PROFESSIONAL SUMMARY:

• Over 8 Years Experienced Network Engineer worked extensively with multiple Clients in Switching, Routing, Network Security (Firewalls and Proxies), Application Delivery Controllers, Authentication, Wireless, Collaboration and VOIP environments. Experience in Campus and Data Center topologies in multi - vendor equipment. Very strong team member with exposure to Operations, Deployment/Implementation, lab testing, assisting Architecture and Design. Good communication and Documentation skills. Innovative to new ideas to enhance the workflow in Network Engineering.
• Experience with legacy and latest switching technologies in Campus and Data Center environments. Worked on Cisco, Juniper and Aruba/HP gear in campus environments. Worked on Cisco, Arista, Dell, Cumulus, Juniper gear in Data Center environment.
• Experience with Interior and Exterior routing protocols that includes RIP, OSPF, EIGRP, IS-IS and BGP. Worked on Cisco, Juniper and Arista routers.
• Experience in Network Security that includes perimeter security for Internet, Extranet, DMZ, Internal Server farms, Web-traffic security with Proxies, Web Application firewalls. Worked and migrated multi-vendor equipment and Next generation firewall technologies. Worked on ASA, Firepower, Checkpoint and Palo Alto firewalls. Experience on MWG, Bluecoat and Zscaler proxies.
• Experience and high-level understanding in application delivery controllers, local and global load balancing techniques, redundancy solutions, high availability options for mission critical internal, vendor and public facing applications. Experience with F5 LTM, GTM, APM, NetScaler’s, Cisco ACE and A10.
• Experience with POC on AVI load balancers.
• Worked on Campus Wireless environments with 1000+ access points, Wireless LAN controllers, Anchor Controllers, Authentication policies, BYOD policies, Integration with RADIUS. Experience with Aruba and Cisco WLAN.
• Experience with TACACS/RADIUS severs, migration from ACS and Aruba ClearPass to ISE. Experience with windows and Infoblox DNS and DHCP servers, IPAM, internal and external grids.
• Experience with WAN connectivity, MPLS circuits, leased Lines, Metro Ethernet, Site to Site IPSec tunnels, ISP circuits, Customer Edge configurations. Experience with SD-WAN solutions that include Viptella and Versa.
• Knowledge and operational experience with SDN, Cisco ACI, VXLAN, VTEPS, VNI, Bridge Domain, Arista Cloud Vision, EVPN, MP-BGP, Spine and Leaf Architecture.
• Experience with Zscaler Cloud Proxy Architecture with ZIA, traffic forwarding using GRE tunnels to Zcloud, Azure AD Authentication, Access policies, ZAPP.
• Worked on setting up connectors on prem, communication outbound from Connectors to ZEN nodes.
• Worked on configuration of access polcies in zpa for various applications.
• Worked on zpa browser based and zapp based access.
• Experience configuring forwarding profiles, app profiles for zpa and zia in ZAPP.
• Worked on setting up lss and NSS servers for log streaming and feed to local SIEM servers
• Worked on Cloud platforms that include Azure, AWS and Meraki. Experience working with connecting multiple sites to cloud using SD-WAN solutions, Cloud Connections, Load Balancing and Security with Cloud traffic.
• Worked on Open software platform switches like Cumulus on Mellanox and Dell hardware in a POC. Basic Knowledge in Python and Ansible scripting for automation in configuration templates, back-ups etc.
• Experience with Network Monitoring tools, SNMP, Log collectors, Splunk, ticketing tools and thorough understanding of workflows in corporate environments that include Financial, Healthcare, Retail clients.
• Very enthusiastic to explore and implement innovative ideas in Network Automation in configuration, documentation, troubleshooting, workflow integration, API integration with multiple tools using Python and Ansible.
• Worked on google cloud platform (GCP) services like compute engine, cloud load balancing, cloud storage, cloud SQL, stack driver monitoring and cloud deployment manager.
• Setup Alerting and monitoring using Stackdriver in GCP

TECHNICAL SKILLS:

Router and VoIP Platforms: Cisco Routers series ASR9k, 7300, 4000, 3800, 2000, 1900; Juniper MX, Arista 7000 series.

