SUMMARY

• 7+ years of IT experience in design, development, implementation, testing, troubleshooting and maintenance of Cisco/Juniper devices for networking.
• Designing, Implementing and Troubleshooting Cisco 3750, 3550, 3560, 2924, 6509 - V-E, 6513, 6504, 6503, 6506, 6500 series switches.
• Strong hands on experience on PIX (506, 515, 525, 535), ASA (5505/5510) Firewalls. Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA(TACACS+ & RADIUS).
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5510/5540) Series.
• Experience with Virtualization technologies like Installing, Configuring, and Administering VMware ESX/ESXi. Created and managed VMs (Virtual Server) and also involved in the maintenance of Virtual Servers.
• Have a very extensive and diverse background with LINUX and many “flavors” of UNIX to include, AIX, IRIX and BSD.
• Worked with Cisco, Palo Alto, Juniper, Splunk, Force point, Nessus, Stealth watch, Checkpoint, Zscaler and other vendors to provide a stable, high-speed, secure network.
• Extensive knowledge in configuring and deploying Next Generation Firewalls including Palo Alto, Cisco ASA and Checkpoint Firewalls.
• Technical Wireless Mobility & network Engineer with years of Telco & IT Enterprise Experience. Fixed mobile and convergence domains of legacy to WiFi Migrations strategies. A visionary leader with the architectural skills, experience and insight to elevate applications, computing platform infrastructure WIFI Networks. Dev - Lab testing & Wi-Fi Certification Tools.
• Work with programmer to generated Enterprise wide python script to automated network devices.
• Experience with BIG-IP F5 load balancers, version 9.x, 10.x, 11.x, Citix Netscalers and Web Accelerators.
• Experience in installing and configuring DNS, DHCP server.
• Strong grasp of current and future technologies including TCP/IP, IPv4/v6, RIP, EIGRP, ISIS, OSPF, BGP, Frame Relay, ACL, VPN, Wireless LAN and configuration of VLANS.
• Troubleshooting and debugging of Networks (LAN & WAN) comprising of firewall, F5 LTM
• Familiarity with WAAS, VoIP, wireless, security, next-gen datacenter networking (SDN, Cisco ACI).
• Analysis, Design, support of F5 Technologies, submitting designs/requirements for Peer reviews, creating Technical Design Documents for different Vendor support environments.
• Profound working knowledge of administration and management of Palo Alto firewalls using centralized Panorama M-100 and M-500 devices.
• Strong knowledge of TACACS+, RADIUS implementation in Access Control Network.
• Experienced in networking protocols, firewalls and Communication Network design.
• Strong hands-on experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K, 2K series, Cisco router models like 7200,3800,3600,2800,2600,2500,1800 series and Cisco catalyst 6500,4500,3750,3500,2900 series switches.
• Experience in designing, building and maintaining Windows NT and man UNIX / Linux environments,
• Responsible for Check Point and Cisco ASA firewall administration across global networks.
• Experience implementing high-density WiFi solutions.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
• Experience with ROADM, DWDM and in SONET.
• In Depth experience with NIST, FISMA standards, both practical application for networking equipment, desktop configuration, Windows and UNIX servers.
• Worked on Network operation Center support and monitoring (NOC).
• Experience in testing Cisco routers and switches in laboratory and deploy them on site production.
• Worked on Load Balancer F5 LTM, GTM series like 6400, 6800, and 8800.
• Knowledge in preparing Technical Documentation and presentations using Microsoft VISIO/Office.
• Strong knowledge on Wireless Standards and Technologies, i.e. Ethernet, WAN, LAN, IEEE 802.11 (Wi-Fi). Very good knowledge on IEEE 802.15.1 (Bluetooth), IEEE 802.15.31a (UWB), IEEE 802.15.4 (ZigBee), Cognitive radio networks, Mesh networks, etc.
• Experience with developing testing strategy, executing test cases and analyzing of test reports.
• Design, Implement & troubleshooting of Juniper switches, routers and Firewalls Juniper: EX-2200,EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240.
• Hands-on experience with Ether Channel, Spanning Tree, Trucking, ACLs, Syslog.

TECHNICAL SKILLS

Protocols & Standards: TCP/IP Protocol Suite, Ethernet, Token Ring, FDDI, OSPF, EIGRP, Rip, BGP, HSRP, L2/L3/L4/L7 Switching, VLAN’s, VTP, IPv4, IPv6, ATM, VoIP, LAN, SSL, SNMP V1, V2. T1, DS3.

Security: Anomaly Detection in attack prevention system, IPS/IDS, Penetration Testing and Web application testing, Buffer Overflows, Cross Site Scripting, Session Management, Cisco PIX, and Security attacks like DoS, DDoS, Spoofing, Nessus & Cisco IOS, Cisco Works

Networking: Network Design & Engineering, Operations Research, Cisco Routers (800, 2600, 2800, 3800, 4500), Switches (2950, 3560, 6500), Snort network intrusion detection systems (IDS). Network penetration testing tools like NMAP, Netfilter, SSRS, AWS, PowerBI, IPTables, Ethereal, SONNET, MPLS, DSU/CSU, SQL, Tableau, ASR9K and Octane Line Cards

Routers & Switches: GSR 12000, 2900 3900, 7200, 7600, ASR 1002. 6500, 4506, 4510, PAgP, MC LAG, LACP, Nexus 7000

Programming: Python, C Programming, TCL/TK, Perl, Redhat Linux.

ASA Firewall: 5505, 5510, 5520, 5540, 5550, Checkpoint Firewall NGX R75, Palo Alto Networks, Panorama Palo Alto Networks firewall management.

Software and OS: Windows, OPNET, Wire shark, Cisco IOS, VYATTA, GIThub, Git, Microsoft Visio, Putty. LINUX, IXIA, Agilent.

PROFESSIONAL EXPERIENCE

Confidential

Network Engineer

Responsibilities:

• Responsible for procurement and installation of Hardware, network drives and other IT infrastructure. Documented the design, implementation and troubleshooting procedures with Method of Procedure (MOPS).
• Manage cisco switch layer 2, router, provide static/dynamic and base configuration WAN MPLS, and cisco voice, riverbed.
• Riverbed troubleshooting, site refresh and installation from the ground up.
• Currently working on performing circuit and satellite turn-ups, migrations from ALU7450 to 7750, configurations and installations, configuring IPV4/IPV6 address on new installation turn-ups.
• Developed Scripts for AWS Orchestration and designed new back-end services, maintaining and expanding our AWS infrastructure, and providing mentorship to others on my team.
• Provided design and Contrail SD-WAN networking support using Cisco ACI, Cisco wireless controllers, Open-Stack, Juniper Contrail and Big Switch Networks LABs using Apple Configurator.
• Configuring and troubleshooting F5 BIGIP LTM load balancing and implementing, Creating irules, Virtual servers, Pools, Nodes with health, Profiles, SNAT, SSL, NAT, Traffic Policies and QoS.
• Architected and designed were on the network to place (multiple) IDS, FireEye and DLP devices.
• Operate in a team environment as well as self directed. Implement IT Security, Firewall and IDS Technology. Security hardening for Operating Systems, including UNIX, Linux, Solaris, Microsoft Server. Collaborates with other team members as necessary to ensure customer service levels are met. Execute defined Enterprise System strategies to support corporate initiatives. Checking for intrusions through SIEM & Qualys Guard
• Configuring TCP/IP IPv4 addresses and IPv6 addresses for Layer 3 testing.
• Worked with DB teams for setting up ASM disks over NAS environment aware, worked with Hitachi and oracle 7000 series from Unix perspective.
• Worked on managing MSS which included Cisco Sourcefire IDS/IPS, QRadar, Proxy, Firewall, DNS, FireEye, Qualys, SIEM, DNS, PLS & Firewall Analyzer used them for logging & monitoring purpose.
• Developed automated processes that run daily to check disk usage and perform clean up of file systems on UNIX environments using shell scripting and CRON.
• Deliverables: Deploy Canopy Systems mesh Network WIFI Provide it Design Engineering for government state local Municipal WIFI network infrastructures.
• Cloud Computing - VMware vSphere 5.x, 4.x Design, consolidation, configuration, implementation, management troubleshoot virtual computing solution that include high-availability, resource pool DRS, standard and distributed virtual switches, datastore, security, Vsphere central management, and VMware disaster recovery VDR.
• Troubleshoot and Worked with Security issues related to Cisco ASA/PIX, Checkpoint, IDS/IPS and Palo Alto firewalls.
• Actively involved in design & deployment of a new datacenter using Cisco Nexus 9000 platform in spine & leaf architecture utilizing VXLAN fabric & BGP-EVPN overlay technologies.
• Function as part of a Firewall and Security team in support of Checkpoint Firewalls, Zscaler Proxy, Juniper Portals, SecAuth, Open LDAP, and Active Directory.
• Configuring rules and maintaining Palo Alto Firewalls & Analysis of Firewall logs.
• Worked in firewall administration including Cisco ASA 55XX, Palo Alto, Fire eye and Incapsula WAF.
• Configure, Manage and Monitor Palo Alto firewall models (Specifically the PA-5050 and the PA-5260).
• Implementation of Symantec Mail Security for SMTP and Symantec Endpoint Protection.
• Experience in Networking, widely in Network Security Products and Firewalls like Vmware.
• Experience with Enterprise SAN, NAS and DAS storage subsystems, including presentation fabrics (Fiber Channel, iSCSI, SAS) and various Storage Replication technologies.
• Knowledge of IP Networking. Routing protocols (IS-IS), MPLS signaling protocols (RSVP, LDP, BGP-LU), Multicast, QoS, L2 & L3 VPN, Synchronization, BNG (PPPoE, IpoE), CLI knowledge and etc.
• Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: ISIS, MPLS, RSVP on Cisco Routers NCS 5500, ASR 9K.
• Configured VLAN Trucking 802.1Q, STP, and Port Security on Catalyst 6500 switches. Design and create dedicated VLANs for Voice and Data with QOS for prioritizing VOICE over the DATA on Catalyst switches and basic VOIP configurations.
• Responsible for design and maintenance of the GIT Repositories, and the access control strategies.
• Experience working with ASR 9000 series switches with IOS-XR.
• Supported end user network cisco ACI infrastructure and trouble shot several implementations of LTM and APM configuration.
• Experience with security protocols like MACsec, IPSec, KEYsec, SSL/TLS, PKCS, DTLS and WSS.
• Cyber security experience specifically working in Vulnerability Management.
• High-level familiarity with Vulnerability Management tools such as ACAS, SCAP, and SCCM.
• Responsible in troubleshooting on Cisco ISE added new devices on network based on policies on ISE.
• Experience with Network Troubleshooting and applying Hotfixes.
• Experience of working with F5 Load balancers.
• Managed DHCP, DNS and IP address thru Infoblox, and Admin for Internet sites access thru Zscaler.
• Clear understanding of 802.11a/b/g/n/ac WiFi standards.
• Build a routing for user traffic Infrastructure Migrations using Azure Traffic Manager and worked with the migration of all legacy services to a fully virtualized infrastructure.
• Data Centers and global infrastructure support.
• Advanced routing and switching configuration and troubleshooting .
• Enabled TACACS+ on Cisco devices for authentication, authorization and accounting (AAA).
• Migration Network, Firewall and F5 Load Balancer infrastructure from one data-center to another data center.
• Integrating Configuring RSA SecurID with ISE for Token based authentications using RSA Native method RSA RADIUS method for user's remote VPN users.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems and also manipulating BGP attribute.
• Designed, validated and implemented LAN, WLAN & WAN solution to suite client’s needs.
• Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
• Troubleshooting and debugging of Networks (LAN & WAN) comprising ATM, FR and ATM Leased Lines, Metro Ethernet, ISDN (Backup and primary circuits) terminating on NORTEL PASSPORT and DPN.
• Performed migrations from Check Point firewalls to Palo Alto using the PAN Migration Tool MT3.3.
• Expert in F5 Networks configuration of devices such as LTMs, GTMs, Load Balancers, DNS/DHCP services.
• Designed and configured the commands for QoS and Access Lists for Nexus 7K and 5K.
• Reviewing, analyzing, approving and executing all changes in the network. All Configurations of Cisco Routers and Switches.
• Creating automated scripts using Python language and also manual testing to enhance hardware performance.
• Implement systems that are highly available, scalable, and self-healing on the AWS platform.
• Design OSPF Areas for reliable Access Distribution and for Core IP Routing.
• Performed Troubleshooting and monitored routing protocols such RIP, OSPF, EIGRP, ISIS & BGP.
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.

