PROFESSIONAL SUMMARY:

• 9 years of professional experience in Planning, Implementing, Configuring, Troubleshooting of networking system on both Cisco and Juniper Networks.
• Experience wif design and implementation of Palo Alto Firewalls.
• Experience wif the escalation problems for Routing, Switching and WAN connectivity issues using ticketing systems like remedy and Magic.
• Worked on MX - 80, MX-480, SRX-100, SRX-110, SRX-550 and EX-4200 Juniper devices
• Experience working on ASA (5505/5510/5540/5585 ) Firewalls, Juniper (SRX 110/210/220/550 ).
• Experience in working wif Cisco Nexus Switches and Virtual Port Channel configuration
• Worked on escalations and activates new turn up for new clients and advance troubleshooting for the sdwan deployment in both ISP and network infrastructure on both versa and cisco viptela SDWAN Solution
• Worked wif Server load-balancing utilizing F5 LTM-Big IP, including APM, ASM and viprion device modules.
• Worked on modems, routers, switches and Cisco ISE Wireless network systems.
• Experience deploying BIG-IP F5 LTM, GTM Load Balancers for load balancing and traffic management of application
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500 wif ACL, NAT, Object Groups, Failover, Multi-Contexts.
• Experience in Network Management Tools and sniffers like SNMP, Wireshark and Cisco works to support 24 x 7 Network Operation Center
• Experience working wif network Automation using Python
• Hands-on experience using Cisco Virtual Switching System (VSS)
• Interacted wif team to work on Multicasting, MPLS and MPLS-VPN
• Worked on CISCO NEXUS data center infrastructure wif 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2248)
• Experience working wif CISCO Nexus 9000,7000, Nexus 5000, and Nexus 2000 platforms
• Worked wif Cisco ACI fabric networks, including python automation. Worked on Great exposure to SDN and Network virtualization technologies like Cisco ACI.
• TEMPEffectively communicate wif internal Account Executives and potential clients to assess and make solution
• Worked on Cisco catalyst switches (9410, 9300) series, Nexus (2k, 5k,7k& 9K) series, and Juniper (EX2300/ EX3400).
• Designed, configured, implemented site-site VPN on Cisco ASA 5500 firewall.

TECHNICAL SKILLS:

Routing Protocols:: BGP, OSPF, IS-IS, IGRP, EIGRP

Security:: Cisco ASA, Check point, Juniper SRX, Palo Alto, Cisco ACISwitches: Cisco Catalyst 2960, 3500, 3750, 3850, 4500, 4900, 6500, Nexus

9K, 7K,5K and 2K series, ASA 5506-K9 wif Firepower

Routers:: Cisco 2800, 2900, 3800, 3900, 7200 and 7600 series routersJuniper M & T Series

L2 Switching:: VLAN, VTP, STP, Dot1Q, RSTP, DTP, PVST and MST

L3 Switching:: Ether channels, HSRP, GLBP

Communication Protocols:: TCP/IP, UDP, DHCP, DNP, ICMP, OSPF, DNS, MPLS,VPN/VRFSNMP, ARP, RARP, PPP

WAN: : Frame Relay, ATM, T1, T3, OC3, OCX, OC48, MPLS VPN

Physical:: Ethernet, Fast Ethernet, Gigabit Ethernet, Serial

Network Management Tools:: MRTG, HP Open view, Cisco WAN manager and Cisco works

AAA Architecture:: TACACS+, RADIUS, Cisco ACS

Tools: Wireshark, VMware, tcpdump,Splunk

Operating System:: DOS, Windows XP, Vista/7/8/10, Cisco IOS, Linux, MacOS

PROFESSIONAL EXPERIENCE:

Confidential, Lancaster, PA

Network Security Engineer

Responsibilities:

• Worked on Palo Alto PA-5050 design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configuring HA pair for two Palo VM-300 series AWS instance firewalls and testing the failover activity as well as ENI migration.
• Worked on wild fire advanced malware detection using IPS feature of Palo Alto Firewalls.
• Experienced in implementing and managing F5 BIG-IP load balancing, including APM, ASM, and custom iRule development.
• Designed and implemented a secure instant messaging system in Python providing interface state changes on the devices to support team.
• Upgrading code on Palo alto firewalls PA 5050 Version 9.0 to meet company security policy
• Involved in configuring Palo Alto PA 7020 firewall from the scratch
• Installed and configured Palo alto images in AWS cloud
• Configured rules and maintained Palo Alto Firewalls & analysis of firewall logs using various tools
• Deploying and managing SD-WAN solutions(Viptela, Citrix) for large-scale enterprises
• Update customer networks by configuring routers, switches, and in corporate the SDWAN into the network design
• Used packet analysis tools such as Wireshark and Tcpdump in order to troubleshoot and solve network
• I has worked on Aruba Wireless Access points 320 and 220 series and also Aruba controller 7210,
• Experience in Designs and implements Palo Alto firewalls
• Worked on setup and installation of Cisco ASAs configured it for URL filtering.
• Configured EPG, update APIC, implement access and fabric policies in Cisco ACI environment.
• In corporate Cisco Nexus 9000 NXOS to ACI fabric to work in concert wif existing Nexus 7000s
• Configured Cisco ASA (5540/5550) Firewalls.
• Implemented and deployed Aruba Clear Pass wifin an enterprise Cisco LAN/WLAN infrastructure
• Focused on working wif Cisco Channel partners to build practices around Cisco ACI.
• Experience wif configuring FCOE using Cisco nexus 5548.
• Provide NSX Micro-Segmentation Security for ASW Data Center.
• Perform technical problem resolution including analysis, trouble isolation, and repair on SDWAN devices.
• Used security groups, network ACL’s, internet gateways and route tables to ensure a secure zone for organization in AWS public cloud.
• Helping the cloud architecture wif next steps on proof of concept wif AWS,
• Monitored, analyzed and resolved security incidents relating to ACLs, IDS/IPS, VLAN, Routing, Switching, VPN and ASA firewall, implementing network security autantication.
• Involved in the Migration of policy from Cisco ASA firewall into Palo Alto Firewalls
• Worked on Palo Alto IPS/IDS Systems, Splunk log monitoring tool, Qualys vulnerability
• Implemented antivirus and web filtering on Juniper SRX 550 at the web server.
• Actively managing tasks assigned to transition from legacy Switches to Cisco ACI (Data Center Application Concentric Infrastructure) device
• Automated network implementations and tasks and designed monitoring tools using python scripting.
• Worked extensively on Cisco ASA 5500(5510/5540) series
• . Implementation and Configuration ( Profiles, I Rules) of F5 Viprion 4450 and 4480 load balancers

Confidential, Chicago, IL

SR Network Security Engineer

Responsibilities :

• Configured Nexus 7010 including NX-OS Virtual Port Channels, Nexus port profiles, Nexus Version 4.2 and 5.0, Nexus VPC peer links.
• Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP.
• Integrate services appliances to Cisco ACI deployments to include Application Delivery Controllers and Firewalls.
• Implemented Cisco Application Centric Infrastructure (Cisco ACI) as a solution for data centers using a Spine and Leaf architecture. Conduct mentored installation of Cisco ACI as well as providing support post migration.
• Worked in setting up Azure Services viz. VMs, Storage Accounts, Vnet, Subnet
• Experience in Azure network, VPN and Express route, Azure DNS, Traffic Manager, and Load Balancers
• Azure Platform development and deployment Lifecycle
• Migrating 4000+ UDN (Utility device Network ) to cisco ISE in the first phase of the project. Second phase is to migrate 6000+ ODN (Operation device Network) to ISE
• Interacted wif Network SME for the NextGen Datacenter Cloud Architecture, using Cisco ACI and Nexus
• Participated in the installation, configuration, and post-installation daily operational tasks and configuration of the deployment of Cisco Nexus equipment.
• Designed 10/40-gigabit networks using Cisco Nexus 9000 series switches, and Cisco 3800 series routers.
• Experience wif convert Cisco ASA VPN rules over to the Palo Alto solution.
• Migration wif Cisco ASA VPN experience
• Configured Cisco ISE for Wireless and Wired 802.1x Autantication on Cisco Wireless LAN.
• Supported the Data center network infrastructure consisted of multiple Nexus 9Ks, 7Ks, 5Ks, 2Ks
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Deployment of enterprise firewalls (Palo Alto Networks, Cisco ASA) in production environments
• Ability to work wif end users to troubleshoot and solve their Pulse Secure VPN problems.
• Configuring and managing F5 ASM (Application security manager). Developed security policies.
• Created documents for various platforms including Nexus 9K, 7k, ASR9k, and ASR1k enabling successful deployment of new devices on the network.
• Provided design and Contrail SDN/ NFV networking support using Cisco ACI
• Creating or Modifying Firewall rules on Palo alto VM-300 devices.
• Managed successful delivery of massive security response portfolio including Splunk and Cisco ISE.
• Responsible for the conversion of the existing environment from an EIGRP to OSPF setup to facilitate the migration of Core from Cisco to Juniper.
• Maintained Palo Alto firewalls Creating zones, adding rules and maintained the policies on PA 220 series,3020,522
• Worked along wif a team on the network automation through Ansible.
• Tuned BGP internal and external peers wif manipulation of attributes such as metric, origin and local p.
• Experience wif Juniper EX2300, 4650, QFX 5100, 5200, J series, M series and MX routers for Core, Distribution and WAN connectivity.
• Experience in working in panorama, Palo Alto user interface version 8.0.2 and VM-300 series firewalls.
• Creating templates in panorama to manage the individual devices from it.
• Responsible for Configuration of Palo Alto 5050 devices wif layer 7 filtering of traffic traversing the internet.
• Implemented Cisco ISE (Standalone, Distributed Setups) for delivering consistent, highly secure access control across wired and wireless multivendor networks and remote VPN connections.
• Upgraded Cisco ISE 2.0 version wif ISE 2.2 code.
• Integrated Cisco ISE wif LDAP sever and configured different features such as wireless onboarding (BYOD), posture assessment settings, wired/wireless NAC.
• Configured VPN tunnels to multiple vendors wif end devices terminating at vendor end being a Cisco/Juniper firewall.
• Perform Configuration changes on BIG IP (F5) Load balancers and also monitored the Packet Flow in the load balancers.
• Primary responsibility is to design and deploy various network security & High Availability products like Cisco ASA other security products.
• Installed, configured and set security policies on Cisco ASA

