SUMMARY

• Experience with routers, switches, and all network - related equipment. Cisco, Nokia, Juniper, Nexus.
• Continuously worked with end to end call flows for deploying network services.
• Extensive working knowledge of 3G and 4G calls flows.
• Worked on 3G, 3GPP, 4G standards. Worked with Test NG, Clear Quest, JMeter/Load Runner
• Excellent Knowledge with 3G Confidential SON MASTER System & features activation R15/R16 (ANR/MLB/PSC/CCO).
• Experience working in large-scale environments on L1/L2 troubleshooting, Network Design, IDF and MDF architecture, Datacenter Architecture, Spine Leaf Architecture, and support roles, IOS upgrades, downtime procedures, Migration projects to different vendor equipment.
• Design expertise for the SD-WAN (Versa & Viptela), SD-LAN and WAN optimization technologies for efficient delivery of the application data across LAN and WAN.
• Experienced in managing and troubleshooting of SDWAN infrastructure. (Versa SDWAN).
• Hands on experience on Backup and restore Azure services and in Design and configure Azure Virtual Networks (VNets), subnets, Azure network settings, DHCP address blocks, DNS settings, security policies and routing. Azure cloud services, Blob storage, Active directory, Azure Service Bus, Cosmos DB.
• Hands-on experience in inter-connectivity architecture for IMS platforms and LTE mobile/wireless elements.
• Expertise in Azure Scalability and Azure Availability - Build VMs availability sets using the Azure portal to provide resiliency for IaaS based solution and Virtual Machine Scale Sets (VMSS) using Azure Resource Manager (ARM) to manage network traffic.

TECHNICAL SKILLS

• Network Configuration: Advanced switch/router configuration (Cisco IOS access list, Route redistribution/propagation).
• Routing Protocols: RIP, IGRP, EIGRP, OSPFv2, OSPFv3, IS - IS, BGP v4, MP-BGP
• WAN Protocols: HDLC, PPP
• Circuit-switched WAN: T1/E1 - T3/E3/OCX (Channelized, Fractional & full).
• Security Technologies: Cisco FWSM/PIX/ASDM, Palo Alto, Cisco ASA, Checkpoint, Blue Coat proxy server. Port Security, DHCP Snooping, IP Source Guard (IPSG).
• Cisco Routers: Cisco ISR-1000, ISR-4000, ASR-1000, ASR-9000, ASR-5500, Meraki vMX 100.
• Redundancy and management: HSRP, VRRP, GLBP, RPR, NSF/NSR, STP, Wireshark, SolarWinds, SNMP
• Physical interfaces: Fast Ethernet, Gigabit Ethernet, Serial, HSSI, Sonet (POS)
• Layer 2 technology: VLAN, VXLAN, HSRP, VRRP, GLBP, STP, RSTP, PVST+, MST, PVLAN, Optimizing STP (Port Fast, Uplink Fast, Backbone Fast, Root Guard, BPDU Guard)Layer 3 Switching: CEF, MLS, Ether channel (PAGP & LACP, Load Balancing)
• Switches: Aruba 3810, Catalyst 9400, 3850, 3650, 2960; Nexus 2k, 3k, 5k, 7k, 9k
• Load Balancers: F5 LTM, GTM, iRules
• Operating Systems: Confidential XP/Vista/7, Windows Servers 2003/2008, Windows MS-Office, Confidential project server 2013

PROFESSIONAL EXPERIENCE

Confidential, Chicago, IL Area

Sr Network Engineer

Responsibilities:

• Palo Alto design and installation (Application and URL filtering, SSL decryption, SSL Forward Proxy ). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls. Successfully installed PA-5000 series firewalls in Data Center as perimeter Firewalls.
• Responsible for interoperability between Confidential and 3G networks (idle mode mobility, CSFB, PS Handover, 3G-4G service-based redirection, etc.).
• Administering, managing, maintaining, and troubleshooting Cisco Firewall, Palo alto firewall, F5 Load balancer, SDWAN devices and network switches related issues.
• MLB and idle/mobility parameters tuning among different 4G bands as well as 3G/2G technologies.
• Performing area reports for 3G measurements performed, displaying coverage and quality of 3G network.
• Daily KPIs monitoring for 3G network and analyzing KPIs trends.
• Working on daily activities for optimization of the 3G top worst problematic cells.
• Migration of ASA firewalls to PA next-gen Firewalls using migration tool in PA. Migrated all IPSEC tunnels, ACL’s, NAT rules and policies.
• Extensively worked with 3G and 4G call flows.
• Experience working on Cisco ASR 9K, Nexus 7k, and 9K. Configured and designed OSPF, EIGRP, and BGP Confidential Distribution and Core layers. Configured OTV layer 2 connection between Data centers on Nexus.

