SUMMARY:

• 6+ years of professional experience with specialization in Datacenter management.
• Experience in network designing, implementation and troubleshooting of complex infrastructure which includes firewalls, routing and switching on enterprise networks.

TECHNICAL SKILLS:

Networking Concepts: OSI Model, TCP/IP, UDP, IPV4, IPv6, Subnetting, VLSM

Routing Protocols: RIP, IGRP, EIGRP, OSPF, BGP, Static Routing, Route Filtering, Redistribution, Summarization

Gateway Load Balancing: HSRP, VRRP, GLBP

Infrastructure services: DNS, ICMP, SNMP, ARP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP and FTP

Switch Technologies: VLANs, VTP, STP, RSTP,PVST+, DTP, MLPPP, IEEE 802.1q, MPLS, ISL and dot1q, SMTP, VLAN, Inter - VLAN Routing, Light weight access point

WAN Technologies: Frame Relay, PPP, HDLC, (E1/T1/E3T3)

Security: VPN, NAT/ PAT, access-lists, IPSEC, Juniper SRX, TACACS+, RADIUS

Firewall: Cisco PIX, ASA, Juniper Secure Access VPN Appliance, Checkpoint and Palo Alto

Network Management Tools: Wireshark, Net flow Analyzer, Cisco Works, Ethereal, SNMP, and HP open view, OPNET, Tufin, Websense, Blue coat proxy

Load Balancers: Cisco CSM, F5 Networks (Big-IP) LTM 8900

Operating Systems: Microsoft Windows Server 2003/2008/2012, Windows XP/Vista/7/8, Linux

Other Technologies: VISIO, VMware, Mat Lab, GNS3, Microsoft Word, Excel, SQL

PROFESSIONAL EXPERIENCE:

Confidential,Atlanta, CA

Network Security Engineer

Responsibilities:

• Palo Alto installation, configuration, administration, monitoring and implementing the policies in Palo Alto 3020 and 5250.
• Performed Application Dependency Mapping to migrate to application centric data center, m apping all hosts to application and track all inter dependencies.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering).
• Deployed Palo Alto for web filtering and application control.
• Manage Palo Alto Firewalls using Panorama configuring Device Groups and Templates.
• Configured IpSec Vpn and performed updates/password recovery on Palo alto.
• Configured and monitored Firewall logging, DMZ's and related security policies.
• Implementing QoS on PE and CE as per BTs templates and upgrading bandwidth and QoS as per client requirement. Configuring rules and Maintaining Palo Alto Firewalls & Analysis of firewall logs using various tools.
• Active participation in the migration of cisco ASA 5040 to Palo alto.
• Extensive Knowledge on the implementation of Cisco ASA 5500 series and checkpoint R 75 firewalls.
• Experience in Network Management Tools and sniffers like HP-Open view, Wireshark and Cisco works to support 24 x 7 Network Operation Center .
• Configured SITE TO SITE VPN using 3DES , AES/AES-256 on Cisco ASA 5500 series firewall between Headquarters and Branch office.
• Work on Checkpoint Platform including Provider Smart Domain Manager . Worked on configuring, managing and supporting Checkpoint Gateway .
• Experience in configuring, deploying and deployment of Cisco Security Manager (CSM) for management of ASA Firewall series
• Implemented the policy rules and DMZ for multiple clients of the state on the Checkpoint firewall .
• Experience in analyzing security logs generated b y IDS/IPS, firewalls, network flow system, anti-virus and other security log sources
• Established the monitor routes on Checkpoint Firewall that allows the F5 LTM to monitor the backend nodes or server.
• Working on the project of F5 LTM, GTM and ASM code upgrade project, doing couple of them every week .
• Extensive experience on Cisco 2500, 2600, 2800 series routers and 1900, 2900, 3560, 3750 series switches.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for data center access architecture.
• Configuring templates on Cisco prime and deploying them seamlessly over the network and providing reports from Cisco prime.
• Integrate Microsoft active directory ( LDAP ) into checkpoint for identity awareness and user authentication.
• Configure and manage LDAP User management with Checkpoint Smart Directory .
• Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers.
• Configured Cisco Routers with EIGRP, OSPF, BGP, Static and default route.
• Configuring VLANs/routing/NATing with the firewalls as per the network design.
• DesigningF5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.
• Installed and Configured the F5 BIG-IP LTM, configure virtual servers and associate them with pools for internal web servers.
• Configured VTP on Core and several access layer switches, implemented Layer2 Etherchannel between various switches and hosts.
• Used solarwinds for monitoring and troubleshooting network devices in different time zones.
• Worked with STP (PVST, RSTP) for switching loop prevention and VLANs for data and voice and also worked on Configuration of port security. Switching tasks include VTP, ISL/ 802.1q, IPSec and GRE Tunneling, VLANs, Ether Channel, Trunking, Port Security, STP and RSTP.
• Worked on INFLOBOX for Network Device Monitoring. Setting up Infoblox for local DNS and DHCP Configurations.
• Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed.
• Traced OSI layers and extracting the packet information at each layer. Worked on Wireshark, TCP/IP, and OSI Layers for packet tracking and Drafted & finalized progress reports, final report.
• Experience in migration of VLANS. Responsible for layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trunking, deployed port security when possible for user ports
• Assisted in troubleshooting LAN connectivity and hardware issues in the network.
• Worked on remedy ticketing tool for handling different priority level tickets.

Confidential, Austin, TX

Network Security Engineer

Responsibilities:

• Worked with Juniper Net Screen 500/5200 and Juniper SRX 650/3600.
• Migrating from Checkpoint R77 Firewalls to Juniper Firewalls.
• Designed and configured OSPF, BGP on Juniper Routers and SRX Firewalls .
• Creating rules on the checkpoint firewall for a NAT to the VLAN IP and to allow the IPsec traffic.
• Configuration and integration of Cisco Wireless LAN Controllers WLC with ISE for performing Dot1x authentication to Wireless users.
• Installation and configuration of Checkpoint NG R55 & NGX R60.
• Used Jflow for working with feeds and flow feeds. Used Snort and sniffer trace for Monitoring and maintenance LAN/WAN.
• Worked on Cisco ISE in wired, wireless, VPN configurations using device profiling, posturing, PxGrid, ThreatGrid and SGT's.
• Hands on creating Url filter, security policies .
• Modification of internal infrastructure by adding switches for supporting server farms and adding servers to existing DMZ environments for supporting new and already existing application platforms.
• Worked on Big IP F5 Load Balance: setting up, surveillance and configuration of F5 load balancer (using LTM & GTM).
• Setup and maintained checkpoint security policies including NAT/VPN and secure remote access.
• Experience with network security protocols such as IPSEC tunnels, GRE tunnels, NAT (PAT), ACLs and VPN.
• Participated in the installation, configuration, post installation, daily operational tasks and configuration and deployment of Cisco Nexus equipment 7010, 5596 and 2248 .
• Researched, resolved and documented Syslog generated errors as escalated.
• Configuring IP, RIP, EIGRP, OSPF and BGP in routers.
• Upgrading of network connectivity occasionally between the branch office and the regional office through multiple link paths and routers running HSRP, EIGRP with unequal cost load balancing to build flexible network.
• Conversion of Branch WAN links from TDM circuits to MPLS and for converting encryption from IPsec to get VPN. Worked on DHCP for automatically assigning the reusable IP addresses for clients(DHCP).
• Implementation of ACLs and authentication (EIGRP, BGP) to ensure high reliability on the network.
• Worked on Junos for configuration, manipulation and monitoring all Juniper network devices.

Confidential

Network Engineer

Responsibilities:

• Experience on a mesh 6500 and 5500 series routers and switches to support the core trading system.
• Involved in Upgrades and backups of Cisco router configuration files to a TFTP server.
• Implementing and maintaining backup schedules as per the company policy.
• Experience working with High performance data center switch like nexus 7000 series.
• Manage Cisco Routers and troubleshoot layer1, layer2 and layer3 technologies for customer escalations.
• Created engineering configuration, Security Standards, documenting processes and Network documentation using Microsoft Visio
• Implemented the concept of Route Redistribution between different routing protocols
• Switching related tasks included implementing VLANS, VTP, STP and configuring on Fast Ethernet .
• Planning and implementation of Subnetting, VLSM in order to conserve IP address
• Monitored all Cisco equipment's using Cisco Works.
• Monitoring alerts & events in Cisco IPS.
• Monitoring network devices using HP Network Node Manager.
• Performed on-call support for installation and troubleshooting of the configuration issues.
• Researched, resolved and documented Syslog generated errors as escalated.
• Worked on installation, maintenance, and troubleshooting of LAN/WAN (ISDN, Frame relay, NAT, DHCP, TCP/IP). Configured Access Lists (Standard, Extended, and Named) to allow users all over the company to access different applications while blocking others.
• Maintenance and troubleshooting of connectivity problems using P ING , and traceroute .
• Settings of the networking devices (Cisco Router, switches) co-coordinating with the system/Network administrator during any major changes and implementation
• Routing protocols OSPF, RIP & BGP

Confidential

Network Engineer

Responsibilities:

• Involved in the configuration & troubleshooting of routing protocols such as MP-BGP , OSPF, LDP, EIGRP, RIP, BGP v4, and IP access filter policies
• Creating a priority list of what type of attacks to focus on vs . what can be accomplished and identifying timeline on how to accomplish all the functionality ASM can provide.
• Conducted testing (R&S) validations, reviewed network configuration, and made recommendations for core infrastructure design of the Nexus enterprise infrastructure.
• Cisco VLAN implementation (Created over 15 VLANS for network segmentation).
• Configured HSRP to provide high availability.
• Agile Project management was implemented using JIRA and Clarity tool used for the Lifecycle Project Management
• Involved in the configuration & troubleshooting of routing protocols such as MP-BGP , OSPF, LDP, EIGRP, RIP, BGP v4 , and IP access filter policies.
• Configured and connected to the MPLS the new L2 switches for the network expansion.
• Implemented monitoring system for multicast traffic in the IPTV backbone and the MPLS Network .
• Carried out Cisco/Juniper Metro-access and Pre-Aggregation Routers Testing, validation, selection & successful integration in IP/MPLS Mobile Backhaul greenfield network
• Work with the data center planning groups, assisting with network capacity and high availability requirements.
• Configured network access servers and routers for AAA Security (TACACS+).
• Managing and configuring of Wide Area Networking Protocols like HDLC, PPP .
• Involved with the Systems team to Install, configure, & maintain AD, DNS, DHCP on Windows Server, and also configured a FTP server.
• Troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment.