SUMMARY

• Almost 7 years of experience in networking, installing, configuring and maintaining network devices.
• Implementing IP addressing schemes, LAN/WAN protocols, IP Services, to fulfill network requisites in different environments.
• Hands on experience in configuring Cisco Catalyst 2960, 3750, 4500, 6500 series switches and Cisco 2600, 2800, 3600, 3800, 7200, 7600 series routers.
• Comprehensive expertise in the implementation of optimization, analysis, troubleshooting and documentation of LAN/WAN networking systems.
• Proficient in Configuring Virtual Local Area Networks (VLANS) using Cisco routers and multi - layer Switches and supportingSTP, RSTP, PVST, RPVST along with trouble shooting of inter-VLAN routing and VLAN Trunking using 802.1Q.
• Worked extensively on Cisco FirewallsCisco PIX (506E/515E/525) & ASA 5500(5510/5540) Series.
• Assisted in the design phase including Proof of Concept (lab) and to-be solution.
• Hands on experience in configuring VSX VPN on Checkpoint firewall.
• Implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology (LACP, PAgP) etc.
• Implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, Route Maps and route manipulation using Offset-list.
• Experience in creating test frameworks, maintaining run book and testing network devices.
• Hands on in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN.
• Managed inventory of all network hardware, Management and Monitoring by use of SSH, Syslog, SNMP, NTP.
• ImplementedIGMP protocol within a router using PIM.
• Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 5000 ad 2000 for the corporate applications and their availability.
• Expertise in OSI layer model/TCP/IP.
• Well versed and experienced in routing and switching protocols RIP, OSPF, EIGRP, BGP and VLAN.
• Exposed to handling and troubleshooting issues on NAT.
• Working knowledge on configuring access lists. Troubleshooting DNS/DHCP issues within the LAN network.
• Expertise in IP subnetting and worked on various designing and allocating various classes of IP address to the domain.
• Involved in troubleshooting network traffic and its diagnosis using tools like ping, traceroute, WireShark, TCPdump and Linux operating system servers.
• Hands on experience in VMware and VMware NSX.
• Sound knowledge of Routing and Switching concepts and MPLS design.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 Sonet POS OCX / GigE circuits, Firewalls.
• Configured and deployed QOS and defined class of service (COS) WRED and WFQ for bandwidth management.
• Primary responsibility is to design and deploy various network security & High Availability products like Cisco ASA and other security products.

TECHNICAL SKILLS:

Cisco Routers: 2600, 2900, 3600, 3800, 7200 and 7600

Cisco L2 & L3 Switches: 2900, 3560, 3750, 4500, 4900, 6500

LAN Technologies: Ethernet, Fast Ethernet, and Gigabit Ethernet, SMTP, VLAN, Inter-VLAN Routing, VTP, STP, RSTP, Light weight access point, WLC.

WAN Technologies: Frame Relay, PPP, HDLC, (E1/T1/E3T3), DS3, OC192.

Network Security: Cisco ASA, ACL, IPSEC.

OS products/Services: DNS, DHCP, Windows (2000/2003/2008, XP), UNIX, LINUX.

Routing Protocols: IP v1/v2, OSPF, EIGRP, BGP, PBR, Route Filtering, Redistribution, Summarization, and Static Routing.

Gateway Load Balancing: HSRP, VRRP, GLBP

Various Features / Services: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP.

Network Management Tools: Wireshark, Netflow Analyzer, Cisco Works, Ethereal, SNMP, HP open view.

Security Server Protocols: TACACS+, RADIUS

Facilities: DS0, DS1, DS3, OCX, T1/T3

Load Balancers: Cisco CSM, F5 Networks (Big-IP) LTM 8900, Cisco ACE 4710.

