SUMMARY

• 8.2 years of experience in Network design, Security and support of Networks in various environments.
• Experience working with security devices such as Firewalls, VPN switches and Intrusion Detection Systems.
• In - depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services.
• Experience working on Cloud Computing Virtualization using VMWare ESXi 4.0 and Windows Hyper-V.
• Experience in configuring HSRP and redistribution between routing protocols troubleshooting them.
• Implementation of HSRP, VRRP and GLBP for Default Gateway Redundancy.
• Experience on Network Monitoring & Testing tools such as Wireshark/Ethereal, Cisco Works, and IXIA.
• Good understanding of VoIP implementation and protocols such as H.323, RTP, and SIP.
• Experience in troubleshooting NAT configurations, Access-Lists (ACL), and DNS/DHCP related issues within the LAN network.
• Extensive experience working on Cisco and Juniper routers/switches in complex environments with multiple ISPs.
• Expert in dealing with Networking Protocols and Standards such as TCP/IP, OSI, UDP, Layer 2 (VLANs, STP, VTP), Routing Protocols (RIP, EIGRP, OSPF, BGP), WAN technologies (Frame relay, IPSec, VPNs, MPLS), QoS.
• Worked on AWS to Corporate connectivity and AWS EC2, Auto scaling, NAT Gateways
• Worked on Subnetting IPv4/IPv6 addresses and IP address management.
• Good understanding of cable management such as CAT3/4/5, Fiber-Optic (Multi & Single mode fibers).
• Hands-on experience with TCP/IP, LANs, WANs, and WLANs (Wi-Fi) Cisco VPN Concentrators, F5 Fire pass SSL VPN, 6509 Core Datacenter designs.
• Exposure to Cisco WAAS, WCS.
• Expert Level Knowledge about TCP/IP and OSI models.
• Familiar with security products such as Cisco ISE
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
• Worked on Palo Alto Firewall
• Worked on Cisco ASA 5500 series firewalls.
• Worked on Cisco Nexus 5010 Switch.
• Experience in F5, Cisco ACE 4710 Load balancers.
• Advanced proficiency with Cisco Wireless ( APs, Controllers, ISE, Prime)

TECHNICAL SKILLS

Network Hardware: Cisco Routers (1800, 2600, 3600, 7200 and 7600) Juniper QFx 10000, 5100 series switches and MX960 series router and SRX 240, 300 and 3600. Cisco Catalyst Switches (3560, 3750, 4500, 4900 & 6500), Nexus (7010, 7700, 5548, 5510, 2248, 2148)

Routing Protocols: RIPv2, EIGRP, IS-IS, OSPF(V2,V3), BGP(iBGP and eBGP) and MP-BGP

WAN Protocols: VRF, VRF-Lite, MPLS, MPLS L3 VPN and MPLS L2VPN

Switching: VLANs, Dot1Q, VTP, STP, RSTP, HSRP, VRRP, GLBP, Port Security, BPDUGuard, BPDUFilter, Udld

Protocols: IPv4, IPv6, TCP, UDP, ARP, ICMP, NAT, DNS, DHCP, SNMP, QOS (DSCP and CoS) TELNET, SSH

Datacenter Technologies: VDC, vPC, vPC+, Fabric Path, FEX, OTV for DCI

Operating Systems: Windows 2007, Windows 10 Enterprise edition, CentOS, Ubuntu and Red hat Linux.

Office Suite: Microsoft Word, Excel, and Visio

Network Monitoring: Orion Net flow Traffic Analyzer, Wireshark, Solar winds, Cisco Prime

PROFESSIONAL EXPERIENCE

Confidential, Denver, CO

Present Sr. Network Engineer

Responsibilities:

