SUMMARY

• A network engineer professional with 8 plus years of experience and an immaculate track record in handling network infrastructure projects and training, resolving and optimizing computer network systems
• Experience with the escalation problems for Routing, Switching and WAN connectivity issues using ticketing systems like remedy and Magic
• Worked on Cisco 7200, 3800, 3600, 2800, 2600, 1800 series Routers and Cisco 2900, 3500, 4500, 5500, series switches. Advanced knowledge in design, installation and configuration of Juniper Net Screen Firewall, SSG series and NSM Administration
• Experience working on CISCO NEXUS data center infrastructure with 2000, 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2148, 2248)
• Proficiency in configuration of VLAN setup on various Cisco Routers and Switches
• Strong experience with TCP/IP concepts, routing protocols, and services
• Expert in installing and maintaining LAN, WAN, and Internet protocols and services
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for datacenter access architecture.
• Experience in Network Management Tools and sniffers like SNMP, Wireshark and ScienceLogic
• Hands - on experience using Cisco Virtual Switching System (VSS)
• Configuring cisco switches with NX-OS and IOS-XE & implementing VLANs
• Extensive hands-on experience with complex routed LAN and WAN networks, routers and switches.
• Design, configure, troubleshoot and implement wireless and/or data networking (LAN/WAN) solutions for mid-sized to enterprise-level clients
• Work as Layer 3 IP Network Engineer on ASR9k Edge router with IOS-XE Platform in a network lab environment.
• Experience with DNS/DFS/DHCP/WINS Standardizations and Implementation
• Experience in Network LAN/WAN deployment
• Experience in Implementing, Maintaining, and Troubleshooting L2 Switching tasks: VLANs, VTP, VLAN Trucking (ISL/802.1Q), STP, RSTP, PVST, PVST+
• Good knowledge on VLAN Trunk Protocol (VTP)
• Cisco ASA series, Juniper SRX and SSG series, Check Point VSX series, Cisco PIX and Palo Alto Firewalls Administration
• Create and test cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs
• Worked extensively on Cisco ASA 5500 (5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution
• Configuration of IPSEC, DMVPN and GRE tunneling technologies in cisco ASA’s
• Deployment of Palo Alto Firewall into the network. Configured and wrote Access-list policies on protocol-based services
• Excellent exposure to Database, VPN technologies, Firewall, network security, and remote access solutions
• Troubleshooting of protocol-based policies on Palo Alto Firewalls and changing the policies as per the requirement and as per traffic flow
• Experience deploying BIG-IP F5 LTM, GTM Load Balancers for load balancing and traffic management of business application
• Knowledge of methodology and architecture of private cloud (Open stack) and public cloud (AWS & Microsoft Azure).
• Experienced in AWS Cloud services including EC2, VPC, S3, Route53 and monitoring using Cloud Watch
• In-depth understanding in implementing and configuring F5 Big-IP LTM 3600, 4200, 6950 and 8950 Load Balancers
• Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, NATing, sub-netting, also including DNS, WINS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP (Spanning tree Protocol), RTSP & Multicasting protocols
• Designed and implemented the F5 LTM's (3600, 4500, 6900, 8950 etc.)
• Implemented F5 in both Active/Active & Active/Standby mode
• Managed SSL offloading on the F5 LTM
• Architect, design, implement, and deploy SD-WAN and security
• Extensive knowledge of Cisco, Foundry, Nortel, Netscreen, and other network vendor familiarity
• Expert in configuration of VPN, VoIP, BGP, IPSEC VPN, and EIGRP
• Installed and configured Citrix NetScaler, Access Gateway and Load Balance Web Interface/CSF
• Access control server configuration for RADIUS & TACACS+
• Knowledge of advanced technologies like Multicasting, MPLS and MPLS-VPN
• Remarkable knowledge of Windows Server, Linux, DNS, SQL Server, DHCP, and Active Directory
• Comprehensive knowledge of SNMP, NetFlow, and Syslog
• Excellent communication, teamwork, and task prioritize skills

TECHNICAL SKILLS

Firewalls & Load Balancers: Cisco ASA 5585, 5550, 5540, Juniper SRX 5400, 5600, 5800, Juniper Netscreen 6500, 6000, 5400. Juniper SSG Firewalls, Check point, Palo Alto PA-3060/2050, F-5 BIG-IP LTM (3900 and 8900), Blue Coat SG8100, Citrix NetScaler Load Balancers.

Routers: Cisco routers (1900, 2600, 2800, 2900, 3600, 3800, 3900, 7200, 7600), Cisco L2 & L3, Juniper routers (M7i, M10i, M320).

Switches: Cisco switches (3560, 3750, 4500X & 6800), Nexus (2248, 3500, 5500, 7700 & 9000)

Routing: RIP, EIGRP, OSPF & BGP, Route Filtering, Redistribution, Summarization, Static routing.

Routing Protocols: RIP, OSPF, EIGRP, and BGP.

Switching Protocols: VTP, STP, RSTP, MSTP, VLANs, PAgP, and LACP.

LAN Technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, NAT/PAT, FDDI.

WAN Technologies: FRAME RELAY, ISDN T1/E1, PPP, ATM, MPLS, SD-WAN, leased lines, DSL modems.

Secure Access Control Server: TACACS+/Radius.

VOIP Devices & Wireless Technologies: Cisco IP phones, QOS, Avaya, CUCM, UCCX, CIPC and UCS.

Wireless: LWAPP, WLC, WCS, Aruba, Standalone APs, Client Roaming, Wireless Security Basics, AP groups, WLANS, Cisco Prime Site Maps.

Network management: SNMP, Cisco Works LMS, HP Open View, Solar winds, ACI, Etheiral.

Layer 3 Switching: CEF, Multi-Layer Switching, Ether Channel.

Carrier Technologies: MPLS, MPLS-VPN.

Redundancy protocols: HSRP, VRRP, GLBP

Security Protocols: IKE, IPsec, SSL, AAA, Access-lists, prefix-lists.

QOS: CBWFQ, LLQ, WRED, Policing/Shaping.

Monitoring Tools: Voyence, packet tracer, Wireshark, Opnet, GNS3, InfoBlox and Solar winds.

Security Technologies: Cisco FWSM/PIX/ASDM, Nokia Checkpoint NG, Juniper SRX, McAfee proxy servers, Fortinet FortiGate 100 and 1500D, Bluecoat.

Operating Systems: Microsoft XP/Vista/7, 10, UNIX, LINUX, Redhat.

Responsibilities:

Confidential, East Peoria, IL

Data Center Network Engineer

Responsibilities:

• Responsible for configuring the Fabric Policies and the Tenants in the Cisco ACI
• Responsible for upgrading the APIC, Leaf and Spine Nexus 9K switches in ACI mode
• Responsible for assisting the team in configuring, upgrading the Citrix NetScaler VPX instances in the new environment
• Responsible to apply Cisco SMU to the Nexus 3K switches to fix security vulnerabilities
• Responsible for assisting in migration project by configuring and troubleshooting the Nexus 7K, 5K and 3K switches
• Responsible for resolving incident tickets in the ServiceNow ITSM tool within the SLAs
• Responsible for providing the on-call support to the enterprise issues in a rotational basis
• Experience in testing the POSTMAN tool to POST/GET the configuration on to the lab ACI using JSON or XML file formats, which can automate tasks
• Responsible for setting up a disaster recovery environment under the new Tenant in Cisco ACI fabric and in support of Cisco’s Multi-Site Orchestrator in future
• Responsible for monitoring the Data center Network switches and ACI fabrics using the ScienceLogic monitoring tool
• Responsible for providing the on-call support to the enterprise issues in a rotational basis
• Experience in Auditing, Archiving and performance tuning of Remedy and service now Setups.
• Hands on experience on various IT services of service now tool like services Catalog Requests, Asset Management, Configuration Management, service now Administration, Incident and Problem Management, Knowledge Management, Reporting, Integration with Web services
• Good knowledge of CMDB and Asset Management services: Business services and Configuration item relationships.
• Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E.
• Experience working on CISCO NEXUS data center infrastructure with 2000, 5000 and 7000 series switches by enabling networked devices to communicate TEMPeffectively
• Hands-on knowledge in configuring cisco 3500, 4500 series switches to implement information sharing and resource allocation for increased productivity.
• Helped in setting up P2P OSPF connection on the Cisco and juniper routers like MX, EX, ASR series devices with their current network
• Incorporate Cisco Nexus 9000 NXOS to ACI fabric to work in concert with existing Nexus 7000s and ASRs for Multi-Protocol Label Switching (MPLS)
• Working knowledge of frame relay, MPLS services, OSPF, BGP and EIGRP routing protocols, NATing, sub-netting, also including DNS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, WISM, STP (Spanning tree Protocol), RTSP & Multicasting protocols
• Configured networks using routing protocols such as RIP, OSPF, BGP and manipulated routing updates using route-map, distribute list and administrative distance for on-demand Infrastructure
• Working on troubleshooting, implementing and configuring new devices and helping them to build new data center and moving devices from one data center to another by moving all devices.
• Deployed VXLAN on the Nexus 9000 to map the physical VLANs to the Virtual Overlay VLANs.
• Supporting EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations

Environment: Cisco Switches: Nexus 2000, 3500, 5000, 7000, 7700, 9000 | Load balancers: Citrix NetScalers

Confidential, Glen Mills, PA

Sr. Network Security Engineer

Responsibilities:

• Experience in Auditing, Archiving and performance tuning of Remedy and service now Setups.
• Strong skill set in the service now suite development including SOAP/REST integration, Web services, Discovery, Workflow, and CMDB.
• Configure Juniper/Netscreen Firewalls in very complex environment
• Managed firewalls using Palo Alto's Panorama Central Management Software
• Used tools including Tufin and Splunk to monitor firewall traffic and troubleshoot network access
• Configuration, implementation, and problem determination across the major firewall platforms and understanding each customer environment at a detailed level
• Deployed, implemented, configured and managed Cisco FWSM and ASA Firewalls, Cisco IDS/IPS, Cisco ISE, Wireless Controllers/APs and Cisco Meraki Cloud Wireless Security on high volume critical production environment.
• Conducted and performed security review and testing of Cisco ASA, Cisco FWSM Firewalls, Cisco Routers, Cisco WLANs Controllers/APs and Cisco Meraki Cloud WLANs based on NIST, SOX, ISO 27001 and PCI DSS compliance standard.
• Configured and performed automation, manual, dynamic and static testing of Cisco Devices and Web Security Appliances with Perl and Java Scipt for security vulnerabilities and attacks mitigation.
• Configured and managed OSPF, BGP, HSRP, VRRP and ARP security vulnerabilities defense and mitigation.
• Deployed, configured and implemented Imperva SecureSphere WAF and DAM, WebInspect, Appscan, OWASP for Web-based application vulnerability analysis and code review process.
• Conducted and Performed Vulnerability Assessment and Penetration Test on the perimeter network, systems and applications based on SOX, ISO 27001 and PCI DSS Compliance Standard.
• Deployed and implemented Wireshark, HPING, Retina Iris, Nessus, NMAP, Netflow, Device Engine Firewall Analyzer and Solarwind for security vulnerability event monitoring, packet and traffic analysis.
• Reviewed and analyzed application codes for Cross-Site Scripting, CSRF, SQL Injection, parameter manipulation and brute-force attacks.
• Coordinated and managed Network, Systems and Application security vulnerability activities with developers and engineers both in the US and India to evaluate and analyze software and application codes security threats and risk.
• Analyzed and Coordinated security vulnerability activities with Cisco Security Incident Management Team on latest and emerging security vulnerabilities.

Environment: Cisco Switches: 2000, 3500, 4500, 5000, 7000, 7010, 9000 | Cisco Routers: 7613, 7201, 3945E | Juniper routers: MX, EX, ASR | Firewalls: Juniper (SRX, SSG), Cisco ASA, Palo Alto | Load balancers: F5 (BigIP, LTM, GTM)

Confidential, Glen Allen, VA

Network Security Engineer

Responsibilities:

• Implementation and Troubleshooting Cisco Routers such as Cisco 1900, 2900, Cisco ASR 1k and Cisco 9k.
• In-depth expertise in the implementation, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Installation, configuration and maintenance of Cisco Routers like 2600, 2800 and 3600 series.
• Configuration and troubleshooting of various routing protocols like RIP, EIGRP and OSPF.
• Configuration of layer 2 Cisco switches for VLAN and Trucking
• Deployed Cisco Catalyst 6500, 4500, 4000, 3750, 3850, 3560 (Layer 2 through 7) and Cisco ASR 1000, 7000, 9000 series routers.
• Experienced working with Nexus OS, IOS, CATOS and Nexus 7K, 5K & 2K Switches.
• Deployed Juniper switches EX4500 and EX4200, routers M7i and M10i and Junos OS
• Worked and performed troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as EIGRP, OSPF, and BGP ability to interpret and resolve complex route table problems.
• Deployed Cisco 2500 and 5800 Series Wireless Controllers and 1xxx and 2xxx series Access Points.
• Troubleshooting the Juniper SRX100 and 110 series, Juniper NetScreen routers with Site-Site VPN, and firewalls
• Set up the Citrix Command Center with the Netscalers to actively monitor the server status and alerting TEMPhas been set up in the event of server down.
• Migrated NT 4.0 Servers to Windows 2000 Servers. Maintained Microsoft Servers and managed Active Directory.
• Load balancing through Citrix NetScaler and F5-VIP, Proxy, nodes, pools, iRules through scripts
• Expertise in configuring and troubleshooting of Palo Alto, Juniper NetScreen & SRX Firewalls and their implementation.
• Experience with Security- Firewalls, NAT / PAT, IPSEC, S2S.
• Set up and maintain various VPN tunnels between AWS and our different co-locations, utilizing static routes and BGP with Fortinet FortiGate firewalls
• Configuring Palo Alto policies and setting different device configurations.
• Developed and implemented POC for SD-WAN implementation, testing Silverpeak, Viptela, and Cloudgenix SD-WAN
• Experience working with Infoblox Management tool and worked with Extreme networks wireless devices like Access points AP3705, AP3610.
• Expertise in Cisco ASA 5525 firewalls with ACL security in a multi-VLAN environment.
• Installed and configured Microsoft Windows Server 2003/2008 Network Infrastructure.
• Configured Multiprotocol Label Switching (MPLS) VPN with Routing Information Protocol (RIP) on the customer’s stage.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using Panorama
• Actively participated in upgrading Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches at access level to 2950, 3550.
• Worked and maintain documentation and Visio diagrams as it relates to network configuration, network mapping, processes, and service records.
• Experience with ALG (RTP, RTSP and FTP, DNS, HTTP), DHCP.
• Worked with ITIL (Information and technology information library) for managing our services.
• Review and optimize firewall rules using Secure Track Tufin tool and run firewall audit reports
• Knowledge working with API’s for troubleshooting Network issues using Wireshark and NTOP.
• Configured static NAT, dynamic NAT, dynamic NAT overloading.
• Configuring and monitored different monitor modules F5 BIG-IP LTM F5 and DNS traffic Management
• Worked on RSA, AAA, & RADIUS.
• Worked on Troubleshooting with the TCP dumps and wire shark.

Environment: Cisco Switches: 1900, 2900, 4500, 6500, 3750, 3550, 5000, 7000, ASR1k | Juniper Switches: EX4200, EX3200 | Juniper routers: MX, EX, ASR | Firewalls: cisco (ASR, ASA 8.4), Checkpoint, Palo Alto | Load balancers: F5 (BigIP, LTM, GTM) | TCP/IP, VPN, L2vpn, VPLS, VPWS, TACACS+ | Ticketing tools JIRA, Remedy

Confidential, Detroit, MI Dec

Network Engineer II

Responsibilities:

• Experience with converting cisco catalyst 6500 switches to Cisco Nexus in the data Center environment
• Associate. Responsible for design, installation, configuration, administration and troubleshooting of LAN/WAN network infrastructure and security using Cisco and juniper routers
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5585 Security appliance
• Configured cisco ASA 5510 firewall to establish logical separation between Legacy network & lab environment.
• Migrating the policy from cisco ASA firewalls into Palo-Alto & vice versa.
• Experience in migration with both Checkpoint and Cisco ASA VPN.
• Involved in Configuration of Access lists (ACL) on ASA firewall for the proper network routing
• Maintaining Checkpoint security policies including NAT, VPN and Secure Remote access
• Implemented Zone Based firewall and Security Rules on the Palo Alto Firewalls
• Extensive hands-on experience in Palo Alto, Juniper and Cisco network design, deployment and troubleshooting
• Experience with Palo Alto Firewall Administration, Rule Analysis, Rule Modification
• Designed and implemented dual layer high availability Palo Alto Firewall network with multiple layer 2 DMZs with virtual port channels
• Partnered with vendor to replace all core networking hardware, which included replacing Catalyst switches with Nexus architecture, Cisco 2800/2900 routers with Cisco 4000 series ISR, utilizing Cisco iWAN technology
• Implementation and Configuration (Profiles, I Rules) of F5 Big-IP LTM-3600 load balancers
• Routine Administration (Design, Implementation & Operations support) of Citrix, BIG-IP and F5 load balancers
• Dealt with creating VIP (virtual servers), pools, nodes and applying I Rules for the virtual servers
• Regularly performed firewall audits around Checkpoint firewall solutions for customers.
• Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing
• DMZ environments to support new and existing application platforms.
• Provided Layer-3 redundancy by implementing HSRP and GLBP for High availability
• Experience configuring VPC, VDC and ISSU software upgrade in Nexus 7010
• Worked on external customer wireless network infrastructure
• Utilizing SSH and Putty to perform diagnostics on F5 devices and Proxy Devices
• Performed implementation for USMC WebFilter Project to ensure deadlines are meet by creating tickets
• performing installs, working with SFOCs in Bluecoat Proxy setup and configuration
• Performing troubleshooting on Windows Server 2003/2008, to limit downtime for users.
• Installing various patches on Windows Server 2003/2008 to ensure the stability of the server OS
• F5 configuration for newly setup web sites and Bluecoat ProxySG
• Performed F5 configuration for Technical Refresh Project
• Created policy for Bluecoat ProxySG network appliances for the enterprises
• Leverage understanding of LAN/WAN technologies to support, design, and integrate complex wireless LANs
• Worked with a team on planning, designing, configurations, deployments and support of LAN/WAN/WLAN infrastructure
• Worked with VMware hypervisor and virtualization monitoring tools.
• Configuring VPN's Cisco ASA and Fortinet firewalls
• Participated in the evaluation of vendor hardware, software, and wireless communications products
• Operational support and troubleshooting of production wireless network issues
• Provided technical support case escalation for customer wireless infrastructure
• Documentation of advanced enterprise wireless solutions and designs
• Wireless design and validation, including RF site surveys of complex indoor and outdoor deployments
• Experience working with ASR 9000 series switches and routers with IOS-XR
• Experience with deploying PIM Sparse-mode/Dense-mode multicasting in Campus locations.

Environment: Cisco Switches: 6500, ASR 9K | Firewalls: Cisco (5585, 5510) | Load balancers: F5 Big-IP LTM-3600

Confidential

Network Engineer

Responsibilities:

• Actively participated and completed many projects based on MPLS VPN, Internet Solutions for corporate customers Backbone.
• Actively participated Implementation and customization of customer network.
• Hands on experience working on Cisco 7600, 12K, ASR routers & Juniper MX series and Juniper BRAS.
• Currently working on wireless upgrade project for Allegheny Health network and their EPIC roll out.
• Designing, Provisioning and Installation of the Customer Sites in Oracle IPSA for MPLS Backbone.
• Verifying IPv4/IPv6 Addressing Architecture.
• Verifying Dynamic Host Configuration Protocol for IPv6 (DHCPv6) and DNSv6 options.
• Performed wireless network design, site surveys, as well as Troubleshooting and repairing any issues that occurred on site.
• Managing proxy server for branches and head office for internet access through Bluecoat Proxy SG600 for URL Filtering, traffic acceleration and visibility reporting with Bluecoat reporter.
• Configuration and troubleshooting of many link types i.e. SONET Controllers for sub E1/T1, E3/T3 and POS controllers for STM1 links.
• Provided tier 3 support for Checkpoint Firewall-1 software to support customers.
• Work on Checkpoint Platform including Provider Smart Domain Manager. Worked on configuring, managing and supporting Checkpoint Gateways.
• Implementation and testing of ISDN BRI/PRI circuits.
• Migrated Vlans from ASA (perimeter firewalls) to FWSM’s for better security management
• Worked closely with RIR (Regional Internet Registry) to procure PI (Provider Independent) and PA
• Responsible for troubleshooting complex networking issues in service provider MPLS & internet
• Aggregately) IP addresses and AS numbers for COLT and customers.
• Set up DNS Reverse Delegation according to RIPE rules in RIPE Database.