SUMMARY

• Highly dedicated and self - motivated Network Engineer trained to oversee the complex network of an organization to reach efficiency with perfection and focusing on optimizing the performance. Self-driven and proactive with robust troubleshooting knowledge and outstanding communication skills backed with analytical aptitudes.
• Over 9+ years of practical work experience in the field of IT as a network engineer, with in-depth knowledge and hands-on experience on Routing and Switching, Wi-Fi portfolio and troubleshooting protocols such as RIP, VOIP, OSPF, IS-IS, BGP, SNMP and EIGRP.
• Complete knowledge about the installation and configuration of Cisco switches 2960, 3560, 2900, 3750, 4500, 6500, Nexus 7000, Nexus 5000, Alcatel 7705 SAR series, WS-C4948 and Juniper EX.
• Hands-on experience in implementing and troubleshooting of VLAN, VTP, STP, Trucking, Ether Channel MSTP, 802.1Q, VRRP, LACP, AAA, RADIUS, DTP, HSRP, GLBP, TACACS, RSTP, PVST, RADIUS VTP, STP.
• Designing and configuration of BGP, OSPF on Juniper routers (MX960, MX480), Bluecoat Proxy SG300/600 and SRX Firewalls (SRX240, SRX550)
• Professional expertise in the department of implementation and analysis, troubleshooting and documenting the results of LAN/WAN architectures and excellent knowledge on IP services.
• Excellent knowledge on Sub netting, IP addressing, reverse & proxy ARP, VLSM and ARP and various ping concepts.
• Expert in handling routers such as 2600, 2900, 3600, 3900, 7200, 7600, ASR-901, ASR-903, ASR 5500, ASR-9010 and Juniper ACX, E, M, MX960 series.
• Clear concept about Physical cabling and IP addressing with VSLM implementing QIP configuration and DNS, TCP/IP and installation and configuration of proxies.
• Excellent knowledge and experience on GRE tunneling deployment, SSL, DMVPN and Site-Site IPSECVPN.
• Configuration of security policies including NAT, PAT, VPN, SSL-VPN, Route-maps and Access Control Lists.
• Hands-on with convert Checkpoint VPN rules over to the Cisco ASA solutions.
• Capable of observing and recording the traffic with various network management tools such as source file, Net flow Analyzer, Sniffer Infinistream, HP open View, Wire shark, solar winds, Cisco Works and Cisco ISE.
• Capable of creating the Access list design the route maps and distributed list.
• Good understanding and hands-on experience on multiple protocols such as EAP, PEAP, EAP-TLS, IEEE 802.1, IEEE 802.3, IEEE 802.11 and 802.1x.
• High level of expertise in multiple operating system like Windows 8, Windows 7, Windows 2008, Ubuntu, Asterisk, Linux, Red Hat Linux and MS Office Suite.
• Good experience in installation of VoIP and troubleshooting the issues, Digium Phone configuration and maintaining VoIP over VLAN.
• Implementation and tuning of management capabilities and basic security features related to PA-2000 series security appliance using PAN-OS 6 including SSH and WebGUI access, custom rules, virtual-wire and routed interfaces, trust/untrust and dmz zones along with logging and auditing. Configured an IPsec connection between two routers using GRE tunneling to encrypt the multi-cast traffic.
• Professional expertise on Network Scanning and management, Hands on Altering and logging tools such as Solar Winds, Science and Log Logic, nCircle, PRTG, Net cool and Wire shark.
• Capable of Planning and Designing of small and medium size organizational LAN, VLAN, WLAN and WAN on both wired and wireless networks.
• Have designed and configured switches for VLANS and managed communication between multiple switches.
• Managed the A10 networks for balancing the traffic of the network.
• Hands-on IOS, NXOS and IOS-XR BXB to N7K-NXOS (MPLS) system test.
• Good understanding of various Palo Alto firewalls which works with different managing tools such as Palo Alto PAN, desktop antivirus, AMRD, IPS, NextG Firewalls, Authentication and VPN.
• Experienced in troubleshooting DNS/DHCP issues within the LAN network.
• High knowledge on troubleshooting and configuring DNS, DHCP, TFTP, TELNET, SSH, FTP and NFS.
• Hands on experience on several Ticketing Tools like JIRA, Change Management, Service Catalog, ePCR, SR, Remedy and IP center.
• Managed and monitored all the network hardware inventories using SSH, NTP, Syslog and SNMP.
• Hands-on with Load Balancers F5 LTM like 3900, 6900 for multiple application.
• Excellent communication skills to interact with team members and support personnel and also can act as a mentor to less experienced personnel.

TECHNICAL SKILLS

Networking: OSI Model, TCP/IP, UDP, IPV4, IPv6, Sub-netting, VLSM, Layer2/3, Advanced switch and router configurations (Cisco IOS).

Switching: V-lans, Trunking, Ether Channel, Port Fast, Up-link, STP, RSTP, PVST+, DTP, MLPPP, IEEE 802.1q, MPLS, ISL and dot1q, SMTP, Inter-VLAN Routing, Light weight access point.

Routing: RIP2, EIGRP, OSPF, BGP v4, IS-IS Static Routing, Route.

Infrastructure services: DNS, ICMP, SNMP, ARP, IRDP, NAT, SNMP, SYSLOG, NTP, InfoBlox, DHCP, CDP, TFTP and FTP.

Layer 3 Switching: CEF, Multi-Layer Switching, Ether Channel.

Carrier Technologies: MPLS, MPLS-VPN.

Network Security: Cisco ASA5550/ 5540, NetScreen, Juniper SRX, Palo Alto, Checkpoints, AAA, Firemon, FREE RADIUS, CADA, LDAP, IPsec VPN, SSL VPN, IDS, IPS, Source Fire, Fire Eye, Cisco NAC (4.9.3), Cisco ISE, Aruba, RSA, RSA 2 Factor, SIEM, Qradar, Tripwire.

Management tools: Wire shark, SNMP, Ethereal, Solar Winds, Net cool, Science Logic, Log Logic, EM7, Indeni, nCircle, PRTG, Blue Coat, Websense, Cisco NAC, ISE, Active Directory.

Firewalls & Load Balancers: Cisco ASA 5585, 5550, 5540, Juniper SRX5400, 5600, 5800, Juniper Netscreen 6500, 6000, 5400. Juniper SSG Firewalls, Palo Alto PA-3060/2050, F-5 BIG-IP LTM (3900 and 8900), Blue Coat SG8100, AV 510, AV810.

OS: Windows (98, ME, 2000, XP, Sv2003, Sv2008, Sv2012, Vista, 7, 8), Ubuntu, Linux, Kali Linux, CentOS, FreeBSD, Red Hat.

Language: Unix, Turbo C / C++, basics in Perl and Shell scripting.

PROFESSIONAL EXPERIENCE

Confidential - Newark, CA

Firewall Security Engineer

Responsibilities:

• Proficient in including general configuration, security policy, rules creation and modification of cisco ASA, Juniper SRX and Fortigate.
• Strong experience in as per the requirements on Checkpoint, Palo Alto, Cisco ASA, Juniper and Fortinetfirewalls.
• Responsible for including general configuration, optimization, security policy, rules creation and modification of ASA and SRX and fortigate Firewalls.
• Configured ACLs to allow only authorized users to access service.
• Working on Traffic Migration from Cisco Juniper SRX and Fortigate.
• Extensive Packet level debugging and troubleshooting on Cisco ASAfirewallsand Juniper SRXto resolve numerous network issues.
• Configuration, Troubleshooting and Maintenance of ASAFirewalls(40+firewalls) 5505, 5510, 5520, 5540, 5585.
• Hands on Firepower IDS.
• Extensive implementation offirewallrules on Juniper SRX 3600, SRX 650 and SRX 220 on a daily basis, using SPACE as well as CLI when needed.
• Resolved Customers request to create firewall policies for Cisco ASA, juniper SRX, Fortigate and NX-OS.
• Configured ASA 5520/5500to ensures high-end security on thenetworkwithACLsand Firewall.
• Installation of Cisco Firepower Management Center with the switch to work with Cisco ASA to monitor the unwanted traffic flow.
• Resolved 8 to 10 tickets per day which involved creating Access Control List, removing ACLs and migration.
• Worked on the CLI for tracing and creating ACLs between the source and destination for Cisco ASA, juniper SRX, Fortigate and NX-OS.
• Drafted, installed, and provisioned Cisco ASA, juniper SRX, Fortigate and NX-OS rules and policies.
• Have created Delta Config on Juniper networks where ever required.
• Experience with the deployment ofnetworkand/or server hardware within both corporate IPNetworksand DMZsecurityFirewalled Zones, including design, specifying requirements, and troubleshootingnetworkconnectivity, routing, and firewall rules.
• Supervising the administration of systems and servers relatednetworkto ensure availability of services to authorized users via ACL.
• Securityauditing of perimeter/ Edge routers, identifying missing ACL's, writing and applying ACL's
• Configuring standard and Extended Access Control list (ACL) and ASA Firewalls.
• Provide Service Support to Clients regarding LAN/WAN connectivity Configuring and Modification of ACL, NAT Rules and Port numbers in ASA Firewalls using CLI and SecureCRT.