• Worked on Palo Alto PA-5050 design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Involved in deploying SDWAN with cisco infrastructure
• Experience working with Nexus 9k, 7k, 5k, 2k devices.
• Testing and prod support of Cisco ACI Data center in network centric mode and EM for customers with multitenancy using Clustered APIC controllers M1 C220 M3/M4.
• Worked in for the NextGen Datacenter Cloud Architecture, using Cisco ACI and Nexus 9K.
• Advanced skills of designing, coding, and troubleshooting iRules Executed the F5 Viprion to deal with high traffic volume for L7 traffic on 2250 blade while Thunder 6630 using Viprion chassis
• Participated in troubleshooting SDN/SD-WAN deployments
• Deployed CISCO ACI Greenfield and Migrated from Legacy network.
• Developed ACI (Cisco Application Centric Infrastructure) based Cisco Validated Designs for Enterprises and Service Providers to transform Traditional 3 Layer Architecture to ACI based (Spine, Leaf and APIC) Architecture
• Regular upgrade and maintenance of Infrastructure including Cisco Router and Switches, Juniper Routers and Firewalls, Nexus 7k,5k & 2k, F5 BIG IP and Palo Alto Firewalls.
• Created different application policies in the ACI including Tenants, Application Network Profile (ANP), End Point Group (EPG), Contracts, Subjects, and Filters & Labels.
• Extensively worked with configuration of Network and Security devices such as Cisco routers and switches (Cisco 7K/3K/Nexus 9K/7K/5K),, Load Balancers, DNS and IP Manager (Infoblox)
• Configured rules and maintained Palo Alto Firewalls & analysis of firewall logs using various tools
• Worked on Azure DNS to configure custom domain names for the resources in your VNets. Finally, we will move on to learning how to set up both public and private DNS zones.
• Build, configure, test and provide production cloud systems support that may include duties such as deployment, configuration, monitoring and troubleshooting in Azure load balancers, firewall policies, VPN tunnels, DNS and Linux servers
• Configure and install various network devices and services (e.g., routers, switches, firewalls, azure load balancers, VPN, QoS) in both physical and virtual environments
• Involved in the Migration of policy from Cisco ASA firewall into Juniper SRX’s
• Provided administration and support on Bluecoat Proxy for content filtering and internet access to headquarters, remote site offices and VPN client user
• Responsible Implementing NAT solution's on WAN applications with Cisco ASA based solution.
• Designing and Deploying dynamically scalable, Highly available, fault tolerant and reliable applications on AWS
• Migrated complex, multi-tier applications on AWS.
• Defined and deployed monitoring, metrics and logging systems on Aws. Migrated existing on-premises applications to AWS
• Monitored infrastructure with Nagios like Firewalls, Servers, Services, Network devices, applications, web portals etc. Resolution of tickets fresh & pending
• Selecting appropriate AWS service to design and deploy an application based on given requirements.
• Automated network implementations and tasks and designed monitoring tools using python scripting.
• Dealt with creating VIP(virtual servers), pools, nodes and applying I Rules for the virtual servers like cookie persistency, redirection of the URL
• Experience working with Juniper devices like EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX650, SRX240.
• Experience Supporting EIGRP, OSPF and BGP based network by resolving level 2 & 3 problems of internal teams & external customers of all locations
• Experience with configuring BGP, OSPF in Juniper MX series routers for branch/back office locations.
• Experience in configuring all Palo alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments
• Diagnose and trouble shoot wireless issues related to Cisco Meraki
• Responsible for providing ongoing support to application centric infrastructure (ACI) solution.
• Assist with configuration and implementation of ACI and APIC
• Helped team to deploy 100 APs with 15 Switches, Cisco Nexus, Cisco Meraki and 2 Wireless controllers.

Confidential, San Diego, CA

Sr. Network Engineer

Responsibilities:

• Upgrade PAN-OS in Palo Alto firewalls.
• Configure Security Profiles such as Antivirus, Anti malware, Threat Prevention, Vulnerability
• Implement URL filtering on Palo Alto Firewall and control access to restricted sites.
• Configure and troubleshoot IPSEC VPN form Site to Site with Cisco, Checkpoint Devices as peer.
• Configuring and troubleshoot Global protect SSL VPN for Work from Home Users on Palo Alto
• Configuring Security Policies for Access control, inter zone connectivity, External Access on Palo Alto Firewall.
• Configure NAT polices on Palo firewalls as per requirements.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Panorama firewall management tool to administer Palo Alto 5050, & 5250 device groups.
• Worked in configuring Azure AD and Conditional access policies.
• Designed and configured Azure Virtual Networks (VNets), subnets, Azure network settings, DHCP address blocks, DNS settings, and security policies and routing.
• Designed Network Security Groups (NSGs) to control inbound and outbound access to network interfaces (NICs), VMs and subnets.
• Setup Azure Virtual Appliances (VMs) to meet security requirements as software based appliance functions (firewall, WAN optimization and intrusion detections).
• Worked on Infoblox to provide DNS, DHCP, IPAM, administration services.
• Configuration and Deployment Big IP F5 LTM and GTM load balancers from a Scratch at the Chicago Data Center Location.
• Automated network implementations and tasks and designed monitoring tools using python scripting.
• Included Day to Day activities Include Incident Resolution and Service Request for Creating new WIP and VIP are on the F5 LTM/GTM. Virtual Edition and the F5 Big IP VIPRION 4800, 4480 Hardware.
• Configure Server Pool, Pool Members, and Server nodes for a VIP.
• Software Upgrade projects across F5 Upgrade of Big-IP from 11.6 to 13.0
• Troubleshoot issues related to Application slowness by Analyzing nodes, Health monitors, and Server pools.
• Management of F5 LTMs & GTMs Load Balancers. This Includes Incident Resolution Tickets, Service Request Tickets, renewals.
• Configuration and troubleshooting of Issues related to VIP’s, Server pool’s, Redundancy, Persistence,
• SSL offloading to improve application performance.
• Experience working with Cisco Nexus 7700, 5500, 2148, 2248 series in Data Center Environment.
• Performed ISSU to upgrade to Core Nexus 7k switches
• Decommission of legacy Cisco 6500’s, Cisco 4500’s and Deployment of new 6807 to replace the 6500.
• Configure OSPF & Troubleshoot issue’s related to OSPF as Internal Routing Protocol.
• Perform Layer 2 switching and Layer 3 routing within a Data Center Environment, between Core, Distribution& Access Layers
• Configure and Troubleshoot Issues related to Port Configuration, Port security, VLan Configuration, Inter VLan routing, Ether-Channels, Port Channel, Trunking, Spanning tree, SNMP. Etc.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and downstream devices.
• Implemented DHCP, DNS, IPAM configuration on the servers to allocate, resolute the IP addresses from
• Worked on Infoblox Management of replication between Grid Master and member appliances
• Experience with CA Suite, Spectrum Network Monitoring tool.

