SUMMARY

• Having 8+ years of hands on experience in network & security engineering, designing, integrating, deploying, maintaining and supporting broad range of communication systems.
• Experienced configuring Virtual Local Area Network (VLAN), VLAN Trunking Protocol (VTP), Dynamic Trunking Protocol (DTP), Spanning Tree Protocol (STP), RSTP, MST and Per VLAN Spanning Tree (PVST), Virtual routing and Forwarding (VRF).
• Implemented MPLS/VPN services for various customers.
• Experience in Layer 3 Routing Protocol configurations: RIP, OSPF, BGP, EIGRP and MPLS.
• Experience in Layer 2 routing Protocol Configurations: ARP, RARP, ATM/FRAME RELAY and VPN technologies: IPSec & SSL.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Experience in designing, implementing and Managing LAN, WAN solutions for different client setups.
• Checkpoint - R60/R65/R70/R75 software version with hardware Checkpoint 11000, 21000 series with VSX environment.
• Checkpoint software Blades (IPS, Anti-Bot, Anti-Virus, Identity Awareness and DLP) with managed by Checkpoint Checkpoint smart dashboard in smart domain manager/Provider-1 environment & separate Syslog servers.
• Supporting and troubleshooting Checkpoint/Cisco site-to-site VPN/IP Sec functionality.
• Checkpoint VPN-1/ Firewall-1, IPSO, SPLAT and GAIA initial setup on open servers, Nokia devices, Crossbeam/Checkpoint hardware devices.
• Implemented traffic filters on CISCO routes using Standard Access List and Extended Access list.
• Familiarity with WAAS, VoIP, wireless, security, next-gen datacenter networking (SDN, Cisco ACI).
• Experience with installing and managing IT services such as Active directory, site replication, DNS, SSH, DHCP, DNS, NAT and Terminal service.
• Successfully installed Palo Alto PA-3060 firewall to protect data center and provides L3 support for routers/switches/firewall.
• Managed Configuration, Logging and Reporting of Palo Alto firewall through the Panorama.
• Managed URL filtering, File blocking, Data filtering by Palo Alto firewall, Barracuda NG Firewalls.
• Handled Load Balancing usingF5 Networks.
• Hands on experience with Citrix load balancers.
• Experience in configuring Virtual Local Area Network (VLAN), spanning tree protocol (STP), VLAN Trunking Protocol (VTP), Dynamic Trunking Protocol (DTP), Per VLAN spanning Tree (PVST) and 802.1 x authentications in access layer switches.
• Strong knowledge in HSRP, VRRP redundancy Protocols.
• Experience in Network Management Tools and sniffers like SNMP, HP-Open view, Wireshark and Cisco works to support 24 x 7 Network Operation Center.
• Experience in physical cabling, IP addressing and subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies.
• Access control server configuration for PKI, RSA, RADIUS& TACAS+.
• Experience with 802.11x wireless technology.
• Ability to Install, Manage & Troubleshoot Large Networks & Systems Administration on Windows & Linux platforms in Development, Lab & Production Environments.
• Good knowledge of CISCO NEXUS data center infrastructure with 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2248)
• Sound knowledge of virtual firewalls like checkpoint VSX, IDS, IPS as well as encryption techniques.
• Excellent communication skills with ability to interact effectively with employees at all level of the organization.

TECHNICAL SKILLS

Hardware: Cisco Switches (2900, 2924, 2950, 3550, 5500, 6500, 6509, 6513), Cisco routers (2600, 2800, 3640, 3700, 3825, 7200, 7204, 7206), Cisco PIX 500 series, CSU’s/DSU’s, Catalyst 6500, 7600, 4500.

Firewalls and Sniffers: Cisco PIX, FWSM, ASA, Check Point, OPNET, Palo Alto, WIRESHARK

Protocols: RIP, RIP2, PPP, OSPF, EIGRP, IS-IS, BGP, SNMP, HTTPS, FTP, TFTP, HTTP, DHCP, SMTP, ICMP, DNS, UDP

WAN Protocols and Technologies: HDLC, PPP, ATM, FRAME RELAY, IDSN, Metro Ethernet

LAN Technologies: Ethernet, TCP/IP, CDP, STP, RSTP, VTP, VLAN, Trunks, Ethernet channel, MPLS.

Redundancy Protocols: HSRP, VRRP, GLBP, RPR, RPR+, NSF-SSO.

Servers: Domain servers, DNS servers, WINS servers, Mail Servers, Proxy Servers, Print Servers, Application servers, FTP Servers

Operating Systems: Windows 2000/2003/2008 , windows XP/7, LINUX, Redhat, UNIX, Macintosh

Anti-Virus & Internet Security: MacAfee, Symantec, Trend-Micro & e-Trust.

PROFESSIONAL EXPERIENCE

Sr. Network Engineer

Confidential, Charleston, West Virginia

Responsibilities:

• Worked on Converting the Partner IPSEC VPN from one Data Center to another Data Center.
• Experience working with Nexus 7010, 5020, 2148, 2248 devices
• Coordinated precise scheduling for all migration events including all equipment and resources for the data center migration on an extremely accelerated schedule with for a high-profile client.
• Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Support Panorama Centralized Management for Palo Alto firewall PA-500, PA-200 and PA3060, to central manage the console, configure, maintain, monitor, and update firewall core, as well as back up configuration
• Deployed Cisco FireSight, ISE using certificate authority signed certs with pxGrid remediation module.
• Worked on ISE 802.1X, ISE wired/wireless guest and ISE trustsec implementations.
• Deployed, configured, and managed of 802.1x solutions to include Cisco Identity Services Engine (ISE), ACS (Radius and TACACS+), and Cisco Prime Infrastructure.
• Assistance provided with initial installation and configuration for SDA (ISE, DNAC+Assurance, Stealthwatch, APIC-EM, Catalyst 9k and programmability) Assessment for the newly implementing customers.
• Configuring, installing SD-WAN devices, running shipping and receiving department, and day-to- day operations. Perform technical problem resolution including analysis, trouble isolation, and repair on SD-WAN devices. Worked closely with architect team by helping them in designing and implementing.
• Deploying and maintain instances in Amazon Cloud(AWS) and setting up Users and Groups using Identity and Access Management(IAM.
• Provided security and managed user access and quota using AWS Identity and Access Management (IAM).
• Implemented firewall rules in Palo Alto firewalls using Panorama for one of the environment.
• Configured and implemented APP and URL Filtering on Palo Alto Firewalls. Configured Firewall logging, DMZs and related security policies and monitoring.
• Implemented VoIP solutions using SIP & H.323, also have sound knowledge of Avaya VoIP products.
• Configured and implemented APP and URL Filtering on Palo Alto Firewalls. Configured Firewall logging, DMZs and related security policies and monitoring.
• Upgrading code on Palo alto firewalls PA5050/3020 to meet company security policy.
• Experience in Support and maintenance of network devices such as Routers, Switches, Firewalls, Cisco and Aruba wireless controllers and access points.
• Generated and worked on over 25 Aruba TAC cases related to wireless design and operational issues.
• Managed company-wide Cisco Wireless environment with 5508 and 2504 wireless controllers, also Aruba Wi-Fi, and Clear Pass Network Access Control
• Designed and installed Aruba WiFi network to supply wireless connectivity to both employees and guests using segregated VLANs.
• Successfully installed Palo Alto PA-5000, PA-3000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls and configured and maintained IPSEC and SSL VPN's on Palo Alto firewalls.
• Upgraded Palo Alto Firewalls PA-7000 to PA-9000.
• Configured and implemented Policies and URL Filtering on Palo Alto firewalls of 7000 Series.
• Experience on dealing with Aruba Wireless products including Access Points, Mobility Access Switches and Outdoor mesh routers
• Maintained Cisco Wireless Network devices, to include Prime, ISE, Cisco Wireless Controllers, and configuring Aruba and Cisco Access Points in a Secure environment for the DoD.
• Migrating Cisco ASA firewalls policy to new Checkpoint appliance with support of vendor specific tool.
• Configured VMware ESXi 4.0/5.0/5.5/6.0/6.5 and build VMs with Windows 7/8/2008/2012 R2 OS and Centos/Linux 5, 6.0 Operating systems on the Server farm.
• Configured VMware Auto deploy software on VCenter Servers to facilitate auto discovery of ESXI Host on UCS Blades.
• Set up and managed the Cloud based monitoring of all Cisco Meraki wireless Aps and networks.
• Install and configure Meraki (MX80, MX60) Appliance via Meraki MX400 Cloud.
• Install and configure Cisco Meraki (MR66, MR18) wireless Access points in the warehouses.
• Managing URL Content Filtering on Web sense Proxy.
• Adding exemption, editing policy groups on Web sense Management Server.
• Set up network connectivity for Cisco training. This involved connecting the routers, switches and firewall physically and loading them with a base configuration. It also involved connecting the PCs to the network and providing Internet connectivity
• Worked on Layer 2 protocols such as STP, VTP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment
• Involved in configuring IP Quality of service (QoS).
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Installed new purchased Hardware to the new DC, migrate data over WAN connection, also greatly involved in virtualization of physical servers.

Environment: Router 2900, 3900; Cisco Catalyst Switch 3550, 2960. T1 Controllers, CheckpointR70 to R75.20, Cisco ASA, DS3 Lines (T3 Lines), Fiber and Ethernet cabling.

Sr. Network Engineer

Confidential, Sacramento, CA

Responsibilities:

• Implemented LAN/WAN utilizing CISCO 7200, 7204, 7206.
• Configured Routing Protocols such as OSPF and policy-based routing.
• Design OSPF Areas for reliable Access Distribution and for Core IP Routing.
• Fine-tuned OSPF metrics to avoid routing loops and ensure redundancy in case of link failures.
• Redistribution of routing protocols and Frame-Relay configurations
• Implement and manage all the firewalls in smart domain manager/Provider-1 with CMA to organize enterprise and remote locations.
• Configured and implemented Policies and URL Filtering on Palo Alto firewalls of 7000 Series.
• Palo Alto and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using Panorama.
• Strong experience in creating firewall policies as per the requirements on Checkpoint, Palo Alto, Cisco ASA, Juniper and Fortinet firewalls.
• Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with Cisco ISE.
• Worked on Cisco ISE to prevent unauthorized access to the network.
• Cisco ISE supports AAA, 802.1X and mobile device management.
• Integrating Configuring Cisco Wireless LAN Controllers WLC with ISE to perform Dot1x
• Performed upgrade on Cisco ISE from version 1.4 to version 2.0. After performing upgrade took advantage of TACACS and onboarded new network equipment into ISE instead of the unsupported Cisco ACS server.
• Worked extensively on Palo Alto, Juniper Net screen, Fortinet and SRX Firewalls.
• Developed scripts and made changes to call flows within the Avaya PBX.
• Involved extensive programming of Vector Directory Numbers (VDNs), vectors, skills, and uploading of announcements in thirteen different IP based Avaya PBX systems.
• Maintained Avaya server gateways, Modular Messaging, AES and CMS
• Coordinate personnel moves adds and changes, make vector changes for the various call centers and pull Solar Turbine reports
• Developed CTI solution to integrate Avaya AES 4.2
• Configured and implemented APP and URL Filtering on Palo Alto Firewalls. Configured Firewall logging, DMZs and related security policies and monitoring.
• Upgrading code on Palo alto firewalls PA5050/3020 to meet company security policy.
• Managing URL Content Filtering on Web sense Proxy.
• Configured the UCS hardware and migrated VM's hosts from HP hardware to UCS B & C Series Using VMware tools.
• Used Windows Server Manager to build a server on a VMware ESXI for RDE Technology
• Created and managed an array of VM products included VMware and HyperV
• Experience in installation, configuration and management of VMware vSphere network test environment.
• Implemented Zone Based Firewalling, URL filtering with PAN-DB and Security Rules on the Palo Alto Firewall.
• Provisioning and Tier 3 support for all Avaya sets that include 2400, 2500, 4600, 6300, 7400, 8400 and 9600 phone sets.
• Implemented VoIP solutions using SIP & H.323, also have sound knowledge of Avaya VoIP products.
• Adding exemption, editing policy groups on Web sense Management Server.
• Adding/removing ARM bypass rules on Web sense appliances.
• Perform Firewall OS upgrades using CLI, Splat and Voyager GUI.
• Implemented centrally managed WIFI network utilizing HP MSM760 controller HP MSM430 access points.
• Security infrastructure engineering experience as well as a Microsoft Windows, UNIX, Juniper firewalls, Palo Alto firewalls, Bluecoat Proxies, Juniper Intrusion Prevention devices, and wireless switch security management.
• Configuration and support of Juniper NetScreen firewalls and Palo Alto firewalls.
• Successfully installed Palo Alto PA-3060 firewall then configured and troubleshot using CLI and worked with Panorama management tool to manage all Palo Alto firewall and network from central location.
• Assisted senior engineers with installation, testing equipment, confirming IP addresses and internet connections to get Confidential site up and running for an SD WAN network conversion. Took part in SD-WAN implementation project for over 20 sites.
• Gained experience on working with migration to Check Point and Palo Alto next generation firewalls.
• Firewall deployment, rules migrations, firewall administration and converting existing rule based onto new Checkpoint and Palo Alto Next-Generation Firewall platforms
• Troubleshoot connectivity issues involving VLAN's, OSPF, QoS etc.
• Designed WLAN network in newly constructed emergency management center.
• Maintained and operation including design and rollout of over 360 Cisco Wireless devices utilizing Cisco WLAN controllers.
• Configure and Manage site-to- site IPSEC VPN with different partners. Troubleshoot remote access services like Cisco WLAN clients and for the users to access their enterprise network.
• Experience in installation of windows active directory for the creation of users and groups and assigning policies based user’s application.
• Implemented DMVPN for Backup to MPLS.
• Configured Routing protocols like BGP, OSPF, MPLS, and multicast and L2 protocols in ASA to check it is passing through via ASA in customer deployments.
• Experience in enabling and configuring to improve network performance and monitoring through SDN (Software Define Networking).
• Experience in file transfer, email and messaging application protocols like FTP, SFTP.
• Excellent in patches and packages installation on Linux/Unix Environment.
• Configured WIFI APs connected in LAN to reduce cable costing by creating AP, worked on Cisco SP WIFI , troubleshoot in Cisco Aironet 3700, 1700 and 600 series.
• Involved in designing and applying QOS and policy map to 2800 series routers for all the branches.
• Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Extensive working knowledge in wireless technologies like Lan Controller and Cisco PRIME .
• Implemented SNMP on Cisco routes to allow for network management
• Created design documents, project plans, network documentation, and training material.
• Implementing NAT solutions on CISCO IOS routers.
• Support Panorama Centralized Management for Palo Alto firewall PA-500, PA-200 and PA3060, to central manage the console, configure, maintain, monitor, and update firewall core, as well as back up configuration
• Implemented firewall rules in Palo Alto firewalls using Panorama for one of the environment.
• Setup simplified and traditional VPN communities and CISCO Any connect.
• Installed and configured Routers, Bridges, Terminal Servers and CSU/DSU’s to support WAN links
• Work with application developers and systems engineer to migrate applications and systems to a new Border Gateway network.
• Installed and configured CISCO ASA and Checkpoint firewall .
• Leveraged two Nexus 2232 Fabric Extenders and two 2248 Fabric Extenders, making them ‘dual-homed’ to both N5Ks and implementing Enhanced Virtual Port-Channel (EvPC) .
• Involved smart view tracker to check the firewall traffic .
• Documented all the work done by using MOPS, Visio, Excel and MS word.

Environment: Cisco 3750/3550/3500/2960 switches and Cisco 12000/7200/3845/3600 routers, Cisco ASA5510, Checkpoint.

Network Engineer

Confidential, San Diego, CA

Responsibilities:

• Responsible for the implementation and maintenance of firewall based security zones (DMZ*s).
• Provide support to internal project teams by adding firewalls, switches and routers to managed DMZs.
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS.
• Implementing & Troubleshooting of T1, MUXES, CSU/DSU and data circuits.
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems,
• Have sound knowledge of Firewall architecture, routing and VPN.
• Have experience working on HP Open view Network Node Manager.
• Designing and installing Wireless Network Infrastructure.
• Upgrade firewalls in accordance with change management & Document changes to firewalls.
• Monitor traffic and access logs in order to troubleshoot network access issues.
• Have experience with Cisco Works LAN Management Solution.
• Maintained enterprise PCI certification with multiple vendors
• Responsible for running Qualys PCI compliant scanning on web servers.
• Experience in migration of Frame-relay based branches to MPLS based technology using multilayer stackable switch like 6500 series and 2800 series router.
• Involved in configuring IP Quality of service (QoS).
• Involved in designing and planning L2VPN services and VPN-IPSEC authentication & encryption system.
• Experience in designing, installing & configuring of Cisco PIX, ASA & FWSM (Firewall service module).
• Evaluate, Analyze & Implement firewall policies to meet business requirements
• Experience in creating and maintaining firewall configurations, updating documentation andlog analysis.
• Applying crypto maps and security keys for the branches, ISAKMP (Internet security associationkey management protocol) for establishing Security associations (SA) cryptographic keys.
• Experience in configuring routing protocols like EIGRP, RIP v2, OSPF & BGP and Cisco ACS protocols like RADIUS and TACACS.
• Experienced in WAN environments, installing and troubleshooting data circuit problems (MPLS,T1).
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment.
• Involved in designing GRE tunnels for encryption of data flow from source to destination.
• Implementing VoIP solutions using SIP & H.323, also have sound knowledge of Avaya VoIPproducts.
• Experience in configuring VLAN’s STP (Spanning tree Protocol) & RTSP (Rapid SpanningTree Protocol).
• Experience with Project documentation tools & implementing and maintaining network monitoring systems ( Cisco works & Netinfo, Infoman Virtual Change ) and experience with developing Network design documentation and presentations using VISIO.
• Understanding & Implementation of IPSEC & GRE tunnels in VPN technology.

Environment: Router 2800, 3800, 7200, 7600, Cisco Catalyst Switch 6500, 6509, 3550

Network Engineer

Confidential

Responsibilities:

• Maintaining the Network Infrastructure, Installation, migration and configuration of routers and switches for clients.
• Provide alternative means from dial-up connection to bring down the damage or loss that occurs for the client.
• Configured Routing protocols such as OSPF and policy based routing.
• Team member of Configuration of CISCO 7206 router and Configuration of Catalyst switches.
• Configuration 7609, 7606 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
• Create and test Cisco router and switching operations using OSPF routing protocol.
• Configuration and troubleshooting link state protocols like OSPF in multiple areas.
• Configured HSRP and VLAN trucking 802.1Q, VLAN Routing on Catalyst 6500 switches.
• Optimized performance of the WAN network consisting of CISCO 3550/4500/6500 switches by configuring VLANs.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
• Configured IP access filter policies.
• Providing Technical Support and solutions for Network Problems.
• Implementing NAT solution's on Cisco IOS routers.
• Upgrading IOS, troubleshooting network outages.
• Worked on Cisco Routers, Active /Passive Hubs, Switches.
• Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center including patching the cables in the Patch Panel.

Environment: Cisco 3550/4500/6500 switches and Cisco 2500, 2600, 3000, 6500, 7500, 7200 routers, Checkpoint.

System Engineer

Confidential

Responsibilities:

• Worked as part of a team for Cisco Product Support. Troubleshooting by providing relevant knowledge base articles and other information.
• Network solutions for complex networks for VAR (Value added resellers) users of Cisco.
• Configured & maintained LAN, WAN, VPN, WLAN, and Firewalls on Cisco Routers for end users.
• Configuring MPLS, VPN (IPSEC, GRE) in VPN concentrators and QOS in integrated networks (Data, Voice, and Video).
• Installed and configured the ACE and CSM for firewall/Server Load balancing for Cisco Catalyst switches.
• Configuring IPS, IDS, VLAN, STP, Port security, SPAN, Ether channel in Cisco Composite Networks.
• Configured routers and modems, troubleshot issues related to broadband technologies for Residential and Business Customers.
• Apache Web Server & MRTG, BIND DNS Server configuration and optimization over UNIX and Active directory implementation of Windows 2003 Server.
• Configured & Maintained Cisco 2600, 2800, 3200 series routers including IOS upgrades.
• Prompt technical support to customers on routers and switches.
• Remote management of large networks.

Environment: Cisco Routers - 1700, Cisco GSR 12416. Cisco Switches - 1900, 6509, and 6513