SUMMARY

• Over 7 years of experience in Network Engineering/Security, design, install, support, troubleshoot including a broad range of LAN/WAN/MAN, enterprise networks and service provider systems.
• Extensively worked on Cisco Routers, Switches, and Load Balancers & Firewalls.
• Experienced with Network OSI layer1 - Layer7 including layer-3 Routing and layer-2 Switching. Dealt with Nexus models like 7K, 5K, 2Kseries, Cisco router models like 7200, 3800, 3600, 2800, 2600, 2500 and Cisco catalyst 6500, 4500, 3750, 3500, 2900 series switches.
• Experience working on ASR Cisco routers and 7600 series, also Cisco Catalyst Series 3750, 4500, 4900, 6500; Nexus 2000, 5000, 6000, 7000 series switches.
• Experience in working with cisco nexus Switches and Virtual Port Channel configuration.
• Experienced in networking concepts such as DNS, DHCP, Email, HTTP, SSL, OSI Model and TCP/IP Protocols and application.
• Expert in configuration and deployment of dynamic routing protocols OSPF, EIGRP & BGP over Cisco Routers.
• Good knowledge of OSI Model and TCP/IP networking standards with protocols such as SNMP, FTP, ICMP and IPv6.
• Experience in troubleshooting both connectivity issues and hardware problems on Cisco-based networks.
• Experience with Load Balancer (f5) for administrating and monitoring global & local traffic.
• Hand on experience in Migration of network devices (Routers& switches) from one zone to other.
• Experience in converting Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN and FirePower IPS.
• Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS.
• Expert knowledge of Juniper SRX and Cisco ASA 5500 series, Palo Alto Firewalls.
• Experience in virtual Firewalls such as checkpoint VSX, IDS, IPS as well as encryption techniques.
• Network automation using python scripting.
• Conversion of native network configurations to OpenConfig compliant configuration using Apache Freemarker/JSON/REST tools.
• Experience in conversion process of native network configurations of different vendors like Cisco, Juniper, Arista to Openconfig compliant configuration.
• Enterprise routing and troubleshooting experience using protocols such as Static, RIP, EIGRP, OSPF and BGP and migration experience on ACS to ISE.
• Extensive Knowledge in configuring and troubleshooting Layer 3 interior Gateway Routing protocols such as Link-State routing protocols (OSPF and IS-IS) and Distance Vector routing protocols (RIPv1, RIPv2 and EIGRP).
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN, Trunk, VTP, Ether channel, STP, RSTP and MST.
• Expertise in the implementation of analysis, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Expert in Configuration and troubleshooting of Virtual Local Area networks (VLANs) using Cisco routers and multi-layer Switches supporting STP, RSTP, PVSTP, MSTP and IEEE 802.1q, inter VLAN routing and VLAN trunking.
• Experienced with Wi-Fi - Access Protocols IEEE 802.11 A,B,G,N, and AC.
• Experience in troubleshooting with the escalation problems for Routing, Switching and WAN connectivity issues using ticketing system such as Remedy Ticketing System.
• Experience in designing, deploying and troubleshooting LAN, WAN, Frame-Relay, Ether-channel, IP Routing Protocols - (RIPV2, OSPF, EIGRP & BGP), ACL's, NAT, VLAN, STP, VTP, HSRP & GLBP, LTE/VoLTE.
• Proficiency with different monitoring tools like Wireshark, SolarWinds, Infoblox, PRTG Packet Sniffer, Smart bits, CSM, ASDM, RSA.

TECHNICAL SKILLS

LAN Technologies: Workgroup, Domain, HSRP, DHCP, Static, VLAN, STP, VTP, Ether Channel, Trunks, PVST, RSTP, 802.1x

WAN Technologies: Frame Relay, VPN (L2F, PPTP, L2TP, GRE), ISDN, PPP, ATM, MPLS, IPv6, HLDC, Channel & Leased Lines

Routing Protocols: RIP, IGRP, EIGRP, OSPF, BGP, IS-IS, HSRP, VRRP, GLBP, LTE/VoLTE.

