CAREER HIGHLIGHTS:

• 8+ years of hands on experience in Network Engineering, Designing, Integrating, Deploying, Maintaining and Supporting broad range of Communication Systems.
• Strong hands on experience in Installing, Troubleshooting, Configuring of Cisco900x, ASR1k, 7200vxr, 3900, 3800, 2900, 2800 series routers and Confidential Catalyst 6500, 4500, 3850T, 3750, 2950 and 3500XL series Switches.
• Hands on experience working with Confidential Confidential 7K, 5K & 2K Switches.
• Configuration of VPC, VDC, Peer Gateway, HSRP and FEX on Confidential family.
• Hands on experience in Confidential IOS/IOS - XR/NX-OS, Juniper JUNOS.
• Expert level knowledge of troubleshooting, implementing, optimizing and testing of static and dynamic routing protocols such as
• Confidential, OSPF, Confidential ability to interpret and resolve complex route table problems.
• Knowledge of Confidential Meraki Wireless Switches (MX 33) and SD-WAN (MX100 ).
• Experience with Riverbed Steelhead Appliance for WAN optimization.
• Experience in working with Confidential Identity Services Engine (ISE) and ACS.
• Worked on Security groups, tags, AAA profiles on ISE.
• Worked on Extensively on Confidential Firewalls, Confidential PIX (506E/515E/525/) & ASA 5500(5510/5540) Series
• Extensive Knowledge on the implementation of Confidential ASA 5500, FTD and Checkpoint R 75 firewalls.
• Configuration, Troubleshooting and Maintenance of Palo Alto Firewalls -
• PA200, PA2000 series, PA3000 series, PA4000 series and PA5000 series.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Worked on Windows and Infoblox DNS and DHCP servers .
• Configuration of Host files, DNS records, IP reservations, configuring scopes.
• Worked on Deploying Confidential ACI . Migration from Legacy Data Center Architecture to Spine Leaf Architecture .
• Experience with VXLAN, EVPN, VTEPS, Bridge Domains, Application Templates .
• Migrated Confidential 7Ks & Confidential 5Ks to an ACI Fabric consisting of 9336PQ Spines & 9332PQLeafs in a brownfield Datacenter.
• Experience in Python and Ansible Scripting for Network Automation.
• Worked on Next Gen Firewall features like URL filtering, SSL
• Forward Proxy, SSL Decryption, APP ID and ThreatID, Confidential in PA firewalls.
• Experience in F5 BIG IP and Confidential ACE Load balancers for load balancing and traffic management of business applications. Migration Experience from ACE to F5.
• Experience with Virtual servers, Pools, Monitors, SNAT, proficient in iRule scripting, Persistence, Profiles, WideIP s, Zones, Listener IP, Static and Dynamic Load balancing techniques on LTM and GTM .
• Design and configure various Azure and AWS Networking resources like Azure Virtual Network (VNET), IP addressing scheme, DDoS protection, Subnets, Address Spaces, EC2 Instances.
• Worked on the design, implementation, and support of IP telephony projects, such as Confidential Manager, Confidential Unified Messaging System, and Confidential Unified Contract Center Express.
• Extensive knowledge in all Wi-Fi Standards including 802.11a,b,g, n,ac. Worked on installing of Confidential and Aruba Wireless Controllers. Worked on Confidential CWAP, LAWP, Aruba 225, 325, AP groups, SSID s, Authentication rules, 802.1X for Wireless etc.

TECHNICAL SKILLS:

Switch platforms: Confidential 2900XL, 2950, 2960, 3550, 3750, 4500 and 6500, Confidential (2K, 5K, 7K and 9K)

Router platforms: Confidential routers ( Cisco900x, ASR1k, 7200vxr, 3900, 3800, 2900, 2800) & Confidential Catalyst switches ( Catalyst 6500, 4500, 3850T, 3750, 2950 and 3500XL series), Confidential 7K, 5K & 2K. Confidential 2900XL, 2950, 2960, 3550, 3750, 4500 and 6500, Confidential (2K, 5K, 7K and 9K)

Juniper Platforms: SRX, MX, EX, QFX Series Routers and Switches

Networking Concepts: Access-lists, Routing, Switching, Subnetting, Designing, IPSec, VLAN, VPN, MPLS, VoIP.

Networking Protocols: RIP, OSPF, Confidential, Confidential, STP, RSTP, VLANs, VTP, PAGP, LACP, MPLS, HSRP, VRRP, GLBP, TACACS+, Radius, AAA, IPv4 and IPv6, VSS, VPC, VDC, EVPN.

Network Management/Monitoring: Solar winds, Net flow and Confidential prime, Wireshark, TCP Dump, SSL Dump.

Load Balancers: F-5 BIG-IP LTM 6400, 6899, 5000 series, Viprion series, Netscalers, Confidential ACE.

WAN technologies: MPLS, leased lines & exposure to PPP, DS3, T1 /T3, Hub and Spoke environment.

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, VTP, STP, RSTP, MST, 802.1Q, 802.1X, GRE tunnels.

Security Protocols: IKE, IPsec, SSL, AAA, Access-lists, prefix-lists, SSL-VPN, NAT/PAT, URL filtering, SSL proxy

Firewalls: Juniper Netscreen 6500, 6000, 5400, Juniper SSG, SRX5600, SRX5800, CheckPoint (NGX, R70 and R75), Confidential Firewalls (ASA 5500, 5506-X, 5580), Palo Alto Networks (PA-2K, PA-4K and PA-5K).

Scripting: Python, Ansible, C++.

Operating System: Windows 7/XP, MAC OS X, Windows Server 2008/2003, Linux, Unix

PROFESSIONAL EXPERIENCE:

Confidential, Columbus, OH

Senior Network Engineer

Responsibilities:

• Experience with converting Checkpoint VPN rules over to the Confidential ASA solution.
• Migration with Confidential ASA VPN experience on 5500 series Firewalls.
• Provided Level-3 Network support for Confidential Switches and Confidential ASA 5500 Series Security.
• Implemented Site-to-Site VPNs over the Internet utilizing 3DES, AES/AES-256 with ASA Firewalls.
• Experience in converting PIX rules over to the Confidential ASA solution.
• Configure and maintain all Palo Alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized management system ( Confidential ) to manage Confidential scale Firewall deployments.
• Experience on Confidential 2K, 3K, 5K, 7K, 9K switches in Access, Distribution and Core Switches in Data center.
• Worked on 3750, 3850, 2960, CAT 9300, 4500, 6500 switches in Campus Environment.
• Worked on configuration and troubleshooting of Confidential 1500 micro hubs at the office level for a LAN network for desktops and printers.
• Worked on 8200 series edge concentrators to connect to atm and frame relay networks.
• Experience with LAN extension using hubs, accommodating various hosts on network, dhcp configs, cabling, idf/mdf architecture etc.
• Working closely with knowledge center management to investigate the information center sites for cabling necessities of assorted network instrumentation.
• Migration from Checkpoint firewall cluster to Confidential ASA 5580 firewalls in a failover pair configuration.
• Provided application level redundancy and accessibility by deploying F5 load balancers. LTM and GTM Installation and operation.
• Designing and assisting in deploying enterprise wide Network Security and High Availability Solutions for ASA.
• Experience in threat detection in Confidential firepower and FTD.
• Installed and configured Meraki (MX33) in wireless and MX100 in SD-WAN.
• Configuration and operational experience in b ringing up MX 33 for the campus wireless and MX100 SD-WAN for WAN optimization purposes.
• Worked on Proof of Concept on deploying Confidential ACI. Knowledge and understanding in Spine Leaf Architecture, VXLAN, VTEPS, Application Templates, Bridge Domains, EVPN, MP- Confidential etc.
• Migrated Confidential 7Ks & Confidential 5Ks to an ACI Fabric consisting of 9336PQ Spines & 9332PQLeafs in a brownfield Datacenter.
• Worked on Bridge Domains, VXLANs, VTEPS, VNID. configuration of routing using Confidential among multiple Leaf to spine switches.
• Thorough understanding of Application Profile, Tenants, End Point Group, Inter Subnet Tenant Routing, Routing within Tenants, Router Peering and Redistribution.
• Worked on Migration project from traditional Data Center Architecture to Spine Leaf.
• Provided redundancy in a very multi homed Border Gateway Protocol ( Confidential ) network by tunings AS-path.
• Experience with Confidential Attributes, Route Reflector, Cluster ID etc.
• Deploy, scale and automate network across multiple global datacenters supporting Amazon Web Services (AWS).
• Used Confidential ACI Fabric which is based on Confidential Confidential 9000 Series Switches and the Confidential Application Virtual Switch (AVS).
• Worked on implementing lab for SDN using Cumulus Linux for test-driving part of DC migration to SDN.
• Configure best route map configurations in the new Confidential IOS XR Routing Protocol Language (RPL).
• Supporting Confidential and Confidential supported network by partitioning level two & three issues of internal groups & external customers of all locations.
• Experience in migrating policies from checkpoint firewall to juniper srx and Confidential ASA to Palo-alto.
• Experience with working on firewalls like Confidential ASA 5500 series (5510,5540), JUNIPER SRX series and PALO ALTO (pa-3060, pa-5060), etc.

Confidential, New Jersey

Senior Network Security Engineer

Responsibilities:

• Hands on experience in the configuration, troubleshooting of Juniper SRX firewalls as well as experience working directly with customer in a service/support environment.
• Troubleshooting Firewall Connectivity related issues using Smart view tracker on Checkpoint, NSM Log viewer for Juniper Firewalls.
• Deployment and Management of Bluecoat proxies in forward proxy scenario as well as for security in reverse proxy scenario.
• Demonstrated understanding of network security concepts and systems including F5, WSA, Palo Alto, ASA.
• Worked on Blue Coat Proxy SG to safeguard web applications in extremely untrusted environments such as guest Wi-Fi zones.
• Performing URL filtering and content filtering by adding URL’s in Bluecoat Proxy SG’s.
• Managing & administering Confidential WSA.
• Day-to-Day work involves scheduling firewall policy provisioning and working with users to identify connectivity related issues and troubleshoot using both Smart Utilities and CLI.
• Active/Standby and Active/Active HA configuration on Confidential ASA and Palo Alto Firewalls.
• Configuring High Availability using Cluster XL on Checkpoint as well as VRRP and monitor the Sync status for stateful replication of traffic between active and standby member.
• Managing and administering Juniper SRX and Checkpoint Firewalls at various zones including DMZ, Extranet (Various Business Partners) and ASZ and internal.
• Expert in Next Gen Firewall Techniques for traffic filtering such as URL Filtering, SSL decryption, Forward proxy, Security policies, Zones, NAT/PAT, ACL, policy-maps etc.
• Configured and deployed VPC, VDC, VSS, OTV, FABRIC PATH between Confidential 7010 and Nexus5596, 5548 switches along with FEX2248 .
• Performing network monitoring, providing analysis using various tools like Wireshark and Solar winds.
• Deep understanding of IDS/IPS such as Sourcefire and Foresight.
• Assisted with the transition from the current Confidential ASA FW platform to the Confidential Firepower FPR 4150 NGFW.
• Implementing Security Solutions in Juniper SRX and Netscreen SSG firewalls by using NSM.
• Juniper Firewall Policy management using NSM and Screen OS CLI.
• Working on the network team to re-route Confidential routes during maintenance and FW upgrades.
• Confidential ASA security appliances including Sourcefire, Fire POWER services and Fire Sight Management Console.
• Configure B2B VPN with various business partners and 3rd parties and troubleshoot VPN Phase 1 and Phase 2 connectivity issues including Crypto map, Encryption Domain, PSK etc.
• Monitor Intrusion Detection Systems (IDS) console for active alerts and determine priority of response.

Confidential, Cleavland, OH

Senior Network Engineer

Responsibilities:

• Responsible for the implementation and maintenance of firewall based security zones (DMZ*s).
• Provide support to internal project teams by adding firewalls, switches and routers to managed DMZs.
• Configure the layer 2 and layer 3 on Confidential Confidential 7K, 5K, 6509, 9710, 5596 UP, 4500, 3850, 3950, ASR and 2960.
• Worked with Checkpoint, Confidential ASA, and Palo Alto Networks solutions.
• Experience in HSRP standby troubleshooting & Experience in configuring & upgrading of Confidential IOS.
• Implementing & Troubleshooting of T1, MUXES, CSU/DSU and data circuits.
• Experience on designing and troubleshooting of complex Confidential and OSPF routing problems,
• Have sound knowledge of Firewall architecture, routing and VPN.
• Experience in migration of Frame-relay based branches to MPLS based technology using multi-layer stackable switch like 6500 series and 2800 series router.
• Involved in design and implementation of Data Center Migration, worked on implementation strategies for the expansion of the MPLS VPN networks.
• Hands on experience with Confidential 3500, 3750, 4500, 6500 series equipment and configuration of OSPF and Confidential on Confidential 7K.
• Confidential IOS experience on 3600/7200 class hardware in complex WAN environment and experience on Confidential OS and IOS on CAT6500 in a complex data center environment.
• Involved in designing L2VPN services and VPN-IPSEC authentication & encryption system. Implementation of IPSEC & GRE tunnels in VPN technology.
• Evaluate, Analyze & Implement firewall policies to meet business requirements.
• Experience in creating and maintaining firewall configurations, updating documentation and log analysis.
• Worked extensively in configuring, monitoring and troubleshooting Confidential 's ASR 9K and 1K.
• Applying crypto maps and security keys for the branches, ISAKMP (Internet security association key management protocol) for establishing Security associations (SA) cryptographic keys.
• Experience in configuring routing protocols like Confidential, RIP v2, OSPF & Confidential and Confidential ACS protocols like RADIUS and TACACS.
• Experienced in WAN environments, installing and troubleshooting data circuit problems (MPLS, T1).
• Involved in designing and applying QOS and policy map to 2800 series routers for all the branches.
• Implementing VoIP solutions using SIP & H.323, also have sound knowledge of Avaya VoIP products.
• Implemented and deployed VoIP using ASR 1k series SBC (Session Border Controller).

Confidential, Lake Forest, CA

Sr Network Engineer

Responsibilities:

• Troubleshooting the Network Routing protocols ( Confidential, Confidential and RIP) during the Migrations and new client connections.
• Involved in Configuring and implementing of Composite Network models which consists of Cisco7600, 7200, 3800 series routers and Confidential 2950, 3500, 5000, 6500 Series switches.
• Basic and advance F5 load balancer configurations, including migrating configurations from Confidential ACE to F5 and general troubleshooting of the F5 load balancers. F5 Networks BigIP Load Balancer.
• Extensive use of Checkpoint Smart Console suite (R75.40, R76, Gaia R77.20 & VSX) to manage policies and rule base of security control points, device mapping using network address translation, objects management, routes and other administrative tasks.
• Modified internal infrastructure by adding switches to support server farms and added servers to existing DMZ environments to support new and existing application platforms.
• Configuration and maintenance of the routers running on existing Confidential and Confidential protocol with 7200 router and 6500 core.
• Also configured route filtering using distribute list with route maps and ACL’s.
• Configured BIG IP F5 load balancer for cluster / server farm load balancing to increase resource availability and provide redundancy.
• Configured network access servers and routers for AAA Security (RADIUS/ TACACS+).
• Built site-to-site IPSec VPNs over Frame-relay and MPLS circuits on various models of Confidential routers to facilitate adding new business partners to new and existing infrastructures.
• Regularly performed firewall audits around Checkpoint Firewall-1 solutions for customers. Provided tier 3 support for CheckPoint Firewall-1 software to support customers.

Confidential, NJ

Network Engineer

Responsibilities:

• Installation & Configuring of Confidential 6500, 4500, 2800, 1800 and 1700 series router and cat 3750 switches.
• Worked on Extensively on Confidential Firewalls, Confidential ASA 5500(5510/5540) Series.
• Gathering application information which are using Splunk tool and analyze their bandwidth traffic.
• Standardized Splunk agent deployment, configuration and maintenance across a variety of UNIX and Windows platforms.
• Responsible for developing and deploying Solar Winds which includes WAN/LAN and server monitoring,
• Reporting, and alerting and Configure Orion alerts.
• Implemented inter-VLAN routing (on Juniper EX 3300 and EX 3400 switches) among the VLANs to allow.
• Projects on Network design, Installation, troubleshooting and suggesting them suitable backup system.
• Worked on Juniper J series j230, M 320 routers and EX 3200 series switch.
• Building configurations for Juniper EX 3300 and EX 4200 switches with features like port security, VLANS, VTP, and PVST+.
• Provide visibility and support to the Facilities team when monitoring the Data Center requests.
• Configured Checkpoint and Confidential ASA firewalls to secure the infrastructure for the Data Center.
• Configured VDC (Virtual Device Context) and VPC for Confidential 7010 Switch.
• Provided firewall policy configuration and services with Juniper SRX 240 & 650 service gateways.

Confidential

Network Admin

Responsibilities:

• Maintaining the Network Infrastructure, Installation, migration and configuration of routers and switches for US Based Optum Client from Offshore.
• Provide alternative means from dial-up connection to bring down the damage or loss that occurs for the client.
• Configured Routing protocols such as OSPF, Confidential and policy-based routing. Implemented Site to Site IPSEC VPN Tunnels on Confidential ASA.
• Configuration of OSPF and Confidential in Confidential Routers 7200, 6500 in Core and Edge.
• Configured HSRP and VLAN trunking 802.1Q, VLAN Routing on Catalyst 6500 switches, 3560, 3750, 3550 etc.
• Configured VLANs with 802.1q tagging. Configured Trunk groups, ether channels, and Spanning tree for creating Access/distribution and core layer switching architecture.
• Configured BPDU Guard, port-fast, uplink fast and other spanning tree features.
• Configuration and troubleshooting of Confidential 2500, 2600, 3000, 6500, 7500, 7200 Series routers.
• Configured IP access filter policies. NAT/PAT, Global Policies etc on ASA and Fortigate Firewalls.