-lists and Route Redistribution.
• Involved in configuration of OSPF Summarization (Summarizing internal and external routes).
• Scalability of OSPF by Filtering of Intra, Inter and External OSPF routes
• Used various BGP Attributes and various Route-filters such as named Access-lists, Prefix lists, Route-maps to permit or deny routes and to change various attribute
• Experienced in implementation and troubleshooting knowledge of protocols and technologies, especially in the following: BGP4, OSPF, IPv4, and Ethernet.
• Configured Ether channels, Trunks, Vlans, HSRP in a LAN environment.
• Configured STP for loop prevention and VTP for Inter-VLAN Routing.
• Responsible for performing administration on BGP, OSPF routing protocols.

Environment: 6500/3750/3550/3500/2950 switches, Juniper (M320, T640), Cisco 7200/3845/3600/2900 routers, TACACS, EIGRP, RIP, OSPF, BGP, VPN, MPLS, Ether Channels.