SUMMARY

• 8.3 years of professional experience in Network Planning, Implementing, Configuring, Troubleshooting and Testing of networking system on both Cisco and Juniper Networks
• Experience of routing protocols like EIGRP, OSPF and BGP
• Extensive hands - on experience with complex routed LAN and WAN networks,routers and switches
• Experience with the escalation problems for Routing, Switching and WAN connectivity issues using ticketing system remedy.
• Proficiency in configuration of VLAN setup on variousCiscoRouters and Switches
• Worked on Cisco 7200, 3800, 3600, 2800, 2600, 1800 series Routers andCisco 2900, 3500,4500, 5500, series switches
• Hands-on configuration and experience in setting up Cisco routers to perform functions at the Access, Distribution, and Core layers.
• Configured and troubleshoot remote access and site to site in Checkpoint& Palo Alto firewall.
• Experienced in trouble-shooting both connectivity issues and hardware problems on Cisco based networks
• Good knowledge of CISCO NEXUS data center infrastructure with 5000 and 7000 series switches includes (5548, 7010) including CISCO NEXUS Fabric Extender (223, 2248)
• Experience in the setup of Access-Lists, and RIP, EIGRP, and tunnel installations
• Configure all Palo AltoNetworks Firewallmodels (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewalldeployments.
• Experience in Network Management Tools and sniffers like SNMP, HP-Openview, Wireshark and Cisco works to support 24 x 7 Network Operation Center.
• Experienced with VSS, VPC, Nexus 7000.
• Good understanding of NAT & Firewall on ArubaControllers.
• Configuring and maintaining the Network connectivity to Cloud Providers such as AWS, Azure using AWS VPC, AWS Direct
• Along with other Network Engineers participated in the management and configuration of Cisco ASA, Juniperand Palo Alto Firewalls, ACL’s, and Packet Shaping devices and rules.
• Enhanced level of experience with OSPF, BGP, and TCP/IP.
• Experience in troubleshooting NAT configurations, Access - Lists (ACL) and DNS/DHCP related issues within the LAN network.
• Hands-on experience in using network monitoring tool Solarwinds Orion.
• Strong knowledge on Cisco ISE
• Installed, configured and deployed Cisco IP Telephony.
• Experience with BIG-IP F5 load balancers, version 9.x, 10.x, 11.x,
• Good knowledge on Bluecoat proxy server SG
• Knowledge of advanced technologies like VOIP, H.323, SIP, QOS, Multicasting, MPLS and MPLS-VPN.
• Worked extensively onJuniper MX Series Routers and EX series Switches.
• Worked on Cisco ASA 5500 series firewalls.
• Experience with Juniper SRX 240 Firewalls.
• Experience working with security devices such asFirewalls, VPNswitches and Intrusion Detection Systems.
• Great team player and able to work under pressure 24x7 duty rotation.
• Strong knowledge in HSRP, VRRP redundancy Protocols.
• Strong experience onJuniper SSG series Firewalls and Checkpoint R75, R76 Firewalls
• Access control server configuration for RADIUS & TACACS+.
• Hands-on experience using Cisco Virtual Switching System (VSS).
• Experience with configuring Nexus 2000 Fabric Extender (FEX), which acts as a remote line card (module) for the Nexus 5000.
• Tested and worked with software designers to establish a user-friendly environment.

TECHNICAL SKILLS:

Cisco Platforms: Nexus 7K, 5K, 2K and 1K, Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900, 6807 series)Juniper Platforms: SRX, MX, EX Series Routers and Switches

Networking Concepts: Access-lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi

Firewall: ASA Firewall (5505/5510/5520),Checkpoint(R75/R76), Palo Alto(2k, 3k, 5k), Juniper SRX (240).

Network Tools: Solarwinds, SNMP, Cisco Works, Wireshark

Load Balancers: Cisco CSM, F5 Networks (Big-IP)

WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1,DS3,OC3, T1 /T3 & SONET

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q

Security Protocols: IKE, IPSEC, SSL-VPN

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6

Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix

PROFESSIONAL EXPERIENCE

Confidential, Baltimore, MD

Sr. Network Security Engineer

• Configured Site to Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
• Configured Easy VPN server and SSL VPN to facilitate various employees’ access internal servers and resources with access restrictions
• Configured DHCP scope in Infoblox.
• Configuring Static, IGRP, EIGRP, and OSPF Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers.
• Provide design and SDN/NFV networking support using OpenStack.
• Designed and configured Azure Virtual Networks (VNets), subnets, Azure network settings, DHCP address blocks, DNS settings, security policies and routing.
• Created SDN routers and subnets among the projects.
• Configured Cisco 2800, 3800 routers and 3750, 4500, 6500 switches as part of the implementation plan.
• Configured VLAN’s, Private VLAN’s.
• Deployed BIG IP Enterprise manager to cluster all the F5 LTM, GTM.
• Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Worked as a lead consultant for a consultation project to help clean up legacy FW policies and create migration path from current ASA to next gen Palo Alto firewall.
• Designed and configured OSPF, BGP on Juniper Routers and SRX Firewalls
• Deployed Azure IaaS virtual machines (VMs) and Cloud services (PaaS role instances) into secure VNets and subnets.
• Manage reviewing and verifying the accuracy of the reported severity level of an incident.
• Ensure our team works with internal and external constituents to minimize risk associated with the IS incidents, including convening appropriate subject matter experts to assist the investigations and ensuring that all relevant facts of the IS incident are properly communicated and reflected in the SIM Application.
• Manage tracking follow-up of the documentation related to an IS incident.
• Massive experience in Incident Response role with experience in examining suspicious/malicious network events.
• Implementation of Site-to-Site VPNs over the internet using 3DES, AES/AES-256 with ASA Firewalls
• Configure various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
• Configured NAT and PAT policies.
• Performed processes of optimization, backup, configuration and updating of Cisco IOS and IOS XR.
• Configuration and troubleshooting of EIGRP, OSPF, BGP.
• Configuration and troubleshooting of CSM, integration with ASA devices.
• Experience in migration of VLANS & Configured VLANs with 802.1q tagging, Ether channels, and Spanning tree for creating Access/distribution and core layer switching.
• Supporting Mcafee Endpoint security team in Mcafee EPO and antivirus components and troubleshooting operational issues.
• Hands-on experience of Python scripting, automation using Python, string parsing, libraries, API's, regexp and more.
• Design for Guest Network and Mobile Access Network for NAC Solution, comprising of a Wireless LAN Controller solution in DMZs/Internet Gateways with Cisco ISE Appliances for NAC.
• Involved in finalizing the design for Corporate Wireless Network Access for NAC Solution, comprising of Cisco ISE Appliances in all WAN Consolidation Points, and Data Centers.
• Created Solaris Jumpstart and Linux Kickstart servers and processes to automate and standardize the installation process, reducing installation time by 35% and post-installation errors by 50%.
• Experience in configuring allPaloaltoNetworksFirewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large scale firewall deployments
• Migrated complex, multi-tier applications on AWS. Defined and deployed monitoring, metrics and logging systems on AWS. Migrated existing on-premises applications to AWS
• Monitored infrastructure with Nagios like Firewalls, Servers, Services, Network devices, applications, web portals etc. Resolution of tickets fresh & pending
• Installed, configured, and updated Linux machines, with Red Hat, Debian, and CentOS
• Designed VNets and subscriptions to conform to Azure Network Limits.
• Selecting appropriate AWS service to design and deploy an application based on given requirements.
• Upgrading code onPaloaltofirewalls PA 5050/3020 to meet company security policy
• Implemented Zone Based Firewalling and Security Rules on thePaloAltoFirewall.
• Implementation of Access Lists for allowing/blocking desired traffic.
• Configured BGP load balancing and ensured stability of BGP peering interfaces
• Implemented site to site VPN in Juniper SRX as per customer Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
• Implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA 5500 Firewalls.
• Involved in migration of F5 Local traffic managers of LTM 5100 series to LTM 6800 series for higher.
• Monitored project lifecycle and events and identified milestones using MS Project.
• Building the VPN tunnel and VPN encryption.
• Preformed IOS upgrades on Cisco routers and switches

Confidential . Louis, MO

Sr. Network Engineer

Responsibilities:

• Experience working with Nexus 7018/7010, 5020, 5548, 2148, 2248 devices
• Experience with configuring Nexus2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus5000
• Involved in upgrading switches from 6500 E to 4500-X
• Implementation of BGP to optimize WAN routing on the core and edge routers.
• Mutual redistribution of OSPF and BGP routes using route maps.
• Configuring rules and Maintaining Palo Alto& Analysis of firewalllogs using various tools.
• Experience in Layer 3 routing - Cisco Routers: 2500, 2600, 3600, 3800, 3900, 7200 series, ASR 9000, 9001, 9006 series.
• Exceptional experience in scheduling project with the help of MS Project.
• Implemented configurations for the new century links for Cisco IOS XR platforms from Catalyst 7600 to ASR 9000.
• Implement SSL VPN solutions including Palo Alto Networks Globalprotect with single and multiple gateway solutions including integration of PKI certificates. Integrate multiple vendor IPSEC site to site VPNs, including Palo Alto Networks, Cisco ASA, and Juniper SRX firewalls.
• Experience in Python scripting for network automation purposes.
• Worked on wildfire advanced malware detection using IPS feature of Palo Alto.
• Worked on Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Configured rules and maintained Palo Alto Firewalls & analysis of firewall logs using various tools.
• In-depth knowledge of Cisco ASA and Juniper Netscreen Firewall security, spanning-tree, vlans, TCP/IP, RIP, OSPF, QOS, VRRP and VPN technologies.
• Responsible for Cisco ASA firewall administration across our global networks
• Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability.
• Also worked with Cisco ASA 5505 and 5520, 5512 X, 5515 X.
• Developed and implemented core network consolidation plan. Included redundant configuration of JuniperEX8200.
• Configuring Static, IGRP, EIGRP, and OSPF Routing Protocols on Cisco ASR 9000, 9001, 9006, 6500 series Routers.
• Delivered the Virtual Managed Services solution, which reduces SD-WAN and NFV managed services deployment time from years to months, significantly accelerated time-to-revenue. The solution offers full stack self-service UX and service assurance on a cloud-native platform. Wrote user stories, PRD and worked with engineering scrum teams to deliver the SaaS-based solution.
• Identified opportunities for implementation of network best practices, particularly F5load balancer implementation
• Participate in planning, implementation, and growth of our customer's Amazon Web Services (AWS) foundational footprint.
• Configuration and troubleshooting on HSRP, VRRP, GLBP, RSTP, MSTP related issues coming innetwork environment
• Expert in troubleshooting F5 software modules, including BIG-IP LTM, ASM, APM, and iRules (Tcl-based script).
• Proficient with deployment and management of AWS services - including but not limited to: VPC, Route 53, ELB, EBS, EC2, S3
• Work with our current application teams to understand our current applications and make migration recommendations and to-be architectures in AWS
• Implementation and configuration of GLBP/HSRP on multilayer switches for first hop redundancy
• Hands on Experience testing iRules using Browser (IE), HTTP watch on f5 load balancers.
• Upgraded Roger Management Network security appliances with Cisco Firewall ASA 5580, IDS, network management tools Ciscoworks (VMS, LMS, CSM), IDS/IPS.
• Configuration of Virtual Servers, Nodes, and load balancing Pools
• Assessed client Wireless Security requirements and discovered Infrastructure
• Hands of experience on practical design, development and implementation of Network Diagram use of Microsoft Visio.
• Installed Cisco Identity Services Engine 1.4 and configured and customized Sponsored Guest Portal
• Deployed 802.1x with PEAP for Employee Wireless Access.
• Leveraged AWS cloud services such as EC2, auto-scaling and VPC to build secure, highly scalable and flexible systems that handled expected and unexpected load bursts
• Planning/Implementation of the Cisco VPN clients to Ciscoanyconnect.
• Installed high availability Big IP F5LTM and GTM load balancers to provide uninterrupted service to customers.
• Configuration and maintenance of routers, firewalls, and load-balancers. Included configuration of JuniperISG 2000, JuniperEX4200, F5 BIG-IP 3600, and Cisco 6500. Includes protocols such as BGP, OSPF, and VRRP.
• Troubleshooting and installing of CRS, ISR, GSR, ASR9000 and Nexus devices.
• Engineering the configurations for the different branches, campus locations
• Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-Trunking, deployed port security when possible for user ports
• Key contributions include troubleshooting ofcomplex LAN/WANinfrastructure that include routing protocolsEIGRP, OSPF & BGP
• Knowledge in preparing Technical Documentation and presentations using Microsoft VISIO/Office.
• Involved in the redistribution intoOSPFon the coreASAfirewall.
• Involved in the removal ofEIGRPfrom all devices and making OSPF the primary routing protocol.
• Also prepared documentation for various VLAN and Voice subnetworks and worked onVisiofor the same.
• Migration of existing IPSEC VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling

Confidential, NYC, NY

Sr. Network Engineer

Responsibilities:

• Maintain and track the status of device supplied to the client.
• Implemented Juniper firewall switches.
• Configured IPSEC VPN tunnels between Checkpoint and other non - Checkpoint endpoint devices using IKE pre- shared keys.
• Installation & Maintenance of Juniper switches routers & firewalls.
• Implementing and maintaining WAN/LAN and WLAN networks in different diagrams
• Implemented various EX, SRX & J series Juniper devices.
• Identified opportunities for implementation of network best practices, particularly F5load balancer implementations.
• Designed systems utilizing Sun Solaris 11, Red Hat Enterprise Linux 6 and AIX 5L
• Significantly increased storage space; analyzed and matched workloads to a cost effective solution
• Worked on migration of existing Checkpoint firewall to ASA firewall, PIX OS upgrade from 6.3 to 7.0.
• Created multiple policies and pushed the in to Checkpoint Firewall (Gateways) and Checkpoint Management Server with SPLAT operating system.
• Monitor performance of network appliances and WAN utilizing using network analyzer like Wireshark.
• Deployed BIG IP Enterprise manager to cluster all the F5 LTM, GTM, ASA, Netscreen devices for easier management and common configurations.
• Involved in migration of F5 Local traffic managers of LTM 5100 series to LTM 6800 series for higher.
• Big IP ASMPositive and Negative Policy Reinforcement, iRule, Full proxy for HTTP, Server Performance Anomaly Detection.
• Integration of JuniperSSG series firewalls, SA VPN Appliances, J series Routers, and EX series switches.
• Configuring and managing FC zones on Cisco 9K/7K/5K.
• Focused on building new content and functionality for several F5ecommerce sites.
• Created and resolved Checkpoint FirewallsRules, Routing, Pushed Policy.
• Configuration of Fabric path and connectivity between Nexus 7K and Nexus 5K.
• Migration of corporate networks from IPv4to IPv6.
• Experience in CSM & Waterfall Methodologies
• Configuring Routing protocols like BGP, OSPF, multicast and L2 protocols in ASA to check it is passing through via ASA in customer deployments.
• Maintenance and troubleshooting of LAN, WAN, IP Routing, Multilayer Switching.
• Performed interconnection of customer sites using IPSec VPN.
• Palo Alto/Checkpoint Firewalltroubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Performing onsite data center support including monitoring electrical power, switch alarms, network alerts and access logs.
• Installation and troubleshooting of routing protocols like static and dynamic.
• Installed high availability Big IP F5LTM and GTM load balancers to provide uninterrupted service to customers.
• Optimizing and monitoring the performance of a WLAN, LAN, WAN and user's segments
• Configuring RIP, OSPF and Static routing on JuniperM and MX series Routers
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Maintain connectivity for approximately 300 switches and routers in a 500+ node network.
• Experience with deploying Fabric Path using Nexus 7000 Devices
• Experience with configuring OTV between the data centers as a layer 2 extension.
• Managing health check of Network devices this is involves upgrading IOS on every quarter after checking the vulnerability of IOS and reviewing the configuration
• Implemented Virtual chassis of EX series Juniper switches as per client requirement.

Confidential

Network Engineer

Responsibilities:

• Experience in Configuration and troubleshooting of Cisco, Juniper network devices in the environment.
• Configured Routers with EIGRP, OSPF, BGP, Static and default route.
• Worked on HSRP for hop redundancy and load balancing.
• Involved in troubleshooting wan including Slowness and branch down issues in coordination with the ISP.
• Supporting EIGRP, OSPF and BGP based network by resolving level 1 & 2 problems of internal teams & external customers of all locations
• Experience with configuring and troubleshooting BGP, OSPF in Cisco 2800 and 1800 routers in the branch sites.
• Experience configuring Cisco ASA with access-lists,NAT.
• Responsible for setting up IPSEC VPN tunnels on Cisco 5540 Firewalls towards the multiple sites.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Responsible for planning and installation of new Branch networks including Resolution of network issues.
• Responsible for implementations using runbooks and prepared network documentation.
• Performed switching technology administration including VLANs, inter-VLAN routing, Trucking, STP, RSTP, port aggregation & link negotiation.
• Configuration of Access List ACL (STD, Ext, Named) to allow users all over the company to access different applications and blocking others.
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment.
• Support customer with the configuration and maintenance of Cisco ASA firewalls.
• Experience with Firewall Administration, Rule Analysis and Rule Modification
• Ensure problems are satisfactorily resolved in a timely manner with focus on providing a high level of support for all customers.
• Coordinating with service providers for WAN link outages.
• Responsible for creation of documentation including BOM, Visio drawings and network documents for a given project.

Confidential

Network Engineer

Responsibilities:

• Troubleshooting of CISCO routers like ping, traceroute and basic issues.
• Ensure connectivity and communication among networks, servers and clients inside and outside department.
• IOS upgrade for Cisco routers & switches.
• Configured and troubleshoot OSPF and EIGRP.
• Ensure reliability, stability and recoverable of specific server environments.
• WAN Infrastructure running OSPF & BGP as core routing protocol.
• Planning and configuring the routing protocols such as OSPF, RIP, and Static Routing on the routers.
• Worked on ASA firewalls and F5 load balancers
• Managing Layer 2 switches of Cisco, VLAN configuration and assigning ports to specific VLAN as per requirement.
• Monitor and tune network to ensure acceptable levels of performance.
• Responsible for Internal and external accounts and, managing LAN/WAN and checking for Security