We provide IT Staff Augmentation Services!

Sr. Network Security Engineer Resume

Ft Worth, TX

SUMMARY

  • 9.3 years of Experience and having multiple Certifications Cisco (CCNA & CCNP) in designing, deploying and troubleshooting Network & Security infrastructure on routers, switches (L2/L3) & firewalls of various vendor equipment.
  • Working on Cisco IOS, Junos & NX - OS (7K, 5K&2K).
  • Strong hands on experience on ASA (5505/5510/5540/5585 ) Firewalls, Juniper (SRX 110/210/220/550 ).
  • Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
  • Worked aggressively on complex Palo Alto firewalls Environment.
  • Strong hands on experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K, 2K series, Cisco router models like ASR 9K, ASR 1K, 7200, 3900, 2900, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3850, 3750, 3500, 2900 series switches
  • Assisted in the deployment of wireless project using Cisco Meraki equipment
  • Technology and Infrastructure consultant for Cisco and Juniper design and implementation projects. Specific tasks include installations, configurations, support and maintenance of routers and switches.
  • Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, MPLS QOS
  • Diverse industry exposure - Finance, Telecom, and IT consulting Markets.
  • Extensive experience in configuring Layer3 routing and layer2/3 switching of Juniper & Cisco based J2320,MX,EX,2950,2960,3600,3750,4500,6500,1700,1800,2600 and 3700 series routers & Switches.
  • Troubleshooting & implementation of Vlan, STP, MSTP, RSTP, PVST, 802.1Q, DTP, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5, VTP & SVI.
  • Experience with designing, deploying and troubleshooting LAN, WAN, Frame-Relay, Ether-channel, IP Routing Protocols - (RIPV2, OSPF, EIGRP & BGP), ACL's, NAT, VLAN, STP, VTP, HSRP & GLBP.
  • Experience with Juniper EX2300, 4650, QFX 5100, 5200, J series, M series and MX routers for Core, Distribution and WAN connectivity.
  • Worked extensively in Configuring, Monitoring and Troubleshooting Juniper and Palo alto Security appliances.
  • Extensive knowledge and experience with hosting SSL certificates on F5 platforms.
  • Deployed a new Meraki cloud base Guest and Corporate Wireless system. Personally, built, installed and maintained Meraki MR42 Access point and cloud system. Maintained the Aruba Wireless cloud systems in the branches. Confer with network users to resolve wireless issues.
  • Helping the cloud architecture with next steps on proof of concept with AWS, Open stack, MS Azure, CISCO ACI, Juniper Contrail SDN/ NFV. Selecting the appropriate AWS stack.
  • Good understanding of SNMP, IP SLA and Network Monitoring with experience in tools like SolarWinds, Infoblox, WhatsupGold, Cisco Prime.
  • Installed and implemented & troubleshoot the Network Virtualization through VM Ware and NSX .
  • Configure, Manage, Analyze, and Optimize Network Performance, Traffic, SDWAN, VPNs, Security, Firewalls, & Policies.
  • Expert knowledge of Cisco ACI, NxOS and IOS, other SDN products Tiered Domains, QoS, data center network design, cloud infrastructure design and management, OSPF, BGP, VLAN Trunking .
  • Build out, configure and install access layer switches and distribution layer switches and routers. Examples of the equipment configured and maintained are Cisco, Nexus, Extreme, Juniper, ASR and Arista. These upgrades or new build outs would include both layer 2 and layer 3 switches and routers.
  • Understanding of SDN/ NFV ecosystem SDN controller, ONF, ETSI NFV, Open daylight, Open stack.
  • Good knowledge of CISCO NEXUS data center infrastructure with 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2248)
  • Working Knowledge of modems, routers, switches and Aruba, Cisco & Meraki Wireless network systems
  • Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments
  • Experience configuring & troubleshooting routing protocols like RIP, OSPF, BGP, and EIGRP.
  • Hands-on experience with Juniper SRX - Juniper SSL VPN
  • IOS/JUNOS upgrade for Cisco & Juniper routers/switches.
  • Experience in testing Cisco & Juniper routers/switches in laboratory scenarios and deploy on site for production.
  • Native communication skills and a team player, Effective inter-personal skills, adaptive to any environment, with the latest technologies and delivering solutions as an individual and as part of a team

TECHNICAL SKILLS

Routing Protocols: RIP, BGP, OSPF, EIGRP, Static Routing, IP Addressing, Subnetting, VLSM

Communication Protocols: TCP/IP, UDP, DHCP, DNS, ICMP, SNMP, ARP, PPP

Redundancy Protocols: GLBP, HSRP, VRRP

Topologies: MPLS, Ethernet, Cable Modem, and Wireless

Switch Technologies: VLANs, VTP, STP, DTP, ISL and dot1q

Network Hardware: Cisco switches (2960, 3550, 3560, 4500, 6509, and 6513), Cisco Nexus Switches (2248, 2232, 5548, 5596, 7010, 7718), Cisco routers (1900, 2900, 3900, 7200, ASR-1k/9k), Cisco ASA 5500 series, CSU/DSU’s, network cards, Modems and F5 Network Load Balancer

Network Management Tools: MRTG, HP Open view, Cisco WAN manager, Cisco works 2000, Solarwinds Orion, and Zenoss

Security: NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration, Internet Content Filtering, URL Filtering -Web-sense, SSL, IPSEC, IKE, Static, Dynamic, Reflexive ACL, and authentication AAA (TACACS+ & RADIUS).

Firewall: Cisco ASA, Juniper SRX, Palo Alto

Network Simulators: GNS3, Packet Tracer, Wire shark

OS: Windows, UNIX, LINUX

PROFESSIONAL EXPERIENCE

Confidential, Ft. Worth, TX

Sr. Network Security Engineer

Responsibilities:

  • Designed and implemented DMZ for Web servers, Mail servers &FTP Servers using Cisco ASA5500 Firewalls.
  • Configure all Palo alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments
  • Monitor and respond to network intrusions and vulnerability alerts raised by automated detection systems, internal and external reports and manual investigation, using tools such as: Solar Winds Network Monitoring, Source Fire IDS, and Palo Alto Firewall Administration.
  • Establish AWS technical credibility with customers and external parties
  • Implemented Cisco and Aruba Wireless Controllers, Aruba Wireless Access Points at corporate site as a part of WLAN Infrastructure.
  • Help customers build scalable, resilient, and high-performance applications and services on AWS
  • Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
  • Experience with configuring Virtual Server and Configuring Load balancing methods in F5 LTM
  • Experience with Firewall Administration, Rule Analysis, Rule Modification
  • Experience with Network Redesign of branch and Campus Networks. This includes changes to both the voice and data environment.
  • Install and support various MPLS/BGP, Metro Ethernet deployments and configure routing and switching platforms and Aruba Wireless Solutions.
  • Performs installation of communications hardware - routers, firewalls, switches, access points including Cisco Meraki and HP Aruba mesh networks.
  • Assisted in designing and programming of object-oriented databases with Python and other languages.
  • Experience with Network Automation using Python
  • Having experience in Migration from Cisco ASA's to Fortinet's Fortigate firewalls
  • Testing and prod support of Cisco ACI Data center in network centric mode and EM for customers with multitenancy using Clustered APIC controllers M1 C220 M3/M4.
  • Configuring and deploy Cisco Catalyst 2960 and Meraki MS350 switches along with MerakiMR52 wireless access points, and Meraki MV21 security cameras for upgrading existing sites
  • Implemented Load Balancing between Cisco L3 Switch by HSRP and GLBP
  • Configuring OSPF and Static routing on Juniper M and MX series Routers
  • Experience with F5 GTM/LTM installation and assist in configuration of F5 APM LTM modules for BIG IP networking equipment.
  • Design and implement Python 3.6 scripts in order to automate backup of Cisco Nexus devices.
  • Responsible for configuration and troubleshooting issues related to F5 GTM/LTM devices such as 4200v, 5200v, Viprion 2200 and F5 APM.
  • Experienced setup, create test beds on Cisco LAP/WLC and Aruba IAP/Airwave/ClearPass
  • Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed
  • Experience in configuring vdc, fex pinning, fex port-channel, port-channel, peer keep alive, peer link.
  • Experience with migrating the Partner IPSEC VPN tunnels from one data center to another data center.
  • Replace Campus Cisco 6509 End of Life hardware with new 4507/4510 devices.
  • IOS upgrade in Nexus 7010 through ISSU (In service software upgrade)
  • Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tuning AS-path.
  • Worked on Juniper J series j230, M 320 routers and EX 3200 series switch.
  • Experience in working with Nexus 7010, 5548, 5020, 2148, 2248 devices.
  • Designed and configured the commands for QoS and Access Lists for Nexus 7K and 5K.
  • Configuring Virtual Chassis for Juniper switches EX-4200,Firewalls SRX-210
  • Design and implementation of GET VPN architecture used for multicast and unicast communication on an existing IP VPN.
  • Mentored several new members brought into Viptela, Meraki projects.
  • Have configured ACI for remote Authentication in the respective organization, manage project task to migrate from Cisco ASA firewalls to Checkpoint firewalls.
  • Modified automation scripts using python coding languages for pre and post checks, SNMP to improve efficiencies, enable scale and reduce costs over time.
  • Worked extensively on Cisco ASA 5500 (5510/5540) Series
  • Responsible for working on the vendor DMZ migration project to migrate various vendors on SRX/SSG firewalls to a unified Cisco ASA device in our primary/redunadant datacenters
  • Experience on designing and troubleshooting of complex BGP and OSPF routing problems,
  • Involved in configuring IP Quality of service (QoS)
  • Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment
  • Involved in designing and implementing QOS and policy map to 2800 series routers for all the branches
  • Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000
  • Provided technical support, integration, and configuration Cisco Meraki switching, Cisco ISE, Aerohive Wireless LAN, network monitoring software, and User based authentication such as 802.1x
  • Developed and implemented a web crawler program in Python that gathers data from social networking site
  • Installation of new firewalls as well as perform in place upgrades. Hardening the Fortinet and Check Point firewalls before moving them to Production
  • Developed ACI (Cisco Application Centric Infrastructure) based Cisco Validated Designs for Enterprises and Service Providers to transform Traditional 3 Layer Architecture to ACI based (Spine, Leaf and APIC) Architecture.
  • Developed an application in Python 3.7 which automates configuration backups across more than 800 network devices
  • Managed and maintained Fortinet Firewalls through IPv4 policies, traffic shaping, IPS, web filtering, interfaces, and routing
  • Experience in F5 GTM, LTM, APM, and Viprion Series of devices. Worked on Cisco ACE 4710 Load balancers and Cisco WAAS, WAVE accelerators
  • Implementing and Maintaining Network Management tools (OPAS, Solar Winds, Cisco Works)
  • Configuring IPSEC VPN (Site-Site to Remote Access) on SRX series firewalls.
  • Replace branch hardware with new 2851 routers and 2960 switches.
  • Designed, validated and implemented LAN, WLAN & WAN solution to suite client’s needs.
  • Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.

Confidential

Sr. Network Security Engineer

Responsibilities:

  • Experience working with data center deployment where we converted from Cisco 6500 to Nexus.
  • Experience with configuring FCOE using Cisco nexus 5548.
  • Experience working with Juniper devices like EX 2200,EX 4200, EX 4500, MX 480, M Series, SRX650, SRX240
  • Troubleshoot wan related problems including OSPF, EIGRP, BGP routing and design
  • ExperienceSupporting EIGRP, OSPF and BGP based network by resolving level 2 & 3 problems of internal teams & external customers of all locations
  • Experience with configuring BGP, OSPF in Juniper M and MX series routers for branch/Back office locations.
  • Working with Checkpoint Support for resolving escalated issues
  • Configured and troubleshoot Autonomous and Cisco Meraki and Access Points
  • Experience with setting up IPSEC VPN on Cisco 5585 Firewalls towards the multiple vendors
  • Experience working with Nexus 7010/Nexus 7018, 5020, 2148, 2248 devices
  • Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010
  • Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000
  • Maintenance of NTP, Aruba Clearpass, Netbrain and terminal servers. successfully implemented Cisco Meraki and VoIP solutions for multiple new customers
  • Assist with configuration and implementation of ACI and APIC.
  • Responsible for providing ongoing support to application centric infrastructure (ACI) solution.
  • Experience in configuring all Palo alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments
  • Support Panorama Centralized Management for Palo alto firewall PA-500, PA-200 and PA3060, to central manage the console, configure, maintain, monitor, and update firewall core, as well as back up configuration
  • Implementation of Aruba Clearpass as our centralized network access control for all the branches and the work from home users.
  • Involved in FortiManager Support and Configuration
  • Helped team to deploy 100 APs with 15 Switches, Cisco Nexus, Cisco Meraki and 2 Wireless controllers.
  • Experience working with F5 LTM 3600/6400 and GTM 2200/4200 in data center
  • Configured Virtual Servers, Configure Nodes, and configuring the load balancing Pools and also used to work with configuring load balancing algorithms.
  • Experience in Fortinet 100D, Fortinet 60C, Fortinet 60E, Fortinet 60D, Fortinet 200E (HA), this includes the whole UTM (app control, Web Filter, IPS, DoS, DDoS , etc.
  • Experience configuring session based persistence and I have leant configuring writing i Rules for specific redirection purpose and also i rules for persistence.
  • Dealt with creating VIP(virtual servers), pools, nodes and applying I Rules for the virtual servers like cookie persistency, redirection of the URL
  • Worked with TAC, BU team for debugging and fixing ACI Network issues in Cisco Cloud.
  • Provided Load Balancing towards access layer from core layer using F5 Network Load Balancers.
  • Configured Cisco 3502 wireless access points.
  • Supplied documentation, escalation, training and standard operating procedures as needed to allow for a smooth transition within the NOC.
  • Created wireless environment to support the facility to include using the Cisco 3750 wireless controllers (2) and Aruba Wireless AP's to support wireless network throughout facility.
  • Implemented and maintained custom APM I Rules for variable authentications.
  • Experience in F5 GTM, LTM, APM, and Viprion Series of devices. Worked on Cisco ACE 4710 Load balancers and Cisco WAAS, WAVE accelerators
  • Modified internal infrastructure by adding switches to support server farms and added servers to existing
  • DMZ environments to support new and existing application platforms.
  • Designed and installed new Branch network systems. Resolved network issues, ran test scripts and prepared network documentation.
  • Experience with F5 GTM/LTM installation and assist in configuration of F5 APM LTM modules for BIG IP networking equipment.
  • Monitors Rogue/Suspected Rogue devices using Aruba Airwave & sends Deauth packets to devices who are broadcasting its wireless network inside our facility
  • Performed switching technology administration including VLANs, interVLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.
  • Configuration of Access List ACL (STD, Ext, Named) to allow users all over the company to access different applications and blocking others.
  • Involved in configuring IP Quality of service (QOS)
  • Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment
  • Primary responsibility is to design and deploy various network security & High Availability products like Cisco ASA other security products
  • Convert Branch WAN links from point to point circuits to MPLS and to convert encryption from IPSec/GRE to get VPN.
  • Working in collaboration with other company products such as AWS, AZURE, Cisco ASA, Sonicwall, Palo Alto with Meraki to provide more stable, compatible and efficient network outlines to meet customer needs.
  • Configured, implemented, and troubleshoot routers and switches with various account settings permissions, and parameters including security firewalls.
  • Plan Design and assist in deploying enterprise wide Network Security and High Availability Solutions for ASA and SRX Firewalls
  • Work as a part of the DMZ migration and consolidation for external vendors into a new environment on ASA 5585 devices.
  • Configuration, trouble shooting and installation of all 48 Fortinet firewalls ranging from Fortigate 60c models to FortiGate's Virtual Firewall.
  • Worked with Automation script with Python module like Chef &Ansible.
  • Cisco ACI fabric networks, including python automation
  • Worked on Great exposure to SDN and Network virtualization technologies like Cisco ACI.
  • Configuration, trouble shooting and installation of Fortinet switches to include Fortis witch 124D up to Fortiswitch 1204D switches.
  • Creation and delivery of PYTHON curriculum and delivery of Cisco/Juniper IT Essentials
  • Implemented and troubleshoot SNMP, Netflow Settings Cisco ACI Infrastructure.
  • Creating or Modifying Firewall rules on Cisco 5555, 5520, Juniper SRX and Palo Alto VM-300 devices.
  • Upgrading the IOS on Network Devices including cisco 6800, 6500 and Palo Alto VM-300 devices
  • Experience in working in panorama, Palo Alto user interface version 8.0.2 and VM-300 series firewalls.
  • Creating templates in panorama to manage the individual devices from it.
  • Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/Juniper security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
  • Multipoint VPN: IPSec, IKEv2, DES, 3DES, AES (-128, -192, -256), Pre-Shared Key, X.509v3 Certificate, MD5, SHA-1, NAT-T, firewall rules for each VPN connection, configuration assistance via web interface, remote-controlled activate/ deactivate connection.
  • Data center migration was involved in Access, Distribution and Core layers.
  • Created MOPS and get approval from peers to perform configuration add/ remove changes.
  • Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
  • Configuration and extension of VLAN from one network segment to other segment between Different vendor switches (Cisco, Juniper).
  • Configuring Vlan’s, VTP’s, enabling trunks between switches.
  • Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
  • Performed Configuration on ASR 9K Pairs includes HSRP, Bundle Ethernet Config, Assigning DHCP profiles.

