PROFESSIONAL SUMMARY:

• 8.2 years of experience in Network design, Security, Tier support of Networks in various environments.
• In - depth expertise in the analysis, implementation, troubleshooting & documentation of LAN/WAN architecture and good experience on IP services.
• Expert in dealing with Networking Protocols and Standards such as TCP/IP, OSI, UDP, Layer 2 (VLANs, STP, VTP), Routing Protocols ( EIGRP, OSPF)
• Experience working with security devices such as Firewalls, VPN switches and Intrusion Detection Systems.
• Experience in troubleshooting NAT configurations, Access-Lists (ACL), and DNS/DHCP related issues within the LAN network.
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN Trunks, VTP Ether channel, STP, RSTP and MST.
• Extensive experience working on Palo Alto and Cisco ASA Firewalls.
• Responsible for the installation and configuration of Cisco ASA and Palo Alto Firewalls
• Experience on Network Monitoring & Testing tools such as Wireshark/Ethereal, Cisco Works.
• Knowledge of Subnetting IPv4/IPv6 addresses and IP address management.
• Experience in configuring HSRP and redistribution between routing protocols troubleshooting them.
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
• Hands on experience in configuring Cisco Catalyst 2960, 3750,3850, 4500, 6500 and Nexus 3000, 5000, 6000, 7000, 9000 series switches and Cisco 2600, 2800, 3600, 3800, 7200, 7600 series routers
• Cisco ASA/Palo Alto Firewall troubleshooting and policy change requests for new IP segments that either come on line or that may have been altered during various planned network changes on the network.
• Technical Knowledge on Cisco ASA 5500 series firewalls.
• Implementation of HSRP, VRRP and GLBP for Default Gateway Redundancy.
• Worked on Cisco Nexus 5010 Switch.
• Experience in F5, Cisco ACE 4710 Load balancers.
• Expert Level Knowledge about TCP/IP and OSI models.
• Excellent communication skills to interact with team members and support personnel and also can act as a mentor to less experienced personnel

TECHNICAL SKILLS:

Operating Systems: Windows (Server 2003/2008, Vista, Windows 7), Linux OS

Routers: Cisco GSR12016, ASR1001, 2900, 3900, 7200, 7600 & ASR9000

Switches: Cisco 3750, 4507, 4510 & 6500 series switches, Nexus 7010, 5548

Routing: MPLS, OSPF, EIGRP, BGP,PBR, IS-IS, Route Filtering, Redistribution, Summarization, Static Routing

Switching: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging.

Network security: Cisco (ASA, PIX) 5510, ACL, IPSEC VPN, GRE VPN

Load Balancer: F5 Networks (Big-IP) LTM Module, Cisco ACE 30 load balancer

LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet.

WAN: Leased lines 128k - 155Mb (PPP / HDLC), Channelized links (T1/DS3/OC3/OC12), Fiber Optic Circuits, Frame Relay, ISDN, Load Balancing. Various Features & Services: IOS and Features, HSRP, GLBP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP Management

AAA Architecture: TACACS+, RADIUS, Cisco ACS

Network Management: SNMP, Solar Winds, HP open view, and Wire shark

Reports and Network Diagrams: Microsoft (Visio pro.)

PROFESSIONAL EXPERIENCE:

Confidential, Houston, TX

Sr. Network Security Engineer

Responsibilities:

• Configuring Static, IGRP, EIGRP, and OSPF Routing Protocols on Cisco 1600, 2600, 2800, 3600, 7300 series Routers.
• Configure various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
• Migrating access policies from Cisco ASA to Palo Alto firewalls.
• Responsible for entire company network infrastructure that includes Cisco Switches, Routers, Firewalls, Access Points, Servers .
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a data center access architecture.
• Involved in configuring VPC(Virtual Port Channel), VDC(Virtual Device Context) in Nexus 7010/7018 devices
• Configured VLAN’s, Private VLAN’s.
• Design, and configuring of OSPF, BGP on Juniper Routers and Palo alto Firewalls
• Extensive use of NSM (Network and Security Manager) and CSM (Cisco Security Manager) for adding or modifying firewall policies for the firewalls in use.
• Configure various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches and Access layer switches such as Cisco 4510, 4948, 4507 switches for VLAN, Fast Ether Channel configuration.
• Designed and Implemented Firewalls, F5 Viprion  deployments to Front end and DMZ customers.
• Proficient with F5 LTM and Cisco CSM load balancer in-between the servers inside the server farm and DMZ.
• Migrate the older Omniswitch-6800 devices at branches to Juniper EX4200,EX4300 devices as a part of the tech refresh project with higher port density
• Configuring Virtual Chassis for Juniper switches EX-4200,Firewalls SRX-210
• Experience with Network Automation using Python.
• Performed configuration, deployment and support of cloud services including Amazon Web Services (AWS) and deploy monitoring, metrics, and logging systems on AWS
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
• Configured Site to Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
• Preformed IOS upgrades on Cisco routers and switches.
• Configured inside ACL, outside ACL, inside, outside interfaces.
• Configured NAT and PAT policies.
• Configured Easy VPN server and SSL VPN to facilitate various employees’ access internal servers and resources with access restrictions
• Working with Juniper JUNOS on M and MX series routers.
• Configuration and troubleshooting of EIGRP, OSPF, BGP.
• Configuration and troubleshooting of CSM, integration with ASA devices.
• Experience in migration of VLANS & Configured VLANs with 802.1q tagging, Ether channels, and Spanning tree for creating Access/distribution and core layer switching.
• Installed and configured DNS, DHCP. Responsible for creating and configuring FORWARD LOOKUP ZONE AND REVERSE LOOKUP ZONE.
• Redistributed required routes from OSPF in to BGP. OSPF cloud is present in US and is connected to all our customers over Sprint’s Frame Relay backbone
• Implementation of Access Lists for allowing/blocking desired traffic.
• Configured EBGP load balancing and ensured stability of BGP peering interfaces
• Implemented site to site VPN with Palo Alto Firewalls as per customer Worked on Route-Reflectors to troubleshoot BGP issues related to customer route prefixes also route filtering using Route-maps.
• Involved in migration of F5 Local traffic managers of LTM 5100 series to LTM 6800 series for higher.
• Worked extensively on Cisco ASA 5500(5510/5540) Series
• Deployed BIG IP Enterprise manager to cluster all the F5 LTM, GTM, ASA, Netscreen devices for easier management and common configurations.
• Building the VPN tunnel and VPN encryption.
• Mapped, Network Diagrams and physical identification in MS Visio.
• Worked with engineering team to resolve tickets and troubleshoot L3/L2 problems efficiently.

Confidential, Phoenix, AZ

Network Engineer

Responsibilities:

• Responsible for the installation and configuration of Palo Alto Firewalls
• Configure and implement Palo Alto Wildfire and URL filtering PAN DB
• Palo alto firewall rule base review and fine tuning recommendation.
• Implementation of Site-to-Site VPNs over the internet using 3DES, AES/AES-256 with ASA Firewalls
• Configuring, Monitoring and Troubleshooting Cisco’s ASA 5500 security appliance, Failover DMZ zoning and configuring VLANs/routing/NATing with the firewalls as per the design.
• Worked on Extensively on Cisco Firewalls, Cisco (506E/515E/525/) & ASA 5500(5510/5540) Series
• Implement Cisco IOS Firewall IDS using 2600 series router
• Adept at configuring and troubleshooting of VPC on Nexus 7Ks, 5Ks and VSS on Cat 6509, 4500-X.Expertise in Configuration of Virtual Local Area Networks (VLANS) using Nexus 7Ks, Cisco routers and multi-layer.
• Experience with setting up IPSEC VPN on Juniper SRX 3600 Firewalls towards the multiple Customer sites as backup path to the datacenter
• Understand the JUNOS platform and worked with IOS upgrade of Juniper devices
• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls
• Performed OSPF, BGP routing protocol administration.
• Configure and implement Palo alto Wildfire and URL filtering PAN DB
• Configured and maintained IPSEC and SSL VPN's on Palo Alto Firewalls
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches.
• Configured and debugged policy based routing for special traffic, route filtering with route maps, route redistribution.
• Expertise in configuration of routing protocols and deployment of OSPF, EIGRP, BGP and Policy routing over Cisco Routers, Switches ( Nexus 7Ks, Catalyst 6500 ).
• Performed ISSU on Nexus Switches and responsible for troubleshooting application latency.
• Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Worked on F5 LTM series like 7050, 4800, 2200 for several applications and their availability.
• Configured VLAN Trucking 802.1Q, STP, and Port Security on Catalyst 6500 switches.
• Router memory & IOS upgrade with TFTP.
• Was Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches, fixes, and all around technical support.
• Responsible for designing and implementation of customers network infrastructure
• Help negotiate hardware, software, and circuit contracts for customers
• Redesign customers office copper and fiber cable plant for scalability
• Build and maintain Visio documentations for Clients
• Network Assessment and Documentation (including technical, operational, and economic assessment)
• Ensured network, system and data availability and integrity through preventative maintenance and upgrade.

Confidential, Atlanta, GA

Sr. Network Engineer

Responsibilities:

• Installing, Configuring and troubleshooting Cisco Routers (ASR1002X, 3945, 3845, 2800, 3600) and Switches to perform functions at the Access, Distribution, and Core layers.
• Configuring, upgrading and deployment of Nexus 7010, 5596 and 2248.
• Designing and installing new branch network systems. Resolving network issues, running test scripts and preparing network documentation.
• Configuring BGP, MPLS in Cisco IOS XR.
• Implemented F5 hardware refresh of older 3600 hardware to Viprion
• Worked on migration of existing PIX firewall to ASA firewall, PIX OS upgrade from 6.3 to 7.0.
• Configure BGP features such as as-override, Local pre, EBGP load sharing on client connections
• Involved in L2/L3 Switching technology administration including creating and maintaining VLANs, Port security, Trunking, STP, Inter Vlan Routing, LAN security.
• Configuring, Monitoring and Troubleshooting Cisco’s ASA 5500 security appliance, Failover DMZ zoning and configuring VLANs/routing/NATing with the firewalls as per the design.
• Installation and deployment of new class 9X and class 10 Server farms in multiple silos.
• Working with Cisco Nexus 2248 Fabric Extender and Nexus 5500 series to provide a Flexible Access Solution for datacenter access architecture.
• Ensuring problems are satisfactorily resolved in a timely manner with focus in providing high level of support for all customers.
• Working with wireless technologies troubleshooting and configuration.
• Establishing VPN Tunnels using IPSec encryption standards and also configuring and implementing site-to-site VPN, Remote VPN.
• Installed high availability Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers.
• Work with Engineering on Server Farm refresh project on consolidation and increasing the bandwidth on Server Access silos.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Configured and resolved various OSPF issues in an OSPF multi area environment between multiple branch routers.
• Responsible for Check Point and Cisco ASA firewall administration across global networks
• Providing daily network support for national wide area network consisting of MPLS, VPN and point-to-point site.
• Configuring HSRP between the 3845 router pairs of Gateway redundancy for the client desktops.
• Configuring GLBP, VLAN Trunking 802.1Q, STP, Port security on Catalyst 6500 switches.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
• Providing Level 3 support to customers, resolving issues by attending to conference calls.
• Configuring multiple route reflectors within a cluster.
• Working on HP open view map for Network Management System and Ticketing.
• Working on a broad range of topics such as routing and switching, dedicated voice access, planning and implementation, large-scale high-visibility outages, change management coordination, proactive monitoring and maintenance, disaster recovery exercise and core network repairs.
• Working on security levels with RADIUS, TACACS+.

Confidential

Network Engineer

Responsibilities:

• Performed network engineering, design, planning (WAN & LAN) & implementation. Studied single point failures & designed WAN structure in such a way that there are no failures in network in case of any device or link failure.
• Configured routing policy for BGP. Switching related tasks included implementing VLANs and configuring ISL trunk and 802.1Q on Fast-Ethernet channel between switches
• Configured and designed LAN networks with Access layer switches such as Cisco 4510, 4948, 4507 switches.
• Worked on Cisco ACE 4710 Load balancers
• Design and Implement DMZ for FTP, Web and Mail Servers with CISCO PIX 506, PIX515
• Troubleshooting on network problems with Wire shark, identify problem and fix.
• Implemented Cisco IOS Firewall IDS using 2600 series router.
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Setting up VLANS and configuring ISL trunk on Fast-Ethernet channel between Switches.
• Deployed a large-scale HSRP solution to improve the uptime of collocation customers, in the event a core router became unreachable.
• Implementing, Monitoring, Troubleshooting and Convergence in Frame-Mode MPLS inside the core.
• Designed and implemented security policies using ACL, firewall.
• Redistribution of routing protocols and Frame-Relay configurations.
• Configuring and troubleshooting type of routing to route traffic flow per customer requirement as primary, backup/load balanced and load splitting.
• Performed the maintenance of Active Directory and replication scheme, DNS/DHCP services and time services; wrote step-by-step procedures for implementing upgrades.
• Dealt with creating VIP(virtual servers), pools, nodes and applying iRules for the virtual servers like cookie persistency, redirection of the URL
• Configured VLANs on a switch for inter-VLAN communication. Configured VLAN Trunking Protocol (VTP) on Core Switches. Configured various LAN switches such as CISCO CAT 2900, 3550, 4500, 6509 switches for STP, VTP Domain, VLAN, Trunking, Fast Ether Channel configuration.
• Documented all the work done by using Visio, Excel & MS word.