SUMMARY:

• Expertise as a Network Engineer with 7 years of experience in Network designing, implementing, Troubleshooting, Deployment and supported production environment.
• Proficient in installing, configuring, and maintaining Cisco Routers (1800, 2600, 3700 series and 3900 series) and Cisco switches (2900, 3550, 3750, and 6500 series).
• Hands - on experience in Cisco IOS configuration and troubleshooting of routing protocols BGP, OSPF, LDP, EIGRP, RIP and Switching(VLANs and STP).
• Expertise in Configuring OSPF and Static routing on Juniper M and MX series Routers and Designing and configuring of OSPF, BGP on Juniper and SRX firewalls.
• Proficient in configuration of Nexus 2000 Fabric Extender (FEX), which acts as a remote line card (module) for the Nexus 5000.
• Expertise in OSI and TCP/IP models. Extensive experience in WAN technologies, Frame Relay and MPLS.
• Experience in Configuring and defining parameters for testing or installation of Wireless technologies, WAN, LAN, VPN’s, routers, switches, and related networking equipment.
• Configured Autonomous and LWAP of Aruba, Cisco Aironet/Meraki WAP, wireless controller, Airwave Management Platform, and, Cisco PRIME, Client Link 2.0, Clean Air Cisco, WCS Navigator, Mobility Services Engine (MSE), Cisco ACS / ISE.
• Hands-on experience in Palo Alto firewalls (PA 200, PA2000 series) design, installation, configuration, troubleshooting and maintenance.
• Experience in Checkpoint Firewall policy provisioning and in design and deployment of Blue Coat Proxy SG and Checkpoint Firewalls and performed security operations on ASA Firewall.
• Experience in installing and managing IT services such as DNS, DHCP, SSH, NAT and site replication.
• Implementation and provisioning of new VPN customers in Cisco IP/MPLS-VPN Network using different routing protocols (e.g. MP-BGP, OSPF, Static, and others which are required).
• Proficient in working with Ipv4 and Ipv6 using VSS and VPC and experience in configuring proxies, physical cabling, IP addressing and sub-netting with VLSM.
• Experience on VoIP systems employ session control and signaling protocols to control the signaling, set-up and tear-down of calls.
• Hands-on experience in Configuration and troubleshooting of Cisco, Juniper network devices in the environment.
• Experience with 802.1x wireless technology networks and juniper SRX 240.
• Experience in implementing F5 GTM based on topology load balancing methods.
• Involved in planning, designing and implementation of Cisco Unified Communications and Collaborations solutions which include Cisco Unified Communications Manager (CUCM), Cisco Unity Connection (CUC), Cisco Unity Express (CUE) and MPX.
• Management of relational database applications with Python languages and UI designing services.
• Hands-on experience in using Visio Diagram to design Network Architecture for data centers and MS-Visio for Documentation purpose.
• Excellent leadership and communication skills for building strong business relationships with both clients and coworkers with ability to absorb new ideas and concepts quickly to prioritize and execute them in a high-pressure environment.

TECHNICAL SKILLS:

Hardware: Cisco Routers17XX, 18XX, 26XX, 37XX, 38XX,39XX series & Cisco Switches 6500,4900,3750,3650, 3500, 4500, 2500 series and 7k,5k,2k &1k.Cisco 3550, 3750, 45XX and 65XX series, Nexus 2k, 5k, 7k, and 9k.Juniper SRX, MX, EX series routers and switches. Juniper Firewalls S3G, SRX3600, SRX5000. Checkpoint R55, R70 and R71. Cisco Firewalls ASA. Load Balancers F5 LTM2000, 3900, 5000, 5400, 6000 AND 8900.

LAN Media: VLAN, Inter VLAN routing, Ethernet, Gigabit Ethernet, 10 Gigabit Ethernet, VTP, STP, RSTP, PVST.

WAN Media: MPLS, ATM, Frame-relay, T1, T3, leased lines, PPP, DS3, OC3, ISDN, PSTN and Cable Modem.

Routing Protocols: RIP, IGRP, EIGRP, OSPF, IS-IS, BGP, HSRP, IPv6, IPv4, TCP/IP

Switching Protocols: VTP, STP, RSTP, MSTP, VLANs, PAgP, and LACP.

Infrastructure Services: DHCP, DNS, SMTP, POP3, FTP, TFTP.

Network Securities: NAT/PAT, VPN, Filtering, Load Balancing, IDS/IPS, IPSec, ACL.

Network tools: GNS3, CISCO Packet tracer

Monitoring Tools: SolarWinds, Wireshark, Tcpdump, SIEM

Network Managements: SNMP, SSH, Telnet, ICMP.

Programming Languages: C and PHYTON.

Operating System: LINUX, UNIX, Windows/XP and Windows 2008/10/12, MAC OS

PROFESSIONAL EXPERIENCE:

Confidential

Senior Network Engineer

Responsibilities:

• Participate in the review of currently deployed equipment configuration files to identify and resolve any security or operational issues found and provide a remediation report to the ITS Network Administrator.
• Participate in the planning, design, documentation, configuration, and deployment of ITS network devices and services to support the District Road Operations Centers.
• Review and update, as needed, any existing ITS network diagrams, to ensure accuracy, consistency, and completeness.
• Participate in the planning, design, documentation, configuration, and deployment of the Alcatel-Lucent hardened Ethernet switches to ITS sites.
• Develop, maintain, and adjust, as required, a standard configuration file for all ITS network equipment, to include the field devices.
• Did Network Monitoring using Solar winds, Net brain, Optanix tools
• Participate in technical research and development and provide recommendations on ways to improve the ITS network availability and functionality for continued innovation.
• Delivering Enterprise Security with FortiGate Network Firewall.
• Monitored and managed networks using Alcatel- Lucent OmniVista and monitored network for optimum traffic distribution and load balancing using SolarWinds.
• Participate in identifying and testing new ITS network devices that would benefit the Department, while striving to maintain both usability and security.
• Work with the Confidential IT Network group and Confidential Information Security Officer (ISO) to ensure our network device configurations and capabilities are in compliance with established Department, State ISO, and industry standard practices.
• Work on Change management system to submit change requests to make any changes in the network.
• Working experience with Azure devops.
• Assist in the planning, design, documentation, and deployment of three-tiered systems security architecture for all ITS systems, statewide.
• Troubleshoot and repair any hardware or software failures to the ITS network equipment that may come up;
• Assist in the development of ITS Network installation and configuration procedures.
• Work closely with the Confidential IT Network Group to plan, schedule, notify users; both internal and external, and apply firmware and/or software updates to ITS Network equipment as required.
• Assist in the audit of all ITS networking equipment and compile a list of hardware and/or software that needs to be upgraded and/or replaced.
• Monitor all ITS networking devices for availability, usability, security and provide recommendations to Traffic Operations Technology Services TOTS Manager for upgrades or enhancements.
• Work within an agile project management environment.

Confidential

Senior Security Network Engineer

Responsibilities:

• Install, configure and support hardware and software required to operate assigned technology.
• Working experience on firewall monitoring tools like Firemon and ASDM.
• Create various health reports and rules removal reports in Firemon for various firewalls deployed in the network.
• Experience in converting Cisco ASA rules over to firepower. Migration with Cisco ASA VPN experience.
• Day- to- day operational support for all firewall and VPN platforms including Cisco ASA, FTDs, checkpoint and Palo Alto firewalls.
• Interpret the rules and determination of intent rules of firewalls.
• Understanding of q radar and cisco logs.
• Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment.
• Manage, maintain, monitor and support the infrastructure environment in the assigned technology domain.
• Provide ongoing maintenance including updates, patches, and anti-virus updates.
• Troubleshoot and resolve issues in assigned technology including hardware, software, operating system and application-related issues.
• Worked on Cisco, Juniper, Arista, Palo Alto, Check Point, FortiGate, F5, A10, Citrix, Aruba, Bluecoat, Zscaler, Riverbed, Infoblox, SolarWinds, Splunk vendor equipment in various verticals of Network and Security domains.
• Expert knowledge of Cisco ACI, NxOS and IOS, other SDN products Tiered Domains, QoS, data center network design, cloud infrastructure design and management, OSPF, BGP, VLAN Trunking.
• Develop and maintain documentation related to technology installation, administration, and maintenance.
• Maximized network performance by monitoring performance, troubleshooting network problems and outages, scheduling upgrades, and collaborating with network architects on network optimization.
• Assisted with the creation, implementation, and maintenance of standard operating procedures for equipment installation, configuration support, and division network operations which improved service and repeatability.
• Monitored links using SolarWinds NPM and monitored network for optimum traffic distribution and load balancing using SolarWinds.
• Working knowledge of Python scriping language to automate configuring and troubleshooting.

Confidential

Network Engineer

Responsibilities:

• Configure, deploy, monitor and troubleshoot switches, routers, firewalls, access points, controllers and end-user devices.
• Upgrade IOS for CISCO 3560, 3750, 3850, 4507, 4510 series catalyst switches for Cisco ISE compatibility and verifying the upgraded IOS operation system.
• Replace cisco 4510, 4507, 3750 switches with cisco 9407, 9300, 3650 switches.
• Install, configure and support hardware and software required to operate assigned technology.
• Manage, maintain, monitor and support the infrastructure environment in the assigned technology domain.
• Provide ongoing maintenance including updates, patches, and anti-virus updates.
• Troubleshoot and resolve issues in assigned technology including hardware, software, operating system and application-related issues.
• Monitoring the WAN network by using NMS tools like What’s UP Gold, Pinger, PRTG and various traffic analyses and other Network Monitoring tools like Wireshark, solarwinds etc
• Develop and maintain documentation related to technology installation, administration, and maintenance.
• Maximized network performance by monitoring performance, troubleshooting network problems and outages, scheduling upgrades, and collaborating with network architects on network optimization.
• Assisted with the creation, implementation, and maintenance of standard operating procedures for equipment installation, configuration support, and division network operations which improved service and repeatability.
• Monitored links using SolarWinds NPM and monitored network for optimum traffic distribution and load balancing using SolarWinds.
• Working experience with Solarwinds, HPNA, NNM tools.
• Installed and configured SDN and NFV Solutions (cloud based solutions) and integrated SDN and NFV.
• Integrated Palo Alto next-gen firewalls with overlay VMware NSX SDN netwok.
• Working experience in installing, configurationtrobleshooting and managing secure filters like web content gateways and filters like Blue Coat.
• Worked on implementation of VLANs in multi spanning tree topology on Cisco and Aristaswitches.
• Manage, maintain, and optimize system configurations for Cisco ASA firewalls, Palo Alto Firewalls, Juniper Border routers, and Cisco routers/switches.
• Deploy next generation Palo Alto firewalls 5060s in high availability across the enterprise.create security policies and profiles like Anti virus, url filtering, spyware/malware prevention, vulnerability threats etc.
• Working experience with NAT techniques on firewalls such as Cisco PIX, Cisco ASA appliance, Palo Alto fire walls.
• Analyze local and wide area network systems, including planning, designing, evaluating, selecting operating systems and protocol suites, and configuring communication media with firewalls, switches, and other devices
• Migrate networks from physical to virtual infrastructure.
• Design, maintain, and support backup strategies for virtualization.
• Secure a VMware environment to comply with organizational cyber security requirements.
• Experience in Forigate Firewall Appliances and in Deploying Fortigate NG-FW and Fortigate AP’s.
• Configured IDS and Deep Packet Inspection on Fortigate Firewalls.
• Experience in converting Checkpoint VPN rules over to Cisco ASA solution. Migration with Cisco ASA VPN experience.
• Day- to- day operational support for all firewall and VPN platforms including Checkpoint and Palo Alto firewalls.
• Worked on 5k/7k/ ASR1000/ ASA migration for its customers moving away into PIX.

Environment: Cisco 60 / 60 / 50 / 60 6500 switches. Cisco ISE, QOS, HSRP, VRRP, GLBP, RSTP, MST, Fabric path, OTV, MPLS, BGP, VOIP, Nexus 7k, 5k, 2k, Cisco ASA 5505,5520, Palo Alto firewall, Cisco UCS, Fortinet, F5(LTM, GTM), Redware, bluecoat, IPS/IDS, ASR 9k, IPSEC, AWS, Spanning Tree.

Confidential, New York

Network Engineer

Responsibilities:

• Provided network engineering support for the delivery of multi-site enterprise and data-center environments with evaluation, design, implementation, and troubleshooting of network and security infrastructure.
• Configured, installed, and supported network hardware and software infrastructure including switches, routers, firewalls, servers and gateways.
• Configured and installed client and server network software for upgrading and maintaining network and telecommunication systems.
• Defined security requirements for computer systems including mainframe, workstations, and personal computers.
• Monitored system logs for all company computers and devices to maximize uptime Act as Juniper Subject Matter Expert.
• Experience with Cisco ACI fabric networks, including python automation. Also, great exposure to SDN and network virtualization technologies like Cisco ACI.
• Configuring, Managing and troubleshooting Aruba Airwave Appliance.
• Deployed, managed, and supported the global AirWatch mobility solution with a focus on the Aruba ClearPass and F5 APM/GTM components
• Exposure to cloud managed SD-WAN with Cisco Meraki, cloud-based Wi-Fi implementation and provisioning. Working with various WAN vendors troubleshooting circuit relation issues.
• Work with SD WAN solutions such as Cisco iWAN, Meraki, Cloudgenix and Silverpeak.
• Monitored several key network health dashboards overview.
• Prepared performance graphs for monitoring key performance Indicators.
• Network equipment utilized Cisco hardware: 6504’s, 2921’s with switch blades, 3845’s, 2811’s, 3750’s, 2960’s, 3560, ASA 5520’s, Cisco Identity Services Engine, Wireless LAN Controllers, Cisco LAP’s, Spirent traffic injection machines.
• Network utilizes Cisco software: IOS’s that are Crypto based, LAN based, and Advance IP Services based, Adaptive Security Device Manager, Call Manager Express, Wireless Controller Station, and Wireshark.
• Performed network monitoring, provided analysis using various tools like Wireshark and SolarWinds.
• Monitored network insfrastructure using SNMP tools like HP NNMI, SolarWinds and Opnet.
• Used Wireshark to rsolve connectivity issues between hosts and enterprise network nodes.
• Managed Cisco network infrastructure using Cisco Prime and Software Defined Networking (SDN).
• Deployed transition mechanisms to deploy SDN within traditional IP networks.
• Designed, developed and implemented VOIP systems and also worked on VoIP and Sip trunks routing in WLAN switches.
• Manage and mentor team of engineers on various projects.
• Responsible for the implementation of networking solutions related to a major datacenter consolidation involving technologies such as Cisco Nexus 1KV, 2k, 5k, 7k and 9k VPC, VRF, FCOE .
• Configured a new state of the art datacenter using Cisco ACI with Nexus 9508 as spine switches and 9336 PQ as leave switches. Implemented a three tier portal infrastuctue of web, application and database end point groups (EPGs), Created bridge domains,filters, contracts, external layer 3 and layer 2 OUTs.
• Worked with Call manager installation for deploying Cisco VOIP.
• Planned and deployed LANs/WANs voice interconnection using VoIp, H.323, SIP, ISDN, L1-L3.
• Configured Cisco/Avaya Data switches using the CLI in a Wide Area Network.
• Worked with Avaya software and Avaya and Shortel VOIP phones
• Confirm VoIP phone registration is successful and troubleshot any issues with ShorTel Systems
• Deploy F5 load balancing technologies in Capital One portal infrastructures in various datacenters. Work with application developers, gather requirements to create various VIPs/URLs, Irules for application delivery.
• Knowledge in implementing and configuring F5Big-IP LTM-6400 load balancers.

Environment: F5 - LTM 5100, 6800, GTM, ASM, APM, IRules, Juniper EX, SRX, J, MX series, UTM - AntivirusBluecoat proxy servers, Cisco ISE, Packet shaper, Checkpoint -R77, IPV4, IPV6, VSS, VPC, VRF, VDC, SNMPSIP, Trunking, Trapeze-MX 2800, IOS-XR, FCOE, 802.1X. Nexus 7k, 5k, 2k, Cisco ASA 5505,5520, Palo Alto firewall, Cisco UCS, Fortinet, F5(LTM, GTM), Redware, bluecoat, IPS/IDS, ASR 9k, IPSEC, AWS, Spanning Tree, Cisco ISE, QOS, HSRP, VRRP, GLBP, RSTP, MST, Fabric path, OTV, MPLS, BGP, VOIP.

Confidential, NY

Network Engineer

Responsibilities:

• Manage a mixed media, multi-site dual-homed network. Utilizing EIGRP routing protocols, Static and Policy Based Routing, with IPSec encrypted WAN connections and secure SSL remote access VPN.
• Manage two secure wireless guest nets that utilize Cisco technologies such as ASA’s, WLC’s, and LAP’s.
• Plan and implemented scheduled upgrades, maintenance, and deployments to conduct vulnerability scans and mitigated issues with scan results.
• Participated in design and construction process of projects and was responsible for project administration.
• Configured and maintained data centre infrastructure, Nexus 2k, 5k, 6k to convert Cisco 6500 IOS to Cisco Nexus NX-OS in data centre environment.
• Deployment and maintenance of Arista Networks using 7100 and 7150 switches.
• Configured Arista, and 7050 series switches within legacy network environment.
• Worked on Nexus 5k, 7k, ASRs, ASAs, UCS, ACI to deploy and decommission VLANs on ASR 9k, Nexus 5k, 7k
• Installed and administered dual HA paired Palo Alto Firewalls.
• Worked with Palo Alto firewalls PA250, PA4050, PA3020 using panorama servers and implemented security solutions using Palo Alto PA-5000/3000.
• Experience configuring and installing Cisco and Aruba Wireless LAN Controllers, APs, Aruba ClearPass and Cisco ISE
• Maintenance of NTP, Aruba clearpass, Netbrain and terminal servers.
• Assisted and deployed Network Access Control system with Cisco ISE and HP/Aruba ClearPass for 802.1x, Guest, Onboarding and OnGuarding.
• Implemented Linux standalone servers throughout network to monitor network performance and security.
• Participate in managerial meetings and telecons that discuss status of the network and feasibility of implementations of new technologies.
• These networks include core, distribution, and access layers. Which includes fail-over datacenters, storage area networks, network access control, redundant firewalls and border (WAN) connections, wireless access, VoIP, inter-VLAN routing, cross domain traffic policy-based routing, intrusion protection services, VPN’s, VMware, all utilizing the TCP/IP stack.
• Configued and managed Fortinet 3061C, 400, 800, 300c c and 80c firewalls.
• Adding security rules and pushing the security policy on checkpoint and Fortinet consilidated.
• Ensured network security by implementing Network Access Control with Cisco Identity Services Engine, user authentication and authorization with RADIUS, DOT1X, Active Directory, Firewalls with Hardware Intrusion Prevention, Cisco IOS’s with software Intrusion Prevention, and traffic control with Access Control Lists.
• Network enterprise services utilized are: E-Mail, directory, DNS, Domain Controllers, NTP, chat, FTP, TFTP, LDAP, and other virtualized services over a fully converged network and NOC.
• Analyzed network security requirements and implemented perimeter security changes.
• Utilized industry best practices for security, disaster recovery, business continuity, change control, configuration management, and troubleshooting for a variety of network firewall technologies.
• Assisted with maintenance and support of division and facility-level network security equipment, including but not limited to network equipment, VPN concentrators, and firewalls.
• Involved in adding, removing, managing and monitoring Cisco end points via Cisco Unified Communications Manager (CUCM) and Tandberg Management Suite (TMS) systems.
• Upgraded CUCM, CUP, CER, UCCX Telepresence Conferencing system and installed Expressway- MRA.

Environment: Windows server 2003/2008: F5 BIGIP LTM, LAN, WAN, VPN, VOIP, Cisco ASA 5505,5520, Fortinet, Palo Alto firewall, DNS, TCP/IP, Cisco switches 3845s, 2811s, 3750s, ASA 5520s, AWS, Bluecoat, Bluecat, MPLS. Juniper EX, SRX, J series. Nexus 2k, 5k, 7k, HSRP, VRRP, Cisco UCS.

Confidential

Network Engineer

Responsibilities:

• Responsible for designing and implementation of customers network infrastructure.
• Help negotiate hardware, software, and circuit contracts for customers.
• Redesign customers office copper and fiber cable plant for scalability.
• Implement Cisco IDS 4235, updated and created custom signatures to protect the network against attacks.
• Network Assessment and Documentation (including technical, operational, and economic assessment).
• Configure and implement Remote Access Solution: VPN, ISDN dial up, Fractional T1.
• Configure site to site IPsec VPN, Pix to Pix, and Router to Router VPN.
• Configured IPsec VPN and Access lists (ACL) on Checkpoint firewals for network routing for B@B connectivity.
• Involved in troubleshooting security related issues on Cisco ASA/PIX, Checkpoint and IDS/IPS.
• Implement CiscoSecure Access Control Server (ACS 3.0) for Tacacs+/ Radius.
• Redistribution of routing protocols and Frame-Relay configuration.
• Network Migration from RIP to OSPF.
• Build and maintain Visio documentations for Clients
• Installed and configured F5 BIGIP, created virtual servers, pools and iRules.
• Implementation of TCP/IP & related Services-DHCP/DNS/WINS.
• Installed and configure DNS server, and Load Balancing.
• Developed and maintained process documents for network equipment asset rebuilds and recycling.
• Executed trouble tickets and performed desktop support to on-site users, for resolution of PC related issues.
• Concurrently, responsible for administering, optimizing and supporting internal LAN infrastructure consisting of windows 2003 Active Directory and more than 300 users.
• Installed and configured exchange server 2003/ multiple Routing groups.
• Installed and configured a two node Exchange 2003 cluster for fault tolerance and redundancy.
• Upgraded Exchange 5.5 to 2003, created routing groups, and multiple mailbox stores for fault tolerance.
• Created exchange 2003 mail boxes, public folders and distribution lists.
• Maintenance and support of the Exchange server and monitor the queues.
• Install, support Microsoft remote access service and terminal server.
• Installed and configured CISCO iron port 360 for email security anti-spam and mail filtering.
• Installed and configured Windows 2003 servers for Raid1+0 and Raid 5 for fault tolerance.
• Researched, recommended and implemented new hardware and software into the environment to increase efficiency.
• Monitored and supported internal network, including adding/deleting users Analyzed needs and determine types of Hardware most suitable to meet requirements of the company within the prescribed budget.

Environment: Cisco 60 / 60 / 50 / 60 6500 switches and Cisco 00/ 45 / 00 routers, Cisco ASA 500, Checkpoint, windows server 2003/2008.