Network Security: NAT/PAT, VPN, Filtering, Load Balancing, IDS/IPS, IPsec, ACL

Infrastructure Services: DHCP, DNS, SMTP, POP3, FTP, TFTP

Firewalls: PIX 500 Firewall, ASA 5505 Firewall, FWSM, CISCO CSM, ACL- Access Control List, IPS/IDS, NAT, PAT, CISCO ACS, Check point, RSA Secure ID, SRX, SSG series Firewalls, FirePower IPS.

Routers: CISCO Routers ASR, 7600, 7200, 7500, 7300, 7200, 4300, 4500, 3945, 3800, 3900, 3845, 3745

Switches: Nexus 5548, 5596, 6000, 7009, 7018; Cisco catalyst 6508, 6509, 4928, 4948, 4507, 4510, 3750, 3560, and 2960, Cisco Nexus 9000

Load Balancers: F5, CSS, CSM, ACE, GSS, Bluecoat proxy, A10

Monitoring Tools: Wireshark, SolarWinds, Infoblox, PRTG Packet Sniffer, Smart bits, CSM, ASDM, RSA, BlueCat, AT&T tool

Management Tools: Jira, Splunk, WebEx, and MS Office applications; Word, Excel, Visio, PowerPoint

PROFESSIONAL EXPERIENCE

Network Engineer

Confidential, Philadelphia, PA

Responsibilities:

• Responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers like ASR, 7600, 7613, 7201, and 3945E.
• Worked on Network OSI layer 1 to 7 including OSPF, BGP and EIGRP routing protocols, sub-netting, NAT, DNS, LDAP, DHCP, HTTP, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP, RTSP, LTE/VoLTE & Multicasting protocols and migration experience on ACS to ISE.
• Implemented various ACL policies and filtered traffic according to client requirement.
• Smart Network Platform (SNP) is fully focused on automating the management of Confidential network by providing a multi-tenant and generic platform for device and network service’s lifecycle management.
• The platform will standardize configurations by encapsulating vendor specific interfaces and help to abstract network-configuration complexities across Confidential ’s backbone, datacenters, and CRANs.
• Conversion of native network configurations to OpenConfig compliant configuration using Apache Freemarker/JSON/REST tools.
• Using Jira Service Desk to monitor the conversion process of native network configurations of different vendors like Cisco, Juniper, Arista to Openconfig compliant configuration.
• Providing connectivity to labs and Video backoffice and management, and support upgrade with Arista platform.
• Confidential network comprises of backbone, regional and national data centers, residential/commercial regional area networks and enterprise.
• Network Programming/Automation using python scripting, created automation application using python like SSH connection using TCP protocol.
• Migrated complex, multi-tier applications on AWS. Defined and deployed monitoring, metrics and logging systems on AWS.
• Experience using Identity Authentication technologies, including IEEE 802.11, 802.1, 802.3 protocols, Wireless/Network security, Active Directory, LDAP, RADIUS TACACS, RSA, 802.1X, NAC, and token-based systems.
• Implementation of Site-to-Site VPNs over the internet using, AES/AES-256 with ASA Firewalls, FirePower IPS.
• Configure various LAN/WAN switches such as Cisco Meraki WAP, Nexus 9000, Cisco catalyst 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
• Experience in migration of VLANS & Configured VLANs with 802.1q tagging, Ether channels, and Spanning tree for creating Access/distribution and core layer switching.
• Configured EBGP load balancing and ensured stability of BGP peering interfaces.
• Monitored network performance by using Jira, Splunk, Infoblox to maintain SDLC.
• Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.

Environment: Cisco 7600, 7200, 3800 series routers, ASR 9K, XR-12k and Cisco Nexus 9000, 2950, 3500, 5000, 6500 Series switches, Cisco Meraki WAP, WAN routing from OSPF to BGP, Active Directory, AD-DS, catalyst 6500 to Nexus 2k,7k, VLANs, ACL policies, PIX firewall to ASA firewall, Infoblox, BIG IP (F5), Frame Relay, WAP, OSPF, IGRP, RIPv2, EIGRP, Static, MPLS, site-to-site IP sec VPN tunnels, MED, AS-PATH.

