SUMMARY

• Over 8 years experienced Network Engineer having worked extensively with multiple Clients in Switching, Routing, Network Security (Firewalls and Proxies), Application Delivery Controllers, Authentication, Wireless environments.
• Experience in Campus and Data Center topologies in multi - vendor equipment. Very strong team member with good communication and Documentation skills. Innovative to new ideas to enhance the workflow in Network Engineering.
• Experience with legacy and high-end switching technologies in Campus and Data Center environments. Worked on Cisco, Juniper and Aruba/HP gear in campus environments. Installation and analysis for a broad range of LAN/ WAN protocols, routing, switching, Firewalls, WLAN(Wireless), Application Delivery controllers.
• Experience with Interior and Exterior routing protocols that includes RIP, OSPF, EIGRP, IS-IS and BGP. Worked on Cisco, Juniper and Arista routers.
• Highly experienced in AWS Cloud platform and its features which includes EC2, VPC, EBS, AMI, SNS, RDS, EBS, Cloud Watch, Cloud Trail, Cloud Formation, AWS Config, Auto Scaling, Cloud Front, IAM, S3 and Route53
• Experience in Network Security that includes perimeter security for Internet, Extranet, DMZ, Internal Server farms, Web-traffic security with Proxies, Web Application firewalls. Worked and migrated multi-vendor equipment and Next generation firewall technologies. Worked on ASA, Firepower, Checkpoint and Palo Alto firewalls. Experience on MWG, Bluecoat and Zscaler proxies.
• Experience and high-level understanding in application delivery controllers, local and global load balancing techniques, redundancy solutions, high availability options for mission critical internal, vendor and public facing applications. Experience with F5 LTM, GTM, APM, NetScaler’s, Cisco ACE and A10.
• Worked on Campus Wireless environments with 1000+ access points, Wireless LAN controllers, Anchor Controllers, Authentication policies, BYOD policies, Integration with RADIUS. Experience with Aruba and Cisco WLAN.
• Experience with TACACS/RADIUS severs, migration from ACS and Aruba ClearPass to ISE. Experience with windows and Infoblox DNS and DHCP servers, IPAM, internal and external grids.
• Experience with WAN connectivity, MPLS circuits, leased Lines, Metro Ethernet, Site to Site IPSec tunnels, ISP circuits, Customer Edge configurations. Experience with SD-WAN solutions that include Viptella and Versa.
• Knowledge and operational experience with SDN, Cisco ACI, VXLAN, VTEPS, VNI, Bridge Domain, Arista Cloud Vision, EVPN, MP-BGP, Spine and Leaf Architecture.
• Worked on Open software platform switches like Cumulus on Mellanox and Dell hardware in a POC. Basic Knowledge in Python and Ansible scripting for automation in configuration templates, back-ups etc.
• Experience with Network Monitoring tools, SNMP, Log collectors, Splunk, ticketing tools and thorough understanding of workflows in corporate environments that include Financial, Healthcare, Retail clients.
• Very enthusiastic to explore and implement innovative ideas in Network Automation in configuration, documentation, troubleshooting, workflow integration, API integration with multiple tools using Python and Ansible.

TECHNICAL SKILLS

Router Platforms: Cisco Routers series ASR9k, 7300, 4000, 3800, 2000, 1900; Juniper MX, Arista 7000 series.

Routing Fundamentals and Protocols: Routed and Routing protocols RIP, EIGRP, IS-IS, OSPF, BGP, IPX; MPLS, Static routing, ICMP, ARP, HSRP, VRRP, Route Filtering, Multicast, Policy-Based Routing, Redistribution, Port forwarding.

Switch Platforms: Cisco Catalyst series 2960, series 3560, 3850, 4500, 6500, 7000; Nexus series 2K5K, 7K; Juniper EX, QFX, Aruba 2000, 3000 series.

