SUMMARY

• Cisco Certified Network Engineer with Over 11+ years of experience in testing, troubleshooting, implementing, optimizing and maintaining enterprise data network and service provider systems.
• Strong hands on experience on Cisco Catalyst (3550, 3750, 6500) series switches, Cisco (2500, 2600, 2800, 3600, 3800, 7200) series Routers, ASA Firewall (5505/5510), Load Balancers using Cisco ACE, F5 LTM/GTM, Security Device Manager (SDM), Cisco Works.
• Experience in Cisco: Physical cabling, IP addressing, Wide Area Network configurations (Frame - relay & MPLS), Routing protocol configurations (RIP, EIGRP, OSPF, BGP)
• Proficiency in the configuration of VLAN setup on various CISCO Routers, Firewalls and Switches.
• Hands-on configuration and experience in setting up Cisco routers to perform functions Confidential the Access, Distribution, and Core layers.
• Configured Open SSL VPN over IPSEC on ASA Firewalls.
• Data Center & Disaster Recovery network solutions.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP, and MST.
• Access control server configuration for RADIUS & TACAS+.
• Working configuration of new VLANs and extension of existing VLANs on/to the necessary equipment to have connectivity between two different data centers.
• Implementation, working analysis, troubleshooting and documentation of LAN, WAN & WLAN architecture with excellent work experience on IP series.
• Experienced working on network monitoring and analysis tools like SOLAR WINDS, CISCO works and RIVER BED and Wireshark.
• Extensive experience in configuring and troubleshooting of protocols RIP v1/v2, EIGRP, OSPF, BGP, and MPLS.
• Well experienced in configuring First Hop redundancy protocols like HSRP, GLBP, and VRRP.
• Excellent communication skills, enthusiastic, motivated and a team player.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4, MPLS, switching (VLANS, VTP Domains, STP, and trunking).
• Implementation and maintained Sourcefire intrusion detection/ prevention (IDS/IPS) system to protect enterprise network and sensitive corporate data. For Fine-tuning of TCP and UDP enabled IDS/IPS signatures in Firewall.
• Worked on F5 LTM, GTM series like 6400, 4200, 2000 for the corporate applications and their availability.
• Worked on firewall Pix525, ASA and other tools like SNMP, AAA, RADIUS and designed VPN with IPSEC security layer.
• Expanded LAN to accommodate 200 plus users. Coordinated installation and repair work. Diagnosed and corrected clients network related issues.
• Experience with F5 load balancers and Cisco load balancers (CSM, ACE and GSS).
• Experience on load balancing strategies/techniques, expertise in application switching/traffic management, knowledge of persistence and SSL certificates.
• Basic and advance F5 load balancer configurations, including migrating configurations from Cisco ACE to F5 and general troubleshooting of the F5 load balancers
• Experience with Blue Coat URL filtering with whitelisting and blacklisting URL, creating rules for content filtering.
• Administered multiple Fortinet firewalls throughout WAN to ensure LAN integrity from external threat.
• Provided Level-3 Network support for Cisco Switches and Cisco ASA 5500 Series Security.
• Responsible for Cisco ASA firewall administration across our global networks
• Designing, Implementing and Troubleshooting Cisco Routers using Static, RIPv2, OSPF, EIGRP & experience with Checkpoint, Cisco ASA devices
• Possess Hands-on experience with TCP/IP, LANs, WANs, and WLANs (WiFi)
• Advanced knowledge of OSI model, TCP/IP, Internet technologies, system security, firewall infrastructure, network architecture and Cisco network routing / switching (Layer 2 and 3) experience, design and implementation which includes Layer 1 to Layer 7 experience.
• In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
• Experience with Linux Command Line Interfaces for logging into access points, etc.
• Experience in installing and configuring DNS and DHCP server.
• Experience in installing and configuring Active Directory Infrastructures based on Windows server 2003/2008/2012.
• Hands-on experience on Checkpoint Firewall R70, Palo Alto and Cisco ASA 5500 firewalls.
• Experience on Check Point Firewalls NG, NGX R65, R70 and VDs (VMware Network).
• Experience in creating multiple policies and pushing them in to Checkpoint Firewall (Gateways) and hands on experience in managing the Checkpoint Management Server.
• Expertise in configuring and troubleshooting of Cisco Routers (2600, 3600, 3700, 2800, 7500) series and Cisco Catalyst Switches (1900, 2900, 3500, 6500, 4500, 3750, 2960) series.
• Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1
• Proficient in using Solar Winds Network Management tools like Network Performance Monitor (NPM), Netflow Traffic Analyzer, Network Configuration Manager (NCM) and Cisco Prime.

TECHNICAL SKILLS

Router platforms: Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900, 6807 series), Nexus 7K, 5K, 2K & 1K.

Switch platforms: Cisco 2900XL, 2950, 2960, 3560, 3750, 4500 and 6500, Nexus (2K, 5K, 7K and 9K)

Juniper Platforms: SRX, MX, EX Series Routers and Switches

Networking Concepts: Access-lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi

Firewall: Juniper Netscreen 6500, 6000, 5400, Juniper SSG, SRX5600, SRX5800, Checkpoint (NGX, R65, R70 and R71), Cisco Firewalls (ASA 5505, 5506-X, 5585), Palo Alto Networks (PA-2K, PA-3K and PA-5K).

Network Management/Monitoring: Solar winds, HP NNMi 8xi (Network Node Manager), Net flow and Cisco prime, Ethereal / Wireshark, TCP Dump.

Load Balancers: F-5 BIG-IP LTM 2000, 3900, 5000, 6400, 6800 AND 8900, Bluecoat SG8100, AV 510.

WAN technologies: Frame Relay, ISDN, ATM, MPLS, leased lines & exposure to PPP, DS1, DS3, OC3, T1 /T3 & SONET

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, 802.1Q

Security Protocols: IKE, IPsec, SSL, AAA, Access-lists, prefix-lists, SSL-VPN

Networking Protocols: RIP, OSPF, EIGRP, BGP, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6

Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix

Relevant Coursework: Cybersecurity, Wireless Network & Security, Mobile Technologies, Firewall & Intrusion Detection,, Cryptography, Database Security, IT Audit & Compliance, Data & Network Communications, C/C+ Programming, Software Engineering, Database Management System, Multimedia Systems, Computer Graphics, System Design & Development, Business Communication, Business Management, Financial Management, Management Information System, Organizational Behavior.

PROFESSIONAL EXPERIENCE

Confidential, Middletown, NJ

Sr. Network Security Engineer

Responsibilities:

• Maintained a network lab with more than 30 routers (3600 series), 50+ switches (2900 series), firewall and other network devices like DHCP, DNS servers and VPN concentrators.
• Experience working with ASR 9000 series switches with IOS-XR.
• Switching related tasks included implementing VLANS and configuring ISL trunk on Fast-Ethernet and Gigabit Ethernet channel between switches.
• Experience in vSphere Infrastructure.
• Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Assisted in backing up, restoring and upgrading the Router and Switch IOS.
• Assisted campus for VOIP network management and troubleshoot.
• Implemented Site-to-Site VPNs over the Internet utilizing 3DES, AES/AES-256 with ASA Firewalls.
• Experience with migrating from Cisco ASA 8.2 version to Cisco ASA 8.4 Version.
• Experience with convert PIX rules over to the Cisco ASA solution.
• Configuring Palo alto policies and setting different device configurations
• Monitoring threats on firewall and changing policies to prevent attack.
• Creating Playbook containing rules for upcoming changes to be made on firewall for the respective data centers.
• Responsibilities also included placing order for new SFP's, implementing inline capabilities for home agents and running network cables from Palo Alto direct to required firewall.
• Regular meetings with project Manager and security team to discuss Palo Alto Weekly Status and updates on changes made on the firewalls.
• Configuring Palo Alto's for inline use and Adding signature attacks on prevention lists.
• Created new policies for CDE and syncing the same policies in all the Data Centers.
• Auto Tuning Palo Alto Signatures and syncing between the data centers, working on PCI's and managing it during peak if needed.
• Creating new policies for Share Point Production and Development policies and categorizing them under new address groups.
• Creating New Policies for Critical and high level signatures.
• Making list of attacks on firewall of Critical and High Severity and Auto-Tuning them creating new policies.
• Editing and Changing Palo Alto Polices and Monitoring threats on firewalls.
• Maintenance and Troubleshooting of LAN connectivity problems using Ping, Trace route.
• Managed the IP address space using subnets and variable length subnet masks (VLSM)
• Innovated with support of Palo Alto for remote and mobile users and for analyzing files for malware in a separate (cloud-based) process that does not impact stream processing.
• Experience in configuring various ASA models such as Cisco ASA 5510, ASA 5520, and ASA 5540.
• Supporting OSPF based network by resolving level 2 problems of internal teams & external customers of all locations.
• Provided technical support for full setup, debugged the problems of OSPF, switching and HSRP.
• Router memory & IOS upgrade with TFTP.
• Switching related tasks included implementing VLANs, VTP and configuring and maintaining multi VLAN environment and inter-VLAN routing on Fast-Ethernet channel.

Environment: Cisco switches (6500, 3700, 4900, 2900), Nexus (7K, 5K & 2K) Routing Protocols (EIGRP, OSPF, BGP), Switching protocols (VTP, STP, GLBP, HSRP), Cisco PIX (525, 535), Cisco ASA 500, Checkpoint, windows server 2003/2008: F5 BIGIP LTM, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP.

Confidential, Washington, DC

Network Security Architect

Responsibilities:

• Configuration and troubleshooting of Firewalls ASA 5500, 5506, ASA 5510.
• Configuration and troubleshooting of Site to Site as well as Remote Access VPN on Cisco ASA and Check Point firewalls.
• Configuring failover and working on ssl-vpn when in active/standby failover on ASA.
• Responsible for Cisco ASA Firewall Administration, Rule addition and Rule modification.
• Designs, tests and deploys IT security systems and solutions.
• Bluecoat IP Address Management (IPAM)
• Experienced in WNMS, OMCR, L3 Support and Troubleshooting for RAN Network.
• Expertise in implementing Security policies like VPN, Access list and NAC appliances.
• Software updates and management for Brocade VDX Fabric switches and ICXs in either top of rack or stack configuration.
• Implemented extended ACLs on Juniper SRX and 3750 to allow communication between the required networks, and to restrict other communications.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Configuration and troubleshooting of Cisco 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
• Providing Technical Support and solutions for Network Problems.
• Implementing NAT solution's on WAN applications.
• Planned, tested and evaluated various equipment's, systems, IOSs and procedures for use within the Network / security infrastructure.
• Upgrading IOS, troubleshooting network outages.
• Continually monitor, assess and improve network security, test and implement new security technologies.
• Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco PIX Firewall, Cisco ASA, NOKIA Firewalls,
• Nortel VPN Concentrators TCP/IP, NAT and Checkpoint ESX/GSX Firewall.
• Configuration and troubleshooting of Firewalls ASA 5520, ASA 5510, Nokia Check Point R77.
• Maintained, upgraded, configured, installed Cisco ASA 5510, 5520, & 5505 Firewalls from the CLI & ASDM.
• Managed network security processes using ASA Firewalls.
• Planning, design, implementing and troubleshooting on Cisco ASA Firewall.
• Create and test Cisco router and switching operations using OSPF routing protocol, ASA Firewalls, and MPLS switching for stable VPNs including security policies.
• Setup multiple locations for businesses ASA Firewalls for Remote Access VPN's and Site to Site VPN's.
• Setup, install, and maintain Cisco networks ASA Firewalls, Layer2/3 switches, Wireless LAN Controller and AP's.
• Configuring Voice VLANS with respect to Cisco VOIP phones 7940, 7960.

Environment: Cisco 2948/3560/4500/3560/3750/3550/3500/ switches and Cisco 3640/ 0/3845/3600/2800 routers, Cisco Nexus 7K/5K, Cisco ASA 500, Checkpoint, windows server 2003/2008: F5 BIGIP LTM, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP

Network Engineer Consultant

Responsibilities:

• Experience with manipulating various BGP attributes such as Local Preference, MED, Extended Communities, Route-Reflector clusters, Route-maps and route policy implementation.
• Experience with design and implementation of Data center migration
• Deploying and decommission of VLANs on core ASR 9K, Nexus 7K, 5K and its downstream devices.
• Performed OSPF, BGP, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Configured CIDR IP RIP, PPP, BGP, MPLS and OSPF routing.
• Performed network engineering, design, planning (WAN & LAN) & implementation.
• Studied single point failures & designed WAN structure in such a way that there are no failures in network in case of any device or link failure.
• Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
• Configured Cisco ASR routers such as ASR 1013, 1009-X, 1006, 1006-X, 1004, 1002-HX, 1002-X, 1001-X routers.
• Configure SIEM tool performance and event data quality to maximize SIEM system efficiency.
• Troubleshoot issues related to VLAN, VLAN Trunking, HSRP failovers and related issues.
• Configured IPSEC VPN on SRX series firewalls.
• Experienced on working with Checkpoint firewalls R75/R77 such as installing/deleting and troubleshooting the networks.
• Worked on VLAN, VRF, VX-LAN, VTEP, VPC, on Nexus devices
• Responsible Implementing NAT solution's on WAN applications with Cisco ASA based solution
• Migrated the policies from Check point Firewalls to Cisco ASA firewalls
• Implementing Routing using protocols OSPF and BGP on Juniper M series routers
• Experience in Adding Rules and Monitoring Checkpoint Firewall traffic through smart dashboard and smart view Tracker applications
• Setting up VLANS and configuring ISL trunk on Fast-Ethernet channel between Switches.
• Network-wide implementation of F5 Traffic steering nodes with TCP acceleration.
• Deployed a large-scale HSRP solution to improve the uptime of collocation customers, in the event a core router became unreachable.
• Design and Implement Catalyst/ASA Firewall Service Module for various LAN's.
• Design and configuring of OSPF, BGP on Juniper Routers (MX960, MX480) and SRX Firewalls (SRX240, SRX550).
• Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200 series).
• Dealt with implementation of Cisco ASA 5585 devices and Juniper SRX 550 devices to apply security policies on it
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500
• Responsible for Firewall Administration, Rule Analysis, Rule Modification on ASA 5585, SRX240 devices
• Experience with devices Palo Alto Network firewalls such as security NAT, Threat prevention and URL filtering. PAN-DB migration and code upgrades for Palo Alto Firewall.
• Set up and troubleshoot secured Wireless Access Points (WAP) and Wireless LAN Controller (WLC) across the Corporate Network.
• Analyzed and tested network protocols (Ethernet, TCP/IP) using Wireshark tool.
• Implemented various Switch Port Security features as per the company's policy.
• Configured RIP and EIGRP on Cisco 2901 and 3925 routers.
• Provided technical support for expansion of the existing network architecture to in corporate new users.

Environment: Checkpoint, Palo Alto, Cisco Nexus7K/5K, 2248/3560/5020/6509 , ASA, Juniper SRX, F5BIG-IPLTM3900, LAN, WAN, RIP, OSPF, BGP, EIGRP, HSRP, VRRP, RSTP, Palo Alto

Confidential

Network and System Administrator

Responsibilities:

• Implemented and maintained of Data Center, Disaster Recovery Center, Branch Network, ATM Network, Active Directory Infrastructure, Cisco security module for web filtering.
• Designed Local Area Network, Data Center & Disaster Recovery center Network, Network Management Systems.
• Installed & maintained of Windows Server 2012, SAN Storage, NetBackup & Tap Library.

Confidential

Network Manager

Responsibilities:

• Maintained 70+ Branches Data Connectivity for Fiber Link, Radio Link & VSAT
• Installed & maintained Active Directory using Windows Server 2008, DNS, DHCP, FTP Server
• Worked with Network team for implementation of Data Center & Branch Network
• Design, installation and troubleshooting networks with hands-on experience with OSPF, IS-IS, BGP, VPLS, Multicast VPN, and Traffic engineering.
• Configured STP for loop prevention on Cisco Catalyst Switches.
• Configured VTP to manage VLAN database throughout the network for Inter-VLAN Routing.
• Worked in setting up Inter-VLAN routing, redistribution, access-lists and dynamic routing.
• Involved in configuring and implementing of Composite Network models consists of Cisco 3750, 2620 and 1900 series routers and Cisco 2950, 3500 series switches.
• Implemented various Switch Port Security features as per the company's policy.
• Configured RIP and EIGRP on Cisco 2901 and 3925 routers.

Confidential

Global Network Operations Engineer

Responsibilities:

• Maintained of Active Directory based on Windows Server 2003, Proxy Server, Micro Exchange Server
• Configured email client Microsoft Outlook 2003 for all users. Backup email from users end and server end
• Worked on VLAN, VRF, VX-LAN, VTEP, VPC, on Nexus devices
• Responsible Implementing NAT solution's on WAN applications with Cisco ASA based solution
• Migrated the policies from Check point Firewalls to Cisco ASA firewalls
• Implementing Routing using protocols OSPF and BGP on Juniper M series routers
• Experience in Adding Rules and Monitoring Checkpoint Firewall traffic through smart dashboard and smart view Tracker applications
• Used TFTP server to backup Cisco configuration files.
• Network layer tasks included configuration of IP Addressing using FLSM, VLSM for all applications and servers throughout the company.
• Performed scheduled Virus Checks and Updates on all Servers & Desktops
• Support user lever for desktop computer, laptop & printer