SUMMARY

• Network Engineer around 8+ Years of experience in networking, security, installing, configuring, and maintaining network devices.
• Good understanding of networking concepts such as TCP/IP protocols, VLANs, IP address management and network security.
• Experience in Cisco Routing, Switching and Security with strong Cisco hardware/software experiences with Cisco Routers such as 1900, 2900, 3900, Cisco ASR - 1k/9k, Cisco Multilayer Switches 4500, 6500, Cisco Nexus 2k/5k/7k/9k.
• Strong understanding of current and future technologies including TCP/IP, IPv4/v6, RIP, EIGRP, OSPF, BGP, Frame Relay, ACL, VPN, Wireless LAN, and configuration of VLANs.
• Expertise in Configuration of VLANs, using Cisco Multilayer switches and supporting STP, RSTP, PVST, RPVST along with troubleshooting of Inter-VLAN routing and VLAN Trunking using 802.1Q.
• Experienced in Palo Alto Firewalls, Juniper Firewalls, Check point firewalls, Fortinet Firewalls, Cisco WSA/CWS, Cisco ASA, SSL VPN, Cisco Nexus, Cisco ACS, Cisco ISE and IPS.
• Hands on with Blue Coat URL filtering with white listing and blacklisting URL, creating rules for content filtering.
• Configure and implement Network Infrastructure monitoring, alerting, backups, and system management solutions built on Linux Firewall and ACL security implementations.
• Created Route maps on F5 BIG-IP GTM to link various VIPs from different F5 BIG-IP LTM to GTM.
• Administrated a network using Network Access Control List (NAC) to enhance security of the LAN network.
• Expertise in Endpoint Security Antivirus with SEPM (Symantec Endpoint Manager).
• Expertise in URL filtering with Forcepoint, Email and web security with Cisco IronPort.
• Proficient in using firewall technologies including general configuration, security policy, rules creation and modification of Cisco ASA, Juniper SRX and Check point.
• Experience with Cisco IOS, cat OS, Cisco IOS XR and JUNOS.
• Proficiently implemented traffic filters using Standard and Extended Access-lists, Distribution lists, Route-maps and Route Manipulation using offset-list.
• Create PowerShell runbooks in Azure Automation.
• Expertise in IP Sub netting and worked on various designing and allocating various classes of IP address to the domain.
• Expertise knowledge in scripting (Perl/Bash/Python), VMware, ticketing tools like ServiceNow, Remedy and network security including NAT/PAT, ACL, VPN and IPSEC on DMVPN.
• Extensively worked on Cisco catalyst 6509 and implemented VSS along with VDC and VPC on Nexus 5505, 7009 switches.
• Experience in configuring and troubleshooting NetScaler, BIG-IP F5 load balancer LTM.
• Managed the fire sight devices along with security tools like Symantec, MacAfee.
• In-depth understanding of UDP and TCP protocols.
• Used python, PowerShell programming and language to develop an efficient and working network in the company.
• Designing, Develop and Execute Test-Cases using C# and python.
• Worked on Load balancer F5 LTM, Citrix NetScaler, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Performed review of all AWS resources for open security group ports on ELB, EC2, and RDS resources as well as open S3 bucket policy rules locking down all resources with least security permission required
• Established relationships and network connectivity with vendors via site to site VPN.
• In-depth knowledge in Tier-2 ISP Routing policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, Firewalls.
• Adept in handling network monitoring tools such as Wireshark, NetFlow, SNMP and SYSLOG.
• Highly motivated with the ability to work independently or as an integral part of a team and committed to highest levels of profession.

TECHNICAL SKILLS

Cisco Routers: 1600, 1700, 1800, 1900, 2600, 2800, 2900, 3600, 3800, 4300, 4400, 7200, 7600

Routing Protocols: OSPF, BGP, EIGRP, RIP, IS-IS, MPLS PBR, Static Routing, Route Filtering and Redistribution.

Nexus Switches: 7702, 7010, 5020, 5548, 5596T, 2148, 2348.

Cisco Switches: 2920, 2960, 3550, 3560, 3650, 3750, 4500, 4948, 4507, 6500.

Switching Protocols: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-layer switch, Ether Channels.

Juniper: EX-2200, EX-4200, EX-4500, EX-8200, MX-480, M Series, SRX210, SRX220, SRX240, SRX3600/650, SRX5800 Juniper Net screen, IDP Technologies, Junos IOS.

Multicast Protocols: IGMP v2/v3, CGMP, PIM-Sparse and Dense Mode, DHCP, FTP, TFTP.

LAN Technologies: Ethernet, Fast & Gigabit Ethernet, SMTP, VLAN, VTP, STP/RSTP, Cisco Prime.

WAN Technologies: Channelized links (T1/DS3/OC3/OC12), Fiber Optic Circuits, Frame Relay, DSL, ISDN.

Network Security: Cisco ASA, ACL, IPSEC-VPN.

Gateway Load Balancing: HSRP, VRRP, GLBP, EBGP.

Various Features / Services: IOS and Features, IRDP, NAT, SNMP, VM Ware, AWS, NTP, VoIP, DDoS, L4.

Load Balancers: Cisco CSM, F5 Networks (BIG-IP) LTM 8900, BIG-IP GTM 6800, Cisco ACE 4710.

Network Management: SolarWinds, Wireshark, SNMP, Putty, Proteus, GNS3, Cisco Packet Tracer, Cisco Prime.

Language Skills: C, Bash Scripting, Python.

Operating Systems: Windows XP/7/8, Windows Server 2003/2008, Mac OC X and Linux.

Firewall & Security: Palo Alto, Check point (R62, R65, R70, NGX).

PROFESSIONAL EXPERIENCE

Confidential, San Francisco, CA

Network Engineer

Responsibilities:

• Configured & Deployed Cisco ASA firewalls, Next-Gen Firepower Threat Defence (FTD), Firepower Chassis Manager (FCM), Firepower Management Center (FMC), Cisco Security Manager.
• Experience with designing and managing SDN and hybrid networks, designed an SDN overlay network and enabled traffic manipulation by push of a button using RYU controller and REST APIs .
• Developed RYU load balancer application in an SDN environment to serve requests in round robin manner.
• Developed applications in RYU to perform DNS blacklist , SDN traceroute and unicast DHCP .
• Design expertise for the SD-WAN (Versa & Viptela) , SD-LAN and WAN optimization technologies for efficient delivery of the application data across LAN and WAN.
• Hands-on experience in configuring Viptela devices and creating device and feature templates on vManage required for SD-WAN implementation.
• Installation, configuration, and troubleshooting Citrix NetScaler devices, Citrix Access Gateway, Storefront, Controllers and Windows Operating systems.
• Design and implement Cisco ACI in datacenters, create a strategy that allows use of containers, cloud orchestration tools for end users and developers.
• Built a VPC, established the site-to- site VPN connection between Data Center and AWS.
• Worked on Nexus 5k, 7k & 9k switches and log into routers and switches to manage configuration changes.
• Good Knowledge and experience working with AVI command line interface (CLI) and Traffic Management Shell (TMSH).
• Experience in troubleshooting network issues including boundary protection devices and Bluecoat Proxy Servers.
• Worked on end to end project for the Inbound & Outbound DMZ firewalls migration from Cisco ASA to Cisco Firepower Next-gen firewalls.
• Configured Juniper MX480 s, EX8200 s, EX4500 s, EX4200 s, and SRX5800 s from scratch to match design.
• Configured and maintained high availability Check point (maestro)firewalls in a Provider-1 environment.
• Configured Static , BGP , EIGRP , and OSPF Routing Protocols on Cisco 3600 , 4300 , 4400, ISR series Routers.
• Worked on implementation of load balancer configuration and VPN using the Citrix NetScaler.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewalls and centralized GUI Panorama.
• Created ACI EPGs (End Point Groups) contract policies, VRFs and bridge domains for tenants.
• Configure various LAN switches such as Cisco 4948,4510,4507,3650, 2920 switches for VLAN , Fast Ether Channel configuration.
• Experience in working with Nexus 7010, 5020, 2148, 2248 devices.
• Worked with internal/external customers & application teams for the firewall access issues & Troubleshooting using Splunk, FMC, packet capture, packet tracer & TCP dump.
• Deployed Cisco Firepower Threat Defence FTD (2100,4100&9300) along with Intrusion prevention system (IPS), logging features in Firepower management center (4500).
• Experience in using Cisco Migration Tool to import & export, Access Control Policies & NAT’s.
• Experience in using IP Control & Infoblox for DNS, DHCP & IP addresses management.
• Experience in Access-lists, NAT’s, Platform settings, device configurations, manage HA Pairs and troubleshoot the alerts generated by FMC.
• Configured Infoblox failover using Infoblox DHCP that is based upon ISC DHCP modes on AVI management system .
• Experience in performing URL filtering and content filtering by adding URL’s in Bluecoat Proxy SG’s.
• Install and manage Cisco ASA firewall , ASR routers as part of new circuit deployment.
• Primary responsibilities include but not limited to design, implementation and troubleshooting of all LAN/WAN solutions offered by LAN/WAN Professional.
• Perform troubleshooting and monitoring of the Linux server on AWS using Zabbix, Nagios and Splunk.
• Implemented virtual firewalls (VSX) and cluster on different check point maestro environments.
• Management and Administration of AWS Services, CLI, EC2, VPC, S3, ELB Glacier, Route 53, CloudTrail, IAM, and Trusted Advisor services.
• Included security groups, network ACLs, Internet Gateways, and Elastic IP's to ensure a safe area for organization in AWS public cloud.
• Involved in migration from Frame-Relay/ATM network to MPLS-based VPN for customer’s WAN infrastructure.
• Configured EBGP load balancing and ensured stability of BGP peering interfaces.
• Configured and resolved various OSPF issues in an OSPF multi area environment.
• Troubleshoot latency and throughput issues on MPLS and Dedicated Internet Access circuits.
• Involved in Cisco IOS XR code up gradation.
• Configuring BGP, OSPF and Static routing on Cisco Routers.
• Responsible for procurement and installation of Hardware, network drives and other IT infrastructure. Documented the design, implementation and troubleshooting procedures with Method of Procedure (MOPS).
• Deployment of Palo Alto firewall into the network. Configured the Access List Policies on protocol-based services.
• Experience in working at Data Center. Built HA pair for the Firepower Management Center between the two Data Centers for the disaster recovery.
• Configured RADIUS for the external authentication to the devices.
• Played a key role in building the remote data center for disaster recovery solutions.