Environment: Cisco Routers (4800, 3800, 3600, 2800, 2600, 2900, 1800, 1700, 800), switches (6500/3750/3550 3500/2950 ), F5 Load balancing (LTM, GTM, APM, AFM, ASM), EIGRP, RIP, OSPF, Aruba 3810, Voice Gateways, BGP, VPN, MPLS, Ether Channels, Cisco Catalyst Switches, Firewalls (Cisco ASA, Palo Alto), Cisco Voice (CCM, UCCE), Shell Scripting.

Confidential, Dallas, Texas

Sr Network Operations Engineer

Responsibilities:

• Worked as part of a delivery team where my daily tasks included code upgrades, prefix-list addition, and access-list addition using python script and on Linux platform based on tickets generated by customers.
• Worked on an Automation tool called Autopilot an internal tool used for code upgrades and configuring of new devices Confidential different data centers.
• Performed installation, commissioning, integration, and testing of Confidential & Confidential 's 4G/LTE network in the BAWA market, including all troubleshooting of ALU's 4G equipment working in tandem w/ antenna crews to troubleshoot and resolve any RF issues related to the 4G network provide support and to other technicians on all 4G equipment
• Worked on the BGP routing protocol, configuring BGP sessions and troubleshooting on Nexus 1K, 5K, 7K, Juniper MX-960 routers, and cisco ASR routers.
• Installed and maintained production servers for client services (web, DNS, DHCP, mail). Experienced working with Palo Alto Next-Generation firewall with security, networking, and management features such as URL filtering, Anti-virus, IPsec VPN, SSL VPN, IPS, Log Management, etc.
• Coordinated with the Application Teams to develop effective Application validations involving F5 LTM and GTM components
• Managed Solarwinds to work with various network equipment to monitor, alert, and save network configurations
• Worked with the Network planning team on the IP allocation scheme for the routers, switches, workstations, phones, APs, and various other devices. Used Infoblox, Net MRI, Solarwinds IP monitor, and various tools.
• Designed and Implemented Overlay Network Management Network to manage all our production devices with Syslog, Solarwinds NPM
• Designed perimeter security policy, Implemented Firewall ACL's, allowed access to specified services, Configured Client VPN technologies including Cisco's VPN client via IPSEC
• Installed and configured LAN/WAN Networks, Hardware, Software, and Telecommunication services- Cisco Routers and Switches like Cisco 3750, 3750 Gig, 6500, Nexus 7k, ASR 9k, etc.
• Helping Team members to build a new cloud platform for an existing legacy application using Azure technologies. Part of Designing the new architecture.
• Experienced in migrating on-premises applications to Azure and configured VNETs and subnets as per the project requirement also performed PowerShell scripting to do Patching, Imaging, and Deployments in Azure.
• Gained Knowledge of Azure Site Recovery and Azure Backup.
• Installed and Configured the Azure Backup agent and virtual machine backup, Enabled Azure Virtual machine backup from the Vault and configured the Azure Site Recovery (ASR).
• Worked on migration project - XenApp 4.5 to XenApp 6.5 - Server 2003 (Legacy) to 2008 R2 (Gen 2) environment.
• Experience in Cisco Unified Communication Manager (CUCM), Call Manager Express (CME), Cisco Unity Connection (CUC), Unified Contact Center Express (UCCX), Unified Contact Center Enterprise (UCCE), IM and Presence, SRST, and Voice Gateways.
• Managed Cisco call manager, Cisco Voice Mail Unity servers. Worked within Cisco Routing and switching background w/QoS.
• Worked with Cisco UCCE, IPIVR, Cisco Unified Communication System.
• Configure and implement voice gateways (H323/MGCP/SIP), SRST for remote sites Developed MTS software plug-in for Multimedia over Coax Alliance (MoCA) configuration capability on DOCSIS cable modem and gateway products.

