SUMMARY:

• About 7 years of professional experience in Designing, Implementing, Configuring, Testing and Troubleshooting networking systems on both Cisco.
• Experience with the escalation problems for Routing, Switching and WAN connectivity issues using different ticketing systems like HP Open View, Service Now, Remedy.
• Worked on Cisco 7200, 3800, 3600, 2800, 2600, 1800, ASR 1002, 1004, 1006 and 9000 series Routers, Cisco 6500, 5500,4500, 3500,2900 series switch and Nexus 7706, 7009, 5000 and 2K Fabric Extenders (FEX) Layer 2 switches.
• Worked on MX - 80, MX-480, SRX-100, SRX-110, SRX-550 and EX-4200.
• Extensive hands-on experience with complex routed LAN and WAN networks, routers, switches, Firewalls, VOIP, servers and load balancers.
• Proficient in Cisco IOS for configuration & troubleshooting of routing protocols: MP-BGP, OSPF, EIGRP, RIP, BGP v4.
• Knowledge on designing, implementing and troubleshooting complex layer 2 technologies such as VLAN, Trunks, VTP, Fabricpath, etherchannel, VPC, VDC, STP, RSTP, MST, ACLs, VRFs& port security along with trouble- shooting of inter-VLAN routing and VLAN trunking using 802.1Q.
• Strong knowledge in redundancy Protocols like HSRP, VRRP and GLBP.
• Experience in the setup of Cisco Virtual Switching System (VSS), VDC, SNMP, Layer 3 MPLS, IPsec tunnels and VRF installations.
• Experience in physical cabling, IP addressing and subnetting for IPv4 and IPv6, configuring and supporting TCP/IP, DNS, installing and configuring proxies.
• Good knowledge on Blue coat ProxySG S200/S400.
• Experience deploying BIG-IP F5 LTM, GTM Load Balancers for load balancing and traffic management of business application.
• Familiar with Cisco firewalls PIX 515, ASA 5500 series and Check Point Firewalls.
• Configured policies on F5 ASM Created rules and scripts for the automation of the environment. Reengineered Firewall policies SSG320 and SSG140 Firewalls.
• Worked with the installation of Palo alto firewall. Migrated with a team from predominantly checkpoint environment to Palo alto global solution.
• Sound knowledge of virtual firewalls like checkpoint VSX, IDS, IPS as well as encryption techniques.
• Plan, site survey, design, deploy, implement Cisco wireless managed network infrastructure.
• Experience with Cisco Meraki wireless managed network infrastructure.
• Knowledge on working with Wireless LAN Controller's, Cisco Prime, Cisco Meraki, Cisco AP's, Standalone AP's and Mesh AP's.
• Hands-on experience working with Cisco wireless LAN controllers 5508 and Access Points.
• Experience in Network Management Tools and sniffers like SolarWinds, NetBrain, NetMRI, Wireshark, Infoblox and Cisco works to support 24 x 7 Network Operation Center.
• Knowledge of advanced technologies like Multicasting, L3-MPLS and Riverbed Virtual Services Platform (VSP).

TECHNICAL SKILLS:

Access: lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, IP over KVM, Bluetooth, Wi-Fi

Cisco Platforms/Other platforms: Cisco routers (7600,7200, 3900, 3600, 2800, 2600, 2500, 1800 series) & Cisco Catalyst switches (6500, 4900, 3750, 3500, 4500, 2900 series), SRX, MX, EX Series Routers and Switches, Nexus 7K, 5K, 2K & 1K

Access: lists, Routing, Switching, Subnetting, Designing, CSU/DSU, IPSec, VLAN, VPN, WEP, WAP, MPLS, VoIP, Bluetooth, Wi-Fi, Cisco ASA 5500 series, IronPort WSA (Web security), ESA (Email Security), AAA (TACACS +, RADIUS), IPS, IDS, ISE (Identity service Engine)

LAN technologies: Ethernet, Fast Ethernet, Gigabit Ethernet, & 10 Gigabit Ethernet, Port- channel, VLANS, STP, RSTP, 802.3Q

Firewall: PIX Firewall, ASA Firewall, Palo Alto, Checkpoint, SRX

Network Tools: Linux, Wireshark, Solarwinds, FireMon, Verisign DDOS, Websense, Splunk.

Load Balancers: A10 Networks (AX2500), Cisco CSM, F5 Networks (Big-IP), F5 Networks LTM 6400, GTM.

Security Protocols: Disaster Recovery plan, Incident Response and Risk Management.

Operating System: Linux, Windows 10, 8,7/XP, MAC OS X, Windows Server 2008/2003.

PROFESSIONAL EXPERIENCE:

Confidential, Houston, Texas

Information Security Engineer/ Linux-Unix Admin

Responsibilities:

• Responsible for all aspects of TCP/IP functionality across multiple Enterprise environments.
• Performed OSPF, BGP, DHCP profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Used DHCP to automatically assign reusable IP addresses to DHCP clients.
• Implementation, working analysis, troubleshooting and documentation of LAN, WAN & WLAN architecture with excellent work experience on IP series
• Working knowledge with Load Balancers F5 LTM like 3900, 6900 for various application
• Working knowledge of Firewall, LDAP, AAA, TACACS/RADIUS, and IPSEC.
• F5 load balancers LTMs, GTMs, EMs, ASM, and Firepass in Datacenter and remote functions.
• Advanced server protocols and utilities (DNS, SMTP, S/FTP, TCP/IP UDP, SSH, Samba)
• Working with Logical Volume Manager and creating of volume groups/logical and performed Red Hat Linux Kernel Tuning.
• Experienced in architecting and administering Linux servers, scheduling systems, and high-performance storage and networking systems.
• Distribution administrative tasks, RPM and YUM repository.
• Expertise in configuring Red Hat Cluster Nodes for any legacy applications and verified the daily health check on the Cluster Nodes utilizing clusters.
• Expertise in creating VM Templates, cloning and managing Snapshots.
• Experience in BEA Weblogic Application server 7.x/8.x/9.x/10.x administration under heterogeneous environments like UNIX, RHEL, SUN Solaris 8.0, 9.0, 10.0, IBM AIX and Windows NT.
• Managing location specific Cisco ASA Firewalls and also data center internet gateway firewalls.
• Supporting and troubleshooting network services and protocols such as TCP/IP, DNS, NFS, FTP, SSH, Kerberos, endmail, and LDAP.
• Use Jump start for OS installation with support of Jump Start server.
• Configure local file system according to service requirements.
• Configured HSRP and VLAN trunking 802.1Q, VLAN Routing on Nexus 9k, 7k, 5k, and Catalyst 6500 switches.
• Working with VERITAS Volume Manager for creating volumes and file systems for various applications and databases.
• Hands on experience in building 10 node cluster for Linux/Unix.
• Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, executed various migration/upgrade projects across F5 and hands on withF5 BIGIP LTMs/EM.
• Configured F5 Load balancers and monitored the Packet Flow in the Load balancers.
• Configuring and managing Blue Coat Proxy Servers
• Expertise in troubleshooting and configuring DNS, DHCP, TFTP, TELNET, SSH, FTP and NFS

Confidential, Portland, Oregon

Information Security Engineer

Responsibilities:

• In and out work on the F5 load balancers LTMs, GTMs, EMs, ASM, and Firepass in Datacenter and remote functions.
• Configuring and managing F5 ASM (Application security manager). Develop security policies.
• Configuring and administering Viprion (F5) - configuring vCMP guest.
• Maintain BIG IP F5 configuration for modules LTM, ASM, APM and future GTM.
• Support and trouble shoot with various networking tools such as TCP-DUMP, ping, telnet etc. Provide data backups.
• To secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASAfirewalls, and related network security measures.
• Experience with Checkpoint Firewall policies provisioning, adding and removing checkpoint firewall policies based on the requirements.
• Involved in Configuration of Access lists (ACL) on checkpoint firewall for the proper network routing for the B2B network connectivity
• Install, configure, manage and troubleshoot Palo Alto and Cisco Firewalls.
• Responsible for ongoing configuration changes, monitoring and maintenance for Palo Alto.
• Administrating PaloAlto Network Firewalls using Panorama Centralized Management System and troubleshooting firewall rules to prevent system problems.
• Migration and implementation of Palo Alto Next-Generation Firewalls.
• Take care of the Logging issues of the F5 load balancer and how it works with the syslog servers making sure the communications through the switches and routers.
• Perform network-engineering, design, planning LTM & GTM load balancing implementation-using service now ticketing system.
• Configuration of remote syslog server functionality and collection of data setting up SNMP traps, setting alerts using the EMs, eg. Certificate expiry etc.
• Troubleshooting the issues with the application owners hosted on the F5 environment in the 3- tier environments.
• Perform product installation and cabling in the Datacenter, determining communications.
• Maintaining the SSL certificates for various applications hosted on the F5s and servers on the hardware.
• Installing the F5 TMOS upgrades, Hot-fix installations depending on Business need.
• Prepare test plans for checking the configuration on the CLI, and GUI. writing iRules, scripts
• Managing Access list on F5s and check for the ACLs on Firewalls such as CISCO ASA, Fortinet-Fortigate.
• Resolving routing issues and timing issues along with, developers, web-logic and data-power teams supporting various applications.
• Determining the functionality with the DNS naming conventions and migrations from old load balancing environments to the F5 environment both 10.x and 11.x.
• Providing on-call support on weekly basis and release management coverage.