Environment: Cisco 3650/2920/4510/4948/4507 switches, Cisco 1921/891F/ 3600/4300/4400 series routers, Nexus 5k, 7k & 9k switches, Next-Gen Firepower Threat Defence (FTD), Firepower Chassis Manager (FCM), Firepower Management Center (FMC), EIGRP, RIP, OSPF, BGP, VPN, and Ether Channels, Palo Alto firewall, MPLS-based VPN, Juniper MX480s, EX8200s, EX4500s, EX4200s, and SRX5800s devices.

Confidential, Philadelphia, PA

Network Security Engineer

Responsibilities:

• Configuring Static , BGP , EIGRP , and OSPF Routing Protocols on Cisco 1800, 2800, 3600, 4300 series Routers.
• Manage Cisco and Juniper Firewall access lists, address translation, and Site to Site IPSec and remote connection VPN's.
• Extensive knowledge of basic networking hardware (routers, switches, bridges) and protocols (UDP, TCP/IP)
• Configuring ACL to allow only authorized users to access the servers on Cisco routers.
• Actively participate in implementations, migrations, 24x7 supports on all turnkey projects to all levels of hosting, operations, service level delivery and support.
• Create separate test cases for the SourceFire product and OpenSource Snort for manual as well as automated testing.
• Collaborate with application owners to define dependencies, map dependencies for better application workflow within ACI or public cloud use.
• Built a VPC, established the site-to- site VPN connection between Data Center and AWS .
• Validation, configuration, turn up and testing to ensure a successful handover to the support teams for all technical aspects related to the delivery of the clients managed hosting network solution.
• Review of technical details prior to implementation to ensure accuracy and preserve the integrity of the Century link networks.
• Responsible for implementing, designing, configuration and providing Cisco ISE security solutions for multiple enterprise customers.
• Maintain BIG IP F5 configuration for modules LTM, ASM, APM and future GTM.
• Integrated Active Directory/LDAP with Palo Alto Next Generation Firewalls . Integrated LDAP with Palo Alto rule base and Global Protect Client VPNs.
• Create packet captures and snort rules to test SourceFire sensor operation and verification of traffic.
• Design and installation Palo Alto (Application and URL filtering, Threat Prevention, Data Filtering).
• Configuring BGP, OSPF and Static routing on Cisco Routers.
• Responsible for Cisco ASA firewall administration across our Organizational networks.
• Design, Implement & troubleshooting of Juniper switches, routers, and Firewalls EX-2200 , EX-4200 , EX-4500 , MX-480 , M Series , SRX210 , SRX240 , SRX 3600/650 .
• Responsible to move configurations from existing infrastructure to new routers and switches. Troubleshooting customer circuits having dynamic protocols configured such as BGP .
• Experience working on Juniper based MX series router, SRX 220 firewall.
• Configuration of Network and Security devices such as Cisco routers and switches ( Cisco 7600/3500/Nexus 7K/5K ) Firewall ( Check point R75 and Cisco FWSM ), Load Balancers and DNS and IP Manager .
• Configure various LAN switches such as CISCO CAT 2900 , 3550 , 4500 , 6509 switches and Access layer switches such as Cisco 4510 , 4948 , 4507 switches for VLAN , Fast Ether Channel configuration.
• Configured EBGP load balancing and ensured stability of BGP peering interfaces.
• Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
• Performed the ACL request changes for various clients by collecting source and destination information from them.
• Troubleshoot the through constant AVI load balancer contact with the vendor.
• Mapped, Network Diagrams and physical identification in MS Visio .
• Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.
• Configured Cisco 2800 , 3800 routers and 3750 , 4500 , 6500 switches as part of the implementation plan.
• Configuring, managing, and troubleshooting networks using routing protocols like RIP, EIGRP and OSPF (Single Area and Multi Area).
• Assisted with troubleshooting all network issues with routers and switches when necessary and consulted with on call tech as needed for client.

Environment: Cisco 2800/3550/4300 switches, Cisco 1800/2800/3600/4300 routers, Cisco ASA Firewall, EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240, SRX 3600/650 devices, Palo Alto firewall, F5 load balancer, AVI load balancer, ACL, EIGRP, RIP, OSPF, BGP, VPN, and Ether Channels.

Confidential, Kansas City, MO

Jr. Network Engineer

Responsibilities:

• Involved in Configuring and troubleshooting layer-3 routing protocols like OSPF & BGP .
• Setting up Voice VLANS and configuring ISL trunk on Fast-Ethernet channel between Switches.
• Configured OSPF and BGP on Cisco 3850 and Aruba 3810 switches.
• Providing gateway redundancy using HSRP & creating ACL for layer-3 security.
• Involved in the migration of Cisco 3650 series switches to series switches.
• Configured layer-3 and Layer-2 switches for Voice Migration .
• Configured routing policy for BGP . Switching related tasks included implementing VLAN s.
• Hands on experience on NAT (Network address translation) configurations and it’s analysis on troubleshooting issues related access lists (ACL).
• Working with Cisco Nexus 2248 Fabric Extender and Nexus 5500 series to provide a Flexible Access Solution for data center access architecture.
• Configure network devices F5 load balancing for GTM/LTM traffic monitoring. Add/modify/delete VIPS/WIPS.
• Troubleshooting of protocol-based policies on Palo Alto firewalls and changing the policies as per the requirement and as per traffic flow.
• Professional level of familiarity implementing and troubleshooting JUNOS and NETSCREEN based Juniper firewalls (SRX, ISG).
• Configured VLAN s on a switch for Inter-VLAN communication. Configured VLAN Trucking Protocol (VTP) on Core Switches. Configured various LAN switches such as CISCO CAT 2900 , 3550 , 4500 , 6509 switches for VTP Domain , VLAN , Trucking , Fast Ether Channel configuration.
• Configured uplinks and establish OSPF neighborship with the Cisco Router 4331 for the Voice purpose.
• Good experience in performing SRST testing to make sure service interruption mode on the network.
• Good knowledge in configuration of Voice VLAN's (VOIP) , prioritizing the voice traffic over the data traffic.
• Configuring ACL to allow only authorized users to access the servers on Check point firewalls .
• Configured ACL on layer-3 and layer-2 switches for SRST testing .
• Network monitoring and troubleshooting network related issues.
• Assisted in Installing and configuring new Cisco equipment including Cisco catalyst switches 3850 , 3750 and 4500 as per the requirement of the organization
• Design and configuring of OSPF , BGP on Cisco Routers.
• Documented all the work done by using Visio, Excel & MS word.
• Configuration of Cisco 4500 with OSPF and catalyst 3850 , 3550 switches with various VLAN.

