PROFESSIONAL SUMMARY:

• Over 13 years of extensive hands - on experience with complex routed LAN and WAN networks, Confidential routers, Switches, ASA and PIX firewall deployment.
• Over 5 years of F5 and ACE load balancer, Juniper SRX MX series, PA and Confidential nexus platform
• Experience with different Wide Area Networking media and line encapsulations: Frame Relay, ISDN BRI, T1/E1, CSU/DSU, Synchronous Serial, HDLC and PPP.
• Experienced programming routers and switches, and performing troubleshooting tasks for connectivity, speed, and packet loss issues.
• Familiar with VOIP and Wireless controllers.
• Ability to design hierarchical network structures and assign sub networks over various physical media
• Advanced Router/Switch knowledge such as managing and configuring boot image files, creating and configuring VLANS, and writing Access Control Lists for security purposes
• Knowledge and experience using Routed Protocols: TCP/IP; and Routing Protocols: RIP, IGRP, EIGRP, and OSPF
• Seven years of experience building, troubleshooting, and upgrading computers in general.
• Excellent customer management/resolution, problem solving and debugging skills with good verbal/written communications and presentation skills.
• Certification: CCIE CSCO11905403

TECHNICAL SKILLS:

VLAN, VTP, inter: VLAN routing, STP, RSTP, PVST

WAN Technologies: Frame Relay, ISDN, PPP, ATM, MPLS, exposure to DS1, DS3, OC3, OC12, OC48T1 /T3 & E1/E3

WLAN Technologies: Autonomous AP s, Lightweight AP s, WLC, WDS, WLSE, Standards - 802.11a802.11b, 802.11G

Network Hardware:

Confidential & another vendor equipment: Confidential routers (7200, 3800, 3600, 2800, 2600, 2500, 1800 series), & Confidential Catalyst switches (6500, 4900, 3750, 3500, 2900, series), Confidential Nexus 5000 series ; PIX Firewall 506/515/525/535 , ASA Firewall 5520/5550, CatOS, Confidential IOS 11.x, 12.x, PIX OS 6.x, 7.x; Load Balancers ( Confidential ), Junipers M320, T640

Network Security: NAT/PAT, Ingress & Egress Firewall Design, VPN Configuration, Internet Content

Filtering, Load Balancing, IDS/IPS, URL Filtering

Routing Protocols: MPLS, PIM, RIP, IGRP, EIGRP, OSPF, BGP, IS-IS, HSRP, VRRP, GLBP

Infrastructure Services: DHCP, DNS, SMTP, POP3, FTP, TFTP, IIS

Network Management: SNMP, Confidential Works LMS, HP Open View NNM, MRTG 2.13, Ethereal Sniffer

IP Telephony: SIP, H.323, RTP, voice gateways, CCM

Tools: /Documentation: OpNet, cascade, NetQOS, NetScout, MS Office, MS Visio

Programming Skills: C, C++, bash, python, node js

Skills: AWS, Python, node js api

Vendors: Palo Alto, Confidential, Juniper firewall, switches, routers

PROFESSIONAL EXPERIENCE:

Confidential, San Francisco, CA

Responsibilities:

• Work with business and application managers to gather requirements
• Document the processes and create HOW-TO documents
• Analyze root causes of performance issues and provide corrective actions, provide support in project design, development and deployment activities
• Develop automated test scenarios and environments for performance testing Review and recommend improvements to existing performance test procedures
• Owns end-to-end quality of their product(s) jointly with Product manager and architecture
• Owns and maintains technical roadmaps for their product(s)
• Drive simple and scalable approach to new technology solutions using automation to enable the organization to easily deploy and operate new features, capabilities and functionality
• Worked to innovate and operate outside the comfort zone of established methods and procedures
• Gained immediate credibility at all levels both inside and outside the organization and develop lasting, productive and collaborative relationships
• Manage Network and devops team and ensure project delivieries .
• Manage and maintain multi-vendor, multi-protocol datacenter and backbone networks
• Define, and develop optimized network monitoring systems
• Design, and deploy new network architectures
• Develop automated methods to mitigate and remediate network events
• Analyze data to diagnose and identify root causes to network issues
• Be an active participant in deep technical discussions
• Develop and maintain consistency within the networking infrastructure

Confidential, San Francisco, CA

Network Architect

Responsibilities:

• Hands - On Experience in Design & Deployment of Public & Hybrid Cloud Infrastructure.
• Specialist in Cloud Migration - Application & Data
• Creates principles, models and guidelines from strategies.
• Convert requirements to a cost efficient solution architecture compliant to architectural principles, models and guidelines ensuring consistency between business, information and technology.
• Interacts with internal stakeholders and external customers to define and provide solutions enhancing their competitive position.
• Develop standards-based network designs for company’s office and backbone infrastructure
• Help maintaining our Confidential switches, router, wireless and access equipment
• Architect, deploy and maintain our software defined cloud networking, primarily in Amazon Web Services (AWS)
• Assist with deploying and maintaining our Kubernetes and Docker networking environments
• Document all infrastructure and maintain correctness
• Engage in service capacity planning, demand forecasting, and budget planning
• Proactively identify capacity bottleneck and plan/execute solution for them
• Manage and resolve issues with ISPs and vendors around the world
• Drive simple and scalable approach to new technology solutions using automation to enable the organization to easily deploy and operate new features, capabilities and functionality
• Hybrid model with AWS and legacy DC.

Confidential, San Francisco, CA

Solution Architect

Responsibilities:

• Talent Development
• Run the business
• Grow the business
• Transform the business
• Lead a team of high functioning Network Engineers as a Service Owner of Global Enterprise Corporate Network, servicing 100+ employees.
• Includes technical domains of Network Engineering and Infrastructure Cabling for the functions of design, deployments, and 24x7 worldwide support.
• With Operational Excellence as a priority.
• Provide leadership of enterprise-level Transformational Strategies / Quality Execution / Drive to Resolution / Operational Excellence - across Operations, Implementation and Design.
• Accountable for the annual budget.
• Responsible to maintain overall Network Availability at (99.99) uptime.
• Developed then successfully implemented a Global Corporate Wireless Get Well Plan, Enhanced the monitoring and alerting strategy to increased network uptime.
• Scaled to a very fast pace the past 24 month with efficiency, nearly doubled the size of our Corporate Network scope while maintaining the same headcount. Increased WAN bandwidth and speed to improve users experience and productivity. Enhanced Network Security with certificate-based authentication (EAP-TLS) for Corporate Wireless access.
• Automation: Focussed on Automation, defining the standard, identifying key and mundane area where automation can be leveraged, which in turn increases the efficiency, And delivery time with no pressure on an individual or team as a whole
• Transform the business - Developed strategies to offer new Services (e.g. Home Connections, and Extranet for Partners), as well as innovation that re-architected and re-designed the Global Corporate Network Backbone to connect Global Corporate Data Center and Offices which achieved goals of growth with cost efficiency
• Facilitating the development of automation tooling to assist Infrastructure and development. Responsible for operational readiness testing and design for operations to ensure smooth transition to operations as well as ongoing production support.
• Delivering annual portfolio projects of roughly $25,000,000 for projects spanning the stores and the entire ecommerce platform stack - comprising initiatives as diverse as wireless print and handheld devices and the backend stores infrastructure to on-prem and off-prem cloud hosted micro-services which support them.
• Accountable for the technical quality of the solution for platform initiatives as well as monitoring and reporting.
• Prioritizing technical requirements &estimating technical work effort in an Agile environment.
• People skills include recruiting, hiring and managing a team individual contributors and other technical managers with skills across diverse functional boundaries.
• Designing and implementing SDN WAN for Confidential Retail and Corp Network.
• Responsible for designing and implementation of Confidential Network in Data Center, WAN, E-Commerce, Stores, Distribution Canters and Corp offices.
• Designing Wireless in Corp and stores. Applying QOS and providing solutions for latencies issues.
• Provide guidelines and recommendation for purchasing /migration of devices with vendor
• Automate for Corp Eng. for implementation.
• POC’s /MOP’s
• Designed and build two products for Confidential POP-UP store and Fixit, which is upcoming in Confidential in retail.
• Conducting Audits and Process for infrastructure.
• Evaluating products
• Environment consists of Nexus family line, Juniper SRX/MX and PAN.
• Managing deployment tool - CHEF
• F5 LTM /GTM with ASM/APM for service delivery Ecom services
• DFO /SOP for operations and hand offs.
• OS: Red HAT
• Python: Juniper automation
• Perform a capabilities assessment of network services and technologies including inter-dependencies to support our services. Collaborate with engineers to identify risks and gaps, determine level of effort and timeline, and develop execution plans.
• Write cookbooks, upload and troubleshooting. Server provision. Creating GEMS for Jenkins and managing/updating code.
• Using PYEZ, written deployment script for L2 to manage Juniper devices
• Deliver network documentation, and all typical design and architecture documentation of services and solutions for consumption by engineering, deployment, and operations teams.
• Formulate and implement standards for network products and services with respect to monitoring and overall management, including but not limited to configuration management, lifecycle management, vulnerability management and process management for continual service improvement.
• Work closely with cross-functional teams across multiple Infrastructure disciplines and other stakeholders to gather and define requirements and objectives for which solutions are required to meet.
• Provide input into networking requirements and operational guidelines, with a focus on meeting demands of a rapidly growing and scaling global service.
• Contribute towards new and on-going technology projects.
• Implement security concepts in a network environment, including next generation firewalls, application firewalls, network firewalls, IPSEC, SSL VPN, Load Balancers, Network Access Control, and perimeter facing solutions, as well as in Campus and Data Center infrastructures.

Confidential, East Hamilton, CA / Chicago, IL

Sr. Design Engineer

Environment: Cent OS /Ubuntu/Red hat

Responsibilities:

• Design data center and traffic engineer
• Create environment based on requirement for clients
• Implement and manage Confidential and juniper appliances
• Migration from NetScaler’s to F5
• Configuring F5 and NetScaler’s LTM/GTM
• Configuring and managing nexus 7k
• AWS -configuring network component
• Setup troubleshoot routes OSPF and BGP
• Provide support /plan security policies and appliances PCI compliance
• Audit devices and ports lockdown
• Support review and implement production changes.
• Respond to tickets/call from NOC
• Configuring and managing nk7 n5k
• Configure F5 LTM vips /ssl offloading /i-rules/ASM policy and GTM --WIPS/
• Plan and prepare cutover for migration of services from NetScaler’s to F5
• Engage with clients for their requirements and setting up environment
• Implementing and troubleshooting Juniper Mx 80 and nexus 7k gateways
• Applying filter / FBF a per requirements
• Implementing BGP to connect with new peers and importing/exporting routes.
• Implementing L3MPLSvpn with different sites
• Managing and implementing SRX and ASA firewalls - policies /IPsec vpn / split-tunneling
• ASA - IPSEC / SSL webvpn /Split tunneling
• Installation and implanting switches in layer 2 domain
• Planning and implementing OSPF and BGP
• Working with vendors to get the services.
• Design and implement network infrastructure working with application Architect team
• Testing the environment, and analyzing the results
• A10 - configuring vips /ssl offloading
• F5 -- irules /ASM/APM /iapp. GTM - setting up / WIPS configuration
• GW - Nexus 7k --configuring VDC/SVI /Routes
• Conduct security audits to find vulnerabilities
• Nk7k configuration and management
• BGP/MPLS peering

Confidential, Menlo Park, CA

Network Design Engineer /Operation Manager

Responsibilities:

• Provide support in day to day operations of corpnet network
• Support and manage Confidential /Juniper routers and switches.
• Work and suggest design and development of new services as proof of concept
• Recommend network equipment and configuration guidance based on request.
• Deploy performance management tools like NetQOS, OpNet and cascade.
• Configure and manage Gigamon switches h series
• Planning and managing security rules and pushing changes on a daily routine.
• Working with WAN accelerators and VPN setup with Troubleshooting
• Routing protocols: Planning, implementation and support for BGP and OSPF
• Supporting voice and video for the existing environment.
• Nk7k, ASA and Juniper configuring and troubleshooting

Confidential, San Jose, CA

Lead design Eng.

Responsibilities:

• Work closely with the internal clients and be able to execute change requests from end users.
• Review application migration plans, document project progress via established organizational tracking tools and report results.
• Maintain basic network functionalities and deployment needs including topology changes, Subnetting and troubleshooting.
• Assist in the assessment and resolution of complex network problems including workarounds.
• Build field relations with internal clients to meet their overall requirements.
• Capturing load balancing requirements, GSS and other features in order to meet the requirements.

Environment: Nk7k, Ace/NetScaler’s, ASA, NK1k

Confidential, San Francisco, CA

Sr Network Engineer

Responsibilities:

• Working as a Network Engineer in a production environment where the service should be up 24 x7.
• Involved in changes, proposing upgrade plans and laying down security policies.
• Understanding risks and implementing changes.
• Implementation of multi-protocol networks including OSPF and BGP to include communication links for voice, video and data, servers, email systems and associated peripheral devices and gateways including Internet connectivity. Configurations for routers including IPsec VPNs and GRE tunnels.
• Configuring, Installing, testing and documenting data network transport components, primarily Ethernet switches. Configuring VoIP, QoS, CoS, SONET/SDH, ATM, MPLS, 802.1Q/w/x/D, RF and microwave technologies.
• Managing MPLS / LAN based configuration of internal LAN based VRF and mapping them to the VLAN for tagging Switching related tasks included implementing VLANS, VTP and configuring on Fast-Ethernet channel between switches. Creating and testing scripts for F5 load balancers and ways to optimize it.
• Upgrading F5 software, managing pools of servers. Design, Implement and configured HSRP on different location of office on the switched Network and Managing the Entire multilayer switched network. Proficient in Adaptive Security Device Manager (SDM) and used it while performing security audit on routers.
• Configuring firewall rules in Confidential PIX, ASA firewall environment. Configuring Checkpoint firewall and accept/reject rules for network traffic. Configured Client VPN technologies including Confidential 's VPN client via IPSEC.
• Implemented Site-to-Site VPNs over the Internet utilizing 3DES, AES/AES-256 with ASA Firewall. Configured Protocol Handling, Object Grouping and NAT on ASA Firewalls. Configured Firewall logging, DMZs and related security policies and monitoring.
• Designed perimeter security policy; Implemented Firewall ACL's; Allowed access to specified services; Enabled IDS/IPS signatures in Firewall & fine-tuned TCP & UDP. Proficient in Adaptive Security Device Manager (ASDM)
• Involved in Installing and Configuring a Confidential secure ACS server for AAA authentication (RADIUS/TACACS+). Using load balancers and ACE with multiple components for efficient performance and to increase reliability through redundancy.
• Migration from Frame Relay/ATM network to MPLS based VPN for customer's WAN infrastructure.

Environment: Confidential 6500 S/w with FWSM hardware, Security: NAT, ASA Firewalls & SDM, MPLS-VPN, Authentication Servers, Frame Relay, F5 Load Balancers, Wireless Networking hardware, GRE Tunnels.

Confidential

Network Engineer

Responsibilities:

• Managing Events for Three Locations with 7 Departments.
• Configured DHCP server and given IP addressing dynamically to the clients.
• Provide Customer Service.
• Confidential CallManager 2, 3, 4 or 5 (CCM). Confidential Unified Communications Manager Business Edition (CUCM BE).
• Troubleshooting F5 load balancers.
• Setup VOIP devices using Confidential and non- Confidential IP phones.
• Handling Client Queries and Requirements.
• Maintaining and troubleshooting network and computer issues.
• Networking Devices Include Confidential Switches and routers. Juniper VPN Client.
• Accomplishments are Network Security Migration project from PIX to ASA.
• PIX OS upgrade from 6.3 to 7.0(x). PIX to ASA migration. Configured syslog messages. Configured STATIC NAT, Policy NAT and Port Redirection. Configured AAA with TACACS+ server. Worked with FWSM, VPN concentrator, PIX and ASA firewall. Configured LAN Based failover in active/active mode.
• Configured WEB VPN (SSL VPN) using Confidential Any Connect client for Linux, MAC-OS and WIN VISTA users. Provide on call support on a rotation basis. Configured DHCP server with firewalls. Configure Site to Site and Remote access VPN. Configured the security level of Inside and Outside interfaces to allow traffic.
• Configuration of F5 load balancers, creating profiles, implementing I-rules, Hands on with F5 FirePass and ARX appliances. Design and Implement DMZ for FTP, Web and Mail Servers with Confidential PIX 525, PIX535, ASA5550 and 5520 firewalls.
• Configured NAT and PAT on the Confidential PIX Firewalls for the Internal Systems. Placed access control list (ACL) on inside and outside interfaces on the PIX Firewall. Configured Turbo ACL.
• Network and Security Design Architect Assistant and Network Fine Tuning
• Needs to Study Existing Network and redesign network. Needs to work on Security, Routing and Switching. Design the new network security policy, Routing and Switching. Work with Change Control Board and Implement the changes.
• New Server Farm Connectivity
• Create New VLAN on 6500 Series switches. Assign Port to the VLAN. Define security policies as per Server team requirement. Configure Trunking.

Environment: Confidential Routers 2600, 2800 and 7200 series, Confidential Switches Cat 1900, 2900, 3500, 4500 and 6500 series, NX 5k and 7k, Confidential PIX 525, 535, ASA 5520, 5550, Confidential VPN 3000 Series Concentrator and FWSM module Firewalls, Confidential CSS load balancer, Routing protocols EIGRP and OSPF, Switching Protocols STP, VTP, RSTP and VLAN, Firewall Security Protocols like NAT, PAT, IPSec, GRE, VPN, LAN technologies like Ethernet, Fast Ethernet, Gig Ethernet and Fiber Optic, WAN technologies Leased Line, ISDN, Frame Relay, T1, T3, E1, E3, OC3 and xDSL, Also worked Confidential Works and Sniffer, Network Diagrams using MS Visio, Troubleshooting WAN Routing, LAN Switching and Firewall Security Issues, On Call support on a rotation basis.