Confidential, San Diego, CA

Information Security Engineer

Responsibilities:

• Involved in configuring and implementing of composite Network models consists of Cisco ASR 1K, 7600, 7200, 3800 series routers and Cisco 2950, 3500, 5000, 6500 Series switches.
• Designing and implementing LAN/WAN solutions across locations.
• Configured OSPF redistribution and authentication with type 3 LSA filtering to prevent LSA flooding.
• Configured OSPF over frame relay networks for NBMA and point to multipoint strategies.
• Implementing traffic engineering on top of an existing Multiprotocol Label Switching (MPLS) network using Frame Relay and Open Shortest Path First (OSPF).
• Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tunings AS-path.
• Managing location specific Cisco ASA Firewalls and also data center internet gateway firewalls.
• Firewall policy administration and support on PIX Firewalls as well as Cisco ASA Firewalls.
• Responsible for setting up the infrastructure environment with majority of Cisco & Palo Alto appliances.
• Implemented Zone Based Firewalling and Security Rules on the Palo Alto Firewall.
• Handling new application load balancing requirements through F5 LTM devices.
• Configured NAT and SNAT in F5 12.0 LTM. Managed virtual servers in F5 12.0 LTM.
• Upgrading and deployment of Nexus 7k, 5k and 2k
• Configured VPC, FEX and VDC’s on Nexus 5K, 7K.
• Created ACI EPGs (End Point Groups) contract policies, VRFs and bridge domains for tenants
• Experience with Cisco ASR’s, Catalyst 6500 series switches, 2800 series, and 3800 series. 2900 series and 3900 series routers.
• Integrating new locations with existing MPLS Network and enabling standard corporate application access.
• Implementation of Site to Site VPN s with direct vendors and customers.
• Built site-to-site IPSec VPNs over Frame-relay & MPLS circuits on various models of Cisco routers to facilitate adding new business partners to new and existing infrastructures.
• Deployed a Cisco Identity Services Engine (ISE) solution (wired, wireless, and VPN users) for a commercial client with converged access switches and Cisco ASA firewalls.
• Responsible for Cisco ASA firewall administration across our global networks.
• Performed Network address translation on Cisco ASA 8.2,8.3 and 9.1 versions.
• Worked on Windows layered products including MS Exchange, DNS and Active Directory.
• Used Infoblox for documentation and tools updates.
• Configuration and maintain Active Directory, DNS, DHCP and Domain Controllers.
• Capacity planning and providing recommendations for infra upgrades
• Infrastructure upgrades and new Infra deployments.
• Managing IT Security & Disaster recovery Management Deployment of Palo Alto Firewall into the network. Configured and wrote Access-list policies on protocol based services.
• Troubleshooting of protocol based policies on Palo Alto Firewalls and changing the policies as per the requirement and as per traffic flow.
• Responsible for all aspects of TCP/IP functionality across multiple Enterprise environments.
• Performed OSPF, BGP, DHCP profile, HSRP, IPV6, Bundle Ethernet implementation on ASR 9K redundant pair.
• Configure and deployed BIG-IP LTM 6900 for providing application redundancy and load balancing.
• Performed Network address translation on Cisco ASA 8.2,8.3 and 9.1 versions.
• Used DHCP to automatically assign reusable IP addresses to DHCP clients.

Confidential, Pittsburgh, PA

Network Security Engineer

Responsibilities:

• Prepare equipment orders based on templates. Develop detailed template-based plans including: implementation, testing and back out procedures for all network implementations, upgrades and modifications.
• Experience with deployment of Fiber Channel over Ethernet (FCoE) between the Data Centers using Nexus 5548P Switch.
• Configured HSRP and VLAN trunking 802.1Q, VLAN Routing on Nexus 9k, 7k, 5k, and Catalyst 6500 switches.
• Configured network services equipment Riverbed accelerators in compliance with security policy.
• Hands-on experience in configuration of CISCO NEXUS Datacenter infrastructure with 5000 and 7000 series switches (5548, 7010) including CISCO NEXUS Fabric Extender (2232, 2248).
• Install and Configure IPSec Tunnels and Extended the Data Center access to remote sites to access the Data Center
• Implementing security Solutions using Palo alto PA 7050, Check point Firewalls R75, R77.20 Gaia and Provider-1/MDM.
• Installing and configuring new Cisco equipment including Cisco catalyst switches 6500, Nexus7010, Nexus 5548 and Nexus 2k as per Company requirement.
• Racking and Stacking of Cisco 3750, 3850, 4500x Switches.
• Migration from Cisco ASA to Palo Alto firewall.
• Managed all network and devices to include Cisco routers, switches, VPNs, SSL, Check point, Cisco PIX, Cisco ASA, Cisco FWSM as well as content delivery networks (CSS, Citrix Netscaler andF5 BigIP LTM and GTM 1600 and 3400 load balancers) enterprise environment.
• Responsible for the analysis/troubleshooting of large scale enterprise VoIP networks
• Configured and supported 21 remote dial in sites using Cisco AS5200 & 2511 routers.
• Designed and Implemented Cisco UCS pods in Nexus 7000 and Cisco 6500
• Experience migrating Cisco 6500 IOS to Cisco Nexus 7K in the data center environment.
• Configured and implemented Nexus 5K and 2K in lab environment

