SUMMARY:

• 8+ years of experience as a Network Security Engineer in operating mission critical infrastructure, troubleshooting and management of large - scale enterprise networks.
• Good knowledge of OSI Reference Model, TCP/IP, NAT, IDS, IPS, DNS.
• Strong understanding of TCP/IP, basic and advanced routing protocols (OSPF, BGP), and related Internet Protocols
• In depth knowledge of Multi-vendor platforms such as Cisco, Checkpoint, Fortinet, F5, Bluecoat (Web/Socks proxy), McAfee Web Gateway.
• LAN switching, Spanning-Tree and various Cisco IP routing protocols RIP, BGP, EIGRPand OSPF.
• Extensive knowledge of Checkpoint Firewalls, Cisco ASA firewalls and IPSec Tunneling within VPN environments
• In-depth knowledge and hands-on experience on IP Addressing, Sub netting, VLSM andARP, reverse & proxy ARP.
• Extensive work experience with Cisco Routers, Cisco Switches, Load Balancers, and Firewalls.
• Hands-on experience on F5 Load Balancers.
• Exposure to LAN/WAN setup, installation, configuration and troubleshooting
• Experience working with 3600, 3800, 3900, 7200, 7600 series Cisco Routers.
• Proficient in configuring Cisco Catalyst 1900, 2900, 2960, 3560, 3750, 4500, 4900, 6500, and 6800 series. Nexus 9396, 2248, 5548, and 7010 switches.
• Dealt with the configuration and troubleshooting issues related to Access Control Lists (ACL), NAT/PAT, and ASA/PIX Firewall.
• Installation, advanced configuration, and troubleshooting of Cisco and F5’s load balancing devices.
• Experience with the following technologies MPLS, Frame Relay, SSL VPN and WLAN and with juniper networks
• Implementation and Troubleshooting of WAN authentication protocols- PPP, CHAP and PAP.
• IP addressing and IP address scalability by configuring NAT/PAT.
• Implementing port based security by authenticating users with 802.1x switch port configuration and implementing VACL and port security for restricting local user access.
• Experience in addressing Cisco infrastructure issues, monitoring, debugging like routing, WAN outages,
• Network Hardware/Software failure, configuration and performance issues.
• Handled many project implementations, possess good analytical, interpersonal and
• Communication skills.
• Highly motivated with the ability to work independently or as an integral part of a team and Committed to highest levels of professional.

TECHNICAL SKILLS:

Networking Concepts: OSI Model, TCP/IP, IP addressing, Access lists

Operating Systems: DNS, DHCP, Windows (2000/2003, XP), UNIX, and LINUX.

Cisco Routers: 2500, 2600, 2800, 4500, 3550, 6500, 7500, 7200, GSR 12000 series

Protocols: ARP, FTP, ICMP, DNS, ICMP, DHCP, TCP, IP, UDP, TELNET, Frame Relay, NAT, SNMP, SMTP, FTP

Layer 3 Switching: CEF, MLS, Ether Channel

Firewalls: Cisco ASA firewalls, Checkpoint R77, R76, NGX R55, and R65.

Catalyst Switches: 7600, 6500, 4500, 3550, 2900

IP Routing Protocols: BGP, IBGP, EBGP, OSPF, EIGRP, RIPv1, RIPv2

Load Balancers: Cisco CSM, F5 Networks Big-IP (LTM, GTM, ASM), A10 Networks (AX2500)

LAN Switching: Fast and Gigabit Ethernet, VLAN, STP, PVST, VTP, ISL, HSRP, VRRP, LBP, 802.1q

WAN /Core: ATM, Frame Relay, PPP, HDLC

PROFESSIONAL EXPERIENCE:

Confidential, Tampa, FL

Sr. Network Security Engineer

Responsibilities:

• Worked on Multi-vendor platform with checkpoint, Fortinet and Cisco firewalls requesting net flow for security compliance, coding, and pushing firewall rules after approval and troubleshoot incidents as required.
• Involved in Network Designing, Routing, DNS, IP Subnetting, and TCP/IP protocol.
• Hands on experience with Catalyst 8540, 65xx, 60xx, 45xx, 35xx, 29xx, and 19xx series switches.
• Configure and maintain security policies on Fortinet firewall and manager/ FortiAnalyzer
• Good Understanding of Multiple Contexts in ASA firewalls and implemented different failover mechanisms among ASA firewalls
• Knowledge of Checkpoint Firewalls, Juniper, Blue coat proxies, Palo Alto firewalls.
• Working with F5 Load Balancers for LTM and GTM type load balancing between multiple centers.
• Troubleshoot and Worked with Security issues related to Cisco ASR 9K, Checkpoint, IDS/IPS and Juniper Netscreen firewalls.
• Configured and Administered Cisco ASA 5585 firewalls which includes setting up the different zones.
• Working knowledge on Cisco Catalyst switches with understanding of Native & IOS Catalyst software include configuration and troubleshooting of interfaces and protocols.
• Implemented VPLS and worked on Route Reflectors, Route Targets, LDP, L3VPN’s, VRF’s exclusively.
• Implement & maintain BIG-IP F5 virtualized LTM load balancer and AFM NAT/PAT.
• Configuring various advanced features on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, Executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Involved in the Team of Data Center Operations to perform duties like administration and monitoring of Cisco Routers and Switches according to the organization requirements.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Installing and configuring Checkpoint NG R55 and NGX R60.
• Deployed VPLS for DCI for spanning the Vlans across the datacenters to provide support for low latency and critical applications.
• Migrating existed Bluecoat Proxy infrastructure with McAfee Web Gateway using Parent/Child architecture across multiple Data Centers using F5's LTM load balancer
• Install and configure Bluecoat ProxySG in the network for web traffic management and policy configuration.
• Monitor the network traffic through Orion SolarWinds and Spectrum syslog server.
• Performed network administration tasks such as creation and management of VLANS, Port security, Trunking, STP, Inter-VLAN routing, and LAN security.
• Migrated the routing protocols from EIGRP domain to OSPF in order to maintain and support multi-vender capability.
• Worked on BGP and peering the CE with the AT&T and Century Link MPLS providers using Local preferences and AS Path attributes.
• Implemented VPLS and worked on Route Reflectors, Route Targets, LDP, L3VPN’s, VRF’s exclusively.
• Remedy Ticketing system, Change Management, Incident Management and solving the SR’s assigned to me.

Environment: Cisco ASA, BGP, VPLS, OSPF, EIGRP, QOS, VPM, SolarWinds, Nexus 9396, 7010, 5548, 5520, 2248, Cat 6880, VPC, VDC, VRF, VSS, Checkpoint, Fortinet, Bluecoat, F5, NGX R55 and R65,

Network Security Engineer

Responsibilities:

• Lab Implementation of multiple security contexts in ASA firewalls and Checkpoints configures redundancy (Active-Active failover and active-standby failover) among them.
• Worked extensively on Cisco Firewalls, Cisco PIX (506E, 515E, 525E) & ASA (5500, 5520, 5540) Series. Administered Cisco Catalyst 29xx, 19xx series switches.
• DMZ Network infrastructure knowledge including perimeter topology, security & firewall policy
• Experience with Security Information and Event Management Systems (SIEM) and log management systems.
• Setup and maintained Check Point security policies including NAT, VPN and Secure Remote access.
• DNS, DHCP & IPAM (DDI) protocols and security (Basic DNS and DHCP concepts, IPAM, IP addressing, VLANs).
• Responsible for configuration and administration of over 25 firewalls, which includes Checkpoint, Juniper, and Cisco ASA firewalls.
• Knowledge of solar winds network management system, VoIP technologies, QOS, WAN optimization technologies.
• Extensive experience in configuring and troubleshooting in-built Router; NAT/PAT Firewall, Load-balancer within the Juniper Service Delivery Gateway (SDG-MX- 960) including Layer 2; 3 & 4.
• Installed and Configured A10 (AX2500) load balancer as SLB for various application in back end.
• Implemented STP, VTP, and Port-channel and advanced technologies like VSS on the Cat 6500’s, OTV, and FCOE.
• Responsible of firewall management, with Checkpoint firewall.
• Installed and deployed the Controller based Aruba Wireless Access Point.
• Experience deploying F5 Load Balancers for load balancing and traffic management of business application. Design and Implement Remote access VPN server using Checkpoint NGX R60 and NG R55 & Cisco ASA.
• Installed Nexus 7010 core switches, Nexus 5548, and 2148 server access switches. Configured 7010’s with multiple distribution VDC’s running EIGRP for route propagation between them.
• Working on L3 protocols such as BGP, OSPF and EIGRP also includes static routing and route redistribution.
• Experienced in configuring/Troubleshooting routing protocols (EIGRP, OSPF, BGP, and RIP).
• Setup and maintained Check Point security policies including NAT, VPN and Secure Remote access.
• Configured Cisco Voice Security Gateways and implemented the zone based firewall services.
• Implement network security for remote access. Tasks include configuring site-to-site and clients-to-site VPN tunnels through multiple Cisco VPN concentrators and Checkpoint firewalls, and maintaining access policies for remote users.
• Performed route filtering and route manipulation by applying distribute-lists, route-maps & offset lists respectively.

Environment: Cisco ASA 5540,BIG-IP LTM 8900, QOS, STP, RSTP, PVSTP, VTP, HSRP BGP, OSPF, EIGRP, MPLS, ATM, PPP, and HDLC. SNMP, TACACS+, DNS, DHCP, and Basics of WLA.

LAN/WAN Engineer

Responsibilities:

• Experience in Networking, including hands-on experience in providing network support, installation and analysis for a broad range of LAN/WAN communication systems.
• Performing an analysis of source host and destination path by tracing it through the network router and switches as well as the firewalls it passes.
• Installed redundant Big IP F5 LTM and GTM load balancers to provide uninterrupted service to customers.
• Switches Replace branch hardware with new 2851 routers and 2960 switches.
• Experience working Juniper T-Series, M-Series, MX-Series, J-Series Routers.
• Designed WAN structure to prevent single point of failure in case of link failure.
• Maintenance and Troubleshooting of connectivity problems using PING, traceroute.
• Worked with Cisco Layer 3 switches 3560, 3750, 4500, 6500; Cisco Nexus 5000 and 7000 in multi VLAN environment with the use of inter-VLAN routing, 802.1Q trunk and ether channel.
• Involved in decommissioning of older Cisco equipment and replacing them with the Nexus platform. These include the Nexus 5000 and 7000 platforms
• Performed route filtering and route manipulation by applying distribute-lists, route-maps & offset lists respectively.
• Involved in design, implementation and configuration of HSRP for load balancing on L3 switches on different location of office on the switched network
• Gained hands on experience with VLSM, STP, VTP, VLAN Trunking.
• Provided support for troubleshooting and resolving Customer and user reported issues.
• Worked with Network Engineer’s in the installation and configuration of firewalls.
• Configured ACLs in Cisco 5540 ASA firewall for Internet Access requests for servers, Protocol Handling, Object Grouping and NAT.
• Implement network security for remote access. Tasks include configuring site to site and clients to site VPN tunnels through multiple Cisco VPN concentrators and Checkpoint firewalls, and maintaining access policies for remote users.
• Configured ASA 5540 to ensure high-end security on the network with ACLs and Firewall.
• Provided support for troubleshooting and resolving Customer and user reported issues.
• Worked with Network Engineers in the installation and configuration of firewalls.

Environment: Cisco ASA 5540,NEXUS 5000,7000, LTM, F5, GTM, VLSM, STP, VTP, VLAN Trunking, VLAN, HSRP, NAT, Firewall, Juniper T-Series, M-Series, MX-Series, J-Series Routers, 2851, 2960 switches

Network Engineer

Responsibilities:

• Performed network administration tasks such as creation and management of VLANS, Port security, Trunking, RPVST+, Inter-VLAN routing, and LAN security.
• Involved in Network Designing, Routing, DNS, IP Subnetting, TCP/IP protocol.
• Manage Cisco Routers and troubleshoot layer 1, layer 2 and layer 3 technologies for customer escalations.
• Worked with Routing Protocols of EIGRP and BGP.
• Worked with Cisco Catalyst 6500, 4500, 4900 switches and Cisco 2800, 3600, 3800, 7200 &7600 series Routers.
• IP Allocation& Maintenance for users and other needs throughout company.
• Switching related tasks included implementing VLANS, VTP, RSTP and Port security.
• Configured ASA 5520 to ensure high-end security on the network with ACLs and Firewall.
• Implemented redundancy for Routers, Switches and Firewalls.
• Configuration of Access List ACL (Std, Ext, Named) to allow users all over the company to access different applications and blocking others.
• Worked on commissioning and decommissioning of the MPLS circuits for various field offices& POPs.
• Deployed Nexus 2000, 5000 and 7000 series switches.
• Used Cisco ACE load balancer between the servers inside the network and in the DMZ.
• Designed and installed new Branch network systems. Resolved network issues, ran test scripts and prepared network documentation.
• Working on Cisco 6509 and 4507 series switches for LAN requirements,
• Implement VLAN’s and access lists (ACL) and troubleshoot IP addressing issues and Update IOS images and other hardware installations
• Possess excellent verbal and written communication skills and experience developing and maintaining technical procedure and documentation.

Environment: Cisco 6509, 4507, Nexus 2000,5000 and 7000, ACE load balancer, DMZ, VLANS, VTP, RSTP, ASA 5520, Routing Protocols of EIGRP and BGP, DNS, Routing, TCP/IP, Cisco Catalyst 6500, 4500, 4900 switches

Network Engineer

Responsibilities:

• Implemented VTP and trunking protocols (802.1q and ISL) on 3560, 3750 and 4500 series Cisco Catalyst switches.
• Upgrade Cisco 7200, 3600 Router IOS Software, backup Routers and Catalyst 3560, 4500 switch configurations.
• Assisted in troubleshooting LAN connectivity and hardware issues in the network of 100 hosts.
• Implemented ISL and 802.1Q for communicating through VTP.
• Working with Client teams to find out requirements for their Networks and Deploying the network infrastructure to meet the requirements.
• Providing technical consultancy for better application response using QOS.
• Installed and configured DHCP, DNS Server.
• Monitor performance of network and servers to identify potential problems and bottleneck.
• Performed RIP, OSPF, BGP EIGRP routing protocol administration.
• Configuration and Installation of Cisco Routers 2900 series, 3800 series, 3900 series, 7200 series, 7600 series.
• Configured, managed and designed IP routing using a combination of static routing and dynamic routing protocols like BGP, OSPF, EIGRP, etc.
• Maintenance and Installation of Cisco 2960, 2975, 3750-E, 4500, 6500 Series Catalyst Switches.
• Performed switching technology administration including VLANs, Inter-VLAN routing, Trunking, port aggregation in the LAN environment.
• Configuring and troubleshooting type of routing to route traffic flow per customer requirement as primary, backup/load balanced, and load splitting.
• Configuring and troubleshooting of Layer 3 routing protocols such as OSPF and BGP.
• Daily responsibilities included monitoring remote site using network management tools, assisted in design guidance for infrastructure upgrade & help LAN administrator with backbone connection and connectivity issues

Environment: Cisco 2960, 2975, 3750-E, 4500, 6500 Series Catalyst Switches, RIP, OSPF, BGP EIGRP, Cisco 7200, 3600, VTP, Cisco 2960, 2975, 3750-E, 4500, 6500

WAN Engineer

Responsibilities:

• Troubleshoot and configuring routing issues related to protocols like RIP, OSPF, BGP.
• Worked on installation, maintenance, and troubleshooting of LAN/WAN (ISDN, Frame relay, NAT, DHCP, TCP/IP)
• Configured STP for loop prevention and VTP for Inter-VLAN Routing.
• Responsible for managing and configuring Layer 2 and layer 3 devices for customer’s network.
• Performed maintenance and troubleshooting of connectivity problems using PING, and trace route.
• Settings of the networking devices (Cisco Router, switches) co-coordinating with the system/Network administrator during any major changes and implementation.
• Provided Technical support for improvement, upgradation, and expansion of the existing network architecture.
• Performed on-call support for installation and troubleshooting of the configuration issues.
• Configured RIP and EIGRP on 2600, 2900 and 3600 series Cisco routers
• Created VLAN and Inter - VLAN routing with Multilayer Switching. Manage installations, configuration and administration of Cisco equipment in IT architecture of organization.
• Develop, plan and maintain documentation necessary for operation in support of LAN to WAN connectivity
• Involved in all technical aspects of LAN and WAN projects including, short and long term planning, implementation, project management and operations support as required

Environment: RIP, EIGRP, Cisco 2600, 2900 and 3600 routers, LAN/WAN, NAT, DHCP, VLAN, STP, OSPF, BGP