Environment: Routers (Nexus 1K, 5K,7K, Juniper MX-960), switches (6500/3750/3550 3500/2950 ), F5 Load balancing (LTM, GTM, APM, AFM, ASM), EIGRP, RIP, OSPF, BGP, VPN, Unified Contact Center Enterprise (UCCE), MPLS, Cisco Catalyst Switches, Firewalls (Cisco ASA, Palo Alto), Cisco Voice (CCM, UCCE, UCCX), Citrix.

Confidential, Palo Alto, California

Network Security Engineer

Responsibilities:

• Implementing security solutions using Palo Alto PA-5000/3000, Cisco 5580/5540/5520 , Checkpoint firewalls R70, R75, R77.20 Gaia, and Provider-1/MDM.
• Configuration and administration of firewalls, which include Checkpoint, Juniper, and Cisco ASA firewalls.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for tasteful replication of traffic between active and standby members.
• Deploy, configure, and support Aruba wireless controller and AP devices globally, also a direct escalation path for all wireless issues.
• Enterprise and Public Safety Wireless LAN/WAN (802.11, Mesh).
• Researched, designed, and replaced Checkpoint firewall architecture with new next-generation Palo Alto PA3000 and PA5000 appliances serving as firewalls and URL and application inspection.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using Panorama.
• Successfully installed Palo Alto PA-3000/PA-5000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls and implemented Zone-Based Firewall and Security Rules on the Palo Alto Firewall.
• Exposure to wildfire feature of Palo Alto.
• Administered Cisco AMP endpoint security infrastructure and monitor endpoints for threats.
• Exposure to design and implementation experience primarily on Cisco WSA proxy.
• Configuration and Maintenance of Cisco ASA 5580-20, ASA 5540, ASA 5520, ASA 5510 series firewalls.
• Configure the Syslog server in the network for capturing and logs from firewalls.

Environment: Cisco ASA 5580/5540/5520, Checkpoint R70, R75, R77.20 Gaia, Palo Alto PA-5000/3000, IEEE 802.11Big IP F5 LTM/GTM, Nexus switches, TCP/IP, VPN, Cisco WSA, Bluecoat Proxy servers, IDS/IPS. SIEM and Monitoring.

Confidential, Denver, Colorado

Network Engineer

Responsibilities:

• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include.
• Configured firewall logging, DMZs, related security policies, and monitoring.
• Creating private VLANs & preventing VLAN hopping attacks and mitigating spoofing with snooping & IP source guard.
• Installed and configured Cisco PIX 535 series firewall and configured remote access IPSEC VPN on the Cisco PIX Firewall.
• Enabled STP enhancements to speed up the network convergence that include Port-fast, Uplink-fast, and backbone-fast.
• Other responsibilities included documentation and change control.
• Responsible for Configuring SITE-TO-SITE VPN on Cisco routers between headquarters and branch locations.
• Implemented the security architecture for highly complex transport and application architectures addressing well. known vulnerabilities and using access control lists that would serve as their primary security on their core & failover firewalls.
• Installation & configuration of Cisco VPN concentrator 3060 for VPN tunnel with Cisco VPN hardware & software client and PIX firewall.
• Involved in troubleshooting of DNS, DHCP, and other IP conflict problems.
• Used various scanning and sniffing tools like Wire-shark.
• Hands-on experience working with security issues like applying ACLs, configuring NAT, and VPN.
• Troubleshoot problems on a day to day basis & provide solutions that would fix the problems within their Network.
• Part of Network Operation Center NOC offshore support team from India supporting HP Data Center 24x7. L2 support for Cisco PIX and ASA Firewalls.

Environment: Cisco 2600/2800 routers, Cisco ASA, TCP/IP, VLSM, AD, DNS, Switching/Routing.

Confidential

Network Operation Engineer

Responsibilities:

• Responsible for PIX 7.x/8.x & ASA 8.x Firewall migration and in place hardware upgrades and Troubleshooting, IOS Security Configurations, IPsec VPN Implementation and Troubleshooting, DMZ Implementation and Troubleshooting.
• Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation.
• As part of the Security and network operations team I was actively involved in the LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
• VLAN implementation, Spanning Tree Implementation, and support using PVST, R-PVST, and MSTP to avoid loops in the network. Trunking and port-channel creation.

Environment: PIX, CISCO routers, and switches, Access Control Server, VLAN, Trunk Protocols, CISCO ASA, DHCP, DNS, SAN, Spanning tree, Nimsoft, Windows Server, Windows NT.