SUMMARY

• Network Engineer with Over 7+ years of experience in testing, troubleshooting, implementing, optimizing and maintaining enterprise data network and service provider systems.
• Implementation, Configuration and Support of Checkpoint (NGX R65, R70 and R71), Juniper Firewalls (SRX5400, SRX5600, and SRX5800), Cisco Firewalls (ASA 5505, 5506 - X, 5585), Palo Alto
• Experience in risk analysis,securitypolicy, rules creation and modification of Check Point/Nokia Firewall VPN-1 FW-1 NGX R65, R70 & R75 Provider-1/Site Manager-1 R65, R70.30 & R75.40, Cisco ASA, PALO ALTOnetworks
• Networks Firewall models (PA-2k, PA-3k, and PA-5 k).
• Provide scalable, supportable military grade TCP/IP security solutions along with expert TCP/IP network designs that enable business functionality.
• Administration, Engineering, and Support for various technologies including proficiency in LAN/WAN, routing, switching, security, application load balancing and wireless.
• Worked on Juniper Net Screen Firewalls like, NS50, SSG 550M, SSG520M, ISG 1000, ISG 200 and Cisco PIX 535, 520, 515, ASA -5500 and 5505.
• Responsible for Checkpoint and Cisco firewall administration across global networks.
• Worked on Cisco Catalyst Switches 6500/4500/3500 series.
• Policy development and planning / programming on IT Security, Network Support and Administration.
• Experience in configuring and Troubleshooting BIG-IP F5 load balancer LTM.
• Creating Virtual Servers, Nodes, Pools and iRules on BIG-IP F5 in LTM module.
• Experience with Firewall migrations from PIX firewall to Cisco ASA and Juniper SRX firewall appliances.
• Experience with Bluecoat Proxy servers, LAN & WAN management.
• Experience in working with Cisco Nexus Switches and Virtual Port Channel configuration.
• Experience with Checkpoint VSX, including virtual systems, routers and switches.
• Experience in Network LAN/WAN deployment
• Experience with DNS/DFS/DHCP/WINS Standardizations and Implementations.
• Extensive understanding of networking concepts, (IE. Configuration of networks, router configuration and wireless security, TCP/IP, VPN, Content Filtering, VLANs, and routing in LAN/WAN, Ethernet Port, Patch Panel and wireless networks.)
• Configuration of Network and Security devices such as Cisco routers and switches (Cisco 7600/3500/Nexus 7K/5K), Firewall (Checkpoint R75/Gaia and Cisco FWSM), Load Balancers and DNS and IP Manager (Infoblox)
• Black listing and White listing of web URL on Blue Coat Proxy Servers.
• Administration of production Windows Servers infrastructure that includes Domain Controllers, IIS Web Servers, SharePoint, File and Print and FTP/SFTP servers.
• Extensive experience in Windows 2008 R2/2008/2003 Wintel Servers at single or multi domain platforms.
• Proficient in installing and configuring Windows Server 2003, 2008, 2012 and Windows XP, 7 & 8 Professional Client Operating Systems
• IDS and IPS event management using CSM including signature updates for SSM Modules, IDSM.
• Provides management level reporting of firewall and Intrusion Protection System (IPS) activity on a periodic basis.
• 24 x 7 on call support.

TECHNICAL SKILLS

Cisco Routers: Cisco ASR9k, GSR 12000, 7600, 7500, 7200 VXR, 3800, 3700, 2800, 2600

Cisco Catalyst Switches: Catalyst 6500, 4000, 3550, 2900

Nexus Switches: Nexus5548, 5596, 6000, 7009, 7018; Cisco Catalyst: 6506, 6509, 4928, 4948, 4507,4510, 3750,3560, and 2960

IP Routing Protocols: BGP, OSPF, EIGRP, IGRP, RIP v1 & v2, IS-IS

MPLS: LDP, MPLS L3 and L2 VPN

Load Balancing: Cisco ACE 4700 series, F5 LTM

Firewalls: Cisco ASA 5500, Cisco PIX 500, checkpoint r60, checkpoint r65

LAN Switching: STP, IEEE 802.1Q, VTP, VLAN & Inter-VLAN routing, QoS

WAN/core: ATM, Frame-Relay, ISDN, PPP, HDLC

Optical infrastructure: SONET OC3-OC192, SDH, POS, PDH

IP Telephony: SIP, H.323, RTP, Voice Gateways, CCM, QoS

VoIP Devices: Cisco IP phones, Cisco 5500, 6500 series controller, Avaya 3000, 6000, 7200 series Controllers

