SUMMARY:

• 2XCCIE(R&S|SP), CCNP, CCNA, 3XJNCIP(Ent|Sec|SP), 3XJNCIS (Ent|Sec|SP), JNCIA - Junos, PCNSE7, VCP6-NV, 2XVCA (DCV|WM), SCP, ITIL, CCDE - Candidate.
• Seasoned Sr. Network Engineer/Architect with 16 + years of experience in Cisco, Juniper, Windows, Sun Solaris, VMware, UNIX, and Linux LAN /WAN/VPN Environments.
• In-depth expertise in designing, implementing, analysis, optimization, troubleshooting and documentations of LAN and WAN network systems.
• Great work ethic, interpersonal skills, and critical thinking and problem-solving skills .

TECHNICAL SKILLS:

Operating Systems: Windows Server 2000/2003/2008/2012, Windows 95/98/XP/Vista/7/10, Linux (Red Hat, Fedora, Suse, Centos), Sun Solaris 8.0/9.0/10, UNIX (SCO - UNIX), Cisco - IOS, IOS-XE, IOS-XR, NX - OS, Juniper - Netscreen, Junos

Hardware: Cisco 7606,6509, 5509, 4000, XR12000, ASR9k, N7K, N5K, N2K,3662, 3640, 3725,3550,3560,2811, 3550, 3560, 2950, 2960,2511,1841, ME3400E, ASA 5510, PIX-525 firewall, Juniper ns-5400, M7i, M10i, MX-80, J6350, SSG550M, SSG320M, SRX 5600, SRX 5400, SRX 550, SRX 210, SRX 220-H, SA 5600, EX 4200, EX 2200 Adtran -> 5305 router, Fortinet -> FortiGate 100E series

SONICWALL: firewall 3-4 years of experience, worked on the migration of Sonic Firewall configuration to Juniper SSG 320M (which includes firewall policy set up, site -to-site VPN access using IPSec tunnel, routing configuration and remote access for telecommuting users.)

Huawei: Eudemon firewall (E200), S8505, S3026G*24, S3952P, AR46-20

PaloAlto: PA-200 3-4 years of experience with Palo Alto firewall which involves creating security firewall policy, routing configuration, virtual-router set up (in multi - VRF environment), NAT, LDAP authentication, App-ID, …

HP: Procurve switches F5 -> BIG-IP-3900

Networking: BGP, MP-BGP, OSPF, ISIS, RIPv2, IGRP, EIGRP, MPLS, MPLS-TE, HDLC, PPP, Frame-relay, MLFR, HSRP, GLBP, VRRP, NSRP, JSRP, ISDN, IPSEC, L2TP, VPLS, Inter-AS VPNV4/V6, Intra-AS VPNV4/V6, GRE, FTP, TFTP, NAT, PAT, SSL-VPN, DMVPN, DHCP, DNS, vPC, EVPC, TCP/IP, Active Directory, VOIP (SIP), QOS, Multicast, IPV6, F5-LTM, OC-12, OC-3, DS3, T1, …

Tools: Cisco CSM (Version 4.8.0), MS Office, Visio, HP Open View, Cisco Works, Cisco SDM, Juniper NSM, Juniper Junos-Space, Fortinet tools - FortiManager, FortiAnalyzer, EM7, Scrutinizer - Plixer, ZenOS, WhatsUp Gold, MRTG, Cacti, Wireshark, OpenVAS, Nessus, Snort (Open source IDS), Cain & Abel, UNL, GNS3.

F5: Configuring and troubleshooting LTM using BIG IP 3900

Scripting: Python

Certifications on the radar: AWS Certified Solutions Architect, Brocade Certified Vrouter Professional (BCVRP), RHCSA

PROFESSIONAL EXPERIENCE:

Engineering Lead

Confidential, Silver Spring, MD

Responsibilities:

• I have been with Confidential - Confidential as Engineering Lead, Principal / Senior Network Engineer (with different contracting companies) starting from 2010 doing network architecture/design, implementation, troubleshooting, documentation and managing Tier 2/3 engineers in addition to the below mentioned responsibilities.

Senior Network Engineer

Confidential, Silver Spring, MD

Responsibilities:

• Successfully completed various diversified projects in the Confidential OPSnet network.
• Participate and provide input related to high-level network design which involves Cisco and Juniper devices.
• Provide Tier - 4 level support which involves troubleshoot, diagnose and resolve outages & other issues with OPSnet primary and backup circuits which also includes Very Small Aperture Terminal (VSAT)
• Leading the implementation of the OPSnet ATP (Alternate Transport Path) project.
• Strong experience as Firewall engineer (creating multiple Firewall rules, routing configurations and troubleshooting) with Palto Alto Network firewall, Juniper SSG & SRX firewalls and Cisco ASA devices.
• Provide 24 x 7 on-call Tier 2 and 3 support for OPSnet.
• Handle multiple tasks in both individual and team assignment
• Identify root causes for technical issues and provide recommendations for improvement
• Performed all the job descriptions / activities mentioned below (as my current responsibility is the same as when I was with Confidential Engineering).

Principal Network Engineer

Confidential, Silver Spring, MD

Responsibilities:

• Design and deploy LANs, WANs, and wireless networks, including Cisco 7606, Juniper NS-5400, SSG550M/SSG550, MX-80, SSG20, SRX5600, SRX210, SRX550, J6350, M Series (M10, M7i), Cisco routers, switches, and other hardware.
• Configure and troubleshoot different routing protocols (BGP, OSPF…) in an environment which consists of several virtual routers (VRs) or VRFs (in Cisco’s terminology) in a layer 3 MPLS VPN.
• Provide network traffic engineering.
• Conduct research on network products, services, protocols, and standards to keep abreast with new network technologies and products.
• Interact and negotiate with vendors, outsourcers, and contractors to secure network products and services.
• Handle multiple routing configurations and firewall policy set up in an environment where there are more than 300 devices and multiple redundancy solutions (both terrestrial and VSAT link and first hop redundancy protocols like HSRP & NSRP), SRX chassis cluster…
• Monitor network performance and troubleshoot problem areas as needed.
• Practice network asset management, including maintenance of network component inventory and related documentation and technical specifications information.
• Ensure network connectivity of all servers, workstations, telephony equipment, fax machines, and other network appliances.
• Perform server and security audits, and system backups and recovery.
• Create and maintain documentation as it relates to network configuration, network mapping, processes, and service records.
• Manage and/or provide guidance to Tier II & junior members of the team.
• Handling multiple projects as assigned by my supervisor.

Senior Network Engineer

Confidential, Sterling, VA

Responsibilities:

• Design and execute network expansion and upgrade plan
• Configuration and maintenance of VPN access both site-to-site and remote VPN for telecommuter users, firewall rule sets and creation of remote-VPN users using Juniper SSG 320M NetScreen OS firewall.
• Configuring and troubleshooting Fortigate firewalls which includes clustering, filtering (based on URL, applications,), LDAP authentication using Active Directory, site-to-site & remote VPNs…using Fortinet tools (FortiManager & FortiAnalyzer).
• Monitoring of security logs, server messages and IP traffic usage to ensure optimal network performance.
• Configuration and maintenance of the Intrusion Detection system for the IP network Maintenance of all Linux and Microsoft servers in the network
• Installed and Configured ZenOSS - network monitoring tool, OpenVAS - Open Vulnerability Assessment Scanner.
• Configuration and maintenance of all network hardware
• Plan, manage and implement a new data IP network to seamlessly support VIP’s transition to new HQ building and ongoing networking requirements.
• Plan, manage and implement a new data and voice IP network to seamlessly support VIP’s transition to a new HQ facility
• Plan, implement and manage the integration of the network and IT services between VIP’s new HQ building and the managed facility.
• Train and manage a junior network engineer

ICT System Administration Unit Manager

Confidential

Responsibilities:

• Configured, maintained, and monitored both layer 2 and layer 3 network devices (Cisco catalyst 2924XL, 2950, 5509, 6509) ( PIX 515 firewall, Cisco 2960) and Huawei Datacom products (AR46 router, E200 firewall, S8505 layer 3 switch, S3026G*24)
• Supported intelligent Layer 2 functions such as VLANs, fast convergent spanning tree, traffic storm control and pruning to prevent flooding.
• Configured and monitored dial-in access using Cisco 3662 modular high density Access Router with 32 modem pools to provide dial-in services to telecommuter and remote users.
• Installed, configured, and managed several Intel and Spark based servers with various operating systems (Solaris 8.0/9.0/10, Windows 2000/2003, Red Hat Linux, Fedora, Suse, Centos).
• Installed, Configured and monitored Proxy server (configured with squid 2.5 stable 7.0), Mail server (configured with iPlanet Netscape Messaging Server 4.0), DNS server (Windows DNS and Bind 9.0), Sunray thin client server
• Installed, configure and monitored Windows 2000/2003 Active Directory, DNS, DHCP, Web and FTP server on more than 26 servers and 6000 clients in its multiple campuses.
• Managed all Tech Supports and system administrators in more than 15 branches.

Senior System Administrator

Confidential

Responsibilities:

• Managed company LAN which include all Servers, network printers, workstation nodes, backup solution, antivirus support, and all others area of computer technology.
• Designed, deployed, installed, configured, and monitored Confidential Antivirus Corporate Edition 9.0/10 on 5 servers and more than 350 clients.
• Configured and supported multiple remote site installations.
• Performed network documentation and created disaster recovery plan.

ICT Instructor & System Administrator

Confidential

Responsibilities:

• Responsible for administration of network comprised of 275 workstations, help desk, hardware inventory, software inventory, network mapping, equipment and software purchasing
• Designed, implemented, managed, and maintained LAN solutions for Confidential
• Trained students how to use MS-Office 2000 suite, Windows (such as 2000 & XP), Internet, and e-mail functions for classes ranging in enrollment from 10 to 15 students.
• Prepared training manual and curriculum for students as well as paper test.