SUMMARY

• Worked on Cisco Catalyst series 2900, 3560, 3750, 4500, 4900, 6500 switches and Cisco 1800, 2600, 3600, 7200, 7600 routers.
• Worked on Nexus platform 7K, 5K, and 3K series (5548, 5020 and 5010 models), 3000 and 3100 series, and Fabric Extenders FEX (2248 and 2232) and deployed VPC, VDC and OTV.
• Proficient hands on experience in configuration & troubleshooting of routing protocols and deployment of OSPF, EIGRP, BGP and Policy based routing on Cisco Routers.
• Experience in implementing, maintaining and troubleshooting L2 switching protocols such as VLANs, VTP, VLAN Trunking using ISL and 802.1Q, STP, RSTP, PVST+, EtherChannel using LACP and PAgP, Inter - Vlan routing, CEF and DCEF.
• Implemented first hop redundancy with HSRP, VRRP, GLBP, Ether channel technology (LACP, PAgP).
• Configured and Implemented Cisco Identity Services Engine (ISE) with connectivity to Microsoft Active directory for Authentication including Certificate Based Authentication.
• Excellent Hands on experience with Cisco ISE and the Migration of Wireless and TACACs to ISE
• Expert understanding in implementing and configuring F5 Big-IP LTM-3900, and 6900 LOAD BALANCERS, maintained configuration of LTM and GTMs.
• Strong working experience on Cisco Security Products, Firewalls, ACS, Cisco ASA 5500X, Palo Alto 5000 Series and NGFW.
• Deployment of Cloud service including Jenkins and Nexus on Docker using Terraform.
• To achieve Continuous Delivery goal on high scalable environment, used Docker coupled with load-balancing tool Nginx.
• Virtualized the servers using Docker for the test environments and dev-environments needs, also configuration automation using Docker containers.
• Experience in creating DockerContainers leveraging existing Linux Containers and AMI's in addition to creating Docker Containers from scratch.
• Implementing firewall rules using Palo Alto panorama, Checkpoint smart dashboard, Provider- 1 and Cisco CSM.
• Provide ISE deployment services for migration of users from Cisco NAC to Cisco ISE platform for the following locations.
• Experience in configuration of Cisco Wireless LAN Controllers and Wireless Security PEAP/WPA, LEAP/WEP and various EAP over PEAP Protocols including EAP-TLS, EAP-TTLS, EAP-PEAP-MSCHAP, EAP GTC etc.
• Configured and installed Cisco ASA, FTD, Checkpoint and Palo Alto firewalls.
• Network Automation and scripting using Python Programming.
• Network Security: Knowledge of Firewalls - ASA, IPsec, IPS/IDS, & VPN.
• Cisco Routers, Cisco Switches, Cisco IOS, eBGP, iBGP, EIGRP (IPv6), OSPF v3, QoS, Layer 2, Layer 3, IPv4, IPv6, MPLS, RIP v2 and RIP ng, Advanced IP Addressing and Routing, Configuration of secure routing solutions, WLAN, LAN and WAN, DMVPN (Dynamic Multipoint VPN), Cisco StackWise, VSS (Virtual Switch Services).
• Proficient in using MS Visio for documentation.
• Understanding of physical and financial power generation as well as Retail business functions. Project management & communication skills.
• Excellent interpersonal skills Provide support in establishing and maintaining the procedures for the Networks.

TECHNICAL SKILLS

Protocols & Standards: LAN, WAN, VPN, IPSec / ISAKMP, IKE, VRF, VDC, TCP/IP, NAT, PAT, MPLS, IPv4, L2TP, OSPF, EIGRP, BGP, VLANs, ACLs, Layer 3, Switching, HSRP, GLBP, VRRPCisco Platforms: CISCO Firepower (2130) ASA (5505, 5515, 5525, 5585) Nexus 9K, 5K, 2K & 1K, Cisco routers (ASR 1001, 3600,2800, 2600, 2500, 1800 series) &Cisco Catalyst switches (6500,3750, 3500, 4500, 2900 series).

Load Balancers: F5 Networks (Big-IP)

Network Tools: CA, Spectrum, Nagios, Solar winds, SNMP, Wireshark.

WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines, DS3.

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q

Operating System: Windows 10/7/XP, Windows Server 2008/2003.

