SUMMARY:

• Over 9+ years of experience in the design, implementation, support, and maintain 24x7 network services serving as one of the highest levels of escalation for network and security issues. Make ongoing recommendations of network policies and standards., troubleshooting and documentation of LAN/WAN networking systems in Branch, telecommunication and Data Center environments
• Proficient with network hardware and technologies including routers, switches, firewalls, Ethernet, Fast Ethernet, Gigabit Ethernet.
• In depth expertise in routing protocols (BGP, OSPF, EIGRP, RIPv1&2), Switching architecture and protocols (VLAN’s, Trunking and Spanning Tree)
• Hands - on experience in configuring Cisco routers/ Switches to perform functions at the Access, Distribution, and Core layers.
• Installation, configuration and maintenance of Checkpoint, Cisco, Palo Alto, Juniper, Fortinet Firewalls.
• Working experience in wireless environment like cisco ASR and CSR system.
• Solving issues in intra wireless n/w like dealing with access controllers and access points.
• Excellent working knowledge of TCP/IP protocol suite and OSI layers.
• Experience with Firewall Administration, Rule Analysis, Rule Modification.
• Implemented traffic filters using Standard, Extended and Named access-lists.
• Experience in configuring and troubleshooting IPSEC site to site VPN solutions.
• Working experience with Datacenter Switches such as Nexus 2K, 5K and 7K.
• Solid understanding of GSM, UMTS & LTE Network architecture, Call flow and Traffic Engineering
• Working knowledge of transport connectivity such as T1, CAT5&6 Ethernet, DS1, DS3, Fiber, OC3 and OC12, OC48
• Hands on experience on Checkpoint UTM and NGX series Firewall and Application URL filtering, and strong understanding knowledge on PALO ALTO Product firewall.
• Having proposals of change the environment form NX-OS to Application Centric Infrastructure (ACI) in Data center, implemented in the lab environment.
• Responsible for Checkpoint and Cisco ASA firewall administration across our global networks.
• Experience in Tier- 2 support, BMC Remedy tool, NMS ticketing system, network troubleshooting, handling escalation, and Root cause analysis (RCA) and SLA's.
• Hands on experience on Meraki SD-WAN wireless devices MX65, MX84, MX100 series.
• Hands on experience with ACI (Application Centric Infrastructure) with spine and leaf architecture.
• Understanding of latest security trends, vulnerability assessment techniques and attacks like DOS and Man in the middle attack.
• Used Cisco ACI (Application Centric Infrastructure) SDN architecture to reduce operating costs, automate IT tasks, for greater scalability and visibility in a data center environment.
• Install and configure Bluecoat ProxySG in the network for web traffic management and Policy configuration
• Knowledge of implementing and troubleshooting complex layer 2 technologies such as VLAN, Trunks, VTP, Ether channel, STP, RSTP and MST
• Proficiency in configuration of VLAN setup on various Cisco Routers and Switches
• Implementation of HSRP, VRRP and GLBP for Default Gateway Redundancy
• Efficient at use of Microsoft VISIO/Office as technical documentation and presentation tools
• Implemented security policies using ACL, Firewall, IPSEC, SSL, VPN, AAA (TACACS and LDAP)
• Proven ability in problem-solving, decision analysis, prioritizing work flow, multitasking and team collaboration and Demonstrated leaderships skills and have ability to lead team if necessary
• Team player with excellent verbal and communication skills with ability to lead varied team sizes and capable of working with minimum supervision.
• Design WAN solution using the AutoVPN technology with Cisco Meraki MX security appliances including DC to DC failover and SD-WAN capabilities.
• Primary responsibilities include daily support of Palo Alto Firewalls. Cisco ISE, Cisco Fire SIGHT/FirePOWER , Client VPN and Multi-Factor Authentication, and IP space administration.
• Experienced in developing Web Services with Python programming language.
• Strong hands on experience on PIX, Firewalls, and ASA Firewalls. Implemented Security Policies using ACL, Firewall, IPSEC, SSL, VPN, IPS/IDS, AAA (TACACS+ &RADIUS).
• Expertise in VOIP protocols like H.323, MGCP, SIP, and SCCP.
• Experienced with Python frameworks like Webapp2 and Flask
• Good Knowledge of Python and Python Web Framework Django
• Working Knowledge with monitoring tools like Solar Winds and Network packet capture tools like Wire-shark.
• Strong understand of Security Devices (Firewalls, Load Balancers, Proxy Servers, and IDS Sensors)
• Strong analytical skills, including knowledge and relevant experience in network management tools.
• Experience in implementation, support and troubleshooting of VLAN's including operational knowledge of spanning tree protocol (STP), VLAN Trunking, inter VLAN routing and ISL/802.1q.
• Provided availability and on-call support as required by the projects.
• Experience of communicating with customers, solving complex problems in a timely productive manner.

TECHNICAL SKILLS:

Routers: Cisco 2600, 2800, 3600, 4400, 7200, 7609 Series,7600, Cisco CSR, ASR1k, ASR 9k, ISR4k, ISRG2.

Switches: Cisco 2900, 3500, 3700, 5000, 6500 Catalyst Series, Cisco 7000, 5000, 2000, Switches 9K series

Firewall: Checkpoint R65/R70/R75/R77/Provider-1 firewall, Palo Alto, Cisco PIX 500 series, Cisco ASA, IDS CISCO IDS 4520 Juniper, Imperva SharePoint 2010, Imperva WAF, FortiGate

Load Balancer: F5-Big-Ip, LTM, Ax10

Communication Protocols: TCP/IP, UDP, DHCP, DNS, ICMP, SNMP, ARP, RARP

Routing Protocols: BGP, ISIS, OSPF, EIGRP, VRRP, HSRP, GLBP, RIP2, Infoblox

Switching Protocols: STP, RSTP, PVSTP, VTP, ARP, VLAN

IP Services: DHCP, NAT, VLAN, DNS, FTP, TFTP, LAN/WAN

WAN Technologies: ATM, ISDN, PPP, MPLS, ATT, 802.11, 802.11a, 802.11b, APLUS

Network Technologies: IPsec, GRE, NAT/PAT, ACL, IPv4, IPv6

Network tools: Wireshark, Cisco Anyconnect, AirWatch

Software: Sniffer Pro, Microsoft FIM, MS Lync, MS Exchange, Trunking and STP

Operating Systems: Windows XP/7/8, Linux

Riverbed, ASP 9K:

Scripting languages: C#, Perl, Python, PowerShell, TCL, Bash

PROFESSIONAL EXPERIENCE:

Confidential, San Jose, CA

Sr. Network Engineer

Responsibilities:

• Managed multiple large-scale projects in a fast-paced environment and provided leadership to other members of the team for the 58 branches of Confidential across United States and 1 branch in India. Quickly turned business problems into technical solutions. Managed configurations and the deployment of equipment in compliance with established technology policies. Recommended technical solutions that will enhance performance, increase redundancy, and add flexibility to the existing infrastructure. Troubleshoot network outages and report of network performance issues. Maintain system and network availability and monitoring of services. Participated in rotating 'on-call' schedule with engineering team.
• Maintained the appropriate relationships with 3rd party vendors and evaluate vendor hardware, software, and communications products and to provide recommendations for purchases with ourcorporateobjectivesinmind. Performed capacity planning in various scenarios. (Single/Redundant Circuits, Load Balancing, Aggregation, etc.)
• Performed Office move for san Jose branch.
• Having experience in Cisco Security Solutions; Cisco ASA, Cisco ISE, FirePOWER services (or Sourcefire), AMP for endpoints, and related security tools.
• Installed, Configured new Waps for the entire office in Aerohive manager.
• Updated QoS and DHCP scripts on the switches of the various branches of Confidential as the UCaaS project went live in production.
• Installed Operating System and configured kernel parameters for Linux /Unix servers.
• Updated the Network Diagrams in VISIO.
• Experience with Aruba/Ruckus Wireless Controllers , Access Points and IAP. Aruba ClearPass (TACACS/AAA), Fortinet Forti manager, Aruba Airwave , Aruba Glass , and Backbox (Backup Network Devices)
• Designed and implemented a POC of Cisco ISE vs Aruba ClearPass NAC solution for the corporate network wired. Aruba Networks Wireless (AP225, AP335, WAC 7210, 7240, 3400, 3600).
• Played a key role working with various teams for deploying Aruba ClearPass Policy Manager (CPPM)
• Implement Aruba Wireless infrastructure using Aruba controllers & Access Points.
• Configured Aruba access points troubleshoot connectivity issues with Aruba access points Surveyed, designed and implemented wireless network infrastructure solutions for both indoor and outdoor environments for multiple clients in several distinct markets.
• Worked on various security tools like Aruba Activate , Aruba Activate, Bluecoat, Websense, Source fire, EM7, CADA authentication etc.
• Hands-on experience in some of or all following areas: HSRP, QoS, DMVPN, SSL VPN/IPSec VPN, Wireless technologies, DHCP management, Firewall skills and MPLS services framework, SD-WAN (IWAN, Viptela, Silver Peak, Riverbed) implementation and migration experience.
• Rewrite existing Python/Django modules to convey certain format of data.
• Worked on Aruba Activate and Aruba Airwave for whitelisting and blacklisting the Aruba devices for the users.
• Managed Qradar offenses and monitor logs. Scan email links and attachments in Fire Eye to determine if they're malicious.
• Triage Qradar offense based on severity and type of the offense.
• Create/modify Qradar rules to reduce false positives.
• Integrating Duo authentication to replace crypto card.
• Providing crypto tokens for new users.
• Creating and manage Duo accounts.
• Involved in troubleshooting network traffic and its diagnosis using tools like ping, traceroute, Wireshark, TCP dump, and Linux operating system servers.
• Hardware experience includes Ubiquiti, Meraki, Cisco, HP Aruba, and Ruckus wireless systems.
• Installed Linux OS and configured required network on the virtual machines.
• Maintaining Exabeam, making sure it's up to date and resolve any issues with the tool.
• Improving process flow of Qradar offenses.
• Making sure Qradar is working normally during business hours.
• Administrator for SIEM Tool IBM Qradar & Monitoring.
• Searching and Reporting, Dashboards, Graphs, Search strings, use cases, Log Delivery/management/correlation, etc. using SIEM tool Qradar.
• Design WAN solution using the AutoVPN technology with Cisco Meraki MX security appliances including DC to DC failover and SD-WAN capabilities.
• Created script in Python for automatizing logs.
• Good hands on experience with Linux, Bash scripting, python, and pearl scripting. Ran scripts on VM machines for configuring Fortigate devices remotely.
• Hardware experience includes Ubiquiti, Meraki, Cisco, HP Aruba, and Ruckus wireless systems .
• Responsible for implementation/installation of LAN/WAN/SAN , Aruba Switches, Aruba Wireless AP's and Aruba Virtual Controllers.
• Performed wireless site surveys using industry standard tools such as Air Magnet and Cisco & Aruba Switches Managed and completed over 100 projects installing/upgrading client's wireless infrastructure to Aruba.
• Worked on Multi-vendor platform with checkpoint, Fortinet and Cisco firewalls requesting net flow for security compliance, coding, and pushing firewall rules after approval and troubleshoot incidents as required.
• Good Understanding of Multiple Contexts in ASA firewalls and implemented different failover mechanisms among ASA firewalls.
• Provisioned various Cisco Meraki & Fortinet firewalls. Converting access-lists to Firewall rule sets on FWSM module with 6509-E Catalyst switches.
• Setup and maintained Check Point security policies including NAT, VPN and Secure Remote access.
