SUMMARY:

• Sr. Network Engineer with over 11 years of experience in designing, implementing and maintaining Provider / SaaS, IaaS Enterprise data, ADC, Security and networks.
• Extensive level expertise in DATA Center Switching, Routing, Security and WAN technologies along with Cloud Technologies, Migration, Consolidation & Disaster recovery and prevention.
• Subject matter expert in Application Loadbalancing, Application/Web Security and Global Loadbalancing and Acceleration.
• Installing, configuring, operating and troubleshooting complex routed LAN, routed WAN, and switched LAN networks and secure remote access in a highly complex network environment.
• Subject matter expert and Hands on expertise in Migration / Configuration of Cisco Nexus / Catalyst Switches and ASR routers.
• Good technical knowledge of operational and functionality of Virtualization, Storage and Storage Networking.
• Documented project plan using MS Project, Word, Excel and Visio for higher level of network diagrams.
• Excellent Team coordination skills and very good team player & excellent communicative, interpersonal skill.

TECHNICAL SKILLS:

Routers: Cisco CSR, ASR 9000 / 1000 series 28XX, 29XX, 39XX, 72XX

Switches: Cisco Nexus 9000, 7000, 6000, 5500, Catalyst 65xx and Fabric Extenders 2200 series.

Routing: BGP, ISIS, OSPF, EIGRP & MPLS, Traffic Engineering, PBR, Route Filtering, Redistribution, Summarization, Static Routing.

Switching: L2 and L3, VDC, VSS, vPC, FabricPath and FCOE

LAN / WAN: 100, 40, 10 and Gbit Ethernet.

Security / Firewalls: Cisco ASA / FirePOWER 9300 / ASA 5500 and 5500x. Checkpoint Provider1, 4000,4800, 12000 - 61000 Series.

WLAN: Cisco Aironet 1100-1500 Wireless Access Points, WLC 4400, 5500, 7500 Aruba 3000 - 7200 Series Mobility Controllers, ClearPass Access Management system.

Network Monitoring: CA Spectrum Infrastructure Manager, E Health, NetQos, OPNET, NetScout and Fluke ClearSight, Cisco Nectus and Riverbed Shark.

Content Switching: F5 Viprion Series, LTM/GTM/ASM/APM, Cisco ACE and Citrix Netscaler Application Load balancing, Global Server load balancing and content switching. Citrix MAS, F5 BigIQ Management platforms.

Various Features & Services: IOS and NX-OS Features, VLAN, STP, VTP, HSRP, VRRP, GLBP, NAT, SNMP, SYSLOG, NTP, DHCP, DNS, NetFlow.

WAN Acceleration: Riverbed (Stealhead) 5050H, 5055, 5060H, 7050, 7055 CMC and Clients

SDN: Cisco Confidential

Languages: Python

PROFESSIONAL EXPERIENCE:

Confidential

Network Architect

• Working on a Eastern Time Zone shift from Level IV Network and Security Operational functionalities, Customer Escalation’s, New Deployments and troubleshooting of Cloud Service Provider Cisco’s Webex Data Centers across the Globe including 10G/100G Data Center-Interconnect, Citrix Netscaler and Cisco ACE Load balancing, Cisco 7K, 5K, 2K, ASR 9K, 1K routers, Cisco ASA8500x.
• Engage higher-level customer Escalation’s, review related tickets and hand off calls for different shifts and teams.
• Actively Participate Fedramp and PCI Audit from network Security perspective with conducting Firewall, Network Security audit and remediation.
• Working on Network Automation Project using on Cisco NSO to introduce and minimize Provisioning downtime and increase the accuracy of highly critical security deployments.
• Actively working on with Radware team on Radware DefencePro Solution to go in Live Oct 01st 2017 to protect Cisco Webex infrastructure from DDOS attacks and other application layer attacks.
• Projects Delivered
• New Cisco Webex Multi Media Pool Deployment: Scope of this project is to implement New Multimedia Pools across the Globe to Support future customer onboarding’s. GSLB / Server loadbalancing with Citrix NetScaler Load balancers, Cisco ASA Firewalls with highly secured, efficient multimedia platform designed for the Future.
• Cisco Confidential deployment to Run Webex Beta platform internally and Integrated Citrix Netscaler and Cisco ASA Firepower to validate Performance and scalability.
• Design and Implement Cisco Network Programmability for Confidential

Confidential

Network Engineer III

• Managing / Administering highly classified Active - Active tier 1 Data Center’s with Operation, Implementation, troubleshoot Cisco, Riverbed, F5 - LTM, GTM, ASM, Enterprise Manager, Virtual-Connect, H3C IRF and HP’s Converged infrastructure platforms.
• Engage Customer support with support request VIP Customers from Financial and Federal Government.
• Successfully delivered Provider class PCI / FISMA audit driven result passed the multi segmented Audit.
• Re-designed and converted Global wireless Network using Aruba Wireless and ClearPass 6.2 with 802.1x Authentication, Developed PKI Infrastructure and delivered Innovative solution with highly secured and compliant with PCI and Federal Compliance.
• Re-Architected and migrating existing IPSEC VPN solution to advanced AnyConnect VPN Solution that required PCI / FISMA compliance and Certificate / Radius (2 Factor Auth) Authentication.
• Redesigned and Piloted 802.1x over the VPN solution to Provide Additional Data Security for who has access to the Sensitive and Proprietary Data Using Cisco and Aruba.
• Deployed Cisco Nexus 6K’s for 3 x Cloud Expansion project’s with 10G / 40G featured with vPC, Back-to-Back vPC
• Managing Application and WEB Security Policies on F5 and Firewalls / Certificate Pools and Notify any suspicious events to Security Operations team.
• Analyze Performance / Suggest improvements to the Applications / DB / WEB teams
• Providing Reports and Logs to the Management / Security and Applications teams to their queries generated from F5 Enterprise Manager using LogIQ related to ASM, APM, GTM and LTM.
• Capacity planning and Provision F5 Viprion vCMP Instances and Standalone F5’s according to the Engineering Design.
• Responsible for replicate Customer / Partner S1/S2 issues in Lab environment and recommend suggestion to the Management team and Customers
• Developed complex iRules for Fortune 5 Customer integration to match and avoid duplicate transactions being processed.
• Managing Checkpoint and Cisco ASA Firewalls / Policies and Rules, adding / modifying and validating rules against the Security and Compliance Policies (PCI DDS and FISMA)

Confidential

Network Engineer

• Supporting Advanced Data Center Customers with Design, Implementing, troubleshoot and converting their infrastructure from Cisco Catalyst, Nexus and HP Procurve, to a fully redundant multi-vendor platforms using Riverbed, F5 - LTM, GTM, ASM, APM, Link Controller, Enterprise Manager and F5 Viprion 2200, 2400, 4800, HP FlexFabric, Virtual-Connect, H3C IRF and TRILL with HP’s Converged infrastructure.
• Engage Global Mission Critical support request from higher level Data Center Customers with design, advanced support and troubleshoot complex issues related to F5 Load balancing, Riverbed WAN Acceleration, Data Center Switching (HP, Cisco, H3C), routing, SDN (Software Defined Networks) and replicating Customer issues in Lab environment.
• Support and collaborate with Support and Engineering teams with Multi-Platform troubleshooting for VI customers Primarily focused on Data Center Switching / Application Load Balancing / Application Security and WAN Acceleration.
• Engage HP IT / Customers with Advanced F5 configuration’s ASM / Viprion and GTM
• Add / modify / remove ASM Firewall Rules/Policies
• Add / modify / remove ASM IP Intelligence (Black Listing/White Listing Feed List)
• Managing HTTP Security Policies / Certificate Pools and Notify any suspicious events to Security Operations team
• Analyze Performance / Suggest improvements to the Applications / DB / WEB teams
• Providing Reports and Logs to the Management / Security and Applications teams to their queries generated from F5 Enterprise Manager using LogIQ related to ASM / GTM and LTM.
• Capacity planning and Provision F5 Viprion vCMP Instances and Standalone F5’s according to the Engineering Design.
• Responsible for replicate Customer / Partner S1/S2 issues in Lab environment and recommend suggestion to the Management team and Customers.

Confidential

Sr. Network Engineer

• Responsible for Designing, Implementing and Managing Global DATA, Application Services, Voice and Data Center Infrastructure and Disaster Recovery and Planning.
• Migrated F5 6400 (BIG-IP v9) over to 3900 and F5 Viprion (BIG-IP LTM v11) due to identified performance issues.
• Designed and build new GTM / LTM / ASM with Reverse-Proxy, SSL termination on F5 and Route-Domains for PCI Segment to meet Security Controls.
• Upgraded Nexus 7K’s with SUP2s / F2 Line Cards for on-boarding Oracle XADATA.
• Completed migration of the Cisco 6509 Switches to Cisco Nexus 7010/5596 and 6509E chassis (DMZ/CORE/ Corp HQ).
• Redesigned Global Wireless infrastructure using WLC Cisco 5508 with new multiple authentication scenarios for Corporate / Mobile and Guest users world-wide.
• Implemented Cisco Prime Infrastructure 1.3 for Monitoring and Management of end-to-end WLAN environment.

Confidential, GA

Technical Analyst

• Data Center Network Refreshed with Nexus 7K, 5500 and Fabric Extenders. Replaced Cisco Cat 6509’s with Nexus 7009 Cluster according to the higher-level design to meet high availability and performance requirements.
• F5 LTM BIG IP Load balancers solution with Viprion 2400 designed and implemented to replace Cisco CSM modules for Internal Apps.
• Implemented new Cisco 5555x Firewalls in a Test environment final goal replacing existing ASA5520 firewalls.
• Re-engineered network topology and traffic flow to meet current business performance and applications availability requirements.
• Redesigned and replaced Cisco CSM’s for Internal business Application’s load balancing with F5 BIG IP LTM.
• Redesigned and replaced CSS with Cisco ACE 4710 for Internet applications (HTTP&HTTPS).
• Implemented New IPSEC VPN Network for 03 x new Chinese sites with using Cisco ASA and ASA X Platform
• Attending Trouble tickets escalating to Tier-3 with Global Data / Voice/Security Network Infrastructure
• Cisco Call Manager and Call Manager Express Installation and Upgrading, Collaboration with Video / Smart Technology
• Upgraded MPLS WAN with High Availability, QOS, BGP load Sharing and Optimization
• Managing WAN acceleration (Riverbed) and Performance monitoring over the MPLS Cloud
• Responsible for providing Network diagram & document’s and Implementation Scopes, Lab scenarios and higher level design’s using Visio, Excel and Word
• Conducted daily support with Administration functions and Monitoring and documentation
• Responsible for the Making Lab Scenarios and integrate with Live data/security/VOIP networks.

Confidential

Network and Communication Engineer

• Ensure network, system, Applications availability and integrity through preventative maintenance and upgrade.
• Designed and deployed F5 Load balancers for Production environment to achieve Application availability and Persistence.
• Responsible for research, acquisition, and configuration of all new network and server hardware.
• Deployed and administered Juniper SRX/SSG/NSM and IDP Security Infrastructure.
• Designed and Deployed Optical Wireless Network and Cisco Wireless Network with 1520 AP’s and 2100/2500 LAN Controllers.
• Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches, fixes, and all around technical support.
• Configure HSRP (for load balancing data traffic) and VLAN Trunking 802.1Q, STP, RPVST+ Port Security on Catalyst 6500 switches.
• Design and manage Cisco VoIP infrastructure for a large enterprise and multi-unit office environment; met aggressive schedule to ensure a Multi-office reconfiguration project was successfully delivered.
• Deploy Publisher & Subscriber Cisco Unified Communication Manager along with Analog Voice Gateways (VG 224/248) & PSTN Voice Gateway routers.
• Install and maintain routers and switches in various network configurations supported VLANs, Qos, VoIP, and advanced access-lists and Static-routes.
• Implemented Riverbed 1000 WAN optimization Solutions across the WAN.
• Installed, Configured and Optimized 25 New IBM System X servers with MS 2008 / SQL 2008 / IIS.
• Deployed and configured IBM Blade Center with Cisco 3100G Series Blade Switch Modules for web & VOD services.
• Administrated CA Spectrum Infrastructure Manager and IP Switch Network Management.
• Deployed Disaster Recovery Plan, Reliability improvement process and Administrative Functions.
• Configure and Implement Site-to-Site VPN, Remote VPN and SSL VPN for branch office access.
• Responsible for providing Network diagram & document for all locations using Visio, Excel and Word.

Confidential, Colombo

Systems Administrator

• Responsible for implementation of MPLS based VPN in District offices and maintenance
• Installed and configured Juniper SSG 520 Firewall’s and optimized Information security parameters
• Installed and administrated MS 2003 based Active Directory with multi - site environment
• Conducted daily support for Data Center network involving firewall, switches, routers, and Windows/Unix systems.
• Maintained & prepared Network drawings of all major Data Centers & operational sites and did the TAC follow-up.

Confidential

IT Executive

• Designed, deployed and tested Fiber network for Video/Audio file sharing
• Coordinated of Implementation sophisticated Wireless Network for Video distribution among the Studios,
• Pre-Productions, News Room and Television Main Control Room located four different geographical locations.
• Installed, administrated MS 2000/2003 based Active directory with multi domain, multi locations and MS Exchange server
• Deployed Fortigate Firewall with UTM features and tune up the Infrastructure Security with DMZ, Trusted and Untrusted Zones