Automation tools: Python, Ansible, bash scripting

Cloud Platforms: Azure, AWS, and GCP

PROFESSIONAL EXPERIENCE

Confidential, WA

Sr. Network Engineer

Responsibilities:

• Plan, document, and participate in complex maintenance windows tasks for significant configuration changes to the network. Planning, designing and configuration of various Cisco ISE & Forescout NAC deployment strategies (Standalone, Distributed Setups) and rollout to production environment.
• Responsible for VMware environment failure analysis and recovery
• Manage and lead VMware ESXi hardware and software migration and upgrade efforts of varying size and complexity.
• Convert physical servers p2v v2v to VMware virtual infrastructure using VMware converter.
• Designed, validated and implemented LAN, WLAN & amp; WAN solution to suit client’s needs.
• Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4507 switches.
• Designed and configured QoS and Access Lists for Nexus 9k,7K, and 5K.
• Citrix NetScaler Load balancer, Amazon web services, Version One, Agile Scrum, EM7
• Deploying ISE Wired and Wireless Authentication, Authorization and Accounting.
• Worked with Routing and Switching technologies in Cisco platform (intermediate).
• Skilled in using network protocol analyzers - Adtech, Spirent, Fireberd, Agilent, Sniffer and Ethereal Installed and maintained all LAN hardware and software, including servers, peripherals, network devices.
• Modify pilot ISE environment for production scaling and performance.
• Worked on network incident tickets using Service Now. Joined conference bridge and worked together with different teams to resolve high severity incidents.
• Experience in writing playbooks for Ansible and cookbooks for Chef.
• Using Ansible inventories to define groups of hosts Exceptional Customer Service
• Creating Ansible playbooks to configure systems to a specified state
• Managed and troubleshoot NET Cloud, Cradle Point and Aruba access points wireless devices on Citrix and Airwave. Aruba VPN, customer public and private wireless networks. Aruba mobility and Clearpass training.
• Aruba wireless solution for international company. Virtual Controllers', Clustered AP's Access points, Airwave management.
• Containerized all the Ticketing related applications- Spring Boot Java and Node.Js applications using Docker.
• Installing all required packages for ONOS by using kubernetes, ansible and docker.
• Created Jenkins pipelines for various projects such as terraform, AMI builds, and code deployment.
• Building/Maintaining Docker container clusters managed by Kubernetes Linux, Bash, GIT, Docker, on GCP (Google Cloud Platform). Utilized Kubernetes and Docker for the runtime environment of the CI/CD system to build, test deploy.
• Provide Network Services support to software development projects as part of implementation and support team activities.
• Expertise in Cloud Infrastructure Automation which includes Amazon Web Services (AWS), OpenStack, Ansible, Puppet, Maven, Jenkins, Chef, SVN, GitHub, WebLogic, Tomcat, JBoss, and LINUX etc.
• Working with leading cloud providers like AWS, Azure, IBM Softlayer to align solutions as per RFPs, RFI.
• Implemented AWS solutions using EC2, S3, RDS, Dynamo DB, Route53, EBS, Elastic Load Balancer and Auto scaling groups.
• Integrating Panorama with Palo Alto Firewalls, managing multiple Palo Alto Firewall using Panorama. Provides updates and upgrades to the Palo Alto Firewall and Panorama devices.
• Involved in upgrade of Panorama to version 8.1.1.
• Configure and implement security solutions for various clients as per their requirements in Checkpoint R77, R75, R65, Provider-1, Palo Alto firewalls, Panorama, Cisco ASA firewalls, ASDM and in CSM.
• Areas of expertise include HP enterprise Proliant Servers, Storage and SAN Solutions, HPE 3PAR, HPE Store Once, HPE Blade Systems and synergy Systems, HPE Tape library Systems.
• Executing RADIUS pre-deployment tasks like ISE setup, loading templates into Cisco Prime.
• Support the Corporate networks by monitoring all network systems and tools like Solarwinds used to aid detecting problems with the network.
• Provide project status updates and effectively escalate challenges to the appropriate resources.
• Facility monitoring and maintenance escalation to appropriate vendor.
• Replaced Campus Cisco 2960 and 3570 End of Life hardware with new 4507 and 9300 devices.
• Responsible for turning up BGP peering and customer sessions, as well as debugging BGP routing problems.
• Configured Cisco ISE for Wireless and Wired 802.1x Authentication on Cisco Wireless LAN
• Configuration and Integration of Cisco Identity Services Engine (ISE) 2.3
• Configured telecom CSU/DSU equipment with an understanding of DS3, OCx, T1, fractional T1, 56K, Frame Relay, MPLS, Cable modem and DSL technologies.
• Worked in routing protocols and bridging technologies, including but not limited to OSPF, BGP, static routing and redistribution of routing protocols, with knowledge of OSI model.
• Used Python script to schedule device configuration changes from network devices.
• Worked with various service protocols such as DNS, DHCP, SSH, SMTP and HTTP/HTTPS technologies.
• Good knowledge of network security monitoring and implementations using advanced ACLs, Palo Alto and Cisco ASA firewalls, network protocol analysis tools and capacity planning systems.
• Designed and configured Azure Virtual Networks, Azure network settings, DHCP address blocks, DNS settings, security policy and routing.
• Prepared PCI compliance reports for ACL’s implemented in the infrastructure for Audit purposes.
• Prepared risk reports with the use of network security management tools and excel sheets to protect the network from any vulnerability, tighten broader rules and get rid of high-risk rules from the firewalls.
• Worked with Network Security Policy management tools such as Tufin and Netbrain.