Switching Fundamentals and Protocols: Ethernet technologies, LAN networks, MAC, VLAN and VTP, STP, PVST+, MulticastRSTP, Multi-Layer Switching, 802.1Q, EtherChannel, PAgP, LACP, CDP, HDLC, RARP

Firewall Platforms: Checkpoint (NGX R65, 3100, 5100, 5900), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks (PA series 2K, 3K and 5K) with panorama 8.0, WAF

Security Protocols: Standard and Extended ACLs, IPsec, VPN, Port-security, SSH, SSL, IKE, AAA, Prefix-lists, Zone-Based Firewalls, NAT/PAT, HIPAA standards, Ingress & Egress Firewall Design, Content Filtering, Load Balancing, IDS/IPS, URL Filtering, L2F, IDS, TCP Intercept, Router Security, SNMP trap

Network Management and Monitoring: Wireshark, Infoblox, HP OpenView, Cisco Prime, Splunk, Security Device Manager (SDM), Cisco Works; TCP Dump and Sniffer; SolarWinds Net Flow Traffic Analyzer, NetScout, Network Performance Monitor (NPM), Network Configuration Manager (NCM), SAM, IP Address Manager, Additional Polling Engine.

Load Balancers and Proxies: F5 (BIG-IP) LTM 2000, 3900, 6400, 6800, AV 510, Citrix NetScaler, MWG, Zscaler Proxies, Bluecoat Proxies.

WAN and SD-WAN technologies: MPLS, ISP Leased Lines, SONET, Viptella, Versa.

Other Networking Protocols and Fundamentals: DHCP and DNS server, Active Directory Management, NTP, NDP, TCP, UDP, FCP, Network Implementation, Troubleshooting techniques, NHRP, NetBIOS, NFS, FTP, TFTP, HTTP, PAP, PPTP, SIP Trunking, SNMP logging, SMTP, RADIUS and TACAS+, PBX servers, SDN, IPV4, IPv6.

Operating Systems: Windows 10/7/XP, MAC OS, Linux, NX-OS, IOS XR, XE.

Wireless and Radius Technologies: Canopy Wireless Devices, CISCO 1200 series APs, Aruba wireless and APs, Cisco Meraki, Linksys Wireless/Wi-Fi Routers, Prime Infrastructure, Ekahau, Air Magnet, AirWatch and WLC’s (8510, 5508, 5706), Cisco AironetAP’s (2600, 3600, 3700), ISE, MSE, Aruba 225, Aruba 3000 controller & Airwave, ISE, Clear Pass 6.0,6.2,6.5, 802.11a,b,c,g,n,ac

Scripting & Automation: Python, Ansible and TCL (F5), AWS EC2, Microsoft Azure, Cisco Meraki

PROFESSIONAL EXPERIENCE

Confidential

Sr Network Engineer

Responsibilities:

• Worked as Senior Network Engineer at Confidential Data Center and remote Sites environment. Worked on complete hardware recycle project in access and Distribution switches in Campus and remote sites. Migrated from cisco 3850 to Cat 9K switches. Worked on Cisco 4500 series switches in Distribution with VSS.
• Worked on SD-WAN implementation for remote site connectivity over MPLS. Worked on Viptella Solution in assisting architecture team in deploying vManage, vEdge, vBond and vSmart components.
• Troubleshooting WLAN, LAN and WAN issues, and currently implementing Cat 9800 - 40 WLC.
• Troubleshooting wireless dot1x authentication issues, wired guest access NAC issues
• Worked on Fortigate firewalls. Worked on migration from cisco ASA to Fortigate Firewalls. Worked on deploying site to site VPN tunnels, Security policies, NAT policies, URL filtering, VDOM, Forti Manager, User ID based Security policies, SSL forward proxy, SSL decryption.
• Worked on Zscaler cloud proxies. Migration from Bluecoat Proxies to Zscaler cloud solution. Implemented GRE tunnels from Data Centers on F5 to Zcloud. Configuration of Policies, AD groups, Azure AD authentication, Whitelist, Blacklist and SSL inspection rules. Configuration and troubleshooting experience in Cloud based apps like office365, Box, WebEx, Workday, Service-now etc. Installation of Pzens for Source IP anchored traffic.
• Deployment and troubleshooting on Nexus 9k switches in Non-ACI mode. Configuration of OSPF routing, VPC, VDC, FEX on Nexus 5K and 2K in access layer. Worked on Juniper MX series router and cisco ASR. Configured BGP, Prefix lists, redistributions in to OSPF, ISP connections fail -over.
• Configured and performed software upgrades on Cisco Wireless LAN Controllers 5520 for Wireless Network Access Control integration with Cisco ISE.
• Operations on F5 LTM, GTM, APM, ASM modules for internal and external load balancing of vendor based and proprietary applications. Worked on Netscalers for Citrix based applications like XenDesktop, Xenweb, VDI, remote access gateway. ICA proxy.
• Working with Cisco Meraki Wireless Switches (MX 33) and SDWAN (MX100).
• Performed configuration, deployment and support of cloud services including Amazon Web Services (AWS)
• Working in designing, cost efficient fault tolerant, scalable solutions and distributed systems in AWS.
• Worked on Cisco WLAN controllers for configuration of AP profiles, Access points, RF parameters, 802.1x integration with ISE, SSID, BYOD policies, wireless VLANs on Distribution switches.
• Worked on Infoblox DHCP, IPAM and DNS solutions. Worked on SolarWinds for SNMP monitoring and Scripting for Alert triggers, adding nodes, SNMP v3.
• Worked on Basic scripting in Python and Ansible for automating configuration templates and other process.

