PROFESSIONAL SUMMARY:

• Around 7 years of experience in Networking and Security, including hands - on experience in providing network support, installation and analysis for a broad range of LAN / WAN/MAN communication systems.
• Hands on experience in configuring Cisco Catalyst 2960, 3750, 4500, 6500 and Nexus 3000, 5000, 6000, 7000 series switches and Cisco 2600, 2800, 3600, 3800, 7200, 7600 series routers, Load Balancers & Cisco Firewalls
• Design and configuring of OSPF, BGP on Juniper Routers (MX960, MX480) and SRX Firewalls (SRX240, SRX550)
• Experience configuring and troubleshooting OSPF, EIGRP, BGP, VLAN’s, Trunking, VTP, STP, PVST, RSTP, HSRP, 802.1q, and Ether-channels.
• Experience securing and managing remote access using various VPN technologies like IPSec, SSL, and GRE.
• Working knowledge of network monitoring/management tools like Wireshark, Tcpdump, Cisco Prime, Net Flow, PRGT, Solar Winds.
• Experience in Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NAT with the firewalls as per the design.
• Experience with convert Checkpoint VPN rules over to the Cisco ASA solution. Migration with both Checkpoint and Cisco ASA VPN experience
• Involved in the configuration and maintenance of IPSec Site-Site VPN and Decommission etc.,
• Managed, upgraded and maintained operational data flows and ArcSight platforms.
• Maintained and modified hardware and software components, content and documentation.
• Created and documented reports, rules, trends and Dashboard.
• Analyzed ArcSight and related tools and resolved IT security failures.
• Configuring and implementing routing protocols including RIP, TCP/IP, and RIP v1/v2, OSPF, EIGRP, ISIS and BGP.
• Extensive knowledge of deploying & troubleshooting TCP/IP, Implementing IPv6, Translation from IPv4 to IPv6, Multilayer Switching, UDP, Ethernet, Voice & Data Integration techniques.
• Extensive knowledge in developing test plans, procedures, and testing Various LAN/WAN Products and Protocols.
• Strong interpersonal, organizational communication, customer service & presentation skills.
• Manage F5 load balancers and keep them up-to-date with OS and hotfix.
• Upgrade F5 LTM/GTM from 9.x to 10.x based on Linux OS
• Upgrade 1 GB to 10 GB and ether channel two interfaces
• Manage F5 Enterprise Manager 3000 (Ver 2.x) and 4000 (3.x)
• Implement logging using F5 Enterprise Manager and Microsoft SCOM using F5 MP
• Implement AD - Active Directory login on all F5 LTM/GTM pairs
• Implement various F5 iRule (F5’s TCL scripting language), add F5 GTM pair to existing group
• Experience with F5 LTM/GTM, Big-IP, load balancing, iRule, and WAN acceleration
• Knowledge of F5 Best Practices, used iHealth, SSL offloading, Route Domains, GTM Sync Group
• Performed professional level documentation using Visio diagrams.

TECHNICAL SKILLS:

Routers: Cisco 7600, 7200, 3800, 3600, 2900, 2800, 2600

Routing: OSPF, EIGRP, BGP, RIP v1/v2, PBR, Route Filtering, Redistribution, Summarization, and Static Routing.

Switches: Nexus 2K/5K/7K, Cisco Catalyst 6500, 4500, 3850,3560, 3750, 2960

Switching: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch, Ether channels, Transparent Bridging.

Network Security: Cisco ASA 5540, ACL, IPSEC, F5 Load Balancer, Checkpoint

Juniper Platforms: SRX, MX, EX Series Routers and Switches

Load Balancer: F5 Networks (Big-IP) LTM 8900 and 6400.

LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet

WAN: PPP, HDLC, Channelized links (T1/T3), Fiber Optic Circuits, Frame Relay.

Comm. Protocols: ARP, Wi-Fi, WiMAX, CDMA, 3G

Gateway Redundancy: HSRP and GLBP

WAN Optimizer: Riverbed Steelhead Appliance

DHCP and DNS: Infoblox

Various Features & Services: IOS and Features, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP, CDP, TFTP, FTP.

AAA Architecture: TACACS+, RADIUS, Cisco ACS.

Network Management: Wireshark, SNMP, Solarwinds

Script: Learned Ruby on Rails

PROFESSIONAL EXPERIENCE:

Confidential, Ashburn, VA

Network Security Engineer

• Providing network support, installation and analysis for a broad range of LAN / WAN/MAN communication systems.

• Configured, administered and documented firewall infrastructure and firewall rules.
• Managed firewall rule deployments, migrations and firewall administration.
• Performed conversion of Palo Alto & Checkpoint VPN rules to the Cisco ASA solution.
• Involved in the configuration and maintenance of IPSec Site-Site VPN and Decommission.
• Reviewed changes to network configuration for technical accuracy and provide solutions to Multi-Protocol Network problems.
• Involved in designing and commissioning WAN infrastructure for redundancy in case of link failure. Responsible for technical evaluation, troubleshooting, overall project management, problem solving and turn-up of the service with the ISP.
• Created and designed network layout and documented network system design with detail information using Visio software. Vendor co-ordination for hardware issues and assessment management.
• Strong interpersonal, organizational communication, customer service & presentation skills.
• Performed Lockdown and Firewall rule removal for cleanup and optimization of Check Point Firewall
• Performed cleanup shadowing rules and partial shadowing firewall rules
• Performed blueprint to add service or network objects, groups and modifications, upgrade and trouble shoot
• Performed professional level documentation using Visio diagrams.
• Performed on Palo Alto Firewall on network security software and hardware, security monitoring systems, encryption software, threat and vulnerability management services and software, identity management solutions and network objects on global group, clean up unused rules, decommission etc.
• Worked with Checkpoint Firewall (SPLAT/Gaia) for management (Smart Dashboard, Smart Monitor), Logging (Smart Log, Smart View Tracker) and PAN OS
• Implement Firewall rules on Checkpoint and ASA Firewalls
• Implemented Service Requests for Firewall changes daily and pushed the rules during the change window.
• Configured Site to Site IPsec VPN tunnel between data center and vendor
• Worked on Secure Track Tufin to analyze existing access in Check Point, ASA & Palo Alto firewalls
• Represented the team during change review meetings and updated network diagrams and all other applicable documents.
• Cleaned up unused firewall rules on the firewalls for better performance of firewalls
• Identified, designed and implemented flexible, responsive, and secure technology services
• Implemented the necessary changes such as adding, moving and changing as per the requirements of business lines in a data center environment
• Worked on Agile Project Management tools: VIPER (BMC Remedy), and Jira.
• Performed the implementation and maintenance of network monitoring systems (HP Service Manager) and developed complex network technical design documentation and presentations using VISIO
• Performed and presented network analysis as a part of network migration.

Confidential, Vienna, VA

Network Security Engineer

Responsibilities:

• Providing network support, installation and analysis for a broad range of LAN / WAN/MAN communication systems.

• Designed and participated in the deployment of enterprise wide Network Security and High Availability Solutions for ASA.
• Configured, administered and documented firewall infrastructure and firewall rules.
• Managed firewall rule deployments, migrations and firewall administration.
• Performed conversion of Palo Alto & Checkpoint VPN rules to the Cisco ASA solution.
• Involved in the configuration and maintenance of IPSec Site-Site VPN and Decommission.
• Reviewed changes to network configuration for technical accuracy and provide solutions to Multi-Protocol Network problems.
• Involved in designing and commissioning WAN infrastructure for redundancy in case of link failure. Responsible for technical evaluation, troubleshooting, overall project management, problem solving and turn-up of the service with the ISP.
• Created and designed network layout and documented network system design with detail information using Visio software. Vendor co-ordination for hardware issues and assessment management.
• Strong interpersonal, organizational communication, customer service & presentation skills.
• Performed professional level documentation using Visio diagrams.
• Performed on Palo Alto Firewall on network security software and hardware, security monitoring systems, encryption software, threat and vulnerability management services and software, identity management solutions and network objects on global group, clean up unused rules, decommission etc.
• Worked with Checkpoint Firewall (SPLAT/Gaia) for management (Smart Dashboard, Smart Monitor), Logging (Smart Log, Smart View Tracker) and PAN OS
• Implement Firewall rules on Checkpoint and ASA Firewalls
• Implemented Service Requests for Firewall changes daily and pushed the rules during the change window.
• Configured Site to Site IPsec VPN tunnel between data center and vendor
• Created Object-groups on firewalls to optimize the ACLs
• Vetted firewall modification form (FMF) before implementation on firewalls
• Worked on Secure Track Tufin to analyze existing access in Check Point and ASA firewalls
• Represented the team during change review meetings and updated network diagrams and all other applicable documents.
• Cleaned up unused firewall rules on the firewalls for better performance of firewalls
• Identified, designed and implemented flexible, responsive, and secure technology services
• Implemented the necessary changes such as adding, moving and changing as per the requirements of business lines in a data center environment
• Worked on Agile Project Management tools: Version one, and Jira.
• Performed the implementation and maintenance of network monitoring systems (HP Service Manager) and developed complex network technical design documentation and presentations using VISIO
• Performed and presented network analysis as a part of network migration.
• Managed, upgraded and maintained operational data flows and ArcSight platforms.
• Maintained and modified hardware and software components, content and documentation.

Confidential

Network Engineer

Responsibilities:

• Managing and supporting large scale MPLS & Frame relay on Cisco & Juniper environment for more than 5000 Retail sites, 100 Distribution centers, 100 offices and 3 datacenters.

• Troubleshooting issues related to Layer 1/2/3 skills like switching / routing, WAN /Hardware and critical network links by coordinating with the vendor.
• Managing and upgrading IOS image files and taking configuration back-up.
• Configuring Static, IGRP, EIGRP, RIP and OSPF Routing Protocols
• Experience working with Nexus 7010, 5020, 2148, 2248 switches.
• Experience configuring Virtual Device Context in Nexus 7k series switch.
• Design, and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls.
• Configured Site to Site IPsec VPN tunnels to peer with different clients and each of client having different specifications of Phase 1 and Phase 2 policies using Cisco ASA 5500 series firewalls.
• Used IPSec VPN tunneling to provide access to user machines and partners in another network. Provided application level redundancy and availability by deploying F5 load balancers LTM.
• Provide Tier III Level Load Balancer expertise on F5 BigIP Local Traffic Managers (LTM). Designing F5 solutions/support for migration work of applications and websites from Cisco CSS Load Balancers to the F5 BigIP Load Balancers.
• Configured VLAN Trunking 802.1Q, STP (802.1d), Port Security on Catalyst 6500 switches
• Created Visio Dean / Visio Documentation to give complete picture of network design for each building.
• Worked extensively in Configuring, Monitoring and Troubleshooting Check point security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls per design.
• Responsible for Checkpoint firewall management and operations across our global networks.
• Working with Checkpoint Support for resolving escalated issues.
• Planned and implemented network designs, including WAN, LAN, MPLS.
• Remediation of firewall rules from checkpoint firewalls to Cisco ASA firewalls and their implementation
• Configured and managed VLANs, 802.1Q Trunk, RPVST+, Inter-VLAN routing, HSRP and LAN security for Layer-2 and Layer-3 switching domains as per the organization's requirement plan. IP Allocationfor all applications and servers with high availability throughout the company.
• Participate in all technical aspects of LAN, WAN, VPN and security Internet Service projects including, short and long term planning, implementation, project management and operations support as required.
• Having Data Center Design Experience, installing and Configuring Network Devices in a Data Center including patching the cables in the Patch Panel. Design and implemented network
• Hands-on experience in the network management of circuits using TDM and Frame Relay network, performing configuration and provisioning management, fault management and performance monitoring
• Expertise in developing Complex Automated Script Framework, utility functions manually for HTTP(S) Protocol.
• Configuring Virtual Chassis for Juniper switches EX-4200, Firewalls SRX-210
• Deploying Layer 2 security in Server Farms by configuring switch for 802.1x port based authentication.
• Implemented, configured BGP WAN routing, converting OSPF routes to BGP (OSPF in local routing).
• Used load balancers ACE and load balancing technique with multiple components for efficient performance and to increase reliability through redundancy.
• Packet capturing, troubleshooting on network problems with Wireshark, identifying and fixing problems
• Performing network monitoring, providing analysis using various tools like Wireshark, Solarwinds etc.
• Implementation and configuration of F5 Big-IP LTM-6400 load balancers
• Learned Ruby on Rails, provided general office support including file, print, backup, network, email, web and phone services.

Environment: Cisco 2600/2800/3600/3800 Routers, Cisco 2950/3700/6500/7613 switches, RIP, OSPF, BGP, EIGRP, VLAN, MPLS, ASA 5500, F5 Load Balancer 6400, STP, RPVST, LAN, WAN and HSRP