We provide IT Staff Augmentation Services!

Sr. Network Engineer Resume

Rochester, MN

SUMMARY

  • 7+ years of experience in networking, installing, configuring and maintaining routers, switches, and firewalls
  • Strong technical knowledge routing protocols like EIGRP, OSPF, BGP, MPLS
  • In - depth understanding of Switching protocols such as VLAN, VTP, STP, RSTP, redundancy protocols such as HSRP, VRRP and ether-channels protocols PAGp, LACP
  • Experience with providing remote site access with IPsec, SSL and GRE, Frame Relay, MPLS and documenting required information for maintenance, troubleshooting and future reference.
  • Experience in installing, configuring and troubleshooting Cisco Catalyst (2900, 3500, 3700 and 6500 Series), Nexus (7000,5000 and 2000 Series) Switches, and Cisco Routers (2800, 3600, 4400 Series)
  • Managed the network devices (Routers, Switches, Cisco ACS, Cisco ISE, Cisco Access Points, Wireless Controllers) and maintained the inventory of the devices in the network using Cisco Prime
  • Worked in IOS code upgrade for Cisco 4510,4507,3850,3650 switches.
  • Knowledge of Cisco wireless AP’s and WLAN controllers.
  • Hands on expertise on network security including NAT/PAT, ACL
  • Extensive experience with configuration and installation of AAA, RADIUS, TACACS Servers.
  • Knowledge of ASA firewalls and F5 Load Balancers.
  • Extensive hands-on experience on cisco meraki routers, switches and access points.
  • Working knowledge of network monitoring/management tools like Wireshark, Net Flow, Cisco Prime PRTG, and Solar Winds.
  • Knowledge of Managing Amazon Web Services (AWS) infrastructure with automation.
  • Little experience written Templates for AWS infrastructure as a code using Terraform to build staging and production environments.
  • In-depth experience in troubleshooting critical outages with third party vendors.
  • Working knowledge of Change Management Process and Trouble Ticket Escalation.
  • Strong written and verbal communication skills, self-motivated, self-managed, result oriented, practical, always looking to learn and contribute.
  • I am a CCNA and CCNP certified but those were expired.

TECHNICAL SKILLS

Cisco Routers: 2800, 3600, 4400, 3700, 3800, 3900, 7200

Cisco Switches: 2900, 3500, 3700, 5000, 6500, Nexus 2k, 5k, 7k

Networking: TCP/IP, LAN, WAN, WLAN, DHCP, DNS

Other Hardware: F5 BIG-IP LTM Load Balancer

Routing: EIGRP, OSPF, BGP, MPLS

Switching: VTP, STP, RSTP, VLAN, L3 Switching, LAGP, PAGP

Other Protocols: HSRP, GLBP, VRRP

Security: VPN, ACL, IPSEC, SSL, GRE, NAT, PAT, ASA (5505, 5540) Firewall

Network Simulators: Packet Tracer, GNS3

PROFESSIONAL EXPERIENCE

Confidential, Rochester, MN

Sr. Network Engineer

Responsibilities:

  • Working on deploying Cisco Identity Service Engine (ISE) over the enterprise in 7 different regions with 362,000+ devices, for Wired and Wireless Authentication, Authorization and Accounting.
  • Using various tools such as IDA (ISE Deployment Assistant), Infoblox IPAM, Net brain, Wireshark, Cisco ISE, Cisco Prime Wired & Wireless, Ping Info View, Stat seeker, Akips, Asset Data, JAMF.
  • Analyzing failed RADIUS authentications for 802.1x/MAB enabled switches in both Monitor and Enforcement mode.
  • Identify existing profiling misconfigurations working with RADIUS, SNMP, DHCP, DNS and Configuration Reviews as needed for Access - lists, SNMP Configuration, IP Helper Address Configuration.
  • Whitelisting devices using ISE created new ISE profiling policies.
  • Pushing AAA authentication Commands on 500+ Switches.
  • Configuring Network devices with AAA commands which are used in identifying the end users, grant access and track their actions while they are on the Network
  • Creating server groups for authentication, authorization and accounting. Failover servers are also deployed in order to be prepared for any downtime related to the primary AAA servers.
  • Configuring MSCHAP protocol to authenticate users trying to connect to the Network
  • Implemented Network Segmentation using Cisco Trustsec deployments on all the physical interface uplinks on the entire organization.
  • Pushing CTS commands on 2500+ devices using Net Brain.
  • Responding to incoming calls for NOC concerning resolution of customer tickets on various network issues such as Firewall, VPN, Switch’s, Wireless Issues, Interface/Port Issues, Line Card Issues, and Power Supply.
  • Network monitoring, configuring and troubleshooting of WAN, LAN & Wireless Network issues on Cisco routers, catalyst switches, Cisco wireless controllers.
  • Procuring the network hardware and platform based on the business requirement and specification to hardware platform.
  • Creating, Reviewing and updating Service Now tickets according to established standard Operating procedures (SOP’s).
  • Implemented various Processes and Policies (such as Fault Management, Trouble Ticketing, Escalation, Change Management, Inventory Management, Security Management, Scheduled Maintenance, Backup and Recovery).
  • Creating and troubleshooting procedure/documentation on SOP/MOP to help level1/level2 engineers to perform their job efficiently.
  • Review and implement changes on the network, following Change management process (ITIL).
  • Data Center Transformation and engineered includes Design, Procurement, Configuration and Deployment.
  • Act as a Lead Role for network solution, highly scalable, robust and resilient network and data center design.
  • Successfully cutover remote branch sites from MPLS L3VPN to DMVPN in order to reduce capex to meet company budget.
  • Highly Knowledgeable and work experience on Service provider backbone and its services like MPLS L3VPN, VPLS, QinQ technologies, IVPN and BGP core free Network
  • Deployment Cisco Nexus 5K (5548) and 2K FEX switches and VPC configuration in Datacenter.
  • Procuring the network hardware and platform based on the business requirement and specification to hardware platform.
  • F5 LTM/GTM Techniques for website applications and global load balancing and provide geographical redundancy.
  • Configuration and troubleshooting of IPsec VPN, DMVPN and other vpn technologies
  • Participate in on call Rotation for the Network.
  • Implemented various Processes and Policies (such as Fault Management, Trouble Ticketing, Escalation, Change Management, Inventory Management, Security Management, Scheduled Maintenance, Backup and Recovery).
  • TCPDUMP utility and other embedded packet capture tool such as ether-analyzer and monitor capture and analysis packets using Wireshark tool offline.
  • Deploying and configuring security policies in ISE for wireless / wired and mobile clients.
  • Participate in an on-Call Rotation
  • Create troubleshooting procedure/documentation SOP/MOP to help level1/level2 engineers to perform their job efficiently.