Operating Systems: Windows (98, ME, 2000, XP, Server 2003/2008, Vista, Windows 7/8/10), Linux, UNIX, WINTEL

Firewall & Security: Checkpoint, Cisco ASA, Palo Alto, SRX

Programing Languages: C, C+, Python

PROFESSIONAL EXPERIENCE

Confidential, Dallas TX

Network Engineer

Responsibilities:

• Creating the testing framework consisting of the tests which are performed to test the network devices like cisco routers, L2 & L3 switches, F5s.
• Maintaining the run book consisting of the Application names, clients, networking team’s tasks, project status report.
• Assisted in the design phase including Proof of Concept (lab) and to-be solution.
• Configuring static routes on Checkpoint firewalls and configuring VRFs on 3945 routers.
• Performedredistribution in OSPF for VIPs in F5s.
• Performed configuration, build and testing activities for Proof of Concept (lab), build and configuration of to-be solution, and during customer and business partner migrations.
• Performed client and business partner migrations, including testing and post migration support based on schedule.
• Performed and record results for unit, end-to-end and other testing to support Proof of Concept (lab), build and configuration of to-be solution, and customer and business partner migrations.
• Responsible for testing iRules using Browser(IE), HTTP watch.
• Dealt with creating VIP (virtual servers), pools, nodes and applying iRules for the virtual servers like cookie persistency, redirection of the URL.
• Exposed to Checkpoint Firewall policy provisioning.
• Built site-to-site IPSec VPNs over Frame-relay & MPLS circuits on various models of Cisco routers to facilitate adding new business partners to new and existing infrastructures.
• Maintained a BGP/MPLS infrastructure.
• Responsible for convertingCheckpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Responsible for Checkpoint and Cisco ASA firewall administration across our global networks.
• Setup simplified and traditional VPN communities, and Cisco Anyconnect.
• Worked on an Agile Development Scrum team to perform manual testingof our applications.
• Interfaced with development and operation teams to ensure the quality of application releases.
• Helped in improving the efficiency of ourtestingmethodologies and processes.

Confidential, Framingham MA

Network Security Engineer

Responsibilities:

• Configuring Static, IGRP, EIGRP, and OSPFRouting Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers.
• Configured Site to Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
• Configured Easy VPN server and SSL VPN to facilitate various employees’ access internal servers and resources with access restrictions
• Responsible for entire company network infrastructure that includes Cisco Switches, Routers, Firewalls, Access Points, Servers and PBX.
• Implementation of Juniper Routers and Switches SRX, J, MX, EX Series
• Configuring and implementation of Juniper Firewall, SSG Series, Net screen Series ISG 1000, SRX Series
• Implementation of Site-to-Site VPNs over the internet using 3DES, AES/AES-256 with ASA Firewalls
• Configure various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
• Managing and troubleshooting of Juniper M320 routers including installation, upgrade, configuration and network management.
• Configuration and troubleshooting of EIGRP, OSPF, BGP.
• Configuration and troubleshooting of CSM, integration with ASA devices.
• Experience in migration of VLANS & Configured VLANs with 802.1q tagging, Ether channels, and Spanning tree for creating Access/distribution and core layer switching.
• Creation of firewall rules on Checkpoint Smart Dashboard and install policies.
• Management of corporate Checkpoint Firewall implementing security protocols and alleviating network attacks
• Deployed Palo Alto Firewalls for web filtering and application control
• Configured EBGP load balancing and Ensured stability of BGP peering interfaces
• Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
• Extensive use of NSM (Network and Security Manager) and CSM (Cisco Security Manager) for adding or modifying firewall policies for the firewalls in use.
• Worked extensively on Cisco ASA 5500(5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
• Worked on migration of existing PIX firewall to ASA firewall, PIX OS upgrade from 6.3 to 7.0.
• Design and Implement DMZ for FTP, Web and Mail Servers with CISCO PIX 506, PIX515
• Mapped, Network Diagrams and physical identification in MS Visio.
• Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.
• Configured Cisco 2800, 3800 routers and 3750, 4500, 6500 switches as part of the implementation plan.