Confidential, Atlanta, Georgia

Network Engineer

Responsibilities:

• Handling OSI model, TCP/IP, Internet technologies, system security, firewall infrastructure, network architecture and Cisco network routing / switching (Layer 2 and 3), including LAN and WAN, design and implementation which includes Layer 1 to Layer 7 experience.
• Cisco Firewall ASA 5500 - X series configuration, implementation, maintenance
• Cisco Switch - Nexus 7k,6k,5k and 2k. and Catalyst 4500, 3700, 3500, 4900 and 6500 - configuration, implementation, maintenance
• Cisco VPN configuration, implementation, maintenance Cisco Meraki Wireless and ACS configuration, implementation, maintenance Remote access maintenance and configuration. IP Camera and Server configuration, implementation, maintenance
• Monitoring Systems: WhatsUp gold, Netscout and others Network Device/Warehouse Inventory Management Internet connectivity configuration, implementation, maintenance. UNIX scripting and log maintenance. Provide 24-hour on-call support, including evenings and weekends.
• Building/Maintaining Docker container clusters managed by Kubernetes Linux, Bash, GIT, Docker, on GCP.
• TCP/IP protocol analysis. VoIP protocol configuration and analysis. Network monitoring tools maintenance and configuration.
• Diagnose problems and troubleshoot the entire Meraki product line, including wireless access points, security appliances, and switches. Primarily troubleshooting advanced problems with LANs, VLANs, VPNs, NAT devices, Wireless, and VoIP Deployments.
• Manage plan for better capacity planning for VMware environment during p2v conversions using solar winds VMware orchestra.
• Installed Windows Linux based virtual machines in VMware environment.
• Aruba Clear Pass authentication solution for guest and corporate connectivity internationally Dot1q.
• TACACS authentication and RADIUS authentication Aruba / Cisco ACS.
• Creating and using Ansible templates to create customized configuration files for hosts Technical Support .
• Creating Ansible roles Using Ansible Vault in playbooks to protect sensitive data Administrative Support.
• Experience in working with configuration management tools like Puppet, Chef and Ansible
• Experience on IntegratingAWSs into various tools like AWS, Ansible, Chef, Puppet, Bamboo, Vagrant, Jenkins and VMware Containers.
• Automated various infrastructure activities like Continuous Deployment, Application Server setup, Stack monitoring using Ansible playbooks and has Integrated Ansible with Rundeck and Jenkins.
• Experience in working with checkpoint, Palo Alto Next-generation firewall, Cisco ASA and Panorama M-100.
• Palo Alto Firewall 3020, 5520, Panorama, troubleshooting, resolving difficult issues MTU, rules.
• Diagnose and troubleshoot wireless, security, switching, and other various network •related issues reported by Cisco Meraki customers and partners.
• Collaborate with other Support Team members to fix network outages, misconfigurations, and complex networking issues of customers’ devices.
• Build a routing for user traffic Infrastructure Migrations using Azure Traffic Manager and worked with the migration of all legacy services to a fully virtualized infrastructure.
• Routing/WAN: EIGRP, OSPF, RIP, BGP, route redistribution, IP Routing, HDLC, PPP, VoIP. Switching: Vlan, VTP, STP, Ether channel, HSRP, VRRP, GLBP
• Created Customized AMIs based on existing AWS EC2 instances by using create image functionality, hence using this snapshot for disaster recovery.
• Worked with terraform to create AWS components like EC2, IAM, VPC, ELB, Security groups and Used S3 for terraform state management
• Configured RDS instances using Cloud formations and terraform.
• Created AWS Launch configurations based on Customized AMI and used this launch configuration to configure auto scaling groups and created AWS Route53 to route traffic between different regions.
• Built servers using AWS, importing volumes, launching EC2, RDS, Creating security groups, auto-scaling, load balancers (ELBs) in the defined virtual private connection.
• MACD (Moves, adds changes) of Cisco IP phone extensions & IP Telephony features and services. Providing advance support for Cisco UC products, detailed RTMT trace log debugging and complex dial-plan troubleshooting.
• Configuration and administration of Cisco ASA 5525/45-X, Juniper SRX 240/1400, Cisco 3945 routers, Cisco 3750 switches
• Strong experience in Network security using ASA Firewall, Checkpoint, Palo Alto, Cisco IDS/IPS and IPSEC/SSL VPN. Work with process teams to test and refine network configurations.
• Work with technical and business analysts within the organization to define and build required network profiles.
• Independently develop appropriate solutions to network / application related issues.
• Ensure change control procedures are followed.

Confidential

Network Engineer

Responsibilities:

• Regularly interact with management, technical support, development support and Client Support.
• Work with client community to understand business processes in order to determine network requirements.
• Installed, Configured, and maintained 2600, 3600, 7613 Cisco Routers and 3750, 4500 and 6500 series Cisco Switches. Performed VSS on cisco catalyst 6500 series switches.
• Configured and maintained IPSEC and SSL VPN on Palo Alto Firewalls.
• Maintained TACACS+ and RADIUS servers for AAA authentication and user authentication.
• Configured and managed Cisco access layer routers and switches & carried out route redistribution & manipulated route updates using distribute lists, route-maps & administrative distance, and offset-lists. Configured routing protocols like EIGRP, OSPF & BGP and troubleshooting layer3 issues.
• Migrated and implemented new solutions with Cisco ASA Firewall series 5505, 5510, 5512-X.
• Supported the decommission process for each end of life device once all traffic was migrated to the Bluecoat standard.
• Data center design, management and migration planning with different technologies.
• Learned and Tested various BGP attributes like local preference, MED, Weight and replicated customer issues in the testing environment lab.
• Configured PVSTP+ for loop prevention and VTP for Inter-VLAN Routing.
• Technologies, Cisco, Juniper, Palo Alto 5520, Panorama, Nexus, Riverbed.
• Palo Alto firewall 3020 and Panorama troubleshooting.
• Worked on deployment automation of all the micro services to pull image from the private docker registry and deploy to docker swarm cluster using Ansible.
• Operating monitoring computer and peripheral equipment and VMware ESX server performance.
• Provide technical refresh on VMware ESXi servers update the existing VMware servers.
• Creating Ansible Playbooks, to Deploy VM and install the Components as per requirements.
• Deploy Openstack environments through automated tools, Ansible / custom pipeline.
• Experience with puppet, chef and ansible.
• Fortinet Firewall Appliances, Access Points, Aruba Wireless, Cisco Wireless and unified communications, Cisco ASA and PIX Firewalls Checkpoint, and Palo Alto firewalls.
• Implemented port aggregation & link negotiation using LACP and PAGP.
• Involved in design, implementation and configuration of HSRP for load balancing on L3 switches on different location of office on the switched network.
• Involved in provisioning AWS S3 buckets for backup of the application and sync this contents with remaining S3 backups, by creating entry for AWS S3 SYNC in Crontab.
• Converted existing AWS infrastructure to Serverless architecture (AWS Lambda, Kinesis), deployed via Terraform and AWS CloudFormation.
• Installing and configuring Terraform and building the infrastructure using terraform configuration file.
• Built Jenkins jobs to create AWS infrastructure from GitHub repos containing terraform code.
• Added support for Amazon AWS to host static/media files and the database into Amazon Cloud.
• Configured and deployed BIG-IP LTM 6900 for providing application redundancy and load balancing.
• Configured Client VPN technologies including Cisco’s VPN client via IPSEC.
• Troubleshoot issues and outages on Trunks and Router interfaces and firewalls extensively.
• Involved in operations and administration of WAN consisting Ethernet Handoffs, T1, DS3, and Optic Fiber Handoffs.
• Provided technical assistance for LAN/WAN management & troubleshooting and complex customer issues using Network monitoring tools such as Solar winds.