Confidential, Herndon, VA

Network Engineer

Responsibilities :

• Responsible for service request tickets generated by the halpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes wif all around technical support.
• Implementation, management, upgrade and working noledge of Check Point Firewall as well as the Site-to-Site VPNs, IPS/IDS, etc. in the Checkpoint consoles
• Adding security rules and pushing the security policy on Checkpoint Using Smart Update, User Management and Autantication in Checkpoint Firewall.
• Experience in Design and implementation of Palo Alto firewalls
• Worked on data center segmentation project to create segmentation between the user and server traffic by deploying Palo Alto firewalls (5250s) in the datacenter including cabling to the Nexus 9K,7K VDCs .
• Worked wif SolarWinds monitoring tools and Service Now Ticketing system
• Experienced wif Juniper: EX-2200, EX-4200, EX-4500, MX-480 and M Series, SRX210 and SRX240.
• Install, Configure and Upgrade Checkpoint, Cisco, Palo Alto appliances in the network and build high availability using ClusterXL on checkpoint, Active/Standby on Cisco
• Manage and implement Cisco ISE security and NAC security products, configure NAC appliance and NACprofiler to restrict endpoints based on identity or security postures, enforce policies on BYOD (mobile) devices.
• Configuring user's roles and policies for autantication using Cisco NAC and monitoring the status of logged users in network using Cisco ISE.
• Working on Cisco NAC & Cisco ISE to authorize users based on protocols PEAP and EAP-TLS, also manage and monitor user's access privileges.
• Planning, designing and configuration of various Cisco ISE NAC deployment strategies (Standalone, Distributed Setups) and rollout to production environment
• Assisted in the migration from DMVPN to Cisco Viptela SDWAN, consisting of V-SMART controllers, V-BOND edge routers.
• Installed Palo Alto PA-3060 firewalls to protect Data Center
• Upgraded load balancers from Radware to F5 BigIP v9 which improved functionality and scalability in the enterprise. Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs
• Configuring rules and Maintaining Palo Alto & Analysis of firewall logs using various tools.
• Actively involved in Switching technology Administration including creating and managing VLANS, Port security- 802.1x, Trucking 802.1Q, RPVST+, Inter-VLAN routing, and LAN security on Cisco Catalyst Switches 4507R+E, 6509-E and Cisco Nexus Switches 2232, 5596, 7009 and 9000.
• Worked on setup and installation of Cisco ASAs wif Firepower and configured it for URL filtering.
• Maintaining Checkpoint security policies including NAT, VPN and Secure Remote access
• Responsible for Checkpoint firewall management and operations across our global networks.
• Implementation of Dynamic VPN via SRX Firewalls and Pulse Secure Clients.

Confidential

Network Engineer

Responsibilities :

• Support Network Technicians as they require & support for problem resolution including performing diagnostics, & configuring network devices.
• Involved in Maintaining of Palo Alto firewalls Creating zones, adding rules and maintained the policies on PA 220 series,3020,522
• Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP wif Access Control lists implemented as per Network Design Document and followed the change process as per IT policy It also includes the configuration of port channel between core switches and server distribution switches
• Experience installing & configuring of Cisco ASA & FWSM (Firewall service module).
• Experience wif convert PIX rules over to the Cisco ASA solution
• Worked on F5 Load Balancers, Cisco ASA 5540 Firewalls
• Tuned BGP internal and external peers wif manipulation of attributes such as metric, origin and local P.
• Design and implementation of the LAN IP infrastructure using Layer 2 / Layer 3 switching, STP, Gigabit Ethernet and Trunking / channeling technologies.

Confidential

Network Technician

Responsibilities:

• Experience in Cisco switches and routers: Physical cabling, IP addressing, Wide Area Network configurations.
• Managed IP addressing and implemented IP Access Lists.
• Installed and configured Cisco ASA 5500 series firewall and configured remote access IPSEC VPN on Cisco ASA 5500 series
• Documented the design, implementation and troubleshooting procedures.
• Involved in network monitoring, alarm notification and acnoledgement.
• Configuring and Troubleshooting Routing protocols OSPF, RIP, EIGRP & BGP.
• Also worked in field installing LAN and WLAN Networks, alarms, Central Vac, Surround Sound, Home Audio and smart home systems