Confidential

Network Security Engineer

Responsibilities:

• Configured the Cisco router as IP Firewall and for NATing. Configured RSTP, MST and used VTP with 802.1q trunk encapsulation on Cisco switches.
• Responsible for installation, troubleshooting of Check Point Firewall and LAN/WAN protocols.
• Configure all Palo alto Networks Firewall models (PA-2k, PA-3k, PA-5k etc.) as well as a centralized
• Installation and configuration of Cisco Nexus 9k, 7k, 5k, 2k, ASRs, 6500s, 4510s, 3800s, 2900s.
• Deploying and decommission of VLANs on core ASR 9K, Nexus 9k, 7K, 5K and its downstream devices.
• Experience working with Cisco Nexus 2148 Fabric Extender and Nexus 5000 series to provide a Flexible Access Solution for datacenter access architecture.
• Responsible for the configuration and support of 5 Cisco Call Managers 3.3(5), 2 Cisco Unity Servers 4.0(3), 2 IPCC Servers 3.1, 7 Cisco Call Manger Express and 6 Cisco Unity Express.
• Implemented two F5s in an Active/Standby setup on BIGIP 10.2.4.
• Configuring various advanced features (Profiles, monitors, iRules, Redundancy, SSL Termination, Persistence, SNATs, HA on F5 BIGIP appliances SSL termination and initiation, Persistence, Digital Certificates, executed various migration/upgrade projects across F5 and hands on withF5 BIGIP LTMs/EM.
• Configured F5 Load balancers and monitored the Packet Flow in the Load balancers.
• Configuring and managing Blue Coat Proxy Servers

Confidential

Network Security Engineer

Responsibilities:

• Reviewing & creating the firewall rules and monitoring the logs as per the security standards in Cisco Firewalls.
• Configuration and troubleshooting F5 LTM and providing level 2 and level 3 support for the customers.
• Collaborating with Application owners, Network Team, DNS Team, and Firewall Team, to migrate applications from Legacy NetScaler Load Balancer to New F5 BIG-IP Local Traffic Manager
• Configuring/Troubleshoot issues with the following types of routers Cisco (7200, 6500, 4500, 1700, 2600 and 3500 series), to include: bridging, switching, routing, Ethernet, NAT, and DHCP, as well as assisting with customer LAN /MAN, router/firewalls.
• Worked extensively on Cisco ASA 5500 (5510/5540) Series, experience with convert PIX rules over to the Cisco ASA solution.
• Implemented Websense web filtering solutions, responsible for daily maintenance, logging analysis and troubleshooting.
• Performed network configurations and troubleshooting of OSPF, EIGRP and BGP routing protocols.
• Troubleshoot and provide rapid recovery on Enterprise LAN/WAN network on platform of 1000+ Cisco router and switches.
• Design and create dedicated VLANs for voice and data with for prioritizing VOICE over data on catalyst switches and basic VOIP configuration.
• Designed and implemented DMZ for Web servers, Mail servers & FTP Servers using Cisco ASA5500 Firewalls.
• Responsible for secure configurations of load balancing in F5, SSL/VPN connections, Troubleshooting CISCO ASA firewalls, and related network security measures.
• Responsible to support and manage various network platforms, including Cisco switches ( s) and routers, Cisco ASA and Checkpoint firewalls, F5 and Nortel load balancers, SSL accelerators and VPN devices.
• Participated in on call support in troubleshooting the configuration and installation issues.

Confidential

Network Engineer

Responsibilities:

• Telecommunication responsibilities include the management and control of $90M Information Technology (IT) networks (JWICS, SIPRNet, &NIPRNet) equipment and software, servicing approx. 12K end-users
• Architected, configured and monitored $500k Cisco wireless network (WLAN) supporting 6K users; supported 2 WLAN controllers and 150 wireless access points (WAPs).
• Produce and implement network topology design(s) by use of Visio; aimed at ensuring that new telecommunication network(s) meet the needs of the subscriber and operator.
• Administer STIG's (Security Technical Implementation Guide) and implement security solutions to mitigate vulnerabilities in compliance with DISA standard operation procedures.
• Facilitates training to a multitude of personnel encompassing COMSEC accounts, Device Configuration and Implementation Guidelines for Enterprise networks.
• Create and maintain records of communications and pertinent facility information, and escalate reports of high-interest to Senior Leadership