Confidential

Network Firewall Engineer

Responsibilities:

  • Experienced in installing, configuring and troubleshooting of Palo Alto
  • Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls
  • Implemented Zone based Firewall and security rules on the Palo Alto Firewall.
  • Configured and Maintained rules on Palo Alto Firewalls & Analysis of firewall logs using various tools.
  • Configuring Palo Alto policies and setting different device configurations.
  • Experienced configuring and troubleshooting active/passive HA on Palo Alto Devices.
  • Palo Alto design and installation, which include Application, User ID, URL filtering, Threat prevention and Data Filtering.
  • Configuring rules and maintaining Palo Alto Firewall & Analysis of firewall logs.
  • Hands on experience of management and administration of Palo Alto firewalls with the help of centralized Panorama devices.
  • Configured log forwarding to forward logs from firewall to Panorama and then configured Panorama to send logs to the servers.
  • Configured TCP/IP Ethernet interface, Created Virtual Router and Verify Network Connectivity.
  • Configured proxy servers including WINS server configurations for few sites or TCP\IP leases.
  • Troubleshooting issues of internet traffic is bluecoat proxy by tracing traffic on bluecoat.
  • Managing different Firewalls and their security policies using Panorama M-100.
  • Installed and configured Palo Alto firewalls PA-500, PA-800, PA-3000 PA-5020, on a complex environment.
  • Migrated Cisco ASA’s to Palo Alto Firewalls.
  • Migration of VPN's both site-2-site and remote access from ASA to Palo Alto.
  • Network Connectivity - Design/Implementation/Management using Palo Alto Firewalls.
  • Hands on experience with Palo Alto next generation firewalls in designing and deployment.
  • Knowledge of network security including IDS/IPS, DDoS, Firewalls, and other distributed attack schemes.
  • Configured Panorama web-based management for multiple firewalls.
  • Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
  • Implementing firewall rules and configuring Palo Alto Network Firewall
  • Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
  • Configuring Cisco ASA firewalls in single and multiple context mode firewalls.

Confidential

Network Engineer

Responsibilities:

  • Configured, implemented and maintained all security platforms and any other related software, such as anti-virus, routers, Anti-SPAM, switches, intrusion detection or intrusion prevention, firewalls, cryptography systems, SIEM, and MDM.
  • Involved in planning an ongoing assessment of antivirus, application control, firewall, SIEM, VPN, SSL, intrusion detection or intrusion prevention and other network component policies
  • Executed network security best practices through auditing: router, change control, switch, firewall configurations, and monitoring.
  • Responsible for periodic vulnerability testing, and lead remediation projects.
  • Work in collaboration with appropriate stakeholders to ensure customers have devices that are fully operational and secure
  • Excellent hands-on experience and knowledge implementing, configuring, integrating and supporting the network security with Checkpoint, IPAM, Palo Alto, Juniper, BlueCoast security solutions, or Fortinet.
  • Knowledge of networking concepts such as WAN connectivity, transport types and protocols, and experience with wireless technology and Wireless deployment for a user base over 500 users per site
  • Cisco orientated IOS understanding, working with Routers and Switch Platforms and Experience working with stakeholders at an Operational Level.
  • Self-confident, motivated, and independent
  • Excellent communication skills
  • Responsible for the implementation and maintenance of firewall-based security zones (DMZ*s).
  • Provide support to internal project teams by adding firewalls, switches and routers to managed DMZs.
  • Configure the layer 2 and layer 3 on Cisco Nexus 7K, 5K, 6509, 9710, 5596 UP, 4500, 3850, 3950, ASR and 2960
  • Involved in configuring IP Quality of service (QoS).
  • Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment.

Hire Now