• Experience with hybrid CatOS to Native Cisco IOS code migration involving Catalyst 6503 to Catalyst 6504 switches
• Worked directly with customer engineers to support lab testing and performance evaluation of Nokia DWDM and IP products (Nokia 1830 PSS/7750 SR/7210 SAS).
• Created Mop (Method of Procedure) for customer concerning for new integration, deployment and software upgradation of Nokia DWDM and IP products.
• Hands-on experience on Cisco Network Hardware like Cisco switches, Cisco ISR G2/ASR routers, Cisco Wireless Access Points & SD-WAN Platforms experienced configuring and deploying from scratch and fixing them with various modules like Gig card, VPN SPA Card, T1-WIC card and other modules.
• Provided training to customer engineers on Nokia IP and DWDM products and related protocols.
• Resolved customer product issues through research using appropriate user manuals, product release notes, and lab testing.
• Designed Service, upgraded/configured ALU’s IP/MPLS products (e.g. 7x50 SR/ESS, 7705 SAS, 7210).
• Designed and implement MPLS VPN network for cell-tower backhaul of WIND Mobile consisting of 6 core routers and 100+ access routers: Nokia 7750 SR-7, 7705 SAR-8/SAR-F.
• Accomplishment: Lab Testing/Evaluation of Alien Wavelength, EDFA/Raman Amplifier, 100G/200G Muxponder on Nokia 1830 PSS Systems and CPM-5 Testing on Nokia 7750 SR Platform.
• Lab Implementation of multiple security contexts in ASA firewalls and Checkpoints configures redundancy (Active-Active failover and active-standby failover) among them
• Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, and HA) on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, executed various migration/upgrade projects across F5 and hands on with F5 BIGIP LTMs/EM.
• Configuring rules and Maintaining Palo Alto Firewalls & Analysis of Firewall logs using various tools
• Successfully installed Palo Alto PA 3060 Firewalls to protect Data Centre and provided L3 support for routers/switches/Firewalls.
• Install and upgrade Bluecoat proxy SG (900, 810 and SG9000 series) and Proxy AV (510,810 and 1400 series) in all the Datacenters.
• Worked with Palo Alto 4020,4060 devices from scratch by deploying them. Performing packet capturing on the Palo Alto firewall and analyzing the logs through Wireshark.
• Troubleshooting the firewall PA-5060, 4060 and monitoring the performance.
• Adding the rules in Palo Alto firewall for allowing the traffic and blocking them from different nodes in the network
• Configure policies on the Bluecoat VPM, local database and PAC files to filter the traffic flow by creating custom rules, URL categories and routing policies.
• Configure and manage Bluecoat 510 directors in active and Standby mode.
• Working with F5 Load Balancers for LTM and GTM type load balancing between multiple centers.
• Configured ACLs in Cisco 5540 ASA firewall for Internet Access requests for servers, Protocol Handling, Object Grouping and NAT.
• Troubleshoot and Worked with Security issues related to Cisco ASR 9K, Checkpoint, IDS/IPS and Juniper Net screen firewalls.
• Worked with ISR 4k, ASR 1k, CSR 1000v and other IWAN compatible routers. strong hands-on experience in installing, configuring, and troubleshooting Cisco devices like Cisco CSR, ASR1k, ASR 9k, ISR4k, ISRG2.
• Configuring VDC & VPC in Nexus 9K, 7k, 5k and 2k.
• Extensively worked on Data Center switching technology including Nexus 7K, 9K and 5K and Catalyst switches configuring VPC. networking protocols, specifically OSPF, BGP and EIGRP in the core Switches of cisco 6500 and Nexus 7k and 9K and troubleshooting issues with the network. configured VPC on Nexus 9K 9396 for F5 and WLC. Configured LAG on F5 VIP and Nexus 9K for trunk connection
• Experience with adding Fabric extenders to Nexus 9K switches using switchport fabric mode • Configured port channel on Nexus 9K and 2960 access switches
• Analyzing firewall change requests and implementing changes into existing firewall policies by maintaining the security standards of the organization.
• Change Management: Need to make sure that all the change designs and implementations are completed and tested as per the schedule required by the customers.
• Configured Check Point Firewall in distributed deployment and also maintaining Site-to-Site VPN Connection through the Firewalls.
• Responsible for configuration and Virtualization of Checkpoint firewalls across the enterprise.
• Assisting in configuration of Multi-Domain Security Management server and consolidation of CMA's Maintaining 8 gateways using Smart Center Server as a Management Station.
• Hands on experience dealing with different blades on Checkpoint appliance other than Firewall, IPSec, Application Control and URL Filtering, IPS, Secure XL.
• Successfully installed Palo Alto PA 3060,200, 5250 firewalls to protect Data center and provide L3 support to the devices.
• Configuration and setting a lab for the testing of Checkpoint R80.10 Gaia operating system on both Management and Gateway.
• Fixing SFP's SR and LR on both the Primary and Secondary Palo Alto 5250 appliances.
• Installing Jumbo Hot Fix take 151 by removing Shell Shock and Installing Gypsy to the Multi-Domain Security Managements on R76 Gaia platform and upgrading to R77.10
• Upgrading Checkpoint Gaia and Security management from R 76 and R 7 .30 and R77.30 respectively with the latest hotfix take 216
• Troubleshoot network access problems, Strong TCP/IP understanding, Debugging Checkpoint firewall
• Using TCP Dumps and wire shark captures for determining the flow of traffic across the Intranet to Internet and vice versa.
• Firewall risky rule remediation, assessment on firewall by using Algosec Analyzer for risk evaluation, Auditing and implementation.
• Firewall rule optimization based on the rule risks such has High, Suspected High, Medium and low.
• Monitoring and Troubleshooting Gateway Clusters using Checkpoint FW monitor commands and cphaprob and cphaprob stat.
• Using Algosec Fire Flow and Analyzer for implementing the simple changes.
• Managing Static, Dynamic and Hide NAT rules and address pools for IP filter on Smart Dash board.
• Worked on Bluecoat proxy server, Tipping Point Intrusion Protection System management, and reporting tools Orion and Algosec.
• Working on creating and exporting user groups and user identity groups in Cisco Identity Service Engine.
• Experience configuring Cisco ASA 5505 series firewalls in the remote office environment.
• Performing NAT rules, creating interfaces, routes and troubleshooting on Cisco ASA devices.
• Troubleshoot and Worked with Security issues related to Cisco ASA, Check Point, IDS/IPS.
• Configuring the gateways in a HA cluster and ClusterXL using a single virtual IP address
• Design the firewalls changes using various NAT types in Checkpoint firewalls like, static and dynamic.
• Juniper Contrail SDN Cloud Computing Open Networking Open Flow /ODL.
• Configure and maintain security policies on Fortinet firewall and manager/ Fort Analyzer
• Migrating existed Bluecoat Proxy infrastructure with McAfee Web Gateway using Parent/Child architecture across multiple Data Centers using F5's LTM load balancer
• Configure and maintain security policies on Fortinet firewall and manage Forti Manager/ Forti-Analyzer.
• Installed redundant BigIP F5 LTM and GTM load balancers to provide uninterrupted service to customers.
• Installing and configuring Checkpoint NG R55 and NGX R60.
• Deployed VPLS for DCI for spanning the VLans across the datacenters to provide support for low latency and critical applications
• Handled Firewall security of all external and internal traffic, intrusion detection and prevention, denial of service attacks.
• Worked in patch management through manual and SCCM methodology.
• Managing and Troubleshooting SCCM Servers and SCCM Clients.
• Troubleshooting "Package Replication" on DPs among sites.
• Troubleshooting CAZ to Primary replications\Primary to CAZ \Primary to Secondary\Secondary to primary eg (Parent to child) and (child to parent replication).
• WSUS\SUP issues (e.g.: Software Update Point Not Available).
• Client to MP communication issues (e.g.: client communications to MP)
• Need to Pull out "Reports" as per the requirements, Sql query or predefined reports from SCCM.
• Worked on Migration projects from IIS 6.0 to 7.5 and IIS 6.0 to IIS 8.5 and IIS 7.5 to IIS 8.5.
• Installed and configured IIS 6.0/ 7.0/7.5/8.0/8.5 web server on Microsoft Windows 2003/2008R2/2012/2012R2 server accordingly.
• Configured multiple websites in IIS 7.0/7.5/8.0/8.5 using Virtual IPs, multiple ports and Host headers.
• Installation of Linux and windows systems upgrades of systems as well as SSL implementation.
• Monitor the network traffic through Orion Solarwinds and Spectrum syslog server.
• Knowledge with Alcatel 7750 routers, which we deployed as a MPLS Core in the Network providing services to all the remote sites.
• Configured and Administered Cisco ASA 5585 firewalls which includes setting up the different zones.
• Configured and deployed BIG-IP LTM 8900 for providing application redundancy and load balancing.
• Performed network administration tasks such as creation and management of VLANS, Port security, Trunking, STP, Inter-VLAN routing, and LAN security.
• Configuring and implementing Remote Access Solution: IPsec VPN, any connect VPN, SSL VPN.
• Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover DMZ zoning & configuring VLANs/routing/NATing with the firewalls as per the design.
• Involved in the Team of Data Center Operations to perform duties like administration and monitoring of Cisco Routers and Switches according to the organization requirements.
• Knowledge in implementing and configuring F5 Big-IP LTM-6400 load balancers.
• Involved in Network Designing, Routing, and DNS, IP Subnetting, and TCP/IP protocol.
• Configured ACLs in Cisco5585 ASA firewall for Internet Access requests for servers, Protocol Handling, Object Grouping and NAT Control using Object NAT.
• Implemented Cisco ACI infrastructure for supporting rapid application change by reducing complexity with a common policy framework that can automate provisioning and resource management.
• From EIGRP domain to OSPF in order to maintain and support multi-vender capability.
• Worked on BGP and peering the CE with the AT&T and Century Link MPLS providers using Local preferences and AS Path attributes.
• Implemented VPLS and worked on Route Reflectors, Route Targets, LDP, L3VPN's, VRF's exclusively.
• Experience deploying F5 Load Balancers for load balancing and traffic management of business application. Design and Implement Remote access VPN server using Checkpoint NGX R60 and NG R 55 &Cisco ASA.
• BMC Remedy Ticketing system, Change Management, Incident Management and solving the SR's assigned to me.
• Assisted with the Cisco ACE Load balancer.

Environment: F5, NGX R55 and R65, Checkpoint, Meraki, Fortinet, Bluecoat, Nexus 9396, 7010, 5548, 5520, 2248, Cat 6880, VPC, VDC, VRF, VSS, Alcatel 7750, Cisco ASA, BGP, VPLS, OSPF, EIGRP, QOS, VPM, SDN Solarwinds, STP, VLANS, VTP, Port-Channel, and Switch Stacking.

Confidential, San Jose, CA

Sr. Network Engineer

Responsibilities:

• Configuring Checkpoint Firewall in IPSO, Secure Platform and GAIA platforms.
• Configuring, Administering and troubleshooting the Checkpoint and ASA firewall.
• Excellent analytical and problem-solving skills.
• Perform Custer configuration, backup and restore the current Gateway installation
• Analyzing the IPS logs and adjusting the protect mode. Using Smart Update, User Management and Authentication in Checkpoint firewall. Ability to quickly evaluate project needs and provide appropriate solutions in a timely fashion.
• Good understanding of OSI Layers and TCP/IP models, IP Addressing and Sub netting.
• Strong working experience with Layer-2 & Layer-3 Protocols: VLANs, EtherChannel & Trunking, all STP, VTP, HSRP, VRRP, GLBP, CoS
• Experienced on metro and long-haul DWDM infrastructure: Nokia (Alcatel-Lucent) 1830 PSS32/16, Fujitsu FW 9500/7500/4500/4100, Huawei OSN 7500/6800/3500.
• Expertise in designing, lab testing, implementation and operations of IP/MPLS network: Nokia (Alcatel-Lucent) 7750/7705/7210, Cisco CRS-16/ASR 9K Series SAR.
• Experienced and proficient with CLI on Nokia (Alcatel-Lucent) SR OS, Cisco IOS-XR.
• Designed Service, upgraded/configured ALU’s IP/MPLS products (e.g. 7x50 SR/ESS, 7705 SAS, 7210)
• Experienced on IP/MPLS/Multicast related protocols and L2/L3 VPN services: OSPF, IS-IS, BGP, MPBGP, PIM, IGMP, MPLS, LDP, RSVP-TE, VPWS, VPLS, VPRN, QoS.
• Experienced on provisioning and management of IP/Optical network using management tools and protocols: CLI, TL1, WebUI, GUI (Nokia 5620 SAM/1354 Ph.M., Fujitsu NetSmart1500/500).
• Designed and implement MPLS VPN network for cell-tower backhaul of WIND Mobile consisting of 6 core routers and 100+ access routers: Nokia 7750 SR-7, 7705 SAR-8/SAR-F.
• Strong working experience with Static, RIP, EIGRP, OSPF & BGP Routing protocols
• Design implement and managing Wide Area /Local Area Networks and Networking Devices administration
• Implemented and managed SIEM - IBM Qradar suite of products, QRadar SIEM, Qradar Vulnerability Manager (QVM), Qradar Risk Manager (QRM), Qradar Incident Forensic (QIF), Splunk.
• Worked with IBM Qradar SIEM Integration and responsible for integrating the log sources with IBM Qradar.
• Developed a correlated picture of what is occurring right now in an enterprise through integration of information from a variety of devices with QRadar SIEM tool, then normalizing and correlating the information to develop modules that provides real-time (or near real-time) reporting in SOC.
• Integrated other security products to QRadar SIEM through various communication protocols, event correlation for vulnerability detection and flow (JFlow, NetFlow) analysis.
• Familiar with Wireless technologies (3G, 4G/LTE) and Datacenter technologies
• Knowledge of IP networking and network security
• Knowledge in Peripheral Component Interconnect (PCI)
• Configuring and troubleshooting 802.1X and Inter VLAN routing
• SME with Cisco Switches, Routers and Protocols
• Worked with ISR 4k, ASR 1k, CSR 1000v and other IWAN compatible routers. strong hands-on experience in installing, configuring, and troubleshooting Cisco devices like Cisco CSR, ASR1k, ASR 9k, ISR4k, ISRG2.
• Knowledge on virus prevention
• Configure and troubleshoot Remote access and site to site-in Checkpoint & ASA firewalls.
• Configure and Troubleshoot IPSec S2S, Remote Access and SSL VPN on ASA firewall and Checkpoint Firewalls.
• Expert Level Checkpoint Firewalls Administrator. Network Topology Configuration Expert.
• Windows & Red Hat Servers Network Configuration including User Management Active directory and mail servers - Exchange and Cloud.
• Configured and performed software upgrades on Cisco Wireless LAN Controllers 5508 for Wireless Network Access Control integration with Cisco ISE.
• Monitoring Traffic and Connections in Checkpoint and ASA Firewall.
• Hands on experience on all software blades of Checkpoint firewall.
• Analyzing the malware, which are not detected by Antivirus and deleting.
• Hands on experience with Trend Micro products IWSS, IMSS, Control Manager and IWSVA
• Managed successful delivery of massive security response portfolio including Splunk, Cisco ISE.
• Web security using Trend Micro Interscan Web Security Virtual Appliance (Proxy)
• Knowledge of Intrusion Detection, DMZ, encryption, IPsec, proxy services, Site to Site VPN tunnels, MPLS/VPN, SSL/VPN
• Strong working knowledge on Cisco Routers & Catalyst Switches and HP & Cisco servers
• Experience with security device management and smart center management
• Experience with application protocols. Finding code bugs and reports with R&D departments.
• Expert in deploying Nexus Switches, with complete understanding of the limitations of the line cards for N7ks. Clear Quest and Clear case Tools: All Microsoft Office Software.
• Worked extensively on firewalls and VPN gateways Checkpoint, CISCO, Juniper, Fortigate GUI and Shell. Linux, UNIX and Windows Scripting.
• Hands on experience and demonstrated knowledge with Aruba ClearPass for the access control. Support Aruba Wireless infrastructure; research migration path from AMP 8.0.10 to version 8.2.6.1. Administration of ClearPass Policy Manager 6.6.10.106403. Aruba 105, 205 APS and RAPS, VWLC.
• Onboarding devices to Aruba ClearPass Policy Manager- TACACS. Onboarded 10+ device types like Fire eye, Juniper space, Fortinet, Bluecoat etc to ClearPass for TACACS Authentication. Migrated from Cisco ISE to Aruba CPPM, Worked extensively on ClearPass, Aruba wireless AOS, Airwave, networking, 802.1x, ClearPass Deployment & Integration Experience, ClearPass TACACS
• Migrated from Cisco ISE to Aruba ClearPass for wireless and 802.1X authentication in the Bank. Tested and Certified Aruba ClearPass Policy Manager 6.6.7 for Bank Infrastructure. Upgraded from 6.6.2 to 6.6.7. Configured extension on ClearPass to enable Multi factor authentication. Integrated Safe pass application to ClearPass
• IT and Help Desk Expert on Hardware and Software.
• Familiarity with Cloud Security and Cloud Disaster Recovery
• Experience with Cisco ISE platform and Cisco FWSM.
• Knowledge on Huawei & Juniper Routers, HP & IBM blade switches. Knowledge of Active Directory, DNS, Certificate Services (PKI)
• Configuring QOS on Routers and Switches. Experience with VMware, Cisco VPN and Citrix
• Worked on Cisco ASA Software
• Working experience with A10 and F5 Load Balancer
• Installation/upgrade of antivirus server and providing end point security with Trend Micro Office scan.
• Installation of Windows 2003 enterprise and standard editions, R2, Windows 2000 standard and advanced server editions.
• Experienced in DHCP DNS, AD, NIS, NFS, SMTP, IMAP, ODBC, FTP, TCP/IP, LAN, WAN, LDAP, HP RDP , security management and system troubleshooting skills.
• Experienced systems Engineer and lead technician, setting scope and deliverables, timelines, budgets and maintaining communication between layered teams.
• Thorough knowledge of the installation, termination and troubleshooting of the physical layer and data link layer of the OSI model .
• Contributes a multifaceted data systems skillet with strong business and accounting acumen to drive successful projects and meet modern infrastructure challenges.
• Keep the antivirus section of the network up to date with current versions of antivirus software, latest signatures and relevant documentation.
• Configuring and managing syslog server, automatic configuration backup using event Manager, Archive command scripts
• Vendor coordination for all Network, Security and Wireless services
• Capture and Analyze the logs using Wireshark, NetFlow, Syslog Providing technical security proposals, detailed RFP responses, security presentation, installing and configuring ASA firewalls, VPN networks and redesigning customer security architectures.
• Experience with managing the completed end to end site solutions
• Involved in Datacenter build and support, Implementation, migrations network support, Interconnectivity between an old Datacenter and new Datacenter.
• Converting access-lists to Firewall rule sets on FWSM module with 6509-E Catalyst switches
• Involved in setting up Voice VLANs on distribution switches, and configuring access switches ports for AVAYA IP PHONES
• Managing and Troubleshooting SCCM Servers and SCCM Clients.
• Troubleshooting "Package Replication" on DPs among sites.
• Troubleshooting CAZ to Primary replications\Primary to CAZ\Primary to Secondary\Secondary to primary e.g. (Parent to child) and (child to parent replication).
• WSUS\SUP issues (e.g. Software Update Point Not Available).
• Client to MP communication issues (e.g. client communications to MP)
• Need to Pull out "Reports" as per the requirements, Sql query or predefined reports from SCCM.
• Worked on Migration projects from IIS 6.0 to 7.5 and IIS 6.0 to IIS 8.5 and IIS 7.5 to IIS 8.5. • Installed and configured IIS 6.0/ 7.0/7.5/8.0/8.5 web server on Microsoft Windows 2003/2008R2/2012/2012R2 server accordingly. • Configured multiple websites in IIS 7.0/7.5/8.0/8.5 using Virtual IPs, multiple ports and Host headers. • Installation of Linux and windows systems upgrades of systems as well as SSL implementation.
• Implementing 3750 Rack/Stack switches using Cisco Stack Wise technology
• Experience with design and implementation of Virtual Switching System (VSS) for both User segment and server segment using 6509-V-E catalyst switches.
• Palo Alto design and installation (Application and URL filtering, Threat Prevention, Data Filtering)
• Handled Firewall security of all external and internal traffic, intrusion detection and prevention, denial of service attacks.
• Worked in patch management through manual and SCCM methodology.
• Data center migration was involved in Access, Distribution and Core layers.
• Installed new purchased Hardware to the new DC, migrate data over WAN connection, also greatly involved in virtualization of physical servers.
• Integrated and evaluated Cisco ACI, VMware NSX, and Arista CVX SDN solutions.
• Design and implement Catalyst/ASA Firewall Service Module for various LAN's.
• Experience with migration Hybrid based Cisco CatOS and Native Cisco IOS on 6500 catalyst switches.
• Involved in migration of WLAN segment on the LAN Core. Also, involved in configuring wireless VLANS
• Working knowledge of Firewall service module FWSM UPGRADE, FWSM RULESET conversion
• Coordinated precise scheduling for all migration events including all equipment and resources for the data center migration on an extremely accelerated schedule with for a high-profile client.
• Upgrading IOS on 2960 and using 2960 switch as a PAGP between VSS
• Working knowledge of PPP Protocol with Enhanced Flex WAN module on 6500 catalyst switches
• Involved configuring PPP multilink group, dialer group, PPP authentication protocols like PAP, CHAP
• Working knowledge of Terminal server and the configurations
• Installation of L3 Switching Engine Policy Feature Card & Distributed Forwarding Card DFC3C

Environment: 3750, 3550, 3560,3925, 2924, 6509-V-E, 6513, 6504, 6503, 6506, 6500 series switches, 7206, 2611, 6748, 6708, 2960, T1 Controllers, Cisco ISE, DS3 Lines (T3 Lines), Fiber and Ethernet cabling

Confidential

Jr. Network engineer

Responsibilities:

• Installed Nexus 7010 core switches and Nexus 5548 and 2148 server access switches. Configured 7010's with multiple distribution VDC's running EIGRP for route propagation between them.
• Designed and configured IP addressing scheme and eBGP routing strategy for Century Link MPLS network connectivity. Wrote core and remote router configurations and implementation scripts.
• Implemented EEM scripting on the WAN Routers for redundancy and for the Multihoming.
• Working on L3 protocols such as BGP, OSPF and EIGRP also includes static routing and route redistribution.
• Experienced in Configuring/Troubleshooting Routing Protocols EIGRP/OSPF/BGP/RIP.
• Installed and Configured A10 (AX2500) load balancer as SLB for various application in backend.
• Installed and deployed the Controller based Aruba Wireless Access Point.
• Implemented STP, VTP, and Port-channel and advanced technologies like VSS on the Cat 6500's, OTV, and FCOE.
• Worked extensively on Cisco Switches, Routers, ACE and F5 and A10 load balancers, and Net Screen/Pix/ASA/Junos/FWSM/Sonic/ Checkpoint firewalls.
• Worked on Checkpoint Firewall policy provisioning
• Managing the Network & Security Administration involving design of network layouts, maintenance of configuration.
• Experience with Checkpoint VSX. Check Point (firewall) changes including experience on blades.
• Cisco ASA 51xx series changes
• Worked on Extensively on Cisco Firewalls, Cisco PIX (506E/515E/525/) & ASA 5500(5520/5540) Series. Administered Cisco Catalyst 29xx, 19xx series switches.
• Trained on Cisco Application Centric Infrastructure (ACI).
• Troubleshoot layer1, layer2 and layer3 technologies for customer escalations.
• IP Allocation & Maintenance for users and other needs throughout company.
• Working on Quality of service QOS and class of service COS implementations for business-critical applications and prioritize traffic for voice and other critical applications utilizing classification techniques like DSCP, NBAR, Traffic shaping and Policing.
• Configured Cisco Voice Security Gateways and implemented the zone-based firewall services.

Environment: Nexus 7010, 5548, 2248, VPC, VDC, VSS, VSG, NGX R55 and R65, Cisco ASA, Wireshark, R76, R77, GAiA, Juniper SRX, EEM script, QOS, VPM, Solar winds, STP, VLANS, VTP, Port-Channel, Switch Stacking.

Confidential

LAN/WAN Engineer

Responsibilities:

• Responsible for entire LAN and WAN maintenance and troubleshooting of the company network. Involved in the Team of Data Center Operations to perform duties like administration and deployment of Cisco Routers and Switches according to the organization requirements.
• Performed network administration tasks such as creation and management of VLANS, Port security, Trunking, RPVST+, Inter-VLAN routing, and LAN security.
• Worked with Cisco Catalyst 6500, 4500, 4900 switches and Cisco 2800, 3600, 3800, 7200 &7600 series Routers.
• Worked with Routing Protocols of EIGRP and BGP.
• Configured PVSTP+ for loop prevention and VTP for Inter-VLAN Routing.
• Worked on commissioning and decommissioning of the MPLS circuits for various field offices& POPs.
• Deployed Nexus 2000, 5000 and 7000 series switches.
• GRE tunneling & Site-to Site VPN configuration between other two sites in USA.
• Configured ASA 5520 to ensure high-end security on the network with ACLs and Firewall.
• Implemented redundancy for Routers, Switches and Firewalls.
• Manage Cisco Routers and troubleshoot layer1, layer2 and layer3 technologies for customer escalations.
• Worked with Cisco Catalyst 6500, 4500, 3750,3925, 3560, 2960 switches and Cisco 2800, 3600, 3800, 7200, 7600 and ASR series Routers.
• Played responsible role for implementing, engineering, & level 2 support of existing network technologies / services & integration of new network technologies / services.
• Worked with Cisco Layer 3 switches 3560, 3750, 3925, 4500, 6500; Cisco Nexus 5000 and 7000 in multi VLAN environment with the use of inter-VLAN routing, 802.1Q trunk, and ether channel.
• Key contributions include troubleshooting of complex LAN /WAN infrastructure that include routing protocols EIGRP, OSPF & BGP.
• Involved in design, implementation and configuration of HSRP for load balancing on L3 switches on different location of office on the switched network.
• Provided support for troubleshooting and resolving Customer and user reported issues.
• Worked with Network Engineer's in the installation and configuration of firewalls.

Environment: BMC Remedy, Cisco ASA 5540, BIG-IP LTM 8900, QOS, Policy-maps, Class-maps, Nexus, VLans, STP, RSTP, PVSTP, VTP, HSRP, Ether channel, BGP, OSPF, EIGRP, MPLS, ATM, PPP, HDLC. SNMP, TACACS+, DNS, DHCP, Basics of WLA.