Environment: Cisco 2900/3550/3850/4500/6509 switches, Cisco ASA Firewall, VTP, HSRP, EIGRP, RIP, OSPF, BGP, VPN, and Ether Channels, Check point Firewall, SRST Testing.

Confidential

Network Engineer

Responsibilities:

• Configuring Static , IGRP , EIGRP , and OSPF Routing Protocols on Cisco 1600 , 2600 , 2800 , 3600 , 7300 series Routers.
• Manage Cisco and Juniper Firewall access lists, address translation, and Site to Site IPSec and remote connection VPN's.
• Deployed on Nexus 7000 , 5000 and 2000 series with V-Block servers and Cisco UCS E-series .
• Experience in working with Cisco Nexus 2148 Fabric Extender and Nexus 7010, 5000 series to provide a Flexible Access Solution for data centre access architecture.
• Helped in design and installation of test network environment of over 300 servers running in parallel of production data center.
• Collecting data on Attacks to help SOC engineers create reports for auditing purposes.
• Deployment of Palo Alto firewall into the network. Configured the Access List Policies on protocol-based services.
• Working with the NOC Management team on Projects and be assigned tasks/goals specific to improvements within the Global NOC organization.
• Experience in configuring, upgrading, and verifying the NX-OS .
• Configuring RIP , OSPF and Static routing on Juniper Routers .
• My responsibilities include Monitoring and Configuration of Cisco ASA 55xx series firewalls.
• Design, Implement & troubleshooting of Juniper switches, routers, and Firewalls EX-2200 , EX-4200 , EX-4500 , MX-480 , M Series , SRX210 , SRX240 , SRX 3600/650 .
• Configuration of Nexus 7010 including NX-OS Virtual Port Channels , Nexus port profiles, Nexus Version 4.2 and 5.0 , Nexus VPC peer links.
• Have experience in Install and monitor application traffic using Network protocol monitoring tools such as NTOP and Wire shark .
• Experience working on Juniper based MX series router , SRX 220 firewall .
• Migrated VIP s from old Cisco ACE and CSM to F5 Load balancers .
• Sound knowledge of data communication wiring ( CAT5 / 5E / 6A and Fiber optics ).
• Configured Easy VPN server and SSL VPN to facilitate various employees’ access internal servers and resources with access restrictions.
• Configure various LAN switches such as CISCO CAT 2900 , 3550 , 4500 , 6509 switches and Access layer switches such as Cisco 4510 , 4948 , 4507 switches for VLAN, Fast Ether Channel configuration. onfigured EBGP load balancing and ensured stability of BGP peering interfaces.
• Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
• Designed and implemented DMZ for Web servers , Mail servers & FTP Servers using Cisco ASA5500 Firewalls .
• Worked extensively on Cisco ASA 5500 ( 5510/5540 ) Series, experience with convert PIX rules over to the Cisco ASA solution.
• Mapped, Network Diagrams and physical identification in MS Visio .
• Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.
• Configured Cisco 2800 , 3800 routers and 3750 , 4500 , 6500 switches as part of the implementation plan.

Environment: Cisco 2800/2900/3550/3750/4500/5500/6500 switches, Cisco 1600/2600/2800/3600/7300 routers, Juniper EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX210, SRX240, SRX 3600/6500, Cisco ASA Firewall, Nexus 7000, 5000 and 2000 switches, EIGRP, RIP, OSPF, BGP, VPN, and Ether Channels, Palo Alto firewall.