Confidential, MA

Network Engineer

Responsibilities:

• Troubleshooting the TCP/IP networks for connectivity, outages and slow network issues and recommended appropriate and cost-effective solutions for the congestion.
• Network consists of Heavy Cisco equipment such as: Cisco 3560 2950 2924 switches, Cisco 6509 6513 5500 series Layer 3 switches, Cisco 3825 3640 7200 series routers, Cisco Pix firewall 500 series and Wireless Access points Cisco 1230.
• Worked on F5 BIG-IP LTM 8900, configured profiles, provided and ensured high availability.
• Worked on F5 and CSM load balancers deploying many load balancing techniques with multiple components for efficient performance.
• Responsible for deploying various network security & High Availability in Checkpoint Firewall
• Configuring routing protocols OSPF, EIGRP,RIP, MPBGP, LDP and BGPV4
• Configuring HSRP between VLANs, Configuring Ether-Channels, Port Channel on 6500 catalyst
• Build Logical design and Implementation of Wireless Solution
• Experience with configuring VMware and managing and maintenance of VMs (virtual server)
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Checkpoint and Cisco ASA VPN experience
• Responsible for Cisco ASA firewall administration across our global networks
• Experience withmigration of Checkpoint R54 to SPLAT
• Configured various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
• Actively participated in upgrading fast Ethernet, Layer 3 switched/routed LAN infrastructure from Cisco 3640 to Cisco 2811 ISR routers and switches Confidential access level to 2950, 3550.
• Configured various Router interfaces like ATM interface, T3 & Channelized T1 interfaces
• Configuring and troubleshooting CISCO catalyst 6509, 7609, 7613 with Supervisor cards, Cisco 3640, Cisco GSR 12416,21418(with PRP and RPR processors)
• Configuring and implementing F5 BIG-IP,LTM,GTM load balancers to maintain global and local traffic

Confidential

Network Engineer

Responsibilities:

• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies. Cisco CLI, Cisco works, Network Security, Network Analysis Tools
• Experience with Checkpoint Firewall policy provisioning.
• Firewall Policy implementation on Checkpoint R62 and R65 using Provider 1
• Develop, design and implement firewall infrastructure surrounding Checkpoint and Cisco Firewalls and a good experience with security tools and protocols like NERC/CIP and SOX
• Troubleshoot traffic passing and managed firewalls via logs and packet captures.
• Configured and resolved various OSPF issues in an OSPF multi area environment.
• Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing.
• Layer 2 switching technology architecture, implementation and operations including L2 and L3 switching and related functionality. This includes the use of VLANS, STP, VTP and their functions as they relate to networking infrastructure requirements including internal and external treatment, configuration and security.
• Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards.
• Estimated Project costs and created documentation for project funding approvals.
• Managed various teams involved in site surveys, cabling specifications, Network equipment installation and configuration.
• Planned resources and presented project status to higher management.
• Deployed 7613 as PE and CE router and configured and trouble-shooted the Edge Routers.
• Excellent troubleshooting knowledge on T1, T3, OC-3 and OC-12.
• Created and delivered internal trainings for BGP.
• Configured egress and ingress queues for ISP facing routers using CBWFQ.
• Generating RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
• Ability to analyze, configure and troubleshoot networks.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
• Supporting EIGRP and BGP based PwC network by resolving level 2 &3 problems of internal teams & external customers of all locations.
• Exposed to BlueCoat and Imperva security platforms.

Confidential

Network Engineer

Responsibilities:

• Connected switches using trunk links and Ether Channel.
• Responsible for maintenance and utilization of VLANs, Spanning-tree, HSRP, VTP of the switched multi-layer backbone with catalyst switches.
• Implemented redundant Load balancing technique with Internet applications for switches and routers.
• Support Network Technicians as they require training & support for problem resolution including performing diagnostics, & configuring network devices
• Used Network Monitoring tool to manage, monitor and troubleshoot the network.
• Configured Cisco IOS Feature Set, NAT and Simple Network Management Protocol (SNMP) for Network Security implementation.
• Received inbound calls of technical nature, independently resolved customer complaints, concerns and inquiries regarding their Internet connection.
• Troubleshoot a wide range of technical support issues and connectivity problems such as authentication, connection speed, e-mail configuration, and loss of synchronization.
• Experience in new employee mentoring, training and coaching.