Confidential, Dallas, TX

Sr. Network Engineer

Responsibilities:

• Experience working with Nexus 7010, 5020, 2148, 2248 devices
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000
• Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco ASA Firewalls, NAT and Juniper SRX firewall
• Converting PIX rules over to the Cisco ASA solution.
• Perform network engineering, design, planning (WAN & LAN), & implementation.
• Managing Access list for PIX and Routers (Priority based, time based)
• Worked on F5 load Balancer, configured Virtual servers, pool, pool members, worked on load balancing methods for LTM.
• Configured virtual servers, nodes and load balancing pools on the F5 LTM 6400, 6800 devices for various medical/biomed applications and their availability
• Configured firewall filters, routing instances, policy options, on Juniper m320 an d T640
• Installed & configured OSPF on Frame-Relay with multi-area design in core routers (7200, 7204, and 7206).
• Design OSPF Areas for reliable Access Distribution and for Core IP Routing.
• Design and deployment of Enterprise Wireless services in facilities using Cisco product line.
• Identifying, troubleshooting and resolving incidents related to Wireless connectivity, as well as conducting wireless site-surveys and deploying Lightweight APs
• Study single point failures & design WAN structure in such a way that there are no failures in network in case of any device or link failure.
• To Configure and maintain the hosts in SAN environment.
• Network Migration from RIP to OSPF
• Work with developers to document data flows and troubleshoot connectivity issues.
• Add, delete, and modify rules on Checkpoint firewalls.
• Setting up VLANS and configuring ISL trunk on Fast-Ethernet channel between switches
• Implemented SNMP on Cisco routes to allow for network management
• Installed and configured Routers, Bridges, Terminal Servers and CSU/DSU’s to support WAN links
• Redistribution of routing protocols and Frame-Relay configurations
• Configured QoS on LAN/WAN. Strong knowledge of various routing protocols including RIPV2, EIGRP, OSPF and BGP4
• Designed Network redundancy by implementing HSRP (Hot Standby Routing Protocol) on Cisco routers.
• Deployed a large-scale HSRP solution to improve the uptime of collocation customers, in the event a core router became unreachable

Confidential

Network Engineer

Responsibilities:

• Involved in redesign of traffic anomaly system to increase the detection method and algorithm efficiency.
• Capturing data in the kernel stack and analyze the packets in various locations on the network stack
• Experienced in WAN environments, installing and troubleshooting data circuits (OC, T1, E1, T3, MUXES)
• Worked on ASA firewalls and F5 load balancers
• Understanding current vulnerabilities attacks and counter measures, assessing the impact of traffic on customer networks, conducting research on emerging security threats.
• Mentoring and security analysts, creating and maintaining documentation for Traffic anomaly Sys.
• Experience testing of a prototype Traffic Anomaly system that monitors TCP/IP network traffic. Each network packet is characterized by the (source host, Source port, destination host, Destination port, Flag). The system monitors the network for the occurrence of mismatch, which represent unusual traffic patterns within the network.
• Assist internal project teams by determining rules that need to be added to the firewalls and identifying the proper routing and addressing for new devices in managed DMZ*s.
• Experience in troubleshooting of complex BGP and OSPF routing problems
• Experienced in SYSLOG analysis & Proxy servers