Quality of service: CBWFQ, RED/WRED

Wireless Technology: Cisco AP, LWAP, Access Points, WCS

Ticketing software: Connect Wise, Remedy system

Management software: HP open view, Solar winds, PRTG Network Monitor

IPSEC/VPN Configuration: PIX to Router, Router to Router, PIX to VPN wildcard client, Router to VPN wildcard client, PIX to PIX, fully meshed configurations

Cabling: CAT 5, CAT 5e, CAT 6, CAT 6a

Operating Systems: Windows Server/8/7/Vista/XP, Nexus OS, Cisco IOS-XR, Linux, Unix (Mac OS)

Microsoft Office: Visio, Excel, PowerPoint, Word

PROFESSIONAL EXPERIENCE

Confidential, Washington, DC

Sr. Network Engineer

Responsibilities:

• Conducted a thorough technology analysis as a complete upgrade of existingnetwork, which was required by the company
• Maintained a Network with more than 600 Network devices, some 25,000-end hosts, and the other Network devices like DHCP, DNS servers, and Firewall servers
• Configured routers including 3925, 3845, 2811, 2600 series along with Cisco switches including 2960,3750
• Performed OSPF and BGP protocol administration and used redundancy protocols like HSRP, VRRP
• Configured VLANs, VTP, RSTP, STP (Spanning Tree Protocol), and Ether channel and port security at switching level
• Works with the end users to validate problem descriptions and perform detailed problem diagnosis, track and update problems in HP Service manager (Trouble-ticketing System)
• Assisted Operations with troubleshooting and root cause analysis fornetworkincidents in the environments
• Assisted in migration of existing B2B VPN tunnels with the vendors from the 3060 VPN concentrator to ASA Firewall and configured site-to-site IPSEC VPN
• Performed multiple firewall changes on the PIX, ASA, and Palo Alto firewall based on the requirements and monitored firewall changes using fire mon Tool
• Performed updating of F5 wide IP configurations, persistence profiles, updating the SSL certificates across the F5 devices for the resource updates
• Configured MPLS CE (Customer edge router) and complete support for MPLS POP & Related issues in MP & CG
• Used multiplenetworkmonitoring tool Solar Winds, Cisco Prime for supporting the existing core network environment andNetworkedge devices
• Configured WAP and performed troubleshooting of WAP and WLC using Cisco NCS Monitoring Tool.
• Extensively used Infoblox for IP address management. Created and added IPv4Network, Reserved IP addresses for various devices, Defined DHCP Scope as per the requirements, Created DHCP scope options for setting up Voice VLANs and PXE Clients etc.
• Set up and troubleshoot secured wireless access points (WAP) and wireless LAN controller (WLC) for broadband Internet and continuousnetworkmobility
• Created live events on Show and share. Coordinated with users to check on any issue during the livestreaming
• Networkup gradation & migration (Hardware / Software) from ATM/Frame relay to MPLS.
• Responsible for configuration and administration of over 25 firewalls which includes Checkpoint, and Cisco ASA firewalls
• Experience working with multi-vendor load balancers like F5 and Citrix Netscaler.
• Auditednetworkdevices to confirmnetworkpolicies and guidelines meet or exceed targets for successfully audits
• Worked closely with Sales representatives for the AVAYA Dialer Project
• Assisted Cisco and Presidio (Blue water) during the design and implementation on various projects in our company
• Scheduled and monitored multiple Videoconferences using TMS (Tele management Suite)
• Used Cisco works, Content Management Systems (CMS), Cisco secure access control server (ACS), Cisco SmartNet, RiverbedNetworktools to update thenetworkdocumentation

Environment: Networkedge routers, Switches, WAP, WLC, OSPF, BGP, VLAN, VTP, RSTP, STP (Spanning Tree Protocol), HSRP, IPSEC VPN tunnels, ACL, NAT/PAT, Firewalls (ASA, PIX, Checkpoint, Palo Alto), F5 Load Balancers, TMS, DMP, S&S, Cisco Works, Solar Winds, Cisco ACS, Cisco NCS, Cisco SmartNet, CMS, Firemon, NetMRI, Service Manager (Trouble ticketing system), ASDM, Riverbed

Confidential, Mclean, VA

Sr. Network Security Engineer

Responsibilities:

• Responsible for setting up the infrastructure environment with majority of Cisco & Palo Alto appliances apart from various other equipment.
• Researched, designed, and replaced aging Checkpoint firewall architecture with new next generation Palo Alto appliances serving as firewalls and URL and application inspection.
• Configuring and troubleshooting perimeter security devices such as Checkpoint NGX R77 Gaia, Provider-1/MDM, Secure Platform, Palo Alto and ASA Firewalls.
• Performed network implementation that includes configuration of routing protocols, leased lines, ISDN lines, VLANs and IOS installations.
• Troubleshot the network issues onsite and remotely, depending on the severity of the issues.
• Deployed and decommissioned the VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Had hands-on experience with WAN (ATM/Frame Relay), Routers, Switches and IP addressing.
• Configured and deployed VPC, OTV, FABRIC PATH between Nexus 7010 and Nexus5596,5548 switches along with FEX2248
• Worked with layer 2 switching technology architecture. Implemented L2 and L3 switching functionality, which includes the use of VLANS, STP, VTP and their functions as they relate to networking infrastructure requirements including internal and external treatment, configuration and security.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering)
• Successfully installed Palo Alto PA 3060 firewalls to protects Data Center and provided L3 support for routers/switches/firewalls
• Supported core network consisting of Cisco 7200 series routers running multi area OSPF.
• Configured EIGRP and OSPF as interior gateway protocols with route filtering and route redistribution.
• Troubleshot complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF and BGP.
• Responsible for all aspects of TCP/IP functionality across multiple enterprise environments.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Involved in Implementation and Configuration (Profiles, I Rules) of F5 Big-IP C-4400 load balancers
• Configured ASA 5500-X Series firewalls to provide highly secure and high performance connectivity between the site locations.
• Configuring Big-IP F5 LTMs (virtual servers, pools, SNATs, health monitors, iRules) for managing the traffic and tuning the load on the network servers.
• Worked on Juniper SRX 5800 firewalls to create policies using J-Web User Interface.
• Performed Network Address Translation on Cisco ASA 8.2 and 8.3
• Used DHCP to automatically assign reusable IP addresses to DHCP clients.
• Performed the ACL request changes for various clients by collecting source and destination information from them.
• Troubleshoot the BIG-F5 1600 LTM through constant contact with the vendor.
• Created MOPS (Method of procedures) and sought the approval of peers to perform configuration changes.

Environment: Cisco Routers, Cisco Switches, Nexus 7k/5k/2k Routing protocols, F5, Load Balancer HSRP, VRRP, IPSEC VPN, VPN, QOS, ASA firewall, Load balancer, MPLS, VLANS, VTP, RSTP, ACL, NAT, IDS/IPS, Monitoring tools (PRTG, HP Open view), SIP, RTP, RADIUS, TACACS+, Cisco Wi-Fi technologies, Juniper SRX, ASR 9000, Catalyst 6500, CRS, Cisco ASR Firewall, IPV6, Cisco IP phones

Confidential, Mount Laurel, NJ

Network Security Administrator

Responsibilities:

• Firewall Policy Provisioning and troubleshoot connectivity issues through firewall.
• I worked on Check Point Security Gateways and Cisco ASA Firewall.
• Firewall Clustering and High Availability Services using Cluster XL on Check Point.
• Configuring and tweaking Core XL and Secure XL acceleration on Check Point gateways.
• Troubleshoot User connectivity issues on Checkpoint and Cisco ASA using CLI utilities.
• Packet capture on firewalls and analyzing the traffic using Wire shark utilities.
• Troubleshot Clustering issues on Check Point and Sync issues monitoring and fix.
• Upgrade of Checkpoint Gateways in Cluster with Minimal downtime.
• Implemented Active/ Standby HA configuration on Cisco ASA Firewalls.
• Configuring Cisco ASA firewalls in Single and Multiple Context Mode firewalls.
• Upgrade of Cisco ASA Firewall in Active/Standby mode with no down time.
• Configuring VPN both B2B and remote access SSL and centralized policy administration using FortiManager, building FortiGate High Availability using FortiGate Clustering Protocol (FGCP).
• Firewall Compliance and Rule remediation for compliance such as SAS 70 Audit.
• LAN/WAN level 3 support (diagnose and troubleshoot layer 1, 2, 3 problems)
• Vlan design and implementation, Spanning Tree Implementation and support using PVST, R-PVST and MSTP to avoid loops in the network. Trunking and port channels creation.
• Working with OSPF as internal routing protocol and BGP as exterior gateway routing protocol.
• Configuring static NAT, dynamic NAT, inside Global Address Overloading, TCP overload distribution, Overlapping Address Translation on Cisco ASA Firewalls.
• Physical cabling, IP addressing, Wide Area Network configurations (Frame-relay).
• Deployed a Syslog server to allow proactive network monitoring.
• Implemented VLANS between different departments and connected them using trunk by keeping one Vlan under server mode and rest falling under client modes.
• Configured Firewall logging, DMZs and related security policies and monitoring.
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet channel between switches.
• Documentation and Project Management along with drawing network diagrams using MSVISIO.
• Environment: CISCO routers and switches, Access Control Server, VLAN, Trunk Protocols, CISCO ASA, DHCP, DNS, Spanning tree, Nimsoft.