Confidential - Los Angeles, CA

Sr. Network Engineer

Responsibilities:

• DeployedISEWireless solution for the organization.
• ConfiguredCiscoISEfor Wireless and Wired 802.1x Authentication onCiscoWireless LAN Controllers, Catalyst Switches, andCiscoASA Firewalls.
• InstalledCiscoIdentity Services Engine and configured and customized Guest Portal for self-registration.
• Supported enterprise environment including: Aruba controllers, Airwave and APs/Cisco wireless controllers.
• Deployed 802.1x with PEAP for Employee Wireless Access.
• Createinfrastructureperformance reports and daily monitoring of ALLCiscoWireless Devices.
• Assisted with AP placements throughout the site usingCiscoPrimeAP Maps and AirMagnet.
• Monitoring the performance of all the access points connected to the Wireless LAN controller of different locations.
• Updated Wi-Fi networks, conducted surveys of existingwirelessnetworks.
• Manage Local AreaNetworkby Maintaining VLANs and Wireless Aps.
• Worked with Solarwinds to monitor the health of network devices throughout the organization in different locations.
• Replaced old Access Points with new once in various locations and deployed the entire configuration process.
• Single handedly performed the HA configuration, configuring the secondary controller in a redundant mode.
• Undertook the project of converting all the access points connected to the network from local mode to flex connect mode.
• Upgraded Prime Infrastructure from 2.1 to 2.2.
• Involved in complete LAN, WAN, Extranet redesign (including IP address planning, designing, installation, pre-configuration ofnetworkequipment, testing, and maintenance).
• Configured and designed LANnetworkswith Access layer switches such as Cisco4510, 4948, 4507 switches.
• Installed EIGRP and OSPF routing protocols on cisco routers.
• Monitoring and troubleshooting of wireless issues in thenetwork.
• Configured for Wi-Fi Standard QoS, Command Line Interface (CLI), Web interface (WebUI), Logical and Physical Interfaces, Creating Firewall Roles and Policies.
• Involved in designing and implementation of wireless IPT devices.
• Performed physical connection of switches, routers, Access Points and controllers in the data center.

Confidential - Philadelphia, PA

Network Support Engineer

Responsibilities:

• Configured and aided in troubleshooting several networking issues including OSPF, EIGRP and BGP routing issues.
• Configured and provided support for S2S IPsec tunnels as well as remote users.
• Undertook Tier 2 technical support responsibilities consisting of detection, diagnosis and correction of issues.
• Perform the task to complete the Hub Installation, configuration and making sites UP and running on the network.
• Good knowledge and experience on commercial Wi-Fi configuration on wireless devices such as Cisco, Ruckus, Aruba.
• Was a part of the Architecture team who evaluates design details and provides information on current and proposed network infrastructure considerations.
• Assisting various departments to meet their needs regarding Site-to-Site and Remote Access VPN using Cisco ASA .
• Perform daily Intrusion Detection Sensor (IDS) monitoring to ensure that all sensors are active.
• Configuring the Layer 2 and layer 3 routing and switching.
• Configured Wi-Fi settings for the organization.
• As an ISE Senior lead primary responsible to provide design, consulting and implementation documents to support ISE securityservicesto the client.
• Worked with AMP on monitoring the traffic flow and analyzing the organizational threats and prioritising the action required.
• Configuring routers using multiple routing protocols such as EAP, PEAP, EAP-TLS, IEEE 802.1, IEEE 802.3, IEEE 802.11 and 802.1x.
• Worked with the security engineer for gathering information and analysis through the Firepowerand AMP for Endpoints products.
• Advise the security team on best security and configuration practices while helping them implementFirepowerfeatures into the organizational environment.
• Monitor, maintain and secure an upgraded wireless infrastructure using 802.1x; improving guest and team member satisfaction while resolving a high visibility network deficiency.

