SUMMARY

• Senior Network Engineer with good experience in Switching, Routing, Network Security - Firewalls, Load balancers and Wireless Controllers. Experience working in enterprise and data center environments. High level network architecture view of Service Provider and Healthcare environments.
• Experience with Cisco, Juniper, F5, Arista, Dell, HP, Palo Alto, Checkpoint, Aruba hardware and software platforms. Experience in Design, troubleshoot and high level view of Access, Distribution and Core Model and Spine Leaf Model.
• Experience with Cisco 3750, 3850, 2960, 4500, 6500, Nexus 2k, 3k, 5k and 7k switching ware. Experience on Juniper EX and Arista 7000 series Switches in Data Center Environment.
• Experience with Level 1/2/3 troubleshooting in OSPF, BGP, ISIS, VPC, VDC, OTV, MPLS, and Port-Channel. Design and troubleshooting experience in VLAN, Trunking, VTP, STP, RSTP, PVST, 802.1X, LACP, PAGP, HSRP, GLBP, VRRP.
• Designed redundant ISP circuit using BGP, Internal routing with OSPF and Static routes.
• Experience working with Virtualization and Storage team in Network resource Provisioning. Experience configuring IPV4/IPV6 Multicast to support VMware hosts and Storage hosts. Stretching layer 2 VLAN’s on OTV across Data centers for VMotion.
• In-depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and valuable experience on IP services.
• 5 years of experience in working with operating systems like Linux, Unix and Ubuntu.
• Cisco ASA, PA and Checkpoint Firewall troubleshooting and policy change requests, ACL and NAT for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Worked on Creating zones on PA firewalls and writing policies for URL filtering and SSL decryption.
• Experience with access lists, IPsec tunnels, NAT, SSL headers, HTTP headers for layer 7 traffic filtering.
• Experience with migration tool in PA and migration experience from ASA to PA.
• Worked on panorama and well versed with upgrade procedures in PanOs.
• Worked on DMZ zones, F5 LTM and GTM in DMZ for external Applications. Multifactor Authentication for External applications in DMZ using F5-APM.
• Extensive Knowledge on the implementation of Cisco ASA 5500 series and checkpoint R75 firewalls.
• Comprehensive knowledge of wireless networking systems and protocols. 802.11 a, b, g, n in Cisco and Aruba environments. Experience with Local and Master WLC config with over 1000 Campus AP’s with various SSID’s and Authentication methods like Certificate, WPA-PSK etc.
• Experience in F5, Cisco ACE 4710 Load balancers. Migration Experience from ACE to F5 and NetScalers to F5. Worked on critical applications on Layer 4 and layer 7 load balancing. Experience with Virtual server, Pool, Node, Profiles - TCP, http, https, ftp, fastl4, Persistence - Source IP, SSL, Cookie, SNAT, iRules, iAPP, SSL offloading.
• Experience with F5 GTM and in-depth knowledge of DNS, Global level load balancing, Wide IP’ s, Zones, Prober pools, Delegation from Windows DNS server to listener IP.
• Basic experience with troubleshooting Riverbed, Steelhead WAN optimizer for slowness issues, writing policies and in path rules for traffic ingress and egress, deep packet inspection for delay sensitive traffic.
• Strong hands on experience in installing, troubleshooting, configuring of Cisco 7200, 3800, 3600, 3400, 2800, 2600, 2500 and 1800 series Routers, Cisco Catalyst 6500, 4500, 3750, 2950 and 3500XL series switches.
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM, DNS, DHCP and ARP, reverse & proxy ARP, Ping, Traceroute Concepts. Worked on windows DHCP, Infoblox and IPAM for IP reservations
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST. Worked in configuring WLC with the distribution switches and created HA using PVST for different VLANs
• Responsible for network design, projects and support across the globally co-located data center networks. Well versed with maintenance windows, Cutovers in production environment, working with other teams on requirements, communicating with Management on required resources and Change controls.
• Facilitating the automated collection, Analyzing, alerting, auditing, reporting and secure storage processing of all the logs using RSA envision solution.
• Excellent qualities such as Teamwork, Negotiation, Analysis and Communication. Experience with Service Now, Smart IT and Zera.

TECHNICAL SKILLS

Switching: LAN/WAN Architecture, TCP/IP, Frame Relay, VPN, VLAN, VTP, STP, RSTP, PVST, LACPPAGP, HSRP, GLBP, VRRP.

Routing Protocols: OSPF, IGRP, EIGRP, RIP, IS-IS, BGP, EVPN (Spine Leaf Architecture), MPLS

Security Protocols: NAT, ACL, Security Policies VPN, IPsec and GRE tunnels, Firepower, Panorama, F5

Switches: Cisco 3750, 3850, 2960, 6500, 4500, Nexus 2K, 3K, 5K, 7K, Juniper EX and QFX

Routers: CISCO 2600, 2800, 3600, 3800, 7200, ASR-1k, 9k Juniper M & T Series, Cisco CRS.