Confidential, Seattle, WA

Sr. Network Engineer

Responsibilities:

• Worked as Senior Network Deployments and Operations Engineer. Worked in Life Cycle projects that include Data Center, Campus Switching and Routing Hardware upgrades. Installation of Cisco CAT 9K series, Nexus 9K, Nexus 5K and 2K in FEX, Arista 7k Series Routers. Worked on Cisco ACI with VXLAN tunneling, Spine Leaf Architecture in DR Data Centers.
• Planning and development of designs for Migrating to AWS cloud.
• Deployment of VPC, VDC, software upgrades of multivendor equipment, maintenance windows, on call rotation.
• Migration project that includes migration from ASA to Palo Alto Firewalls. Installation, configuration of Palo Alto Firewalls, Panorama, Vsys, Zones, Virtual routers, APP ID, User ID.
• Installed, configured Cisco Meraki equipment and web-based monitoring platform for MR32 wireless access points.
• Integrated Configuring Cisco Wireless LAN Controllers WLC with ISE to perform Dot1x authentication for Wireless users.
• Working in large scale, high performance enterprise application deployment and solution architecting on complex heterogeneous environments on AWS infra services.
• Operational role with F5 LTM, GTM, BIGIQ, APM and ASM. Troubleshooting various application traffic flows with respect to http, https, TCP, SSL, connectivity, DNS, Authentication and security profiles.
• Assisted in projects related to Infoblox, ArcSight, Solarwinds, Viptella SD-WAN, Cisco Wireless, Cisco ISE in Design, Operations, Documentation and Troubleshooting.

Confidential, North Chicago, IL

Sr Network Engineer

Responsibilities:

• Involved in DMZ redesign project with complete Firewalls, Switching and routing gear. Migrated from ASA to Checkpoint perimeter firewalls with DMZ, and Internet traffic segmentation on multiple distributions from WAN core. Configuration of BGP to ISP. WAN connectivity through MPLS circuits to Peer Data Centers.
• Created detailed AWS Security Groups which behaved as virtual firewalls that controlled the traffic allowed to reach one or more AWS EC2 instance.
• Worked extensively on OSPF and BGP routing protocols. Juniper MX Series routers in Core. Remote site Connectivity. Worked on Citrix NetScaler for application load balancing, ICA Proxy, VDI and remote access.
• Deployment of Zscaler Proxies in Cloud and Local DMZ. Worked on policies, logs, SSL inspection, ZAPP. Worked on test cases during deployment to test proxy connectivity from internal, outside (trusted device), PAC logic.
• Worked on Aruba Wireless, ClearPass. Configuration of 802.1X, Certificate based Authentication. Worked on Cisco VOIP environment with Jabber, WebEx, Exchange, QOS policies.
• Worked on Juniper QFX series Fabric in Spine Leaf Architecture. Worked on Symmetric IRB Architecture with VRFs for multiple tenants in the Data center.