Environment: CISCO routers and switches, Access Control Server, VLAN, Trunk Protocols, CISCO ASA, DHCP, DNS, Spanning tree, Nimsoft.

Confidential

Network Engineer

Responsibilities:

• Provide high level technical support, including identifying and resolving problems on Cisco supported products for e-Commerce infrastructure.
• This included external routing and internal/intranet routing for DMZ servers.
• Implemented cable multi-service operator (MSO) to capture traditional Telco subscribers with IP telephony and provide relevant QOS.
• Configured EIGRP, BGP, and MPLS.
• Configure Firewall, QOS by SDM and provide security by Prefix list, Access- List and by Distribution List.
• Moved Core switches and several non-Cisco devices under strict deadlines to maintain network functionality
• Implemented new ultra-secure networks in multiple data centers that included Cisco, Juniper security devices.
• Designed VLAN’s and set up both L2 and L3 logical to have it communicate to the Enterprise network.
• Scheduled preventive maintenance for fire-protection systems, including new protocols. Utilize MS Windows, Word, and Excel for reporting/documenting process.
• Satisfactorily Resolved Problems in timely manner with focus on providing a high level of support for all customers.

Environment: Cisco 2950 switches and Cisco 3825 Routers, EIGRP, BGP, MPLS, VLAN, QOS

Confidential

Network Support Engineer

Responsibilities:

• Configured, tested, implemented and maintained telecommunication and LAN operational support activities of Radio AccessNetwork.
• Worked on installation, maintenance, and troubleshooting of LAN/WAN (ISDN, Frame relay, NAT, DHCP, TCP/IP).
• Configured Access List (Standard, Extended, and Named) to allow users all over the company to access different applications and blocking others.
• Responsible for design, configuration and maintenance of numerous telecom systems, hardware systems.
• Capable of providing high levels of technical and telecommunications engineering support.
• Worked with telecom vendors in regards tonetworkfault isolation.
• Configuring and installing client and servernetworksoftware for upgrading and maintainingnetwork and telecommunication systems
• Maintained company Telecom office which coordinates and develops voice and data drops for customers.
• Performed scheduled Virus checks and updates on all servers and desktops.
• Got Hands-on experience in maintaining and troubleshooting RIP, OSPF and EIGRP routing protocols.
• Configured RIP and EIGRP on 2600, 2900 and 3600 series Cisco routers.
• Implemented VTP and Trunking protocols (802.1q and ISL) on 3560, 3750 and 4500 series Cisco Catalyst switches.
• Performed IOS upgrades on 2900, 3500 series Cisco Catalyst switches and 1800, 2600, 3600 series Cisco routers using TFTP. Provided network connections for new workstations
• Configured STP for loop prevention and VTP for Inter-VLAN Routing.
• Done troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment.
• Worked onnetwork-based IT systems such as Racking, Stacking and Cabling
• Configured Cisco Routers (2621, 2621XM, 2620, 2800) using EIGRP and Configured Cisco Switches (Catalyst 6500, 4500, 3750)
• Provided design of both physical and logicalnetwork, optimizing performance, and implementation strategies including rebuilding the entirenetworkinfrastructure across four remote locations redesigning all Switches and Routers. Redesigned IP and bandwidth management strategy.

Environment: Cisco Routers 2500, 3600; Cisco Switches3500, 2900 and 1900 series; Routing protocols RIPv2, EIGRP,OSPF; Switching Protocols STP, VTP, RSTP and VLAN; Firewall Security Protocols: ACL, NAT, PAT