Routing Fundamentals and Protocols: Routed and Routing protocols RIP, EIGRP, IS-IS, OSPF, BGP, IPX; MPLS, Static routing, ICMP, ARP, HSRP, VRRP, Route Filtering, Multicast, Policy-Based Routing, Redistribution, Port forwarding.

Switch Platforms: Cisco Catalyst series 2960, series 3560, 3850, 4500, 6500, 7000; Nexus series 2K, 5K, 7K; Juniper EX, QFX, Aruba 2000, 3000 series.

Switching Fundamentals and Protocols: Ethernet technologies, LAN networks, MAC, VLAN and VTP, STP, PVST+, Multicast, RSTP, Multi-Layer Switching, 802.1Q, EtherChannel, PAgP, LACP, CDP, HDLC, RARP

Firewall Platforms: Checkpoint (NGX R65, 3100, 5100, 5900), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks (PA series 2K, 3K and 5K) with panorama 8.0, WAF

Security Protocols: Standard and Extended ACLs, IPsec, VPN, Port-security, SSH, SSL, IKE, AAA, Prefix-lists, Zone-Based Firewalls, NAT/PAT, HIPAA standards, Ingress & Egress Firewall Design, Content Filtering, Load Balancing, IDS/IPS, URL Filtering, L2F, IDS, TCP Intercept, Router Security, SNMP trap

Network Management and Monitoring: Wireshark, Infoblox, HP OpenView, Cisco Prime, Splunk, Security Device Manager (SDM), Cisco Works; TCP Dump and Sniffer; SolarWinds Net Flow Traffic Analyzer, NetScout, Network Performance Monitor (NPM), Network Configuration Manager (NCM), SAM, IP Address Manager, Additional Polling Engine.

Load Balancers & Proxies: F5 (BIG-IP) LTM 2000, 3900, 6400, 6800, AV 510, Citrix NetScaler, MWG, Zscaler Proxies, Bluecoat Proxies.

WAN & SDWAN technologies: MPLS, ISP Leased Lines, SONET, Viptella, Versa.

Other Networking Protocols & Fundamentals: DHCP and DNS server, Active Directory Management, NTP, NDP, TCP, UDP, FCP, Network Implementation, Troubleshooting techniques, NHRP, NetBIOS, NFS, FTP, TFTP, HTTP, PAP, PPTP, SIP Trunking, SNMP logging, SMTP, RADIUS and TACAS+, PBX servers, SDN, IPV4.

Wireless & Radius Technologies: CISCO APs, Aruba wireless and APs, Cisco Meraki, Prime Infrastructure, Air Magnet, AirWatch and WLC s (8510, 5508, 5706), Cisco AironetAP s (2600, 3600, 3700), ISE, MSE, Aruba 225, Aruba 3000 controller & Airwave, ISE, Clear Pass 6.0,6.2,6.5, 802.11a,b,c,g,n,ac

Scripting: Basic understanding in Python, Ansible and TCL (F5)

PROFESSIONAL EXPERIENCE:

Confidential: New York City, NY

Senior Network Engineer

Responsibilities:

• Configuring Cisco Catalyst Switches for Dot1x support testing the IOS compatibility with ISE
• Integrating Configuring Cisco Wireless LAN Controllers WLC with ISE to perform Dot1x authentication for Wireless users.
• Configuring various Wireless authentications like PEAP, EAP-FAST EAP-TLS
• Configuring Aruba Controllers integrating with Cisco ACS and RADIUS severs for Dot1x authentication.
• Experience installing, configuring and troubleshooting one or more of the following Cisco security technologies: Cisco ISE, IPS/SourceFire, ASA, CSM, VPN, ACS, FTD, ACI, Trustsec, StealthWatch, Cisco Umbrella architectural Experience on Migration from SourceFire to FireAmp.
• Developed and implemented security use cases using enterprise security monitoring tools (RSA NetWitness and Cisco StealthWatch
• Worked on ISE 802.1X, ISE wired/wireless guest and ISE trustsec implementations.
• Mentoring the partner technical engineer on executing the Voucher Guidelines for ISE Trustsec activation, ISE Wireless guest management activation
• Secure access by utilizing 802.1X. Cisco TrustSec
• Knowledge of identity and access control policy related technologies such as authentication, authorization, accounting (AAA), 802.1X, TrustSec, posture, and profiler
• Configured Multiple Contexts Configuring Active/Active failover, redundant interface on ASA.
• Implemented IPsec Site-to-Site VPN & SSL VPN using CISCO ASA 5500 Series.
• Creating ACL policies for Cisco 5540 ASA firewall with access control to NAT and object grouping functions
• Configured SLA monitor for failover link monitoring for multiple links from different ISPs
• Worked on F5 GTM, AFM, ASM and other F5 components to protect against advanced DDoS attacks.
• Designed, built, and deployed F5 Big IP load balancers (8900’s, Viprions, Blades), F5 Big IP TCL, F5 Big IP TMOS, F5 Big IP LTM Local Traffic Manager, F5 DNS Domain Name Services
• Configured Aruba access points 300 series, 310 series and wifi 6 supported APs like 500 series and 510 series
• Worked on Aruba wireless controllers 7000 series and 7100 series and various standards 802.11a,802.11b, 802.aag,802.11n,802.11ac,802.11ax and configuring authentication methods WPA3 with GCMP or WPA2 with CCMP.
• JINJA2 templates which is called End to End Automation.
• Experienced in troubleshooting both connectivity issues and hardware problems on vSRX, Contrail cloud.
• Experience in implementation and troubleshooting of Datacenter devices like Nexus 7000, Nexus 5000 and Nexus 2000 Series devices with VDC's /VRF's configurations.
• Experience with data center technologies that include spine leaf, cisco ACI, Arista cloud vision. Well versed with Nexus family switches to implement VPC and VDC
• Experience with Versa SD WAN for remote site connectives over MPLS network, configuration of routing and application policies in SD wan.
• Testing of the new Core SRX zone hardware in Sandbox Lab - including regression feature test, performance and failover.
• Configured syslog-ng forSplunkimplementation, Familiar with monitoring tools such as Nagios and Splunk.
• Experience working on public cloud GCP, and/or experience working on virtualization technologies
• Experience in Designing, Architecting and implementing scalable cloud-based web applications using AWS and GCP.
• Set up a GCP Firewall rules in order to allow or deny traffic to and from the VM's instances based on specified configuration and used GCP cloud CDN (content delivery network) to deliver content from GCP cache locations drastically improving user experience and latency.
• Experience with zscaler Internet security and Zscaler private access.
• Worked on zia for internet web traffi security.
• Migrated from Ironports to Zscaler ZIA
• Worked on setting up tunnels from f5 devices to Zscaler cloud.
• Worked on configuration of pac file.
• Worked on setting up pzens locally for source ip anchoring
• Worked on zscaler policies, cloud app control policies, advanced threat, malware, sand box based polcies.
• Worked on Azure AD SAML authentication for zscaler authentication and AD group based policies

Confidential: Cleveland, OH

Sr.Network Engineer (Application Delivery - F5)

Responsibilities:

• Managed ongoing F5 configuration, troubleshooting, deployed additional virtual servers for newly implemented applications and services, leveraging SSL offload/termination when possible, writing custom Irules and health monitor scripts.
• Configuring & managing Network & Security Devices that includes Cisco Routers & Switches, Nexus Switches, Palo Alto Firewalls VMWARE NSX, F5 BIGP, LTM, GTM.
• Experience with palo alto and checkpoint firewalls with next generation firewall features that includes app id, threat id, URL filtering, user id, SSL decryption.
• Experience with network segmentation using VMWARE NSX and palo alto firewalls for traffic filtering and applying policies. configuring Virtual Server, Pools, Nodes, iRules, Profiles, Persistence, and monitor on F5 LTM to match the configuration the Application.
• Good hands on providing high secure access to network provider and application by using Trustsec.
• Having good hands on traffic management solutions, including the design, low level engineering, and application load balancing solutions for client applications across the pre-provisioned ADC infrastructure.
• Used Confidential to dynamically assign reusable IP addresses to Confidential clients using Inflobox IPAM and resolved IP address conflicts. hands-on security and network engineering experience with experience focused on Cisco Identity Services Engine or experience managing a complex enterprise network that includes TACACS or Cisco AAA Servers; configuring and maintaining routers and switches with an understanding of 802.1x configuration protocol; and hands-on experience configuring firewalls
• Configuration and troubleshooting F5 LTM GTM and providing level 2 and level 3 support for the customers. Creating custom profiles, health monitors, and also configuring SNAT pools, syslog and SNMP.
• Monitoring and capturing the traffic using network management tools like solar winds and InfloBox.
• Responsible for all routing, switching, VPN, network security, and server load balancing.
• Installing and configuring F5 Load balancers and firewalls with LAN/WANconfiguration.
• Experience with Versa SD WAN for remote site connectivity over MPLS network, configuration of routing and application policies in SD-WAN.
• Using Cisco Stealthwatch for increased visibility and detection of internal threats.
• For good visibility and network traffic security solution also find unwanted insecure traffic detection by using Stealthwatch.
• Setup routing policies and ACL for SSL VPN traffic on perimeter firewalls and using Vmware NSX palo alto.
• Worked with the Trouble Tickets on F5 Load balancers on LTM and GTM module.
• Worked with F5 products & technology including GTM, LTM and SSL offloading.
• Experience with f5 and AVI networks for application load balancing.
• Global Traffic Manager (GTM) designs providing multi-side load balancing and global availability of generic hosts and/or LTM virtual servers, iQuery-based monitoring of LTM virtual servers.
• TMSH scripting-load balancer work orders are created, tested, peer reviewed and implemented in tmsh script format. experience regarding F5 BIG-IP LTM VIP configuration with health check, hosting SSL s on F5 platforms.
• Worked on juniper pulse setup in DMZ and inside environment for remote SSL VPN setup also pulse config on SRX firewall gateways.
• Worked on application acceleration service on pulse and deploying pulse secure agent on client machines.
• Worked on inside leg and DMZ leg for client traffic and outbound traffic respectively.
• Configured different load balancing options & features One Connect, persistence, SSL offload functions.
• Time to time upgrade network connectivity between branch office and regional office with multiple link paths and routers running HRSRP, EIGRP in unequal cost load balancing to build resilient network.
• Experience in managing the load balancers in a high-availability infrastructure.
• Handling various trouble tickets, firewall rule changes, assisting other teams to bring the device to production, making DNS changes in InfloBox and routing changes.
• Configured different load balancing methods on F5 LTM & GTM and worked on one-connect profiles and HTTP compression and several persistence profiles.
• Experience with Azure cloud connectivity using express routes. Configured express routes and NSG in could security.
• Experience with azure AD for authentication to cloud apps using SAML.
• Experience with Zscaler cloud proxies ZIA and ZPA. Worked on setting up tunnels to Zscaler Zens zero trust network access.
• Experience with data center technologies that include spine leaf, cisco ACI, Arista cloud vision. Well versed with Nexus family switches to implement VPC and VDC.

Confidential: Seattle, WA

Senior Network Engineer

Responsibilities:

• Working as part of team to support multiple migrations in switching, routing, firewalls, LB and Proxies.
• Palo Alto design and installation (Application and URL filtering, SSL decryption, SSL Forward Proxy). Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls. Successfully installed PA-5000 series firewalls in Data Center as perimeter Firewalls.
• Migration of ASA firewalls to PA next generation Firewalls using migration tool in PA. Migrated all IPSEC tunnels, ACL’s, NAT rules and policies.
• Experience working on Cisco ASR 9K, Nexus 7k and 9K. Configured and designed OSPF, EIGRP and BGP at Distribution and Core layers. Configured OTV layer 2 connection between Data centers on Nexus.
• Worked on Juniper devices like M, MX routers on advanced technologies like MPLS VPNs, TE and other service provider technologies.
• Experience with configuring BGP, OSPF in Juniper M and MX series routers. Worked on several BGP attributes like MED, AS-PATH, Local P for route optimization. Worked on Route-Reflector, Route-Redistribution among routing protocols.
• Automated active directory operations of the organization like adding, removing, updating users using python.
• Experience with building networking python script Using Netmiko and Paramiko Modules.
• Experience working with Juniper devices like EX-2200, EX-4200, EX-4500, MX-480, M Series, SRX650, SRX240
• Managed AD Domain Controller, DNS and DHCP Servers and configurations.
• Worked on Cisco ISE for user Authentication, Security Group Tags, MAC based authentication for Wireless and Wired users, 802.1X, EAP, PEAP etc.
• Responsible for the IPAM (IP Address management) system for a very large WAN/LAN network (QIP) using Solarwinds IPAM and Infoblox DNS and DHCP servers. Experience with DHCP scopes, IP reservations, DNS host entries, pointers, delegations, Zones, DNSSec etc.
• Provides expert level security and networking knowledge in the planning, researching, designing, and testing of new networking technologies for perimeter firewall security, Intrusion Prevention/Protection System (IPS), DNS and DMZ security, and Internet Security in support of established Info Security program initiatives for the next 3 years.
• Regular upgrade and maintenance of Infrastructure, Installing, configuring, and maintaining Cisco Switches (2960, 3500, 7600, 3750, 3850 series, 6500 series) Cisco Routers (4800, ASR 9K, 800), Juniper Routers and Firewalls, Nexus 7k,5k & 2k, f5 BIG IP, Palo Alto Firewalls, Zscaler Proxy and Versa SD-WAN appliances.
• Conducted a POC on Versa and Viptella SD-WAN solution as a team and worked on evaluating the solutions.
• Migrated Nexus 7Ks & Nexus 5Ks to an ACI Fabric consisting of 9336PQ Spines & 9332PQLeafs in a brownfield Datacenter.
• Worked on PAC file updates, Internet proxy migration from IronPort to Zscaler cloud. Access policies, AD based, user based, location-based access. ZAPP client.
• Worked on Bridge Domains, VXLANs, VTEPS, VNID. configuration of routing using BGP among multiple Leaf to spine switches. Thorough understanding of Application Profile, Tenants, End Point Group, Inter Subnet Tenant Routing, Routing within Tenants, Router Peering and Redistribution. Worked on Migration project from traditional Data Center Architecture to Spine Leaf.
• Worked on connections handoff using Bridged Interface to an External Route. L3- EPG configurations, AEP configurations. Expert in GUI of ACI.
• Worked on integrating existing Layer 2 and Layer-3 networks with ACI.
• Play a key role in the company’s direction towards Cloud Computing platforms by creating a strategy for transition plans. Azure AD and AWS, Office 365.
• Experience with setting up AWS direct connect to amazon S3, Amazon EC2, Amazon VPC. worked on deploying AWS outbound proxy server with domain services and content filtering services.
• Analyze and provide courses of action on current as well as emerging security threats like ransomware attacks by research and recommendation of other security solutions to help mitigate network security threats while preventing their outbreak across the network.
• Worked on network design improvements involving BGP, EIGRP, OSPF, IP metric tweaking and load balancing.
• Design, implement, and develop network designs for applications used in TMO.
• Worked on Checkpoint Firewall to create new rules and allow connectivity for various Applications. Checkpoint is used as an internal firewall for application security in Kodiak network.
• Implemented Firewall rules and Nat rules by generating precise methods of procedure (MOPs). Responsible for packet capture analysis, syslog and firewall log analysis.
• Experience with F5 load balancers LTM and GTM and reverse proxy design and setup. Migration from ACE to F5.
• Experience in F5, Cisco ACE 4710 Load balancers. Migration Experience from ACE to F5 and NetScalers to F5. Worked on critical applications on Layer 4 and layer 7 load balancing. Experience with Virtual server, Pool, Node, Profiles - TCP, http, https, ftp, fastl4, Persistence - Source IP, SSL, Cookie, SNAT, iRules, iAPP, SSL offloading.
• Experience with F5 GTM and in-depth knowledge of DNS, Global level load balancing, Wide IP’s, Zones, Prober pools, Delegation from Windows DNS server to listener IP.
• Troubleshooting of Linux and Unix servers for application delivery servers. Install Dockers, Cisco and HP servers.
• High-level network troubleshooting and diagnostic experience using Packet capture tools like Wireshark.
• Configured network using routing protocols such as EIGRP, BGP and OSPF and troubleshooting L2/L3 issues.
• Designing, configuring, and troubleshooting QoS, SIP, H.323, RTP, SCCP, Session Border Controllers, Voice Gateways, Voice circuits IP /TDM, Cisco Telepresence Infrastructure, QoS, NAT, PAT, and multicast.
• Worked on Riverbed steelhead appliance to troubleshoot delay, jitter issues. Captured traffic and analyzed for root cause. Wrote policies and rules in steelhead.
• Adding and modifying the servers and infrastructure to the existing DMZ environments based on the requirements of various application platforms
• Assist in creating network design standards for hardware and software. Developing and maintain Network Documentation (Visio diagrams, Excel spreadsheets, Word documents, etc.) Configure and troubleshoot network elements in a test/dev environment.
• Worked on Orion (Solar Winds) for mapping network diagrams, updated Orion with commissioned and decommissioned network devices.
• Experience with configuration of Cisco call manager, Installing and worked on ICM management.