Sr. Network Engineer

Confidential, Eatontown, NJ

Responsibilities:

• Responsible for entire company network infrastructure with OSI layer 1 to 7 includes Cisco Switches, Routers, Firewalls, Access Points, Servers and PBX.
• Configured Easy VPN server and SSL VPN to facilitate various employees’ access internal servers and resources with access restrictions.
• Configured Site to Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls and FirePower IPS.
• Dealt with implementation of Cisco ASA 5585 devices and Juniper SRX 550 devices to apply security policies on it.
• Configuring Static, IGRP, EIGRP, and OSPF Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers.
• Experience working with Nexus 9k, 7K, 5K and 2K.
• Replaced the Legacy 3750 stack wise with Juniper EX 4200 switches in the LAN Environment.
• Experienced in configuring and maintaining Security Policies, NAT policies, IPSEC tunnels on various firewalls like Palo Alto, Cisco ASA/ Firepower, Checkpoint firewalls and SIEM solutions like LogrRhythm and McAfee.
• Involved in finalizing the design for Corporate Wireless Network Access for NAC Solution, comprising ofCisco ISE Appliances in all WAN Consolidation Points, and Data Centers.
• Experience configuring VPC (Virtual Port Channel), VDC (Virtual Device Context) in Nexus 7010/7018, FCOE using Cisco nexus 5548.
• ConfiguringASAFirewall and accept/reject rules for network traffic. ConfiguredASA5555 to ensure high-end security on the network with ACLs and Firewall.
• Performed OSPF, BGP, LTE/VoLTE, DHCP Profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair. Configured new Meraki MX400 to the existing network.
• Worked on Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Design for Guest Network and Mobile Access Network for NAC Solution, comprising of a Wireless LAN Controller solution in DMZs/Internet Gateways withCisco ISE Appliances for NAC.
• Experience using Identity Authentication technologies, including Active Directory, LDAP, RADIUS TACACS, RSA, 802.1X, NAC, and token-based systems.
• Implementation of Site-to-Site VPNs over the internet using 3DES, AES/AES-256 with ASA Firewalls.
• Configure different Cisco Meraki Wireless Access points as per the requirement.
• Maintained and created scripts in Python that assisted in pulling in the necessary data into Splunk to meet audit and reporting requirements.
• Experience in migration of VLANS & Configured VLANs with 802.1q tagging, Ether channels, and Spanning tree for creating Access/distribution and core layer switching.
• Configured EBGP load balancing and ensured stability of BGP peering interfaces.

Environment: Cisco Routers 7613, 7201, 3800, 3700, 2800, Cisco Catalyst switch series 6500, 4500, 3500, and 2900, Meraki WAP, Active Directory, AD-DS, frame relay, MPLS, Meraki MX400 Cloud, NAT’ing, subnetting, also including DNS, DHCP, HTTP, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, VLAN, STP, RTSP, Cisco ASA 5520, ACL’s, PVSTP+, MST, LTM & GTM (F5), Nexus 5K, 2K, 7K.

Network Administrator/Engineer

Confidential, Irvine, CA

Responsibilities:

• Successfully responsible for configuration, maintenance, and troubleshooting of dynamic routing protocols: BGP, OSPF & EIGRP (route redistribution, distribute lists, route-maps, offset-lists, prefix lists, route summarization, route-feedback, BGP attributes) on Cisco Routers 7613, 7201, and 3945E with reference to OSI Layer 1 to 7.
• Worked on OSPF, BGP and EIGRP routing protocols, sub-netting, NAT, DNS, LDAP, DHCP, http, HTML, HTTPS, TCP/IP, UDP, SNMP, OSPF, RIP, IPSEC, PPTP, VLAN, STP, RTSP & Multicasting protocols.
• Design and implement Catalyst/ASA Firewall Service Module for various LAN’s.
• Designed 10 gigabit networks using Cisco Nexus 7000 series switches, Cisco 3800 series routers.
• Worked on Cisco ASA 5580, Juniper NS5400, SRX550.
• Deploy and support network load balancers, such as F5 LTM/GTM and configuration (Profiles, I Rules) of F5 Big-IP LTM-6400 load balancers.
• Configuration and troubleshooting of EIGRP, OSPF, BGP, CSM, integration with ASA devices.
• Provided proactive threat defence with ASA that stops attacks before they spread through the network.
• Configuring VDC, VPC and FCOE, upgrading NX-OS for Nexus Family Switches.
• Configured Virtual servers, pool, pool members, worked on load balancing methods for LTM.
• Configuration, troubleshooting of Palo Alto Firewalls - PA200, PA 2K, PA 3K, PA 4K and PA5K series as well as a centralized management system (Panorama) to manage large scale firewalldeployments.
• Creating the VLAN's, configuring the STP & Implementing Inter VLAN routing to assist the client to communicate with other VLAN's and configuring ADSL, MPLS and GLBP.
• Supporting EIGRP and BGP based on the network by resolving level 2 & 3 problems of internal teams & external customers of all locations.
• Monitoring and configuring Cisco 7600 routers and replaced old 6500 and WAN routers from DR testing site at data centre.
• Designing and Implementation of (LAN) VLANs, VTP, Spanning Tree (STP), Trunking (802.1q and ISL), Ether channel and IPSec & GRE Tunneling.
• Worked with Aruba Access point as a Public Wi-Fi and successfully implemented Wireless Access Point (WAP).
• Implemented Security Policies using ACL traffic filters, IPSec, SSL, VPN, DMVPN, AAA (TACACS+ & RADIUS).
• Working Knowledge on wireless devices (5508, 7500 WLC Controllers and 2500,3600,3700 Access points.
• Worked on Solar winds Orion for analysis and monitoring purposes.

Environment: LAN-WAN, CISCO Routers (2600, 2800 Series) and 3550, 4500 series switches, Cisco Meraki WAP, IPSec, Site-to-Site VPN, Ping, Trace route, Active Directory, AD-DS, VLSM, Point-to-Point, Frame Relay, T3, ATM, ACLs, NAT-PAT, EIGRP, OSPF and OSPF areas, BGP, TCP/IP, SSH.

Network Engineer

Confidential, Woodland Hills, CA

Responsibilities:

• Worked on Cisco Routers, Active /Passive Hubs, Switches, Cisco ASA Firewalls, NAT and Juniper SRX firewall.
• Deploying Cisco routers and switched such as 7200, 3800, 3600 and 3500,4500, 5500.
• Implemented TCP/IP, TFTP and related services like DHCP/DNS/WINS.
• Escalating customer problems to management and support groups utilizing standard escalation model.
• Provided installation and initial user configuration of Nexus switches at the data center and providing IP addressing and different user session priorities on the switch.
• Experience with devices Palo Alto Network firewalls such as security NAT, Threat prevention & URL filtering.
• Troubleshooting and installing of CRS, ISR, GSR, ASR9000 and Nexus devices.
• Configured and maintained SSL VPN, IPSEC VPN on ASA, Palo Alto and SRX series firewalls, Site-to-Site VPN between ASA Firewall and router.
• Responsible for Data Center Migrations and its operations.
• Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability.
• Experienced in configuring Cisco ASA firewalls in various contexts and modes to have the network secure.
• Installed and configured Cisco ASA 5500 series firewall and configured remote access IPSEC VPN.
• Experience in migration from Cisco infrastructure to Juniper MX routers and switches such as EX and QFX-3500, QFX-5100.
• Implement changes to the firewall rule base, network routing tables and ACL to allow only authorized users to access the servers.
• Implemented Authentication Authorization and Accounting (AAA) protocol TACACS+.
• Experience in F5, Cisco ACE 4710 Load balancers, Aruba wireless access points and controllers.
• Experience in Layer 3 Routing protocol configurations: EIGRP, OSPF, BGP.
• Designed and deploy various network security & High Availability products like Cisco ASA other security products.
• Coordinate and perform VPN Lan2Lan as well as Remote VPN and Firewall security policies as well as NAT Configurations.

Environment: Arista 7K, Cisco 7600, 7200, 3800 series routers and Cisco 2950, 3500, 5000, 6500 Series switches, BGP WAN, OSPF areas, VTPs, Trunking, NAC product, inter-VLAN routing, port fast, uplink fast, Frame Relay WAN, IGRP, RIPv2, EIGRP, Static, MPLS migrations, site-to-site IP sec VPN tunnel, BGP attributes such as Local Preference.

Network Engineer

Confidential

Responsibilities:

• Performed technical planning, system integration, verification and validation, evaluates alternatives including cost and risk, supportability and analyses for total systems.
• Part of the troubleshooting and production support team, involved in monitoring 200 servers, supported data centre migration.
• Worked as part of a team to manage Enterprise Network Infrastructure as a Tier 3 Support Engineer.
• Involved in configuring and implementing of Composite Network models consists of Cisco 7600, 7200, 3800 series routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Worked on conversions to BGP WAN routing, which will be to convert WAN routing from OSPF to BGP (OSPF is used for local routing only) that involves new wan links.
• Replaced branch hardware with new 3900 routers and 2960 switches.
• Configured firewall switch module on Cisco 6506 distribution layer switches, configuring VTPs, Trunking, NAC product, inter-VLAN routing, port fast, uplink fast, backbone fast on access layer switches.
• Planned and installed Frame Relay WAN links to the branch offices.
• Maintained wireless access points at various locations in the company.
• Configured Cisco Routers for OSPF, IGRP, RIPv2, EIGRP, Static and default route.
• Assisted in MPLS migrations, implemented a backup for the existing WAN connection using site-to-site IP sec VPN tunnels.
• Configured and troubleshot OSPF routing protocol on the corporate network.
• Tested and implemented various BGP attributes such as Local Preference, MED, AS-PATH, Community, Extended community using route-maps.

Environment: BGP WAN, OSPF areas, VTPs, Trunking, NAC product, inter-VLAN routing, port fast, uplink fast, Frame Relay WAN, IGRP, RIPv2, EIGRP, Static, MPLS migrations, site-to-site IP sec VPN tunnel, BGP attributes such as Local Preference, MED, AS-PATH, PIX firewall to ASA firewall

Jr. Network Engineer

Confidential

Responsibilities:

• Worked on configuring Site-to-site and remote access VPN solutions.
• Worked with team to design and implement two-tier network with collapsed Distribution/Core and Access-layer for campus Network.
• Worked on implementing and maintaining security systems: Firewalls, IPS and VPN solutions (Palo-Alto, Cisco).
• Configured Catalyst 3750-x Switches for Access layers and Catalyst 6509-E for Distribution.
• Physical / hands-on support in corporate Data Centres.
• Configured and installed wireless access points (WAP) at various locations in the company.
• Troubleshot LAN/WAN by using routing protocols EIGRP, OSPF, & BGP.
• Configured QOS for Traffic priority, policing and shaping and congestion management.
• Upgrade of Cisco IOS and troubleshooting of network connectivity.
• Configuration and commissioning of the MPLS circuits for various branch offices.
• Implement Access lists and policy-based routing in Cisco routers and Layers 3 switches.
• Perform IP address planning, designing, installation, configuration, testing, maintenance, and troubleshooting in complete LAN, WAN environment.

Environment: NAC product, inter-VLAN routing, port fast, uplink fast, Frame Relay WAN, IGRP, RIPv2, EIGRP, Static, MPLS migrations, site-to-site IP sec VPN tunnel, BGP attributes such as Local Preference, MED, AS-PATH, PIX firewall to ASA firewall.