SUMMARY

• Around 8 years of Experience and having Certifications on Cisco (CCNA) in designing, deploying and troubleshooting Network & Security infrastructure on routers, switches (L2/L3) & firewalls of various vendor equipment.
• Strong hands on experience on ASA (5505/5510/5540/5585 ) Firewalls, Juniper (SRX 220/550/5800/3600 ).
• Worked with Palo Alto firewalls PA3020, PA5020 using Panorama servers, performing changes to monitor/block/allow the traffic on the firewall.
• Maintained checkpoint 41000 and 61000 systems, Juniper SRX3600 and PA - 5050 firewalls.
• Experience in Supporting and troubleshooting Checkpoint (R80, R77 Gaia, R75, R70, R65, Provider-1, VSX, SPLAT, Cluster XL and Smart Center Server).
• Daily network operation & support (BGP, MPLS, EIGRP, QOS, WLC, F5, ASA, ISE, wireless, Solar Winds and VoIP).
• Experience in setting up environments on BIP-IP/F5 load balancer for high availability.
• Good working experience in configuring VIP, Pools, members and profiles on F5 load balancer.
• Worked on DNS using vital QIP application for DNS related work to provide domain resolution for VIP on both F5 LTM and GTM.
• Experience with Firewalls - Fortinet/ Forte Gate, & Palo Alto and/or other next generation firewall solutions.
• Migration of firewall rules from Cisco ASA, Checkpoint to Palo Alto firewalls using migration tool from PAN.
• Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Worked on Cisco ACS, deploying Cisco ASA Firepower and configuring services like URL, Malware, IPS, etc.
• Extensively worked on Nexus 9k migration. Migrated date center from catalyst 6500 to Nexus 9k.
• Worked in Implementing VDC, VPC, VSS, VRF on the Nexus 5K, 7K & 9K switches.
• Designed and configured the commands for QOS and Access Lists for Nexus 9k, 7k and 5k.
• Implement ISE solution for campus LAN, wireless, remote access and guest network environments.
• Configuration of Cisco ASA, Juniper and Palo Alto Firewalls, ACL's and Packet Shaping devices and rules.
• Comprehensive understanding of OSI Model, TCP/IP protocol suite (IP, ARP, ICMP, TCP, UDP, SNMP, FTP, TFTP).
• Fujitsu Flash wave 9500, Net smart.
• Strong hands on experience in layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 9K,7K, 5K, 2K series, Cisco router models like ASR 9K, ASR 1K, 7200, 3900, 2900, 2800, 2600, 2500, 1800 series and Cisco catalyst 6500, 4500, 3850, 3750, 3500, 2900 series switches.
• Technology and Infrastructure consultant for Cisco and Juniper design and implementation projects. Specific tasks include installations, configurations, support and maintenance of routers and switches.
• Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering and MPLS QOS.
• Diverse industry exposure - Finance, Telecom, and IT consulting Markets.
• Experience with Secure Sockets Layer (SSL), SSL Certificates, Check Point Firewalls, Cisco ASA Firewalls, Palo Alto Firewalls.
• Conduct packet capture and protocol analysis for suspicious activities with Wireshark.
• Worked on F5 issues using packet capture like TCP dump, Wireshark, Solar Winds and curl commands.
• Coordinated all repair and maintenance (RMA) of network devices with CISCO and other vendors.
• In depth understanding of Web Engineering, DNS, DHCP, SLL certificate, IP, address registration, and management, etc.
• Experience in Layer 2 Routing protocol configurations: ATM/FRAME RELAY, IP services such as QOS and VPN technologies: IPsec & SSL.
• Configured and troubleshot Layer 3 VPN, Layer 2 Ethernet switch and router interfaces for Arista, Cisco, and Juniper.
• Extensive experience in configuring Layer3 routing and layer2/3 switching of Juniper & Cisco based J2320, MX, EX, 2950,2960,3600,3750,4500,6500,1700,1800,2600 and 3700 series routers & Switches.
• Troubleshooting & implementation of VLAN, STP, MSTP, RSTP, PVST, 802.1Q, DTP, DMVPN, HSRP, VRRP, GLBP, LACP, PAGP, AAA, TACACS, RADIUS, MD5, VTP & SVI.
• Experience working with Cisco IOS-XR on the ASR9000 devices for MPLS deployments.
• Experience configuring & troubleshooting routing protocols like RIP, OSPF, BGP, and EIGRP.
• Native communication skills and a team player, Effective inter-personal skills, adaptive to any environment, with the latest technologies and delivering solutions as an individual and as part of a team.

TECHNICAL SKILLS

Routing Protocols: RIP, BGP, OSPF, EIGRP, Static Routing, IP Addressing, Sub netting, CIDR

Communication Protocols: TCP/IP, UDP, DHCP, DNS, ICMP, SNMP, ARP, PPP, FTP

Redundancy Protocols: GLBP, HSRP, VRRP

Topologies: MPLS, Ethernet, Cable Modem, and Wireless

Switch Technologies: VLANs, VTP, STP, DTP, ISL and dot1q

Network Hardware: Cisco switches (2960, 3550, 3560, 4500, 6509, and 6513), Cisco Nexus Switches (2248,2232,5548,5596,7010,7718), Juniper EX 9200, Cisco routers (1900, 2900, 3900, 7200, ASR-1k/9k), Cisco ASA 5500 series, CSU/DSU’s, network cards, WANLACP Wireless controller, Modems and F5 Network Load Balancer, Juniper PTX

Network Management Tools: MRTG, HP Open view, Cisco WAN manager, Cisco works 2000, Solar winds Orion, Zenoss, Cisco Prime

F5, A10: NAT/P NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration, Internet Content Filtering, URL Filtering -Web-sense, SSL, IPSEC, IKE, Static, Dynamic, Reflexive ACL, and authentication AAA (TACACS+ & RADIUS).

Firewall: Cisco ASA, Juniper SRX, Palo Alto, Checkpoint

Network Simulators: GNS3, Packet Tracer, Wire shark, Extra Hop

OS: Windows, UNIX, LINUX

PROFESSIONAL EXPERIENCE

Confidential

Sr. Network Security Engineer

Responsibilities:

• Responsible for maintaining the design and integrity of Evergreen Health’s internal/external network, including customer-facing environments.
• Involved in Switching Technology Administration including creating and managing VLANs, Port security, Trucking, STP, Inter VLAN routing, LAN security etc.
• Involved in the Configuration and Administration of Cisco, Aruba, and Meraki environments.
• Experience working with Nexus 7010, 5548, 5596, 2148, 2248 devices.
• Implemented Site-to-Site VPNs over the internet utilizing 3DES, AES/AES-256 with ASA and JUNIPER SRX Firewalls.
• Configuring & managing around 500+ Network &Security Devices that includes Cisco Routers & Switches, Nexus Switches, Juniper and Palo Alto Firewalls, F5 Big IP Load balancers, Blue Coat Proxies and Riverbed WAN Optimizers.
• Configure and troubleshoot Juniper EX series switches and routers at branches/back offices.
• Manage firewall/security systems by establishing and enforcing policies Upgrading code on Palo Alto firewalls PA5050/3020 to meet company security policy.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Created documents for various platforms including Nexus 7k, ASR9k, and ASR1k, enabling successful deployment of new devices on the network.
• Managing and supporting large scale MPLS & Frame relay on Cisco environment for more than 5000 Retail sites, 100 Distribution centers, 100 offices, and three datacenters.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Manage Solar Winds WPM, NPM, and monitoring services and nodes.
• Involved in Implementation and Configuration (Profiles, I Rules) of F5 Big-IP C-4400 load balancers.
• Network Redesign for Small Office/Campus Locations. This includes changes to both the voice and data environment
• Python scripting for automation of challenging tasks.
• Salt and open source automation software used to orchestrate cloud platform and communicate with tens of thousands for servers in a matter of seconds.
• Retail Domain Experience with clients and direct customer/client interaction with 24/7 support.
• Provided guidelines to setup VOIP, IP PBX, made documentation for licensing requirements for CRTC.
• Establish AWS technical credibility with customers and external parties
• Worked on a broad range of topics such as proactive monitoring and maintenance, disaster recovery exercises, and core network repairs
• Advanced expertise and hands-on on Cisco IOS-XR software platform on Cisco 12000 series routers
• Experience working with ASR 9000 series switches with IOS-XR
• Superior expertise and hands-on on Cisco IOS, IOS-XR 4.1.2 and 4.3.31 software platform on 12000 series routers
• Well Experienced in configuring protocols HSRP, GLBP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP.
• Experience with communicating with different customers/Vendors, IT teams in gathering the details for the project
• Switching tasks include VTP, ISL/ 802.1q, IP Sec and GRE Tunneling, VLANs, Ether Channel, Trucking, Port Security, STP, and RSTP.
• Experience in installing and configuring DNS, DHCP servers.
• Replace branch hardware with new 3900 routers and 3750 POE Switches.
• Responsible for layer two securities which were implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trucking, deployed port security when possible for user ports
• Involved in configuring Juniper SRX 550, Cisco ASA 5585 firewall and PALOALTO 5050 firewall
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed

Environment: Cisco 2800, 2900, 3900, 7200, 7600, ASR 4300, 1K, 2K, 3K, 7K, 9K, Arista routers Cisco Catalyst Switch 6500, 4500, 4900, 3500, 3700, 3700, Nexus 9k and 5k, Aruba 3810, 5412 switches, Arista switches, Cisco ASA 5510, Cisco ACE Load Balancer, Fiber and Ethernet cabling, Ixia XR 2000, Cisco LAN Wireless Controller and Access Points, Remedy Ticketing System.

Confidential, Richmond, VA

Sr. Network Engineer

Responsibilities:

• Involved in configuring and implementing of composite Network models consists of Cisco 7600, 7200, 3800 series routers and Cisco 2950, 3500, 3650,3750,4507,4510, 9300 and 9407 Series switches.
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security.
• Configured, installed, & managed DHCP, DNS, & WINS servers.
• Performed site surveys and port mapping at more than 100 MDF’s and IDF’s.
• Replacement of End of Life 3560, 3750 and 4500 switches with 9300’s and 9407’s so that they become Cisco ISE Compatible.
• Determining the latest and best IOS Versions on various Cisco switches, staging the E6.bin E8.bin or SE12.bins based on the requirements and switch models.
• Performing the Software IOS upgradations on various 4507 R+Es, 4507 R-E’s, 4510R+E’s, 3650 and 3750 series switches so as to make them compatible with Cisco ISE.
• Configuration & maintenance of Cisco2600 series routers with OSPF.
• Configuration and maintenance of Cisco ASR routers such as ASR 1013, 1009-X, 1006, 1006-X, 1004, 1002-HX, 1002-X, 1001-X routers.
• Researched, designed, and replaced Checkpoint firewall architecture with new next generation Palo Alto PA3000 and PA5000 appliances serving as firewalls and URL and application inspection.
• Experience in implementing and managing F5 BIG-IP load balancing, including LTM, GTM and APM.
• Managed a TACACS server for VPN user authentication and network devices authentication
• Upgrading the network by translating protocols like EIGRP to OSPF.
• Configuration 7609, 7606 with OSPF and catalyst 6505, 4500, 3550 switches with various VLAN.
• Installed and configured F5 Load balancers and firewalls with LAN/WAN configuration.
• Worked on various Nexus Products 7010, 7009, 2248.
• Create and test Cisco routers and switching operations using OSPF routing protocol.
• To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Experience working with Layer 1-7 switching, TCP/IP, OSPF and load balancing (Cisco L2/L3 switches, firewalls, load balancers.
• Experiences also includes working with Checkpoint R77 Series, Cisco ASA 55XX and the Fortinet's 51B, 300C Firewall Series.
• Configured network operating environments supported like Novell NetWare, LANDesk, TCP/IP and SNA.
• Proactively manage customer Firewall's (FW), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS) and other security threat data sources on Check point and Juniper FW's.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls per design.
• Worked with security issue like applying ACL's, configuring NAT and VPN.
• Experience in configuring routing protocols like EIGRP, RIP v2, OSPF & BGP and Cisco ACS protocols like RADIUS and TACACS.
• Troubleshoot issues related to connectivity, STP, VLANs, Trucking, VTP, Layer 2/3switching, Ether Channels, Inter-VLAN routing, log messages, high CPU utilization and parameters that can degrade Performance of the network.

Environment: VPN, Solar Winds, IP, IPSEC, AAA-Radius, Tac-acs, ACS, SNMP, DNS, DHCP, OSPF Troubleshooting, Big Ip F5-LTM-1600, 3600, A10, AX Series load balancers, GTM, Active Directory, OSPF, EIGRP, Out-look servers, Nexus-7k, Cisco Routers-7600, 7200, 3800, Cisco Switches-2950, 3500, 5000, 6500, HSRP, GLBP, ACE-GSS-4400, VM-ware-ESXi-6, V-sphere, V-center, UCS, Infoblox Appliances.

Confidential, West Chester, PA

Network Engineer

Responsibilities:

• Configuration and Administration of Cisco and Juniper Routers and Switches.
• Experience working with Nexus 7010, 5548, 5596, 2148, 2248 devices.
• Experience configuring VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 7010/7018
• Experience with setting up MPLS Layer 3 VPN cloud in data center and working with BGP WAN towards customer.
• Implementing changes on Checkpoint Firewalls R65, R70 and R75.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Designed and deployed a dual DMVPN cloud with Phase 2 inter-connectivity.
• Experience with network based F5 Load balancers with software module Access Policy Manager (APM) & Checkpoint Load Sharing on checkpoint clusters.
• Migrated to Juniper EX series switches from Cisco 3500 series and 6500 series switches.
• Configuring RADIUS server setup using ISE server to support Wi-Fi security protocols.
• Troubleshoot issues and optimize networks down to the packet level by analyzing traffic using Wireshark.
• Well Experienced in configuring protocols HSRP, GLBP, ICMP, IGMP, PPP, PAP, CHAP, and SNMP.
• Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document.
• Experience in deploying and configuring Cisco WLC 5508, 5500 Series Controllers in a vast WLAN production environment.
• Used Cisco ACS to enhance visibility and control across the network domain, also centrally managed wired and WLAN based on network scenarios.
• Conversions to BGP WAN routing. Which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) which involves new wan links.
• Convert Branch WAN links from TDM circuits to MPLS and to convert encryption from IPSec/GRE to Get VPN.
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking, deployed port security when possible for user ports.
• Involved in configuring Juniper SSG-140 and Cisco ASA firewall.

Environment: Worked on Cisco switches 6500, 4500, 4900, 4000, 4300, 3900, 2900, 5500 series, Catalyst 6509 series with SUP 720, IP routes BGP, OSPF, Cisco LAN switches, Proxy server, Troubleshooting DHCP.