Environment: Cisco 2948/3560/4500/3560/3750/3550/3500/ switches and Cisco 3640/ 00/3845/3600/2800 routers, Cisco Nexus 7K/5K, Cisco ASA 500 IPS/IDS, Checkpoint, windows server 2003/2008: F5 BIGIP LTM, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP

Confidential - Raleigh, NC

Network support Engineer

Responsibilities:

• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Configured Cisco IOS Feature Set, NAT and Simple Network Management Protocol (SNMP) for Network Security implementation.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Managed, supported and provisioned LAN/WAN equipment for a new network IDF deployment pertaining to Juniper J2320 and J2350 devices.
• Worked in data center for client TIAA CREF. Responsibilities included the provisioning & installation of the IOS image onto Cisco router series 3750 and catalyst switch series 6509.
• Responsible for administration and support of the Network Infrastructure comprised of Juniper devices J2320, J2350, and J4350.
• Responsible for P2P, ISDN, SIP, and WAN technologies using protocols such as PPP, LCP, ICMP, HDLC, SNMP, EIGRP, H.323, and E.164.
• Experience working with HP layer 2 and layer 3 devices such as 3500, 5900, 5930, 6600, 12504.
• Support Engineer in Installation of juniper router MX104, MX240 and connect them on HP network with HP router, switches and firewall in DC, it includes coordinating with AT&T.
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking, Route aggregation, Bridge aggregation and protocol.
• Migrated cisco3550 switches to 3750 PoE switches to provide support to Wireless APs.
• Involved in configuring and implementing of composite Network models consists of Cisco7600, 7200, CSR-1 series routers and Cisco 2950, 3500, 5000, 6500 Series switches.

Environment: Cisco 7200, 7204, and 7206 Routers, Switches: Cisco Distribution layer switches such as 4510, 4948, 4507, 7k, 5k and 2k series. Firewalls 5GT, 208, EIGRP, RIP, OSPF, CISCO ASA, DHCP, DNS, SAN, Spanning tree, Windows Server, Windows NT

Confidential - Irvine, CA

Network Engineer

Responsibilities:

• Designing MPLS VPN and QoS for architecture using Cisco multi-layer switches.
• Cisco IOS experience on 3600/7200 class hardware in complex WAN environment and experience on Cisco OS and IOS on CAT6500 in a complex data center environment.
• Configured DUO dual factor authentication integrated with Cisco ASA VPN and NetScaler 5500 FIPS.
• Installation, Configuration and Administration of ADS, DNS, DHCP and Web proxy(ISA)server.
• Installed and configured the Cisco routers 2800 in two different customer locations.
• It includes coordinating with Verizon and AT&T to bring the serial interface up for T3 link. Also, configuration includes frame relay, BGP and VPN tunnel on GRE.
• Troubleshooting and installing of CRS, ISR, GSR, ASR9000 and Nexus devices.
• Configuring Nexus 2000 fabric extender which acts as a remote line card for the Nexus 7000. Configuring VDC & VPC in Nexus 9k,7k,5k and 2k.
• Configured HSRP and VLAN trunking 802.1Q, VLAN routing on catalyst 6500 Switch.
• Worked extensively on firewalls and VPN gateways checkpoint, CISCO, juniper, Forti-Gate GUI and arista equipment's.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Installation configuring and troubleshooting of cisco 7200VXR, ASR1K, ASR4k, ASR9K series routers and catalyst 6500, 2900 series switches.
• Involved in configuring juniper SSG-140, cisco PIX firewall and check point firewall.
• Established development lab for testing of network equipment. Models included EX4200, EX3200, J2350, J6350, Cisco 6500 and Cisco 3560.
• Troubleshoot and hands-on experience on security related issues on cisco ASA/PIX, checkpoint, IDS/IPS, Palo Alto and Juniper Net screen firewalls.
• Installed and configured DNS and DHCP server.

