SUMMARY:

• Cisco and Juniper Certified with over 8 years of design, implementation, and migrations in Secured High - Available Multi-Homed Multi-Tier infrastructures.
• Extensive experience in design, deployment, implementing, and troubleshootingLAN/WAN,MPLS, VLAN,CiscoRouting and Switching, Cisco Voip, F5, BIG-IP Load Balancing, Fortinet,JuniperSRX/EX,CiscoASA,CheckpointR77 3.0/NG-1, andPalo Alto6x/7 Next Generation firewalls, Network Security, SEIM, DLP, and IPS/IDS for data center environments.
• Experience in working withCisco2500, 2600, 2800, 3600, 3800, 7200, 9010 series Routers.
• Strong hands on experience on configuringCiscoCatalyst 2900,2960, 3560, 3750, 4500, 4900, 6500series andNexus 7000, 5000 and 2000switches.
• Extensive knowledge with VLAN’s, Trunking, RSTP, SNMP, Ether Channels, HSRP, Port Security, ACL’s, QoS, Traffic Policing, Shaping, EIGRP, OSPF, RIP v1/v2, BGP NAT, PAT, Inspections, VPN’s, DHCP, WireShark, MPLS
• In depth knowledge of F5 BIG-IP/IQ, Viprion, LTM, GTM, ASM. AFM Hardware Platforms, F5 TMOS Architecture including currently generally available software versions, F5 API and F5 load balancing in production E-commerce environment.
• Experience working with AWS services EC2, VPC, ELB, S3, Cloud Formation, Cloud Trail, Route 53, RDS, SQS, etc.
• Eexperience of various layer 2 transport protocols including ATM & Frame Relay andMPLS, 2547bis VPN, RFC 4364, mVPN, VPLS.
• Worked onAWScloud, S3, RDS, Load Balancer, Auto Scaling withAWScommand line interface andAWSpython SDK.
• Experience with convertCheckpointVPN rules over to theCiscoASAsolution. Migration with bothCheckpointandCiscoASAVPN experience.
• Experience and specialized in smooth migration like Data centre migration (Cisco 6500 to Nexus 7k), Wireless migration (WISM to WLC), Firewall Migration (FWSM to ASA/FTD/NGFW).
• Experience with implementing and maintaining network monitoring systems (Ciscoworks and HP Open view).
• Experience withWANacceleration technologies, such asCiscoWAAS andRiverbedSteelheads.
• Well experienced in configuring HSRP, GLBP, ICMP, PPP, PAP, CHAP and SNMP.
• Experience in installing and configuring DNS, DHCP server
• In-depth knowledge and hands-on experience in ISP Routing Policies, Network Architecture, IP Sub netting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
• Experience with design and deployment of MPLS Layer 3 VPN, MPLS Traffic Engineering, MPLS QOS
• Experience with implementation of DNS and DHCP protocols.
• Good knowledge of OSI Model and TCP/IP networking standards with protocols such as SNMP, FTP, ICMP and IPv6.
• Comprehensive expertise in the implementation of optimization, analysis, troubleshooting and documentation ofLAN/WAN networking systems.
• Working Knowledge onFirewallmanagement Tools (Firemon, Tufin)
• Detailed understanding of data warehouse databases such as Teradata, Amazon redshift, SQL Server and MySQL.
• Network security includingCiscoIDS/IPS, AAA, IPsec/SSL VPN, NAT/PAT, ACL,ASA/PIX Firewalls, and L4 - L7 protocol.
• IPv4, IPv6 subnetting and super netting for Host or Network requirements.
• Familiar with REMEDY for ticket change management process.
• CiscoSecurity: Telnet, SDM, NAT/ACLs, AAA, Layer 2 Security, Layer 3 Security, IPS/IDS,Cisco(ASA, PIX) 5510, Cryptography, VPN, IPSec.
• Experience in physical cabling, IP addressing and subnetting with VLSM, configuring and supporting TCP/IP, DNS, installing and configuring proxies
• Reliable and collaborative team leader, member, or independent contributor, with proven ability at managing multiple priorities / projects in fast-paced environments.

TECHNICAL SKILLS:

Routers, Switches: - Cisco (Nexus; 2k, 6k, 7k, 9k, ASR, ISR) Juniper (MX, M and SRX, vSRX) Alcatel (SR7750, OS6850) Nortel (DMS500, DMS250) Foundry/Brocade

Network OS and Software: - SDN, OpenDaylight, OpenFlow, VIRL, Nexus, NX/OS, ACI, Cisco IOS-XE, JunOS, ScreenOS, AOS, SR/OS

Load Balancers: - F5 BigIP/IQ, Viprion, LTM, GTM, ASM. AFM, Cisco ACE, CSS11000, Foundry/Brocade

Protocols: - MPLS, VPLS, VOIP, ATM, SONET, Frame Relay, POS, BGP, EIGRP, OSPF, SNMP, ISIS, TCP/IP, IPSec, SSL/TLS, VxLan, FabricPath, ACI, DMVPN, iWAN

Packet Analysis: - Wireshark, T-bird, RF Analysis

Packet and Application Firewalls: - F5 BigIP ASM, AFM, Checkpoint NG, Juniper SRX, Palo Alto, Cisco ASA/PIX/FWSM

Software Security: - Reverse engineering, IDApro, GCC, GDB, ASM, SoftICE, Windbg, MS Visual studio, OllyDbg, Secure Coding Practices and Code Review

VPNs: - Cisco ASA, Palo Alto, Checkpoint, Juniper, IPSec, SSL

Encryption: - PKI and Symmetrical Cryptography RSA, ISAKMP, IKE, AES, 3DES, DES, RSA, RC4-6, Blowfish, DH, DSANetwork / Security Automation / SDN - SDN, OpenDaylight, ACI, Firemon,Tufin, OpenFlow, REST

Virtualization: - VMware ESXi, KVM, Containers, Zones, HyperV, AWS, GCE

Network Management: HP Openview, Prime, Ciscoworks, Tivoli Netview, PRTG, Netflow, sFlow, SolarWinds, Rancid, NetMon, OpenNMS, Visionael, Enterprise Pro, Custom written solutions

Programming and Scripting: - Bash, Shell, Python, REST, Java, TCL, Perl, C++, Pascal, Dot Net, Low-Level Assembly and C

Database: - PostgreSQL, MySql, pgSQL, PL/SQL

OS: - Linux, Solaris, HP/UX, AIX

PROFESSIONAL EXPERIENCE:

Confidential, Chicago, IL

Senior Network Security Engineer

Environment: Design LAN, WAN, VoIP, and Security systems. Implement Cisco Routers and Switches, Cisco ASA, ASR, Juniper SRX, Palo Alto, BIG IP/IQ F5 Viprion, ASM, LTM, GTM and AWS VPC.

Responsibilities:

• Confidential being one of the countries’s largest telecom service provider with more than 25 data centers across United States running in a highly complex environment.
• Configuring, testing, troubleshooting multiple vendor device platforms like Cisco routing and switching: Cisco ASR9010, ASR901, ASR903, Catalyst Cisco 7609, 2960, and Juniper routing and switching devices: MX960, MX 480 and SRX5200, ACX2200, ALU service aggregation router 7705 and 7750 service router.
• ManageNetworkEquipment (Cisco3500 Router, Juniper FW SSG 550CiscoSwitches and operation of aPolycomHDX 8000 Telepresence System Migrate, design and implement 1000+ Stores DMVPN tunnels over new Internet Service provider.
• Design Configure, manage and troubleshoot Cisco ASA 55xx series, Wireless Controller 5520/ 5508/44 xx/2504,Cisco Switches 6509/4500/37 xx, Nexus 7k/5k/2k, F5 Load Balancer, Two factor Authentication, PKI s, Cisco ACS Server, NAC ISE 2.0,Call manager Express,H.323 Gateway, MGCP Gateway,VG224, Cisco Unified Communications Manager Network of Confidential
• Setup troubleshoot and Manage F5 LTM nodes, pools, virtual server, profiles, upgrade, and iRules for several applications like HTTP, HTTPS, SMTP, DNS etc.
• Responsible for distributed applications across hybrid AWS and physical data centers.
• Monitored network operations, performance, operationsautomation, inventory management, service provisioning
• Responsible for the design, migration from Cisco ACE 4100 to F5Vipriondeployment, configuration, and troubleshooting the F5ViprionLoad Balancing platform, integrating F5 BIG IP/IQ, GTM, LTM, APM, ASM, iRules, DNS-SEC, DNS ANYCAST, IPv6, SSL, BIG-IP GTM.
• Worked on integrating existing Layer 2 and Layer-3 networks withACI
• Worked on Cisco FWSM to ASA 5585x Migration, Cisco FWSM to Firepower 4140 Migration
• Splunk integration with F5 for collecting syslog andASMLogs.
• Review the F5ASMwork intake and implement the changes as needed.
• FirewallPolicy Optimization and access list management using Firemon,Tufinand syslog using Log Logic tool.
• Configured Splunk onAWSVPC that collects and indexes log messages, analyses them to deliver real time operational intelligence anywhere across the organization
• Install Design and Visio diagram of Palo alto (IPS) PA500 / PA-5050 / PAN-M-100 (In-Line monitoring mode, Vwire, Active/Active and Active/Passive) for the corporate office and branch location with collaboration Internal Security team and Palo Alto partner.
• Integrated AWS with our existing infrastructure with the goal of making AWS available for use as a platform for applications and IaaS.
• Redesigned MPLS network servicing .com remote offices and partner networks to separate corporate and partner networks for improved security and performance.
• Perform F5ASMquarterly signature updates and enforce them on the transparent policies.
• Multisite distributed ISE 2.0 (10 VM nodes) Design, Implement, Configure, Planned and migrated ACS existing configured devices like WLC, Radius,Tacacs+,802.1x,Guest portal, posture policies and VPN authentication.
• Identified devices physically connected to the legacy corporate core Black Diamond x450.This information is needed to develop a plan to migrate those devices to top other switches and enable us to retire the MDF Brocade x450.
• Documented the corporate and datacenter network layout.
• Identified devices physically connected to the Core 7606. This information is needed to develop a plan to migrate those devices to top other switches and enable us to retire the Core Cisco 7606.
• Setup NetEngineer VPN Access
• Created REP Ring between the Cisco 4948-1 and Cisco 4948-2
• Cisco 4948-2 integration, Migrated from old Cisco 4948-2 to NEW Csico 4948-2
• Created a L2L Tunnel for access into Legacy devices between Cisco ASA's.
• Determine best method to integrate Monticello FiberNet corporate network with Confidential corporate network with the preferred option of QinQ connection back to Perham Cisco corp core. Ensure connectivity is preserved to local services needed for management and administration.
• Installed doors on Cisco ASR9010s that do not currently have them.
• Migrated from Cisco ASR 9001 to Cisco ASR 9010.
• The Wabasso office connection trouble which is sloved by having a L2VPN i.e.,VPLS.
• Adding Cisco 9ks in a couple Data Centers / CoLos in the Metro to support 10Gig port density required for E-Rate sales, andreduces the number of circuits that are currently using non-optimal fiber paths.
• Got a command on KMZ file to work with.
• Made a Couple of Cleanup Configurations on the Cisco ASR.
• Implemented, reviewed and approved the MOP's of every task created.
• Created a L2L tunnel for the Billing Access between Cisco ASA's.
• Followed some of the projects about Transport Capacity upgrades (METRO/CORE)
• Worked with different vendors other than CISCO like Alvarion, Accedian, Brocade, Juniper.
• Eliminated all Trident line cards from noted sites - Tomahawak and Trident cannot co-exist in the same chassis.
• Eliminated all Typhoon line cards if feasible - 64 bit XR only supported on Tomahawk and newer platforms.

Confidential, Chicago, IL

Senior Consultant

Environment: Nexus 9k, 7K, 6K, 5K, 2K; 4500, 6500 VSS pairs; Cisco IOS, Arista switches; Cisco IOS & IOS-XE routers; ASA, Checkpoint and Juniper Firewalls; F5, LTM, GTM, ASM, Cisco aACE load balancers; AWS, Cisco UCS, Dell, HP Chassis; Linux, Python 2, BASH, VMware.

Responsibilities:

• As a senior consultant worked with multiple projects/clients simultaneously on design and implementation, including migrating projects from legacy, pre-production, and production data center environments.
• Furnished peer review, Technical Design review, Design documents, Roll-Back plans, Project goals, Solution Scope, Project Risks, RFQ, and BOM.
• Executed ASA Firewall changes, Cisco router & switch replacement, Big IP F5 replacements, Rapid STP design, and MST deployment. Provided implementation of Secured-GRE-Tunnel migration to allow connectivity during remote-site swings across Data Centers.
• Ensured optimization with separate traffic to prevent asynchronous-routing of return egress traffic in dual-data center.
• Resolved integration conflict between the applications CORE team and supported client during Severity incidents. Resolved site-to-site VPN Issues from Client to VPN gateways. Implemented Alcatel-Lucent 7705 and 7750, Cisco routers, ASA, Juniper SRX, and Big IP F5.
• Upgrade firmware, programmed, and auto-provisioned VoIP phones fromCisco, YeaLink, Grandstream,Polycomand other similar models.
• Review the signature fine tuning work intake and enforce them on theASMpolicies.
• Managed Juniper Junos devices in production environments
• DeployedCiscoACIacross two data centers
• Worked on commissioning and decommissioning of the MPLS circuits for various field offices.
• Implemented Nexus 2k, 5k, 9k switches, 4500 Switches, 6500 Switches, VPC uplinks for bandwidth capacity, Private-VLAN for secured Backup domain. Big IP F5 pools, ASA changes, and campus builds.
• Build and configure Firewall policies for PCI Network to secure credit card authorization on AJB platform for Retail and Ecommerce Site.
• Handling Complaints for Intranet and Extranet over MPLS backbone. Checking the connectivity between different locations.
• Providing daily network support for national wide area network consisting of MPLS VPN and point-to point site.
• Installation, configuration and maintenance of Checkpoint, PIX/ASA/FWSM, Brick, Netscreen, SRX, Ipolicy, Fortigate, and Palo Alto firewalls.
• Deployed Palo Alto for web filtering and application control.
• Troubleshoot firewall and network issues using CLI for all devices managed as well as using GUIs such as: Juniper NSM, Checkpoint Smartview Tracker, and Lucent Brick LSMS.
• Configure and support Cisco ACE load balancers, routers, and switches.
• Perform upgrades to firewalls.
• Use centralized management/configuration systems including Solsoft, Juniper NSM, BlueCoat Director, Provider 1, Horizon Manager, FortiManager, and Panorama.
• Configure and support multiple vendor VPNs.
• Modify configurations and scripts on all supported platforms.
• Manage McAfee Webshields, Secure Email Gateways, Websense, and F5 Load Balancers.
• Support Checkpoint firewall and Provider 1 versions of R55, R65, R70, SPLAT, and VSX.
• Monitor and configure Alta Vista, Check Point, Cisco firewalls and IDS, and F5 Load Balancers.
• Performed design and implementation in a financial Data Center infrastructure.
• Changed control process, which provided complex route optimization support and standards to existing and new migrations.
• Did Gcom deployments for new and existing infrastructures.
• Completed changes to Cisco Call Manager for phone registration and Cisco router configuration for VoIP deployment.
• Delivered configuration changes on Router, Switches, ASA, SRX, Nexus, and Big IP F5.

Confidential, Dallas, TX

Senior Consultant

Environment: Cisco Nexus switches 7010, 5020, 2248, VPCs, VDCs, Cisco 7200, 3600, 2600 routers, ASA 5505, 5510, 5515, SRX 220, 1400 Firewalls, AAA servers, Palo Alto, Juniper, GLBP Load balancing, Cisco GSR 7600, MPLS, PPP Multilink, IPsec, Cisco WAAS, site-to-site VPN.

Responsibilities:

• Implemented and designed network Cisco Routers and switches.
• Implemented, designed and troubleshot routing protocols such as BGP, EIGRP and OSPF within the corporate Network or with MPLS provider and Layer 2 protocols RSTP, STP, PVST, RAPID PVST, VLAN, Qos, HSRP, VRRP and GLBP etc.
• Providing L2 support for the products that is used in client infrastructure like Juniper,Cisco,F5 Load balancers, Palo Alto etc and ready to support new products that comes under our support.
• Designed, implemented and supported 15 Finance MPLS sites.
• Designed, implemented and supported over 20 Finance Remote VPN sites IPsec Site-to-Site (ASA 5505, 5510, 5540, Firebox, and Cisco RV016).
• Managed trend micro content filter interface on Cisco ASA 5540 and ASA 5510 for the entire Corporation.
• Deployment of Cisco Aeronet AP1042N wireless units across all campuses.
• Installed and troubleshot IP phone issues with Avaya Gateway S8300, S8700, G430, G450 and IP phones 9630G, 9620L and Cisco call managers.
• Designed, configured, visio documented, maintained and monitored a critical secure network environment for data, voice and video communications.
• Managed and monitored Symantec Backup exec 2010 and 2012 for head quarter and remote offices.
• Implemented and designed data centers rack management, cabling management, UPS, server mounting, building HP and DELL servers.
• Managed Active Directory 2003/2008 for 2000+ users, DNS servers, DHCP servers, Terminal Server, File server, Print Server, IP addressing assignment, updating patches and maintenance.
• Managed Microsoft Exchange 2007 server 1500+ users, upgraded service packs, storage management and spam management by using Messagelab interface.
• Installation and troubleshooting of healthcare EMR’s (Nextgen, Smart management, Accumedic, ADL) software related issues and Install configure SQL server 2005/2008 for EMR.
• Managed the server hardware, storage, operating systems and disaster recovery.
• Evaluated and designed Storage Area Network with Disaster recovery solution for 30 + servers using EMC Vnx5300 and Vmware Vshpere 4.
• Migrated several application servers to Vsphere 4 Virtualization Data center and manage via Vcenter