Firewalls: ASA 5500 series, RX series, PA 200 and 5000 Series, Panorama M100, Checkpoint 4400, Juniper SRX and net screen.

Load Balancers: Big IP F5 LTM, GTM (versions11.4, 11.6,12.1) and APM, ACE, NetScaler 7900.

Layer1: Vast knowledge on structured cabling, data & voice networks, Fiber (SM and MM)SFP.

Operating Systems: Windows 7, Vista, XP, 2000, CentOS LINUX, Puppet, Cisco IOS, Solaris, IOS XR, NXOS.

Network Monitoring: Cisco Works 2000, Wire Shark, Network sniffer & packet analyzer, HR Ping, SolarWindsNCM, NPM, IPAM.

AAA Architecture: TACACS+, RADIUS, Cisco ACS, Aruba Clear pass.

PROFESSIONAL EXPERIENCE

Confidential, Dublin, Ohio

Sr. Network Engineer/ Firewall Engineer

Responsibilities:

• Worked on upgrading the Nexus 7k Core, Distribution Switches in VDC. Documentation of upgrade Plan, All the IP ranges, Access switches, OSPF routing instances, VPC, VDC and OTV.
• Experience working with F5 LTM, GTM pair for internal and external applications load balancing.
• Worked on F5 APM for multifactor Authentication using Improvata and ADFS.
• Worked on windows DHCP, infoblox for IP address management and reservation. Worked on windows DNS to create Alias names and C names for the GTM WideIPs and Delegations.
• Worked on troubleshooting OSPF routing issues internal network. Configured VPN tunnels for remote locations.
• Worked on Layer 2 switching VLAN, Trunking, LACP, STP, and RSTP. Configured VPC for the access layer switches that connects to Distribution N7K’s in VPC.
• Experience working on Juniper E series switches and Arista 7000 series of switches. Experience working on EVPN using BGP for the Spine Leaf Architecture. Configuring Virtual Chassis for Juniper switches EX-4200, Firewalls SRX-210.
• Perform troubleshoot on all voice services for all LAN and WAN hardware modules and configure appropriate communication media modules.
• Knowledge on Avaya Modular Messaging is a powerful IP- and standards-based unified messaging platform designed for single- or multi-site global enterprises.
• Experience working on perimeter firewalls. Worked on PA 200/5000 series of firewalls. Upgrading the code from PanOS 7.1.X to 8.0.X. Experience working on Panorama M100. Migration from Cisco ASA to PA firewalls.
• Experience with PA 200, 500, 3020 and VM series firewalls for both Internet and internal traffic filtering.
• Experience with Panorama M100 series and maintaining up to 23 firewalls in large networks.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls.
• Successfully installed Palo Alto PA-3020 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Hand-on experience on Cisco firewalls (ASA 5500 series) and prior experience with firewall migrations
• Experience with Access policies, NAT Policies, wild fire, threat prevention, anti-virus, anti-spyware profiles and apply them to policies and pushing to various firewalls through Panorama.
• Writing IPsec parameter to build IPsec tunnels in PA firewalls for connecting remote sites where we don’t have MPLS infrastructure. Experience Upgrading from PanOS 7.1.X to 8.0.X. Experience working extensively in 8.0.6
• Experience using Tiffin ticketing tool for firewall requests and taking leadership for all requests on PA firewalls and Panorama.
• Experience on SSL decryption from trust to un trust traffic flow and URL filtering on PA firewalls.
• Experience on adding device certificate for forward trust and forward un trust SSL decryption also SSL forward proxy in PA firewalls.
• Installed PA 200, 500 and 3020 from scratch from console, MGMT config, licensing the required profiles, interface configuration, VLAN assignment, routing etc. Worked with PA log collector. Used packet capture feature for troubleshooting.
• Configured Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus5000 to connect servers and storage devices.
• Implementing and troubleshooting (on-call) IPsec VPNs for various business lines and making sure everything is in place.
• Worked on Riverbed steelhead WAN optimizer for slowness issue troubleshooting. Implemented basic policies and in path rules to traffic ingress and egress.
• Worked on tickets to open firewall ports, write NAT statements, writing ACL’s to allow traffic from one leg to the other.
• Worked closely with Storage and VMware team on providing network resources. Creating VLAN’s, giving redundant ports with VPC, trunking necessary VLANS, allowing IPV4 and IPV6 multicast etc.
• Involved in Data center migration from three layered network architectures to Spine Leaf Architecture on Arista Hardware. Introduced to EVPN. Configured VTEPS, MLAG, VXLAN, and BGP for routing in Spine Leaf Architecture.

Confidential, Austin, TX

Sr. Network Engineer

Responsibilities:

• Worked in both Enterprise and Data Center Environments.
• Worked on Cisco 3750, 3850 and 2960 in Access layer, 3750 Gig and 4500 in Distribution Layer.
• Worked on 6500 series in Core layer and ASR 9k as Edge routers. Worked on OSPF, EIGRP. Experience in troubleshooting and design in OSPF and EIGRP.
• Worked in Nexus 2k, 3k, 5k and 7k in Datacenter environment. Worked on VPC, VDC, FEX, port-channel, VLAN trunking.
• Worked on designing DMZ environment with F5 LTM and GTM for external application load balancing.
• Worked on providing network resources for ESXi hosts, storage hosts like ISILON, RP, VMAX, VNX etc.
• Experience working on L1/L2/L3 tickets on OSPF, BGP, EIGRP, Switching, Firewall and Load balancing issues.
• Designed a Two Arm Architecture for LTM pair in DMZ with a segregated server VLAN. Worked on healthcare Applications like EPIC, Stanley healthcare, GE etc.
• Configured load balancing for Citrix ICA servers using Netscalers.
• Experience in using migration too also experience working on Palo Alto and checkpoint perimeter firewalls.
• Configured of routes and interfaces, DMZ inside and outside security levels etc. also experience in installation from scratch.
• Configured F5 LTM for applications like Exchange 2016, Skype for Business 2015, EPIC, Citrix, AirWatch, and MWG etc.
• Experience setting up physical VE F5 BIGIP Versions. Upgrading Hotfix and IOS. Worked on LTM, GTM (Wide IP, Zones, Listener IP, Generic servers etc.), and APM (Basic) modules. Integrating APM with ADFS and Improved for 2 Factor Auth.
• Worked on Juniper Junos Pulse for remote SSL VPN.
• Experience on Avaya Softphone use to software application that runs on your work computer and can augment your desktop phone or replace it completely.
• Configured WCCP on Edge routers to route the Internet traffic through MWG.
• Deployed a large-scale HSRP solution to improve the uptime of collocation customers, in the event of core router becoming unreachable.
• Designed, Configured and implemented VPN tunnel with IPsec and GRE and Cisco ASA based security infrastructure.
• Migrated from Cisco ACS to Aruba Clear pass. Configured 802.1X on all access layer switch ports for port security. Implemented MAC based, and Certificate based authentication to the end hosts.
• Worked on SolarWinds Monitoring tool with NCM, NPM and IPAM modules. Worked on service now ticketing tool for change controls and tickets for any issues.
• Troubleshooting issues related to Cisco Routers, Switches, and ASR, Nexus 5K, 2K, ASA5595, ACE 4710, MPLS and critical network links by coordinating with the vendor
• Troubleshoot the Network Issues onsite and remotely depending on the severity of the issue.
• Used network analyzers like Wireshark, ethereal and sniffer for packet analysis.
• Performed Break Fix support through driving to different buildings, identifying the root cause of the hardware issues with switches, routers.

Confidential

Network Engineer

Responsibilities:

• In-depth expertise in the implementation, optimization, troubleshooting and documentation of LAN/WAN networking systems also Configured Various Routing protocols such as RIP, OSPF, EIGRP, static routing.
• Troubleshooting of Cisco 2800, 2900, 3900, 7200, 7600, Series routers.
• Provided configuration of STP and Port Security on Catalyst 7509, 6500, 6509 switches.
• Worked with Juniper Net Screen 500/5200 also juniper SRX 650/3600.
• Executed BPDU Guard, port-fast, uplink fast and other spanning tree features on various layer 2 and layer 3 switches.
• Experience on Multifactor Authentication for External applications in DMZ using F5-APM.
• Maintained and configured Aruba wireless controllers for Remote AP’s, Campus AP’s.
• Experience in Data center migration project, responsible for the configuration, deployment, troubleshooting of LAN/WAN devices.
• Configured static NAT, dynamic NAT, dynamic NAT overloading and Configured and optimization settings of Riverbed.

Confidential

Network Admin

Responsibilities:

• Manage installations, configuration and administration of Cisco equipment in IT architecture of organization.
• Configure IT LAN/WAN elements and held responsibility of maintaining and monitoring performance of network and Network infrastructure support to routing and switching equipment’s.
• Provide Tier1 technical support, assisting users facing network problems. Perform advanced troubleshooting, diagnostics and provide tier/level-1 solutions to network failures and network Migration from RIP to OSPF and EIGRP.
• Involved in design and deploying various network security & High availability products like Cisco ASA and other security products also hand on Virtualization of network using VMware.
• Troubleshoot and resolved dynamic routing, Ethernet switching and host connectivity issues in a window and network environment also Troubleshoot wiring problems and serial communication lines.