Environment: STP, RSTP, Cisco IOS-XR, ASA, VTP, VOIP, DMZ, HSRP, Palo Alto, Port-Channel, BGP, OSPF, EIGRP, PPP, HDLC, SNMP, DNS, DHCP.

Confidential

Network Support Engineer

Responsibilities:

• Installation and Configuration of Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design Document and followed the change process as per IT policy It also includes the configuration of port channel between core switches and server distribution switches.
• Configures Nexus 7010 including NX-OS virtual port channels, Nexus port Profiles, Nexus port profiles, Nexus version 4.2, 5.0, Nexus VPC peer link.
• Involved in configuring and implementing of composite network models consists of cisco 7600, 7200, 3800, 9000, CSR-1 series routers and cisco 2950, 3500, 5000, 6500 series switches.
• Involved in L2/L3 switching technology administration including creating and maintaining VLANs, port security, trunking, STP, RSTP, LAN security.
• Extensive implementation of firewall rules on juniper SRX 3600, SRX 650, and SRX 220 on a regular basis using space as well as CLI when needed.
• Maintain redundancy on cisco 2600, 2800, and 3600 routers with HSRP and VRRP.
• Configuration of Access List ACL (STD, Ext, Named) to allow users all over the company to access different applications and blocking others.
• Responsible for Checkpoint and Cisco-ASA-firewall administration across global networks.
• Configured IPX/SPX, HDLC, PPP, TCP/IP, BGP, EIGRP, RIP, &HSRP.
• Supporting EIGRP and BGP based PwC network by resolving level 2 &3 problems of internal teams & external customers of all locations.
• Coordinated with LAN/WAN engineers the development and implements security policy.
• Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
• Replaced outdated Cisco switches and routers in existing Data center and installed new Cisco switches and routers including migration of series router
• Responsible for network evaluations, troubleshooting a variety of network problems, and implementing various software and hardware upgrades efficient performance.

Environment: Cisco 7200/3845/3600/2800 routers, TACACS, EIGRP, RIP and Vulnerability Assessment tools like Nessus, Red Hat, Solaris, Juniper VPN's and SSL.

Confidential

Jr. Network Engineer

Responsibilities:

• Knowledge and experience with DNS, DHCP, VPNs, Spanning Tree Protocol, and Virtual LANS.
• Designed network connectivity and network security, between various offices and data center.
• Installed and configured routers including 1800, 2600 along with Cisco switches including 3750 and 6500.
• Responsible for Configuring SITE TO SITE VPN on VPN Concentrators series between Head office and Branch office.
• In-depth expertise in the implementation of analysis, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Assist the certification team and perform configuration of LAN\WAN technologies such as Ethernet, Fast Ethernet, and Gigabit Ethernet.
• Configuring and maintaining file sharing services using SMB, FTP, WebDAV, and HTTP/HTTPS protocols.
• Maintain domain controllers, DHCP, DNS, active directory, IIS, file share, MS Exchange Server, and SharePoint.
• Basic to advanced L2/L3 switching implementation using VLAN(s), QoS, Port Security, and STP.
• Installation of small, medium, and large VoIP solutions using either ShoreTel, Digium, or Cisco hardware.
• Implementing 3750 Stackable switches using Cisco Stack Wise technology.
• Experience to review and evaluate current and future design issues as required maintaining network integrity, efficient data flow.
• Maintained and prepared network documents and diagrams of data centers and operational sites using VISIO.
• Provided support for troubleshooting and resolving Customer reported issues.
• Interacting with the clients by creating tickets for the issue and dispatching to the correct queues for resolution.

Environment: Cisco 2948/3560/4500/3560/3750/3550/3500/2960, 6500 switches and Cisco 3640/12000/7200/ 3845/3600/2800 routers, Cisco Nexus 7K/5K, Cisco ASA 500, windows server 2003/2008: F5 BIGIP LTM, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP