SUMMARY

• 9.1 years of professional experience in Network Planning, Implementing, Configuring, Troubleshooting and Testing of networking system on both Cisco and Juniper Networks
• Experience of routing protocols like EIGRP, OSPF, RIP, TCP/IP, ACL’s and BGP Multicast, QoS including tunnel installations & switching (LAN, WAN, VTP, STP etc.) network technologies
• Worked on Cisco 7200, 3800, 3600, 2800, 2600, 1800 series Routers andCisco 2900, 3500,4500, 5500, series switches and Nexus 9K, 7K, 5 & 2K platform switches including Nexus 2K FEX(Fabric Extenders)
• Worked on configuration of VLAN setup on variousCiscoRouters and Switches
• Configure Palo AltoNetworks Firewallmodels (PA - 2k, PA-3k, PA-5k etc.) as well as a centralized management system (Panorama) to manage large-scale firewalldeployments.
• Working experience on Network monitoring and debugging tools: Net Scout, Wireshark.
• Worked extensively on Palo Alto Firewalls, ASA firewall, Checkpoint firewalls, Juniper SRX firewalls
• Worked extensively on F5 LTM and GTM load balancers.
• Involved in deployment of Cisco ACI and SD WAN
• Migrated complex, multi-tier applications on AWS. Defined and deployed monitoring, metrics and logging systems on AWS. Migrated existing on-premises applications to AWS
• Technical engineer forEIGRPtoOSPFMigrations for multiple sites and Implemented Virtualized areas among OSPF areas and Redistribution Techniques between OSPF andEIGRP and implementation.
• Isolated network traffic via F5loadbalancersfor GTMs and LTMs and implementation.
• Installed, configured and deployed Cisco IP Telephony and good noledge of Cisco RSA.
• Successfully completed training on Meraki training and familiar with Meraki devices and security cameras.
• Experience engineering, deploying and supporting all components of CISCO UCCE suite.
• Ability to Install, Manage & Troubleshoot Large Networks & Systems Administration on Windows & Linux platforms in Development, Lab & Production Environments.

TECHNICAL SKILLS

Cisco Platforms: Nexus 7K, 5K, 2K & 1K, Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 2900, 6807 series), Cisco WAAS, Cisco Prime Infrastructure

Juniper Platforms: SRX, MX, EX Series Routers and Switches

Networking Concepts: Access-lists, Routing, Switching, Auditing, Subnetting, Designing, CSU/DSU, IPsec, VLAN, VPN, WEP, WAP, MPLS, VoIP, DMVPN, Wi-Fi, EIGRP.

Firewall: Cisco ASA Firewall, Checkpoint, Palo-Alto

Security Protocols: IKE, IPsec, SSL-VPN

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6

Operating System: Windows 7,10/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix

PROFESSIONAL EXPERIENCE

Confidential, Rockville, Maryland

Network Security Engineer

Responsibilities:

• Performing teh software upgrade from version 9.0 to 9.1 on panorama and PA-7000 series Palo Alto firewalls.
• Worked on Palo Alto PA-5050 design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Push firewall rule, operate and deploy PA 5060 and panorama. Defined zone-based firewall to segment sensitive application traffic.
• Involved in deploying SDWAN with cisco infrastructure
• Worked on Python scripting for network configuration and management.
• Configure, setup and physically replace all teh Desk switches from WS-C3560CG-8 PD-S (end of support) to WS-C3560CX-12PD-S with teh IOS version 15.2 (7) E2.
• Helped teh team in Deployment of CISCO ACI Greenfield and Migrated from Legacy network.
• Involved in Developing ACI (Cisco Application Centric Infrastructure) based Cisco Validated Designs for Enterprises and Service Providers to transform Traditional 3 Layer Architecture to ACI based (Spine, Leaf and APIC) Architecture
• Implemented Contracts, Multi-tenants between Endpoint groups using SDWAN in ACI.
• Prepare, develop and build teh SOPs for teh software upgrades on teh User/access, Distribution and core network devices. (Cisco Nexus 9K, 5K, 2K, cisco catalyst 3560CG, 3850 and Catalyst 4500 single and dual Supervisor 8 switches).
• Help team members at other locations in building teh configuration to replace teh WS-C3560CX-12PD-S Desk switches.
• Experience working on multiple projects in route, Switch and provide teh suitable recommendations.
• Experience working closely with internal Security team for teh network traffic blocks and configure SNMP v3 to access teh devices via fore scout.
• Responsible for Configuring NIC’s and monitoring over 100 APC Schneider UPS at multiple locations for teh redundant power supplies on Network devices using DCE. (UPS models: APC smart UPS 1500, 2200, 3K, 4K, 5K Series).
• Worked on cisco ISE controllers to maintain teh network connectivity for newly configured network devices and IP address using ISE.
• Working on teh Critical and High severity level incidents from teh Lacework and Configuring teh policy against to teh AWS CIS bench marks and NIST.
• Working experience with teh Secret System, AWS ACM and KMS keys
• Involved in Designing and Deploying dynamically scalable, Highly available, fault tolerant and reliable applications on AWS.

Confidential, Greensboro Village, NC

Network Security Engineer

Responsibilities:

• Understand teh Network environment within teh VF organization (Vans, Wrangler, Timberland, Kontoor, Lee brands etc)
• Supporting management with teh groundwork in preparing data sheets with all teh devices and there IP address and serial numbers and device model numbers.
• Have configured more than 50 Voice gateways and migrated them from VG 210 to VG 310 due to Cisco Call manager support issues.
• Implemented Zone Based Firewalling and Security Rules on teh Palo Alto Firewall.
• Worked on Panorama firewall management tool to administer Palo Alto 5050, & 5250 device groups.
• Installed and configured Palo alto images in AWS cloud
• Migrated complex, multi-tier applications on AWS.
• Configuration and troubleshooting of Issues related to VIP’s, Server pools, Redundancy, Persistence, and SSL offloading to improve application performance.
• Defined and deployed monitoring, metrics and logging systems on AWS. Migrated existing on-premises applications to AWSParticipated in troubleshooting SDN/SD-WANdeployments
• Configured VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 9k devices
• Primary engineer to troubleshoot and upgrade teh Cisco prime infrastructure for teh out of memory, slow ness and crash issues.
• Designing, Managing & playing a vital role in IT projects and taking lead to review for technical documentation (RFP, HLD, LLD, NIP, NMP and NRFU) & generate network configuration for highly complex enterprise networks.
• Worked as Network consultant, designing network Low Level Design (LLD), High Level Design (HLD), Request for Change (RFC) and providing support plus
• Worked in for teh NextGen Datacenter Cloud Architecture, usingCiscoACIand Nexus 9K
• Installed Configured and managed Ansible Centralized Server and creating teh playbooks.
• Involved in migration of F5 Local traffic managers of LTM 5100 series to LTM 6800 series for higher.
• Experience with F5 load balancers - LTM, GTM series like 6400, 6800, 8800 for teh corporate applications and their availability.
• Configuration and Deployment Big IP F5 LTM and GTM load balancers from a Scratch at teh Chicago Data Center Location.
• Provide second/third level technical support for ACI (Application Centric Infrastructure) technologies.
• Installed over 75 Meraki cash wrap switches during teh peak rush in teh retails for teh registers over US and Latin America retail regions remotely
• Configure and troubleshoot Meraki MX60, MX64, MX65, MX67 and MX120 series switches using Meraki dashboard.
• Successfully completed training on Meraki training and familiar with Meraki devices and security cameras.
• Worked closely with Sprint in migrating Sprint T1 to Ethernet circuits and provided recommendations to teh snider technicians with teh installations remotely.

Confidential, Dallas, TX

Sr. Network Security Engineer

Responsibilities:

• Worked extensively on Panorama Centralized Management for Palo alto firewall PA-500, PA-200 and PA3060, to central manage teh console, configure, maintain, monitor, and update firewall core, as well as back up configuration
• Successfully installed Palo Alto PA-3000/PA-5000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Provided teh network recommendations according to teh existing configuration and building reports including diagrams and for teh Palo Alto firewalls
• Migration of existing IPSec VPN tunnels from Pre-Shared key to Certificate Authority for purpose of scaling
• Involved in Designing and implementing DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA 5500 Firewalls.
• Working on teh PA-VM based firewalls like VM-300 and VM-500, where all teh firewalls are deployed in teh AWS C5xM size instance.
• Configuring teh Network Load balancer in teh AWS for teh load balancing teh traffic coming from teh different third-party vendors or business partners around teh globe.
• Involved inEIGRPtoOSPFMigrations for multiple sites and Implemented Virtualized areas among OSPF areas and Redistribution Techniques between OSPF andEIGRP.
• Identified opportunities for implementation of network best practices, particularly F5load balancer implementations. Mapped, Network Diagrams and physical identification in MS Visio.
• Worked on ASA Firewalls and F5 load Balancers
• Configure various LAN switches such as CISCO CAT 2900, 3550, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
• Helped teh team in Migration of teh Cisco Catalyst switches to Nexus series. Have prepared and modified HLD, LLD’s as per teh project requirements using Visio.
• Worked on teh designing of teh network for Saudi Telecom Managed LAN, WAN, IPT & Firewall on cisco ASR 9K, ASA 5500/5508, Juniper SRX200 Firewall, L2VPN, IP-SEC over GRE Tunnel, IP Aware NATing. Designing Low Level & High Level Design (LLD & HLD) for Managed services.
• Implemented site to site VPN in Juniper SRX as per customer Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
• Prepared HLD in creating teh switch port connections and assigning access points including cisco 3950’s in stack wise technology.
• Involved in Layer 3 routing - Cisco Routers: 2500, 2600, 3600, 3800, 3900, 7200 series, ASR 9000, 9001, 9006 series.

