SUMMARY

• Over 7+ years of experience in Networking, including hands - on experience in providing network support, installation and analysis for broad range of LAN/WAN/MAN communication systems along with Acquisitions of Network setup from on prem to cloud and vice versa.
• Network: Hands on experience in installing, configuring, maintaining and troubleshooting Nexus 7K, 5K, 2Kseries, Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500, 1800 series, Cisco switches 6500, 4500, 3750, 3500, 2900 series switches & HP Modular and blade switches.
• Excellent knowledge in Routing, Switching, Firewall and Gateway technologies, system design, wireless design, data network design, capacity management and network growth.
• Firewall: Hands on experience in Design, configuration and management of all series of Palo Alto 200, 500, 3020, 5020, Juniper Net screen, FortiGate 800D, 1500D, Check Point & Cisco ASA firewall administration across global networks.
• Load balancer: Hands on experience in implementation and deploying BIG-IP F5 LTM, Citrix NetScaler & Barracuda load balancers for load balancing and network traffic management for business applications.
• Cloud: Hands on experience with Design, configuration 7 management of network topology on AWS cloud following cost optimization.
• Experience with Installation, configuration, and management of WAN optimizer, Riverbed Steelhead& SteelApp
• Wireless: Experience with Aruba and Cisco WLC along with their APs & ClearPass integration.
• Network Management Tools: PRTG, OP Manager, Solar winds, Kiwi Syslog, NetFlow & ACS for AAA logs.
• Excellent customer management/resolution, problem solving, debugging skills and capable of quickly learning effectively analyzes results and implement and delivering solutions as an individual and as part of a team.
• Extensively Hands-on experience on AWS and its Networking component like VPC, Endpoint Gateway, Elastic IP, Network Interface, VPN gateway, Route 53 and all supported VPX of NetScaler and Palo Alto.
• Basic knowledge of Azure.
• Active Directory, DNS Installation, Group Policy Hardening, Ability to work on Win2k3, QLC Mail server, Windows 7, 10 & UBUNTU (Linux Flavor): Troubleshooting knowledge of windows OS related issues, MS Office 2000, 2003, 2007 & 2010, Visio drawings.
• Have Knowledge of various programming languages, like C, C++, C#, VB, SQL, ASP & EEM scripting.

PROFESSIONAL EXPERIENCE

Confidential - Chicago, IL

Infrastructure and Network Engineer

Responsibilities:

• Handling network day to day Operation and Management involving various Network & Security related Project, Changes and incident resulting in configuration and management of various Cisco Nexus 7K, 5K, 2K, 6500, 4500, ASA, ASASM, Palo Alto, Juniper ISG, Juniper SSL VPN, HP Tipping point, Bluecoat proxy SG 900, NetScaler, F5 LTM, GTM & ASM modules
• Configuration and management of Palo Alto 3020 internet edge firewall in HA pair, successfully upgraded Palo Alto OS from 6.x to 7.1.1 with zero downtime.
• Configuration and management of F5 LTM 1600 and 3600, deployed various VIPs for hosting public facing sites.
• Contributing as team in successfully design & migration of new remote sites Design, Configuration and management of IP architecture, hands on experience on Nexus 7K, 5K and 2K hardware models and line cards.
• Implemented HA for Bluecoat Director and for F5 LTM 1600 in active standby scenario.
• Successfully accomplished Shellshock & Poodle vulnerability mitigation project which involves Upgrading
• Bluecoat Director, Juniper SSL VPN box F5 LTM & GTM hotfix upgrade.
• Troubleshooting website access issues on Palo Alto and HP Tipping point IPS along with packet capture.
• Performed upgrades on various Cisco 4500, 6500 series switches and ASR1001 series routers upgrades.
• Successfully replaced multiple faulty line cards and supervisor of Cisco 6500 & E-series switches.
• Installation and configuration Cisco Secure ACS, integration of all Network devices under it.
• Being On-call supported priority incidents on timely manner and resolved tickets.
• Created various SOPs for Line card replacement, IOS upgrades for routers and firewalls for team members.

Confidential - Minneapolis. MN

System and Network Engineer

Responsibilities:

• Designed and implemented Various Tier 1 application environment on AWS by choosing cloud VPC concept, spinning PA, NetScaler LB, and established both end vpn connectivity to create reachability for developers to do POC for various applications, Evaluating Network Infrastructure Acquisition, Installation, and Maintenance.
• Build HA setup for Palo Alto firewall & Netscaler VPX models and tested failover successfully in AWS cloud using elastic Nic concepts and attach/detach policies in single Availability Zone to achieve compute fault tolerance.
• Created multiple VPCs to separate various environments, On Demands: leaking routes between VPCs to achieve connectivity with additional configuration of subnet groups & stateless Network ACLs.
• Configuration and management of AWS Route53 to achieve Availability Zone, multiple datacenter-based DNS load balancing and seamless failover to have 100% uptime in cloud infrastructure
• Hosting public facing sites in AWS with the help of Elastic IP concept along with instance capacity planning.
• Configuration and troubleshooting of HA setup for Palo Alto firewall and Netscaler Load balancer.
• Implemented VPN Connections and Direct connect to AWS from on-prem datacenter with redundancy.
• Implemented system-level security through IAM roles, credentials, encryption, MFA and RBAC.
• Analyzing Cloud trail Log and log analysis for forensic purpose during incidents.
• Configuration, management of cloud WAF by Imperva (Incapsula). This also involves fine tuning of sites for caching/bypass-caching of various URI under same site.
• Having SDN experience while working on Cisco ACI deployments (Nexus 9K). Configured various contracts to achieve L4 filtering on ACI, Commissioning and configuration of physical connectivity of Servers to ACI switches.
• Designed and implemented BGP Multihoming Internet setup which involve configuration of 3 ASR 1001 series router to achieve 100% service uptime in a year.
• Successfully implemented various Network projects on physical DC which involve application hosting design followed by implementation with quarterly DR Drills.
• Successfully upgraded IOS of various Cisco ASR Routers, 2900 ISR, 3550 switches, 3750 stack, HP 2960 switches, FortiGate 1500D, 800D, Palo Alto 5020, 3060, 3020, 500, VPX series on AWS, Citrix Netscaler 11515, F5 1600, 2400 & VPX series on AWS infrastructure.
• Design and configuration of Citrix NetScaler, F5 LTM ADC (as network proxy, SSL offload) and Log rhythm (for system log collection) in a Highly Available manner.
• Created various Load balancer configuration for hosting Web/App & DB services along with writing web traffic related policies on Netscaler & F5 load balancers like URL redirection, compression, URL rewriting, Active standby setup, access control on VIP etc. in assisting application deployment.
• As part of Infra team, assisting Application Team by providing network and security design consideration for Web, App and DB models applications adhering security and scalability.
• Troubleshooting network issues related with various multi-platform application like ASP, VB, Sql, web caching & SQL, Oracle, DB performances.
• Implemented Network Security measures by deploying Palo Alto (for packet inspection, monitoring internet traffic) and configured new boxes from scratch as Edge firewall as well remote site WAN entry firewall.
• Build HA setup for Palo Alto firewall for 5020, 3020, 500 models and tested failover successfully
• Upgraded code from 6.x to 7.x on on-prem devices and 8.x on VPX model in AWS cloud successfully.
• Configured & Managed standard policies for threat detection, Antivirus, Antispyware and Vulnerability protection and applied on internet inbound & outbound policies respectively.
• Configured wildfire for Mail-Exchange traffic so that malicious emails attachment can be filtered and examined.
• Configured URL filtering for corporate users by blocking social sites and allowing it for specific HR groups.
• Established iBGP connectivity with 3 Internet Routers with Palo alto as well as enabled failover monitoring and VPN tunnel failover.
• Configured Equal cost multi path (ECMP feature) routes and load sharing of internet traffic between ISPs.
• Configuration and troubleshooting of Palo Alto wrt Policy based routing, Site to site VPN, Remote access VPN using Global-Protect, URL access, high CPU & HA part.
• Responsible for taking escalation calls for Tier 1 & Tier 2 incidents by providing immediate workaround or permanent fix and assisting team for creation of RCA details.
• As part of Operation, leading team which includes 3 junior network engineers & 3 interns, responsible for their trainings, growths along with escalation support.
• Created various SOPs for day today task and incidents to accomplish knowledge management.
• Daily review of incidents and problem ticket to address ITIL process.