Confidential, Santa Carla, CA

Network Engineer

Responsibilities:

• Provided service to other departments, which comprise of the Development Test group, Platform Test group, MDVT (Mechanical Design Verification Test) group, EDVT (Electronic Design Verification Test) group and ODVT (Optical Design Verification Test) group.
• Duties involved the citywide WIFI mesh-layer (802.11 b/g) Network. Deployment of Motorola. Wi-Fi protocol testing, MIMO, Qos prioritization validation of wireless routers for deployment create, maintain and evolve test plans and automation to drive Wi-Fi testing. Actively participate in issue triage/troubleshooting.
• Installation and maintenance of database servers in both Windows and Linux environments.
• Responsible for Automate testing of hardware prototypes Cisco ASR 9000 series over temperature, voltage, and frequency margins to ensure the electrical design is robust prior to going to production builds.
• Designed, deployed and supported VMware ESXi Servers 5.1 /5.5 and vSphere 5.1 /5.5.
• Excellent hands-on experience in designing and implementing IP addressing that includes both IPV4 and IPV6.
• Leading the project to migrate more than 7000 servers Windows/Linux from Symantec technology to McAfee products as VSE,VSEL, HIPS,HIDS,MA,EPO,MSME,SIEM,Criticalwatch.
• Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment.
• Building the VM Server and maintaining the VMware ESX Servers.
• Provide input to leadership for enhancing the vulnerability management strategy.
• Experience in Physical cabling, IP addressing and Sub netting with VLSM using QIP configuring and supporting TCP/IP, DNS, installing and configuring proxies.
• Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment.
• Setup and configuration of VMware 3.x, 4.x servers in both Windows and Linux environments.
• Installed and supported Untangle and pfSense firewalls to provide cost effective security.
• Test/debug test scripts (UNIX) to fully-automate EDVT testing. Includes scripts to drive automation of environmental chambers, power supplies, power cycling boxes, and traffic generation equipment like IXIA and Spirent Traffic Generators.
• Extensive knowledge in configuring F5 Big-IP LTM-3900, and 6900 Load balancers, as well as worked on the implementation of iRules.
• Performed system level performance testing conducted (Diagnostics and Cisco IOS XR) on line cards used in the ASR (Aggregation Switching Routing) 9000 2nd Generation series Cisco Routers to detect component and design margin faults at extreme levels of operational temperature and supply voltage.
• Designed and configured QoS and Access Lists for Nexus 9k,7K, and 5K.
• Performed system level performance testing conducted (Diagnostics and Cisco IOS XR) on line cards used in the ASR (Aggregation Switching Routing) 9000 2nd Generation series Cisco Routers to detect component and design margin faults at extreme levels of operational temperature and supply voltage.
• Design and implement Cisco ACI in datacenters, create a strategy that allows use of containers, cloud orchestration tools for end users and developers.
• Performed design, deploy, refresh and change control for Cisco ASA firewalls, routers and switches, F5 Networks LTM and GTM load balancing.
• Debugging of line cards if a particular problem occurs by troubleshooting, inspecting the circuitry using standard test bench equipment including various oscilloscopes.
• Remotely programmed and upgraded the line cards for the other teams across the world using Telnet.
• Added support for Amazon AWS to host static/media files and the database into Amazon Cloud.
• Experience with deploying Cisco 6509 VSS in the Server distribution and User Distribution layer
• Redesigning the 5000 User large office location from the Access, Distribution, Core and WAN infrastructure.
• Configured F5 Big IPs with VIPs, Pool, IRules and SSL certificates to ensure traffic was load balanced.
• Migration Network, Firewall and F5 Load Balancer infrastructure from one data-center to another data center.
• Deployed Palo Alto firewalls using Confidential NSX through L2 and L3 interfaces on models such as VM-300, VM-500, and VM-1000-HV.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems and also manipulating BGP attribute.
• Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
• Designed and configured the commands for QoS and Access Lists for Nexus 7K and 5K.
• Reviewing, analyzing, approving and executing all changes in the network. All Configurations of Cisco Routers and Switches.
• Mainly compiled Network information for IPV6 installation,
• Design OSPF Areas for reliable Access Distribution and for Core IP Routing.
• Performed Troubleshooting and monitored routing protocols such RIP, OSPF, EIGRP & BGP.
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.

Confidential, Reston, VA

Network Engineer

Responsibilities:

• Analyze various computer operating systems and ensure better results and administer all management networking tools.
• Implemented NMS using SNMP, HP Node Network Manager. Security monitoring using Cisco MARS 6.0, RSA Envision.
• Manage multiple Palo Alto firewalls centrally through the Palo Alto Panorama M-500 centralized Management appliance.
• Responsible for administration, configuration & maintenance of the SAN network for multiple datacentres consisting of Hitachi VSP, AMS, USPV, EMC VMAX, VNX, Netapp, IBM Mainframe systems including Cisco MDS SAN switches.
• Worked on Cisco switches, router and load balancer administration and maintenance.
• Configured Cisco Switches (catalyst 3500 series), Routers, Firewall and monitored network performance (Cacti).
• Created, tested and deployed virtual environments using Virtualization Technologies - VMware Workstation and ESX Server 3.0 and 3.5.
• Support for NetApp storage system hardware and software in VMware environments.
• Demonstrated ability to work effectively in an ambiguous environment with Vulnerability Management tools such as ACAS, SCAP, and SCCM.
• Proficient in Palo Alto Next-Generation Bluecoat web proxy, HP ArcSight, Splunk Enterprise, Wireshark, FireEye, and various internet tools to assist in analysis.
• Implement IPV6 address pool, tunneling test bed, configuring for IPV6.
• Worked on IP Routing protocols BGP, ISIS, OSPF and EIGRP.
• Implement the Global Protect VPN, IPSec VPNs and SSL VPNs through IKE and PKI on Palo Alto firewalls for site-to-site VPN Connectivity.
• Responsible for corporate security, firewalls, VPN, antivirus, DMZ zoning & updates, working with AAA (TACACS+ & Radius) servers. Hands-on experience with CDN platforms; test platforms: Spirent.
• Worked on LAN/WAN/WLAN/VoIP/VPN/Network Security, Cabling and racking.
• Implemented and maintained internal DNS, DHCP, FTP and Windows network services.
• Develop and upgrade an efficient network and perform troubleshoot on various network processes with help of monitoring tools.
• Perform troubleshoot and resolve complicated problems in relation to LAN and WAN systems.
• Coordinate with various departments and establish effective communication with service providers to provide quality service.
• Installation, configuration and troubleshooting of Cisco 7200VXR, ASR1K, ASR9K series routers and Catalyst 6500, 2900 series switches.
• Developed Testing Strategy, executed test cases and analyzed test reports.
• Maintaining Checkpoint security policies including NAT, VPN and Secure Remote access
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP.
• Expertise in Virtualization with Installation, Configuration and Administration of VMware ESXi and Vcenter Server.
• Designed and developed scalable Azure APIs using Flask web framework in Python and Integrated with Azure API Management, Logical Apps and other Azure services.
• Involved in the redistribution into OSPF on the core ASA firewall.
• Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
• Involved in the modification and removal (wherever necessary) of BGP from the MPLS routers.
• Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
• Responsible for Checkpoint firewall management and operations across our global networks.
• Working with Checkpoint Support for resolving escalated issues.
• Documented all the work done by using Visio, Excel & MS word
• Experience in working with Nexus 7010, 5548, 5020, 2148, 2248 devices.
• ExecutedTest Plan and Automation Development Chambers (RF/ Isolation), Octoscope, Ixia Traffic Generators ( iGen, Ixia Chariot, iPerf, etc.)Enhanced WiFi feature testing Video over WiFi testing and data analysis Video Traffic generation and analysis Sanity Regression testing Defects validations New Wi-Fi features validations Analysis and reporting of test results.
• Experience in configuring Vdc, Fex pinning, Fex port-channel, Port-channel, Peer keep alive, Peer link.
• Experience in working and designing configurations for vPC, vPC domain, vPC peer-gateway, vPC peer-switch, auto-discovery, vPC single sided, vPC double sided, NX-OS, Vfr, Otv, fabric path.
• Implementing and Maintaining Network Management tools (OPAS, Solar Winds, Cisco Works)
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPSec/GRE to GetVPN.