Confidential, Voorhees, NJ

Network Security Engineer

Responsibilities:

• Experience working with Palo Alto firewalls managed through Panorama management platform.
• Configure High Availability on Palo Alto firewalls.
• Researched, designed and replaced Palo Alto firewall architecture with new next generation Palo Alto PA3000 and PA5000 appliances serving as firewalls and URL and application inspection.
• Configured inside ACL, outside ACL, inside, outside interfaces, NAT and PAT policies.
• Experience in migration of VLANS & Configured VLANs with 802.1q tagging, Ether channels, and Spanning tree for creating Access/distribution and core layer switching.
• Implemented Virtualized areas among OSPF areas and Redistribution Techniques between OSPF andEIGRP.
• Configured IPSEC VPN tunnels between Checkpoint and other non - Checkpoint endpoint devices using IKE pre- shared keys.
• Worked on migration of existing Checkpoint firewall to ASA firewall, PIX OS upgrade from 6.3 to 7.0.
• Demonstrated virtual link between OSPF areas and redistribution between OSPF andEIGRP.
• Configuring Static, IGRP, EIGRP, and OSPF Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers.
• Configured Easy VPN server and SSL VPN to facilitate various employees’ access internal servers and resources with access restrictions.
• Responsibilities include designing, implementing, configuring, testing and monitoring teh Datacenter network segmentation and migration projects.
• Created multiple policies and pushed teh in to Checkpoint Firewall (Gateways) and Checkpoint Management Server with SPLAT operating system.
• Successfully implemented teh datacenter segmentation project with 7K, 5K and 2K Cisco Nexus architecture, ISR and ASR 1001, 1004, 1006 series routers, F5 BIGIP 4000s and 7200v load balancers and Palo Alto Pa-5000/3000 series firewalls.
• Experience working with Nexus core 7010, 7706, 5500 and 5600 series switches and 2000 series Fabric Extenders.
• Migration of teh Cisco Catalyst switches to Nexus 5K series.
• Configured EBGP load balancing and ensured teh stability of BGP peering interfaces.
• Implementation of Site-to-Site VPNs over teh internet using 3DES, AES/AES-256 with ASA Firewalls.
• Configure various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
• Build maintain and support Cisco ASA5500 firewalls and VPN technology at Confidential datacenters and remote locations.
• Implemented site to site VPN in Juniper SRX as per customer Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
• Managing and configuring 4 juniperSSL VPNappliances (SA-4500 & 4000) for TSNA and ATS customers
• Deployed BIG IP Enterprise manager to cluster all teh F5 LTM, GTM, ASA, Net screen devices for easier management and common configurations.
• Designed and configured OSPF, BGP on Juniper Routers and SRX Firewalls
• Involved in teh migration of F5 Local traffic managers of LTM 5100 series to LTM 6800 series for higher.
• Extensive use of NSM (Network and Security Manager) and CSM (Cisco Security Manager) for adding or modifying firewall policies for teh firewalls in use.
• Worked extensively on Cisco ASA 5500(5510/5540) Series,
• Building teh VPN tunnel and VPN encryption.
• Mapped, Network Diagrams and physical identification in MS Visio.
• Preformed IOS upgrades on Cisco routers and switches
• Configured Cisco 2800, 3800 routers and 3750, 4500, 6500 switches as part of teh implementation plan.

Confidential

Technical Network Engineer

Responsibilities:

• Configured Cisco Routers for OSPF, IGRP RIPv2, EIGRP, Static and default route.
• Configured teh Cisco router as IP Firewall and for NAT, switching (Ethernet) related tasks included implementing VLANs and configuring ISL trunk on Fast-Ethernet channel between switches.
• Working on creating new load balancing policies by employing BGP attributes including Local Preference, AS-Path, and Community, MED.
• Installing and maintaining Windows NT Workstations and Windows NT Server.
• Monitor performance of network and servers to identify potential problems and bottleneck.
• Real-time monitoring and network management using Cisco Works LMS.
• .Performed administrative support for RIP, OSPF routing protocol and Maintained redundancy on Cisco 2600, 2800 and 3600 routers with HSRP.