Confidential, Chicago, IL

Juniper Network Engineer

Responsibilities:

  • Involved in the Configuration and Administration of Cisco and Juniper Routers and Switches
  • Experience working with Nexus 7010, 5548, 5596, 2148, 2248 devices.
  • Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with ASA and JUNIPER SRX Firewalls
  • Configure and troubleshoot Juniper EX series switches and routers at branches/back offices.
  • Experience with moving data center from one location to another location, from 6500 based data center to Nexus based data center
  • Experience working with Fortinet Firewall series FortiGate 3800, 3700, 3200, 3100,2500 & 2000
  • Worked with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience
  • Experienced with Aruba Wireless platform (Aruba ClearPass and Aruba AirWave), Aruba Mobility controllers providing centralized internet management and also intra network access
  • Upgrading code on Palo alto firewalls PA5050/3020 to meet company security policy
  • Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall
  • Created documents for various platforms including Nexus 7k, ASR9k, and ASR1k enabling successful deployment of new devices on the network.
  • Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
  • Involved in Implementation and Configuration (Profiles, I Rules) of F5 Big-IP C-4400 load balancers.
  • Network Redesign for Small Office/Campus Locations. This includes changes to both the voice and data environment
  • New exposure and critical hands-on experience with cloud based and SD-WAN platforms - Viptela and Cisco Meraki.
  • Establish AWS technical credibility with customers and external parties
  • Help customers build scalable, resilient, and high-performance applications and services on AWS
  • Develop/capture/document architectural best practices for building systems on AWS
  • Worked on a broad range of topics such as proactive monitoring and maintenance, disaster recovery exercises, and core network repairs
  • Perform basic network troubleshooting, automating operational issues using python to make network more robust.
  • Setup new employee network infrastructure from ground up, installed fiber data connections, Cisco Meraki, Fortinet, and Dell gateways, managed switches, and Unifi AP's.
  • Maintained BIG IP F5 APM VPN and provided solutions for intricate issues.
  • Implemented l4/l7 services and network Micro segmentation using ASA, Palo Alto virtual firewalls and integration with ACI fabric and Arista VXLAN fabric.
  • Advanced expertise and hands-on on Cisco IOS-XR software platform on Cisco 12000 series routers
  • Experience working with ASR 9000 series switches with IOS-XR
  • Advanced expertise and hands-on on Cisco IOS, IOS-XR 4.1.2 and 4.3.31 software platform on 12000 series routers
  • Firewall Policy Provisioning and troubleshooting firewall connectivity related issues using Fortinet Manager
  • Well Experienced in configuring protocols HSRP, GLBP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP.
  • Experience with communicating with different with different customers/Vendors, IT teams in gathering the details for the project
  • Switching tasks include VTP, ISL/ 802.1q, IPSec and GRE Tunneling, VLANs, Ether Channel, Trunking, Port Security, STP and RSTP.
  • Troubleshoot and reconfigure Cisco, Fortinet, Sonic wall, firewall/switch/routers/Cradle points as needed.
  • Implemented network integration with ACI AND NSX for VMWare and UCS platforms
  • Experience in installing and configuring DNS, DHCP servers.
  • Replace branch hardware with new 3900 routers and 3750 POE Switches.
  • Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking, deployed port security when possible for user ports
  • Involved in configuring Juniper SRX 550, Cisco ASA 5585 firewall and PALOALTO 5050 firewall
  • Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed

Confidential, Fortmill, SC

Sr. Network Engineer

Responsibilities:

  • Experience with configuring Cisco 6500 VSS in Distribution layer of the Data center network
  • Configuration and Administration of Cisco and Juniper Routers and Switches
  • Experience working with Nexus 7010, 5548, 5596, 2148, 2248 devices.
  • Experience configuring VPC(Virtual Port Channel), VDC(Virtual Device Context) in Nexus 7010/7018
  • Experience with configuring FCOE using Cisco nexus 5548
  • Configured Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000 to connect servers and storage devices.
  • Experience with setting up MPLS Layer 3 VPN cloud in data center and also working with BGP WAN towards customer
  • Configure and troubleshoot Juniper EX series switches and routers
  • Migrated to Juniper EX series switches from Cisco 3500 series and 6500 series switches
  • Experience with moving data center from one location to another location, from 6500 based data center to Nexus based data center
  • Network Redesign for Small Office/Campus Locations. This includes changes to both the voice and data environment
  • Configure and deploy Cisco ASA Meraki MX84 firewalls with site-to-site IPsec VPN tunnels to connect smaller branch sites back to the data center
  • Network security including NAT/PAT, ACL, and ASA/SRX Firewalls.
  • Good knowledge with the technologies VPN, WLAN and Multicast.
  • Well Experienced in configuring protocols HSRP, GLBP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP.
  • Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy It also includes the configuration of port channel between core switches and server distribution switches
  • Experience with communicating with different with different customers, IT teams in gathering the details for the project
  • Works directly with Aruba TAC to resolve issues with the Clearpass Server and Airwave devices; escalates all issues to the federal team for expedited resolution
  • Experience on cloud AWS cloud EC2, S3, RDS, Load Balancer, Auto Scaling with AWS command line interface and AWS python SDK.
  • Switching tasks include VTP, ISL/ 802.1q, IP Sec and GRE Tunneling, VLANs, Ether Channel, Trunking, Port Security, STP and RSTP.
  • Good domain knowledge in Linux source code 2.6x & Shell and python scripting.
  • Experience on dealing with Cisco Application Centric Infrastructure ( ACI) by integration hardware and software products as per network layout
  • Working and deploying wide range of Cisco Meraki products - Firewall MX, L2/L3 Switches MS, Access point MR, IP Phone
  • Meraki implementation Security/SD-WAN MX, Switches and Access Points for 2200+ offices.
  • Worked on Python automation of Vulnerability Management Tasks.
  • Knowledge of working with TRILL and SPB protocols for ACI Fabric Layout with Leaf-Spine topology.
  • Experience in installing and configuring DNS, DHCP servers.
  • Replace branch hardware with new 3900 routers and 2960 switches.
  • Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
  • Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPSec/GRE to Get VPN.
  • Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking, deployed port security when possible for user ports
  • Involved in configuring Juniper SSG-140 and Cisco ASA firewall
  • Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed.

Hire Now