SUMMARY

• 8.1 years of experience in Network design, Security, Tier support of Networks in various environments.
• Extensive experience working on Cisco and Juniper routers/switches in complex environments with multiple ISPs.
• Worked on Cisco 7200, 3800, 3600, 2800, 2600, 1800 series Routers and Cisco 2900, 3500, 4500, 6500 and Nexus 9k, 7k, 5K series switches and Sound knowledge of Routing and Switching concepts
• Expert Level Knowledge about TCP/IP and OSI models.
• Cisco ASA/Checkpoint Firewall troubleshooting and policy change requests for new IP that required to be altered during various planned network changes on the network.
• Worked with security devices such as Firewalls, VPN switches and Intrusion Detection Systems.
• Worked with Cisco Meraki - cloud managed architecture to handle wireless, switching, security, EMM, all security cameras managed from the web
• Replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection
• Experience with products such as Cisco ISE, Cisco ASA 5500 series firewalls and Cisco ACE 4710 Load balancers.
• Experience in Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering)
• Extensive knowledge and experience of Cisco ASA firewalls, firepower and FTDs.
• Implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology (LACP, PaGP).
• Experience in F5 Load balancers such a BIG-IP LTM Modules.
• Cisco ACI fabric networks, including python automation.
• Good understanding of cable management such as CAT5/6/6E, Fiber-Optic (Multi & Single mode fibers).
• Hands on experience in designing complex networks in Vector Graphics application like Microsoft Visio Pro.

TECHNICAL SKILLS

Operating Systems: Windows (Server 2008/2012, Windows 7/10 ), Linux OS

Routing: MPLS, OSPF, EIGRP, BGP, PBR, IS-IS, Route Filtering, Redistribution, Summarization, Static Routing

Switching: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Multicast operations, Layer 3 Switches, Ether channels

Network security: Cisco (ASA,) 5510, Palo Alto, juniper SRX, ACL, IPSEC VPN, Remedy, GRE VPN, NAT/PAT, Filtering, Load Balancing, IDS/IPS

Load Balancer: F5 Networks (Big-IP) LTM Module, Cisco ACE 30 load balancer

Network Management: SNMP, Solar Winds, HP open view, and Wire shark

Reports and Network Diagrams: Microsoft (Visio pro.)

PROFESSIONAL EXPERIENCE

Confidential, Chicago, IL

Sr. Network Security Engineer

Responsibilities:

• Worked on Palo Alto PA-5050 design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Involved in deploying SDWAN with cisco infrastructure
• Experience working with Nexus 9k, 7k, 5k, 2k devices.
• Testing and prod support of Cisco ACI Data center in network centric mode and EM for customers with multitenancy using Clustered APIC controllers M1 C220 M3/M4.
• Worked in for the NextGen Datacenter Cloud Architecture, using Cisco ACI and Nexus 9K.
• Advanced skills of designing, coding, and troubleshooting iRules Executed the F5 Viprion to deal with high traffic volume for L7 traffic on 2250 blade while Thunder 6630 using Viprion chassis
• Participated in troubleshooting SDN/SD-WAN deployments
• Deployed CISCO ACI Greenfield and Migrated from Legacy network.
• Developed ACI (Cisco Application Centric Infrastructure) based Cisco Validated Designs for Enterprises and Service Providers to transform Traditional 3 Layer Architecture to ACI based (Spine, Leaf and APIC) Architecture
• Regular upgrade and maintenance of Infrastructure including Cisco Router and Switches, Juniper Routers and Firewalls, Nexus 7k,5k & 2k, F5 BIG IP and Palo Alto Firewalls.
• Created different application policies in the ACI including Tenants, Application Network Profile (ANP), End Point Group (EPG), Contracts, Subjects, and Filters & Labels.
• Extensively worked with configuration of Network and Security devices such as Cisco routers and switches (Cisco 7K/3K/Nexus 9K/7K/5K),, Load Balancers, DNS and IP Manager (Infoblox)
• Configured rules and maintained Palo Alto Firewalls & analysis of firewall logs using various tools
• Involved in the Migration of policy from Cisco ASA firewall into Juniper SRX’s
• Provided administration and support on Bluecoat Proxy for content filtering and internet access to headquarters, remote site offices and VPN client user
• Responsible Implementing NAT solution's on WAN applications with Cisco ASA based solution.
• Designing and Deploying dynamically scalable, Highly available, fault tolerant and reliable applications on AWS
• Migrated complex, multi-tier applications on AWS.
• Defined and deployed monitoring, metrics and logging systems on Aws. Migrated existing on-premises applications to AWS
• Monitored infrastructure with Nagios like Firewalls, Servers, Services, Network devices, applications, web portals etc. Resolution of tickets fresh & pending
• Selecting appropriate AWS service to design and deploy an application based on given requirements.
• Automated network implementations and tasks and designed monitoring tools using python scripting.
• Dealt with creating VIP(virtual servers), pools, nodes and applying I Rules for the virtual servers like cookie persistency, redirection of the URL
• Experience working with Juniper devices like EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX650, SRX240.
• ExperienceSupporting EIGRP, OSPF and BGP based network by resolving level 2 & 3 problems of internal teams & external customers of all locations
• Experience with configuring BGP, OSPF in Juniper MX series routers for branch/back office locations.
• Experience in configuring all Palo alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments
• Diagnose and trouble shoot wireless issues related to Cisco Meraki
• Responsible for providing ongoing support to application centric infrastructure (ACI) solution.
• Assist with configuration and implementation of ACI and APIC
• Helped team to deploy 100 APs with 15 Switches, Cisco Nexus, Cisco Meraki and 2 Wireless controllers.

