SUMMARY

• 7+ years of experience in networking, installing, configuring and maintaining routers, switches, and firewalls
• Strong technical knowledge routing protocols like EIGRP, OSPF, BGP, MPLS
• In - depth understanding of Switching protocols such as VLAN, VTP, STP, RSTP, redundancy protocols such as HSRP, VRRP and ether-channels protocols PAGp, LACP
• Experience with providing remote site access with IPsec, SSL and GRE, Frame Relay, MPLS and documenting required information for maintenance, troubleshooting and future reference.
• Experience in installing, configuring and troubleshooting Cisco Catalyst (2900, 3500, 3700 and 6500 Series), Nexus (7000,5000 and 2000 Series) Switches, and Cisco Routers (2800, 3600, 4400 Series)
• Managed the network devices (Routers, Switches, Cisco ACS, Cisco ISE, Cisco Access Points, Wireless Controllers) and maintained the inventory of the devices in the network using Cisco Prime
• Worked in IOS code upgrade for Cisco 4510,4507,3850,3650 switches.
• Knowledge of Cisco wireless AP’s and WLAN controllers.
• Hands on expertise on network security including NAT/PAT, ACL
• Extensive experience with configuration and installation of AAA, RADIUS, TACACS Servers.
• Knowledge of ASA firewalls and F5 Load Balancers.
• Extensive hands-on experience on cisco meraki routers, switches and access points.
• Working knowledge of network monitoring/management tools like Wireshark, Net Flow, Cisco Prime PRTG, and Solar Winds.
• Knowledge of Managing Amazon Web Services (AWS) infrastructure with automation.
• Little experience written Templates for AWS infrastructure as a code using Terraform to build staging and production environments.
• In-depth experience in troubleshooting critical outages with third party vendors.
• Working knowledge of Change Management Process and Trouble Ticket Escalation.
• Strong written and verbal communication skills, self-motivated, self-managed, result oriented, practical, always looking to learn and contribute.
• I am a CCNA and CCNP certified but those were expired.

TECHNICAL SKILLS

Cisco Routers: 2800, 3600, 4400, 3700, 3800, 3900, 7200

Cisco Switches: 2900, 3500, 3700, 5000, 6500, Nexus 2k, 5k, 7k

Networking: TCP/IP, LAN, WAN, WLAN, DHCP, DNS

Other Hardware: F5 BIG-IP LTM Load Balancer

Routing: EIGRP, OSPF, BGP, MPLS

Switching: VTP, STP, RSTP, VLAN, L3 Switching, LAGP, PAGP

Other Protocols: HSRP, GLBP, VRRP

Security: VPN, ACL, IPSEC, SSL, GRE, NAT, PAT, ASA (5505, 5540) Firewall

Network Simulators: Packet Tracer, GNS3

PROFESSIONAL EXPERIENCE

Confidential, Rochester, MN

Sr. Network Engineer

Responsibilities:

• Working on deploying Cisco Identity Service Engine (ISE) over the enterprise in 7 different regions with 362,000+ devices, for Wired and Wireless Authentication, Authorization and Accounting.
• Using various tools such as IDA (ISE Deployment Assistant), Infoblox IPAM, Net brain, Wireshark, Cisco ISE, Cisco Prime Wired & Wireless, Ping Info View, Stat seeker, Akips, Asset Data, JAMF.
• Analyzing failed RADIUS authentications for 802.1x/MAB enabled switches in both Monitor and Enforcement mode.
• Identify existing profiling misconfigurations working with RADIUS, SNMP, DHCP, DNS and Configuration Reviews as needed for Access - lists, SNMP Configuration, IP Helper Address Configuration.
• Whitelisting devices using ISE created new ISE profiling policies.
• Pushing AAA authentication Commands on 500+ Switches.
• Configuring Network devices with AAA commands which are used in identifying the end users, grant access and track their actions while they are on the Network
• Creating server groups for authentication, authorization and accounting. Failover servers are also deployed in order to be prepared for any downtime related to the primary AAA servers.
• Configuring MSCHAP protocol to authenticate users trying to connect to the Network
• Implemented Network Segmentation using Cisco Trustsec deployments on all the physical interface uplinks on the entire organization.
• Pushing CTS commands on 2500+ devices using Net Brain.
• Responding to incoming calls for NOC concerning resolution of customer tickets on various network issues such as Firewall, VPN, Switch’s, Wireless Issues, Interface/Port Issues, Line Card Issues, and Power Supply.
• Network monitoring, configuring and troubleshooting of WAN, LAN & Wireless Network issues on Cisco routers, catalyst switches, Cisco wireless controllers.
• Procuring the network hardware and platform based on the business requirement and specification to hardware platform.
• Creating, Reviewing and updating Service Now tickets according to established standard Operating procedures (SOP’s).
• Implemented various Processes and Policies (such as Fault Management, Trouble Ticketing, Escalation, Change Management, Inventory Management, Security Management, Scheduled Maintenance, Backup and Recovery).
• Creating and troubleshooting procedure/documentation on SOP/MOP to help level1/level2 engineers to perform their job efficiently.
• Review and implement changes on the network, following Change management process (ITIL).
• Data Center Transformation and engineered includes Design, Procurement, Configuration and Deployment.
• Act as a Lead Role for network solution, highly scalable, robust and resilient network and data center design.
• Successfully cutover remote branch sites from MPLS L3VPN to DMVPN in order to reduce capex to meet company budget.
• Highly Knowledgeable and work experience on Service provider backbone and its services like MPLS L3VPN, VPLS, QinQ technologies, IVPN and BGP core free Network
• Deployment Cisco Nexus 5K (5548) and 2K FEX switches and VPC configuration in Datacenter.
• Procuring the network hardware and platform based on the business requirement and specification to hardware platform.
• F5 LTM/GTM Techniques for website applications and global load balancing and provide geographical redundancy.
• Configuration and troubleshooting of IPsec VPN, DMVPN and other vpn technologies
• Participate in on call Rotation for the Network.
• Implemented various Processes and Policies (such as Fault Management, Trouble Ticketing, Escalation, Change Management, Inventory Management, Security Management, Scheduled Maintenance, Backup and Recovery).
• TCPDUMP utility and other embedded packet capture tool such as ether-analyzer and monitor capture and analysis packets using Wireshark tool offline.
• Deploying and configuring security policies in ISE for wireless / wired and mobile clients.
• Participate in an on-Call Rotation
• Create troubleshooting procedure/documentation SOP/MOP to help level1/level2 engineers to perform their job efficiently.

Confidential

Network Firewall Engineer

Responsibilities:

• Experienced in installing, configuring and troubleshooting of Palo Alto
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls
• Implemented Zone based Firewall and security rules on the Palo Alto Firewall.
• Configured and Maintained rules on Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Configuring Palo Alto policies and setting different device configurations.
• Experienced configuring and troubleshooting active/passive HA on Palo Alto Devices.
• Palo Alto design and installation, which include Application, User ID, URL filtering, Threat prevention and Data Filtering.
• Configuring rules and maintaining Palo Alto Firewall & Analysis of firewall logs.
• Hands on experience of management and administration of Palo Alto firewalls with the help of centralized Panorama devices.
• Configured log forwarding to forward logs from firewall to Panorama and then configured Panorama to send logs to the servers.
• Configured TCP/IP Ethernet interface, Created Virtual Router and Verify Network Connectivity.
• Configured proxy servers including WINS server configurations for few sites or TCP\IP leases.
• Troubleshooting issues of internet traffic is bluecoat proxy by tracing traffic on bluecoat.
• Managing different Firewalls and their security policies using Panorama M-100.
• Installed and configured Palo Alto firewalls PA-500, PA-800, PA-3000 PA-5020, on a complex environment.
• Migrated Cisco ASA’s to Palo Alto Firewalls.
• Migration of VPN's both site-2-site and remote access from ASA to Palo Alto.
• Network Connectivity - Design/Implementation/Management using Palo Alto Firewalls.
• Hands on experience with Palo Alto next generation firewalls in designing and deployment.
• Knowledge of network security including IDS/IPS, DDoS, Firewalls, and other distributed attack schemes.
• Configured Panorama web-based management for multiple firewalls.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Implementing firewall rules and configuring Palo Alto Network Firewall
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configuring Cisco ASA firewalls in single and multiple context mode firewalls.

Confidential

Network Engineer

Responsibilities:

• Configured, implemented and maintained all security platforms and any other related software, such as anti-virus, routers, Anti-SPAM, switches, intrusion detection or intrusion prevention, firewalls, cryptography systems, SIEM, and MDM.
• Involved in planning an ongoing assessment of antivirus, application control, firewall, SIEM, VPN, SSL, intrusion detection or intrusion prevention and other network component policies
• Executed network security best practices through auditing: router, change control, switch, firewall configurations, and monitoring.
• Responsible for periodic vulnerability testing, and lead remediation projects.
• Work in collaboration with appropriate stakeholders to ensure customers have devices that are fully operational and secure
• Excellent hands-on experience and knowledge implementing, configuring, integrating and supporting the network security with Checkpoint, IPAM, Palo Alto, Juniper, BlueCoast security solutions, or Fortinet.
• Knowledge of networking concepts such as WAN connectivity, transport types and protocols, and experience with wireless technology and Wireless deployment for a user base over 500 users per site
• Cisco orientated IOS understanding, working with Routers and Switch Platforms and Experience working with stakeholders at an Operational Level.
• Self-confident, motivated, and independent
• Excellent communication skills
• Responsible for the implementation and maintenance of firewall-based security zones (DMZ*s).
• Provide support to internal project teams by adding firewalls, switches and routers to managed DMZs.
• Configure the layer 2 and layer 3 on Cisco Nexus 7K, 5K, 6509, 9710, 5596 UP, 4500, 3850, 3950, ASR and 2960
• Involved in configuring IP Quality of service (QoS).
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment.