SUMMARY:

• 11+ years of experience in data networking with Medium and large Enterprise and ISPs.
• Hands on experience in Design, Implementation, Operations, Architecture, Troubleshoot, Maintenance and Deployment of Multivendor Routers, Switches, Load - Balancers and Firewalls in Data centers and Offices.
• Hands on experience in Cloud and Devops model technologies like Jenkins, Git, Docker, Python and Terraform.

TECHNICAL SKILLS:

Domain: Routing, Switching, Security, Load balancers, Automation.

Load Balancers: F5 LTM GTM APM ASM, Citrix-netscaler, Nginx Plus, A10,Appview-X

Routing Protocols: EIGRP, OSPF, BGP, RIP, MPLS.

Other Technologies: IP Sec, GRE, DHCP, VPN, NAT, TCP/IP, FTP, HSRP, QOS, ACLVLAN, STP, ETHERCHANNEL, DNS, GSLB,HTTP Automation, Python Scripting, Devops, GitHUb, JenkinsIBM, Azure cloud technologies, Docker, Kubernetes

Monitoring tools: WhatsUP GOLD, Solar Winds, MRTG, CACTI.

PROFESSIONAL EXPERIENCE

Confidential, Fort Worth, TX

Sr. Network and Security Engineer

Platforms used: Palo Alto, Cisco ASA, F5, Netscaler, Nginx Plus, Appview-X, Cloud, Devops

Responsibilities:

• Analyze, design, implement and maintain the network Load Balancer infrastructure across four data centers with F5 LTM, GTM DNS, APM, ASM, Citrix Netsclaer, NGINX-Plus.
• Configuring and maintaining Static,OSPF,BGP routes on L3 devices for load balancer infrastrure.
• Analyze networks to find vulnerabilities and capacity issues to meet PCI audit compliances.
• Creating policies, NAT on firewall Palo Alto as per customer requirement.
• Daily change management tools using Archer, Service Now and internal tools.
• Deploying templates, object creations,Rule changes on Palo Alto firewalls.
• Working with risk team and Vulnerability managemen team for PCI Compliance for firewall change approval process and Security Policy creations as per Zone basis.
• Deploy new software load balancer Nginx Plus on-premise in various data centers and migrating EOSL F5 LTM to Nginx-plus.
• Designed and Implemented the NGINX+ solution by tightly integrating Devops model with with GIT, Jenkins, Docker.
• Deliver applications and services at high velocity by automate the engineer tasks using DevOps model Github with CI/CD capabilities and jenkins, infrastructure automation tools and orchestration.
• Automate the configuration tasks and SSL certificate renewals using scripting like python.
• Offer architecture/ engineering expertise for new implementations, cloud environment, integrations, and project designs.
• Troubleshooting by packet flow and packet capture diagnostics to reverse engineer web http applications.
• Coordinate with multiple managed service providers using standardized engagements.
• Determine specific network hardware or software requirements such as platforms, interfaces or routing schemes.
• DNS functionality setup with F5 GTM for global system load balancing and Infoblox solutions for IPAM DHCP and DNS.
• Implementing and testing centralized management tools like appviewX, BigIQ, dynatrace, nginx controller for load balancer solutions.
• Create ASM policies to protect from attacks like Cross-site scripting,DDos, OWASP etc
• Engineer and onboard new applications in Azure
• Migrating applications from AA datacenter to Azure Cloud platform
• Confgured Azure Cloud load balancer and Avi networks software load balancer for application infrastructure.
• Create Load balancer FrontEnd IP, BackEnd Pool, Health Probe, SNAT, rules on Azure Cloud load balancer.
• Coordinate with network team and cloud team for Azure load balancer infrastrure.
• Working with other teams for different cloud environments IAAS, PAAS and SAAS Azure and Google.
• Set up SAML SSO with F5 APM
• Part of cisco anyconnect vpn setup for AA enterprise network

Confidential, Redmond, WA

Network Security Engineer

Platforms used: Cisco ASA firewalls, checkpoint firewall, Juniper Netscreen and SRX firewalls, Juniper NSM, Cisco Nexus Switches 3k,5k and 7K,cisco IOS based Switches 4500,6500,F5 BIG IP load balancers and Netscaler devices.

Responsibilities:

• Understanding customer's technical requirements and map those to a technical solution.
• Part of the team for deploying new devices, upgrading production devices and decommissioning existing devices.
• Migrating and upgrading EOL software router switches and moving from one data center to another.
• Configuring and troubleshooting OSPF,BGP routes, ip helpers on routers as per customer requirement
• Configuring and troubleshooting STP, ether channel, vlans, trunks, VPC on switches as per customer requirement
• Configuring and troubleshooting security policies and implementing NAT and ACL’s on routers and netscreen, SRX firewalls, Checkpoint firewalls.
• Configuring global objects, firewall policies on checkpoint and reviewing firewall rules as per user requirement.
• Reviewing checkpoint logs and analysing the security attacks based on traffic flow
• Testing firewall changes in LAB device before implementing on production
• Implementing Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS) to protect application servces.
• Investigating implementation of failure tickets and resolving within SLA.
• Configuring vlans,virtuals,pools,monitors,profiles,snat,snatpool,high availability (failover) on F5.
• Configuring Irules as per customer requirement and co-coordinating with escalation team & F5 TAC for support on irule scripting.
• Configuring and renewal SSL certs for virtuals on F5
• Worked on Shell Scripts for pushing, sorting and backing up the configuration of network devices from FTP Server.
• Configuring system entities, vlans,service monitors, load-balancing virtual servers,,high availability (failover) on netscaler.
• Configuring access control lists, RNAT, Content Switching VServers on netscaler.
• Installing and renewing SSL certs and SSL offload on netscaler.
• Network documentation using MS Visio 2010.
• Creating knowledge base / Standard operation procedure (SOP)
• Performing RCA (Root cause analysis) for critical incidents and documenting the same.
• Troubleshooting the issues by packet capture with tcpdump, wireshark
• Participating in the CAB (Change Advisory Board), to highlight risk attached to a change (Architecture or major changes), and resolving queries of clients.
• Train team members through both formal and informal training programs.
• Managing Network which consist More than 2000 Nodes and providing 99.99% of Uptime to the Services/Network.

Confidential

NOC Engineer

Responsibilities:

• Implementation of VLANs, Inter-VLAN Routing and Providing Security in Switched Network.
• Designing and configuring the network for new clients with redundancy connectivity.
• Monitoring the WAN Links using WHATS UP GOLD, Solar Winds, and Loriot Pro.
• Interaction with ISPs in case of outage of Wan Links.
• Involved in Configuring Advanced Routing Protocols (OSPF).
• Configuring static and default routes in Routers and Firewalls.
• Creating VLANs, Propagating VLAN Configuration with VTP.
• Configuring VLAN Trunks using ISL & 802.1Q.
• Implementing RSTP,Link Aggregation with Ether Channel.
• Mitigating Layer 2 Attacks (CAM table Over Flow, MAC address Spoofing & DHCP Starvation).
• Installation of Router IOS and Backup of IOS image.
• Managing and configuring WiMaxAperto EMS (NMS)
• Provisioning Sectors & SS in EMS, adding profiles for Sectors & SS in EMS, assigning frequency and channel Bandwidth in BSR, firmware upgradation
• Supporting High Volume, high revenue impacting operations, 24*7 setup, focusing on failsafe network.
• Troubleshooting over Customer Query Calls, from a Sophisticated corporate to an Individual Customer
• Managing corporate Checkpoint Firewall implementing security rules and mitigating network attacks.
• Deploying Site to Site and Client to Site VPNs utilizing Checkpoint Firewall
• Configuring NAT on Checkpoint
• Code upgrade on checkpoint firewalls
• Configuring scheduled backup for checkpoint firewalls
• Installation and administration of Checkpoint R 75.40 Firewall