Confidential: Englewood, CO

Sr Network Engineer

Responsibilities:

• Involved in complete LAN, WAN development (including IP address planning, designing, installation, configuration, testing, maintenance etc.). Design of DMZ in primary and redundant data centers with Next Gen Firewalls, IPS/IDS sensors, Switching and routing.
• Experience in deployment of Nexus 7010, 5548, 2148T, 2248 devices
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for datacenter access architecture.
• Experience configuring Virtual Device Context in Nexus 7010
• Installation and maintenance of Cisco Layer 3 switches 3750, 4500X, 6500 in multi VLAN environment.
• Maintenance and configuration of Cisco ASR1000 series and 7200VXR routers at data center and deployment of 3900, 3800, 2951 and 2821 for branch connectivity.
• Involved in migration from Site-to-sire GRE tunnels network to MPLS-based VPN for customer’s WAN infrastructure.
• Worked with Red Hat Enterprise Linux with virtual servers using VMware.
• Implementing security Solutions using Vmware NSX Palo Alto PA-5000/3000, Cisco 5580/5540/5520.
• Migration experience from Cisco ASA 5500 to PA. Experience with migration tool in PA for Policies from ASA to PA. Experience with SSL forward proxy and URL filtering.
• Configuration and administration of firewalls, which includes Checkpoint, Juniper, and Cisco ASA firewalls.
• Experience with RIVERBED Steelhead appliance for WAN optimization.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for tasteful replication of traffic between active and standby member.
• Basic configuration of Cisco Meraki Layer 2 and Layer 3 switches like MS 220, MS 320 and MS 420.
• Migrated Checkpoint firewall architecture with new next generation Palo Alto PA3000 and PA5000 appliances serving as firewalls and URL and application inspection.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using Panorama.
• Successfully installed Palo Alto PA-3000/PA-5000 firewalls to protect Data Center and provided L3 support for routers/switches/firewalls.
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls and also implemented Zone Based Firewall and Security Rules on the Palo Alto Firewall by Vmware NSX.
• Involved in Switching Technology Administration including creating and managing VLANS’s, Port security, Trunking, STP, Inter VLAN routing, LAN security etc.
• Configured BGP, EIGRP and OSPF and Policy based Routing.
• Configuring OSPF and Static routing on Juniper M and MX series Routers
• Provide Tier II Load Balancer expertise on F5 BigIP Local Traffic Managers (LTM). Designing F5 solutions/support for migration work of applications and websites from Cisco ACE Load Balancers to the F5 BigIP Load Balancers.
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Configured Cisco 7200 routers which were also connected to Cisco ASA 5508 security appliances providing perimeter-based firewall security.
• Optimized performance of the WAN network consisting of Cisco 3550/4500/6500 switches by configuring VLANs.
• Configuring ASA 5510 Firewall and accept/reject rules for network traffic.
• Extensive knowledge and troubleshooting in data communication protocols and standards including TCP/IP, UDP, IEEE 802.3, Token Ring, Cable Modem, PPPOE, ADSL, Multilayer Switching, DoD standards.
• Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.

Confidential : Chattanooga, TN

Network Engineer

Responsibilities:

• Worked for State client with various government departments which include DOT, DOH, DOE to configure site to site connectivity, troubleshoot issues, application load balancing, Network security.
• Configure the layer 2 and layer 3 on Cisco Nexus 7K, 5K, 6509, 9710, 5596 UP, 4500, 3850, 3950, ASR and 2960
• Worked with Checkpoint, Cisco ASA, and Palo Alto Networks security solutions.
• Senior Cyber Security lead scripting languages such as bash and python, install, configure and troubleshoot vendor provided tools and provide to junior engineers. Deploy, implement and manage VMWare environment ESX, vSphere. Installed Cisco Catalyst 2960x Switch Stacks on multiple floors.
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Cisco IOS.
• Using vmware NSX deploying our security appliance servers to upcoming traffic in our network and no need configuration for going one server to other.
• Implementing & Troubleshooting of T1, MUXES, CSU/DSU and data circuits.
• Experience on designing and troubleshooting of complex BGP and OSPF routing problems,
• Have sound knowledge of Firewall architecture, routing and VPN.
• Have experience working on HP Open view Network Node Manager.
• Upgrade firewalls in accordance with change management & Document changes to firewalls.
• Monitor traffic and access logs in order to troubleshoot network access issues.
• Have experience with Cisco Works LAN Management Solution.
• Implemented Positive Enforcement Model with the help of Vmware NSX Palo Alto Networks
• Experience in migration of Frame-relay based branches to MPLS based technology using multi-layer stackable switch like 6500 series and 2800 series router.
• Testing VPC, BGP, OSPF, EIGTP, RIP, SPAN, Sflow, Vlan Trunking, SVI and power supplies on Nexus and ASR devices
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Hands on experience with Cisco 3500, 3750, 4500, 6500 series equipment and configuring and deploying and fixing them with various modules like Gig card, VPN SPA card, WIC card.
• Cisco IOS experience on 3600/7200 class hardware in complex WAN environment and experience on Cisco OS and IOS on CAT6500 in a complex data center environment.
• Involved in configuring IP Quality of service (QoS).
• Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system.
• Experience in designing, installing & configuring of Cisco ASA & FWSM (Firewall service module). Worked on Checkpoint firewalls R70, R75, R77.20 Gaia and Provider-1/MDM
• Evaluate, Analyze & Implement firewall policies to meet business requirements
• Experience in creating and maintaining Checkpoint and ASA firewall configurations, updating documentation and log analysis.
• Worked extensively in configuring, monitoring and troubleshooting Cisco's ASR 5500
• Applying crypto maps and security keys for the branches, ISAKMP (Internet security association key management protocol) for establishing Security associations (SA) cryptographic keys.
• Experience in configuring routing protocols like EIGRP, RIP v2, OSPF & BGP and Cisco ACS protocols like RADIUS and TACACS.
• Experienced in WAN environments, installing and troubleshooting data circuit problems (MPLS, T1).
• Worked on Layer 2 protocols such as STP, VTP, STP, RSTP, PVSTP+, MST and other VLAN troubleshooting issues and configuring switches from scratch and deployment.
• Involved in designing and applying QOS and policy map to 2800 series routers for all the branches.
• Experience working with Vmware NSX palo alto,Cisco ASA 5585-X firewalls with Firewall rules, IPSEC VPN, NAT, Active-Standby Failover, OSPF and Any Connect VPN technologies.
• Designed, configured, implemented site-site VPN on cisco ASA 5585-X firewall.
• Troubleshoot and Worked with Security issues related to Cisco ASA, palo altoandIDS/IPS firewalls.
• Acquired knowledge in working with Meraki wireless access points MR 12, MR 16, MR 24, and MR 34 etc.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Experience with configuration of FAST Fully Automated Storage Tiering Thin provisioning on Symmetrix VNX Storage Arrays.
• Experience in managing EMC Symmetrix DMX / VMAX, Clariion, VNX / VNX 2, NetApp Storage Filers, IBM Storage Arrays-XIV.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Negotiate VPN tunnels using IPsec encryption standards and configured and implemented site-to-site VPN, Remote VPN on Cisco 5585-x Firewalls.
• Collaborating with Application owners, Network Team, DNS Team, and Firewall Team to migrate websites from Cisco ACE Load Balancer to New F5 BIG-IP Local Traffic Manager.
• Deployed code upgrade from version 11.5.1 HF4 to version 11.5.4 on the F5 LTMs.
• Configured F5 GTM solutions, which includes Wide IP (WIP), Pool Load Balancing Methods, probers and monitors.
• Experience working with data center deployment where we converted from Cisco 6500 to Nexus.
• Experience working with Nexus 5020, 2148, 2248 devices.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus5000.
• Troubleshoot wan related problems including OSPF, EIGRP, BGP routing and design.
• Supporting EIGRP, OSPF and BGP based network by resolving level 2 & 3 problems of internal teams & external customers of all locations.
• Deploying Cisco routers and switches such as 7200, 3800, 3600 and 3500,4500, 5500.
• Managed SSL Termination on F5 BIG-IP LTM which entailed creating Cert Request, importing, renewing and applying to Virtual Server hosting the Application.
• Configuring and monitoring different modules F5 BIG-IP LTM and DNS traffic Management.
• Management of Viprion 2400 chassis for the deployment of Big IP.
• Perform Wireless Administration and troubleshooting for the corporate Wireless infrastructure.
• Build Logical design and Implementation of Wireless Solution
• Management tools, SNMP, Syslog, Sniffer
• Managed inventory of all network hardware, Management and Monitoring by use of SSH, Syslog, SNMP.
• Implemented and configured SNMP, Syslog and traps on Cisco routes to allow for network management.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS
• Implement and modify DNS entries and managing IP Addresses using Windows DNS and DHCP.
• Experience configuring and troubleshooting on Citrix NetScaler Load Balancer.
• Performed Access Control Lists (ACLs) to setup usage for the intended users.
• Responsible for IOS installations and upgradations using TFTP Server.
• Troubleshooted Routing/Switching/Security Configuration problems/errors encountered to Clients in Head/Remote Campuses.
• Performed subnetting of the IP addresses. Configuration and allocating IP and network resources to Storage, Virtualization, Server and Application teams.
• Responsible for design/implementation/maintenance of Site to Site VPNs, and remote access VPN's using Cisco solutions (ASA 5520 and 5540), including head-end and remote client-side connections.
• Performed network monitoring using tools like Netcool. Log collectors using Splunk. SNMP V2C configurations.

Confidential

Junior Network Engineer

Responsibilities:

• Monitored the performance of the network devices. Performed Troubleshooting and observed directing conventions such as OSPF, EIGRP & BGP.
• Installation and configuration of the Network of Cisco Router and Switches for EIGRP and VLANs etc.
• Worked on the Cisco switches 2950, 3560 and the Cisco routers 2500, 2600, 2800
• Initially involved in installations, technical support, troubleshooting and maintenance of network equipment.
• Good knowledge in Configuring Access Control List(ACL).
• Configured VLANS on different impetus switches performed investigating on TCP/IP system issues, Administered Frame-Relay and systems.
• Configured IPv4 VPNs using IPSec VPNs.
• Worked on WAN and LAN infrastructure. Worked on Cabling in IDF/MDF and in Data centers with Copper and Fiber.
• Managed system backup and restoration protocols.
• Escalating issue to higher network teams.