SUMMARY:

• Cisco Certified Network Engineer with over 9 years of experience in networking, installing, configuring and maintaining network devices.
• Implementing IP addressing schemes, Routing, Switching and Firewall Security, including hands - on experience in providing network support, installation and analysis for a broad range of LAN / WAN/MAN communication systems.
• Experience working with 2600, 2900, 3600, 3800, 3900, 7200, 7600 series Cisco routers.
• Proficient in configuring Cisco Catalyst 2900,2960, 3560, 3750, 4500, 4900, 6500 series and Nexus 2248, 5548 and 7010 switches.
• Extensively worked on Cisco catalyst 6509 and implemented VSS along with VDC and VPC on Nexus 5505, 7009 switches.
• Expertise in Configuration of Virtual Local Area Networks (VLANS) using Cisco routers and multi-layer Switches and supporting STP, RSTP, PVST, RPVST along with trouble shooting of inter-VLAN routing and VLAN Trunking using 802.1Q.
• Exposure to multiple technologies and builds/troubleshooting: VSAN/NSX/SDN/VXLAN, etc. 
• In-depth knowledge and hands-on experience in Tier II ISP Routing Policies, Network Architecture, IP Subnetting, VLSM, TCP/IP, NAT, DHCP, DNS, FT1 / T1 / FT3 / T3 SONET POS OCX / GigE circuits, Firewalls.
• Implemented redundancy with HSRP, VRRP, GLBP, Ether channel technology (LACP, PAgP) etc.
• Configuration, Troubleshooting and Maintenance of Fortigate, Checkpoint, Palo Alto Firewalls (160+ firewalls) - PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Worked on Splunk Implementations and configuration management.
• Configuring BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Proficiently implemented traffic filters using Standard and Extended access-lists, Distribute-Lists, Route Maps and route manipulation using Offset-list.
• Hands on experience in deployment of GRE tunneling, SSL, Site-Site IPSEC VPN and DMVPN.
• Managed inventory of all network hardware, Management and Monitoring by use of SSH, Syslog, SNMP, NTP.
• Expertise on Cisco DNA solutions ISE, NGFW, Prime, ESA, WSA, VPN and CWS implementations.
• Expertise in installing, configuring and troubleshooting Juniper EX Switches (EX2200, EX2500, EX3200, EX4200, EX4500, EX8200) series.
• Expertise in OSI layer model/TCP/IP.
• Expertise on VMware V center, ESX and Citrix environment.
• Extensive knowledge and experience of routing and switching protocols RIP v1 & v2, OSPF, EIGRP, BGP, NAT and VLAN.
• Have knowledge on various advanced technologies like Aruba wireless, VOIP, H.323, SIP, QOS, IPv6, Multicasting, and MPLS.
• Strong knowledge of TACACS+, RADIUS implementation in Access Control Network.
• Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.
• Worked on Phython, sherl scripting and automation Rest APIs integrations.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience.
• Experience in designing MPLS VPN and QOS for architecture using Cisco multi-layer switches.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for a datacenter access architecture
• Expertise in installing, configuring and troubleshooting Juniper Routers (E, J, M and T-series)
• Implementing security policies using Cryptography, ACL, SDM, PIX Firewall, IPsec, VPN, and AAA Security on different series of routers.
• Strong hands on experience on PIX Firewalls, ASA (5540/5550) Firewalls . Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ & RADIUS).
• Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools.

TECHNICAL SUMMARY :

Routing: OSPF, EIGRP, BGP, RIP v1/v2, PBR, Route Filtering, Redistribution, Summarization, and Static Routing.

Switches: Nexus 2K/5K/7K, Cisco Catalyst 2900, 3500, 3700,6500, 4500, 3850,3560, 3750, 2960

Switching: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Ether channel, Transparent Bridging.

Network Security: Cisco ASA 5540, firepower, checkpoint, Palo alto,ISE, Stealth watch ACL, IPSEC, F5 Load Balancer, ESA,WSA, NGFW and Fortigate.

Load Balancer: F5 Networks (Big-IP) LTM 8900 and 6400.

LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet

WAN: PPP, HDLC, Channelized links (T1/T3), Fiber Optic Circuits, Frame Relay, VOIP

Gateway Redundancy: HSRP and GLBP

WAN Optimizer: Riverbed Steelhead Appliance

DHCP and DNS: Infoblox

Various Features & Services: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP, FTP.

AAA Architecture: TACACS+, RADIUS, Cisco ACS and ISE

Network Management: Wireshark, SNMP, Solar winds, Blue coat, NAC, ISE and AD

WORK EXPERIENCE

Confidential, North Carolina

Sr. Network Security Engineer

Responsibilities:

• Managing and configuring Cisco ESA, WSA, ASA and Firepower devices independently.
• Configured IP, EIGRP and OSPF in routers. Configured and installed multi-protocol (IP, IPX) multi-interface Cisco routers.
• Knowledge on Cisco DNA solutions ISE, NGFW and Prime implementations.
• Providing mentoring services during the Design, Planning and Implementation phases - including Security Optimization Subscription, Security Design Assessment, Security Design / Configuration Reviews, and Cisco security product implementations.
• Responsible for listening to Partner requirements and understanding their needs in security.
• Provided with POC/POV for partners to implement all cisco security solutions.
• Worked on ISE 802.1X, ISE wired/wireless guest and ISE trustsec implementations.
• Managed fast Layer 3 switched/routed LAN/WAN infrastructure as a part of Network team. The LAN consisted of Cisco campus model of Cisco 3550 at access layer, Cisco 6513 at distribution/core layer.
• Advise Partners to their satisfaction and meeting Cisco quality of design.
• Leverage lab capabilities to experiment learn and test on.
• Providing the full deployment services on ISE, Next generation firewall and Prime.
• Providing solutions to ESA, WSA, CWS, Content security management appliance, ASA, ASAv and ASA with Firepower.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/Nating with the firewalls as per the design.
• Implementation of Wireless access points, Cisco 3750, 3850 switches and Cisco 3900 and ASR 1000s routers to new sites.
• Assistance with initial installation, upgrade and migration planning, troubleshooting, compatibility and sizing questions.
• Assistance with specific design questions, provide design guidance according to Cisco’s best practices.
• Assistance with demos, production pilots, proof of concepts, initial setup and configuration, implementation and troubleshooting.
• Mentoring the partner technical engineer on executing the Voucher Guidelines for ISE Trustsec activation, ISE Wireless guest management activation, Next Generation Firewall and Prime activation.
• Contribute directly to Cisco's knowledge management initiatives by documenting and briefing other Cisco security consultants on lessons learned from engagements.
• Helped the partners and customers on Stealth watch, APICEM and IWAN activations and site readiness.

Environment: Cisco 2948/3560/4500/3560/ 3750/3550/3500/2960 6500 switches and Cisco 3640/12000/ 7200/3845/3600/2800 routers ASR and ISR series, Cisco Nexus 7K/5K,AVC, Net flow, Cisco ASA, AD/LDAP, ISE wired/wireless/Trustsec/802.1x, Prime wired/wireless, Firepower, ESA, WSA, stealth watch, Apicem and IWAN.

Confidential, Mclean, Virginia

Sr. Network Security Engineer

Responsibilities:

• Managing and configuring Cisco Switches and Routers independently.
• Hands on experience with troubleshooting and configuring terminal servers. Providing Technical Support and solutions for Network Problems.
• Creating and managing user accounts to all team members in partner environment.
• Experience in Cisco switches and routers: IP addressing, WAN configurations.
• Hands on using crimp tools, punch down tools to punch cables to the 110 data/voice blocks.
• Communicating and escalating tickets with service providers for network outage issues.
• Monitoring Network infrastructure using SNMP tools HP NNM, Solar winds and Opnet.
• Coordinating with Security team for NAT configuration and troubleshooting issues related to access lists and DNS/DHCP issues within the LAN network.
• Escalation of procedures and customer notifications.
• Assisted on URL web filtering migration from Blue Coat and Websense to Palo Alto firewalls.
• Experience in troubleshooting VLAN, STP (Spanning tree protocol), & Switch Trunk and IP subnet issues.
• Worked on Physical site; latency and slowness issues in transmitting results within internal quest network.
• Implementation of Cisco 3750, 3850 switches and Cisco 3900 and ASR 1000s routers to new sites.
• Involved in complete LAN, WAN, Extranet redesign (including IP address planning, designing, installation, pre configuration of network equipment, testing, and maintenance) in both Campus and Branch networks.
• Experience working with Nexus 7010, 5020, 2148, 2248 devices.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
• Provided support on SCADA applications.
• Deployed ACI data center lab facilities and supported with Open stack and VMware ESX
• Utilized the Blue Coat Proxy Web Security, SIEM, SOC, Malware Tracking, Rapid7-NeXpose, and Tuffin, IPS/IDS, Nessus Tenable, Retina, Solaris OS for addressing the PCI DSS and Compliance and Cryptographic Services.
• Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Configuring ASA Firewall and accept/reject rules for network traffic.
• Designing, implementing LAN/WAN configurations on Cisco 5K, catalyst 6500 switches.
• Installing, configuring Cisco Catalyst switches 6500, 3750 & 3550 series and configured routing protocol OSPF, EIGRP, BGP with Access Control lists implemented as per Network Design.
• Experience working with JUNOS OS on Juniper Routers and Switches.
• Familiar with JUNOS space and other management tools.
• Expertise in maintenance of layer2 switching tasks which advocate VLAN, VTP, STP, RSTP, PVST, RPVST, configuring of ether channel with LACP and PAGP along with troubleshooting of inter-VLAN routing.
• Provide Tier III Level Load Balancer expertise on F5 BigIP Local Traffic Managers (LTM). Designing F5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.
• Packet capturing, troubleshooting on network problems with Wireshark, identifying and fixing problems
• Performing network monitoring, providing analysis using various tools like Wireshark, Solar winds etc.

Environment: Cisco 2948/3560/4500/3560/ 3750/3550/3500/2960 6500 switches and Cisco 3640/12000/ 7200/3845/3600/2800 routers, Cisco Nexus 7K/5K,Infoblox, Cisco ASA 5000, F5 BIGIP LTM, RIP, OSPF, BGP, EIGRP, LAN, WAN, VPN, HSRP

Confidential, Newark, New Jersey

Sr. Network Security Engineer

Responsibilities:

• Involved in complete LAN, WAN development (including IP address planning, designing, installation, configuration, testing, maintenance etc.).
• Involved in Switching Technology Administration including creating and managing VLANS’s, Port security, Trunking, STP, Inter Vlan routing, LAN security etc.
• Configured IP, EIGRP, RIP, BGP and OSPF in routers. Configured and installed multi-protocol (IP, IPX) multi-interface Cisco routers.
• Successfully installed Palo Alto Next-Generation PA-3060, PA-5060 firewalls to protect Data Center with the use of IPS feature.
• Key point of contact with the Global Network Operations Center GNOC. Blue Coat Proxy, Check Point, Utilized SMART technology that enables the PC to predict the future failure of hard disk drives.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for datacenter access architecture and VXLAN on nexus switches.
• Experience configuring Virtual Device Context in Nexus 7010
• Configuring RIP, OSPF and Static routing on Juniper M and MX series Routers
• Managed corporate Checkpoint Firewall management and operation, implementing security rules, and mitigating network attacks.
• Working with Checkpoint Support for resolving escalated issues.
• Deployed Site to Site and Client to Site VPNs utilizing Checkpoint Firewall-1/VPN-1.
• Provide Tier III Level Load Balancer expertise on F5 BigIP Local Traffic Managers (LTM). Designing F5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.
• Configuring IPSEC VPN (Site-Site to Remote Access) on Juniper SRX firewalls 210,220 and 240 series and built chassis clusters on them.
• Prepare a replacement strategy for EOS firewalls with Cisco and Juniper.
• Configuring VLAN, Spanning tree, VSTP, SNMP on EX series switches
• Once trouble ticket has been created, keep customer informed of status of ticket and estimated time to repair.
• Implemented Zone-Based Firewalling and Security Rules on the Palo Alto Firewall.
• Coordinating with service providers for WAN link outages.
• Checking and configuring Cisco 7600 and 7200 routers at data center for remote sites’ issues.
• Working on Cisco 6509 and 4507 series switches for LAN requirements that include Upgraded and updated Cisco IOS from 12.3T to 12.4. Used to DHCP to automatically assign reusable IP addresses to DHCP clients.
• Used PIX Firewall and ACLs for authentication of EIGRP to ensure high security on the network.
• Configure and implement remote access solution for customers: IPSEC, Site2Site, GRE tunnel end-to-end
• Configured Cisco 7200 routers, which were also connected to Cisco PIX 535 security appliances providing perimeter, based firewall security.
• Used load balancers ACE and load balancing technique with multiple components for efficient performance and to increase reliability through redundancy.
• Involved in migration from Frame-Relay/ATM network to MPLS-based VPN for customer’s WAN infrastructure.
• Used Network monitoring tools to ensure network connectivity and Protocol analysis tools to assess and pinpoint networking issues causing service disruption.
• Environment: Cisco routers 7200, IOS 12.4 & switches 3750, 4500, 6500; RIP, OSPF, EIGRP, VLAN, DHCP, DNS, MPLS, ISDN, DSL, T1 Lines.
• Optimized performance of the WAN network consisting of Cisco 3550/4500/6500 switches by configuring VLANs.
• Experience with configuring Nexus 2000 Fabric Extender (FEX) which acts as a remote line card (module) for the Nexus 5000.
• Extensive knowledge and troubleshooting in data communication protocols and standards including TCP/IP, UDP, IEEE 802.3, Token Ring, Cable Modem, PPPOE, ADSL, Multilayer Switching, DoD standards.
• Managed the F5 BigIP GTM/LTM appliances to include writing iRules, SSL offload and everyday task of creating WIP and VIPs.
• Other responsibilities included documentation and supporting other teams.

Environment: Cisco 3750/3550/3500/2960 switches and Cisco 3640/12000/ 7200/3845/3600/2800 routers, OSPF, BGP, VLAN, HSRP, LAN, WAN, IPV4,Infoblox, ASA Firewall, AVC, Net flow, Checkpoint, Nexus 7K/5K/2K.

Confidential, Redmond, Washington

Network Admin/Engineer

Responsibilities:

• Implementation of analysis, optimization, troubleshooting and documentation of LAN/WAN networking systems.
• Configured and troubleshoot OSPF and EIGRP.
• Planning and configuring the routing protocols such as OSPF, EIGRP, RIP, and Static Routing on the routers.
• Tested authentication in OSPF and BGP.
• Troubleshoot traffic passing managed firewalls via logs and packet captures
• Configured and resolved various OSPF issues in an OSPF multi area environment.
• Worked with telecom vendors in regards to network fault isolation.
• Hands-on experience with WAN (ATM/Frame Relay), Routers, Switches, TCP/IP, Routing Protocols (BGP/OSPF), and IP addressing.
• Installation of Palo Alto (Application and URL filtering, Threat Prevention, Data Filtering).
• Successfully installed Palo Alto PA-3060 Firewalls to protect Data Center.
• Integrate Data Center technologies such as ASR, Catalyst, Nexus, UCS and Storage as well as Layer 4-7 devices including but not limited to Firewalls and Load balancers with ACI and APIC.
• Implemented Positive Enforcement Model with the help of Palo Alto Networks.
• Configuring rules and maintaining Palo Alto Firewalls & Analysis of Firewall logs.
• Configured CIDR IP RIP, PPP, BGP and OSPF routing.
• Involved in the configuration & troubleshooting of routing protocols: MP-BGP, OSPF, LDP, EIGRP, RIP, BGP v4. Configured IP access filter policies.
• Experience with Firewall Administration, Root cause analysis, Rule Analysis, Rule Modification.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Deployed 7613 as PE and CE router and Configured and troubleshoot the Edge Routers.
• Excellent troubleshooting knowledge on T1, T3, OC-3 and OC-12.
• Generated RCA (Root Cause Analysis) for critical issues of layer1/layer2/layer3 problems.
• Configuration and troubleshooting of Cisco catalyst 6509, 7613 with supervisor cards.
• Worked with Juniper Firewalls.
• Experience with implementing and maintaining network monitoring systems (Cisco works and HP Open view) and experience with developing complex network design documentation and presentations using VISIO.
• Estimated Project costs and created documentation for project funding approvals.
• Configured ASA 5540 to ensure high-end security on the network with ACLs and Firewall.
• Used IPSec VPN tunneling to provide access to user machines and partners in other network. Provided application level redundancy and availability by deploying F5 load balancers LTM.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with Cisco ASA VPN experience

Environment: NetFlow, TACACS, EIGRP, RIP, OSPF, BGP, VPN, MPLS, CSM, SUP720, Ether Channels, Cisco 7200/3845/3600/2800 routers, Juniper Net screen and SRX firewalls, Fluke and Sniffer, Cisco 6509/ 3750/3550/3500/2950 switches, Cisco ASA firewalls.

Confidential

Network Support Engineer

Responsibilities:

• Configured RIP and EIGRP on 2600, 2900 and 3600series Cisco routers
• Involved in troubleshooting of DNS, DHCP and other IP conflict problems
• Implemented VTP and Trunking protocols (802.1q and ISL) on 3560, 3750 and 4500series Cisco Catalyst switches
• Configuring and troubleshooting on WLC and WAP.
• Provided on-call support for installation and troubleshooting of the configuration issues
• Configured Standard, Extended, and Named Access Lists to allow users all over the company to access different applications and blocking others
• Planned and implemented Subnetting, VLSM to conserve IP addresses
• Configured STP for loop prevention and VTP for Inter-VLAN Routing
• Provided Technical support for improvement, upgradation, and expansion of the existing network architecture
• Done troubleshooting of TCP/IP problems and connectivity issues in multi-protocol Ethernet environment

Environment: Cisco Switches, Routers, TCP/IP, DNS, DHCP, WLC, WAP, VLAN

Confidential

Network Engineer

Responsibilities:

• Provided Level 1 Support for Broadband Connection to Virgin Media customer
• Worked As a Technical Support Executive under Virgin Media.
• Received inbound calls of technical nature, independently resolved customer complaints, concerns and inquiries regarding their Internet connection.
• Managed LAN and Wireless Network and performed troubleshooting On LAN, WLAN, Customer Modems (NTL 250, TERAYON, and MOTOROLA) And CPE Router (Cisco-Linksys, Belkin, D-LINK and Dynamode).
• Set up Home Network and provided troubleshooting and full support on virgin- media security Software (PC-guard).
• Troubleshoot a wide range of technical support issues and connectivity problems such as authentication, connection speed, e-mail configuration, and loss of synchronization.
• IOS upgrades on catalyst series switches like 2900, 3560, 3750.
• Troubleshoot TCP/IP problems and connectivity issues in multi-protocol Ethernet environment.
• Implemented trunking protocols like 802.1q on 3750 switches.
• Configured ACLs to provide accessibility and restrict unauthorized users.
• Involved in maintaining STP, RSTP and PVST+ for the catalyst switches I worked on.
• Configured and maintained RIP, OSPF and routing protocols on 2600 and 3600 series Cisco routers.
• Maintaining and troubleshooting of connectivity problems using Ping, Traceroute.
• Assisted in racking and stacking.
• Technical assistance for LAN/WAN management and customer issues.
• Other responsibilities also included documentation.

Environment: Cisco Switches, Routers, TCP/IP, DNS, DHCP, VLAN