Confidential, Bellevue, WA

SR Network Security Engineer

Responsibilities:

• Migration and implementation of Palo Alto Next-Generation Firewall seriesPA-500, PA-3060, PA-5060, PA-7050, PA-7080.
• Establishing VPN Tunnels using IPSec encryption standards and also configuring and implementing site-to-site VPN, Remote VPN.
• Implemented zone based firewalling and security rules on Palo Alto Firewalls.
• Managed and troubleshoot Aruba access points wireless devices on Aruba VPN, customer public and private wireless networks.
• Establish AWS technical credibility with customers and external parties
• Established BGP peering between onsite datacenter in Bellevue and AWS cloud.
• Conduct network Vulnerability Assessments using tools to evaluate attack vectors, Identify System Vulnerabilities and develop remediation plans and Security Procedures
• Utilized application groups, SSL decryption, IPS, antivirus, anti-spyware, URL filtering, NAT, VPN, and the Reporting features of Palo Alto.
• Worked with TAC, BU team for debugging and fixing ACI Network issues in Cisco Cloud.
• Trouble shooted tickets on F5 Viprion
• Experience working with F5 LTM 3600/6400 and GTM 2200/4200 in data center
• Worked on Great exposure to SDN and Network virtualization technologies like Cisco ACI.
• Monitor IDS logs filtering potentially threatening activity from normal network traffic.
• Responsible for configuration of F5 Viprion 2200
• Configured VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 9k,7k/5k devices
• Involved in Substantial Configuration & validation prior to implementation of Nexus 7K, 5K & 2K connecting to blade servers.
• Configuration, trouble shooting and installation of all 48 Fortinet firewalls ranging from Fortigate 60c models to FortiGate's Virtual Firewall.
• Worked with Firemon policy manager to configure and monitor the firewall changes.
• Experience working with Juniper devices like EX 2200, EX 4200, EX 4500, MX 480
• Interacting with automation Team to automate the Network related tasks using python.

Confidential, Charlotte, NC

SR Network Security Engineer

Responsibilities:

• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools
• Experience in configuring all Palo alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments
• Involved in configuration of access-control lists on Juniper and Palo Alto firewalls for proper network routing and B2B connectivity.
• Configure, Support, update and install Checkpoint, Firemon systems. Provide monitoring of all Checkpoint firewalls and their logs/traffic
• Experience with setting up IPSEC VPN on Cisco 5585 Firewalls towards the multiple vendors
• Plan Design and assist in deploying enterprise wide Network Security and High Availability Solutions for ASA and SRX Firewalls
• Extensive experience in building python management controllers for deploying storage, networking and compute Node configuration
• Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010
• Experience working with Nexus 7010/Nexus 7018, 5020, 2148, 2248 devices
• Experience working with data center deployment where we converted from Cisco 6500 to Nexus 7010
• Worked on Data center migration of devices in Access, Distribution and Core layers.
• Experience working with F5 LTM 3600/6400 and GTM 2200/4200 in data center
• Dealt with creating VIP(virtual servers), pools, nodes and applying I Rules for the virtual servers like cookie persistency, redirection of the URL
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Performed Configuration on ASR 9K Pairs includes HSRP, Bundle Ethernet Config, Assigning DHCP profiles